Open AccessJournal Article
Differential collisions in SHA-0
Florent Chabaud,Antoine Joux +1 more
Reads0
Chats0
TLDR
In this paper, the authors presented a method for finding collisions in SHA-0 which is related to differential cryptanalysis of block ciphers and obtained a theoretical attack on the compression function SHA-O with complexity 2 61, which is thus better than the birthday paradox attack.Abstract:
In this paper we present a method for finding collisions in SHA-0 which is related to differential cryptanalysis of block ciphers. Using this method, we obtain a theoretical attack on the compression function SHA-O with complexity 2 61 , which is thus better than the birthday paradox attack. In the case of SHA-1, this method is unable to find collisions faster than the birthday paradox. This is a strong evidence that the transition to version 1 indeed raised the level of security of SHA.read more
Citations
More filters
Book ChapterDOI
Finding collisions in the full SHA-1
TL;DR: This is the first attack on the full 80-step SHA-1 with complexity less than the 280 theoretical bound, and it is shown that collisions ofSHA-1 can be found with complexityLess than 269 hash operations.
Book ChapterDOI
How to break MD5 and other hash functions
Xiaoyun Wang,Hongbo Yu +1 more
TL;DR: A new powerful attack on MD5 is presented, which unlike most differential attacks, does not use the exclusive-or as a measure of difference, but instead uses modular integer subtraction as the measure.
Journal ArticleDOI
Optimizing the migration of virtual computers
TL;DR: This paper shows how to quickly move the state of a running computer across a network, including the state in its disks, memory, CPU registers, and I/O devices, and calls this state a capsule, and suggests that efficient capsule migration can improve user mobility and system management.
Book ChapterDOI
Biclique cryptanalysis of the full AES
TL;DR: This paper presents the novel technique of block cipher cryptanalysis with bicliques, which leads to the following results: the first key recovery method for the full AES-128 with computational complexity 2126.1.4 and key recovery methods with lower complexity for the reduced-round versions of AES not considered before.
Book ChapterDOI
Cryptanalysis of the hash functions MD4 and RIPEMD
TL;DR: In this article, a chosen-message pre-image attack on MD4 with complexity below 28 was presented, where the complexity is only a single MD4 computation and a random message is a weak message with probability 2−2 to 2−6.
References
More filters
Proceedings Article
The MD5 Message-Digest Algorithm
TL;DR: This document describes the MD5 message-digest algorithm, which takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input.
Book ChapterDOI
The MD4 Message-Digest Algorithm
TL;DR: The MD4 message digest algorithm takes an input message of arbitrary length and produces an output 128-bit "fingerprint" or "message digest", in such a way that it is (hopefully) computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest.
Journal ArticleDOI
A new algorithm for finding minimum-weight words in a linear code: application to McEliece's cryptosystem and to narrow-sense BCH codes of length 511
A. Canteaut,F. Chaband +1 more
TL;DR: An algorithm for finding minimum-weight words in large linear codes is developed that improves all previous attacks on the public-key cryptosystems based on codes and notably points out some weaknesses in McEliece's (1978) cipher.
Book ChapterDOI
Cryptanalysis of MD4
TL;DR: The methods developed to attack RIPEMD can be modified and supplemented such that it is possible to break the full MD4, while previously only partial attacks were known.
Journal Article
Collisions for the compression function of MD5
Bert den Boer,Antoon Bosselaers +1 more
TL;DR: An algorithm is described that establishes a work load of about 2 collisions for the first two rounds of the MD5 compression function to a collision for the entire four round function.