Abstract | ||
---|---|---|
Preimage resistance of several hash functions has already been broken by the meet-in-the-middle attacks and they utilize a property that their message schedules consist of only permutations of message words. It is unclear whether this type of attacks is applicable to a hash function whose message schedule does not consist of permutations of message words. This paper proposes new attacks against reduced SHA-0 and SHA-1 hash functions by analyzing a message schedule that does not consist of permutations but linear combinations of message words. The newly developed cryptanalytic techniques enable the meet-in-the-middle attack to be applied to reduced SHA-0 and SHA-1 hash functions. The attacks find preimages of SHA-0 and SHA-1 in 2156.6 and 2159.3 compression function computations up to 52 and 48 steps, respectively, compared to the brute-force attack, which requires 2160 compression function computations. The previous best attacks find preimages up to 49 and 44 steps, respectively. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1007/978-3-642-03356-8_5 | CRYPTO |
Keywords | Field | DocType |
meet-in-the-middle,hash function,sha-1 hash function,new attack,sha-1,preimage.,message schedule,brute-force attack,meet-in-the-middle attack,one-way,compression function computation,previous best attack,compression function,sha-0,meet-in-the-middle preimage attacks,message word,preimage,sha 1 | Hash-based message authentication code,SHA-2,Message authentication code,Computer science,Cryptographic hash function,Collision resistance,Theoretical computer science,Hash function,Preimage attack,Collision attack | Conference |
Volume | ISSN | Citations |
5677 | 0302-9743 | 55 |
PageRank | References | Authors |
1.83 | 15 | 2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Kazumaro Aoki | 1 | 918 | 67.72 |
Yu Sasaki | 2 | 247 | 15.33 |