Welcome to the resource topic for 2005/266
Title:
A Matching Lower Bound on the Minimum Weight of SHA-1 Expansion Code
Authors: Charanjit S. Jutla, Anindya C. Patthak
Abstract:Recently, Wang, Yin, and Yu have used a low weight codeword in the SHA-1 message expansion
to show a better than brute force method to find collisions in SHA-1. The codeword they used
has a (bit) weight of 25 in the last 60 of the 80 expanded words. In this paper we show, using
a computer assisted method, that this is indeed the smallest weight codeword. In particular,
we show that the minimum weight over GF2 of any non-zero codeword
in the SHA-1 (linear) message expansion code, projected on the last 60 words, is at least 25.
ePrint: https://eprint.iacr.org/2005/266
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .