A simple and provably good code for SHA Message Expansion
Speaker: Charanjit Jutla , IBM TJ Watson
Date: December 16 2005
Time: 10:30AM to 12:00PM
Location: 32-G449 Patil/Kiva, Stata Ctr
Contact: Be Blackburn, 3-6098, firstname.lastname@example.org
We develop a new computer assisted technique for lower bounding the minimum distance of codes similar to those used in SHA-1 message expansion. Using this technique, we prove that a modified SHA-1 like code has minimum distance at least 80, and that too in just the last 64 of the 80 expanded words. We propose a new compression function which is identical to SHA-1 except for the modified message expansion code.
We also show that if a collision is obtained (as in the Wang et al attack) by putting together local collisions then the disturbance vector must be an xor of a non-zero message expansion codeword and a cipher codeword. We conclude that the modified SHA-1 is resistant to recent differential attacks and their natural extensions. This is joint work with Anindya Patthak, UT Austin.
See other events that are part of Cryptography and Information Security Seminar Seminars 2005/2006
See other events happening in December 2005