Cryptology ePrint Archive: Report 2013/589

Smashing MASH-1

Vladimir Antipkin

Abstract: MASH-1 is modular arithmetic based hash function. It is presented in Part 4 of ISO/IEC 10118 standard for one and a half decade. Cryptographic strength of MASH-1 hash function is based on factorization problem of an RSA modulus along with redundancy in the input blocks of compression functions. Despite of this, we are able to introduce two large classes of moduli which allow practical time collision finding algorithm for MASH-1. In one case even multicollisions of arbitrary length can be constructed.

Category / Keywords: hash function, collision attack, multicollisions, MASH-1

Original Publication (in the same form): CTCrypt 2013

Date: received 11 Sep 2013, last revised 15 Feb 2014

Contact author: antip-vova58 at yandex ru

Available format(s): PDF | BibTeX Citation

Note: Typos and wording are corrected in revised version

Version: 20140215:140624 (All versions of this report)

Short URL: ia.cr/2013/589

Discussion forum: Show discussion | Start new discussion