[2905] in cryptography@c2.net mail archive
Re: SHA and SHA-1 algorithms
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Jul 6 14:07:03 1998
To: cryptography@c2.net
Date: Mon, 06 Jul 1998 13:56:32 -0400
From: "Perry E. Metzger" <perry@piermont.com>
--Multipart_Mon_Jul__6_13:56:29_1998-1
Content-Type: text/plain; charset=US-ASCII
Forwarded from Coderpunks.
--Multipart_Mon_Jul__6_13:56:29_1998-1
Content-Type: message/rfc822
Date: 6 Jul 1998 17:40:06 -0000
Message-ID: <19980706174006.20491.qmail@nym.alias.net>
To: coderpunks@toad.com
From: lcs Mixmaster Remailer <mix@anon.lcs.mit.edu>
Subject: Re: SHA and SHA-1 algorithms
> >The difference is that the left rotate (called a circular left shift in
> >FIPS 180-1, http://csrc.nist.gov/fips/fip180-1.txt), has been added to
> >the round function. There was no reason given for this change at the
> >time, but one assumes it is because the NSA found an attack on it,
>
> I've heard that the attack has been rediscovered and will be made public at
> Crypto'98 in August (it's something called "differential collisions" --
> note that the left rotate destroys bit alignment in the input while SHA-0
> kept it; maybe that's the basis for the new attack).
ftp://ftp.ens.fr/pub/dmi/users/chabaud/sha.ps is a pre-release of the
paper for Crypto 98.
--Multipart_Mon_Jul__6_13:56:29_1998-1--
