Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
HAS-V: A New Hash Function with Variable Output Length
SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
A Study on the Proposed Korean Digital Signature Algorithm
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
RIPEMD-160: A Strengthened Version of RIPEMD
Proceedings of the Third International Workshop on Fast Software Encryption
Efficient Algorithms for Computing Differential Properties of Addition
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
Practical Collisions for EnRUPT
Fast Software Encryption
Weaknesses in the HAS-V compression function
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
On the collision resistance of RIPEMD-160
ISC'06 Proceedings of the 9th international conference on Information Security
Finding SHA-1 characteristics: general results and applications
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Message freedom in MD4 and MD5 collisions: application to APOP
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
The differential analysis of S-functions
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Preimage attacks against PKC98-Hash and HAS-V
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
Analysis of differential attacks in ARX constructions
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
Hi-index | 0.00 |
Recent attacks on hash functions start by constructing a differential characteristic. By finding message pairs that satisfy this characteristic, a collision can be found. This paper describes the method of De Cannière and Rechberger to construct generalized characteristics for SHA-1 in more detail. This method is further generalized and applied to a simplified variant of the HAS-V hash function. Using these techniques, a characteristic for 45 steps is found, requiring an effort of about 246 compression function evaluations to find a colliding message pair. A lot of the message bits can still be freely chosen when using this characteristic, greatly increasing its usefulness.