• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.5
• /
• pp.87-93
• /
• 2002

SHACAL is based on the hash standard SHA-1 used in encryption mode, as a submission to NESSIE. SHACAL uses the XOR, modular addition operation and the functions of bit-by-bit manner. These operations and functions make the differential cryptanalysis difficult, i.e, we hardly find a long differential with high probability. But, we can find short differentials with high probability. Using this fact, we discuss the security of SHACAL against the amplified boomerang attack. We find a 36-step boomerang-distinguisher and present attacks on reduced-round SHACAL with various key sizes. We can attack 39-step with 256-bit key, and 47-step with 512-bit key.