International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

New Collision attacks Against Up To 24-step SHA-2

Authors:
Somitra Kumar Sanadhya
Palash Sarkar
Download:
URL: http://eprint.iacr.org/2008/270
Search ePrint
Search Google
Abstract: In this work, we provide new and improved attacks against 22, 23 and 24-step SHA-2 family using a local collision given by Sanadhya and Sarkar (SS) at ACISP '08. The success probability of our 22-step attack is 1 for both SHA-256 and SHA-512. The computational efforts for the 23-step and 24-step SHA-256 attacks are respectively $2^{11.5}$ and $2^{28.5}$ calls to the corresponding step reduced SHA-256. The corresponding values for the 23 and 24-step SHA-512 attack are respectively $2^{16.5}$ and $2^{32.5}$ calls. Using a look-up table having $2^{32}$ (resp. $2^{64}$) entries the computational effort for finding 24-step SHA-256 (resp. SHA-512) collisions can be reduced to $2^{15.5}$ (resp. $2^{22.5}$) calls. We exhibit colliding message pairs for 22, 23 and 24-step SHA-256 and SHA-512. This is the \emph{first} time that a colliding message pair for 24-step SHA-512 is provided. The previous work on 23 and 24-step SHA-2 attacks is due to Indesteege et al. and utilizes the local collision presented by Nikoli\'{c} and Biryukov NB) at FSE '08. The reported computational efforts are $2^{18}$ and $2^{28.5}$ for 23 and 24-step SHA-256 respectively and $2^{43.9}$ and $2^{53}$ for 23 and 24-step SHA-512. The previous 23 and 24-step attacks first constructed a pseudo-collision and later converted it into a collision for the reduced round SHA-2 family. We show that this two step procedure is unnecessary. Although these attacks improve upon the existing reduced round SHA-2 attacks, they do not threaten the security of the full SHA-2 family.
BibTeX
@misc{eprint-2008-18172,
  title={New Collision attacks Against Up To 24-step SHA-2},
  booktitle={IACR Eprint archive},
  keywords={Cryptanalysis, SHA-2 hash family, reduced round attacks.},
  url={http://eprint.iacr.org/2008/270},
  note={This is the extended version of a paper which will appear in Indocrypt 2008. somitra_r@isical.ac.in 14144 received 12 Jun 2008, last revised 22 Sep 2008},
  author={Somitra Kumar Sanadhya and Palash Sarkar},
  year=2008
}