Skip to main content
SpringerLink
Log in

A comprehensive review of the security flaws of hashing algorithms

Journal of Computer Virology and Hacking Techniques Aims and scope Submit manuscript

Cite this article

Abstract

The blockchain is an emerging technology. It is widely used because of its efficiency and functionality. The hash function, as a supporting aspect of the data structure, is critical for assuring the blockchain's availability and security. Hash functions, which were originally designed for use in a few cryptographic schemes with specific security needs, have since become regular fare for many developers and protocol designers, who regard them as black boxes with magical characteristics. Message digesting, password verification, data structures, compiler operation and linking file name and path together are contemporary examples of hash functions applications. Since 2004, we've observed an exponential increase in the number and power of attacks against standard hash algorithms. In this paper, we investigated reported security flaws on well-known hashing algorithms and determined which of them are broken. A hash function is said to be broken when an attack is found, which, by exploiting special details of how the hash function operates, finds a preimage, a second preimage or a collision faster than the corresponding generic attack. To increase background knowledge, we also provide a summary of the types of attacks in this area. Finally, we summarized the information of the broken hash algorithms in a table which is very helpful for selecting, designing or using blockchains.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

References

  1. Swan, M.: Blockchain: Blueprint for a New Economy. O’Reilly Media Inc. (2015)

    Google Scholar 

  2. Penard, W., van Werkhoven, T.: On the secure hash algorithm family. Cryptography in context, 1–18 (2008)

  3. Chi, L., Zhu, X.: Hashing techniques: a survey and taxonomy. ACM Comput. Surv. (CSUR) 50(1), 1–36 (2017)

    Article  Google Scholar 

  4. Wang, J., Zhang, T., Sebe, N., Shen, H.T., et al.: A survey on learning to hash. IEEE Trans. Pattern Anal. Mach. Intell. 40(4), 769–790 (2017)

    Article  Google Scholar 

  5. Silva, J.E.: An overview of cryptographic hash functions and their uses. GIAC 6 (2003)

  6. Dods, C., Smart, N.P., Stam, M.: Hash based digital signature schemes. In: IMA International Conference on Cryptography and Coding, pp. 96–115. Springer (2005)

  7. Camenisch, J., Lehmann, A., Neven, G.: Optimal distributed password verification. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 182–194 (2015)

  8. Sobti, R., Geetha, G.: Cryptographic hash functions: a review. Int. J. Comput. Sci. Issues (IJCSI) 9(2), 461 (2012)

    Google Scholar 

  9. Loeliger, J., McCullough, M.: Version Control with Git: Powerful Tools and Techniques for Collaborative Software Development. O’Reilly Media Inc. (2012)

    Google Scholar 

  10. Regenscheid, A., Zhang, S., Kelsey, J., Nandi, M., Paul, S., Perlner, R., Regenscheid, A.: Status Report on the First Round of the SHA-3 Cryptographic Hash Algorithm Competition. Citeseer (2009)

    Book  Google Scholar 

  11. Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgard revisited: How to construct a hash function. In: Annual International Cryptology Conference (2005)

  12. Lucks, S.: A failure-friendly design principle for hash functions. In: International Conference on the Theory and Application of Cryptology and Information Security (2005)

  13. Biham, E., Dunkelman, O.: A Framework for Iterative Hash Functions---HAIFA. Computer Science Department, Technion (2007)

  14. SHA-3 Project.: COMPUTER SECURITY RESOURCE CENTER, 22 06 2020. [Online]. Available: https://csrc.nist.gov/projects/hash-functions/sha-3-project. Accessed 19 July 07 2022

  15. Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: International Workshop on Selected Areas in Cryptography (2011)

  16. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Sponge functions. In: ECRYPT Hash Workshop (2007)

  17. Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: On the indifferentiability of the sponge construction. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (2008)

  18. Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Keccak. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (2013)

  19. Van Beirendonck, M., Trudeau, L-C., Giard, P., Balatsoukas-Stimming, A.: A Lyra2 FPGA core for Lyra2REv2-based cryptocurrencies. In: 2019 IEEE International Symposium on Circuits and Systems (ISCAS) (2019)

  20. Latif, K., Aziz, A., Mahboob, A.: Look-up table based implementations of SHA-3 finalists: JH, Keccak and Skein. KSII Trans. Internet Inf. Syst. (TIIS) 6(9), 2388–2404 (2012)

    Google Scholar 

  21. Daum, M.: Hash collisions (The poisoned message attack) The story of Alice and her boss. Presented at the Rump Session of Eurocrypt'05 (2005)

  22. Gebhardt, M., Illies, G., Schindler, W.: A note on the practical value of single hash collisions for special file formats. In: Sicherheit, vol. 77, pp. 333–344. Citeseer (2006)

