Ontology type: schema:Chapter Open Access: True
2014-11-29
AUTHORSAnge Albertini , Jean-Philippe Aumasson , Maria Eichlseder , Florian Mendel , Martin Schläffer
ABSTRACTWe present collisions for a version of SHA-1 with modified constants, where the colliding payloads are valid binary files. Examples are given of colliding executables, archives, and images. Our malicious SHA-1 instances have round constants that differ from the original ones in only 40 bits (on average). Modified versions of cryptographic standards are typically used on closed systems (e.g., in pay-TV, media and gaming platforms) and aim to differentiate cryptographic components across customers or services. Our proof-of-concept thus demonstrates the exploitability of custom SHA-1 versions for malicious purposes, such as the injection of user surveillance features. To encourage further research on such malicious hash functions, we propose definitions of malicious hash functions and of associated security notions. More... »
PAGES1-19
Selected Areas in Cryptography -- SAC 2014
ISBN
978-3-319-13050-7
978-3-319-13051-4
http://scigraph.springernature.com/pub.10.1007/978-3-319-13051-4_1
DOIhttp://dx.doi.org/10.1007/978-3-319-13051-4_1
DIMENSIONShttps://app.dimensions.ai/details/publication/pub.1048127163
JSON-LD is the canonical representation for SciGraph data.
TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT
[
{
"@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json",
"about": [
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Information and Computing Sciences",
"type": "DefinedTerm"
},
{
"id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804",
"inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/",
"name": "Data Format",
"type": "DefinedTerm"
}
],
"author": [
{
"affiliation": {
"alternateName": "Corkami, Ravensburg, Germany",
"id": "http://www.grid.ac/institutes/None",
"name": [
"Corkami, Ravensburg, Germany"
],
"type": "Organization"
},
"familyName": "Albertini",
"givenName": "Ange",
"id": "sg:person.011775146371.60",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011775146371.60"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Kudelski Security, Cheseaux-sur-Lausanne, Switzerland",
"id": "http://www.grid.ac/institutes/None",
"name": [
"Kudelski Security, Cheseaux-sur-Lausanne, Switzerland"
],
"type": "Organization"
},
"familyName": "Aumasson",
"givenName": "Jean-Philippe",
"id": "sg:person.012606440341.66",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012606440341.66"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Graz University of Technology, Graz, Austria",
"id": "http://www.grid.ac/institutes/grid.410413.3",
"name": [
"Graz University of Technology, Graz, Austria"
],
"type": "Organization"
},
"familyName": "Eichlseder",
"givenName": "Maria",
"id": "sg:person.014606337775.51",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014606337775.51"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Graz University of Technology, Graz, Austria",
"id": "http://www.grid.ac/institutes/grid.410413.3",
"name": [
"Graz University of Technology, Graz, Austria"
],
"type": "Organization"
},
"familyName": "Mendel",
"givenName": "Florian",
"id": "sg:person.013342563571.85",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013342563571.85"
],
"type": "Person"
},
{
"affiliation": {
"alternateName": "Graz University of Technology, Graz, Austria",
"id": "http://www.grid.ac/institutes/grid.410413.3",
"name": [
"Graz University of Technology, Graz, Austria"
],
"type": "Organization"
},
"familyName": "Schl\u00e4ffer",
"givenName": "Martin",
"id": "sg:person.015166313415.52",
"sameAs": [
"https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015166313415.52"
],
"type": "Person"
}
],
"datePublished": "2014-11-29",
"datePublishedReg": "2014-11-29",
"description": "We present collisions for a version of SHA-1 with modified constants, where the colliding payloads are valid binary files. Examples\u00a0are given of colliding executables, archives, and images. Our malicious SHA-1 instances have round constants that differ from the original ones in only 40 bits (on average). Modified versions of cryptographic standards are typically used on closed systems (e.g., in pay-TV, media and gaming platforms) and aim to differentiate cryptographic components across customers or services. Our proof-of-concept thus demonstrates the exploitability of custom SHA-1 versions for malicious purposes, such as the injection of user surveillance features. To encourage further research on such malicious hash functions, we propose definitions of malicious hash functions and of associated security notions.",
"editor": [
{
"familyName": "Joux",
"givenName": "Antoine",
"type": "Person"
},
{
"familyName": "Youssef",
"givenName": "Amr",
"type": "Person"
}
],
"genre": "chapter",
"id": "sg:pub.10.1007/978-3-319-13051-4_1",
"inLanguage": "en",
"isAccessibleForFree": true,
"isPartOf": {
"isbn": [
"978-3-319-13050-7",
"978-3-319-13051-4"
],
"name": "Selected Areas in Cryptography -- SAC 2014",
"type": "Book"
},
"keywords": [
"hash function",
"SHA-1",
"malicious purposes",
"cryptographic components",
"cryptographic standards",
"surveillance features",
"security notions",
"binary files",
"round constants",
"original one",
"executables",
"version",
"files",
"customers",
"exploitability",
"images",
"bits",
"services",
"instances",
"payload",
"archives",
"proof",
"system",
"features",
"concept",
"example",
"standards",
"definition",
"variants",
"notion",
"research",
"one",
"collisions",
"function",
"further research",
"purpose",
"components",
"closed system",
"constants",
"injection"
],
"name": "Malicious Hashing: Eve\u2019s Variant of SHA-1",
"pagination": "1-19",
"productId": [
{
"name": "dimensions_id",
"type": "PropertyValue",
"value": [
"pub.1048127163"
]
},
{
"name": "doi",
"type": "PropertyValue",
"value": [
"10.1007/978-3-319-13051-4_1"
]
}
],
"publisher": {
"name": "Springer Nature",
"type": "Organisation"
},
"sameAs": [
"https://doi.org/10.1007/978-3-319-13051-4_1",
"https://app.dimensions.ai/details/publication/pub.1048127163"
],
"sdDataset": "chapters",
"sdDatePublished": "2022-06-01T22:30",
"sdLicense": "https://scigraph.springernature.com/explorer/license/",
"sdPublisher": {
"name": "Springer Nature - SN SciGraph project",
"type": "Organization"
},
"sdSource": "s3://com-springernature-scigraph/baseset/20220601/entities/gbq_results/chapter/chapter_251.jsonl",
"type": "Chapter",
"url": "https://doi.org/10.1007/978-3-319-13051-4_1"
}
]Download the RDF metadata as: json-ld nt turtle xml License info
JSON-LD is a popular format for linked data which is fully compatible with JSON.
curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-13051-4_1'
N-Triples is a line-based linked data format ideal for batch operations.
curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-13051-4_1'
Turtle is a human-readable linked data format.
curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-13051-4_1'
RDF/XML is a standard XML format for linked data.
curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-13051-4_1'
This table displays all metadata directly associated to this object as RDF triples.
138 TRIPLES
23 PREDICATES
65 URIs
58 LITERALS
7 BLANK NODES