A comprehensive review of the security flaws of hashing algorithms

Sadeghi-Nasab, Alireza and Rafe, Vahid. 2023. A comprehensive review of the security flaws of hashing algorithms. Journal of Computer Virology and Hacking Techniques, 19(2), pp. 287-302. ISSN 2263-8733 [Article]

[img]
Preview
Text
paper_en_v1.pdf - Accepted Version

Download (410kB) | Preview

Abstract or Description

The blockchain is an emerging technology. It is widely used because of its efficiency and functionality. The hash function, as a supporting aspect of the data structure, is critical for assuring the blockchain's availability and security. Hash functions, which were originally designed for use in a few cryptographic schemes with specific security needs, have since become regular fare for many developers and protocol designers, who regard them as black boxes with magical characteristics. Message digesting, password verification, data structures, compiler operation and linking file name and path together are contemporary examples of hash functions applications. Since 2004, we've observed an exponential increase in the number and power of attacks against standard hash algorithms. In this paper, we investigated reported security flaws on well-known hashing algorithms and determined which of them are broken. A hash function is said to be broken when an attack is found, which, by exploiting special details of how the hash function operates, finds a preimage, a second preimage or a collision faster than the corresponding generic attack. To increase background knowledge, we also provide a summary of the types of attacks in this area. Finally, we summarized the information of the broken hash algorithms in a table which is very helpful for selecting, designing or using blockchains.

Item Type:

Article

Identification Number (DOI):

https://doi.org/10.1007/s11416-022-00447-w

Additional Information:

“This version of the article has been accepted for publication, after peer review (when applicable) but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: http://dx.doi.org/10.1007/s11416-022-00447-w. Use of this Accepted Version is subject to the publisher’s Accepted Manuscript terms of use https://www.springernature.com/gp/open-research/policies/accepted-manuscript-terms”

Keywords:

Broken hashing algorithms; cryptography; collision attack; preimage attack

Departments, Centres and Research Units:

Computing

Dates:

DateEvent
26 July 2022Accepted
19 October 2022Published Online
June 2023Published

Item ID:

33410

Date Deposited:

24 Apr 2023 08:21

Last Modified:

19 Oct 2023 01:26

Peer Reviewed:

Yes, this version has been peer-reviewed.

URI:

https://research.gold.ac.uk/id/eprint/33410

View statistics for this item...

Edit Record Edit Record (login required)