期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

带认证邮局协议的密钥恢复攻击

Password Recovery Attack to Authentication Post Office Protocol
下载PDF
导出
摘要 作者提出了一种新的针对带认证邮局协议的密钥恢复攻击,能够更快地恢复出密钥并能够恢复更多的密钥字符.基于通道技术和高级消息修改技术,提出了一种"群满足方案"来确定性地满足分而治之策略下最后一个通道首三步的所有充分条件,籍此提高MD5(Message Digest Algorithm 5)碰撞对搜索的效率.并提出了一些新的通道来控制MD5碰撞对消息的更多比特的取值,比如可以构造出352比特值确定的MD5碰撞对.通过这些技术改进了多位信息确定的MD5碰撞对搜索效率,应用到APOP的密钥恢复攻击中不仅能够快速恢复长达31个字符的密钥,而且能够在实际时间内恢复长达43个字符的密钥. In this paper, we propose a new password recovery attack to Authentication Post Office Protocol(APOP), which can recover more password characters and faster. First, based on tunnel and advanced message modification technologies, we propose a "Group Satisfaction Scheme"to satisfy determinately all conditions of the first three successive steps of the last tun- nel, to further improve Message Digest Algorithm 5 (MD5) collision searching efficiency. Sec- ond, we propose some new tunnels to generate more meaningful characters during MD5 collision searching; for example, we can construct an MD5 collision pair with as many as 352 fixed bits. Combining with these technologies, we can improve the efficiency of MD5 collision searching with high number of chosen bits, hence, we can recover APOP passwords with 31 characters extreme- ly fast, and can also recover passwords as long as 43 characters in practical time.
作者 刘凡保 谢涛 冯登国
机构地区 国防科学技术大学计算机学院 中国科学院信息安全国家重点实验室
出处 《计算机学报》 EI CSCD 北大核心 2012年第9期1927-1937,共11页 Chinese Journal of Computers
基金 国家核高基重大专项课题(2010ZX01037-001-001) 国家"九七三"重点基础研究发展规划项目基金(2007CB311202) 国家自然科学基金(61070228)资助~~
关键词 带认证邮局协议 挑战和响应 密钥恢复 通道 群满足方案 authentication post office protocol~ challenge and response~ password recovery tun-nel~ group satisfaction scheme
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献18

  • 1Myers J, Rose M. Post office protocol version 3. RFC 1939 (Standard), 1996. Updated byRFCs 1957, 2449.
  • 2Preneel B, van Oorschot P C. On the security of two MAC algorithms//Proceedings of the 15th Annual International Conference on Theory and Application of Cryptographic Techniques (EUROCRYPT' 96). Saragossa, Spain, 1996 : 19-32.
  • 3Rivest R. The MD5 message-digest algorithm. RFC 1321, 1992.
  • 4Eastlake D, Jones P. US secure hash algorithm 1 (SHA1). RFC 3174, Internet Engineering Task Force, 2001.
  • 5Wang Xiao-Yun, Yu Hong-Bo. How to break MD5 and other hash functions//Cramer R ed. Advances in Cryptology (EUROCRYPT 2005). Lecture Notes in Computer Science 3494. Berlin/Heidelberg: Springer, 2005:19-35.
  • 6Wang Xiao-Yun, Lai Xue-Jia, Feng Deng Guo, Chen Hui, Yu Xiu-Yuan. Cryptanalysis of the hash functions MD4 and RIPEMD//Cramer R ed. Advances in Cryptology (EURO CRYPT 2005). Lecture Notes in Computer Science 3494. Berlin/Heidelberg: Springer, 2005:1-18.
  • 7Wang Xiao-Yun, Yu Hong-Bo, Yin Yi-Qun. Efficient colli sion search attacks on sha-0//Shoup V ed. Advances in Cryptology (CRYPTO 2005). Lecture Notes in Computer Science 3621. Berlin/Heidelberg: Springer, 2005:1-16.
  • 8Wang Xiao-Yun, Yin Yi-Qun, Yu Hong Bo. Finding colli- sions in the full SHA-1//Shoup V ed. Advances in Cryptolo gy (CRYPTO 2005). Lecture Notes in Computer Science 3621. Berlin/Heidelberg: Springer, 2005:17-36.
  • 9Klima V. Tunnels in hash functions: MD5 collisions within a minute. Cryptology ePrint Archive, Report 2006/105, 2006. http ://eprint. iacr. org/.
  • 10Leurent G. Message freedom in MD4 and MD5 collisions: Application to APOP//Proceedings of the Fast Software En eryption, 14th International Workshop, FSE 2007. Luxem bourg, Luxernbourg, 2007:309-328.
计算机学报
2012年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部