Difference between revisions of "SHA-1"
From The ECRYPT Hash Function Website
(→Cryptanalysis) |
(→eHash Recommendation) |
||
Line 27: | Line 27: | ||
---- | ---- | ||
− | == eHash Recommendation == | + | == eHash Recommendation (optional) or eHash Opinion == |
Something like: SHA-1 is considered to be broken. Please do not incorporate SHA-1 in new application any longer. Try to migrate to another hash function. | Something like: SHA-1 is considered to be broken. Please do not incorporate SHA-1 in new application any longer. Try to migrate to another hash function. |
Revision as of 15:46, 16 October 2006
Contents
1 General
- digest size: 160 bits
- max. message length: < 264 bits
- type: iterative hash function
- compression function: 512-bit message block, 160-bit chaining variable
- Specification: FIPS 180-2 Secure Hash Standard
2 Cryptanalysis
2.1 Best Known Results
Here we summarize the best knonw (published) results.
2.2 Collection of Articles
- Collision Attacks
- Here I would list all papers that deal with SHA-1. We should also give the abstract and the bibtex entry for the corresponding paper. Additionall we should give our opinion about the attack described in the paper.
- Second Preimage Attacks
- There exists a generic attack (works for all iterated hash functions). See ....
- Preimage Attacks
- We are not aware of any article describing preimage attacks on SHA-1.
3 eHash Recommendation (optional) or eHash Opinion
Something like: SHA-1 is considered to be broken. Please do not incorporate SHA-1 in new application any longer. Try to migrate to another hash function.