Hash Functions: Attacks and Security, Study notes of Cryptography and System Security

Various attacks on dedicated hash functions such as md2, md4, md5, sha-0, sha-1, ripemd-128, and ripemd-160. It also covers the security of these functions and the recommendations of nist for their use. Research from ibm, nsa, and crypto 2004.

Typology: Study notes

Pre 2010

Uploaded on 02/12/2009

koofers-user-m63
koofers-user-m63 🇺🇸

10 documents

1 / 4

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
1
Hash functions – new attacks
ECE 646 Lecture 11a
Hash function algorithms
Customized
(dedicated) Based on
block ciphers
Based on
modular arithmetic
MDC-2
MDC-4
IBM, Brachtl, Meyer, Schilling, 1988
MASH-1
1988-1996
MD2 Rivest 1988
MD4 Rivest 1990
MD5
Rivest 1990 SHA-0
SHA-1
RIPEMD-128
RIPEMD-160
European RACE Integrity
Primitives Evaluation Project, 1992
NSA, 1992
NSA, 1995
SHA-256, SHA-384, SHA-512 NSA, 2000
pf3
pf4

Partial preview of the text

Download Hash Functions: Attacks and Security and more Study notes Cryptography and System Security in PDF only on Docsity!

Hash functions – new attacks

ECE 646 Lecture 11a

Hash function algorithms

Customized (dedicated)

Based on block ciphers

Based on modular arithmetic

MDC- MDC- IBM, Brachtl, Meyer, Schilling, 1988

MASH- 1988-

MD2 (^) Rivest 1988

MD4 (^) Rivest 1990

MD Rivest 1990

SHA-

SHA-

RIPEMD-

RIPEMD-

European RACE Integrity Primitives Evaluation Project, 1992

NSA, 1992

NSA, 1995 SHA-256, SHA-384, SHA-512 (^) NSA, 2000

Security of dedicated hash functions

MD

MD

MD5 (^) SHA-

SHA-

RIPEMD-

RIPEMD-

partially broken

broken , H. Dobbertin, 1995 (one hour on PC, 20 free bytes at the start of the message)

partially broken, collisions for the compression function, Dobbertin, 1996 (10 hours on PC)

weakness discovered, 1995 NSA, 1998 France

reduced round version broken, Dobbertin 1995

SHA-256, SHA-384, SHA-

MD

MD

SHA-

SHA-

RIPEMD-

RIPEMD-

SHA-256, SHA-384, SHA-

broken; Wang, Feng, Lai, Yu Crypto 2004 (1 hr on a PC)

attack with 240 operations Crypto 2004

What was discovered in 2004-2005?

broken; Wang, Feng, Lai, Yu, Crypto 2004 (manually, without using a computer)

broken; Wang, Feng, Lai, Yu, Crypto 2004 (manully, without using a computer)

attack with 269 operations Wang, Yin, Yu, Feb 2005

NIST was already earlier planning to withdraw SHA- in favor of SHA-224, SHA-256, SHA-384 & SHA- do roku 2010

New implementations should use new hash functions.

NIST encourages government agancies to develop plans for gradually moving towards new hash functions, taking into account the sensitivity of the systems when setting the timetables.

Recommendations of NIST (2)

NIST CRYPTOGRAPHIC HASH WORKSHOP

Oct. 31 – Nov. 1 2005 NIST (Green Auditorium) Gaithersburg, Maryland Topics:

  • security status of functions currently approved by NIST SHA-1, SHA-224, SHA-256, SHA-384, SHA-
  • short term actions to mitigate the potential problems with the existing applications of SHA-
  • conditions that would warrant an early transition away from any of the approved hash functions
  • potential replacement options for any of the approved hash functions
  • features of hash functions required for different applications