本文選題：Hash + MD5　； 參考：《解放軍信息工程大學(xué)》2014年碩士論文

【摘要】：Hash函數(shù)作為現(xiàn)代信息安全理論中的重要工具之一,為確保信息交互過程的可靠性發(fā)揮著重大的作用。隨著MD5的攻破以及有語義的MD5選擇前綴碰撞算法的提出,對Hash函數(shù)的安全性分析及研究成為了焦點。近幾年,MD5作為被廣泛應(yīng)用的Hash函數(shù),因選擇前綴碰撞算法的提出和應(yīng)用以及火焰病毒的發(fā)現(xiàn)而受到關(guān)注,同時MD5的安全性也受到了質(zhì)疑。然而,由于一些現(xiàn)實因素的影響,MD5仍在信息安全系統(tǒng)中發(fā)揮著作用。MD4作為MD5和SHA-1等Hash函數(shù)的設(shè)計基礎(chǔ),對于它的分析可為后續(xù)的Hash函數(shù)研究提供一定的指導(dǎo)。本文主要對MD4和MD5碰撞攻擊的相關(guān)技術(shù)及算法進(jìn)行了分析,取得了以下結(jié)果:1、對文[17]中MD4差分路徑自動化構(gòu)造算法進(jìn)行了改進(jìn)。通過考察MD4算法及其差分路徑自動化構(gòu)造算法的原理,分析了具體差分路徑自動化構(gòu)造算法中影響差分路徑重量的各因素,最后通過充分利用第32比特位上差分的特殊性,有效控制了搜索抵消目標(biāo)差分過程中不必要的有符號差分進(jìn)位擴展,搜索構(gòu)造得到了新的差分路徑。相對于文[17]中差分路徑,新差分路徑的差分重量減少了6,充分條件數(shù)減少了14個。2、針對MD5選擇前綴碰撞算法在實際應(yīng)用時復(fù)雜度分布的失衡問題,提出了改進(jìn)的MD5選擇前綴碰撞算法。首先結(jié)合非相鄰表示型(NAF),給出了生日搜索復(fù)雜度中概率值在特定條件下的推導(dǎo)方式,并將推導(dǎo)所得值與文[37]中給出的模擬值進(jìn)行了比較,驗證了推導(dǎo)過程的正確性,同時建立了平衡參數(shù)與生日搜索復(fù)雜度之間的關(guān)系。其次,針對選擇前綴碰撞算法在被應(yīng)用于偽造X.509證書時其計算復(fù)雜度幾乎完全由生日搜索復(fù)雜度決定的現(xiàn)象,結(jié)合上述關(guān)于平衡參數(shù)的理論結(jié)果,通過引入新的消息差分,改進(jìn)了選擇前綴碰撞所需的生日碰撞形式,得到改進(jìn)算法。結(jié)果在實際應(yīng)用所需的參數(shù)條件下,改進(jìn)算法平均可降低1比特的復(fù)雜度。3、給出了Hash函數(shù)連續(xù)近似碰撞塊檢測算法�；贛arc Stevens給出的最后一塊近似碰撞塊檢測算法,得到連續(xù)近似碰撞塊檢測算法。結(jié)果成功實現(xiàn)了對火焰病毒證書的檢測,僅在0.06秒內(nèi)得到4塊連續(xù)近似碰撞塊,并首次給出了近似碰撞采用的所有差分路徑,最后基于所得碰撞信息,對火焰病毒證書的偽造過程與Stevens提出的選擇前綴碰撞算法進(jìn)行了初步比較。
[Abstract]:As one of the important tools in modern information security theory, Hash function plays an important role in ensuring the reliability of information interaction process. With the breakthrough of MD5 and the proposed of semantic MD5 prefixes collision algorithm, the security analysis and research of Hash function become the focus. In recent years, as a widely used Hash function, MMD5 has attracted much attention because of the proposed and applied prefix collision algorithm and the discovery of flame virus. At the same time, the security of MD5 has also been questioned. However, due to the influence of some practical factors, MD5 still plays an important role in the information security system. MD4 is the basis of the design of Hash functions such as MD5 and SHA-1. The analysis of MD5 can provide some guidance for the further study of Hash function. In this paper, the related techniques and algorithms of MD4 and MD5 collision attacks are analyzed, the following results are obtained: 1, and the algorithm of constructing MD4 differential path automation in [17] is improved. By investigating the principle of MD4 algorithm and its differential path automation construction algorithm, this paper analyzes the factors that affect the weight of differential path in the specific differential path automatic construction algorithm. Finally, by making full use of the particularity of the difference on the 32nd bit, The unnecessary signed difference carry expansion is effectively controlled in the process of searching and canceling the target difference, and a new difference path is obtained by the search construction. Compared with the difference path in [17], the differential weight of the new differential path is reduced by 6, and the sufficient condition number is reduced by 14. 2. In view of the imbalance of the complexity distribution of the MD5 prefixed collision algorithm in practical application, An improved MD5 prefix collision algorithm is proposed. First of all, combining with non-adjacent representation (NAF), the derivation method of probability value in birthday search complexity under certain conditions is given, and the derived value is compared with the simulated value given in [37], which verifies the correctness of the derivation process. At the same time, the relationship between the balance parameter and birthday search complexity is established. Secondly, aiming at the phenomenon that the computational complexity of selecting prefix collision algorithm is almost determined by birthday search complexity when it is applied to fake X.509 certificates, combined with the theoretical results of equilibrium parameters mentioned above, a new message difference is introduced. The birthday collision form needed to select prefix collision is improved, and the improved algorithm is obtained. Results under the condition of practical application, the improved algorithm can reduce the complexity of 1 bit by 1 bit on average. The Hash function continuous approximate collision block detection algorithm is presented. Based on Marc Stevens' last approximate collision block detection algorithm, a continuous approximate collision block detection algorithm is obtained. Results the Flame virus certificate was successfully detected and four successive approximate collision blocks were obtained in only 0.06 seconds. All the differential paths used in the approximate collision were given for the first time. Finally, based on the resulting collision information, all the differential paths used in the approximate collision were given for the first time. The forging process of flame virus certificate is compared with Stevens' algorithm of selecting prefix collision.
【學(xué)位授予單位】：解放軍信息工程大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TN918.1

【參考文獻(xiàn)】

相關(guān)期刊論文 前1條

1 毛明;秦志光;陳少暉;;破譯MD5算法關(guān)鍵技術(shù)探索[J];計算機應(yīng)用;2009年12期

，

本文編號：2109896