Rectangle Attacks on 49-Round SHACAL-1

Eli Biham, Orr Dunkelman, N. Keller

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review


SHACAL-1 is a 160-bit block cipher with variable key length of up to 512-bit key based on the hash function SHA-1. It was submitted to the NESSIE project and was accepted as a finalist for the 2nd phase of the evaluation. In this paper we present rectangle attacks on 49 rounds out of the 80 rounds of SHACAL-1. The attacks require 2151.9 chosen plaintexts or ciphertexts and have time complexity of 2508.5 49-round SHACAL-1 encryptions. These are the best known attacks against SHACAL-1. In this paper we also identify and fix some flaws in previous attacks on SHACAL-1.
Original languageAmerican English
Title of host publicationFast Software Encryption
EditorsThomas Johansson
Place of PublicationBerlin Heidelberg
StatePublished - 2003

Publication series

NameLecture Notes in Computer Science


Dive into the research topics of 'Rectangle Attacks on 49-Round SHACAL-1'. Together they form a unique fingerprint.

Cite this