Classification and generation of disturbance vectors for collision attacks against SHA-1
نویسنده
چکیده
The main contribution of this paper is to provide a classification of disturbance vectors used in differential collision attacks against SHA-1. We show that all published disturbance vectors can be classified into two types of vectors, type-I and type-II. We present a deterministic algorithm which produce efficient disturbance vectors with respect to any given cost function. We define two simple cost functions to evaluate the efficiency of a candidate disturbance vector. Using our algorithm and those cost function we retrieved all previously known vectors and found that the most efficient disturbance vector is the one first reported as Codeword2 by Jutla and Patthak in [7].
منابع مشابه
Is SHA-1 conceptually sound?
We argue that if the message expansion code of SHA-1 is replaced by a linear code with a better minimum distance, then the resulting hash function is collision resistant. To support this argument, we characterize the disturbance vectors which are used to build local collision attacks as a linear code. This linear code is the xor-sum of two codes, the message expansion code and a linear code rep...
متن کاملA proposal of a criterion for collision resistance of hash functions
clear the advantage of the fact that an attacker can know all intermediate values in calculating an outIn this paper we revisit the tequniques for collision put. This fact is the most different assumption for attacks and study the relation between maximum an attacker from block cipher’s case. differential characteristic probability and a limit of However Wang et al. showed in the last two years...
متن کاملNew Collision Attacks against Up to 24-Step SHA-2
In this work, we provide new and improved attacks against 22, 23 and 24-step SHA-2 family using a local collision given by Sanadhya and Sarkar (SS) at ACISP ’08. The success probability of our 22-step attack is 1 for both SHA-256 and SHA-512. The computational efforts for the 23-step and 24step SHA-256 attacks are respectively 2 and 2 calls to the corresponding step reduced SHA-256. The corresp...
متن کاملNew Disturbance Vector for SHA-0 Collision
Most of recent collision attacks on SHA-0 are based on the differential path given by Xiaoyun Wang et al. Their disturbance vector was thought to be the best one. We noticed that the way they calculate number of sufficient conditions is not accurate, and we also found some new properties of the third Boolean function MAJ (b ∧ c) ∨ (c ∧ d) ∨ (d ∧ b). In this paper we present a new disturbance ve...
متن کاملNon-linear Reduced Round Attacks against SHA-2 Hash Family
Most of the attacks against (reduced) SHA-2 family in literature have used local collisions which are valid for linearized version of SHA-2 hash functions. Recently, at FSE ’08, an attack against reduced round SHA-256 was presented by Nikolić and Biryukov which used a local collision which is valid for the actual SHA-256 function. It is a 9-step local collision which starts by introducing a mod...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Des. Codes Cryptography
دوره 59 شماره
صفحات -
تاریخ انتشار 2008