Merkle-Damgård Construction Method and Alternatives: A Review

Cryptographic hash function is an important cryptographic tool in the field of information security. Design of most widely used hash functions such as MD5 and SHA-1 is based on the iterations of compression function by Merkle-Damgård construction method with constant initialization vector. Merkle-Damgård construction showed that the security of hash function depends on the security of the compression function. Several attacks on Merkle-Damgård construction based hash functions motivated researchers to propose different cryptographic constructions to enhance the security of hash functions against the differential and generic attacks. Cryptographic community had been looking for replacements for these weak hash functions and they have proposed new hash functions based on different variants of Merkle-Damgård construction. As a result of an open competition NIST announced Keccak as a SHA-3 standard. This paper provides a review of cryptographic hash function, its security requirements and different design methods of compression function

Pengaruh susunatur perabot dan peralatan pembelajaran dalam ruang studio seni bina terhadap aktiviti pembelajaran

Kajian susunatur perabot dan peralatan pembelajaran dalam ruang studio bagi kursus Seni Bina adalah merupakan satu kajian ke atas pengaruh susunatur perabot dan peralatan pembelajaran terhadap aktiviti pembelajaran. Penyelidikan ini adalah bertujuan untuk mengkaji sarna ada susunatur perabot seperti kerusi, meja lukisan kerja (drafting table), kabinet (storage) dan sebagainya untuk kegunaan pelajar dalam ruang studio sedia ada adalah sesuai atau tidak dalam memberikan kualiti pembelajaran yang lebih baik dari segi pembentangan projek, kuliah, tutorial, kerja kursus/amali mahupun aktiviti kelas. Di samping itu, kajian ini juga akan mengkaji sarna ada bilangan dan kemudahan peralatan pembelajaran seperti 'softboardlpartition' untuk aktiviti pembelajaran di dalam kelas mahupun untuk pembentangan projek pelajar adalah mencukupi ataupun memerlukan perubahan dari segi fleksibiliti atau kemudahan penggunaannya. Bagi mendapatkan gambaran sebenar, pengukuran kualitatifterhadap keselesaan pelajar dilakukan dengan mengambil 70 orang pelajar yang mewakili 27% daripada keseluruhan populasi sebagai responden yang terdiri daripada pelajar sijil dan diploma kursus Seni Bina di salah sebuah politeknik yang tertua di Malaysia. Kajian berbentuk tinjauan menggunakan soal selidik dilakukan untuk mendapatkan penilaian pelajar terhadap pengaruh susunatur perabot dan peralatan pembelajaran terhadap aktiviti pembelajaran. Hasil dapatan dianalisis menggunakan kaedah peratusan, skor min dan sisihan piawai. Dari hasil kajian dan perbincangan, dapatan yang diperolehi menunjukkan bahawa susunatur perabot dan peralatan pembelajaran yang teratur dan efisien juga menyumbang kepada aras keselesaan pelajar semasa proses pembelajaran. Data-data dan maklumat daripada responden akan dikumpul dan dianalisa untuk menghasilkan cadangan rekabentuk semula susunatur perabot dan peralatan pembelajaran dalam studio Seni Bina dalam bentuk lukisan kerja yang terdiri daripada pelan lantai, perspektif ruang studio daripada pelbagai sudut, keratan rentas dan 'details' perabot serta 3D (Tiga Dimensi) yang menggunakan CD. Adalah diharapkan hasil kajian dan cadangan rekabentuk semula susunatur perabot dan peralatan pembelajaran dalam studio Seni Bina yang dihasilkan ini akan dapat diaplikasikan dan diguna pakai dalam ruang studio pada masa akan datang

Enhanced Parallel Hash Function Algorithm Based on 3C Construction (EPHFA-3C)

The hash function is a function that can convert data from variable size to fixed-size data that can be used in security of communication like, authentication, digital signature and integration. In this paper, a parallel, secure and fast hash function algorithm that is based on 3C construction is proposed. It is an enhancement for the MD construction. This enhancement makes the construction more resistant to the extension and multi-blocks attacks. The parallel structure of the algorithm improves the speed of hashing and reduces the number of operations. The simulation analysis such as hashes distribution, confusion and diffusion properties, and collision resistance are executed. Based on the results, our proposed hash algorithm is efficient, simple, and has strong security compared with some recent hash algorithms

Security analysis of NIST-LWC contest finalists

Dissertação de mestrado integrado em Informatics EngineeringTraditional cryptographic standards are designed with a desktop and server environment in mind, so, with the relatively recent proliferation of small, resource constrained devices in the Internet of Things, sensor networks, embedded systems, and more, there has been a call for lightweight cryptographic standards with security, performance and resource requirements tailored for the highly-constrained environments these devices find themselves in. In 2015 the National Institute of Standards and Technology began a Standardization Process in order to select one or more Lightweight Cryptographic algorithms. Out of the original 57 submissions ten finalists remain, with ASCON and Romulus being among the most scrutinized out of them. In this dissertation I will introduce some concepts required for easy understanding of the body of work, do an up-to-date revision on the current situation on the standardization process from a security and performance standpoint, a description of ASCON and Romulus, and new best known analysis, and a comparison of the two, with their advantages, drawbacks, and unique traits.Os padrões criptográficos tradicionais foram elaborados com um ambiente de computador e servidor em mente. Com a proliferação de dispositivos de pequenas dimensões tanto na Internet of Things, redes de sensores e sistemas embutidos, apareceu uma necessidade para se definir padrões para algoritmos de criptografia leve, com prioridades de segurança, performance e gasto de recursos equilibrados para os ambientes altamente limitados em que estes dispositivos operam. Em 2015 o National Institute of Standards and Technology lançou um processo de estandardização com o objectivo de escolher um ou mais algoritmos de criptografia leve. Das cinquenta e sete candidaturas originais sobram apenas dez finalistas, sendo ASCON e Romulus dois desses finalistas mais examinados. Nesta dissertação irei introduzir alguns conceitos necessários para uma fácil compreensão do corpo deste trabalho, assim como uma revisão atualizada da situação atual do processo de estandardização de um ponto de vista tanto de segurança como de performance, uma descrição do ASCON e do Romulus assim como as suas melhores análises recentes e uma comparação entre os dois, frisando as suas vantagens, desvantagens e aspectos únicos

Bringing data minimization to digital wallets at scale with general-purpose zero-knowledge proofs

Today, digital identity management for individuals is either inconvenient and error-prone or creates undesirable lock-in effects and violates privacy and security expectations. These shortcomings inhibit the digital transformation in general and seem particularly concerning in the context of novel applications such as access control for decentralized autonomous organizations and identification in the Metaverse. Decentralized or self-sovereign identity (SSI) aims to offer a solution to this dilemma by empowering individuals to manage their digital identity through machine-verifiable attestations stored in a "digital wallet" application on their edge devices. However, when presented to a relying party, these attestations typically reveal more attributes than required and allow tracking end users' activities. Several academic works and practical solutions exist to reduce or avoid such excessive information disclosure, from simple selective disclosure to data-minimizing anonymous credentials based on zero-knowledge proofs (ZKPs). We first demonstrate that the SSI solutions that are currently built with anonymous credentials still lack essential features such as scalable revocation, certificate chaining, and integration with secure elements. We then argue that general-purpose ZKPs in the form of zk-SNARKs can appropriately address these pressing challenges. We describe our implementation and conduct performance tests on different edge devices to illustrate that the performance of zk-SNARK-based anonymous credentials is already practical. We also discuss further advantages that general-purpose ZKPs can easily provide for digital wallets, for instance, to create "designated verifier presentations" that facilitate new design options for digital identity infrastructures that previously were not accessible because of the threat of man-in-the-middle attacks

Improving Data Availability in Decentralized Storage Systems

PhD thesis in Information technologyPreserving knowledge for future generations has been a primary concern for humanity since the dawn of civilization. State-of-the-art methods have included stone carvings, papyrus scrolls, and paper books. With each advance in technology, it has become easier to record knowledge. In the current digital age, humanity may preserve enormous amounts of knowledge on hard drives with the click of a button. The aggregation of several hard drives into a computer forms the basis for a storage system. Traditionally, large storage systems have comprised many distinct computers operated by a single administrative entity. With the rise in popularity of blockchain and cryptocurrencies, a new type of storage system has emerged. This new type of storage system is fully decentralized and comprises a network of untrusted peers cooperating to act as a single storage system. During upload, files are split into chunks and distributed across a network of peers. These storage systems encode files using Merkle trees, a hierarchical data structure that provides integrity verification and lookup services. While decentralized storage systems are popular and have a user base in the millions, many technical aspects are still in their infancy. As such, they have yet to prove themselves viable alternatives to traditional centralized storage systems. In this thesis, we contribute to the technical aspects of decentralized storage systems by proposing novel techniques and protocols. We make significant contributions with the design of three practical protocols that each improve data availability in different ways. Our first contribution is Snarl and entangled Merkle trees. Entangled Merkle trees are resilient data structures that decrease the impact hierarchical dependencies have on data availability. Whenever a chunk loss is detected, Snarl uses the entangled Merkle trees to find parity chunks to repair the lost chunk. Our results show that by encoding data as an entangled Merkle tree and using Snarl’s repair algorithm, the storage utilization in current systems could be improved by over five times, with improved data availability. Second, we propose SNIPS, a protocol that efficiently synchronizes the data stored on peers to ensure that all peers have the same data. We designed a Proof of Storage-like construction using a Minimal Perfect Hash Function. Each peer uses the PoS-like construction to create a storage proof for those chunks it wants to synchronize. Peers exchange storage proofs and use them to efficiently determine which chunks they are missing. The evaluation shows that by using SNIPS, the amount of synchronization data can be reduced by three orders of magnitude in current systems. Lastly, in our third contribution, we propose SUP, a protocol that uses cryptographic proofs to check if a chunk is already stored in the network before doing wasteful uploads. We show that SUP may reduce the amount of data transferred by up to 94 % in current systems. The protocols may be deployed independently or in combination to create a decentralized storage system that is more robust to major outages. Each of the protocols has been implemented and evaluated on a large cluster of 1,000 peers

Applications of cryptanalysis methods to some symmetric key primitives

Block ciphers and hash functions are important cryptographic primitives that are used to secure the exchange of critical information. With the continuous increase in computational power available to attackers, information security systems including their underlying primitives need continuous improvements. Various cryptanalysis methods are used to examine the strength and weakness of hash functions and block ciphers. In this work, we study the Lesamnta-512 and DHA-256 hash functions and the LAC authenticated encryption scheme. In particular, we study the resistance of the underlying block cipher of the Lesamnta-512 hash function against impossible differential attacks, the resistance of the DHA-256 compression function against collision attacks. We also study MAC forgery attacks against LAC. Throughout our analysis, we use different automated methods to facilitate our analysis. For the cryptanalysis of Lesamnta-512, two automated methods are studied for finding an impossible differential path with the maximum length. Using the obtained impossible differential path, impossible differential cryptanalysis of Lesamnta-512 is performed for 16 rounds. For the DHA-256 hash function, we used an algebraic method to find collisions for its 17-step reduced compression function by deriving difference equations for each step and then solving them when the conditions for collisions are imposed on these equations. For LAC, the differential behavior of the different operations of the cipher is represented into a set of linear equations. Then, a Mixed Integer Linear Programming (MILP) approach is used to find a high probability characteristic. This characteristic is then used to perform a forgery attack on LAC encryption authenticated cipher

