971 research outputs found
SPHINCS post-quantum digital signature scheme with Streebog hash function
Many commonly used public key cryptosystems will become insecure once a
scalable quantum computer is built. New cryptographic schemes that can
guarantee protection against attacks with quantum computers, so-called
post-quantum algorithms, have emerged in recent decades. One of the most
promising candidates for a post-quantum signature scheme is SPHINCS, which
is based on cryptographic hash functions. In this contribution, we analyze the
use of the new Russian standardized hash function, known as Streebog, for the
implementation of the SPHINCS signature scheme. We provide a performance
comparison with SHA-256-based instantiation and give benchmarks for various
sets of parameters.Comment: 5 pages, 2 figures, 3 table
Dynamic MDS Matrices for Substantial Cryptographic Strength
Ciphers get their strength from the mathematical functions of confusion and
diffusion, also known as substitution and permutation. These were the basics of
classical cryptography and they are still the basic part of modern ciphers. In
block ciphers diffusion is achieved by the use of Maximum Distance Separable
(MDS) matrices. In this paper we present some methods for constructing dynamic
(and random) MDS matrices.Comment: Short paper at WISA'10, 201
Malicious cryptography techniques for unreversable (malicious or not) binaries
Fighting against computer malware require a mandatory step of reverse
engineering. As soon as the code has been disassemblied/decompiled (including a
dynamic analysis step), there is a hope to understand what the malware actually
does and to implement a detection mean. This also applies to protection of
software whenever one wishes to analyze them. In this paper, we show how to
amour code in such a way that reserse engineering techniques (static and
dymanic) are absolutely impossible by combining malicious cryptography
techniques developped in our laboratory and new types of programming (k-ary
codes). Suitable encryption algorithms combined with new cryptanalytic
approaches to ease the protection of (malicious or not) binaries, enable to
provide both total code armouring and large scale polymorphic features at the
same time. A simple 400 Kb of executable code enables to produce a binary code
and around mutated forms natively while going far beyond the old
concept of decryptor.Comment: 17 pages, 2 figures, accepted for presentation at H2HC'1
Security problems with a chaos-based deniable authentication scheme
Recently, a new scheme was proposed for deniable authentication. Its main
originality lied on applying a chaos-based encryption-hash parallel algorithm
and the semi-group property of the Chebyshev chaotic map. Although original and
practicable, its insecurity and inefficiency are shown in this paper, thus
rendering it inadequate for adoption in e-commerce.Comment: 8 pages, 1 figure, latex forma
Design implementation and analysis of a dynamic cryptography algorithm with applications
Cryptographers need to provide the world with a new encryption standard. DES, the major encryption algorithm for the past fifteen years, is nearing the end of its useful life. Its 56-bit key size is vulnerable to a brute-force attack on powerful microprocessors and recent advances in linear cryptanalysis and differential cryptanalysis indicate that DES is vulnerable to other attacks as well. A more recent attack called XSL, proposes a new attack against AES and Serpent. The attack depends much more critically on the complexity of the nonlinear components than on the number of rounds. Ciphers with small S-boxes and simple structures are particularly vulnerable. Serpent has small S-boxes and a simple structure. AES has larger S-boxes, but a very simple algebraic description. If the attack is proven to be correct, cryptographers predict it to break AES with a 2; 80 complexity, over the coming years; Many of the other unbroken algorithms---Khufu, REDOC II, and IDEA---are protected by patents. RC2 is broken. The U.S. government has declassified the Skipjack algorithm in the Clipper and Capstone chips
Cryptanalysis the SHA-256 Hash Function using Rainbow Tables
The research of the strength of a hashed message is of great importance in modern authentication systems. The hashing process is inextricably linked with the password system, since passwords are usually stored in the system not in clear text, but as hashes. The SHA-256 hash function was chosen to model the attack with rainbow tables. An algorithm for constructing a rainbow table for the SHA-256 hash function in the Java language is proposed. The conditions under which the use of rainbow tables will be effective are determined. This article aims to practically show the process of generating a password and rainbow tables to organize an attack on the SHA-256 hash function. As research shows, rainbow tables can reveal a three-character password in 3 seconds. As the password bit increases, the decryption time increases in direct proportion
Password Cracking and Countermeasures in Computer Security: A Survey
With the rapid development of internet technologies, social networks, and
other related areas, user authentication becomes more and more important to
protect the data of the users. Password authentication is one of the widely
used methods to achieve authentication for legal users and defense against
intruders. There have been many password cracking methods developed during the
past years, and people have been designing the countermeasures against password
cracking all the time. However, we find that the survey work on the password
cracking research has not been done very much. This paper is mainly to give a
brief review of the password cracking methods, import technologies of password
cracking, and the countermeasures against password cracking that are usually
designed at two stages including the password design stage (e.g. user
education, dynamic password, use of tokens, computer generations) and after the
design (e.g. reactive password checking, proactive password checking, password
encryption, access control). The main objective of this work is offering the
abecedarian IT security professionals and the common audiences with some
knowledge about the computer security and password cracking, and promoting the
development of this area.Comment: add copyright to the tables to the original authors, add
acknowledgement to helpe
A secure over-the-air programming scheme in wireless sensor networks
Over-The-Air dissemination of code updates in Wireless Sensor Networks (WSNs) have been researchers’ point of interest in past a few years and more importantly security challenges toward remote propagation of code update have taken the majority of efforts in this context. Many security models have been proposed to establish a balance between the energy consumption and security strengthen with having their concentration on constraint nature of WSN nodes. For authentication purposes most of them have used Merkle-Hash-Tree to avoid using multiple public cryptography operations. These models mostly have assumed an environment in which security has to be in a standard level and therefore they have not investigated the tree structure for mission-critical situations in which security has to be in maximum possible extent (e.g. military zones). Two major problems have been identified in Merkle Tree structure which is used in Seluge scheme, including: 1) an exponential growth in number of overhead packets when block size of hash algorithm used in design is increased. 2) Limitation of using hash algorithms with larger block size of 11 bytes when payload size is set to 72 bytes. Then several existing security models are investigated for possible vulnerabilities and a set of countermeasures correspondingly named Security Model Requirements (SMR) is provided. After concentrating on Seluge’s design, a new secure Over-The-Air Programming (OTAP) scheme named Seluge++ is proposed that complies with SMR and replaces the use of inefficient Merkle Tree with a novel method
- …