Birthday attack

A birthday attack is a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory. This attack can be used to abuse communication between two or more parties. The attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations (pigeonholes). With a birthday attack, it is possible to find a collision of a hash function in , with being the classical security. There is a general (though disputed) result that quantum computers can perform birthday attacks, thus breaking collision resistance, in . Although there are some digital signature vulnerabilities associated with the birthday attack, it cannot be used to break an encryption scheme any faster than a brute-force attack. Birthday problem As an example, consider the scenario in which a teacher with a class of 30 students (n = 30) asks for everybody's birthday (for simplicity, ignore leap years) to determine whether any two students have the same birthday (corresponding to a hash collision as described further). Intuitively, this chance may seem small. Counter-intuitively, the probability that at least one student has the same birthday as any other student on any day is around 70% (for n = 30), from the formula . If the teacher had picked a specific day (say, 16 September), then the chance that at least one student was born on that specific day is , about 7.9%. In a birthday attack, the attacker prepares many different variants of benign and malicious contracts, each having a digital signature. A pair of benign and malicious contracts with the same signature is sought. In this fictional example, suppose that the digital signature of a string is the first byte of its SHA-256 hash. The pair found is indicated in green – note that finding a pair of benign contracts (blue) or a pair of malicious contracts (red) is useless. After the victim accepts the benign contract, the attacker substitutes it with the malicious one and claims the victim signed it, as proven by the digital signature.

Near Collision Attack Against Grain V1

Daniel Patrick Collins, Subhadeep Banik, Willi Meier

A near collision attack against the Grain v1 stream cipher was proposed by Zhang et al. in Eurocrypt 18. The attack uses the fact that two internal states of the stream cipher with very low hamming distance between them, produce similar keystream sequences ...

2023

Towards Efficient LPN-Based Symmetric Encryption

Serge Vaudenay, Sonia Mihaela Bogos, Dario Korolija, Thomas Locher

Due to the rapidly growing number of devices that need to communicate securely, there is still significant interest in the development of efficient encryption schemes. It is important to maintain a portfolio of different constructions in order to enable a ...

Springer International Publishing2021

Near Collision Attack Against Grain V1

PAE: Towards More Efficient and BBB-Secure AE from a Single Public Permutation

Towards Efficient LPN-Based Symmetric Encryption

PAE: Towards More Efficient and BBB-Secure AE from a Single Public Permutation

Near Collision Attack Against Grain V1

Towards Efficient LPN-Based Symmetric Encryption