


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Various attacks on dedicated hash functions such as md2, md4, md5, sha-0, sha-1, ripemd-128, and ripemd-160. It also covers the security of these functions and the recommendations of nist for their use. Research from ibm, nsa, and crypto 2004.
Typology: Study notes
1 / 4
This page cannot be seen from the preview
Don't miss anything!



Customized (dedicated)
Based on block ciphers
Based on modular arithmetic
MDC- MDC- IBM, Brachtl, Meyer, Schilling, 1988
MASH- 1988-
MD2 (^) Rivest 1988
MD4 (^) Rivest 1990
MD Rivest 1990
SHA-
SHA-
RIPEMD-
RIPEMD-
European RACE Integrity Primitives Evaluation Project, 1992
NSA, 1992
NSA, 1995 SHA-256, SHA-384, SHA-512 (^) NSA, 2000
MD
MD
MD5 (^) SHA-
SHA-
RIPEMD-
RIPEMD-
partially broken
broken , H. Dobbertin, 1995 (one hour on PC, 20 free bytes at the start of the message)
partially broken, collisions for the compression function, Dobbertin, 1996 (10 hours on PC)
weakness discovered, 1995 NSA, 1998 France
reduced round version broken, Dobbertin 1995
SHA-256, SHA-384, SHA-
broken; Wang, Feng, Lai, Yu Crypto 2004 (1 hr on a PC)
attack with 240 operations Crypto 2004
broken; Wang, Feng, Lai, Yu, Crypto 2004 (manually, without using a computer)
broken; Wang, Feng, Lai, Yu, Crypto 2004 (manully, without using a computer)
attack with 269 operations Wang, Yin, Yu, Feb 2005
NIST was already earlier planning to withdraw SHA- in favor of SHA-224, SHA-256, SHA-384 & SHA- do roku 2010
New implementations should use new hash functions.
NIST encourages government agancies to develop plans for gradually moving towards new hash functions, taking into account the sensitivity of the systems when setting the timetables.
Oct. 31 – Nov. 1 2005 NIST (Green Auditorium) Gaithersburg, Maryland Topics: