Chapter

Progress in Cryptology - INDOCRYPT 2004

Volume 3348 of the series Lecture Notes in Computer Science pp 175-190

Related-Key Attacks on Reduced Rounds of SHACAL-2

  • Jongsung KimAffiliated withLancaster UniversityCenter for Information Security Technologies(CIST), Korea University
  • , Guil KimAffiliated withLancaster UniversityCenter for Information Security Technologies(CIST), Korea University
  • , Sangjin LeeAffiliated withLancaster UniversityCenter for Information Security Technologies(CIST), Korea University
  • , Jongin LimAffiliated withLancaster UniversityCenter for Information Security Technologies(CIST), Korea University
  • , Junghwan SongAffiliated withLancaster UniversityDepartment of Mathematics, Hanyang University

* Final gross prices may vary according to local VAT.

Get Access

Abstract

SHACAL-2 is a 256-bit block cipher with up to 512 bits of key length based on the hash function SHA-2. It was submitted to the NESSIE project and was recommended as one of the NESSIE selections. In this paper we present two types of related-key attacks called the related-key differential-(non)linear and the related-key rectangle attacks, and we discuss the security of SHACAL-2 against these two types of attacks. Using the related-key differential-nonlinear attack we can break SHACAL-2 with 512-bit keys up to 35 out of its 64 rounds, and using the related-key rectangle attack we can break SHACAL-2 with 512-bit keys up to 37 rounds.