Rafi Chen@BIU on Improved Attacks on SHA-1

In this talk we describe some significant improvements to the collision attack of SHA-1:
The first improvement is in the computation of SHA-1 in a collision search: We show that given the intermediate data of SHA-1(M) it is easier to compute SHA-1(M+delta). In the context of a collision search this type of computation is about 3 times faster.
The second improvement is in the selection of the modifications to the message M. We show that instead of computing SHA-1(M+delta) and checking if M+delta conforms to the differential characteristic better than M, it is much easier to compute a predicate that indicate if this computation is worthwhile.
The last improvement is to neutral bits technique. We show that a set of $n$ neutral bits may be divided into two subsets. One of the set is used to generate about 2^{n/4} differences and the second subset is used to generate 2^{n/2} differences. in total we test 2^{3n/4} messages instead of 2^n messages and receive the same results.