信息工程大学学报2024,Vol.25Issue(4):478-484,7.DOI:10.3969/j.issn.1671-0673.2024.04.017
针对脚本文件的恶意哈希碰撞应用
Malicious Hash Collision Against Script Files
摘要
Abstract
The existing shell script file collision is reviewed,and the complexity of the existing frame-work to implement the collision with SHA-1 is analyzed in this paper.Techniques such as near-colli-sion attack are used to propose a new collision framework,which reduces the complexity of the original attack.The complexity of implementing collision applications with MD5 and SHA-1 in this framework is 216 and 263.4 respectively,lower than that of the birthday search.To verify the new collision frame-work,three applications with the MD5 algorithm are implemented in this paper.Firstly,the malicious collision of shell script files and bat files against the MD5 algorithm is implemented.Finally,the mali-cious collision of two Word files is realized by using macro commands in Word.The framework extends the application scenario of hash function collision and provides new research ideas for the design and analysis of hash functions,which has the value of the practical application.关键词
哈希函数/碰撞应用/脚本文件/恶意哈希碰撞Key words
Hash functions/collision applications/scripting files/malicious hash collision分类
信息技术与安全科学引用本文复制引用
李德刚,曾光..针对脚本文件的恶意哈希碰撞应用[J].信息工程大学学报,2024,25(4):478-484,7.基金项目
数学工程与先进计算国家重点实验室开放课题(2020A08) (2020A08)
