Internet Archive Scholar

Second-Order Differential Collisions for Reduced SHA-256 [chapter]

Alex Biryukov, Mario Lamberger, Florian Mendel, Ivica Nikolić
<span title="">2011</span> <i title="Springer Berlin Heidelberg"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/2w3awgokqne6te4nvlofavy5a4" style="color: black;">Lecture Notes in Computer Science</a> </i> &nbsp;

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (420.0 kB)
https://web.archive.org/web/20170809163312/https://www.esat.kuleuven.be/cosic/publications/article-2105.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit <a rel="external noopener" href="https://www.esat.kuleuven.be/cosic/publications/article-2105.pdf">the original URL</a>. The file type is <code>application/pdf</code>.

In this work, we introduce a new non-random property for hash/compression functions using the theory of higher order differentials. Based on this, we show a second-order differential collision for the compression function of SHA-256 reduced to 47 out of 64 steps with practical complexity. We have implemented the attack and provide an example. Our results suggest that the security margin of SHA-256 is much lower than the security margin of most of the SHA-3 finalists in this setting. The
more &raquo; ... es employed in this attack are based on a rectangle/boomerang approach and cover advanced search algorithms for good characteristics and message modification techniques. Our analysis also exposes flaws in all of the previously published related-key rectangle attacks on the SHACAL-2 block cipher, which is based on SHA-256. We provide valid rectangles for 48 steps of SHACAL-2.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-642-25385-0_15">doi:10.1007/978-3-642-25385-0_15</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/p4det7oor5h5rntocdrstjvmjy">fatcat:p4det7oor5h5rntocdrstjvmjy</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170809163312/https://www.esat.kuleuven.be/cosic/publications/article-2105.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/52/14/521456055af62ee4d6406b1e70ed6b171e2a2924.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-642-25385-0_15"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> springer.com </button> </a>
Citation

Alex Biryukov, Mario Lamberger, Florian Mendel, Ivica Nikolić. "Second-Order Differential Collisions for Reduced SHA-256." Lecture Notes in Computer Science (2011) 270-287