[Resource Topic] 2007/474: Notes on the Wang et al. $2^{63}$ SHA-1 Differential Path

Welcome to the resource topic for 2007/474

Notes on the Wang et al. 2^{63} SHA-1 Differential Path

Authors: Martin Cochran


Although advances in SHA-1 cryptanalysis have been made since the 2005 announcement of a 2^{63} attack by Wang et al., the details of the attack have not yet been vetted; this note does just that. Working from Adi Shamir’s 2005 CRYPTO rump session presentation of Wang et al.'s work, this note corroborates and presents the differential path and associated conditions for the two-block attack. Although the error analysis for the advanced condition correction technique is not verified, a method is given which yields a two-block collision attack on SHA-1 requiring an estimated 2^{62} SHA-1 computations if the original error analysis by Wang et al. is correct.

ePrint: https://eprint.iacr.org/2007/474

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .