Finding SHA-2 Characteristics: Searching Through a Minefield of Contradictions

Florian Mendel, Tomislav Nad, Martin Schläffer

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

In this paper, we analyze the collision resistance of SHA-2 and provide the first results since the beginning of the NIST SHA-3 competition. We extend the previously best known semi-free-start collisions on SHA-256 from 24 to 32 (out of 64) steps and show a collision attack for 27 steps. All our attacks are practical and verified by colliding message pairs. We present the first automated tool for finding complex differential characteristics in SHA-2 and show that the techniques on SHA-1 cannot directly be applied to SHA-2. Due to the more complex structure of SHA-2 several new problems arise. Most importantly, a large amount of contradicting conditions occur which render most differential characteristics impossible. We show how to overcome these difficulties by including the search for conforming message pairs in the search for differential characteristics.
Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2011
EditorsDong Hoon Lee, Xiaoyun Wang
Place of PublicationBerlin; Heidelberg
PublisherSpringer
Pages288-307
ISBN (Print)978-3-642-25384-3
DOIs
Publication statusPublished - 2011
Event17th International Conference on the Theory and Application of Cryptology and Information Security: ASIACRYPT 2011 - Seoul, Korea, Republic of
Duration: 4 Dec 20118 Dec 2011

Publication series

NameLecture Notes in Computer Science
PublisherSpringer
Volume7073

Conference

Conference17th International Conference on the Theory and Application of Cryptology and Information Security
Abbreviated titleASIACRYPT 2011
Country/TerritoryKorea, Republic of
CitySeoul
Period4/12/118/12/11

Fields of Expertise

  • Information, Communication & Computing

Fingerprint

Dive into the research topics of 'Finding SHA-2 Characteristics: Searching Through a Minefield of Contradictions'. Together they form a unique fingerprint.
  • FWF - kryptographische Hashfu - Cryptanalysis of modern cryptographic hash functions II

    Nad, T. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Schläffer, M. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)) & Rijmen, V. (Principal Investigator (PI))

    1/02/1031/01/13

    Project: Research project

  • EU - ECRYPT II - European network of excellence in cryptology - Phase II

    Schmidt, J.-M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Kirschbaum, M. (Co-Investigator (CoI)), Feldhofer, M. (Co-Investigator (CoI)), Schläffer, M. (Co-Investigator (CoI)), Aigner, M. J. (Co-Investigator (CoI)), Rechberger, C. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Tillich, S. (Co-Investigator (CoI)), Medwed, M. (Co-Investigator (CoI)), Hutter, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)) & Posch, R. (Principal Investigator (PI))

    1/08/0831/01/13

    Project: Research project

  • Cryptography

    Schläffer, M. (Co-Investigator (CoI)), Oswald, M. E. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Dobraunig, C. E. (Co-Investigator (CoI)), Mendel, F. (Co-Investigator (CoI)), Eichlseder, M. (Co-Investigator (CoI)), Nad, T. (Co-Investigator (CoI)), Posch, R. (Co-Investigator (CoI)), Lamberger, M. (Co-Investigator (CoI)), Rijmen, V. (Co-Investigator (CoI)) & Rechberger, C. (Co-Investigator (CoI))

    1/01/9531/01/19

    Project: Research area

Cite this