Tag: length-extension attacks

Canonicalization Attacks Against MACs and Signatures

Post author By Soatok
Post date July 30, 2021
6 Comments on Canonicalization Attacks Against MACs and Signatures

Canonicalization Attacks occur when a protocol that feeds data into a hash function used in a Message Authentication Code (MAC) or Digital Signature calculation fails to ensure some property that’s expected of the overall protocol. The textbook example of a canonicalization attack is the length-extension attack against hash functions such as MD5–which famously broke the […]

Tags collision attacks, cryptographic hash function, cryptography, digital signature algorithm, DSSE, HMAC, length-extension attacks, MACs, PASETO, Security Guidance

Cryptography Software Security

Dead Ends in Cryptanalysis #1: Length Extension Attacks

Post author By Soatok
Post date October 6, 2020
5 Comments on Dead Ends in Cryptanalysis #1: Length Extension Attacks

This is the first entry in a (potentially infinite) series of dead end roads in the field of cryptanalysis. Cryptography engineering is one of many specialties within the wider field of security engineering. Security engineering is a discipline that chiefly concerns itself with studying how systems fail in order to build better systems–ones that are […]

Tags cryptanalysis, crypto, cryptographic hash function, cryptography, length-extension attacks