. Iterated hash functions based on block ciphers are treated. Five attacks on an iterated hash function and on its round function are formulated. The wisdom of strengthening such hash functions by constraining the last block of the message to be hashed is stressed. Schemes for constructing m-bit and 2m-bit hash round functions from m-bit block ciphers are studied. A principle is formalized for evaluating the strength of hash round functions, viz., that applying computationally simple #in both directions# invertible transformations to the input and output of a hash round function yields a new hash round function with the same security. By applying this principle, four attacks on three previously proposed 2m-bit hash round functions are formulated. Finally, three new hash round functions based on an m-bit block cipher with a 2m-bit key are proposed. 1 Introduction This paper is intended to provide a rather rounded treatment of hash functions that are obtained by iterati...

The security of electronic mail sent through the Internet may be described in exactly three words: there is none. The Privacy and Security Research Group has recommended implementing mechanisms designed to provide security enhancements. The first set of mechanisms provides a protocol to provide privacy, integrity, and authentication for electronic mail; the second provides a certificate-based key management infrastructure to support key distribution throughout the internet, to support the first set of mechanisms. This paper describes these mechanisms, as well as the reasons behind their selection and how these mechanisms can be used to provide some measure of security in the exchange of electronic mail. Index Terms: certificates, cryptography, electronic mail, internet, privacy, security 1. Introduction Probably the best-known use of computer networks is for the transmission of electronic mail. Much less widely known is the inherent lack of security in most mailing systems. Recently ...

Abstract. A critical analysis of the modified cryptographic checksum algorithm of Cohen and Huang points out some weaknesses in the scheme. We show how to exploit these weaknesses with a chosen text attack to derive the first bits of the key. This information suffices to manipulate blocks with a negligible chance of detection. 1.

1.4 Simple XOR

Providing security for electronic mail message sent to more than one destination can be a difficult problem, particularly when authentication is required. Previous attempts to solve this problem have been shown to be flawed. In this paper we describe two approaches which can be used to solve the problem in an efficient and secure way.