Recent results with reduced-round SHA-256

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Apr 3 04:02:07 PDT 2008


Analysis of Step-Reduced SHA-256, http://eprint.iacr.org/2008/130
Collisions and other Non-Random Properties for Step-Reduced SHA-256,
  http://eprint.iacr.org/2008/131
Attacking Reduced Round SHA-256, http://eprint.iacr.org/2008/142

Very brief summary: Attacks are feasible against just over 1/3 of the 64
rounds (meaning if you reduce SHA-256 to 23 or 24 rounds, it's vulnerable).
That number is slowly creeping upwards.

Peter.





More information about the cypherpunks-legacy mailing list