Difference between revisions of "SHA-256/224"
From The ECRYPT Hash Function Website
Npramstaller (talk | contribs) (→Collision Attacks) |
(→Collision Attacks) |
||
| Line 19: | Line 19: | ||
=== Collision Attacks === | === Collision Attacks === | ||
| + | <bibtex> | ||
| + | @inproceedings{fseMendelPRR06, | ||
| + | author = {Florian Mendel and Norbert Pramstaller and Christian Rechberger and Vincent Rijmen}, | ||
| + | title = {Analysis of Step-Reduced SHA-256}, | ||
| + | pages = {126-143}, | ||
| + | url = {http://dx.doi.org/10.1007/11799313_9}, | ||
| + | booktitle = {FSE}, | ||
| + | publisher = {Springer}, | ||
| + | series = {LNCS}, | ||
| + | volume = {4047}, | ||
| + | year = {2006}, | ||
| + | isbn = {3-540-36597-4}, | ||
| + | abstract = {This is the first article analyzing the security of | ||
| + | SHA-256 against fast collision search which considers the recent | ||
| + | attacks by Wang et al. We show the limits of applying techniques known | ||
| + | so far to SHA-256. Next we introduce a new type of perturbation vector | ||
| + | which circumvents the identified limits. This new technique is then | ||
| + | applied to the unmodified SHA-256. Exploiting the combination of Boolean | ||
| + | functions and modular addition together with the newly developed technique | ||
| + | allows us to derive collision-producing characteristics for step-reduced | ||
| + | SHA-256, which was not possible before. Although our results do not threaten | ||
| + | the security of SHA-256, we show that the low probability of a single | ||
| + | local collision may give rise to a false sense of security.}, | ||
| + | } | ||
| + | </bibtex> | ||
<bibtex> | <bibtex> | ||
Revision as of 10:17, 11 March 2008
Contents
1 Specification
- digest size: 256 bits
- max. message length: < 264 bits
- compression function: 512-bit message block, 256-bit chaining variable
- Specification: FIPS 180-2 Secure Hash Standard
2 Cryptanalysis
2.1 Best Known Results
2.2 Generic Attacks
2.3 Collision Attacks
Florian Mendel, Norbert Pramstaller, Christian Rechberger, Vincent Rijmen - Analysis of Step-Reduced SHA-256
- FSE 4047:126-143,2006
- http://dx.doi.org/10.1007/11799313_9
BibtexAuthor : Florian Mendel, Norbert Pramstaller, Christian Rechberger, Vincent Rijmen
Title : Analysis of Step-Reduced SHA-256
In : FSE -
Address :
Date : 2006
Hirotaka Yoshida, Alex Biryukov - Analysis of a SHA-256 Variant
- Selected Areas in Cryptography 3897:245-260,2005
- http://dx.doi.org/10.1007/11693383_17
BibtexAuthor : Hirotaka Yoshida, Alex Biryukov
Title : Analysis of a SHA-256 Variant
In : Selected Areas in Cryptography -
Address :
Date : 2005
Henri Gilbert, Helena Handschuh - Security Analysis of SHA-256 and Sisters
- Selected Areas in Cryptography 3006:175-193,2003
- http://springerlink.metapress.com/openurl.asp?genre=article{\&}issn=0302-9743{\&}volume=3006{\&}spage=175
BibtexAuthor : Henri Gilbert, Helena Handschuh
Title : Security Analysis of SHA-256 and Sisters
In : Selected Areas in Cryptography -
Address :
Date : 2003
