Towards Designing Energy-Efficient Secure Hashes

In computer security, cryptographic algorithms and protocols are required to ensure security of data and applications. This research investigates techniques to reduce the energy consumed by cryptographic hash functions. The specific hash functions considered are Message Digest-2 (MD2), Message Digest-5 (MD5), Secure Hash Algorithm-1 (SHA-1) and Secure Hash Algorithm-2 (SHA-2). The discussion around energy conservation in handheld devices like laptops and mobile devices is gaining momentum. Research has been done at the hardware and operating system levels to reduce the energy consumed by these devices. However, research on conserving energy at the application level is a new approach. This research is motivated by the energy consumed by anti-virus applications which use computationally intensive hash functions to ensure security. To reduce energy consumption by existing hash algorithms, the generic energy complexity model, designed by Roy et al. [Roy13], has been applied and tested. This model works by logically mapping the input across the eight available memory banks in the DDR3 architecture and accessing the data in parallel. In order to reduce the energy consumed, the data access pattern of the hash functions has been studied and the energy complexity model has been applied to hash functions to redesign the existing algorithms. These experiments have shown a reduction in the total energy consumed by hash functions with different degrees of parallelism of the input message, as the energy model predicted, thereby supporting the applicability of the energy model on the different hash functions chosen for the study. The study also compared the energy consumption by the hash functions to identify the hash function suitable for use based on required security level. Finally, statistical analysis was performed to verify the difference in energy consumption between MD5 and SHA2

Cyber Security- A New Secured Password Generation Algorithm with Graphical Authentication and Alphanumeric Passwords Along With Encryption

Graphical passwords are always considered as an alternative of alphanumeric passwords for their better memorability and usability [1]. Alphanumeric passwords provide an adequate amount of satisfaction, but they do not offer better memorability compared to graphical passwords [1]. On the other hand, graphical passwords are considered less secured and provide better memorability [1]. Therefore many researchers have researched on graphical passwords to overcome the vulnerability. One of the most significant weaknesses of the graphical passwords is Shoulder Surfing Attack, which means, sneaking into a victim\u27s computer to learn the whole password or part of password or some confidential information. Such kind of attacks is called as Shoulder Surfing Attack. Many researchers have presented various ideas to curb the shoulder surfing attack. However, graphical passwords are still vulnerable to this attack. Therefore, in the present thesis, the solution for shoulder surfing attack is analyzed and a new algorithm is developed to provide better algorithm with memorability as well as very strong password using the encryption. For alphanumeric passwords, dictionary attack, and brute force attack are critical potential threats to be taken care off. Dictionary attacks mean, attacking every word from the dictionary to crack the password, whereas, brute force attack means, applying all different kind of combinations to crack the password. Thus, both protection methods have their pros and cons and, therefore in this thesis, the possible solution has been researched to provide more secure technique. Encryption is another essential technique in the field of cybersecurity. The history of encryption dates back to World War 2, where German forces used its encryption technique for the first time, and this encryption has been developed a lot with the consistent contribution of many researchers. Starting from the German encryption technique, the present encryption field has evolved a lot and compared to its primitive form; the current encryption techniques are more secured. In the encryption, various cryptosystems have been developed, and due to consistently developed computational power, attackers have compromised various cryptosystem. One of the essential cryptosystems is the MD family cryptosystem. In the MD family, a few members have been compromised whereas members such as MD5, had inbuilt algorithm flow and therefore they became vulnerable for different reasons. In this thesis, the research has been done with Whirlpool encryption, which is never compromised as of now. However, before using the Whirlpool encryption, the string has been processed with multiple steps, such as, perception, shifting of characters, splitting the string into chunks, and then each piece has been encrypted to populate 128 characters long password for each fragment and thus, the algorithm to generate 1280 characters long passwords is proposed which are immune to linear attacks, dictionary attacks, brute force attacks, and shoulder surfing attack. After the research, the computational time is also calculated for the modern computer (8 core, 2.8 GHz) as well as the present Supercomputers which are 100000 times faster than a modern computer. After all the research, the conclusion and future work are also mentioned for future research

Application for Demonstration of Hash Algorithms SHA-1 and SHA-2

V této práci je uvedena teorie související s hashovacími algoritmy SHA-1 a SHA-2 spolu s popisem možné implementace aplikace, která demonstruje činnost těchto algoritmů. V obecné části práce jsou popsány principy vytváření hashovacích funkcí, jejich použití a historie vybraných hashovacích funkcí. Dále jsou představeny konvence a jednotlivé části algoritmů SHA-1 a SHA-2. V následující kapitole jsou uvedeny pojmy související s útoky na hashovací funkce a představeny vybrané z nich. V části poslední je nastíněn návrh a implementace aplikace vzniklé v rámci této práce. V závěru jsou zhodnoceny výsledky této práce s návrhy na její případné další pokračování.In this thesis, the theory related to the hash algorithms SHA-1 and SHA-2 is presented, along with a description of possible implementation of an application that demonstrates how these algorithms work. The first part of this thesis describes the principles of construction of hash functions, their use and history of selected hash functions. The two following chapters present conventions and algorithms of the SHA-1 and SHA-2. The next chapter describes the general concepts related to the attacks on the hash functions and selected attacks are presented in more detail. The last two chapters outline the design and implementation of an application that was created as part of this work. In the end the evaluation of results of this thesis and proposals for its possible continuation are presented.