Timestamp Injected Cryptographic Hash Function to Reduce Fabrication of Hash Collisions

Cryptographic hash functions are used in many applications. One important application is to ensure data integrity. Although there are many different types of hashing algorithms, MD5 is widely used to ensure data integrity in digital evidence. However, a weakness, where collisions can occur, has been found in the MD5 algorithm. With regards to digital evidence, this is a big issue. The integrity of the digital evidence becomes questionable due to collisions and hence it is not admissible in court. Many methods were used to find collisions, such as the Chosen-Prefix Collision and researchers have been improving collision finding algorithms. This paper concentrates on reducing the chances of collision by chopping the last 16 bits of the MD5 algorithm and injecting timestamp into the chopped parts. Experiments are performed to test this algorithm and the results show that the time taken to find collisions is longer using the MD5 with an injected timestamp. The chopping construction and the timestamp disrupt the iterative property of the hash function thus when dealing with digital evidence, there are less chances of hash collision and therefore the probability of the admissibility of the digital evidence in court is higher.

[1]  Frank Damm,et al.  Requirements for cryptographic hash functions , 1992, Comput. Secur..

[2]  Hans Dobbertin Cryptanalysis of MD5 Compress , 1996 .

[3]  Hans Dobbertin,et al.  Cryptanalysis of MD4 , 1996, Journal of Cryptology.

[4]  Tor Helleseth,et al.  Advances in Cryptology — EUROCRYPT ’93 , 2001, Lecture Notes in Computer Science.

[5]  Dengguo Feng,et al.  Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , 2004, IACR Cryptol. ePrint Arch..

[6]  Jean-Sébastien Coron,et al.  Merkle-Damgård Revisited: How to Construct a Hash Function , 2005, CRYPTO.

[7]  Vlastimil Klíma Finding MD5 Collisions - a Toy For a Notebook , 2005, IACR Cryptol. ePrint Arch..

[8]  John Black,et al.  A Study of the MD5 Attacks: Insights and Improvements , 2006, FSE.

[9]  William Millan,et al.  Constructing Secure Hash Functions by Enhancing Merkle-Damgård Construction , 2006, ACISP.

[10]  Jirí Tuma,et al.  Multi-block Collisions in Hash Functions Based on 3C and 3C+ Enhancements of the Merkle-Damgård Construction , 2006, ICISC.

[11]  Marc Stevens,et al.  Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities , 2007, EUROCRYPT.

[12]  Tao Xie,et al.  How To Find Weak Input Differences For MD5 Collision Attacks , 2009, IACR Cryptol. ePrint Arch..

[13]  Marc Stevens,et al.  Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate , 2009, CRYPTO.

[14]  Chunghuang Yang,et al.  Fast Deployment of Computer Forensics with USBs , 2010, 2010 International Conference on Broadband, Wireless Computing, Communication and Applications.

[15]  Jasmin Cosic,et al.  Do we have full control over integrity in digital evidence life cycle? , 2010, Proceedings of the ITI 2010, 32nd International Conference on Information Technology Interfaces.

[16]  Marc Stevens,et al.  Chosen-prefix collisions for MD5 and applications , 2012, Int. J. Appl. Cryptogr..

[17]  Sjsu ScholarWorks,et al.  A Meaningful MD5 Hash Collision Attack , 2014 .

[18]  Anton A. Kuznetsov An algorithm for MD5 single-block collision attack using high-performance computing cluster , 2014, IACR Cryptol. ePrint Arch..

[19]  Fernando Molina Granja,et al.  Preservation of digital evidence: Application in criminal investigation , 2015, 2015 Science and Information Conference (SAI).

[20]  Thomas Peyrin,et al.  Freestart Collision for Full SHA-1 , 2015, EUROCRYPT.

[21]  T. Sivakumar,et al.  A New Symmetric Cryptosystem using Randomized Parameters of SHA-512 and MD 5 Hash Functions , 2016 .

[22]  Atanu Mondal,et al.  TDMAC: A timestamp defined message authentication code for secure data dissemination in VANET , 2016, 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS).

[23]  Xingquan Zhu,et al.  Hashing Techniques , 2017 .

[24]  S. P. Ghrera,et al.  An ID-based Secure and Flexible Buyer-seller Watermarking Protocol for Copyright Protection , 2017 .

[25]  S. Hakim,et al.  Improving Data Integrity in Communication Systems by Designing a New Security Hash Algorithm , 2017 .