Question about hashing concatenated strings that are ambiguous

Question about hashing concatenated strings that are ambiguous

I stumbled upon this on stackexchange:

Basically they’re mentioning that ‘built||insecurely’ and ‘builtin||securely’ will generate the same hash, so that one must employ some kind of mitigating factor like H(H(builtin)||H(securely)) to avoid the ambiguity of each formation generating the same hash.

I’m a little confused by exactly what contexts this is important in, and what instances of strings being concatenated are ambiguous and vulnerable to this. Specifically, if using encrypt-then-MAC on a cipher-text message, it’s said that one should generate the MAC with the IV and the cipher-text both, so something like H(IV||C).

Does the ambiguity vulnerability still apply in the context of H(IV|C)? I’m having a little trouble wrapping my head around what could go wrong and what could be attacked in this context.

submitted by /u/kennbr
[link] [comments]

top scoring links : crypto
Cryptography is the art of creating mathematical assurances for who can do what with data, including but not limited the classical example of encrypting messages so that only the key-holder can read it. Cryptography lives at an intersection of math, programming, and computer science. This subreddit covers the theory and practice of modern and *strong* cryptography, and it is a technical subreddit focused on the algorithms and implementations of cryptography.

Related posts

Leave a Comment