Paper 2010/430
Generic Collision Attacks on Narrow-pipe Hash Functions Faster than Birthday Paradox, Applicable to MDx, SHA-1, SHA-2, and SHA-3 Narrow-pipe Candidates
Vlastimil Klima and Danilo Gligoroski
Abstract
In this note we show a consequence of the recent observation that narrow-pipe hash designs manifest an abberation from ideal random functions for finding collisions for those functions with complexities much lower than the so called generic birthday paradox lower bound. The problem is generic for narrow-pipe designs including classic Merkle-Damgard designs but also recent narrow-pipe SHA-3 candidates. Our finding does not reduces the generic collision security of n/2 bits that narrow-pipe functions are declaring, but it clearly shows that narrow-pipe designs have a property when we count the calls to the hash function as a whole, the birthday paradox bound of 2^{n/2} calls to the hash function is clearly broken. This is yet another property in a series of similar non-ideal random properties (like HMAC or PRF constructions) that narrow-pipe hash function manifest and that are described in [1] and [2].
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- hash functionscollisionsgeneric attacknarrow-pipe design
- Contact author(s)
- v klima @ volny cz
- History
- 2010-08-04: received
- Short URL
- https://ia.cr/2010/430
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2010/430,
author = {Vlastimil Klima and Danilo Gligoroski},
title = {Generic Collision Attacks on Narrow-pipe Hash Functions Faster than Birthday Paradox, Applicable to {MDx}, {SHA}-1, {SHA}-2, and {SHA}-3 Narrow-pipe Candidates},
howpublished = {Cryptology {ePrint} Archive, Paper 2010/430},
year = {2010},
url = {https://eprint.iacr.org/2010/430}
}
