[Resource Topic] 2005/391: Some thoughts on Collision Attacks in the Hash Functions MD5, SHA-0 and SHA-1

Welcome to the resource topic for 2005/391

Some thoughts on Collision Attacks in the Hash Functions MD5, SHA-0 and SHA-1

Authors: Praveen Gauravaram, William Millan, Juanma Gonzalez Nieto


The design principle of Merkle-Damgård construction is collision resistance of the compression function implies collision resistance of the hash function. Recently multi-block collisions have been found on the hash functions MD5, SHA-0 and SHA-1 using differential cryptanalysis. These multi-block collisions raise several questions on some definitions and properties used in the hash function literature. In this report, we take a closer look at some of the literature in cryptographic hash functions and give our insights on them. We bring out some important differences between the 1989’s Damgård’s hash function and the hash functions that followed it. We conclude that these hash functions did not consider the pseudo-collision attack in their design criteria. We also doubt whether these hash functions achieve the design principle of Merkle-Damgård’s construction. We formalise some definitions on the properties of hash functions in the literature.

ePrint: https://eprint.iacr.org/2005/391

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .