Freestart collision on full SHA-1

  title={Freestart collision on full SHA-1},
  author={Marc Stevens and Pierre Karpman and Thomas Peyrin},
  booktitle={IACR Cryptology ePrint Archive},
This article presents an explicit freestart colliding pair for SHA-1, i.e. a collision for its internal compression function. This is the first practical break of the full SHA-1, reaching all 80 out of 80 steps. Only 10 days of computation on a 64-GPU cluster were necessary to perform this attack, for a cost of approximately 2 calls to the compression function of SHA-1. This work builds on a continuous series of cryptanalytic advancements on SHA-1 since the theoretical collision attack… CONTINUE READING
10 Citations
34 References
Similar Papers


Publications referenced by this paper.
Showing 1-10 of 34 references

Amazon EC2 – Virtual Server Hosting

  • Amazon Web Services
  •, Retrieved Jan.
  • 2016
Highly Influential
7 Excerpts

FIPS 180: Secure Hash Standard

  • National Institute of Standards, Technology
  • May
  • 1993
Highly Influential
5 Excerpts

FIPS 180-2: Secure Hash Standard

  • National Institute of Standards, Technology
  • August
  • 2002
Highly Influential
4 Excerpts

Continuing to Phase Out SHA-1 Certificates

  • Mozilla
  • Mozilla Security Blog,
  • 2015
2 Excerpts

FIPS 202: SHA-3 Standard: PermutationBased Hash and Extendable-Output Functions

  • National Institute of Standards, Technology
  • August
  • 2015
3 Excerpts

SHA-1 Deprecation Update

  • Microsoft
  • Microsoft blog,
  • 2015
2 Excerpts

Leiden University

  • Marc Stevens, Attacks on Hash Functions, Applications, Ph.D. thesis
  • June
  • 2012

Similar Papers

Loading similar papers…