What is an encryption collision?

BROWSE BY TAG Platform Security,   Enterprise Data Protection,   Disk Encryption and File Encryption,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Platform Security Should developers create libraries of common cryptographic algorithms? How to secure USB ports on Windows machines What is the best database patch management process? What are new and commonly used public-key cryptography algorithms? Should management processes change based on a patch release schedule? Does an EULA make it truly illegal to decompile software? Should businesses delay Windows Vista adoption and just buy Windows 7? Why should we place data files on a separate partition than the OS? Should Windows Mobile updates come from Microsoft? What are the export limitations for AES data encryption? Disk Encryption and File Encryption Heartland CIO is critical of First Data's credit card tokenization plan Heartland CIO on end-to-end encryption, credit card tokenization Should developers create libraries of common cryptographic algorithms? Heartland CIO on PCI, E3 project Visa probes tokens, encryption for PCI card data protection Voltage, RSA spar over tokenization, data protection Truth, lies and fiction about encryption What are new and commonly used public-key cryptography algorithms? What are the export limitations for AES data encryption? How to prevent network sniffing and eavesdropping

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Advanced Encryption Standard  (SearchSecurity.com) data key  (SearchSecurity.com) Encrypting File System  (SearchSecurity.com) encryption  (SearchSecurity.com) Escrowed Encryption Standard  (SearchSecurity.com) network encryption  (SearchSecurity.com) output feedback  (SearchSecurity.com) Quiz: Cryptography  (SearchSecurity.com) Rijndael  (SearchSecurity.com) Twofish  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

To answer your question, I need to step through various aspects of cryptography.

One type of cryptographic algorithm is called a hash function. Hash functions take a message of any length as input and then output a short, fixed-length value called a hash, digest or checksum. Hash functions have many uses in cryptography because any change to the original input, accidental or otherwise, will change the resulting hash value. This means hashes can be used in many forms of authentication, such as digital signatures and message authentication codes. They can also verify file integrity because even the slightest change to a document, message, or any type of data will change the hash value.

A hash function is not the same as an encryption function. Encryption is a two-way operation, transforming data from a cleartext to ciphertext and back, whereas hashes compile a stream of data into a small digest, a summarized form if you will, and it's strictly a one-way operation. Because of the one-way nature of hash functions, the hash values of passwords are often stored instead of the passwords themselves. As there's no way to find out for sure which password produced a particular hash, they are not useful to an attacker.

But there's an inescapable problem here. If we are creating a small fixed, length-hash value, say 128 bits, to represent any piece of data, large or small, it means that there are far more possible input values than there are unique hash values. Therefore more than one input stream can produce the same hash value. When this occurs, it is known as a collision. A hash function is deemed collision-resistant if it is hard to find two inputs that hash to the same output. Collision-resistant doesn't mean that no collisions exist; simply that they are difficult to find.

A successful encryption collision attack on a cryptographic hash function could compromise the security of all kinds of digital systems. For example, many software publishers provide the MD5 (Message-Digest algorithm 5) hash value of their downloadable software. This enables users to verify that the file is authentic and has not been tampered with. However, if an attacker could maliciously modify the source code, but manage to keep the same hash value, anyone downloading the doctored version wouldn't know that it wasn't the genuine software.

So to answer your second question, attacks do try to find encryption collisions. In March 2005, two researchers created two X.509 digital certificates with different public keys but with the same MD5 hash. Since then, an algorithm has been published that can find an MD5 collision in under a minute.

Fortunately, as MD5 has been shown to be non-collision resistant, it's being replaced by the SHA-2 family of hash functions in most applications.