📝Length extension attack

tags
§ Cryptography

Length extension attack is an attack on some hashing function. It allows attacker to calculate Hash(message1message2)Hash(message_1 || message_2) if Hash(message1)Hash(message_1) and size of message1message_1 is known (without knowing the message itself).

Algorithms like MD5, SHA-1, SHA-2 are susceptible to this attack.

This is an issue when hash functions are used to authenticate messages as Hash(keymessage)Hash(key || message).

Since HMAC does not use this construct, it is not prone to Length extension attack.

Backlinks