Skip to main content
SpringerLink
Log in

Classification and generation of disturbance vectors for collision attacks against SHA-1

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

The main contribution of this paper is to provide a classification of disturbance vectors used in differential collision attacks against \({\tt{SHA}-1}\) . We show that all published disturbance vectors can be classified into two types of vectors, type-I and type-II. We present a deterministic algorithm which produce efficient disturbance vectors with respect to any given cost function. We define two simple cost functions to evaluate the efficiency of a candidate disturbance vector. Using our algorithm and those cost function we retrieved all previously known vectors and found that the most efficient disturbance vector is the one first reported as Codeword2 by Jutla and Patthak, A matching lower bound on the minimum weight of SHA-1 expansion code. Cryptology ePrint Archive, Report 2005/266, (2005). We also present a statistical evaluation of local collisions’ holding probabilities and show that the common assumption of local collision independence is flawed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Biham E., Chen R.: Near-collisions of SHA-0. In: Franklin M.K. (ed.) Advances in Cryptology—CRYPTO 2004, vol. 3152 of Lecture Notes in Computer Science, pp. 290–305. Springer-Verlag, Berlin (2004).

  2. Biham E., Chen R., Joux A., Carribault P., Lemuet C., Jalby W.: Collisions of SHA-0 and reduced SHA-1. In: Cramer R. (ed.) Advances in Cryptology—EUROCRYPT 2005, vol. 3494 of Lecture Notes in Computer Science, pp. 36–57. Springer-Verlag, Berlin (2005).

  3. Chabaud F., Joux A.: Differential collisions in SHA-0. In: Krawczyk H. (ed.) Advances in Cryptology—CRYPTO 1998, vol. 1462 of Lecture Notes in Computer Science, pp. 56–71. Springer-Verlag, Berlin (1998).

  4. De Cannière C., Rechberger C.: Finding SHA-1 characteristics: General results and applications. In: Lai X. Chen K. (eds.) Advances in Cryptology—ASIACRYPT 2006, vol. 4284 of Lecture Notes in Computer Science, pp. 1–20. Springer-Verlag, Berlin (2006).

  5. De Cannière C., Mendel F., Rechberger C.: Collisions for 70-step SHA-1: on the full cost of collision search. In: Adams C., Miri A., Wiener M. (eds.) Selected Areas in Cryptography—SAC 2007, vol. 4876 of Lecture Notes in Computer Science, pp. 56–73. Springer-Verlag, Berlin (2007).

  6. Joux A., Peyrin T.: Hash functions and the (amplified) boomerang attack. In: Menezes A. (ed.) Advances in Cryptology—CRYPTO 2007, vol. 4622 of Lecture Notes in Computer Science, pp. 244–263. Springer-Verlag, Berlin (2007).

  7. Jutla C.S., Patthak A.C.: A matching lower bound on the minimum weight of SHA-1 expansion code. Cryptology ePrint Archive, Report 2005/266. http://eprint.iacr.org (2005).

  8. Manuel S.: Classification and generation of disturbance vectors for collision attacks against SHA-1. Cryptology ePrint Archive, Report 2008/469. http://eprint.iacr.org (2008).

  9. Manuel S., Peyrin T.: Collisions on SHA-0 in one hour. In Nyberg K. (ed.) Fast Software Encryption—FSE 2008, vol. 5086 of Lecture Notes in Computer Science, pp 16–35. Springer-Verlag, Berlin (2008).

  10. Matusiewicz K., Pieprzyk J.: Finding good differential patterns for attacks on SHA-1. In: Proceedings of International Workshop on Coding and Cryptography—WCC 2005, vol. 3969 of Lecture Notes in Computer Science, pp. 164–177. Springer-Verlag, Berlin (2005).

  11. Mendel F., Pramstaller N., Rechberger C., Rijmen V.: The impact of carries on the complexity of collision attacks on SHA-1. In: Robshaw M.J.B. (ed.) Fast Software Encryption—FSE 2006, vol. 4047 of Lecture Notes in Computer Science, pp. 278–292. Springer-Verlag, Berlin (2006).

