Abstract
A good disturbance vector is one of the key techniques to find SHA-1 collisions and to construct valid differential paths. The main work of this paper is to classify the types of the optimal disturbance vectors. First, we improve the EEM disturbance vectors search algorithm by Manuel. We increase the Hamming weight of information window from 4 to 6, with 244 time complexity, which is 28 times better than that of Manuel’s work. Based on this result, we prove that there are only two types of the optimal disturbance vectors, type-I and type-II, which have minimum weight of 25 in the last 60 of the 80 expanded words, in the total 2512 disturbance vectors searching space.
摘要
创新点
文章改进了搜索扰动向量的EEM算法, 较之原算法, 改进后的算法具有更低的时间复杂度。并在此算法的基础上, 结合计算机辅助, 证明了: 在2512的扰动向量总搜索空间中, 最优扰动向量只有已被公布的Type-I和Type-II两类。这说明, 虽然目前搜索扰动向量的空间仅占总空间2512的极小一部分, 但在剩下的空间中已不存在性质更优的扰动向量, 寻找SHA-1碰撞的范围可大大缩小。
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Biham E, Chen R, Joux A, et al. Collisions of SHA-0 and reduced SHA-1. Lect Notes Comput Sci, 2005, 3494: 36–57
Wang X Y, Yin Y L, Yu H. Efficient collision search attacks on SHA-0. In: Proceedings of 25th Annual International Cryptology Conference, Santa Barbara, 2005. 1–16
Wang X Y, Yin Y L, Yu H. Finding collisions in the full SHA-1. Lect Notes Comput Sci, 2005, 3621: 17–36
Wang X Y, Yin Y L, Yu H. Cryptanalysis on SHA-1. In: Proceedings of NIST Cryptographic Hash Workshop, Gaithersburg, 2005
Joux A, Peyrin T. Hash functions and the (amplified) boomerang attack. Lect Notes Comput Sci, 2007, 4622: 244–263
Matusiewicz K, Pieprzyk J. Finding good differential patterns for attacks on SHA-1. Lect Notes Comput Sci, 2005, 3969: 164–177
Pramstaller N, Rechberger C, Rijmen V. Exploiting coding theory for collision attacks on SHA-1. Lect Notes Comput Sci, 2005, 3796: 78–95
Rijmen V, Oswald E. Update on SHA-1. Lect Notes Comput Sci, 2005, 3376: 58–71
Yajima J, Iwasaki T, Naito Y, et al. A strict evaluation method on the number of conditions for the SHA-1 collision search. In: Proceedings of the ACM Symposium on Information, Computer and Communications Security, Tokyo, 2008. 10–20
Manuel S. Classification and generation of disturbance vectors for collision attacks against SHA-1. Designs Codes Cryptogr, 2011, 59: 247–263
Sugita M, Kawazoe M, Perret L, et al. Algebraic cryptanalysis of 58-round SHA-1. Lect Notes Comput Sci, 2007, 4593: 349–365
de Cannière C, Rechberger C. Finding SHA-1 characteristics: general results and applications. Lect Notes Comput Sci, 2006, 4284: 1–20
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Tang, Y., Zeng, G. & Han, W. Classification of disturbance vectors for collision attack in SHA-1. Sci. China Inf. Sci. 58, 1–10 (2015). https://doi.org/10.1007/s11432-015-5280-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-015-5280-3