INTRODUCTION – BIRTHDAY ATTACK & BIRTHDAY PARADOX
PhD Research Topics: The Birthday Attack is named after the birthday paradox. It is one of the cryptographic attacks that exploit the probability theory of birthday problems in the mathematics field. This attack could be used to abusing the communication between the parties. This attack highly depends upon the likelihood of certain collisions that are found between randomized attack attempts and the pigeonholes.
In order to, consider that you are in a room full of 23 people. You have a 1 in 365 chance of sharing a birthday with each of the 22 other people in the room, for a total of 22/365 chances. Especially, if you fail to match, you leave the room and Joe has a 21/365 chance of sharing a birthday with the remaining people. If Joe fails to match, he leaves the room and Morgan has a 20/365 chance, and so on. If you add 22/365 + 21/365 + 20/365 + 19/365 … + 1/365, you pass 50% probability. As well as, the mathematics behind this problem led to a well-known cryptographic attack called the birthday attack. Which uses this probabilistic model to reduce the complexity of cracking a hash function. To know more about the birthday attack, you can refer to dissertation writings.
DIGITAL SIGNATURE SUSCEPTIBILITY
Several trending PhD Research Topics are written on the basis of a Birthday attack and its paradox. Birthday attacks are a class of brute-force techniques used in an attempt to solve a class of cryptographic hash functions problems. Digital signatures could be vulnerable to a birthday attack. Here the initial message m could be signed by using first computing f(m), where f represents crypto hash functions and then using some secret keys for signing f(m).
Consider an example where a person A wants to trick person B in signing a fraudulent contract. Here person A prepares a fairly presentable contract as m and a fraudulent contract an m’. Person A then finds a number of positions where m can be changed without changing the meaning. Such as inserting commas, empty lines, one versus two spaces after a sentence, replacing synonyms, etc.
By combining these changes, she can create a huge number of variations on m which are all fair contracts. In a similar manner, person A also creates a huge number of variations on the fraudulent contract m’. She then applies the hash function to all these variations until she finds a version of the fair contract and a version of the fraudulent contract. Which has the same hash value, f(m) = f(m’). She presents the fair version to Bob for signing. After Bob has signed, Mallory takes the signature and attaches it to the fraudulent contract. This signature then “proves” that Bob signed the fraudulent contract.
To avoid this attack, the output length of the hash function used for a signature scheme can be chosen large enough. So that the birthday attack becomes computationally infeasible, i.e. about twice as many bits as are needed to prevent an ordinary brute-force attack. Besides using a larger bit length, the signer (Bob) can protect himself by making some random, inoffensive changes to the document before signing it, and by keeping a copy of the contract he signed in his own possession, so that he can at least demonstrate in court that his signature matches that contract, not just the fraudulent one. Some sort of special birthday invasion is a type of cryptanalytic strike of which makes use of the actual mathematics behindhand the actual natal day problem in probability theory.