Difference between revisions of "SHA-1"

From The ECRYPT Hash Function Website
(Collision Attacks)
Line 15: Line 15:
 
=== Collision Attacks ===
 
=== Collision Attacks ===
  
 +
<bibtex>
 +
@inproceedings{ctrsaRijmenO05,
 +
  author    = {Vincent Rijmen and Elisabeth Oswald},
 +
  title    = {Update on SHA-1},
 +
  booktitle = {CT-RSA},
 +
  year      = {2005},
 +
  pages    = {58-71},
 +
  ee        = {http:/springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{\&}volume=3376{\&}spage=58},
 +
  abstract  = {We report on the experiments we performed in order to assess the security of SHA-1 against the attack by Chabaud and Joux [5]. We present some ideas for optimizations of the attack and some properties of the message expansion routine. Finally, we show that for a reduced version of SHA-1, with 53 rounds instead of 80, it is possible to find collisions in less than 2^80 operations.} }
 +
</bibtex>
 
----
 
----
 
  
 
=== Preimage Attacks ===
 
=== Preimage Attacks ===

Revision as of 00:30, 8 March 2008

1 General

2 Cryptanalysis

2.1 Best Known Results

The best collision attack on full SHA-1 was published by Wang et al. It has complexity of 269 hash evaluations. The best collision example, a 70-step collision for SHA-1, was published by DeCanniere, Mendel and Rechberger.


2.2 Collision Attacks

Vincent Rijmen, Elisabeth Oswald - Update on SHA-1

CT-RSA pp. 58-71,2005
Bibtex
Author : Vincent Rijmen, Elisabeth Oswald
Title : Update on SHA-1
In : CT-RSA -
Address :
Date : 2005

2.3 Preimage Attacks

  • We are not aware of any articles w.r.t. preimage attacks on SHA-1.

2.4 Others

3 eHash Recommendation (optional) or eHash Opinion

Something like: SHA-1 is considered to be broken. Please do not incorporate SHA-1 in new application any longer. Try to migrate to another hash function.