Enhancing the Security Level of SHA-1 by Replacing the MD Paradigm

Cryptographic hash functions are important cryptographic techniques and are used widely in many cryptographic applications and protocols. All the MD4 design based hash functions such as MD5, SHA-0, SHA-1 and RIPEMD-160 are built on Merkle-Damgard iterative method. Recent differential and generic attacks against these popular hash functions have shown weaknesses of both specific hash functions and their underlying Merkle-Damgard construction. In this paper we propose a hash function which follows design principle of SHA-1 and is based on dither construction. Its compression function takes three inputs and generates a single output of 160-bit length. An extra input to a compression function is generated through a fast pseudo-random function. Dither construction shows strong resistance against major generic and other cryptanalytic attacks. The security of proposed hash function against generic attacks, differential attack, birthday attack and statistical attack was analyzed in detail. It is exhaustedly compared with SHA-1 because hash functions from SHA-2 and SHA-3 are of higher bit length and known to be more secure than SHA-1. It is shown that the proposed hash function has high sensitivity to an input message and is secure against different cryptanalytic attacks.

[1]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[2]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[3]  Antoon Bosselaers,et al.  Collisions for the Compressin Function of MD5 , 1994, EUROCRYPT.

[4]  Xiaoyun Wang,et al.  Efficient Collision Search Attacks on SHA-0 , 2005, CRYPTO.

[5]  Eli Biham,et al.  Near-Collisions of SHA-0 , 2004, CRYPTO.

[6]  Antoine Joux,et al.  Multicollisions in Iterated Hash Functions. Application to Cascaded Constructions , 2004, CRYPTO.

[7]  Antoine Joux,et al.  Differential Collisions in SHA-0 , 1998, CRYPTO.

[8]  Antoon Bosselaers,et al.  Collisions for the Compressin Function of MD5 , 1994, EUROCRYPT.

[9]  John Kelsey,et al.  Herding Hash Functions and the Nostradamus Attack , 2006, EUROCRYPT.

[10]  Ralph C. Merkle,et al.  One Way Hash Functions and DES , 1989, CRYPTO.

[11]  Vincent Rijmen,et al.  Update on SHA-1 , 2005, CT-RSA.

[12]  Hans Dobbertin,et al.  Cryptanalysis of MD4 , 1996, Journal of Cryptology.

[13]  Dengguo Feng,et al.  Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , 2004, IACR Cryptol. ePrint Arch..

[14]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[15]  Ronald L. Rivest,et al.  Abelian square-free dithering for iterated hash functions , 2005 .

[16]  Andrew W. Appel,et al.  Formal aspects of mobile code security , 1999 .

[17]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[18]  Young-Koo Lee,et al.  Modified SHA-1 hash function (mSHA-1) , 2009 .

[19]  Quynh H. Dang,et al.  Secure Hash Standard | NIST , 2015 .

[20]  Bruce Schneier,et al.  Second Preimages on n-bit Hash Functions for Much Less than 2n Work , 2005, IACR Cryptol. ePrint Arch..

[21]  Antoine Joux,et al.  Collisions of SHA-0 and Reduced SHA-1 , 2005, EUROCRYPT.

[22]  Kwok-Wo Wong,et al.  A combined chaotic cryptographic and hashing scheme , 2003 .

[23]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[24]  Antoon Bosselaers,et al.  An Attack on the Last Two Rounds of MD4 , 1991, CRYPTO.

[25]  Bart Preneel,et al.  RIPEMD-160: A Strengthened Version of RIPEMD , 1996, FSE.

[26]  Ivan Damgård,et al.  A Design Principle for Hash Functions , 1989, CRYPTO.

[27]  Bart Preneel,et al.  The NIST SHA-3 Competition: A Perspective on the Final Year , 2011, AFRICACRYPT.