• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.3
• /
• pp.107-115
• /
• 2004

SHACAL-2 is a 256 bit block cipher with various key sizes based on the hash function SHA-2. Recently, it was recommended as one of the NESSIE selections. UP to now, no security flaws have been found in SHACAL-2. In this paper, we discuss the security of SHACAL-2 against an impossible differential attack. We propose two types of 14 round impossible characteristics and using them we attack 30 round SHACAL-2 with 512 bit 18y. This attack requires 744 chosen plaintexs and has time complexity of 2$^{495.1}$ 30 round SHACAL-2 encryptions.