SHACAL

This article is about the cipher. For the animal, see Jackal. For other uses, see Jackal (disambiguation).

SHACAL
General

Designers	Helena Handschuh, David Naccache
Derived from	SHA-1, SHA-256
Related to	Crab
Certification	NESSIE (SHACAL-2)
Cipher detail
Key sizes	128 to 512 bits
Block sizes	160 bits (SHACAL-1), 256 bits (SHACAL-2)
Structure	Cryptographic hash function
Rounds	80

SHACAL-1 (originally simply SHACAL) is a 160-bit block cipher based on SHA-1, and supports keys from 128-bit to 512-bit. SHACAL-2 is a 256-bit block cipher based upon the larger hash function SHA-256.

Both SHACAL-1 and SHACAL-2 were selected for the second phase of the NESSIE project. However, in 2003, SHACAL-1 was not recommended for the NESSIE portfolio because of concerns about its key schedule, while SHACAL-2 was finally selected as one of the 17 NESSIE finalists.

Design

SHACAL-1 is based on the following observation of SHA-1:

The hash function SHA-1 is designed around a compression function. This function takes as input a 160-bit state and a 512-bit data word and outputs a new 160-bit state after 80 rounds. The hash function works by repeatedly calling this compression function with successive 512-bit data blocks and each time updating the state accordingly. This compression function is easily invertible if the data block is known, i.e. given the data block on which it acted and the output of the compression function, one can compute that state that went in.

SHACAL-1 turns the SHA-1 compression function into a block cipher by using the state input as the data block and using the data input as the key input. In other words, SHACAL-1 views the SHA-1 compression function as an 80-round, 160-bit block cipher with a 512-bit key. Keys shorter than 512 bits are supported by padding them with zero up to 512. SHACAL-1 is not intended to be used with keys shorter than 128-bit.

Security of SHACAL-1

In the paper "Related-key rectangle attack on the full SHACAL-1", 2006, Orr Dunkelman, Nathan Keller and Jongsung Kim presented a related-key rectangle attack on the full 80 rounds of SHACAL-1.

In the paper "Differential and Rectangle Attacks on Reduced-Round SHACAL-1", Jiqiang Lu, Jongsung Kim, Nathan Keller and Orr Dunkelman presented rectangle attacks on the first 51 rounds and a series of 52 inner rounds of SHACAL-1 and presented differential attacks on the first 49 rounds and a series of 55 inner rounds of SHACAL-1. These are the best currently known cryptanalytic results on SHACAL-1 in a single key attack scenario.

Security of SHACAL-2

In the paper "Related-Key Rectangle Attack on 42-Round SHACAL-2", Jiqiang Lu, Jongsung Kim, Nathan Keller, Orr Dunkelman presented a related-key rectangle attack on 42-round SHACAL-2.

In 2008 Lu and Kim presented a related-key rectangle attack on 44-round SHACAL-2. This is the best currently known cryptanalytic result on SHACAL-2.

