Difference between revisions of "SHA-1"
(→Others) |
(→Collision Attacks) |
||
Line 14: | Line 14: | ||
=== Collision Attacks === | === Collision Attacks === | ||
− | + | <bibtex> | |
+ | @inproceedings{fseSugitaKPI07, | ||
+ | author = {Makoto Sugita and Mitsuru Kawazoe and Ludovic Perret and Hideki Imai}, | ||
+ | title = {Algebraic Cryptanalysis of 58-Round SHA-1}, | ||
+ | pages = {349-365}, | ||
+ | url = {http://dx.doi.org/10.1007/978-3-540-74619-5_22}, | ||
+ | editor = {Alex Biryukov}, | ||
+ | booktitle = {FSE}, | ||
+ | publisher = {Springer}, | ||
+ | series = {LNCS}, | ||
+ | volume = {4593}, | ||
+ | year = {2007}, | ||
+ | isbn = {978-3-540-74617-1}, | ||
+ | abstract = {In 2004, a new attack against SHA-1 has been proposed | ||
+ | by a team leaded by Wang [15]. The aim of this article is to sophisticate | ||
+ | and improve Wang’s attack by using algebraic techniques. We introduce | ||
+ | new notions, namely semi-neutral bit and adjuster and propose then an | ||
+ | improved message modification technique based on algebraic techniques. | ||
+ | In the case of the 58-round SHA-1, the experimental complexity of our | ||
+ | improved attack is 2<sup>31</sup> SHA-1 computations, whereas Wang’s method needs | ||
+ | 2<sup>34</sup> SHA-1 computations. We have found many new collisions for the 58-round SHA-1. | ||
+ | We also study the complexity of our attack for the full SHA-1.} | ||
+ | } | ||
+ | </bibtex> | ||
<bibtex> | <bibtex> | ||
@inproceedings{sacryptCanniereMR07, | @inproceedings{sacryptCanniereMR07, |
Revision as of 12:19, 11 March 2008
Contents
1 Specification
- digest size: 160 bits
- max. message length: < 264 bits
- compression function: 512-bit message block, 160-bit chaining variable
- Specification: FIPS 180-2 Secure Hash Standard
2 Cryptanalysis
2.1 Best Known Results
The best collision attack on full SHA-1 was published by Wang et al. It has complexity of 269 hash evaluations. The best collision example, a 70-step collision for SHA-1, was published by DeCanniere, Mendel and Rechberger.
2.2 Collision Attacks
Makoto Sugita, Mitsuru Kawazoe, Ludovic Perret, Hideki Imai - Algebraic Cryptanalysis of 58-Round SHA-1
- FSE 4593:349-365,2007
- http://dx.doi.org/10.1007/978-3-540-74619-5_22
BibtexAuthor : Makoto Sugita, Mitsuru Kawazoe, Ludovic Perret, Hideki Imai
Title : Algebraic Cryptanalysis of 58-Round SHA-1
In : FSE -
Address :
Date : 2007
Christophe De Canni\`ere, Florian Mendel, Christian Rechberger - Collisions for 70-Step SHA-1: On the Full Cost of Collision Search
- Selected Areas in Cryptography 4876:56-73,2007
- http://dx.doi.org/10.1007/978-3-540-77360-3_4
BibtexAuthor : Christophe De Canni\`ere, Florian Mendel, Christian Rechberger
Title : Collisions for 70-Step SHA-1: On the Full Cost of Collision Search
In : Selected Areas in Cryptography -
Address :
Date : 2007
Christophe De Canni\`ere, Christian Rechberger - Finding SHA-1 Characteristics: General Results and Applications
- ASIACRYPT 4284:1-20,2006
- http://dx.doi.org/10.1007/11935230_1
BibtexAuthor : Christophe De Canni\`ere, Christian Rechberger
Title : Finding SHA-1 Characteristics: General Results and Applications
In : ASIACRYPT -
Address :
Date : 2006
Charanjit S. Jutla, Anindya C. Patthak - Provably Good Codes for Hash Function Design
- Selected Areas in Cryptography 4356:376-393,2006
- http://dx.doi.org/10.1007/978-3-540-74462-7_26
BibtexAuthor : Charanjit S. Jutla, Anindya C. Patthak
Title : Provably Good Codes for Hash Function Design
In : Selected Areas in Cryptography -
Address :
Date : 2006
Norbert Pramstaller, Christian Rechberger, Vincent Rijmen - Impact of Rotations in SHA-1 and Related Hash Functions
- Selected Areas in Cryptography 3897:261-275,2005
- http://dx.doi.org/10.1007/11693383_18
BibtexAuthor : Norbert Pramstaller, Christian Rechberger, Vincent Rijmen
Title : Impact of Rotations in SHA-1 and Related Hash Functions
In : Selected Areas in Cryptography -
Address :
Date : 2005
Vincent Rijmen, Elisabeth Oswald - Update on SHA-1
- CT-RSA pp. 58-71,2005
- http://dx.doi.org/10.1007/b105222
BibtexAuthor : Vincent Rijmen, Elisabeth Oswald
Title : Update on SHA-1
In : CT-RSA -
Address :
Date : 2005
2.3 Preimage Attacks
- We are not aware of any articles w.r.t. preimage attacks on SHA-1.
2.4 Others
Florian Mendel, Norbert Pramstaller, Christian Rechberger, Vincent Rijmen - The Impact of Carries on the Complexity of Collision Attacks on SHA-1
- FSE 4047:278-292,2006
- http://dx.doi.org/10.1007/11799313_18
BibtexAuthor : Florian Mendel, Norbert Pramstaller, Christian Rechberger, Vincent Rijmen
Title : The Impact of Carries on the Complexity of Collision Attacks on SHA-1
In : FSE -
Address :
Date : 2006
Akashi Satoh - Hardware Architecture and Cost Estimates for Breaking SHA-1
- ISC 3650:259-273,2005
- http://dx.doi.org/10.1007/11556992_19
BibtexAuthor : Akashi Satoh
Title : Hardware Architecture and Cost Estimates for Breaking SHA-1
In : ISC -
Address :
Date : 2005