  12. Naito Y., Sasaki Y., Shimoyama T., Yajima J., Kunihiro N., Otha K.: Improved collision search for SHA-0. In: Lai X., Chen K. (eds.) Advances in Cryptology—ASIACRYPT 2006, vol. 4284 of Lecture Notes in Computer Science, pp. 21–36. Springer-Verlag, Berlin (2006).

  13. National Institute of Standards and Technology. FIPS 180: Secure Hash Standard, May. http://csrc.nist.gov (1993).

  14. National Institute of Standards and Technology. FIPS 180-1: Secure Hash Standard, April. http://csrc.nist.gov (1995).

  15. Peyrin T.: Analyse de fonctions de hachage cryptographiques. Ph.D. Thesis in Cryptology (2008).

  16. Pramstaller N., Rechberger C., Rijmen V.: Exploiting coding theory for collision attacks on SHA-1. In: Smart N.P. (ed.) Cryptography and Coding 2005, vol. 3796 of Lecture Notes in Computer Science, pp. 78–95. Springer-Verlag, Berlin (2005).

  17. Rechberger C., Rijmen V.: On authentication with HMAC and non-random properties. In: Dietrich S., Dhamija R. (eds.) Finential Cryptography 2007, vol. 4886 of Lecture Notes in Computer Science, pp. 119–133. Springer-Verlag, Berlin (2007).

  18. Rechberger C., Rijmen V.: New results on NMAC/HMAC when instantiated with popular hash functions. In: Mu Y. (ed.) Special Issue on Cryptography in Computer System Security, vol. 14, No. 2 of J. Univers. Comput. Sci., Journal of Univers. Comput. Sci. (2008).

  19. Rijmen V., Oswald E.: Update on SHA-1. In: Menezes A.J. (ed.) The Cryptographers’ Track at the RSA Conference—CT-RSA 2005, vol. 3376 of Lecture Notes in Computer Science, pp. 58–71. Springer-Verlag, Berlin (2005).

  20. Sugita M., Kawazoe M., Perret L., Imai H.: Algebraic cryptanalysis of 58-round SHA-1. In: Biryukov A. (ed.) Fast Software Encryption—FSE 2007, vol. 4593 of Lecture Notes in Computer Science, pp. 349–365. Springer-Verlag, Berlin (2007).

  21. Wang X., Yu H., Yin Y.L.: Efficient collision search attacks on SHA-0. In: Shoup V. (ed.) Advances in Cryptology—CRYPTO 2005, vol. 3621 of Lecture Notes in Computer Science, pp. 1–16. Springer-Verlag, Berlin (2005).

  22. Wang X., Yin Y.L., Yu H.: Finding collisions in the full SHA-1. In: Shoup V. (ed.) Advances in Cryptology—CRYPTO 2005, vol. 3621 of Lecture Notes in Computer Science, pp. 17–36. Springer-Verlag, Berlin (2005).

  23. Wang X., Yin Y.L., Yu H.: New collision search for SHA-1. In: Proceedings of NIST Cryptographic Hash Workshop. http://csrc.nist.gov (2005).

  24. Yajima J., Iwasaki T., Naito Y., Sasaki Y., Shimoyama T., Kunihiro N., Ohta K.: A strict evaluation method on the number of conditions for the SHA-1 collision search. In: Proceedings of the ASIACCS 2008, 18–20 March, Tokyo, Japan (2008).

Download references

Author information

Authors and Affiliations

  1. CRI Paris-Rocquencourt, 78153, Le Chesnay Cedex, France

    Stéphane Manuel

Authors
  1. Stéphane Manuel
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stéphane Manuel.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Manuel, S. Classification and generation of disturbance vectors for collision attacks against SHA-1. Des. Codes Cryptogr. 59, 247–263 (2011). https://doi.org/10.1007/s10623-010-9458-9

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-010-9458-9

Keywords

Mathematics Subject Classification (2000)

Search

Navigation