{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T10:42:15Z","timestamp":1769510535785,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540792628","type":"print"},{"value":"9783540792635","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-79263-5_3","type":"book-chapter","created":{"date-parts":[[2008,4,4]],"date-time":"2008-04-04T12:18:54Z","timestamp":1207311534000},"page":"36-51","source":"Crossref","is-referenced-by-count":19,"title":["Linear-XOR and Additive Checksums Don\u2019t Protect Damg\u00e5rd-Merkle Hashes from Generic Attacks"],"prefix":"10.1007","author":[{"given":"Praveen","family":"Gauravaram","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"John","family":"Kelsey","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"3_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"163","DOI":"10.1007\/3-540-69053-0_13","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","author":"M. Bellare","year":"1997","unstructured":"Bellare, M., Micciancio, D.: A new paradigm for collision-free hashing: Incrementality at reduced cost. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol.\u00a01233, pp. 163\u2013192. Springer, Heidelberg (1997)"},{"key":"3_CR2","unstructured":"Coppersmith, D.: Two Broken Hash Functions. Technical Report IBM Research Report RC-18397, IBM Research Center (October 1992)"},{"key":"3_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"416","DOI":"10.1007\/0-387-34805-0_39","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"I. Damg\u00e5rd","year":"1990","unstructured":"Damg\u00e5rd, I.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 416\u2013427. Springer, Heidelberg (1990)"},{"key":"3_CR4","unstructured":"Dunkelman, O., Preneel, B.: Generalizing the herding attack to concatenated hashing schemes. In: ECRYPT hash function workshop (2007)"},{"key":"3_CR5","unstructured":"Filho, D.G., Barreto, P., Rijmen, V.: The MAELSTROM-0 Hash Function. In: 6th Brazilian Symposium on Information and Computer System Security (2006)"},{"key":"3_CR6","unstructured":"Gauravaram, P.: Cryptographic Hash Functions: Cryptanalysis, Design and Applications. PhD thesis, Information Security Institute, QUT (June 2007)"},{"key":"3_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"179","DOI":"10.1007\/11799313_12","volume-title":"Fast Software Encryption","author":"J. Hoch","year":"2006","unstructured":"Hoch, J., Shamir, A.: Breaking the ICE: Finding Multicollisions in Iterated Concatenated and Expanded (ICE) Hash Functions. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol.\u00a04047, pp. 179\u2013194. Springer, Heidelberg (2006)"},{"key":"3_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"306","DOI":"10.1007\/978-3-540-28628-8_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"A. Joux","year":"2004","unstructured":"Joux, A.: Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol.\u00a03152, pp. 306\u2013316. Springer, Heidelberg (2004)"},{"key":"3_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"183","DOI":"10.1007\/11761679_12","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"J. Kelsey","year":"2006","unstructured":"Kelsey, J., Kohno, T.: Herding Hash Functions and the Nostradamus Attack. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol.\u00a04004, pp. 183\u2013200. Springer, Heidelberg (2006)"},{"key":"3_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"474","DOI":"10.1007\/11426639_28","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"J. Kelsey","year":"2005","unstructured":"Kelsey, J., Schneier, B.: Second Preimages on n-bit Hash Functions for Much Less than 2n\u0302 Work. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol.\u00a03494, pp. 474\u2013490. Springer, Heidelberg (2005)"},{"key":"3_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"255","DOI":"10.1007\/11502760_17","volume-title":"Fast Software Encryption","author":"L. Knudsen","year":"2005","unstructured":"Knudsen, L., Mathiassen, J.: Preimage and Collision attacks on MD2. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol.