Skip to main content
Springer Nature Link
Log in

Modifications of SHA-0 to Prevent Attacks

  • Conference paper
Information Systems Security (ICISS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3803))

Included in the following conference series:

  • 1048 Accesses

Abstract

One of the most popular hash algorithms is the SHA-0, proposed by NIST. However, researchers have already found security flaws in SHA-0, thereby also posing a threat against other algorithms of the SHA family. In this paper we present two simple modifications which can be easily incorporated into the original SHA-0 algorithm to make it secure against one of its most basic attack methodologies. We further show that the modified algorithm performs equally well as the original one when compared against standard metrics that are used to evaluate hash functions. We have developed a prototype tool to compare and evaluate the modified and the original SHA-0 algorithm.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Anderson, R., Biham, E.: Tiger: A Fast New Hash Function. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 89–97. Springer, Heidelberg (1996)

    Google Scholar 

  2. Bakhtiari, S., Safavi-Naini, R., Pieprzyk, J.: Cryptographic Hash Functions: A Survey, http://www.securitytechnet.com/resource/crypto/algorithm/Symmetric/bakhtiari95cryptographic.pdf

  3. Berson, T.: Differential Cryptanalysis Mod 232 with Applications to MD5. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 71–80. Springer, Heidelberg (1993)

    Chapter  Google Scholar 

  4. Biham, E., Chen, R.: Near-Collisions of SHA-0 -2004. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 290–306. Springer, Heidelberg (2004)

    Google Scholar 

  5. Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)

    Article  MATH  MathSciNet  Google Scholar 

  6. Boer, B., Bosselaers, A.: An attack on the last two rounds of MD4. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 194–203. Springer, Heidelberg (1992)

    Google Scholar 

  7. Boer, B., Bosselaers, A.: Collisions for the Compression Function of MD5. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 293–305. Springer, Heidelberg (1994)

    Google Scholar 

  8. Chabaud, F., Joux, A.: Differential Collisions in SHA-0. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56–71. Springer, Heidelberg (1998)

    Google Scholar 

  9. Dobbertin, H.: Cryptanalysis of MD4. Journal of Cryptology 11(4), 253–271 (1998)

    Article  MATH  Google Scholar 

  10. Dobbertin, H.: Cryptanalysis of MD5 Compress. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070. Springer, Heidelberg (1996)

    Google Scholar 

  11. Dobbertin, H.: The Status of MD5 After a Recent Attack. CryptoBytes (Summer 1996)

    Google Scholar 

  12. Dobbertin, H., Bosselaers, A., Preneel, B.: RIPEMD-160, a strengthened version of RIPEMD. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 71–82. Springer, Heidelberg (1996)

    Google Scholar 

  13. Gajewski, T.A., Janicka-Lipska, I., Stoklosa, J.: The FSR-255 family of hash functions with a variable length of hash result. In: Artificial Intelligence and Security in Computing Systems, pp. 239–248. Kluwer Academic Publishers, Dordrecht (2003)

    Google Scholar 

  14. Joux, A.: Collisions in SHA-0. In: Short Talk presented at CRYPTO 2004 Rump Session (2004)

    Google Scholar 

  15. Karras, D.A., Zorkadis, V.: A Novel Suite for Evaluating One-Way Hash Functions for Electronic Commerce Applications. In: Proceedings of the 26th EUROMICRO 2000, vol. 2, pp. 2464–2468 (2000)

    Google Scholar 

  16. Kaliski Jr., B.S.: RFC 1319: The MD2 Message-Digest Algorithm. RSA Laboratories (April 1992)

    Google Scholar 

  17. National Institute of Standards and Technology, Secure Hash Standard, FIPS Publication-180 (1993)

    Google Scholar 

  18. National Institute of Standards and Technology, Secure Hash Standard, FIPS Publication- 180-1 (1995)

    Google Scholar 

  19. National Institute of Standards and Technology, Secure Hash Standard, FIPS Publication-180-2 (2002)

    Google Scholar 

  20. NIST Brief Comments on Recent Cryptanalytic Attacks on Secure Hashing Functions and the Continued Security Provided by SHA-1, http://csrc.nist.gov/news.highlights/NIST-brief-Comments-on-SHA1-attack.pdf

  21. Rijmen, V., Oswald, E.: Update on SHA-1. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 58–71. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  22. Rivest, R.: The MD4 Message Digest Algorithm. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 303–311. Springer, Heidelberg (1991)

    Google Scholar 

  23. Rivest, R.L.: RFC 1320: The MD4 Message-Digest Algorithm, Network Working Group (1992)

    Google Scholar 

  24. Rivest, R.: The MD5 Digest Algorithm, Network Working Group Request for Comments: 1321 (April 1992), http://theory.lcs.mit.edu/~rivest/Rivest-MD5.txt

  25. Schneier, B.: Applied Cryptography, 2nd edn. John Wiley and Sons, Inc., Chichester

    Google Scholar 

  26. Stallings, W.: Cryptography and Network Security Principles and Practice, 3rd edn. Prentice Hall India, Englewood Cliffs

    Google Scholar 

  27. Wang, X., Yin, Y.L., Yu, H.: Collision Search Attacks on SHA-1 (February 13 2005), http://theory.csail.mit.edu/~yiqun/shanote.pdf

  28. Zheng, Y., Pieprzyk, J., Seberry, J.: HAVAL - A One-Way Hashing Algorithm with Variable Length of Output. In: Zheng, Y., Seberry, J. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 83–104. Springer, Heidelberg (1993)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science & Engineering, Indian Institute of Technology, Kharagpur, 721302, India

    Roshni Chatterjee, Moiz A. Saifee & Dipanwita RoyChowdhury

Authors
  1. Roshni Chatterjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Moiz A. Saifee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dipanwita RoyChowdhury
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, VA 22030, Fairfax, USA

    Sushil Jajodia

  2. Jadavpur University, 7000032, Kolkata, India

    Chandan Mazumdar

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chatterjee, R., Saifee, M.A., RoyChowdhury, D. (2005). Modifications of SHA-0 to Prevent Attacks. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_21

Download citation

  • DOI: https://doi.org/10.1007/11593980_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30706-8

  • Online ISBN: 978-3-540-32422-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics