The State of Hash Functions and the NIST SHA-3 Competition
Information Security and Cryptology
Cryptography for network security: failures, successes and challenges
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
The first 30 years of cryptographic hash functions and the NIST SHA-3 competition
CT-RSA'10 Proceedings of the 2010 international conference on Topics in Cryptology
Second-Order differential collisions for reduced SHA-256
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Finding SHA-2 characteristics: searching through a minefield of contradictions
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Bicliques for preimages: attacks on skein-512 and the SHA-2 family
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Converting meet-in-the-middle preimage attack into pseudo collision attack: application to SHA-2
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Hi-index | 0.00 |
We study the security of step-reduced but otherwise unmodified SHA-256. We show the first collision attacks on SHA-256 reduced to 23 and 24 steps with complexities 218 and 228.5, respectively. We give example colliding message pairs for 23-step and 24-step SHA-256. The best previous, recently obtained result was a collision attack for up to 22 steps. We extend our attacks to 23 and 24-step reduced SHA-512 with respective complexities of 244.9 and 253.0. Additionally, we show non-random behaviour of the SHA-256 compression function in the form of free-start near-collisions for up to 31 steps, which is 6 more steps than the recently obtained non-random behaviour in the form of a semi-free-start near-collision. Even though this represents a step forwards in terms of cryptanalytic techniques, the results do not threaten the security of applications using SHA-256.