{"id":29860567,"url":"https://github.com/supermarcel10/cryptographicanalysisofsha2","last_synced_at":"2025-07-30T03:42:52.923Z","repository":{"id":305315502,"uuid":"895189042","full_name":"Supermarcel10/CryptographicAnalysisOfSha2","owner":"Supermarcel10","description":"Comparative benchmark of SMT solver effectiveness in cryptographic hash collision discovery for SHA-2 algorithms.","archived":false,"fork":false,"pushed_at":"2025-07-19T10:14:08.000Z","size":22832,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-07-19T15:29:36.247Z","etag":null,"topics":["cryptanalysis","cryptography","research","research-paper","research-project","satisfiability-modulo-theories","satisfiability-problem","sha2","smt"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Supermarcel10.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-11-27T18:09:34.000Z","updated_at":"2025-07-19T10:14:12.000Z","dependencies_parsed_at":"2025-07-19T15:42:30.131Z","dependency_job_id":null,"html_url":"https://github.com/Supermarcel10/CryptographicAnalysisOfSha2","commit_stats":null,"previous_names":["supermarcel10/cryptographicanalysisofsha2"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/Supermarcel10/CryptographicAnalysisOfSha2","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Supermarcel10%2FCryptographicAnalysisOfSha2","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Supermarcel10%2FCryptographicAnalysisOfSha2/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Supermarcel10%2FCryptographicAnalysisOfSha2/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Supermarcel10%2FCryptographicAnalysisOfSha2/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Supermarcel10","download_url":"https://codeload.github.com/Supermarcel10/CryptographicAnalysisOfSha2/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Supermarcel10%2FCryptographicAnalysisOfSha2/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":267804111,"owners_count":24146538,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-30T02:00:09.044Z","response_time":70,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cryptanalysis","cryptography","research","research-paper","research-project","satisfiability-modulo-theories","satisfiability-problem","sha2","smt"],"created_at":"2025-07-30T03:42:49.827Z","updated_at":"2025-07-30T03:42:52.909Z","avatar_url":"https://github.com/Supermarcel10.png","language":"Rust","readme":"# Improving SHA-2 Collisions Using Satisfiability Modulo Theory (SMT) Solvers\n\n\u003e [!CAUTION]\n\u003e โš ๏ธ The `sha2-collision sha2` subcommand is not a viable secure replacement for hashing functions! โš ๏ธ\n\u003e This subcommand has been made for a simplified and streamlined verification process, by exposing control over compression rounds and the initial vector.\n\u003e If you are looking for sha2 hashing functionality for your Rust project, you likely want the [sha2 crate](https://github.com/RustCrypto/hashes).\n\n## ๐Ÿ“„ Table of Contents\n\u003c!-- TOC --\u003e\n* [Improving SHA-2 Collisions Using Satisfiability Modulo Theory (SMT) Solvers](#improving-sha-2-collisions-using-satisfiability-modulo-theory-smt-solvers)\n * [๐Ÿ“„ Table of Contents](#-table-of-contents)\n * [๐Ÿ“– Context](#-context)\n * [๐Ÿ“ Introduction](#-introduction)\n * [๐ŸŽฏ Aims and Scope](#-aims-and-scope)\n * [๐Ÿ“Š Results](#-results)\n * [๐Ÿ”จ Building](#-building)\n * [Running](#running)\n * [Subcommands](#subcommands)\n * [๐Ÿงช Architectures](#-architectures)\n * [๐Ÿ–ฅ๏ธ Runners](#-runners)\n * [Runner Specifications](#runner-specifications)\n * [BIOS Settings](#bios-settings)\n * [Solver Versions](#solver-versions)\n * [Reproducability](#reproducability)\n * [๐Ÿ”ฌ Testing](#-testing)\n * [๐Ÿ“ Project Structure](#-project-structure)\n * [๐Ÿ”„ Dependencies](#-dependencies)\n * [โž•๏ธ Forks \u0026 Contributions](#-forks--contributions)\n * [๐Ÿ“• License](#-license)\n\u003c!-- TOC --\u003e\n\n## ๐Ÿ“– Context\n### ๐Ÿ“ Introduction\n\nInspired by Li et Al. 2024, this dissertation project experimented with practical\nfeasibility of finding SHA-2 collisions using SMT (Satisfiability Modulo Theories) solvers.\nWhile SHA-2 is considered cryptographically secure against collision attacks,\nthe theoretical possibility of finding collisions through computational methods remains an active area of research.\nAutomated reasoning tools, such as SMT solvers, present a compelling approach for differential cryptanalysis.\n\n### ๐ŸŽฏ Aims and Scope\n\nThe primary aim of this project was to evaluate and compare the effectiveness of various SMT\nsolvers in finding SHA-2 hash collisions, with specific focus on performance analysis and parameter optimisation.\n\nThe scope encompasses both theoretical analysis of SMTLIB representation and empirical evaluation of solver\nperformance under controlled benchmarking conditions.\n\n### ๐Ÿ“Š Results\n\nThe benchmarking revealed significant performance variations between SMT solvers when applied to SHA-2 collision problems.\nDetailed metrics can be found in the `results/` directory. Comparative graphs can be found in `graphs/`.\n\nAn extended abstract publication for SMT2025 has been approved, and is awaiting publication.\nA [dissertation specific report](docs/Report/Report.pdf) has been written outlining in-depth analysis and information.