Second pre-image

Second pre-image

The second pre-image attack tries to find a messages that has the same hash value as an initial message. A cryptographic hash function should resist attacks on its second pre-image.

Second pre-image resistance: Given a message m1 it should be hard to find another message
m2 6= m1 such that H(m1) = H(m2).

Why would a hacker wants to do that?

One of the most used verification system in order to check if a file is authentic is to hash this file and to check if it is the good one. So if you want to create a file which can be confused with this one you need to get the same hash result from it, it is a specific collision. This attack is a bit longer than the collision attack since you want to match a specific hash and do not want two random hash which are the same. One of the requirement to be a good hash function is to get preimage resistance: it must be impossible to calculate an input in order to get a specific hash. For an ideal cryptographic functions the fastest way to proceed a preimage is by brute-force. However we know today thanks to cryptanalysis that some specific attacks are more efficient than brute-force on some well-known hash function, but they are almost all theoric and cannot be set in reality (cannot be executed in a reasonable amount of time).

We call it second-preimage attack when the goal is to find an x’ such as H(x)=H(x’) with H a Hash function and x an imposed file or message.