skip to main content
10.1145/1368310.1368316acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

A strict evaluation method on the number of conditions for the SHA-1 collision search

Published: 18 March 2008 Publication History

Abstract

This paper proposes a new algorithm for evaluating the number of chaining variable conditions(CVCs) in the selecting step of a distrubance vector (DV) for the analysis of SHA-1 collision attack. The algorithm is constructed by combining the following four strategies, "Strict Differential Bit Compression", "DV expansion", "Precise Counting Rules in Every Step" and "Differential Path Confirmation for Rounds 2 to 4", that can evaluate the number of CVCs morestrictly compared with the previous approach.

References

[1]
E. Biham, R. Chen, A. Joux, P. Carribault, C. Lemuet, and W. Jalby. Collisions in SHA-0 and reduced SHA-1. In EUROCRYPT2005, pages 36--57. International Association for Cryptologic Research (IACR), May 2005.
[2]
C. D. Cannière, F. Mendel, and C. Rechberger. On the full cost of collision search for SHA-1. In ECRYPT Hash Workshop. ECRYPT Network of Excellence in Cryptology, May 2007.
[3]
C. D. Cannière and C. Rechberger. Finding SHA-1 characteristics: General results and applications. In ASIACRYPT2006. International Association for Cryptologic Research (IACR), December 2006.
[4]
F. Chabaud and A. Joux. Differential collisions in SHA-0. In CRYPTO'98, pages 56--71. International Association for Cryptologic Research (IACR), August 1998.
[5]
P. Hawkes, M. Paddon, and G. Rose. Automated search for round 1 differentials for SHA-1: Work in progress. In NIST SECOND CRYPTOGRAPHIC HASH WORKSHOP. National Institute of Standards and Technology, August 2006.
[6]
A. Joux. Message modification, neutral bits and boomerangs: From which round should we start counting in SHA? In NIST SECOND CRYPTOGRAPHIC HASH WORKSHOP. National Institute of Standards and Technology, August 2006.
[7]
F. Mendel, N. Pramstaller, C. Rechberger, and V. Rijmen. The impact of carries on the complexity of collision attacks on sha-1. In Fast Software Encryption 2006. International Association for Cryptologic Research (IACR), March 2006.
[8]
Y. Naito, Y. Sasaki, T. Shimoyama, J. Yajima, N. Kunihiro, and K. Ohta. Improved collision search for SHA-0. In ASIACRYPT2006, pages 21--36. International Association for Cryptologic Research (IACR), December 2006.
[9]
NIST. Secure hash standard. In Federal Information Processing Standard. National Institute of Standards and Technology, April 1995.
[10]
M. Sugita, M. Kawazoe, and H. Imai. Gröbner basis based cryptanalysis of SHA-1. In Fast Software Encryption 2007. IACR, March 2007.
[11]
X. Wang. The collision attack on SHA-0. In available at http://www.infosec.sdu.edu.cn/people/wangxiaoyun. htm, 1997.
[12]
X. Wang. Cryptanalysis of hash functions and potential dangers. In Invited Talk at the Cryptographer's Track at RSA Conference 2006. RSA, February 2006.
[13]
X. Wang, A. C. Yao, and F. Yao. Cryptanalysis on SHA-1 hash function. In CRYPTOGRAPHIC HASH WORKSHOP. National Institute of Standards and Technology, November 2005.
[14]
X. Wang, Y. L. Yin, and H. Yu. Finding collisions in the full SHA-1. In CRYPTO2005, pages 17--36. International Association for Cryptologic Research (IACR), August 2005.
[15]
X. Wang and H. Yu. How to break MD5 and other hash functions. In EUROCRYPT2005, pages 19--35. International Association for Cryptologic Research (IACR), May 2005.
[16]
J. Yajima, Y. Sasaki, Y. Naito, T. Iwasaki, T. Shimoyama, N. Kunihiro, and K. Ohta. A new strategy for finding a differential path of SHA-1. In ACISP2007, pages 45--58. International Association for Cryptologic Research (IACR), July 2007.

