Abstract
In this paper we find two near-collisions of the full compression function of SHA-0, in which up to 142 of the 160 bits of the output are equal. We also find many full collisions of 65-round reduced SHA-0, which is a large improvement to the best previous result of 35 rounds. We use the very surprising fact that the messages have many neutral bits, some of which do not affect the differences for about 15–20 rounds. We also show that 82-round SHA-0 is much weaker than the (80-round) SHA-0, although it has more rounds. This fact demonstrates that the strength of SHA-0 is not monotonous in the number of rounds.
Chapter PDF
Similar content being viewed by others
References
Anderson, R., Biham, E.: Tiger: a Fast New Hash Function. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 89–97. Springer, Heidelberg (1996)
Biham, E., Shamir, A.: Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 156–171. Springer, Heidelberg (1992)
Chabaud, F., Joux, A.: Differential Collisions in SHA-0, Advanced in Cryptology. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56–71. Springer, Heidelberg (1998)
Dobbertin, H.: Cryptanalysis of MD4. Journal of Cryptology 11, 253–271 (1998)
Genaro, R., Halevi, S., Rabin, T.: Secure Hash-and-Sign Signatures Without the Random Oracle. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 123–139. Springer, Heidelberg (1999)
Joux, A.: private communications (2004)
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
National Institute of Standards and Technologies, Secure Hash Standard, Federal Information Processing Standards Publication, FIPS-180 (May 1993)
National Institute of Standards and Technologies, Secure Hash Standard, Federal Information Processing Standards, Publication FIPS-180-1 (April 1995)
National Institute of Standards and Technologies, FIPS 180-2 Secure Hash Standard, Change Notice 1, Federal Information Processing Standards Publication, FIPS-180-2 (December 2003)
National Institute of Standards and Technologies, Secure Hash Standard, Federal Information Processing Standards Publication, FIPS-180-2 (August 2002)
Rivest, R.: The MD4 Message-Digest Algorithm, NetworkWorking Group Request for Comments:1186 (October 1990)
Rivest, R.: The MD5 Message-Digest Algorithm, NetworkWorking Group Request for Comments:1321 (April 1992)
Merkle, R.: A Fast Software One-Way Hash Function. Journal of Cryptology 3(1), 43–58 (1990)
Vaudenay, S.: On the Need for Multipermutation: Cryptanalysis of MD4 and SAFER. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 286–297. Springer, Heidelberg (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biham, E., Chen, R. (2004). Near-Collisions of SHA-0. In: Franklin, M. (eds) Advances in Cryptology – CRYPTO 2004. CRYPTO 2004. Lecture Notes in Computer Science, vol 3152. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-28628-8_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-28628-8_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22668-0
Online ISBN: 978-3-540-28628-8
eBook Packages: Springer Book Archive