A Symbolic Intruder Model for Hash-Collision Attacks
Yannick Chevalier (IRIT), Mounira Kourjieh (IRIT)
TL;DR
This paper introduces a symbolic model for hash-collision attacks, enabling analysis of intruders actively exploiting collision algorithms within protocol security proofs.
Contribution
It presents a novel decision procedure that models collision attacks symbolically, bridging the gap between collision algorithms and protocol analysis.
Findings
The method effectively models hash collisions at the symbolic level.
It allows for automated analysis of collision-based attacks.
The approach improves understanding of protocol vulnerabilities.
Abstract
In the recent years, several practical methods have been published to compute collisions on some commonly used hash functions. In this paper we present a method to take into account, at the symbolic level, that an intruder actively attacking a protocol execution may use these collision algorithms in reasonable time during the attack. Our decision procedure relies on the reduction of constraint solving for an intruder exploiting the collision properties of hush functions to constraint solving for an intruder operating on words.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsSecurity and Verification in Computing · Advanced Authentication Protocols Security · Web Application Security Vulnerabilities