Classification and generation of disturbance vectors for collision attacks against SHA-1

@article{Manuel2008ClassificationAG,
  title={Classification and generation of disturbance vectors for collision attacks against SHA-1},
  author={St{\'e}phane Manuel},
  journal={Designs, Codes and Cryptography},
  year={2008},
  volume={59},
  pages={247-263}
}
  • S. Manuel
  • Published 1 April 2011
  • Mathematics, Computer Science
  • Designs, Codes and Cryptography
The main contribution of this paper is to provide a classification of disturbance vectors used in differential collision attacks against $${\tt{SHA}-1}$$ . We show that all published disturbance vectors can be classified into two types of vectors, type-I and type-II. We present a deterministic algorithm which produce efficient disturbance vectors with respect to any given cost function. We define two simple cost functions to evaluate the efficiency of a candidate disturbance vector. Using our… 

Classification of disturbance vectors for collision attack in SHA-1

It is proved that there are only two types of the optimal disturbance vectors, type-I and type-II, which have minimum weight of 25 in the last 60 of the 80 expanded words, in the total 2512 disturbance vectors searching space.

New strategy for searching disturbance vector of SHA-1 collision attack

Dear editor, We present a new algorithm to search for effective disturbance vectors with a complexity of 2 based on the following two properties of disturbance vectors. One property is the weight

New Collision Attacks on SHA-1 Based on Optimal Joint Local-Collision Analysis

Novel techniques are introduced that enable us to determine the theoretical maximum success probability for a given set of (dependent) local colli- sions, as well as the smallest set of message conditions that attains this probability.

Speeding up detection of SHA-1 collision attacks using unavoidable attack conditions

This paper presents a significant performance improvement for collision detection based on the new concept of unavoidable conditions, and provides a formal model for unavoidable conditions for collision attacks on MD5-like compression functions.

Improving SHA-1 counter-cryptanalysis using unavoidable conditions

A significant performance improvement for collision detection based on the new concept of unavoidable conditions is presented and the improved SHA-1 collision detection is implemented, which is about 16 times faster than without without the unavoidable condition improvements.

Practical Free-Start Collision Attacks on 76-step SHA-1

This work exploits the additional freedom provided by this model by using a new start-from-the-middle approach in combination with improvements on the cryptanalysis tools that have been developed for SHA-1 in the recent years, which results in particular in better differential paths than the ones used for hash function collisions so far.

Matrix Representation of Conditions for the Collision Attack of SHA-1 and Its Application to the Message Modification

This paper proposes a matrix representation of Chaining Variable Condition (CVC) and Message Condition (MC) and applies this to an algorithm for constructing the Message Modification procedure in order to reduce the complexity for the collision attack of SHA-1.

Mitigation and Improving SHA-1 Standard Using Collision Detection Approach

A collision detection methodology and an improved version of Secure Hash Algorithm (SHA-1) standard are introduced to protect weak primitives from any possible collision attack.

Freestart Collision for Full SHA-1

This is the first practical break of the full SHA-1, reaching all 80 out of 80 steps, and it further shows how GPUs can be used very efficiently for this kind of attack.

Analysis of Differential Attacks in ARX Constructions

  • G. Leurent
  • Computer Science, Mathematics
    ASIACRYPT
  • 2012
New multi-bit constraints to describe differential characteristics in ARX designs more accurately, and quartet constraints to analyze boomerang attacks, and how to propagate those constraints are described.
...

References

SHOWING 1-10 OF 20 REFERENCES

Collisions on SHA-0 in One Hour

This paper shows that the previous perturbation vectors used in all known attacks are not optimal and provides a new 2-block one and is able to produce the best collision attack against SHA-0 so far, with a measured complexity of 233,6hash function calls.

Finding Good Differential Patterns for Attacks on SHA-1

It is shown that the problems of finding optimal differential patterns for SHA-1 is equivalent to the problem of finding minimal weight codeword in a large linear code.

Finding SHA-1 Characteristics: General Results and Applications

A method to search for characteristics in an automatic way for multi-block attacks, and as a proof of concept, gives a two-block collision for 64-step SHA-1 based on a new characteristic.

On Authentication with HMAC and Non-random Properties

A new method to recover both the inner- and the outer key used in HMAC when instantiated with a concrete hash function by observing text/MAC pairs is presented, using the first theoretical full key recovery attack on NMAC-MD5.

New Results on NMAC/HMAC when Instantiated with Popular Hash Functions

A new method to recover both the inner and the outer key used in HMAC when instantiated with a concrete hash function by observing text/MAC pairs is presented, and the first theoretical full key recovery attack on NMAC-MD5 is presented.

Hash Functions and the (Amplified) Boomerang Attack

It is shown that using this boomerang attack as a neutral bits tool, it becomes possible to lower the complexity of the attacks on SHA-1.

Improved Collision Search for SHA-0

This paper gives sufficient conditions for the steps from step 21, and proposes submarine modification as the message modification technique that will ensure satisfaction of the sufficient conditions from steps 21 to 24, an extension of the multi-message modification used in collision attacks on the MD-family.

Exploiting Coding Theory for Collision Attacks on SHA-1

It is shown that coding theory can be exploited efficiently for the cryptanalysis of hash functions and the complexity for a collision attack on the full SHA-1 is conjecture.

Differential Collisions in SHA-0

A theoretical attack on the compression function SHA-O with complexity 2 61 is obtained, which is thus better than the birthday paradox attack and is a strong evidence that the transition to version 1 indeed raised the level of security of SHA.

Collisions of SHA-0 and Reduced SHA-1

Improvements to the techniques used to cryptanalyze SHA-0 are described and improvements that allow us to find collisions of reduced versions of SHA-1 are presented, that show that collisions up to about 53–58 rounds can still be found faster than by birthday attacks.