lengthextension

Lengthextension, commonly known as the length extension attack, is a cryptographic vulnerability that affects certain hash functions when they are used in an insecure way to provide data integrity or authentication. It arises from the Merkle-Damgård construction used by many traditional hash algorithms, where the final hash value depends on the internal state after processing the input and on how padding is applied.

The attack exploits the ability to take a known hash value of a message and, without knowing

Affected hash families include early and widely used functions such as MD5 and SHA-1, as well as

Mitigations center on using authentication schemes that are resistant to length extension. The recommended approach is