Designs, Codes and Cryptography

, Volume 59, Issue 1, pp 247–263

Classification and generation of disturbance vectors for collision attacks against SHA-1

Authors

Article

DOI: 10.1007/s10623-010-9458-9

Cite this article as:
Manuel, S. Des. Codes Cryptogr. (2011) 59: 247. doi:10.1007/s10623-010-9458-9

Abstract

The main contribution of this paper is to provide a classification of disturbance vectors used in differential collision attacks against \({\tt{SHA}-1}\) . We show that all published disturbance vectors can be classified into two types of vectors, type-I and type-II. We present a deterministic algorithm which produce efficient disturbance vectors with respect to any given cost function. We define two simple cost functions to evaluate the efficiency of a candidate disturbance vector. Using our algorithm and those cost function we retrieved all previously known vectors and found that the most efficient disturbance vector is the one first reported as Codeword2 by Jutla and Patthak, A matching lower bound on the minimum weight of SHA-1 expansion code. Cryptology ePrint Archive, Report 2005/266, (2005). We also present a statistical evaluation of local collisions’ holding probabilities and show that the common assumption of local collision independence is flawed.

Keywords

Hash functions \({\tt{SHA}-1}\) Collision attack Disturbance vector Local collisions independence

Mathematics Subject Classification (2000)

94A60

Copyright information

© Springer Science+Business Media, LLC 2010