Advertisement

Collisions of SHA-0 and Reduced SHA-1

  • Eli Biham
  • Rafi Chen
  • Antoine Joux
  • Patrick Carribault
  • Christophe Lemuet
  • William Jalby
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3494)

Abstract

In this paper we describe improvements to the techniques used to cryptanalyze SHA-0 and introduce the first results on SHA-1. The results include a generic multi-block technique that uses near-collisions in order to find collisions, and a four-block collision of SHA-0 found using this technique with complexity 251. Then, extension of this and prior techniques are presented, that allow us to find collisions of reduced versions of SHA-1. We give collisions of variants with up to 40 rounds, and show the complexities of longer variants. These techniques show that collisions up to about 53–58 rounds can still be found faster than by birthday attacks.

Keywords

Hash Function Compression Function Disturbance Vector Fourth Block Instruction Level Parallelism 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Biham, E., Chen, R.: Near-Collisions of SHA-0. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 290–305. Springer, Heidelberg (2004)Google Scholar
  2. 2.
    Chabaud, F., Joux, A.: Differential Collisions in SHA-0. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56–71. Springer, Heidelberg (1998)Google Scholar
  3. 3.
    National Institute of Standards and Technologies, Secure Hash Standard, Federal Information Processing Standards Publication, FIPS-180 (May 1993)Google Scholar
  4. 4.
    National Institute of Standards and Technologies, Secure Hash Standard, Federal Information Processing Standards, Publication FIPS-180-1 (April 1995)Google Scholar
  5. 5.
    Rivest, R.: The MD4 Message-Digest Algorithm, Network Working Group, Request for Comments:1186 (October 1990)Google Scholar
  6. 6.
    Rivest, R.: The MD5 Message-Digest Algorithm, Network Working Group, Request for Comments:1321 (April 1992)Google Scholar
  7. 7.
    Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis for Hash Functions MD4 and RIPEMD. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 1–18. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Rijmen, V., Oswald, E.: Update on SHA-1. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 58–71. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Eli Biham
    • 1
  • Rafi Chen
    • 1
  • Antoine Joux
    • 2
    • 3
  • Patrick Carribault
    • 3
  • Christophe Lemuet
    • 3
  • William Jalby
    • 3
  1. 1.Computer Science DepartmentTechnion – Israel Institute of TechnologyHaifaIsrael
  2. 2.DGA 
  3. 3.Laboratoire PRISMUniversité de Versailles St-Quentin-en-YvelinesVersailles CedexFrance

Personalised recommendations