A New Strategy for Finding a Differential Path of SHA-1
In this paper, we propose a new construction algorithm for finding differential paths of Round 1 of SHA-1 for use in the collision search attack. Generally, the differential path of Round 1 is very complex, and it takes much time to find one by hand. Therefore, we propose a new search algorithm that consists of three sub searches, naming the forward search, the backward search, and the joint search, so that we can find a differential path by computers. By implementing our new algorithm and doing some experiments on a computer, we actually found 383 differential paths in the joint search that are different from Wang’s. Since it is designed by quite a new policy, our algorithm can search a range of space that was not examined by existing algorithms.
Unable to display preview. Download preview PDF.
- 1.NIST. Secure hash standard. Federal Information Processing Standard, FIPS180-1 (April 1995)Google Scholar
- 2.Wang, X.: The Collision Attack on SHA-0 (in Chinese) (to appear), http://www.infosec.edu.cn
- 3.Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005)Google Scholar
- 4.Biham, E., Chen, R., Joux, A., Carribault, P., Lemuet, C., Jalby, W.: Collisions in SHA-0 and Reduced SHA-1. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 36–57. Springer, Heidelberg (2005)Google Scholar
- 5.Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)Google Scholar
- 6.Wang, X., Yao, A.C, Yao, F.: Cryptanalysis on SHA-1 Hash Function. Keynote Speech at CRYPTOGRAPHIC HASH WORKSHOPGoogle Scholar
- 7.Wang, X.: Cryptanalysis of Hash functions and Potential Dangers. Invited Talk at CT-RSA (2006)Google Scholar
- 8.Hawkes, P., Paddon, M., Rose, G.: Automated Search for Round 1 Differentials for SHA-1: Work in Progress. NIST SECOND CRYPTOGRAPHIC HASH WORKSHOP (August 2006)Google Scholar
- 9.Cannière, C.D., Rechberger, C.: Finding SHA-1 Characteristics. ASIACRYPT (2006)Google Scholar
- 10.Cannière, C.D., Rechberger, C.: Finding SHA-1 Characteristics: General Results and Applications. NIST SECOND CRYPTOGRAPHIC HASH WORKSHOP (August 2006)Google Scholar
- 11.Wang, X.: Private Communication in JapanGoogle Scholar