Difference between revisions of "SHA-1"
From The ECRYPT Hash Function Website
(→State Update Transformation) |
|||
Line 8: | Line 8: | ||
==== State Update Transformation ==== | ==== State Update Transformation ==== | ||
− | < | + | <amsmath> |
− | A_{i+1} = A_i | + | A_{i+1} = A_i \lll 5 + W_i + f(B_i,C_i,D_i) + K_i |
− | </ | + | </amsmath> |
<math> | <math> |
Revision as of 15:56, 11 October 2006
Contents
1 General Description
SHA-1 is an iterated hash function.
1.1 Compression Function
The compression function takes as input a 512-bit message block and a 160-bit chaining variable, and produces a 160-bit chaining value. The compression function is described as follows:
1.1.1 Message Expansion
1.1.2 State Update Transformation
WikiTeX: latex reported a failure, namely:
/data/www/ehash/html/extensions/wikitex/wikitex.sh: line 59: latex: command not found
<math>
B_{i+1} = A_i
</math>
<math>
C_{i+1} = B_i >> 2
</math>
<math>
D_{i+1} = C_i
</math>
<math>
E_{i+1} = D_i
</math>
1.2 Padding Method
1.3 Initial Value and Constants
WikiTeX: latex reported a failure, namely:
/data/www/ehash/html/extensions/wikitex/wikitex.sh: line 59: latex: command not found
2 Claimed Security Margins
3 Security Anaylsis
- Best know attack: <math>2^{63}</math> by Wang et.al.
- Best known collision example: 64-step collision by De Canniere and Rechberger
something like: best know attack to date: kind of attack, which variant has been looked at (e.g. round-reduced), complexity, and reference to paper and abstract.
may be make here a new page with the other cryptanalysis results.