Difference between revisions of "SHA-1"
(→Collision Attacks) |
(→Collision Attacks) |
||
| Line 19: | Line 19: | ||
author = {Norbert Pramstaller and Christian Rechberger and Vincent Rijmen}, | author = {Norbert Pramstaller and Christian Rechberger and Vincent Rijmen}, | ||
title = {Exploiting Coding Theory for Collision Attacks on SHA-1}, | title = {Exploiting Coding Theory for Collision Attacks on SHA-1}, | ||
| − | booktitle = { | + | booktitle = {Cryptography and Coding 2005}, |
year = {2005}, | year = {2005}, | ||
editor = {Nigel P. Smart}, | editor = {Nigel P. Smart}, | ||
| Line 49: | Line 49: | ||
@MISC{Wang2005NewCollisionSearch, | @MISC{Wang2005NewCollisionSearch, | ||
author = {Xiaoyun Wang and Andrew Yao and Frances Yao}, | author = {Xiaoyun Wang and Andrew Yao and Frances Yao}, | ||
| − | title = | + | title = {New Collision Search for SHA-1}, |
month = {August}, | month = {August}, | ||
year = {2005}, | year = {2005}, | ||
| + | howpublished = {Presented at rump session of CRYPTO 2005}, | ||
note = {Presented at rump session of CRYPTO 2005}, | note = {Presented at rump session of CRYPTO 2005}, | ||
owner = {npramstaller}, | owner = {npramstaller}, | ||
| Line 60: | Line 61: | ||
@MISC{Wang2005CryptanalysisOfSHA1, | @MISC{Wang2005CryptanalysisOfSHA1, | ||
author = {Xiaoyun Wang and Andrew Yao and Frances Yao}, | author = {Xiaoyun Wang and Andrew Yao and Frances Yao}, | ||
| − | title = | + | title = {Cryptanalysis of SHA-1}, |
howpublished = {Presented at the Cryptographic Hash Workshop hosted by NIST}, | howpublished = {Presented at the Cryptographic Hash Workshop hosted by NIST}, | ||
month = {October}, | month = {October}, | ||
| Line 70: | Line 71: | ||
@INPROCEEDINGS{Wang2005FindingCollisionsin, | @INPROCEEDINGS{Wang2005FindingCollisionsin, | ||
author = {Xiaoyun Wang and Yiqun Lisa Yin and Hongbo Yu}, | author = {Xiaoyun Wang and Yiqun Lisa Yin and Hongbo Yu}, | ||
| − | title = | + | title = {Finding Collisions in the Full SHA-1}, |
booktitle = {Advances in Cryptology - CRYPTO 2005}, | booktitle = {Advances in Cryptology - CRYPTO 2005}, | ||
year = {2005}, | year = {2005}, | ||
Revision as of 14:24, 23 October 2006
Contents
1 General
- digest size: 160 bits
- max. message length: < 264 bits
- type: iterative hash function
- compression function: 512-bit message block, 160-bit chaining variable
- Specification: FIPS 180-2 Secure Hash Standard
2 Cryptanalysis
2.1 Best Known Results
The best collision attack on full SHA-1 was published by Wang etal. It has complexity of 269 hash evaluations. The best collision example, a 64-step collision for SHA-1, was publshed by DeCanniere and Rechberger.
2.2 Collision Attacks
Norbert Pramstaller, Christian Rechberger, Vincent Rijmen - Exploiting Coding Theory for Collision Attacks on SHA-1
- Cryptography and Coding 2005 3796:78-95,2005
- http://dx.doi.org/10.1007/11586821_7
BibtexAuthor : Norbert Pramstaller, Christian Rechberger, Vincent Rijmen
Title : Exploiting Coding Theory for Collision Attacks on SHA-1
In : Cryptography and Coding 2005 -
Address :
Date : 2005
Norbert Pramstaller, Christian Rechberger, Vincent Rijmen - Impact of Rotations in SHA-1 and Related Hash Functions.
- SAC 2005 3897:261-275,2006
- http://dx.doi.org/10.1007/11693383_18
BibtexAuthor : Norbert Pramstaller, Christian Rechberger, Vincent Rijmen
Title : Impact of Rotations in SHA-1 and Related Hash Functions.
In : SAC 2005 -
Address :
Date : 2006
Xiaoyun Wang, Andrew Yao, Frances Yao - New Collision Search for SHA-1
Xiaoyun Wang, Andrew Yao, Frances Yao - Cryptanalysis of SHA-1
- , October 2005
- BibtexAuthor : Xiaoyun Wang, Andrew Yao, Frances Yao
Title : Cryptanalysis of SHA-1
In : -
Address :
Date : October 2005
Xiaoyun Wang, Yiqun Lisa Yin, Hongbo Yu - Finding Collisions in the Full SHA-1
- Advances in Cryptology - CRYPTO 2005 3621:17--36,2005
- http://dx.doi.org/10.1007/11535218_2
BibtexAuthor : Xiaoyun Wang, Yiqun Lisa Yin, Hongbo Yu
Title : Finding Collisions in the Full SHA-1
In : Advances in Cryptology - CRYPTO 2005 -
Address :
Date : 2005
Vincent Rijmen, Elisabeth Oswald - Update on SHA-1
- CT-RSA 2005 3376:58--71,2005
- http://dx.doi.org/10.1007/b105222
BibtexAuthor : Vincent Rijmen, Elisabeth Oswald
Title : Update on SHA-1
In : CT-RSA 2005 -
Address :
Date : 2005
Eli Biham, Rafi Chen, Antoine hirose, Patrick Carribault, Christophe Lemuet, William Jalby - Collisions of SHA-0 and Reduced SHA-1
- Advances in Cryptology - EUROCRYPT 2005 3494:36--57,2005
- http://dx.doi.org/10.1007/11426639_3
BibtexAuthor : Eli Biham, Rafi Chen, Antoine hirose, Patrick Carribault, Christophe Lemuet, William Jalby
Title : Collisions of SHA-0 and Reduced SHA-1
In : Advances in Cryptology - EUROCRYPT 2005 -
Address :
Date : 2005
Akashi Satoh - Hardware Architecture and Cost Estimates for Breaking SHA-1.
- ISC 2005 3650:259-273,2005
- http://dx.doi.org/10.1007/11556992_19
BibtexAuthor : Akashi Satoh
Title : Hardware Architecture and Cost Estimates for Breaking SHA-1.
In : ISC 2005 -
Address :
Date : 2005
2.3 Second Preimage Attacks
- There exists a generic attack (works for all iterated hash functions). See ....
2.4 Preimage Attacks
- We are not aware of any article regarding preimage attacks on SHA-1.
2.5 Others
everything that does not fit into coll/(2nd)preimage and implementation
3 Performance Evaluation / Implementation (HW and SW)
Yong Ki Lee, Herwin Chan, Ingrid Verbauwhede - Throughput Optimized SHA-1 Architecture Using Unfolding Transformation.
- ASAP 2006 pp. 354-359,2006
- http://doi.ieeecomputersociety.org/10.1109/ASAP.2006.68
BibtexAuthor : Yong Ki Lee, Herwin Chan, Ingrid Verbauwhede
Title : Throughput Optimized SHA-1 Architecture Using Unfolding Transformation.
In : ASAP 2006 -
Address :
Date : 2006
4 eHash Recommendation (optional) or eHash Opinion
Something like: SHA-1 is considered to be broken. Please do not incorporate SHA-1 in new application any longer. Try to migrate to another hash function.
