Impact of rotations in SHA-1 and related hash functions

Authors:
Norbert Pramstaller;Christian Rechberger;Vincent Rijmen
Affiliations:
Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Austria;Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Austria;Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Austria
Venue:
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Year:
2005

Citing 11
Cited 1

Digital integrated circuits: a design perspective

Digital integrated circuits: a design perspective
HAS-V: A New Hash Function with Variable Output Length

SAC '00 Proceedings of the 7th Annual International Workshop on Selected Areas in Cryptography
Differential Collisions in SHA-0

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
A Study on the Proposed Korean Digital Signature Algorithm

ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Update on SHA-1

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Efficient collision search attacks on SHA-0

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Collisions of SHA-0 and reduced SHA-1

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Exploiting coding theory for collision attacks on SHA-1

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding

Preimages for Reduced SHA-0 and SHA-1

CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

SHA-1 uses a single set of rotation constants within the compression function. However, most other members of the MD4 family of hash functions use multiple sets of rotation constants, i.e. the rotation amounts change with the step being processed. To our knowledge, no design rationales on the choice of rotation constants are given on any of these hash functions. This is the first paper that analyzes rotations in iterated hash functions. We focus on SHA-1-like hash functions and use recent developments in the analysis of these hash functions to evaluate the security implications of using multiple sets of rotation constants in the compression function instead of a single set. Additionally, we give some observations on the set of constants used in SHA-0 and SHA-1.