Section: Partnerships and Cooperations
International Initiatives
Inria Associate Teams Not Involved in an Inria International Labs
CHOCOLAT
-
Title: Chosen-prefix Collision Attack on SHA-1 with ASICs Cluster
-
International Partner (Institution - Laboratory - Researcher):
-
See also: https://team.inria.fr/chocolat/
-
The hash function SHA-1 is one of the most widely used hash functions in the industry, but it has been shown to not be collision-resistant by a team of Chinese researchers led by Prof. Wang in 2005. However, a real pair of colliding messages was only published recently by a team from CWI and Google, because the estimated attack complexity is around SHA-1 computations (this represents about 70000 years of computation on a normal PC).
While this SHA-1 collision clearly demonstrates the weakness of the algorithm, a much more powerful attack would be to find a collision such that the prefix of the colliding messages is chosen by some challenger beforehand. In particular, this would allow creating a rogue certificate authority certificate that would be accepted by browsers. Such an attack has already been deployed for certificates using the MD5 hash function, but MD5 is much weaker than SHA-1 and it has already been removed from most security applications. SHA-1 is still widely used and performing such an attack for certificates using SHA-1 would have a very big impact.
The objective of the project is to design a chosen-prefix collision attack against the SHA-1 hash function, and to implement the attack in practice. We estimate this will require computations.
Inria International Partners
Declared Inria International Partners
-
International Partner (Institution - Laboratory - Researcher):
-
Today's cryptology offers important challenges. Some are well-known: Can we understand existing cryptanalysis techniques well enough to devise criterion for the design of efficient and secure symmetric cryptographic primitives? Can we propose cryptographic protocols which offer provable security features under some reasonable algorithmic assumptions? Some are newer: How could we overcome the possible apparition of a quantum computer with its devastating consequences on public key cryptography as it is used today? Those challenges must be addressed, and some of the answers will involve tools borrowed to discrete mathematics, combinatorics, algebraic coding theory, algorithmic. The guideline of this proposal is to explore further and enrich the already well established connections between those scientific domains and their applications to cryptography and its challenges.
Informal International Partners
-
Nanyang Technological University (Singapore): cryptanalysis of symmetric primitives.
-
Ruhr-Universität Bochum (Germany): design and cryptanalysis of symmetric primitives.
Participation in Other International Programs
Anirudh Krishna, PhD student at Sherbroke University (Canada) spends six months in our team within the MITACS program.