Cryptographic Analysis of Secure Messaging Protocols

Instant messaging applications promise their users a secure and private way to communicate. The validity of these promises rests on the design of the underlying protocol, the cryptographic primitives used and the quality of the implementation. Though secure messaging designs exist in the literature, for various reasons developers of messaging applications often opt to design their own protocols, creating a gap between cryptography as understood by academic research and cryptography as implemented in practice. This thesis contributes to bridging this gap by approaching it from both sides: by looking for flaws in the protocols underlying real-world messaging applications, as well as by performing a rigorous analysis of their security guarantees in a provable security model.Secure messaging can provide a host of different, sometimes conflicting, security and privacy guarantees. It is thus important to judge applications based on the concrete security expectations of their users. This is particularly significant for higher-risk users such as activists or civil rights protesters. To position our work, we first studied the security practices of protesters in the context of the 2019 Anti-ELAB protests in Hong Kong using in-depth, semi-structured interviews with participants of these protests. We report how they organised on different chat platforms based on their perceived security, and how they developed tactics and strategies to enable pseudonymity and detect compromise.Then, we analysed two messaging applications relevant in the protest context: Bridgefy and Telegram. Bridgefy is a mobile mesh messaging application, allowing users in relative proximity to communicate without the Internet. It was being promoted as a secure communication tool for use in areas experiencing large-scale protests. We showed that Bridgefy permitted its users to be tracked, offered no authenticity, no effective confidentiality protections and lacked resilience against adversarially crafted messages. We verified these vulnerabilities by demonstrating a series of practical attacks.Telegram is a messaging platform with over 500 million users, yet prior to this work its bespoke protocol, MTProto, had received little attention from the cryptographic community. We provided the first comprehensive study of the MTProto symmetric channel as implemented in cloud chats. We gave both positive and negative results. First, we found two attacks on the existing protocol, and two attacks on its implementation in official clients which exploit timing side channels and uncover a vulnerability in the key exchange protocol. Second, we proved that a fixed version of the symmetric MTProto protocol achieves security in a suitable bidirectional secure channel model, albeit under unstudied assumptions. Our model itself advances the state-of-the-art for secure channels

Malleable zero-knowledge proofs and applications

In recent years, the field of privacy-preserving technologies has experienced considerable expansion, with zero-knowledge proofs (ZKPs) playing one of the most prominent roles. Although ZKPs have been a well-established theoretical construct for three decades, recent efficiency improvements and novel privacy applications within decentralized finance have become the main drivers behind the surge of interest and investment in this area. This momentum has subsequently sparked unprecedented technical advances. Non-interactive ZKPs (NIZKs) are now regularly implemented across a variety of domains, encompassing, but not limited to, privacy-enabling cryptocurrencies, credential systems, voting, mixing, secure multi-party computation, and other cryptographic protocols. This thesis, although covering several areas of ZKP technologies and their application, focuses on one important aspect of NIZKs, namely their malleability. Malleability is a quality of a proof system that describes the potential for altering an already generated proof. Different properties may be desired in different application contexts. On the one end of the spectrum, non-malleability ensures proof immutability, an important requirement in scenarios such as prevention of replay attacks in anonymous cryptocurrencies. At the other end, some NIZKs enable proof updatability, recursively and directly, a feature that is integral for a variety of contexts, such as private smart contracts, compact blockchains, ZK rollups, ZK virtual machines, and MPC protocols generally. This work starts with a detailed analysis of the malleability and overarching security of a popular NIZK, known as Groth16. Here we adopt a more definitional approach, studying certain properties of the proof system, and its setup ceremony, that are crucial for its precise modelling within bigger systems. Subsequently, the work explores the malleability of transactions within a private cryptocurrency variant, where we show that relaxing non-malleability assumptions enables a functionality, specifically an atomic asset swap, that is useful for cryptocurrency applications. The work culminates with a study of a less general, algebraic NIZK, and particularly its updatability properties, whose applicability we present within the context of ensuring privacy for regulatory compliance purposes