Related-key attacks on reduced rounds of SHACAL-2

Jongsung Kim, Guil Kim, Sangjin Lee, Jongin Lim, Junghwan Song

Research output: Contribution to journalArticlepeer-review

22 Citations (Scopus)


SHACAL-2 is a 256-bit block cipher with up to 512 bits of key length based on the hash function SHA-2. It was submitted to the NESSIE project and was recommended as one of the NESSIE selections. In this paper we present two types of related-key attacks called the related-key differential-(non)linear and the related-key rectangle attacks, and we discuss the security of SHACAL-2 against these two types of attacks. Using the related-key differential-nonlinear attack we can break SHACAL-2 with 512-bit keys up to 35 out of its 64 rounds, and using the related-key rectangle attack we can break SHACAL-2 with 512-bit keys up to 37 rounds.

Original languageEnglish
Pages (from-to)175-190
Number of pages16
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Publication statusPublished - 2004

Bibliographical note

Funding Information:
★ This work was supported by the Ministry of Information & Communications, Korea, under the Information Technology Research Center (ITRC) Support Program.

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Related-key attacks on reduced rounds of SHACAL-2'. Together they form a unique fingerprint.

Cite this