  23. Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: International Workshop on Fast Software Encryption (2004)

  24. Maetouq, A., Daud, S., Ahmad, N., Maarop, N.,. Sjarif, N.N.A., Abas, H.: Comparison of hash function algorithms against attacks: a review. Int. J. Adv. Comput. Sci. Appl. 8 (2018)

  25. Bernstein, D.J.: Quantum Attacks Against Blue Midnight Wish, ECHO, Fugue, Grøstl, Hamsi, JH, Keccak, Shabal, SHAvite-3, SIMD, and Skein. Citeseer (2010)

    Google Scholar 

  26. Hoffman, P., Schneier, B.: Attacks on cryptographic hashes in internet protocols. RFC 4270 (2005)

  27. Bernstein, D.J.: Cost analysis of hash collisions: Will quantum computers make SHARCS obsolete. SHARCS 9, 105 (2009)

    Google Scholar 

  28. Petzoldt, A., Chen, M.-S., Yang, B.-Y., Tao, C., Ding, J.: Design principles for HFEv-based multivariate signature schemes. In: International Conference on the Theory and Application of Cryptology and Information Security (2015)

  29. Boura, C., Canteaut, A.: On the boomerang uniformity of cryptographic sboxes. IACR Trans. Symm. Cryptol. 290–310 (2018)

  30. Lamberger, M., Mendel, F., Schlaffer, M., Rechberger, C., Rijmen, V.: The rebound attack and subspace distinguishers: application to Whirlpool. J. Cryptol. 28(2), 257–296 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  31. Myasnikov, A.D., Ushakov, A.: Length based attack and braid groups: cryptanalysis of Anshel-Anshel-Goldfeld key exchange protocol. In: International Workshop on Public Key Cryptography (2007)

  32. Cortez, D.M.A., Sison, A.M., Medina, R.P.: Cryptographic randomness test of the modified hashing function of SHA256 to address length extension attack. In: Proceedings of the 2020 8th International Conference on Communications and Broadband Networking (2020)

  33. Muller, F.: The MD2 hash function is not one-way. In: International Conference on the Theory and Application of Cryptology and Information Security (2004)

  34. Kaliski, B.: RFC1319: The MD2 Message-Digest Algorithm. RFC Editor (1992)

  35. Adams, C., Lloyd, S.: Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations. Sams Publishing (1999)

    Google Scholar 

  36. Rogier, N., Chauvaud, P.: MD2 is not secure without the checksum byte. Des. Codes Crypt. 12(3), 245–251 (1997)

    Article  MATH  Google Scholar 

  37. Thomsen, S.S.: An improved preimage attack on md2. Cryptology ePrint Archive (2008)

  38. Knudsen, L.R., Mathiassen, J.E., Muller, F., Thomsen, S.S.: Cryptanalysis of MD2. J. Cryptol. 23(1), 72–90 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  39. Merkle, R.C.: A fast software one-way hash function. J. Cryptol. 3(1), 43–58 (1990)

    Article  MathSciNet  MATH  Google Scholar 

  40. Biham, E.: New techniques for cryptanalysis of hash functions and improved attacks on Snefru. In: International Workshop on Fast Software Encryption (2008)

  41. Rivest, R.L.: The MD4 message digest algorithm. In: Conference on the Theory and Application of Cryptography (1990)

  42. Smith, B., Komar, B.: Microsoft Windows security Resource Kit. Microsoft Press (2020)

    Google Scholar 

  43. Boer, B.D., Bosselaers, A.: An attack on the last two rounds of MD4. In: Annual International Cryptology Conference (1991)

  44. Dobbertin, H.: Cryptanalysis of MD4. In: International Workshop on Fast Software Encryption (1996)

  45. Sasaki, Y., Wang, L., Ohta, K., Kunihiro, N.: New message difference for MD4. In: International Workshop on Fast Software Encryption (2007)

  46. Leurent, G., MD4 is not one-way. In: International Workshop on Fast Software Encryption (2008)

  47. Guo, J., Ling, S., Rechberger, C., Wang, H.: Advanced meet-in-the-middle preimage attacks: First results on full Tiger, and improved results on MD4 and SHA-2. In: International Conference on the Theory and Application of Cryptology and Information Security (2010)

  48. Rivest, R., Dusse, S.: The MD5 Message-Digest Algorithm. MIT Laboratory for Computer Science Cambridge (1992)

    Book  Google Scholar 

  49. Gupta, S., Goyal, N., Aggarwal, K.: A review of comparative study of md5 and ssh security algorithm. Int. J. Comput. Appl. 104(14) (2014)