External links

Nathan Keller's homepage

References

Eli Biham, Orr Dunkelman, Nathan Keller (February 2003). Rectangle Attacks on 49-Round SHACAL-1 (PDF). 10th International Workshop on Fast Software Encryption (FSE '03). Lund: Springer-Verlag. pp. 22–35. Retrieved 2007-07-02.
Helena Handschuh, Lars R. Knudsen, Matthew J. B. Robshaw (April 2001). Analysis of SHA-1 in Encryption Mode (PDF/PostScript). CT-RSA 2001, The Cryptographer's Track at RSA Conference 2001. San Francisco, California: Springer-Verlag. pp. 70–83. Retrieved 2007-07-02.
Seokhie Hong; Jongsung Kim; Guil Kim; Jaechul Sung; Changhoon Lee; Sangjin Lee (December 2003). Impossible Differential Attack on 30-Round SHACAL-2. 4th International Conference on Cryptology in India (INDOCRYPT 2003). New Delhi: Springer-Verlag. pp. 97–106.
Jongsung Kim; Guil Kim; Sangjin Lee; Jongin Lim; Junghwan Song (December 2004). Related-Key Attacks on Reduced Rounds of SHACAL-2. INDOCRYPT 2004. Chennai: Springer-Verlag. pp. 175–190.
Jongsung Kim; Guil Kim; Seokhie Hong; Sangjin Lee; Dowon Hong (July 2004). The Related-Key Rectangle Attack — Application to SHACAL-1. 9th Australasian Conference on Information Security and Privacy (ACISP 2004). Sydney: Springer-Verlag. pp. 123–136.
Jongsung Kim; Dukjae Moon; Wonil Lee; Seokhie Hong; Sangjin Lee; Seokwon Jung (December 2002). Amplified Boomerang Attack against Reduced-Round SHACAL. ASIACRYPT 2002. Queenstown, New Zealand: Springer-Verlag. pp. 243–253.
Markku-Juhani Olavi Saarinen (February 2003). Cryptanalysis of Block Ciphers Based on SHA-1 and MD5 (PDF). FSE '03. Lund: Springer-Verlag. pp. 36–44. Retrieved 2007-07-02.
YongSup Shin; Jongsung Kim; Guil Kim; Seokhie Hong; Sangjin Lee (July 2004). Differential-Linear Type Attacks on Reduced Rounds of SHACAL-2. ACISP 2004. Sydney: Springer-Verlag. pp. 110–122.
Jiqiang Lu; Jongsung Kim; Nathan Keller; Orr Dunkelman (2006). Related-Key Rectangle Attack on 42-Round SHACAL-2 (PDF). Information Security, 9th International Conference (ISC 2006). Samos: Springer-Verlag. pp. 85–100. Retrieved 2007-07-02.
Jiqiang Lu; Jongsung Kim; Nathan Keller; Orr Dunkelman (December 2006). Differential and Rectangle Attacks on Reduced-Round SHACAL-1 (PDF). INDOCRYPT 2006. Kolkata: Springer-Verlag. pp. 17–31. Retrieved 2007-07-02.
O. Dunkelman; N. Keller; J. Kim (August 2006). Related-key rectangle attack on the full SHACAL-1 (PostScript). Selected Areas in Cryptography (SAC 2006), to appear. Montreal: Springer-Verlag. pp. 16 pages. Retrieved 2007-07-02.
Jiqiang Lu; Jongsung Kim (2008-9). "Attacking 44 Rounds of the SHACAL-2 Block Cipher Using Related-Key Rectangle Cryptanalysis" (PDF). IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences. IEICE: 2599–2596. Retrieved 2012-01-30. Check date values in: |date= (help)

Block ciphers (security summary)

Common algorithms	AES Blowfish DES (Internal Mechanics, Triple DES) Serpent Twofish

Less common algorithms	Camellia CAST-128 IDEA RC2 RC5 RC6 SEED ARIA Skipjack TEA XTEA

Other algorithms	3-Way Akelarre Anubis BaseKing BassOmatic BATON BEAR and LION CAST-256 Chiasmus CIKS-1 CIPHERUNICORN-A CIPHERUNICORN-E CLEFIA CMEA Cobra COCONUT98 Crab Cryptomeria/C2 CRYPTON CS-Cipher DEAL DES-X DFC E2 FEAL FEA-M FROG G-DES GOST Grand Cru Hasty Pudding cipher Hierocrypt ICE IDEA NXT Intel Cascade Cipher Iraqi KASUMI KeeLoq KHAZAD Khufu and Khafre KN-Cipher Kuznyechik Ladder-DES Libelle LOKI (97, 89/91) Lucifer M6 M8 MacGuffin Madryga MAGENTA MARS Mercy MESH MISTY1 MMB MULTI2 MultiSwap New Data Seal NewDES Nimbus NOEKEON NUSH PRESENT Prince Q RC6 REDOC Red Pike S-1 SAFER SAVILLE SC2000 SHACAL SHARK Simon SM4 Speck Spectr-H64 Square SXAL/MBAL Threefish Treyfer UES Xenon xmx XXTEA Zodiac

Design	Feistel network Key schedule Lai-Massey scheme Product cipher S-box P-box SPN Avalanche effect Block size Key size Key whitening (Whitening transformation)

Attack (cryptanalysis)	Brute-force (EFF DES cracker) MITM (Biclique attack, 3-subset MITM attack) Linear (Piling-up lemma) Differential (Impossible Truncated Higher-order) Differential-linear Distinguishing (Known-key) Integral/Square Boomerang Mod n Related-key Slide Rotational Timing XSL Interpolation Partitioning Davies' Rebound Weak key Tau Chi-square Time/memory/data tradeoff

Standardization	AES process CRYPTREC NESSIE

Utilization	Initialization vector Mode of operation Padding

Cryptography

History of cryptography Cryptanalysis Outline of cryptography

Symmetric-key algorithm Block cipher Stream cipher Public-key cryptography Cryptographic hash function Message authentication code Random numbers Steganography

Category Portal WikiProject

This article is issued from Wikipedia - version of the 10/22/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.