论文信息 - Rectangle Attacks on 49-Round SHACAL-1

Rectangle Attacks on 49-Round SHACAL-1

SHACAL-1 is a 160-bit block cipher with variable key length of up to 512-bit key based on the hash function SHA-1. It was submitted to the NESSIE project and was accepted as a finalist for the 2nd phase of the evaluation. In this paper we present rectangle attacks on 49 rounds out of the 80 rounds of SHACAL-1. The attacks require 2 151.9 chosen plaintexts or ciphertexts and have time complexity of 2 508.5 49-round SHACAL-1 encryptions. These are the best known attacks against SHACAL-1. In this paper we also identify and fix some flaws in previous attacks on SHACAL-1.

Eli Biham | Orr Dunkelman | Nathan Keller

[1] Markku-Juhani O. Saarinen. Cryptanalysis of Block Ciphers Based on SHA-1 and MD5 , 2003, FSE.

[2] Antoine Joux,et al. Differential Collisions in SHA-0 , 1998, CRYPTO.

[3] Eli Biham,et al. New Results on Boomerang and Rectangle Attack , 2002, IACR Cryptol. ePrint Arch..

[4] Eli Biham,et al. NESSIE D21 - Performance of Optimized Implementations of the NESSIE Primitives , 2003 .

[5] Eli Biham,et al. The Rectangle Attack - Rectangling the Serpent , 2001, EUROCRYPT.

[6] David A. Wagner,et al. The Boomerang Attack , 1999, FSE.

[7] Bruce Schneier,et al. Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent , 2000, FSE.

[8] Matthew J. B. Robshaw,et al. Analysis of SHA-1 in Encryption Mode , 2001, CT-RSA.

[9] Eli Biham,et al. New Results on Boomerang and Rectangle Attacks , 2002, FSE.

[10] Eli Biham,et al. Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[11] Jongsung Kim,et al. Amplified Boomerang Attack against Reduced-Round SHACAL , 2002, ASIACRYPT.