Related-Key Rectangle Attack on the Full SHACAL-1

SHACAL-1 is a 160-bit block cipher with variable key length of up to 512-bit key based on the hash function SHA-1. It was submitted to the NESSIE project and was accepted as a finalist for the 2nd phase of the evaluation. In this paper we devise the first known attack on the full 80-round SHACAL-1 faster than exhaustive key search. The related-key differentials used in the attack are based on transformation of the collision-producing differentials of SHA-1 presented by Wang et al.

[1]  Gray De Bureau of standards. , 1989 .

[2]  Jongsung Kim,et al.  Related-Key Rectangle Attacks on Reduced Versions of SHACAL-1 and AES-192 , 2005, FSE.

[3]  Bruce Schneier,et al.  Improved Cryptanalysis of Rijndael , 2000, FSE.

[4]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[5]  Hui Chen,et al.  Cryptanalysis of the Hash Functions MD4 and RIPEMD , 2005, EUROCRYPT.

[6]  Eli Biham,et al.  Rectangle Attacks on 49-Round SHACAL-1 , 2003, FSE.

[7]  Eli Biham,et al.  A Related-Key Rectangle Attack on the Full KASUMI , 2005, ASIACRYPT.

[8]  Jongsung Kim,et al.  Related-Key Attacks on Reduced Rounds of SHACAL-2 , 2004, INDOCRYPT.

[9]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[10]  Bruce Schneier,et al.  Key-Schedule Cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES , 1996, CRYPTO.

[11]  Eli Biham,et al.  New Results on Boomerang and Rectangle Attacks , 2002, FSE.

[12]  Antoine Joux,et al.  Collisions of SHA-0 and Reduced SHA-1 , 2005, EUROCRYPT.

[13]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[14]  Antoine Joux,et al.  Differential Collisions in SHA-0 , 1998, CRYPTO.

[15]  Bruce Schneier,et al.  Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent , 2000, FSE.

[16]  Eli Biham,et al.  Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials , 1999 .

[17]  Eli Biham,et al.  Related-Key Boomerang and Rectangle Attacks , 2005, EUROCRYPT.

[18]  Eli Biham,et al.  The Rectangle Attack - Rectangling the Serpent , 2001, EUROCRYPT.

[19]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[20]  Eli Biham,et al.  Near-Collisions of SHA-0 , 2004, CRYPTO.

[21]  Xiaoyun Wang,et al.  Efficient Collision Search Attacks on SHA-0 , 2005, CRYPTO.

[22]  Jongsung Kim,et al.  The Related-Key Rectangle Attack - Application to SHACAL-1 , 2004, ACISP.

[23]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[24]  Markku-Juhani O. Saarinen Cryptanalysis of Block Ciphers Based on SHA-1 and MD5 , 2003, FSE.

[25]  Jongsung Kim,et al.  Amplified Boomerang Attack against Reduced-Round SHACAL , 2002, ASIACRYPT.

[26]  Matthew J. B. Robshaw,et al.  Analysis of SHA-1 in Encryption Mode , 2001, CT-RSA.