  50. Boer, B.D., Bosselaers, A.: Collisions for the compression function of MD5. In: Workshop on the Theory and Application of of Cryptographic Techniques (1993)

  51. Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (2005)

  52. Dobbertin, H., Bosselaers, A., Preneel, B.: RIPEMD-160: a strengthened version of RIPEMD. In: International Workshop on Fast Software Encryption (1996)

  53. Wang, X., Feng, D., Lai, X., Yu, H.: Collisions for hash functions MD4, MD5, HAVAL-128 and RIPEMD. Cryptology EPrint Archive (2004)

  54. Mendel, F., Pramstaller, N., Rechberger, C., Rijmen, V.: On the collision resistance of RIPEMD-160. In: International Conference on Information Security (2006)

  55. Zheng, Y., Pieprzyk, J., Seberry, J.: HAVAL—a one-way hashing algorithm with variable length of output. In: International Workshop on the Theory and Application of Cryptographic Techniques (1992)

  56. Preneel, B.: The first 30 years of cryptographic hash functions and the NIST SHA-3 competition. In: Cryptographers’ Track at the RSA Conference (2010)

  57. Chabaud, F., Joux, A.: Differential collisions in SHA-0. In: Annual International Cryptology Conference (1998)

  58. Biham, E., Chen, R.: Near-collisions of SHA-0. In: Annual International Cryptology Conference (2004)

  59. Biham, E., Chen, R., Joux, A., Carribault, P., Lemuet, C., Jalby, W.: Collisions of SHA-0 and Reduced SHA-1. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (2005)

  60. Wang, X., Yu, H., Yin, Y.L.: Efficient collision search attacks on SHA-0. In: Annual International Cryptology Conference (2005)

  61. Manuel, S., Peyrin, T.: Collisions on SHA-0 in one hour. In: International Workshop on Fast Software Encryption (2008)

  62. Isobe, T.: A single-key attack on the full GOST block cipher. In: International Workshop on Fast Software Encryption (2011)

  63. Mendel, F., Pramstaller, N., Rechberger, C., Kontak, M., Szmidt, J.: Cryptanalysis of the GOST hash function. In: Annual International Cryptology Conference (2008)

  64. Rechberger, C., Rijmen, V., Sklavos, N.: The NIST cryptographic workshop on hash functions. IEEE Secur. Priv. 4(1), 54–56 (2006)

    Article  Google Scholar 

  65. Google will drop SHA-1 encryption from Chrome by January 1, 2017.: 18 12 2015. [Online]. Available: https://venturebeat.com/2015/12/18/google-will-drop-sha-1-encryption-from-chrome-by-january-1-2017/. Accessed 18 March 3 2022

  66. The end of SHA-1 on the Public Web.: Mozilla Security Blog, 23 2 2017. [Online]. Available: https://blog.mozilla.org/security/2017/02/23/the-end-of-sha-1-on-the-public-web/. Accessed 18 March 3 2022

  67. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Annual International Cryptology Conference (2005)

  68. Karpman, P., Peyrin, T., Stevens, M.: Practical free-start collision attacks on 76-step SHA-1. In: Annual Cryptology Conference (2015)

  69. Announcing the first SHA1 collision.: Google Security Blog, 23 2 2017. [Online]. Available: https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html. Accessed 18 March 3 2022

  70. Leurent, G., Peyrin, T.: From collisions to chosen-prefix collisions application to full SHA-1. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques (2019)

  71. Leurent, G., Peyrin, T.: SHA-1 is a Shambles: First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust. In: 29th USENIX Security Symposium (USENIX Security 20) (2020)

  72. Anderson, R., Biham, E.: Tiger: a fast new hash function. In: International Workshop on Fast Software Encryption (1996)

  73. Kelsey, J., Lucks, S.: Collisions and near-collisions for reduced-round tiger. In: International Workshop on Fast Software Encryption (2006)

  74. Mendel, F., Rijmen, V.: Cryptanalysis of the Tiger hash function. In: International Conference on the Theory and Application of Cryptology and Information Security (2007)

  75. Mendel, F., Preneel, B., Rijmen, V., Yoshida, H., Watanabe, D.: Update on tiger. In: International Conference on Cryptology in India (2006)

  76. Daemen, J., Clapp, C.: The Panama cryptographic function. Dobb’s J. Softw. Tools Prof. Program. 23(12), 42–46 (1998)

    Google Scholar 

  77. Rijmen, V., Rompay, B.V., Preneel, B., Vandewalle, J.: Producing collisions for PANAMA (2001)

  78. J. Daemen and G. V. Assche, "Producing collisions for PANAMA, instantaneously," in International Workshop on Fast Software Encryption, 2007.

