计算机科学

计算机科学 ›› 2016, Vol. 43 ›› Issue (8): 123-127.doi: 10.11896/j.issn.1002-137X.2016.08.026

• 信息安全 • 上一篇    下一篇

SHA-1充分条件自动化求解算法

胡云山,申意,曾光,韩文报   

  1. 解放军信息工程大学 郑州450001数学工程与先进计算国家重点实验室 无锡214125,解放军信息工程大学 郑州450001数学工程与先进计算国家重点实验室 无锡214125,解放军信息工程大学 郑州450001数学工程与先进计算国家重点实验室 无锡214125,解放军信息工程大学 郑州450001数学工程与先进计算国家重点实验室 无锡214125
  • 出版日期:2018-12-01 发布日期:2018-12-01
  • 基金资助:
    本文受国家自然科学基金项目(61003291),数学工程与先进计算国家重点实验室开放课题(2013A03,3A10)资助

New Algorithm for Automatic Deriving Sufficient Conditions of SHA-1

HU Yun-shan, SHEN Yi, ZENG Guang and HAN Wen-bao   

  • Online:2018-12-01 Published:2018-12-01

PDF (PC)

501

摘要: 充分条件的求解是模差分攻击的重要步骤之一。将充分条件的求解转化为F2上线性方程组的构造过程,利用线性方程组解的判定定理判断每步所求得充分条件的正确性,提出了针对SHA-1模差分攻击的充分条件自动化求解算法。文中算法做适当变形后,同样适用于MD5、SHA-0等与SHA-1结构相似的Hash函数充分条件的自动化求解。

关键词: 密码学,Hash函数,SHA-1,充分条件,碰撞攻击

Abstract: Deriving sufficient conditions is one of the important technologies in the differential mode attacking.In this paper,turning the problem of deriving sufficient conditions into structure of linear equations in F2,using the judgment theorem of linear equations to determine the correctness of the sufficient conditions derived by each step,a new algorithm for automatic deriving sufficient conditions of SHA-1 hash function was proposed.This algorithm is equally applicable to derive sufficient conditions in SHA-0 which has similar structure with SHA-1 after appropriate deformation.

Key words: Cryptology,Hash function,SHA-1,Sufficient conditions,Collision attacks

[1] Wang Xiao-yun,L Yi-qun,Yu Hong-bo.Finding collisions in the full SHA-1[M]∥Advance in Cryptology-CRYPTO 2005.Berlin Heidelberg:Springer-Verlag,2005:17-36
[2] McDonald C,Hawkes P,Pieprzyk J.Differential Path for SHA-1 with complexity O(252):Report 2009 ,259[R/OL].Cryptology ePrint Archive,http://eprint.iacr.org/2009/259
[3] Chen R.New Techniques for Cryptanalysis of CryptographicHash Functions[D].Technion:Technion-Israel Institute of Technology,2011
[4] Stevens M.Attacks on Hash Functions and Applications [D].Holland:Leiden University,2012
[5] Stevens M.New Collision Attacks on SHA-1 Based on Optimal Joint Local-Collision Analysis[M]∥Advance in Cryptology-CRYPTO 2005.Berlin Heidelberg:Springer-Verlag,2013:245-261
[6] Biham E,Chen R,Joux A.Cryptanalysis of SHA-0 and Reduced SHA-1[J].Journal of Cryptology ,2014,8(1):110-160
[7] Cannière C D,Rechberger C.Finding SHA-1 Characteristics:General Results and Applications [M]∥Advances in Cryptology-ASIACRYPT 2006.Berlin Heidelberg:Springer-Verlag,2006:1-20
[8] Cannière C D,Mendel F,Rechberger C.Collisions for 70-StepSHA-1:On the Full Cost of Collision Search [M]∥Selected A-reas in Cryptography.Berlin Heidelberg:Springer-Verlag,2007:56-73
[9] Grechnikov E A.Collisions for 72-step and 73-step SHA-1:Improvements in the Method of Characteristics: Report 2010,413 [R/OL].Cryptology ePrint Archive,http://eprint.iacr.org/2010/413.pdf
[10] Grechnikov E A,Adinetz A V.Collision for 75-step SHA-1:Intensive Parallelization with GPU: Report 2011,641 [R/OL].Cryptology ePrint Archive,http://eprint.iacr.org/2011/641
[11] Adinetz A V,Grechnikov E A.Building a collision for 75-round reduced SHA-1 Using GPU Clusters[M]∥Euro-Par 2012 Pa-rallel Processing.Berlin Heidelberg:Springer-Verlag,2012:933-944
[12] Sugita M,Kawazoe M,Perret L,et al.Algebraic Cryptanalysisof 58-Round SHA-1[M]∥Fast Software Encryption.Berlin Heidelberg:Springer-Verlag,2007:349-365
[13] Pramstaller N, Rechberger C, Rijimen V.Exploiting Coding Theory for Collision Attacks on SHA-1[M]∥Cryptography and Coding.Berlin Heidelberg:Springer-Verlag,2005:78-95
[14] Joux A,Peyrin T.Hash Functions and the (Amplified) Boome-rang Attack[M]∥Advances in Cryptology-CRYPTO 2007.Berlin Heidelberg:Springer-Verlag,2007:244-263
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发