CryptoDB
Complexity of the Collision and Near-Collision Attack on SHA-0 with Different Message Schedules
| Authors: | |
|---|---|
| Download: | |
| Abstract: | SHA-0 employs a primitive polynomnial of degree 16 over GF(2) in its message schedule. There are 2048 primitive polynomials of degree 16 over GF(2). For each primitive polynomial, a SHA-0 variant can be constructed. In this paper, the security of 2048 variants is analyzed against the Chabaud-Joux attack proposed in CRYPTO'98. The analysis shows that all the variants could be collision-attacked by using near-collisions as a tool and thus the replacement of the primitive polynomial is not a proper way to make SHA-0 secure. However, it is shown that the selection of the variants highly affects the complexity of the attack. Furthermore, a collision in the most vulnerable variant is presented. It is obtained by the original Chabaud-Joux attack without any improvements. |
BibTeX
@misc{eprint-2004-12290,
title={Complexity of the Collision and Near-Collision Attack on SHA-0 with Different Message Schedules},
booktitle={IACR Eprint archive},
keywords={foundations / hash functions, SHA-0, collision attack, near-collision attack},
url={http://eprint.iacr.org/2004/325},
note={ hattori@hanase.kuee.kyoto-u.ac.jp 12828 received 26 Nov 2004, last revised 14 Feb 2005},
author={Mitsuhiro HATTORI and Shoichi HIROSE and Susumu YOSHIDA},
year=2004
}