Finding good differential patterns for attacks on SHA-1

Authors:
Krystian Matusiewicz;Josef Pieprzyk
Affiliations:
Centre for Advanced Computing – Algorithms and Cryptography, Department of Computing, Macquarie University, Sydney, Australia;Centre for Advanced Computing – Algorithms and Cryptography, Department of Computing, Macquarie University, Sydney, Australia
Venue:
WCC'05 Proceedings of the 2005 international conference on Coding and Cryptography
Year:
2005

Citing 13
Cited 7

Integrity Primitives for Secure Information Systems: Final Ripe Report of Race Integrity Primitives Evaluation

Integrity Primitives for Secure Information Systems: Final Ripe Report of Race Integrity Primitives Evaluation
The MD4 Message Digest Algorithm

CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Differential Collisions in SHA-0

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
HAVAL - A One-Way Hashing Algorithm with Variable Length of Output

ASIACRYPT '92 Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
An Attack on the Last Two Rounds of MD4

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Update on SHA-1

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Efficient collision search attacks on SHA-0

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Exploiting coding theory for collision attacks on SHA-1

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
The intractability of computing the minimum distance of a code

IEEE Transactions on Information Theory
A new algorithm for finding minimum-weight words in a linear code: application to McEliece's cryptosystem and to narrow-sense BCH codes of length 511

IEEE Transactions on Information Theory

Provably good codes for hash function design

IEEE Transactions on Information Theory
Provably good codes for hash function design

SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
Distinguishing attack on secret prefix MAC instantiated with reduced SHA-1

ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Second-preimage analysis of reduced SHA-1

ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Classification and generation of disturbance vectors for collision attacks against SHA-1

Designs, Codes and Cryptography
Exploiting coding theory for collision attacks on SHA-1

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding
Joux multicollisions attack in sponge construction

Proceedings of the 6th International Conference on Security of Information and Networks

Quantified Score

Hi-index	0.06

Visualization

Abstract

In this paper we analyse properties of the message expansion algorithm of SHA-1 and describe a method of finding differential patterns that may be used to attack reduced versions of SHA-1. We show that the problem of finding optimal differential patterns for SHA-1 is equivalent to the problem of finding minimal weight codeword in a large linear code. Finally, we present a number of patterns of different lengths suitable for finding collisions and near-collisions and discuss some bounds on minimal weights of them.