Second Preimage Resistance

Pronunciation

[sek-uhnd pree-im-ij ri-zis-tuhns]

Analogy

Imagine you have an original document (m1) and its unique fingerprint (H(m1)). Second preimage resistance means it's practically impossible for someone to create a *different* document (m2) that happens to have the exact same fingerprint as your original document.

Definition

A property of cryptographic functions meaning that given an input message (m1), it is computationally infeasible to find a *different* input message (m2) that produces the same output as the original message (i.e., H(m1) = H(m2)).

Key Points Intro

Second preimage resistance protects against an attacker modifying a message without changing its value.

Key Points

Given an input m1, it should be computationally hard to find a different input m2 ≠ m1 such that H(m1) = H(m2).

This property is important for ensuring that a digital signature on one document cannot be moved to another illicitly modified document.

Generally, for an n-bit hash function, finding a second preimage takes about 2^n operations, similar to preimage resistance.

Weaker than collision resistance (where an attacker can choose both m1 and m2).

Example

If you have a software update file and its published value, second preimage resistance ensures an attacker cannot create a malicious version of the software update that conveniently has the same value, thus tricking users into installing the .

Technical Deep Dive

Second preimage resistance is crucial in scenarios where an attacker has a specific message and its and wants to find another message with that same . If a lacks this property, it might be possible for an attacker to take a legitimately signed document, find a second preimage that is malicious but has the same , and then claim the existing signature applies to their malicious document. This property is distinct from , where the attacker is free to choose both messages.

Related Terms

Blockchain & Cryptocurrency Glossary

Second Preimage Resistance - Related Articles