sha1cd

A Go implementation of SHA1 with counter-cryptanalysis, which detects collision attacks.

The cgo/lib code is a carbon copy of the original code, based on the award winning white paper by Marc Stevens.

The Go implementation is largely based off Go's generic sha1. At present no SIMD optimisations have been implemented.

Usage

sha1cd can be used as a drop-in replacement for crypto/sha1:

import "github.com/pjbgf/sha1cd"

func test(){
	data := []byte("data to be sha1 hashed")
	h := sha1cd.Sum(data)
	fmt.Printf("hash: %q\n", hex.EncodeToString(h))
}

To obtain information as to whether a collision was found, use the func CollisionResistantSum.

import "github.com/pjbgf/sha1cd"

func test(){
	data := []byte("data to be sha1 hashed")
	h, col  := sha1cd.CollisionResistantSum(data)
	if col {
		fmt.Println("collision found!")
	}
	fmt.Printf("hash: %q", hex.EncodeToString(h))
}

Note that the algorithm will automatically avoid collision, by extending the SHA1 to 240-steps, instead of 80 when a collision attempt is detected. Therefore, inputs that contains the unavoidable bit conditions will yield a different hash from sha1cd, when compared with results using crypto/sha1. Valid inputs will have matching the outputs.

References

• https://shattered.io/
• https://github.com/cr-marcstevens/sha1collisiondetection
• https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/Secure-Hashing#shavs

Use of the Original Implementation

• https://github.com/git/git/commit/28dc98e343ca4eb370a29ceec4c19beac9b5c01e
• libgit2/libgit2#4136