Difference between revisions of "SHA-256/224"
From The ECRYPT Hash Function Website
Npramstaller (talk | contribs) (→Collision Attacks) |
Npramstaller (talk | contribs) (→Collision Attacks) |
||
| Line 21: | Line 21: | ||
</bibtex> | </bibtex> | ||
| + | @inproceedings{sacryptYoshidaB05, | ||
| + | author = {Hirotaka Yoshida and Alex Biryukov}, | ||
| + | title = {Analysis of a SHA-256 Variant}, | ||
| + | booktitle = {Selected Areas in Cryptography}, | ||
| + | year = {2005}, | ||
| + | pages = {245-260}, | ||
| + | url = {http://dx.doi.org/10.1007/11693383_17}, | ||
| + | editor = {Bart Preneel and Stafford E. Tavares}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {3897}, | ||
| + | isbn = {3-540-33108-5}, | ||
| + | abstract = {SHA-256 is a cryptographic hash function which was proposed in 2000 as a new generation of SHA functions and was adopted as FIPS standard in 2002. In this paper we will consider a SHA-256 variant and a SHACAL-2 variant in which every arithmetic addition is replaced by XOR operation. We call the SHA-256 variant SHA-2-XOR and the SHACAL-2 variant SHACAL-2-XOR respectively. We will present a differential attack on these constructions by using one-round iterative differential characteristics with probability 2^{-8} we identified. Our result shows that SHACAL-2-XOR with up to 31 rounds out of 64 has a weakness of randomness and that SHA-2-XOR with up to 34 rounds has a weakness of pseudo-collision resistance. Using the 31-round distinguisher, we present an attack on SHACAL-2-XOR with up to 32 rounds. We also show that no 2-round iterative patterns with probability higher than 2^{-16} exist.}, | ||
| + | } | ||
| + | </bibtex> | ||
| + | |||
| + | <bibtex> | ||
@inproceedings{sacryptYoshidaB05, | @inproceedings{sacryptYoshidaB05, | ||
author = {Hirotaka Yoshida and Alex Biryukov}, | author = {Hirotaka Yoshida and Alex Biryukov}, | ||
Revision as of 07:59, 11 March 2008
Contents
1 Specification
- digest size: 256 bits
- max. message length: < 264 bits
- compression function: 512-bit message block, 256-bit chaining variable
- Specification: FIPS 180-2 Secure Hash Standard
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
2.3 Collision Attacks
</bibtex> @inproceedings{sacryptYoshidaB05,
author = {Hirotaka Yoshida and Alex Biryukov},
title = {Analysis of a SHA-256 Variant},
booktitle = {Selected Areas in Cryptography},
year = {2005},
pages = {245-260},
url = {http://dx.doi.org/10.1007/11693383_17},
editor = {Bart Preneel and Stafford E. Tavares},
publisher = {Springer},
series = {LNCS},
volume = {3897},
isbn = {3-540-33108-5},
abstract = {SHA-256 is a cryptographic hash function which was proposed in 2000 as a new generation of SHA functions and was adopted as FIPS standard in 2002. In this paper we will consider a SHA-256 variant and a SHACAL-2 variant in which every arithmetic addition is replaced by XOR operation. We call the SHA-256 variant SHA-2-XOR and the SHACAL-2 variant SHACAL-2-XOR respectively. We will present a differential attack on these constructions by using one-round iterative differential characteristics with probability 2^{-8} we identified. Our result shows that SHACAL-2-XOR with up to 31 rounds out of 64 has a weakness of randomness and that SHA-2-XOR with up to 34 rounds has a weakness of pseudo-collision resistance. Using the 31-round distinguisher, we present an attack on SHACAL-2-XOR with up to 32 rounds. We also show that no 2-round iterative patterns with probability higher than 2^{-16} exist.},
} </bibtex>
Hirotaka Yoshida, Alex Biryukov - Analysis of a SHA-256 Variant
- Selected Areas in Cryptography 3897:245-260,2005
- http://dx.doi.org/10.1007/11693383_17
BibtexAuthor : Hirotaka Yoshida, Alex Biryukov
Title : Analysis of a SHA-256 Variant
In : Selected Areas in Cryptography -
Address :
Date : 2005
Henri Gilbert, Helena Handschuh - Security Analysis of SHA-256 and Sisters
- Selected Areas in Cryptography 3006:175-193,2003
- http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{\&}volume=3006{\&}spage=175
BibtexAuthor : Henri Gilbert, Helena Handschuh
Title : Security Analysis of SHA-256 and Sisters
In : Selected Areas in Cryptography -
Address :
Date : 2003
