Explain Birthday attack in brief?

We generally think a 64-bit hash is secure

  1. but by Birthday Paradox is not
  2. birthday attack works thus:
    • opponent generates 2m/2 variations of a valid message all with essentially the same meaning
    • opponent also generates 2m/2 variations of a desired fraudulent message
    • two sets of messages are compared to find pair with same hash (probability > 0.5 by birthday paradox)
    • have user sign the valid message, then substitute the forgery which will have a valid signature
  3. conclusion is that need to use larger MACs

Leave a Reply

Your email address will not be published. Required fields are marked *