Cited By

View all
  • (2019)Classification and generation of disturbance vectors for collision attacks against SHA-1Designs, Codes and Cryptography10.1007/s10623-010-9458-959:1-3(247-263)Online publication date: 17-Jan-2019
  • (2018)Crack me if you can: hardware acceleration bridging the gap between practical and theoretical cryptanalysis?Proceedings of the 18th International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation10.1145/3229631.3239366(167-172)Online publication date: 15-Jul-2018
  • (2016)Freestart Collision for Full SHA-1Proceedings, Part I, of the 35th Annual International Conference on Advances in Cryptology --- EUROCRYPT 2016 - Volume 966510.5555/3081770.3081788(459-483)Online publication date: 8-May-2016
  • Show More Cited By

Recommendations

Reviews

Jean-Noel Colin

This paper addresses the problem of searching for collisions in the SHA-1 hash algorithm in the most efficient way, by reducing the complexity of this search. Essentially, the complexity relies on the number of chaining variable conditions (CVCs). Yajima et al. advocate that methods proposed so far don't provide an accurate way of evaluating this number. They address the existing solutions individually, describe their weaknesses, propose an original method to calculate (rather than estimate) the number of CVCs, and thus reduce the complexity of collision search. Although it is known that the complexity of collision search is a direct function of the number of CVCs, it is not clearly shown to what extent the availability of an accurate measure for this number will reduce this complexity. This will most likely be addressed in future work. The paper is written for cryptanalysts, or those with a very good understanding and mastery of cryptographic algorithms. Despite the limited audience, the findings are presented in a very well organized and pedagogical way, justifying each step with regard to existing literature. Yajima et al. also validate their approach with a successful real implementation. Online Computing Reviews Service

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ASIACCS '08: Proceedings of the 2008 ACM symposium on Information, computer and communications security
March 2008
399 pages
ISBN:9781595939791
DOI:10.1145/1368310
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 18 March 2008

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. SHA-1
  2. collision attack
  3. disturbance vector
  4. hash function

Qualifiers

  • Research-article

Conference

Asia CCS '08
Sponsor:

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)2
  • Downloads (Last 6 weeks)0
Reflects downloads up to 17 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2019)Classification and generation of disturbance vectors for collision attacks against SHA-1Designs, Codes and Cryptography10.1007/s10623-010-9458-959:1-3(247-263)Online publication date: 17-Jan-2019
  • (2018)Crack me if you can: hardware acceleration bridging the gap between practical and theoretical cryptanalysis?Proceedings of the 18th International Conference on Embedded Computer Systems: Architectures, Modeling, and Simulation10.1145/3229631.3239366(167-172)Online publication date: 15-Jul-2018
  • (2016)Freestart Collision for Full SHA-1Proceedings, Part I, of the 35th Annual International Conference on Advances in Cryptology --- EUROCRYPT 2016 - Volume 966510.5555/3081770.3081788(459-483)Online publication date: 8-May-2016
  • (2016)Freestart Collision for Full SHA-1Advances in Cryptology – EUROCRYPT 201610.1007/978-3-662-49890-3_18(459-483)Online publication date: 28-Apr-2016
  • (2015)Optimized cryptographic algorithm for embedded systems2015 International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT)10.1109/ICATCCT.2015.7456850(33-38)Online publication date: Oct-2015
  • (2010)Matrix representation of conditions for the collision attack of SHA-1 and its application to the message modificationProceedings of the 5th international conference on Advances in information and computer security10.5555/1927197.1927221(267-284)Online publication date: 22-Nov-2010
  • (2010)Matrix Representation of Conditions for the Collision Attack of SHA-1 and Its Application to the Message ModificationAdvances in Information and Computer Security10.1007/978-3-642-16825-3_18(267-284)Online publication date: 2010
  • (2010)Second-Preimage Analysis of Reduced SHA-1Information Security and Privacy10.1007/978-3-642-14081-5_7(104-116)Online publication date: 2010
  • (2009)A Strict Evaluation on the Number of Conditions for SHA-1 Collision SearchIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences10.1587/transfun.E92.A.87E92-A:1(87-95)Online publication date: 2009

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media