New Collision Attacks against Up to 24-Step SHA-2

Sanadhya, Somitra Kumar; Sarkar, Palash

doi:10.1007/978-3-540-89754-5_8

Somitra Kumar Sanadhya⁴ &
Palash Sarkar⁴

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5365))

Included in the following conference series:

International Conference on Cryptology in India

1431 Accesses
39 Citations
9 Altmetric

Abstract

In this work, we provide new and improved attacks against 22, 23 and 24-step SHA-2 family using a local collision given by Sanadhya and Sarkar (SS) at ACISP ’08. The success probability of our 22-step attack is 1 for both SHA-256 and SHA-512. The computational efforts for the 23-step and 24-step SHA-256 attacks are respectively 2^11.5 and 2^28.5 calls to the corresponding step reduced SHA-256. The corresponding values for the 23 and 24-step SHA-512 attack are respectively 2^16.5 and 2^32.5 calls. Using a look-up table having 2³² (resp. 2⁶⁴) entries the computational effort for finding 24-step SHA-256 (resp. SHA-512) collisions can be reduced to 2^15.5 (resp. 2^22.5) calls. We exhibit colliding message pairs for 22, 23 and 24-step SHA-256 and SHA-512. This is the first time that a colliding message pair for 24-step SHA-512 is provided. The previous work on 23 and 24-step SHA-2 attacks is due to Indesteege et al. and utilizes the local collision presented by Nikolić and Biryukov (NB) at FSE ’08. The reported computational efforts are 2¹⁸ and 2^28.5 for 23 and 24-step SHA-256 respectively and 2^43.9 and 2⁵³ for 23 and 24-step SHA-512. The previous 23 and 24-step attacks first constructed a pseudo-collision and later converted it into a collision for the reduced round SHA-2 family. We show that this two step procedure is unnecessary. Although these attacks improve upon the existing reduced round SHA-2 attacks, they do not threaten the security of the full SHA-2 family.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Secure Hash Standard. Federal Information Processing Standard Publication 180-2. U.S. Department of Commerce, National Institute of Standards and Technology (NIST) (2002), http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf
Gilbert, H., Handschuh, H.: Security Analysis of SHA-256 and Sisters. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 175–193. Springer, Heidelberg (2004)
Chapter Google Scholar
Indesteege, S., Mendel, F., Preneel, B., Rechberger, C.: Collisions and other Non-Random Properties for Step-Reduced SHA-256. Cryptology eprint Archive (April 2008); Selected Areas in Cryptography (accepted, 2008), http://eprint.iacr.org/2008/131
Mendel, F., Pramstaller, N., Rechberger, C., Rijmen, V.: Analysis of Step-Reduced SHA-256. In: Robshaw, M.J.B. (ed.) FSE 2006. LNCS, vol. 4047, pp. 126–143. Springer, Heidelberg (2006)
Chapter Google Scholar
Mendel, F., Pramstaller, N., Rechberger, C., Rijmen, V.: Analysis of Step-Reduced SHA-256. Cryptology eprint Archive (March 2008), http://eprint.iacr.org/2008/130
Nikolić, I., Biryukov, A.: Collisions for Step-Reduced SHA-256. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 1–16. Springer, Heidelberg (2008)
Chapter Google Scholar
Sanadhya, S.K., Sarkar, P.: New Local Collisions for the SHA-2 Hash Family. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 193–205. Springer, Heidelberg (2007)
Chapter Google Scholar
Sanadhya, S.K., Sarkar, P.: Attacking Reduced Round SHA-256. In: Bellovin, S., Gennaro, R. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 130–143. Springer, Heidelberg (2008)
Chapter Google Scholar
Sanadhya, S.K., Sarkar, P.: Deterministic Constructions of 21-Step Collisions for the SHA-2 Hash Family. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222. Springer, Heidelberg (2008)
Chapter Google Scholar
Sanadhya, S.K., Sarkar, P.: New Collision attacks Against Up To 24-step SHA-2. Cryptology eprint Archive (September 2008), http://eprint.iacr.org/2008/270
Sanadhya, S.K., Sarkar, P.: Non-Linear Reduced Round Attacks Against SHA-2 Hash family. In: Mu, Y., Susilo, W. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 254–266. Springer, Heidelberg (2008)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Indian Statistical Institute, Applied Statistics Unit, 203, B.T. Road, Kolkata, 700108, India
Somitra Kumar Sanadhya & Palash Sarkar

Authors

Somitra Kumar Sanadhya
View author publications
You can also search for this author in PubMed Google Scholar
Palash Sarkar
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Dept. of Computer Science and Engineering, Indian Institute of Technology, 721 302, Kharagpur, India
Dipanwita Roy Chowdhury
K.U. Leuven, ESAT/COSIC Kasteelpark, Arenberg 10, B-3001, Leuven-Heverlee, Belgium
Vincent Rijmen
Department of Computer Science and Engineering, Indian Institute of Technology, 721 302, Kharagpur, India
Abhijit Das

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sanadhya, S.K., Sarkar, P. (2008). New Collision Attacks against Up to 24-Step SHA-2 . In: Chowdhury, D.R., Rijmen, V., Das, A. (eds) Progress in Cryptology - INDOCRYPT 2008. INDOCRYPT 2008. Lecture Notes in Computer Science, vol 5365. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89754-5_8

Download citation

DOI: https://doi.org/10.1007/978-3-540-89754-5_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89753-8
Online ISBN: 978-3-540-89754-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics