diff options
| author | Louis Burda <quent.burda@gmail.com> | 2024-04-01 20:55:25 +0200 |
|---|---|---|
| committer | Louis Burda <quent.burda@gmail.com> | 2024-04-01 20:55:25 +0200 |
| commit | a5e84c786280f373f70d20f3464883d1bc54f60b (patch) | |
| tree | 7eadc8c8726dd06487d925eeb188aee5cd0f05e2 /solve/notes | |
| download | cscg2024-cry2-master.tar.gz cscg2024-cry2-master.zip | |
Diffstat (limited to 'solve/notes')
| -rw-r--r-- | solve/notes | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/solve/notes b/solve/notes new file mode 100644 index 0000000..9738c5a --- /dev/null +++ b/solve/notes @@ -0,0 +1,14 @@ +The solution is a sha1 hash length extension attack which allows us to +append a suffix to an existing message and given the old hash create a +valid hash for the new message. + +To perform a length extension attack we first add the padding which is added +during preprocessing of the message if its length is not a mulitple of 64.. +this results in the same hash. The padding is a Merkle–Damgård construction: + +msg + 0x80 + 0x00 (N byte pad) + ... (8 byte msg size) + +Since the hash represents the state of the hashing function we can then +begin hashing the next block to add our suffix and create a valid hash +for the entire message. + |