Cryptology ePrint Archive: Report 2005/391

Some thoughts on Collision Attacks in the Hash Functions MD5, SHA-0 and SHA-1

Praveen Gauravaram and William Millan and Juanma Gonzalez Nieto

Abstract: The design principle of Merkle-Damgård construction is collision resistance of the compression function implies collision resistance of the hash function. Recently multi-block collisions have been found on the hash functions MD5, SHA-0 and SHA-1 using differential cryptanalysis. These multi-block collisions raise several questions on some definitions and properties used in the hash function literature. In this report, we take a closer look at some of the literature in cryptographic hash functions and give our insights on them. We bring out some important differences between the 1989's Damgård's hash function and the hash functions that followed it. We conclude that these hash functions did not consider the pseudo-collision attack in their design criteria. We also doubt whether these hash functions achieve the design principle of Merkle-Damgård's construction. We formalise some definitions on the properties of hash functions in the literature.

Category / Keywords: secret-key cryptography /

Date: received 30 Oct 2005, last revised 30 Oct 2005

Contact author: p gauravaram at isrc qut edu au

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: This is the draft version of work in progress. For any suggestions on improving the work or any corrections in our work, please contact the author.

Version: 20051030:232000 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]