size_t Does Matter Hash Length Extension Attacks Explained Mika - PowerPoint PPT Presentation

Oct 06, 2023 •352 likes •537 views

size_t Does Matter Hash Length Extension Attacks Explained Mika Bostrm <bostik@iki.fi>, <mika.bostrom@smarkets.com> dc4420, 2015-10-29 Cryptographic Hash Properties Digest Size (n bits) Input Block Size (m bits) m >

size_t Does Matter Hash Length Extension Attacks Explained Mika Boström <bostik@iki.fi>, <mika.bostrom@smarkets.com> dc4420, 2015-10-29
Cryptographic Hash Properties ● Digest Size (n bits) ● Input Block Size (m bits) ● m > n ● Input processed block at a time ● Mutates internal state ● In other words: blocks are chained ● Merkle-Damgård: last block padded, includes number of bytes processed
Hash Length Extension ● ”Append data to a keyed hash, without knowing the key, and calculate a valid hash with your data included” ● Or, programmer friendly: – H1 = H(key + data + padding) – Transmit H1, data – Attacker: append $EVILDATA, calculate H2 – Transmit: H2, (data+$EVILDATA) – Receiver: calculate H = (key + received data) ● H = H2
SHA-1 Properties ● 160-bit output ● 512-bit input block ● Merkle-Damgård construct – Yes, that Merkle
SHA-1 Internal State struct SHA1State { uint32 A; uint32 B; uint32 C; uint32 D; uint32 E; }
SHA-1 Internal State struct SHA1State { uint32 A; uint32 B; uint32 C; uint32 D; uint32 E; }
SHA-1 Final Hash … visualised Uint32 A Uint32 B Uint32 C Uint32 D Uint32 E
Keyed Hash ● Secret shared key ● Known payload data ● Hash = H(key + data) Looks a bit like … salted hash?
Hash Extension Illustrated
Hash Extension Illustrated ● Key + padding missing ● Padding: includes number of bytes hashed ● Guess key length, calculate padding!
Hash Extension Illustrated
Hash Extension Illustrated ● Hash is valid over the whole of preceding data, with the key prefixed ● Attacker did not need to know the shared key ● Effect of EVIL DATA depends on implementation ● Would you guarantee your implementation handles every possible case of malformed but accepted-as-good input?
Morale Of The Story ● Keyed hash as authentication method: broken ● Just use HMAC instead ● … even with SHA-3 ● … because someone could plug a vulnerable hash into the construct ● Applied crypto is a world of cargo-culting
Trivia: Also Vulnerable ● MD5 ( d'oh ) ● SHA-256 ● SHA-512 ● RIPEMD-160
Trivia: Not Vulnerable ● SHA-384 (truncated) ● SHA-256/512 (truncated) ● SHA-3 (incomplete state export)
Code Gone Wild ● https://github.com/stephenbradshaw/hlextend ● https://github.com/bwall/HashPump ● https://github.com/iagox86/hash_extender ● Just to name a few
Question Time

Recommend

FUNCTION MERGING by SEQUENCE ALIGNMENT DOES SIZE MATTER? DOES SIZE MATTER? S E Y DOES SIZE

Rodrigo Rocha http://rcor.me University of Edinburgh FUNCTION MERGING by SEQUENCE ALIGNMENT DOES SIZE MATTER? DOES SIZE MATTER? S E Y DOES SIZE MATTER? S E Y ... EMBEDDED SYSTEMS SAVINGS IN CODE Smaller Memories 1 0 1 1 0 1

1.89k views • 177 slides

Detection of extracellular vesicles: size does matter Edwin van der Pol November 16 th , 2018

Detection of extracellular vesicles: size does matter Edwin van der Pol November 16 th , 2018 Outline PhD research Extracellular vesicles Size does matter Flow cytometry Outlook Standardisation Clinical studies Small and fast 2 200 nm

656 views • 41 slides

Modeling the Temporal and Size- Distributions of Diesel Particulate Matter Darrell Sonntag PhD

