Strict Avalanche Criterion of SHA-256 sub-function removed variants
Abstract
The measure of diffusion, the property of dissipating patterns and statistical structures in cryptographic transformations, serves as a valuable heuristic for assessing the obscurity of patterns that could lead to collisions. As with many cryptographic hash functions, SHA-256 exhibits the property of diffusion as measured by the Strict Avalanche Criterion (SAC). While SHA-256's diffuse output is well documented, less is known about how the diffusion rate changes across the 64 rounds in its compression function nor how the algorithm's individual sub-functions contribute to the overall diffusion. The diffusion of the unmodified compression function is initially measured using the SAC, with the aim of understanding the alteration in diffusion across the 64 rounds of compression. The level to which sub-functions affect diffusion is subsequently measured, enabling potential prioritization of these sub-functions in future collision attacks. To accomplish this, the compression function is modified by removing sub-functions, and the diffusion of these new variants is measured. While all eventually meet the SAC, multiple variant functions diffuse at a slower rate.