\n\n## ๐Ÿ”จ Building\n\u003e [!IMPORTANT]\n\u003e This project makes use of Rust 2024 edition, ensure `rustc --version` outputs `1.85.0` or greater.\n\u003e Update rustc by invoking `rustup update`.\n\n1) [Ensure Rust is correctly configured](https://www.rust-lang.org/tools/install) on the machine.\n2) Invoke `cargo run --release` to build and run using release profile.\n3) An executable binary has been produced in `target/release/sha2-collision`.\n\n### Running\n\u003e [!NOTE]\n\u003e Separate installation of solvers is required to run the `benchmark` subcommand.\n\u003e Ensure solvers are in CLI PATH to work properly.\n\u003e An error will be thrown if the command does not exist.\n\nTo run a specified subcommand, such as `sha2-collision sha2 --help`, you can invoke either:\n- `cargo run --release sha2 --help` (This will not invoke a rebuild unless code has been altered)\n- `./target/release/sha2-collision sha2 --help`\n\n### Subcommands\nEvery subcommand and flag has been thorougly documented, with defaults and enumerable options where aplicable.\n\n## ๐Ÿงช Architectures\n\n| OS | Supported? | Tested? |\n|--------------------|:----------:|:-------:|\n| Unix-Like (x86_64) | ๐ŸŸฉ | ๐ŸŸฉ |\n| Unix-Like (ARM) | ๐ŸŸจ | ๐ŸŸฅ |\n| DOS-Like (x86_64) | ๐ŸŸฅ | ๐ŸŸฅ |\n| DOS-Like (ARM) | ๐ŸŸฅ | ๐ŸŸฅ |\n\n## ๐Ÿ–ฅ๏ธ Runners\n### Runner Specifications\n| | **Specification** |\n|-----------:|:-------------------------------------------:|\n| **CPU** | AMD Ryzen 9 5900X |\n| **MEM** | 4 x 32GiB DDR4 3600MHz 18-22-22-52-64 1.35V |\n| **OS** | NixOS 25.05 (Warbler) x86_64 |\n| **KERNEL** | Linux Realtime 6.6.77-rt50 |\n\n### BIOS Settings\n| **Setting** | **Value** |\n|-----------------------------------:|:------------------------------:|\n| **CPU Clock** | 37.00 |\n| **CPU Clock Control** | 100.000 MHz |\n| **XMP** | DDR4-3600 18-22-22-52-64 1.35V |\n| **CPU VCore** | 0.818V |\n| **CPU VCore Loadline Calibration** | LOW |\n| **CSM Support** | ENABLED |\n\n### Solver Versions\n\n| **Solver** | **Version** | **License** | Notes |\n|-----------:|:---------------------:|:-----------:|:----------------------------------:|\n| Z3 | 4.13.4 | MIT | |\n| CVC5 | 1.2.1 | BSD 3 | |\n| Yices | 2.6.5 | GPL3.0 | |\n| Bitwuzla | 0.7.0 | MIT | |\n| Boolector | 3.2.3 | MIT | |\n| STP | 2.3.4 | MIT | Support for SMTLIB 2.0 only |\n| Colibri2 | 0.4-dirty | LGPLv2.1 | Portable binary in `solvers/` |\n| MathSAT | 5.6.11 (1a1154baf0ab) | Custom | Binary in `solvers/`, autopatchelf |\n\n### Reproducability\nThis runner can be rebuilt at any time, using the [NixOS configuration](https://github.com/Supermarcel10/NixOSConfig/blob/f1d26ec/devices/E01/configuration.nix).\n\n## ๐Ÿ”ฌ Testing\nSome segments of code have unit tests in order to assert corectness over changes.\nIn order to run these tests invoke `cargo test`.\n\n## ๐Ÿ“ Project Structure\n- `docs/`: Source and produced documentation.\n- `graphs/`: Output directory containing produced graphs.\n- `proofs/`: SMT solver proofs for finding a contradiction.\n\t- UNSAT implies no contradictions were found, and the encodings are sound.\n- `reference/`: Reference documentation, which the project bases on.\n- `results/`: Output directory containing deserialized json Benchmark objects, representing each run.\n- `smt/`: (Auto-Generated) Output directory containing produced SMTLIB 2.6 format encoding.\n- `solvers/`: Helper binaries which were patched, or otherwise modified in some manner.\n\t- For more details, see the solver version notes.\n- `src/`: Source code. The code is split into different modules handling each subcommand. Some of these have some overlap, or functions that they share with eachother, but are otherwise independent.\n\t- `benchmark/`: Handles running and parsing benchmarks.\n\t- `data/`: A shared utility module for retrieving data in a unified manner.\n\t- `graphing/`: Handles generation of graphs and any graph components.\n\t- `sha/`: A custom sha2 implementation, shadowing the standard, but also exposing compression rounds, initial vectors and such. Primarily used for verification purposes.\n\t- `smt_lib/`: Handles everything for generating smt2 files with various encodings. Also exposes a utility to load smt files.\n\t- `structs/`: Handles binding structs and traits between modules.\n\t- `verification/`: Handles verification and display outputs.\n\n## ๐Ÿ”„ Dependencies\nAll dependencies and feature flags are defined in `Cargo.toml`.\nFor a full listing of dependency licenses, run `cargo license`.\n\n## โž•๏ธ Forks \u0026 Contributions\nUsing this as a template and building ground for futher research is much apprechiated.\n\nIf you wish to contribute, make a fork of this repository, and when ready, create a PR.\n\n## ๐Ÿ“• License\nThis project is licensed under [CC BY-NC-SA](https://creativecommons.org/licenses/by-nc-sa/4.0/deed.en).\nYou are free to share, modify and copy the code with attribution, as long as it is not for commercial purposes.\nFor more information see [the license](LICENSE.md).\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsupermarcel10%2Fcryptographicanalysisofsha2","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsupermarcel10%2Fcryptographicanalysisofsha2","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsupermarcel10%2Fcryptographicanalysisofsha2/lists"}