Complexity of Differential Attacks on SHA-0 with Various Message Schedules
Summary :
The security of SHA-0 with various message schedules is discussed in this letter. SHA-0 employs a primitive polynomial of degree 16 over GF(2) in its message schedule. For each primitive polynomial, a SHA-0 variant can be constructed. The collision resistance and the near-collision resistance of SHA-0 variants to the Chabaud-Joux attack are evaluated. Moreover, the near-collision resistance of a variant to the Biham-Chen attack is evaluated. It is shown that the selection of primitive polynomials highly affects the resistance. However, it is concluded that these SHA-0 variants are not appropriate for making SHA-0 secure.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E88-A No.12 pp.3668-3671
- Publication Date
- 2005/12/01
- Publicized
- Online ISSN
- DOI
- 10.1093/ietfec/e88-a.12.3668
- Type of Manuscript
- LETTER
- Category
- Information Security
Authors
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
Mitsuhiro HATTORI, Shoichi HIROSE, Susumu YOSHIDA, "Complexity of Differential Attacks on SHA-0 with Various Message Schedules" in IEICE TRANSACTIONS on Fundamentals,
vol. E88-A, no. 12, pp. 3668-3671, December 2005, doi: 10.1093/ietfec/e88-a.12.3668.
Abstract: The security of SHA-0 with various message schedules is discussed in this letter. SHA-0 employs a primitive polynomial of degree 16 over GF(2) in its message schedule. For each primitive polynomial, a SHA-0 variant can be constructed. The collision resistance and the near-collision resistance of SHA-0 variants to the Chabaud-Joux attack are evaluated. Moreover, the near-collision resistance of a variant to the Biham-Chen attack is evaluated. It is shown that the selection of primitive polynomials highly affects the resistance. However, it is concluded that these SHA-0 variants are not appropriate for making SHA-0 secure.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e88-a.12.3668/_p
Copy
@ARTICLE{e88-a_12_3668,
author={Mitsuhiro HATTORI, Shoichi HIROSE, Susumu YOSHIDA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Complexity of Differential Attacks on SHA-0 with Various Message Schedules},
year={2005},
volume={E88-A},
number={12},
pages={3668-3671},
abstract={The security of SHA-0 with various message schedules is discussed in this letter. SHA-0 employs a primitive polynomial of degree 16 over GF(2) in its message schedule. For each primitive polynomial, a SHA-0 variant can be constructed. The collision resistance and the near-collision resistance of SHA-0 variants to the Chabaud-Joux attack are evaluated. Moreover, the near-collision resistance of a variant to the Biham-Chen attack is evaluated. It is shown that the selection of primitive polynomials highly affects the resistance. However, it is concluded that these SHA-0 variants are not appropriate for making SHA-0 secure.},
keywords={},
doi={10.1093/ietfec/e88-a.12.3668},
ISSN={},
month={December},}
Copy
TY - JOUR
TI - Complexity of Differential Attacks on SHA-0 with Various Message Schedules
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 3668
EP - 3671
AU - Mitsuhiro HATTORI
AU - Shoichi HIROSE
AU - Susumu YOSHIDA
PY - 2005
DO - 10.1093/ietfec/e88-a.12.3668
JO - IEICE TRANSACTIONS on Fundamentals
SN -
VL - E88-A
IS - 12
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - December 2005
AB - The security of SHA-0 with various message schedules is discussed in this letter. SHA-0 employs a primitive polynomial of degree 16 over GF(2) in its message schedule. For each primitive polynomial, a SHA-0 variant can be constructed. The collision resistance and the near-collision resistance of SHA-0 variants to the Chabaud-Joux attack are evaluated. Moreover, the near-collision resistance of a variant to the Biham-Chen attack is evaluated. It is shown that the selection of primitive polynomials highly affects the resistance. However, it is concluded that these SHA-0 variants are not appropriate for making SHA-0 secure.
ER -
English
