152 research outputs found
Differential and invertibility properties of BLAKE (full version)
BLAKE is a hash function selected by NIST as one of the 14 second round candidates for the SHA-3 Competition. In this paper, we follow a bottom-up approach to exhibit properties of BLAKE and of its building blocks: based on differential properties of the internal function G, we show that a round of BLAKE is a permutation on the message space, and present an efficient inversion algorithm. For 1.5 rounds we present an algorithm that finds preimages faster than in previous attacks. Discovered properties lead us to describe large classes of impossible differentials for two rounds of BLAKE’s internal permutation, and particular impossible differentials for five and six rounds, respectively for BLAKE- 32 and BLAKE-64. Then, using a linear and rotation-free model, we describe near-collisions for four rounds of the compression function. Finally, we discuss the problem of establishing upper bounds on the probability of differential characteristics for BLAKE
Analysis of BLAKE2
We present a thorough security analysis of the hash function family BLAKE2, a recently proposed and already in use tweaked version of the SHA-3 finalist BLAKE. We study how existing attacks on BLAKE apply to BLAKE2 and to what extent the modifications impact the attacks. We design and run two improved searches for (impossible) differential attacks — the outcomes suggest higher number of attacked rounds in the case of impossible differentials (in fact we improve the best results for BLAKE as well), and slightly higher for the differential attacks on the hash/compression function (which gives an insight into the quality of the tweaks). We emphasize the importance of each of the modifications, in particular we show that an improper initialization could lead to collisions and near-collisions for the full-round compression function. We analyze the permutation of the new hash function and give rotational attacks and internal differentials for the whole design. We conclude that the tweaks in BLAKE2 were chosen properly and, despite having weaknesses in the theoretical attack frameworks of permutations and of fully-chosen state input compression functions, the hash function of BLAKE2 has only slightly lower security margin than BLAKE
Near-Collisions on the Reduced-Round Compression Functions of Skein and BLAKE
The SHA-3 competition organized by NIST aims
to find a new hash standard as a replacement of SHA-2. Till now, 14
submissions have been selected as the second round candidates,
including Skein and BLAKE, both of which have components based on
modular addition, rotation and bitwise XOR (ARX). In this paper, we
propose improved near-collision attacks on the reduced-round
compression functions of Skein and a variant of BLAKE. The attacks
are based on linear differentials of the modular additions. The
computational complexity of near-collision attacks on a 4-round
compression function of BLAKE-32, 4-round and 5-round compression
functions of BLAKE-64 are 2^{21}, 2^{16} and 2^{216}
respectively, and the attacks on a 24-round compression functions of
Skein-256, Skein-512 and Skein-1024 have a complexity of 2^{60},
2^{230} and 2^{395} respectively
Nonlinear software sensor for monitoring genetic regulation processes with noise and modeling errors
Nonlinear control techniques by means of a software sensor that are commonly
used in chemical engineering could be also applied to genetic regulation
processes. We provide here a realistic formulation of this procedure by
introducing an additive white Gaussian noise, which is usually found in
experimental data. Besides, we include model errors, meaning that we assume we
do not know the nonlinear regulation function of the process. In order to
illustrate this procedure, we employ the Goodwin dynamics of the concentrations
[B.C. Goodwin, Temporal Oscillations in Cells, (Academic Press, New York,
1963)] in the simple form recently applied to single gene systems and some
operon cases [H. De Jong, J. Comp. Biol. 9, 67 (2002)], which involves the
dynamics of the mRNA, given protein, and metabolite concentrations. Further, we
present results for a three gene case in co-regulated sets of transcription
units as they occur in prokaryotes. However, instead of considering their full
dynamics, we use only the data of the metabolites and a designed software
sensor. We also show, more generally, that it is possible to rebuild the
complete set of nonmeasured concentrations despite the uncertainties in the
regulation function or, even more, in the case of not knowing the mRNA
dynamics. In addition, the rebuilding of concentrations is not affected by the
perturbation due to the additive white Gaussian noise and also we managed to
filter the noisy output of the biological systemComment: 21 pages, 7 figures; also selected in vjbio of August 2005; this
version corrects a misorder in the last three references of the published
versio
The Boomerang Attacks on BLAKE and BLAKE2
n this paper, we study the security margins of hash functions BLAKE and BLAKE2 against the boomerang attack. We launch boomerang attacks on all four members of BLAKE and BLAKE2, and compare their complexities. We propose 8.5-round boomerang attacks on both BLAKE-512 and BLAKE2b with complexities and respectively. We also propose 8-round attacks on BLAKE-256 with complexity and 7.5-round attacks on BLAKE2s with complexity . We verify the correctness of our analysis by giving practical 6.5-round Type I boomerang quartets for each member of BLAKE and BLAKE2.
According to our analysis, some tweaks introduced by BLAKE2 have increased its resistance against boomerang attacks to a certain extent.
But on the whole, BLAKE still has higher a secure margin than BLAKE2
Observability/Identifiability of Rigid Motion under Perspective Projection
The "visual motion" problem consists of estimating the motion of an object viewed under projection. In this paper we address the feasibility of such a problem.
We will show that the model which defines the visual motion problem for feature points in the euclidean 3D space lacks of both linear and local (weak) observability. The locally observable manifold is covered with three levels of lie differentiations. Indeed, by imposing metric constraints on the state-space, it is possible to reduce the set of indistinguishable states.
We will then analyze a model for visual motion estimation in terms of identification of an Exterior Differential System, with the parameters living on a topological manifold, called the "essential manifold", which includes explicitly in its definition the forementioned metric constraints. We will show that rigid motion is globally observable/identifiable under perspective projection with zero level of lie differentiation under some general position conditions. Such conditions hold when the viewer does not move on a quadric surface containing all the visible points
Whitham's equations for modulated roll-waves in shallow flows
This paper is concerned with the detailed behaviour of roll-waves undergoing
a low-frequency perturbation. We rst derive the so-called Whitham's averaged
modulation equations and relate the well-posedness of this set of equations to
the spectral stability problem in the small Floquet-number limit. We then fully
validate such a system and in particular, we are able to construct solutions to
the shallow water equations in the neighbourhood of modulated roll-waves proles
that exist for asymptotically large time
The significance of the integrated Sachs-Wolfe effect revisited
We revisit the state of the integrated Sachs-Wolfe (ISW) effect measurements
in light of newly available data and address criticisms about the measurements
which have recently been raised. We update the data set previously assembled by
Giannantonio et al. to include new data releases for both the cosmic microwave
background (CMB) and the large-scale structure (LSS) of the Universe. We find
that our updated results are consistent with previous measurements. By fitting
a single template amplitude, we now obtain a combined significance of the ISW
detection at the 4.4 sigma level, which fluctuates by 0.4 sigma when
alternative data cuts and analysis assumptions are considered. We also make new
tests for systematic contaminations of the data, focusing in particular on the
issues raised by Sawangwit et al. Amongst them, we address the rotation test,
which aims at checking for possible systematics by correlating pairs of
randomly rotated maps. We find results consistent with the expected data
covariance, no evidence for enhanced correlation on any preferred axis of
rotation, and therefore no indication of any additional systematic
contamination. We publicly release the results, the covariance matrix, and the
sky maps used to obtain them.Comment: 19 pages, 10 figures. MNRAS in pres
- …