2006 | OriginalPaper | Buchkapitel
A Simple Related-Key Attack on the Full SHACAL-1
verfasst von : Eli Biham, Orr Dunkelman, Nathan Keller
Erschienen in: Topics in Cryptology – CT-RSA 2007
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
SHACAL-1 is a 160-bit block cipher with variable key length of up to 512-bit key based on the hash function SHA-1. It was submitted to the NESSIE project and was accepted as a finalist for the 2nd phase of evaluation. Since its introduction, SHACAL-1 withstood extensive cryptanalytic efforts. The best known key recovery attack on the full cipher up to this paper has a time complexity of about 2
420
encryptions.
In this paper we use an observation due to Saarinen to present an elegant related-key attack on SHACAL-1. The attack can be mounted using two to eight unknown related keys, where each additional key reduces the time complexity of retrieving the actual values of the keys by a factor of 2
62
. When all eight related-keys are used, the attack requires 2
101.3
related-key chosen plaintexts and has a running time of 2
101.3
encryptions. This is the first successful related-key key recovery attack on a cipher with varying round constants.