International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Analysis of Step-Reduced SHA-256

Florian Mendel
Norbert Pramstaller
Christian Rechberger
Vincent Rijmen
Search ePrint
Search Google
Abstract: This is the first article analyzing the security of SHA-256 against fast collision search which considers the recent attacks by Wang et al. We show the limits of applying techniques known so far to SHA-256. Next we introduce a new type of perturbation vector which circumvents the identified limits. This new technique is then applied to the unmodified SHA-256. Exploiting the combination of Boolean functions and modular addition together with the newly developed technique allows us to derive collision-producing characteristics for step-reduced SHA-256, which was not possible before. Although our results do not threaten the security of SHA-256, we show that the low probability of a single local collision may give rise to a false sense of security.
  title={Analysis of Step-Reduced SHA-256},
  booktitle={IACR Eprint archive},
  note={Fast Software Encryption (FSE) 2006. pp 126-143 13962 received 23 Mar 2008, last revised 24 Mar 2008},
  author={Florian Mendel and Norbert Pramstaller and Christian Rechberger and Vincent Rijmen},