Do Broken Hash Functions Affect the Security of Time-Stamping Schemes?
- Ahto BuldasAffiliated withCyberneticaTallinn University of TechnologyUniversity of Tartu
- , Sven LaurAffiliated withLaboratory for Theoretical Computer Science, Helsinki University of Technology, TKK
We study the influence of collision-finding attacks on the security of time-stamping schemes. We distinguish between client-side hash functions used to shorten the documents before sending them to time-stamping servers and server-side hash functions used for establishing one way causal relations between time stamps. We derive necessary and sufficient conditions for client side hash functions and show by using explicit separation techniques that neither collision-resistance nor 2nd preimage resistance is necessary for secure time-stamping. Moreover, we show that server side hash functions can even be not one-way. Hence, it is impossible by using black-box techniques to transform collision-finders into wrappers that break the corresponding time-stamping schemes. Each such wrapper should analyze the structure of the hash function. However, these separations do not necessarily hold for more specific classes of hash functions. Considering this, we take a more detailed look at the structure of practical hash functions by studying the Merkle-Damgård (MD) hash functions. We show that attacks, which are able to find collisions for MD hash functions with respect to randomly chosen initial states, also violate the necessary security conditions for client-side hash functions. This does not contradict the black-box separations results because the MD structure is already a deviation from the black-box setting. As a practical consequence, MD5, SHA-0, and RIPEMD are no more recommended to use as client-side hash functions in time-stamping. However, there is still no evidence against using MD5 (or even MD4) as server-side hash functions.
- Do Broken Hash Functions Affect the Security of Time-Stamping Schemes?
- Book Title
- Applied Cryptography and Network Security
- Book Subtitle
- 4th International Conference, ACNS 2006, Singapore, June 6-9, 2006. Proceedings
- pp 50-65
- Print ISBN
- Online ISBN
- Series Title
- Lecture Notes in Computer Science
- Series Volume
- Series ISSN
- Springer Berlin Heidelberg
- Copyright Holder
- Springer-Verlag Berlin Heidelberg
- Additional Links
- Industry Sectors
- eBook Packages
- Editor Affiliations
- 16. Cryptography and Security Department Institute for Infocomm Research
- 17. Computer Science Department, Google Inc. and Columbia University
- 18. Institute for Infocomm Research
- Author Affiliations
- 19. Cybernetica, Akadeemia tee 21, 12618, Tallinn, Estonia
- 20. Tallinn University of Technology, Raja 15, 12618, Tallinn, Estonia
- 21. University of Tartu, Liivi 2, 50409, Tartu, Estonia
- 22. Laboratory for Theoretical Computer Science, Helsinki University of Technology, TKK, P.O. Box 5400, FI-02015, Finland
To view the rest of this content please follow the download PDF link above.