On differential patterns for attacks on SHA-1 (Joint work with Josef Pieprzyk)
Krystian Matusiewicz
Macquarie University
In 1998 Chabaud and Joux presented differential attack on SHA-0. This
year the improved version of the attack yielded collisions for SHA-0.
The same principle of differential attack can be applied to SHA-1, however
the main problem is finding differentials good enough to make the attack
effective. In this talk we present a method of finding differential
patterns suitable for attacks on variants of SHA-1 of different lengths.
We investigate properties of the message expansion algorithm of SHA-1
and show that the problem of finding optimal differential pattern is
equivalent to the problem of finding minimum-weight codeword in
a particular linear code.
Finally, we present results of our search for minimal weight patterns
and discuss some bounds on these weights.