Open AccessJournal Article
Collisions for 70-Step SHA-1: On the Full Cost of Collision Search
Reads0
Chats0
TLDR
In this article, the authors survey different techniques for fast collision search in SHA-1 and similar hash functions and propose a simple but effective method to facilitate comparison, and give complexity estimates and performance measurements of this new and improved collision search method.Abstract:
The diversity of methods for fast collision search in SHA-1 and similar hash functions makes a comparison of them difficult. The literature is at times very vague on this issue, which makes comparison even harder. In situations where differences in estimates of attack complexity of a small factor might influence short-term recommendations of standardization bodies, uncertainties and ambiguities in the literature amounting to a similar order of magnitude are unhelpful. We survey different techniques and propose a simple but effective method to facilitate comparison. In a case study, we consider a newly developed attack on 70-step SHA-1, and give complexity estimates and performance measurements of this new and improved collision search method.read more
Citations
More filters
Book ChapterDOI
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
TL;DR: The rebound attack consists of an inbound phase with a match-in-the-middle part to exploit the available degrees of freedom in a collision attack to efficiently bypass the low probability parts of a differential trail.
Book ChapterDOI
The first collision for full SHA-1
TL;DR: The SHA-1 hash function standard was deprecated by NIST in 2011 due to fundamental security weaknesses demonstrated in various analyses and theoretical attacks as mentioned in this paper, and was replaced by the SHA-2 standard.
Journal Article
The first collision for full SHA-1.
TL;DR: SHA-1 is a widely used 1995 NIST cryptographic hash function standard that was officially deprecated by NIST in 2011 due to fundamental security weaknesses demonstrated in various analyses and theoretical attacks.
Book ChapterDOI
Rebound Distinguishers: Results on the Full Whirlpool Compression Function
TL;DR: This work presents a distinguishing attack on the full compression function of Whirlpool by improving the rebound attack on reducedWhirlpool with two new techniques and shows how to turn this near-collision attack into a distinguishable attack for the full 10 round compression function.
Book ChapterDOI
New Collision Attacks on SHA-1 Based on Optimal Joint Local-Collision Analysis
TL;DR: Novel techniques are introduced that enable us to determine the theoretical maximum success probability for a given set of (dependent) local colli- sions, as well as the smallest set of message conditions that attains this probability.
References
More filters
Book ChapterDOI
Finding collisions in the full SHA-1
TL;DR: This is the first attack on the full 80-step SHA-1 with complexity less than the 280 theoretical bound, and it is shown that collisions ofSHA-1 can be found with complexityLess than 269 hash operations.
Book ChapterDOI
How to break MD5 and other hash functions
Xiaoyun Wang,Hongbo Yu +1 more
TL;DR: A new powerful attack on MD5 is presented, which unlike most differential attacks, does not use the exclusive-or as a measure of difference, but instead uses modular integer subtraction as the measure.
Book ChapterDOI
Cryptanalysis of the hash functions MD4 and RIPEMD
TL;DR: In this article, a chosen-message pre-image attack on MD4 with complexity below 28 was presented, where the complexity is only a single MD4 computation and a random message is a weak message with probability 2−2 to 2−6.
Book ChapterDOI
Efficient collision search attacks on SHA-0
TL;DR: Using the new techniques, this paper can find collisions of the full 80-step SHA-0 with complexity less than 239 hash operations.
Book ChapterDOI
Finding SHA-1 characteristics: general results and applications
TL;DR: A method to search for characteristics in an automatic way for multi-block attacks, and as a proof of concept, gives a two-block collision for 64-step SHA-1 based on a new characteristic.