Related-key rectangle attack on the full SHACAL-1

Orr Dunkelman, Nathan Keller, Jongsung Kim

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


SHACAL-1 is a 160-bit block cipher with variable key length of up to 512-bit key based on the hash function SHA-1. It was submitted to the NESSIE project and was accepted as a finalist for the 2nd phase of the evaluation. In this paper we devise the first known attack on the full 80-round SHACAL-1 faster than exhaustive key search. The related-key differentials used in the attack are based on transformation of the collision-producing differentials of SHA-1 presented by Wang et al.

Original languageEnglish
Title of host publicationSelected Areas in Cryptography - 13th International Workshop, SAC 2006, Revised Selected Papers
PublisherSpringer Verlag
Number of pages17
ISBN (Print)9783540744610
StatePublished - 2007
Externally publishedYes
Event13th International Workshop on Selected Areas in Cryptography, SAC 2006 - Montreal, QC, Canada
Duration: 17 Aug 200618 Aug 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4356 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference13th International Workshop on Selected Areas in Cryptography, SAC 2006
CityMontreal, QC

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Related-key rectangle attack on the full SHACAL-1'. Together they form a unique fingerprint.

Cite this