Cryptology ePrint Archive: Report 2005/391

Some thoughts on Collision Attacks in the Hash Functions MD5, SHA-0 and SHA-1

Praveen Gauravaram and William Millan and Juanma Gonzalez Nieto

Abstract: The design principle of Merkle-Damg{\aa}rd construction is collision resistance of the compression function implies collision resistance of the hash function. Recently multi-block collisions have been found on the hash functions MD5, SHA-0 and SHA-1 using differential cryptanalysis. These multi-block collisions raise several questions on some definitions and properties used in the hash function literature. In this report, we take a closer look at some of the literature in cryptographic hash functions and give our insights on them. We bring out some important differences between the 1989's Damg{\aa}rd's hash function and the hash functions that followed it. We conclude that these hash functions did not consider the pseudo-collision attack in their design criteria. We also doubt whether these hash functions achieve the design principle of Merkle-Damg{\aa}rd's construction. We formalise some definitions on the properties of hash functions in the literature.

Category / Keywords: secret-key cryptography /

Date: received 30 Oct 2005, last revised 30 Oct 2005

Contact author: p gauravaram at isrc qut edu au

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: This is the draft version of work in progress. For any suggestions on improving the work or any corrections in our work, please contact the author.

Version: 20051030:232000 (All versions of this report)

Discussion forum: Show discussion | Start new discussion