Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms

Turner, Seán; Chen, Lily; Polk, Tim; Hoffman, Paul

doi:10.17487/rfc6194

Cited by 22 publications

(14 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Unfortunately, as Polk et al [PCTH11] point out, these cryptanalytic advancements are not reflected in the literature so far, as the improved attacks since the first SHA-1 collision attack are either unpublished or withdrawn.…”

Section: Introductionmentioning

confidence: 99%

New Collision Attacks on SHA-1 Based on Optimal Joint Local-Collision Analysis

Stevens

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. The main contributions of this paper are two-fold. Firstly, we present a novel direction in the cryptanalysis of the cryptographic hash function SHA-1. Our work builds on previous cryptanalytic efforts on SHA-1 based on combinations of local collisions. Due to dependencies, previous approaches used heuristic corrections when combining the success probabilities and message conditions of the individual local collisions. Although this leads to success probabilities that are seemingly sufficient for feasible collision attacks, this approach most often does not lead to the maximum success probability possible as desired. We introduce novel techniques that enable us to determine the theoretical maximum success probability for a given set of (dependent) local collisions, as well as the smallest set of message conditions that attains this probability. We apply our new techniques and present an implemented open-source near-collision attack on SHA-1 with a complexity equivalent to 2 57.5 SHA-1 compressions. Secondly, we present an identical-prefix collision attack and a chosen-prefix collision attack on SHA-1 with complexities equivalent to approximately 2 61 and 2 77.1 SHA-1 compressions, respectively.

show abstract

Section: Introductionmentioning

confidence: 99%

New Collision Attacks on SHA-1 Based on Optimal Joint Local-Collision Analysis

Stevens

2013

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…All currently registered SRTP crypto suites except the GCM-based ones use HMAC-SHA1 as their HMAC algorithm to provide message authentication. Due to security concerns with SHA-1 [RFC6194], the IETF is gradually moving away from SHA-1 and towards stronger hash algorithms such as SHA-2 or SHA-3 families. For SRTP, however, SHA-1 is only used in the calculation of an HMAC, and no security issue is known for this usage at the time of this publication.…”

Section: Security Considerationsmentioning

confidence: 99%

The ARIA Algorithm and Its Use with the Secure Real-Time Transport Protocol (SRTP)

Kwon¹,

Kim²,

Park³

et al. 2017

View full text Add to dashboard Cite

show abstract

“…As such, it presents a trade-off between performance and security. The security considerations for SHA-1 are discussed in [RFC6194].…”

Section: Strength Of the Hash Function For Merkle Hash Treesmentioning

confidence: 99%

Peer-to-Peer Streaming Peer Protocol (PPSPP)

Grishchenko¹,

Petrocco²,

Bakker³

2015

View full text Add to dashboard Cite

The Peer-to-Peer Streaming Peer Protocol (PPSPP) is a protocol for disseminating the same content to a group of interested parties in a streaming fashion. PPSPP supports streaming of both prerecorded (ondemand) and live audio/video content. It is based on the peer-topeer paradigm, where clients consuming the content are put on equal footing with the servers initially providing the content, to create a system where everyone can potentially provide upload bandwidth. It has been designed to provide short time-till-playback for the end user and to prevent disruption of the streams by malicious peers.

show abstract

Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms

Cited by 22 publications

References 0 publications

New Collision Attacks on SHA-1 Based on Optimal Joint Local-Collision Analysis

New Collision Attacks on SHA-1 Based on Optimal Joint Local-Collision Analysis

The ARIA Algorithm and Its Use with the Secure Real-Time Transport Protocol (SRTP)

Peer-to-Peer Streaming Peer Protocol (PPSPP)

Contact Info

Product

Resources

About