Modeling the Temporal and Size- Distributions of Diesel Particulate Matter Darrell Sonntag PhD Candidate Civil and Environmental Engineering Cornell University Particulate Matter (PM) Diesel particulate matter Complex mixture of

359 views • 11 slides

SIZE DOES MATTER Jrn Nettingsmeier <nettings@stackingdwarves.net> David Dohrmann

Large-scale Higher Order Ambisonic Sound Reinforcement Systems or: SIZE DOES MATTER Jrn Nettingsmeier <nettings@stackingdwarves.net> David Dohrmann <david@adamsonsystems.com> Ambisonics Symposium 2011 June 2-3, Lexington, KY

717 views • 36 slides

Does Size Matter? The Impact of Body Perfect Ideals in the Media Helga Dittmar Dublin,

Does Size Matter? The Impact of Body Perfect Ideals in the Media Helga Dittmar Dublin, 13th April 2010 Why worry? Media models body size versus reality Gap between body ideal actual body Exposure unavoidable (3,000+ ads a

570 views • 38 slides

Detection of extracellular vesicles by flow cytometry: size does matter Edwin van der Pol

Detection of extracellular vesicles by flow cytometry: size does matter Edwin van der Pol November 6th, 2018 2 images: R. Hooke Micrographia 1665 3 image: A. van Leeuwenhoek Royal society 1675 4 image: A. van Leeuwenhoek Opera Omnia 1719 5

986 views • 80 slides

Aspects of Financial Development and Manufacturing Growth and Size: Which Matter? Sarah Salvador

Aspects of Financial Development and Manufacturing Growth and Size: Which Matter? Sarah Salvador Daway-Ducanes Maria Socorro Gochoco-Bautista University of the Philippines School of Economics (UPSE) FD and Manufacturing Growth 1 / 33

621 views • 33 slides

Size Does Matter Why Using Gadget-Chain Length to Prevent Code-reuse Attacks is Hard Enes

Size Does Matter Why Using Gadget-Chain Length to Prevent Code-reuse Attacks is Hard Enes Gkta - Elias Athanasopoulos - Michalis Polychronakis Herbert Bos - Georgios Portokalidis presented by: Flora Karniavoura Katerina Karagiannaki

376 views • 23 slides

The Nature of Matter 1 12/6/16 Matter & Energy Matter Matter is the "stuff"

12/6/16 The Nature of Matter 1 12/6/16 Matter & Energy Matter Matter is the "stuff" of the universe. Matter is anything that occupies space and has mass . Matter exists as a solid, liquid, gas, and plasma . Matter

595 views • 36 slides

The Bowie and Dick Type The Bowie and Dick Type Test Test Does size and penetration Does size

The Bowie and Dick Type The Bowie and Dick Type Test Test Does size and penetration Does size and penetration really matter? really matter? Presented by Presented by Terry McAuley Terry McAuley Sterilisation and Infection Control

789 views • 42 slides

Lab 2 discussion Last Time Debugging Its a science use experiments to refine

size= 64 correct= 0 size= 73 correct= 0 Shuying Liang size= 107 correct= 1 size= 107 correct= 0 size= 108 correct= 0 size= 108 correct= 1 Please do not handin a .doc file, a .zip file, a .tar file, size= 111 correct= 1 size=

430 views • 7 slides

AUSTRAC the value of suspicious matter reporting Markus Erikson, Director Intelligence, AUSTRAC

AUSTRAC the value of suspicious matter reporting Markus Erikson, Director Intelligence, AUSTRAC July 2020 About AUSTRAC Serious crime is motivated by profit, and no matter the size, most criminal acts leave a financial trail. AUSTRAC is the

274 views • 9 slides

Chemistry Chemistry is the science of matter and the changes it undergoes What is matter? (as

Chemistry Chemistry is the science of matter and the changes it undergoes What is matter? (as it is related to biology) Matter Matter is anything that takes up space and has mass All living and nonliving matter is composed of

382 views • 13 slides

The Problem of Size prof. dr Arno Siebes Algorithmic Data Analysis Group Department of

