## CryptoDB

### Sebastiaan Indesteege

#### Publications

Year
Venue
Title
2011
JOFC
2009
FSE
2008
EUROCRYPT
2008
EPRINT
We study the security of step-reduced but otherwise unmodified SHA-256. We show the first collision attacks on SHA-256 reduced to 23 and 24 steps with complexities $2^{18}$ and $2^{28.5}$, respectively. We give example colliding message pairs for 23-step and 24-step SHA-256. The best previous, recently obtained result was a collision attack for up to 22 steps. We extend our attacks to 23 and 24-step reduced SHA-512 with respective complexities of $2^{44.9}$ and $2^{53.0}$. Additionally, we show non-random behaviour of the SHA-256 compression function in the form of free-start near-collisions for up to 31 steps, which is 6 more steps than the recently obtained non-random behaviour in the form of a free-start near-collision. Even though this represents a step forwards in terms of cryptanalytic techniques, the results do not threaten the security of applications using SHA-256.

#### Coauthors

Eli Biham (1)
Orr Dunkelman (1)
Nathan Keller (1)
Florian Mendel (1)
Bart Preneel (4)
Christian Rechberger (1)