Recent results with reduced-round SHA-256
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Thu Apr 3 04:02:07 PDT 2008
Analysis of Step-Reduced SHA-256, http://eprint.iacr.org/2008/130
Collisions and other Non-Random Properties for Step-Reduced SHA-256,
http://eprint.iacr.org/2008/131
Attacking Reduced Round SHA-256, http://eprint.iacr.org/2008/142
Very brief summary: Attacks are feasible against just over 1/3 of the 64
rounds (meaning if you reduce SHA-256 to 23 or 24 rounds, it's vulnerable).
That number is slowly creeping upwards.
Peter.
More information about the cypherpunks-legacy
mailing list