Cryptography Reference
In-Depth Information
Ta b l e 8 . 5
Truth Table of the Logical Functions Employed by SHA-1
XYZ
Ch
=
f
0
...
19
Parity
=
f
20
...
39
Maj
=
f
40
...
59
Parity
=
f
60
...
79
000
0
0
0
0
001
1
1
0
1
010
0
1
0
1
011
1
0
1
0
100
0
1
0
1
101
0
0
1
0
110
1
0
1
0
111
1
1
1
1
•
Second, SHA-1 appears not to be vulnerable to the attacks against MD4 and
MD5. However, little is publicly known about the design criteria for SHA-1,
so its strength is somehow difficult to evaluate.
On the other hand, SHA-1 involves more steps (80 as compared to 64) and
must process a 160-bit register compared to the 128-bit register of MD4 and MD5.
Consequently, SHA-1 executes a little bit more slowly.
8.4
FINAL REMARKS
In this chapter, we elaborated on cryptographic hash functions. Most of these
functions that are practically relevant (e.g., MD5 and SHA-1) follow the Merkle-
Damgard construction. This also applies to some more recent alternatives, such as
Whirlpool.
17
The fact that cryptographic hash function follows the Merkle-Damgard
construction basically means that a collision resistant compression function is iter-
ated multiple times (one iteration for each block of the message). Each iteration
can only start if the preceding iteration has finished. This suggests that the resulting
cryptographic hash function may become a performance bottleneck. For example,
Joe Touch showed that the currently achievable hash rates of MD5 are insufficient
to keep up with high-speed networks [17]. The problem is the iterative nature of
MD5 and its block chaining structure, which prevent parallelism. As also shown in
[17], it is possible to modify the MD5 algorithm to accommodate a slightly higher
throughput. Alternatively, it is possible to design and come up with cryptographic
hash functions that are inherently more qualified to provide support for parallelism.
Although most cryptographic hash functions in use today follow the Merkle-
Damgard construction, the design of the underlying compression functions still
17
http://planeta.terra.com.br/informatica/paulobarreto/WhirlpoolPage.html
