哈希长度扩展攻击

简介

In short, the length-extension attack on one-way hash construction is that you can, given h(m) and len(m), you are able to compute h(m||pad(m)||m’) for any m’ (|| stands for concatenation), even if you don’t know the entire message m. This attack works on all Merkle-Damgård hash such as MD0-MD5 and SHA0-SHA2. This is also called “message extension” or “padding” attack”. (感觉问题主要来源于分组串联)

这里写图片描述

这里写图片描述

具体流程

解决方法

  1. 用HMAC
  2. Hash(message || password)
  3. Hash(password || Hash(message))

更多

阅读更多
想对作者说点什么?

博主推荐

换一批

没有更多推荐了,返回首页