The universality of iterated hashing over variable-length strings

Iterated hash functions process strings recursively, one character at a time. At each iteration, they compute a new hash value from the preceding hash value and the next character. We prove that iterated hashing can be pairwise independent, but never 3-wise independent. We show that it can be almost universal over strings much longer than the number of hash values; we bound the maximal string length given the collision probability

Chameleon: a Blind Double Trapdoor Hash Function for Securing AMI Data Aggregation

Data aggregation is an integral part of Advanced Metering Infrastructure (AMI) deployment that is implemented by the concentrator. Data aggregation reduces the number of transmissions, thereby reducing communication costs and increasing the bandwidth utilization of AMI. However, the concentrator poses a great risk of being tampered with, leading to erroneous bills and possible consumer disputes. In this paper, we propose an end-to-end integrity protocol using elliptic curve based chameleon hashing to provide data integrity and authenticity. The concentrator generates and sends a chameleon hash value of the aggregated readings to the Meter Data Management System (MDMS) for verification, while the smart meter with the trapdoor key computes and sends a commitment value to the MDMS so that the resulting chameleon hash value calculated by the MDMS is equivalent to the previous hash value sent by the concentrator. By comparing the two hash values, the MDMS can validate the integrity and authenticity of the data sent by the concentrator. Compared with the discrete logarithm implementation, the ECC implementation reduces the computational cost of MDMS, concentrator and smart meter by approximately 36.8%, 80%, and 99% respectively. We also demonstrate the security soundness of our protocol through informal security analysis

Manajemen jpeg/exif file fingerprint dengan algoritma Brute Force string matching dan Hash Function SHA256

Management of jpeg/exif file fingerprint with Brute Force string matching algorithm and Hash Function SHA256Metode pengamanan berkas gambar jpeg/exif saat ini hanya mencakup aspek pencegahan, belum pada aspek deteksi integritas data. Digital Signature Algorithm (DSA) adalah metode kriptografi yang digunakan untuk memverifikasi integritas data menggunakan hash value. SHA256 merupakan hash function yang menghasilkan 256-bit hash value yang berfungsi sebagai file fingerprint. Penelitian ini bertujuan untuk menyusun file fingerprint dari berkas jpeg/exif menggunakan SHA256 dan algoritma Brute Force string matching untuk verifikasi integritas berkas jpeg/exif. Penelitian dilakukan dalam lima tahap. Tahap pertama adalah identifikasi struktur berkas jpeg/exif. Tahap kedua adalah akuisisi konten segmen. Tahap ketiga penghitungan hash value. Tahap keempat adalah eksperimen modifikasi berkas jpeg/exif. Tahap kelima adalah pemilihan elemen dan penyusunan file fingerprint. Hasil penelitian menunjukkan sebuah jpeg/exif file fingerprint tersusun atas tiga hash value. SOI (Start of Image) segment hash value digunakan untuk mendeteksi terjadinya modifikasi berkas dalam bentuk perubahan tipe berkas dan penambahan objek pada konten gambar. Hash value segmen APP1 digunakan untuk mendeteksi modifikasi pada metadata berkas. Hash value segmen SOF0 digunakan untuk mendeteksi gambar yang dimodifikasi dengan teknik recoloring, resizing, dan cropping. The method of securing jpeg/exif image files currently has covered only the prevention aspect instead of the data integrity detection aspect. Digital Signature Algorithm is a cryptographic method used to verify the data integrity using hash value. SHA256 is a hash function that produces a 256-bit hash value functioning as a fingerprint file. This study aimed at compiling fingerprint files from jpeg/exif files using SHA256 and Brute Force string matching algorithm to verify the integrity of jpeg/exif files. The research was conducted in five steps. The first step was identifying the jpeg/exif file structure. The second step was the acquisition of the segment content. The third step was calculating the hash value. The fourth step was the jpeg/exif file modification experiment. The fifth step was the selection of elements and compilation of fingerprint files. The obtained results showed a jpeg/exif fingerprint file which was compiled in three hash values. The hash value of SOI segment was used to detect the occurrence of file modification in the form of file type changing and object addition on the image content. The hash value of APP1 segment was used to detect the metadata file modification. The hash value of SOF0 segment was used to detect the images modified by recoloring, resizing, and cropping techniques

