Update on SHA-1
We report on the experiments we performed in order to assess the security of SHA-1 against the attack by Chabaud and Joux . We present some ideas for optimizations of the attack and some properties of the message expansion routine. Finally, we show that for a reduced version of SHA-1, with 53 rounds instead of 80, it is possible to find collisions in less than 280 operations.
Keywordshash functions cryptanalysis
Unable to display preview. Download preview PDF.
- 1.Biham, E., Chen, R.: Near-collisions of SHA-0. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 290–305. Springer, Heidelberg (2004)Google Scholar
- 2.Biham, E., Chen, R.: Near-Collisions of SHA-0. Cryptology ePrint Archive, Report 2004/146 (2004), version of June 22, http://eprint.iacr.org/
- 3.Canteaut, A., Chabaud, F.: A new algorithm for finding minimum-weight words in a linear code: application to McEliece’s cryptosystem and to narrow-sense BCH codes of length 511. IEEE Transactions on Information Theory 44(1) (January 1998)Google Scholar
- 4.Federal Information Processing Standard 180-2, Secure Hash Standard, (August 1, 2002)Google Scholar
- 5.Chabaud, F., Joux, A.: Differential collisions in SHA-0. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56–71. Springer, Heidelberg (1998)Google Scholar