Related-Key Rectangle Attack on 42-Round SHACAL-2

  • Jiqiang Lu
  • Jongsung Kim
  • Nathan Keller
  • Orr Dunkelman
Conference paper

DOI: 10.1007/11836810_7

Part of the Lecture Notes in Computer Science book series (LNCS, volume 4176)
Cite this paper as:
Lu J., Kim J., Keller N., Dunkelman O. (2006) Related-Key Rectangle Attack on 42-Round SHACAL-2. In: Katsikas S.K., López J., Backes M., Gritzalis S., Preneel B. (eds) Information Security. ISC 2006. Lecture Notes in Computer Science, vol 4176. Springer, Berlin, Heidelberg


Based on the compression function of the hash function standard SHA-256, SHACAL-2 is a 64-round block cipher with a 256-bit block size and a variable length key of up to 512 bits. In this paper, we present a related-key rectangle attack on 42-round SHACAL-2, which requires 2243.38 related-key chosen plaintexts and has a running time of 2488.37. This is the best currently known attack on SHACAL-2.


Block cipher SHACAL-2 Differential cryptanalysis Related-key rectangle attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Jiqiang Lu
    • 1
  • Jongsung Kim
    • 2
    • 3
  • Nathan Keller
    • 4
  • Orr Dunkelman
    • 5
  1. 1.Information Security Group, Royal HollowayUniversity of LondonEgham, SurreyUK
  2. 2.ESAT/SCD-COSIC, Katholieke Universiteit LeuvenLeuven-HeverleeBelgium
  3. 3.Center for Information Security Technologies(CIST)Korea UniversitySungbuk Gu, SeoulKorea
  4. 4.Einstein Institute of MathematicsHebrew UniversityJerusalemIsrael
  5. 5.Computer Science DepartmentTechnionHaifaIsrael

Personalised recommendations