\u00a03557, pp. 255\u2013267. Springer, Heidelberg (2005)"},{"key":"3_CR12","unstructured":"Lei, D.: F-HASH: Securing Hash Functions Using Feistel Chaining. Cryptology ePrint Archive, Report 2005\/430 (2005)"},{"key":"3_CR13","unstructured":"Lucks, S.: Hash Function Modes of Operation. In: ICE-EM RNSA 2006 Workshop at QUT, Australia (June, 2006)"},{"key":"3_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1007\/0-387-34805-0_40","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"R. Merkle","year":"1990","unstructured":"Merkle, R.: One way Hash Functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 428\u2013446. Springer, Heidelberg (1990)"},{"key":"3_CR15","unstructured":"Mironov, I., Narayanan, A.: Personal communication (August 2006)"},{"key":"3_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"214","DOI":"10.1007\/978-3-540-30539-2_16","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"M. Muller","year":"2004","unstructured":"Muller, M.: The MD2 Hash Function Is Not One-Way. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol.\u00a03329, pp. 214\u2013229. Springer, Heidelberg (2004)"},{"key":"3_CR17","unstructured":"Nandi, M., Stinson, D.: Multicollision attacks on some generalized sequential hash functions. Cryptology ePrint Archive, Report 2006\/055 (2006)"},{"key":"3_CR18","unstructured":"NIST. Cryptographic Hash Algorithm Competition (November, 2007), \n                    \n                      http:\/\/www.csrc.nist.gov\/groups\/ST\/hash\/sha-3\/index.html"},{"key":"3_CR19","unstructured":"Government\u00a0Committee of\u00a0the Russia\u00a0for Standards. GOST R 34.11-94 (1994)"},{"key":"3_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"407","DOI":"10.1007\/11780656_34","volume-title":"Information Security and Privacy","author":"P. Gauravaram","year":"2006","unstructured":"Gauravaram, P., Millan, W., Dawson, E., Viswanathan, K.: Constructing Secure Hash Functions by Enhancing Merkle-Damg\u00e5rd Construction. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol.\u00a04058, pp. 407\u2013420. Springer, Heidelberg (2006)"},{"key":"3_CR21","unstructured":"Dean, R.D.: Formal Aspects of Mobile Code Security. PhD thesis, Princeton University (1999)"},{"key":"3_CR22","series-title":"Lecture Notes in Computer Science","first-page":"257","volume-title":"Information Security and Cryptology \u2013 ICISC 2006","author":"J. Tuma","year":"2006","unstructured":"Tuma, J., Joscak, D.: Multi-block Collisions in Hash Functions based on 3C and 3C+ Enhancements of the Merkle-Damg\u00e5rd Construction. In: Rhee, M.S., Lee, B. (eds.) ICISC 2006. LNCS, vol.\u00a04296, pp. 257\u2013266. Springer, Heidelberg (2006)"},{"key":"3_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"288","DOI":"10.1007\/3-540-45708-9_19","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"D. Wagner","year":"2002","unstructured":"Wagner, D.: A Generalized Birthday Problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, pp. 288\u2013303. Springer, Heidelberg (2002)"},{"key":"3_CR24","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"X. Wang","year":"2005","unstructured":"Wang, X., Yin, Y.L., Yu, H.: Efficient collision search attacks on SHA-0. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 1\u201316. Springer, Heidelberg (2005)"},{"key":"3_CR25","series-title":"Lecture Notes in Computer Science","first-page":"17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"X. Wang","year":"2005","unstructured":"Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 17\u201336. Springer, Heidelberg (2005)"},{"key":"3_CR26","series-title":"Lecture Notes in Computer Science","first-page":"19","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"X. Wang","year":"2005","unstructured":"Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol.\u00a03494, pp. 19\u201335. Springer, Heidelberg (2005)"},{"issue":"3","key":"3_CR27","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1080\/0161-117991854025","volume":"3","author":"G. Yuval","year":"1979","unstructured":"Yuval, G.: How to swindle Rabin. Cryptologia\u00a03(3), 187\u2013189 (1979)","journal-title":"Cryptologia"}],"container-title":["Lecture Notes in Computer Science","Topics in Cryptology \u2013 CT-RSA 2008"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-79263-5_3.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T11:16:00Z","timestamp":1619522160000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-79263-5_3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540792628","9783540792635"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-79263-5_3","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[]}}