Efficient Hash Collision Search Strategies on Special-Purpose Hardware

Authors:
Tim Güneysu;Christof Paar;Sven Schäge
Affiliations:
Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany;Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany;Horst Görtz Institute for IT Security, Ruhr University Bochum, Germany
Venue:
Research in Cryptology
Year:
2008

Citing 9
Cited 0

Handbook of Applied Cryptography

Handbook of Applied Cryptography
A Design Principle for Hash Functions

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
One Way Hash Functions and DES

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of DES-like Cryptosystems

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Differential Collisions in SHA-0

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Finding SHA-1 characteristics: general results and applications

ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
On the possibility of constructing meaningful hash collisions for public keys

ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques

Quantified Score

Hi-index	0.00

Visualization

Abstract

Hash functions play an important role in various cryptographic applications. Modern cryptography relies on a few but supposedly well analyzed hash functions which are mostly members of the so-called MD4-family. This work shows whether it is possible to significantly speedup collision search for MD4-family hash functions using special-purpose hardware. A thorough analysis of the computational requirements for MD4-family hash functions and corresponding collision attacks reveals that a microprocessor based architecture is best suited for the implementation of collision search algorithms. Consequently, we designed and implemented a (concerning MD4-family hash-functions) general-purpose microprocessor with minimal area requirements and, based on this, a full collision search unit. Comparing the performance characteristics of both ASICs with standard PC processors and clusters, it turns out that our design, massively parallelized, is nearly four times more cost-efficient than parallelized standard PCs. Although with further optimizations this factor can certainly be improved, we believe that special-purpose hardware does not provide a too significant benefit for hash collision search algorithms with respect to modern off-the-shelf general-purpose processors.