The Problem of Size prof. dr Arno Siebes Algorithmic Data Analysis Group Department of Information and Computing Sciences Universiteit Utrecht Does Size Matter? Volume In the previous lecture we characterised Big Data by the three Vs

858 views • 46 slides

The Properties of Matter Basic Concepts All objects are made up of matter Matter is

The Properties of Matter Basic Concepts All objects are made up of matter Matter is anything that takes up space and has mass Properties are the specific characteristics that describe matter Matter can be identified using its

335 views • 9 slides

LEADERSHIP IS ACTION NOT POSITION LUCIANO SANTINI PH.D. WHY DOES IT MATTER TO ALL OF US IN THE

LEADERSHIP IS ACTION NOT POSITION LUCIANO SANTINI PH.D. WHY DOES IT MATTER TO ALL OF US IN THE WORKPLACE Too many training initiatives we come across rest on the assumption that one size fits all and that the same group of skills or style of

1.11k views • 36 slides

Lumber Size Lumber Size Control Control Studies Studies Lumber Size Control Lumber Size

Lumber Size Lumber Size Control Control Studies Studies Lumber Size Control Lumber Size Control Troubleshoot machine center performance Locate & identify problems Stabilize & improve sawing accuracy Reduce

686 views • 16 slides

Matter and Energy Chapter 1: Introduction to Matter Matter Volume Mass Weight Atom Molecule

Matter and Energy Notes.notebook Matter and Energy Chapter 1: Introduction to Matter Matter Volume Mass Weight Atom Molecule Element Compound Mixture States of Matter Solid Liquid Gas 1 Matter and Energy Notes.notebook Matter and

974 views • 73 slides

Charles Augustin Coulomb (1736-1806) France Coulomb's Law ~1875 Mini Mini- -Ph.D. Ph.D.

Charles Augustin Coulomb (1736-1806) France Coulomb's Law ~1875 Mini Mini- -Ph.D. Ph.D. Quantum Mechanics 101 Quantum Mechanics 101 Lesson 1: Lesson 1: Size actually does matter. Size actually does matter. y Determine the postion

1.15k views • 25 slides

Cite as: Matter of M-, 3 I&N Dec. 850 (BIA 1950)

Cite as: Matter of M-, 3 I&N Dec. 850 (BIA 1950) https://casetext.com/case/in-the-matter-of-m-68 IN THE MATTER OF M----. IN STATUS DETERMINATION PROCEEDINGS. BEFORE THE CENTRAL OFFICE Discussion: Subject claims that she derived United

210 views • 8 slides

Sample Size Power, Sample Size, and the FDR How many observations do we need? Depends on

Sample Size Power, Sample Size, and the FDR How many observations do we need? Depends on Peter Dalgaard Design Standard error of measurements Department of Biostatistics Effect size University of Copenhagen How sure you

411 views • 3 slides

Credit: ESO/G Credit: ESA/Hubble DARK MATTER Dark Matter 10 x Luminous Matter Dark Matter

Credit: ESO/G Credit: ESA/Hubble DARK MATTER Dark Matter 10 x Luminous Matter Dark Matter Halo Credit: ESO/L Calada What is this Dark Matter? We do not know Weakly Interacting Massive Particles W I M P s Credit: S.

686 views • 21 slides

ONE SIZE DOESNT FIT ALL: PUNITIVE DAMAGES ANALYSIS IN PRODUCT LIABILITY CASES B y D i a n e

A TAILORED APPROACH TO ONE SIZE DOESNT FIT ALL: PUNITIVE DAMAGES ANALYSIS IN PRODUCT LIABILITY CASES B y D i a n e G . P. F l a n n e r y a n d J a s o n T. B u r n e t t e Once a matter of almost exclusive state-law concern, puni-

354 views • 6 slides

What is Matter? The Simplest Form of Matter: Elements of the Periodic Table Properties of

Slide 1 / 176 Slide 2 / 176 7th Grade Matter and Its Properties 2015-09-16 www.njctl.org Slide 3 / 176 Slide 4 / 176 Table of Contents: Matter and Its Properties What is Matter? Click on the topic to go to that section How Do We

406 views • 40 slides