Perancangan Sistemenkripsi Citra Digital dengan Algoritma Fungsi Hash Md5

This application to find out how the algorithm Hash MD5 function to the input of bitmap image in the process of forming its hash value, perform the validation process of the image based on the hash value inserted in the picture, know the computing time to change the size of input image file, and build a desktop application. MD (Message Digest) version 5 is a widely used cryptographic hash function by processing the input file size indeterminate in length and generating 128-bit hash values. This research uses experimental method by designing and testing the design on computer. The design that is made is a desktop application to implement the Hash MD5 Function algorithm. The results showed that the pixel value of the bitmap image input is an input in the form of hexastream, the MD5 hash function algorithm regardless of the size of the input file will get the output of the hash value. The process of validating the authenticity of the image is done by comparing the hash value inserted in the image with the result hash value. View from the comparison of the original image with the image of the process, we get the difference of the image error which states that there is a change due to the insertion of the hash value. Computation time of MD5 hash value formation process to image file input size is not the same thing caused by change of input image file size significantly

PAYMENT CARD AS A UNIQUE IDENTIFIER FOR IDENTIFICATION AND DELAYED PAYMENT

The present invention provides a system and method for automatically identifying, assigning, aggregating and generating a bill for a customer using a unique identifier, where the unique identifier is a primary account number (PAN). The present system obtains the payment credentials through a payment device from the customer before placing the order or while ‘paying’ for the order and instead of immediately processing a standard payment, the system generates a hash value by performing a hash algorithm. The generated hash value is stored and or matched to the customer. The merchant or ePOS then assigns the order details to the corresponding hash value/ customer. When the customer wishes to pay for the bill, the payment device reads the payment credentials of the cardholder once again to generate a hash value and compares the generated hash value with the previously stored hash values. If the hash values are matched, the order details corresponding to that hash value are obtained and generates the single automatically reconciled bill payment. In an non limiting aspect, the system, upon receiving the PAN, may call an external server/database to receive additional data based on the PAN such as: the Personal Account reference (PAR) number or Cardholder name, etc

Regular and almost universal hashing: an efficient implementation

Random hashing can provide guarantees regarding the performance of data structures such as hash tables---even in an adversarial setting. Many existing families of hash functions are universal: given two data objects, the probability that they have the same hash value is low given that we pick hash functions at random. However, universality fails to ensure that all hash functions are well behaved. We further require regularity: when picking data objects at random they should have a low probability of having the same hash value, for any fixed hash function. We present the efficient implementation of a family of non-cryptographic hash functions (PM+) offering good running times, good memory usage as well as distinguishing theoretical guarantees: almost universality and component-wise regularity. On a variety of platforms, our implementations are comparable to the state of the art in performance. On recent Intel processors, PM+ achieves a speed of 4.7 bytes per cycle for 32-bit outputs and 3.3 bytes per cycle for 64-bit outputs. We review vectorization through SIMD instructions (e.g., AVX2) and optimizations for superscalar execution.Comment: accepted for publication in Software: Practice and Experience in September 201

From Hashtag to Hash Value: Using the Hash Value Model to Report Child Sex Abuse Material

In the summer of 2021, Apple announced it would release a Child Safety Feature (CSF) aimed at reducing Child Sex Abuse Materials (CSAM) on its platform. The CSF would scan all images a user uploaded to their iCloud for CSAM, and Apple would report an account with 30 or more flagged images to the National Center for Missing and Exploited Children. Despite Apple’s good intentions, they received intense backlash, with many critics arguing the proposed CSF eroded a user’s privacy. This article explores the technology behind Apple’s CSF and compares it to similar features used by other prominent tech companies. The article further looks at how the Fourth Amendment has grown with technology yet struggles to find a balance between protecting children from online exploitation and privacy rights. Finally, the article proposes three solutions to this balancing issue: Supreme Court action, a uniform circuit test, or Congressional action

A New Approach in Expanding the Hash Size of MD5

The enhanced MD5 algorithm has been developed by expanding its hash value up to 1280 bits from the original size of 128 bit using XOR and AND operators. Findings revealed that the hash value of the modified algorithm was not cracked or hacked during the experiment and testing using powerful bruteforce, dictionary, cracking tools and rainbow table such as CrackingStation, Hash Cracker, Cain and Abel and Rainbow Crack which are available online thus improved its security level compared to the original MD5. Furthermore, the proposed method could output a hash value with 1280 bits with only 10.9 ms additional execution time from MD5. Keywords: MD5 algorithm, hashing, client-server communication, modified MD5, hacking, bruteforce, rainbow table

Homomorphic Hashing Based on Elliptic Curve Cryptography

For avoiding the exposure of plaintexts in cloud environments, some homomorphic hashing algorithms have been proposed to generate the hash value of each plaintext, and cloud environments only store the hash values and calculate the hash values for future needs. However, longer hash value generation time and longer hash value summary time may be required by these homomorphic hashing algorithms with higher security strengths. Therefore, this study proposes a homomorphic hashing based on elliptic curve cryptography (ECC) to provide a homomorphic hashing function in accordance with the characteristics of ECC. Furthermore, mathematical models and practical cases have been given to prove the proposed method. In experiments, the results show that the proposed method have higher efficiency with different security strengths.Comment: in Chinese languag