CryptoDB
Xiangyu Kong
Publications and invited talks
    Year
  
  
    Venue
  
  
    Title
  
    2025
  
  
    CRYPTO
  
  
    New Collision Attacks on Round-Reduced SHA-512
            
      Abstract    
    
Although a memory-efficient practical collision attack has been recently proposed for 31-step \shas at ASIACRYPT 2024, the best practical collision attack on \shass still only reaches 28 steps, and the best theoretic collision attack on 31-step \shass has the time complexity of $2^{97.3}$. This is mainly due to the large state of \shass compared with \shas, despite their structural similarity. To enhance the collision attacks on \shass, we propose a new local collision by injecting difference at the message words $(W_9, W_{10}, W_{14}, W_{17}, W_{19})$, allowing us to achieve the first practical collision attack on 29 steps of \shass. Moreover, to improve the collision attack on 31-step \shass, we improve Liu et al.'s method to model the signed difference transition through Boolean functions, by introducing a novel model to capture the 2-bit conditions, which frequently occur in \shass characteristics. In this way, we can further improve the 31-step \shass characteristic and reduce the time complexity of the collision attack on 31-step \shass from $2^{97.3}$ to $2^{85.5}$.
  Coauthors
- Keting Jia (1)
- Xiangyu Kong (1)
- Yingxin Li (1)
- Fukang Liu (1)
- Haifeng Qian (1)
- Gaoli Wang (1)
