Algebraic cryptanalysis of 58-round SHA-1

Authors:
Makoto Sugita;Mitsuru Kawazoe;Ludovic Perret;Hideki Imai
Affiliations:
IT Security Center, Information-technology Promotion Agency, Japan, Tokyo, Japan;Faculty of Liberal Arts and Sciences, Osaka Prefecture University, Osaka, Japan;SPIRAL/SALSA, Site Passy-Kennedy, LIP6, Paris 6 University, Paris France;National Institute of Advanced Industrial Science and Technology, Tokyo, Japan and Department of Electrical, Electronic and Communication Engineering, Faculty of Science and Engineering, Chuo Univ ...
Venue:
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Year:
2007

Citing 9
Cited 7

Differential Collisions in SHA-0

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of MD4

Proceedings of the Third International Workshop on Fast Software Encryption
Finding SHA-1 characteristics: general results and applications

ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
Efficient collision search attacks on SHA-0

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Finding collisions in the full SHA-1

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Cryptanalysis of the hash functions MD4 and RIPEMD

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
How to break MD5 and other hash functions

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Collisions of SHA-0 and reduced SHA-1

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Exploiting coding theory for collision attacks on SHA-1

IMA'05 Proceedings of the 10th international conference on Cryptography and Coding

Interactions between computer algebra (Gröbner bases) and cryptology

Proceedings of the 2009 international symposium on Symbolic and algebraic computation
Collisions for 70-step SHA-1: on the full cost of collision search

SAC'07 Proceedings of the 14th international conference on Selected areas in cryptography
Fast exhaustive search for polynomial systems in F2

CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
Matrix representation of conditions for the collision attack of SHA-1 and its application to the message modification

IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Classification and generation of disturbance vectors for collision attacks against SHA-1

Designs, Codes and Cryptography
Solving underdetermined systems of multivariate quadratic equations revisited

PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Solving polynomial systems over finite fields: improved analysis of the hybrid approach

Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation

Quantified Score

Hi-index	0.00

Visualization

Abstract

In 2004, a new attack against SHA-1 has been proposed by a team leaded by Wang [15]. The aim of this article1 is to sophisticate and improve Wang's attack by using algebraic techniques. We introduce new notions, namely semi-neutral bit and adjuster and propose then an improved message modification technique based on algebraic techniques. In the case of the 58-round SHA-1, the experimental complexity of our improved attack is 231 SHA-1 computations, whereas Wang's method needs 234 SHA-1 computations. We have found many new collisions for the 58-round SHA-1. We also study the complexity of our attack for the full SHA-1.