  79. Barreto, P., Rijmen, V., et al.: The Whirlpool hashing function. In: First open NESSIE Workshop, Leuven, Belgium (2000)

  80. Mendel, F., Rechberger, C., Schlaffer, M., Thomsen, S.S.: The rebound attack: Cryptanalysis of reduced Whirlpool and Grostl. In: International Workshop on Fast Software Encryption (2009)

  81. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: The road from Panama to Keccak via RadioGatun. In: Dagstuhl Seminar Proceedings (2009)

  82. Kishore, N., Raina, P.: Parallel cryptographic hashing: Developments in the last 25 years. Cryptologia 43(6), 504–535 (2019)

    Article  Google Scholar 

  83. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Radiogatun, a belt-and-mill hash function. Cryptology ePrint Archive (2006)

  84. Khovratovich, D.: Two attacks on RadioGatun. In: International Conference on Cryptology in India (2008)

  85. Khovratovich, D.: Cryptanalysis of hash functions with structures. In: International Workshop on Selected Areas in Cryptography (2009)

  86. Bouillaguet, C., Fouque, P.-A.: Analysis of the Collision Resistance of RadioGatunUsing Algebraic Techniques. In: International Workshop on Selected Areas in Cryptography (2008)

  87. Fuhr, T., Peyrin, T.: Cryptanalysis of RadioGatun. Cryptology ePrint Archive, Report 2008/515 (2008)

  88. Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak and the SHA-3 Standardization. NIST, Gaithersburg (2013)

    MATH  Google Scholar 

  89. Biryukov, A., Perrin, L., Udovenko, A.: The secret structure of the S-box of Streebog, Kuznechik and Stribob. Cryptology ePrint Archive (2015)

  90. Ma, B., Li, B., Hao, R., Li, X.: Improved cryptanalysis on reduced-round GOST and Whirlpool hash function (Full version). Cryptology ePrint Archive (2014)

  91. Guo, J., Jean, J., Leurent, G., Peyrin, T., Wang, L.: The usage of counter revisited: Second-preimage attack on new russian standardized hash function. In: International Conference on Selected Areas in Cryptography (2014)

  92. AlTawy, R., Youssef, A.M.: Watch your constants: malicious Streebog. IET Inf. Secur. 9(6), 328–333 (2015)

    Article  Google Scholar 

  93. AlTawy, R., Kircanski, A., Youssef, A.M.: Rebound attacks on Stribog. In: International Conference on Information Security and Cryptology (2013)

  94. Wang, Z., Yu, H., Wang, X.: Cryptanalysis of GOST R hash function. Inf. Process. Lett. 114(12), 655–662 (2014)

    Article  MATH  Google Scholar 

  95. Biryukov, A., Perrin, L., Udovenko, A.: Reverse-Engineering the S-Box of Streebog, Kuznyechik and STRIBOBr1 (Full Version). In: Cryptology ePrint Archive (2016)

  96. Aumasson, J.-P., Meier, W., Phan, R.C.-W., Henzen, L.: The Hash Function BLAKE. Springer (2014)

    Book  MATH  Google Scholar 

  97. Aumasson, J.P., Meier, W., Phan, R.C.-W., Henzen, L.: Blake2. In: The Hash Function BLAKE (2014)

  98. Guo, J., Karpman, P., Nikolic, I., Wang, L., Wu, S.: Analysis of BLAKE2. In: Cryptographers’ Track at the RSA Conference (2014)

  99. Oliynykov, R., Gorbenko, I., Kazymyrov, O., Ruzhentsev, V., Kuznetsov, O., Gorbenko, Y., Boiko, A., Dyrda, O., Dolgov, V., Pushkaryov, A.: A new standard of Ukraine: the Kupyna hash function. Cryptology ePrint Archive (2015)

  100. Dobraunig, C., Eichlseder, M., Mendel, F.: Analysis of the kupyna-256 hash function (2016)

  101. Zou, J., Dong, L.: Cryptanalysis of the round-reduced Kupyna hash function. Cryptology ePrint Archive (2015)

  102. Duman, O.: Application of Fault Analysis to Some Cryptographic Standards. Concordia University (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Faculty of Engineering, Arak University, Arak, 38156-8-8349, Iran

    Alireza Sadeghi-Nasab & Vahid Rafe

Authors
  1. Alireza Sadeghi-Nasab
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vahid Rafe
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alireza Sadeghi-Nasab.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and Permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sadeghi-Nasab, A., Rafe, V. A comprehensive review of the security flaws of hashing algorithms. J Comput Virol Hack Tech 19, 287–302 (2023). https://doi.org/10.1007/s11416-022-00447-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-022-00447-w

Keywords

search

Navigation