In-packet Bloom filters: Design and networking applications

The Bloom filter (BF) is a well-known space-efficient data structure that answers set membership queries with some probability of false positives. In an attempt to solve many of the limitations of current inter-networking architectures, some recent proposals rely on including small BFs in packet headers for routing, security, accountability or other purposes that move application states into the packets themselves. In this paper, we consider the design of such in-packet Bloom filters (iBF). Our main contributions are exploring the design space and the evaluation of a series of extensions (1) to increase the practicality and performance of iBFs, (2) to enable false-negative-free element deletion, and (3) to provide security enhancements. In addition to the theoretical estimates, extensive simulations of the multiple design parameters and implementation alternatives validate the usefulness of the extensions, providing for enhanced and novel iBF networking applications.Comment: 15 pages, 11 figures, preprint submitted to Elsevier COMNET Journa

A New Approach in Expanding the Hash Size of MD5

The enhanced MD5 algorithm has been developed by expanding its hash value up to 1280 bits from the original size of 128 bit using XOR and AND operators. Findings revealed that the hash value of the modified algorithm was not cracked or hacked during the experiment and testing using powerful bruteforce, dictionary, cracking tools and rainbow table such as CrackingStation, Hash Cracker, Cain and Abel and Rainbow Crack which are available online thus improved its security level compared to the original MD5. Furthermore, the proposed method could output a hash value with 1280 bits with only 10.9 ms additional execution time from MD5. Keywords: MD5 algorithm, hashing, client-server communication, modified MD5, hacking, bruteforce, rainbow table

Modified SHA1: A Hashing Solution to Secure Web Applications through Login Authentication

The modified SHA1 algorithm has been developed by expanding its hash value up to 1280 bits from the original size of 160 bit. This was done by allocating 32 buffer registers for variables A, B, C and D at 5 bytes each. The expansion was done by generating 4 buffer registers in every round inside the compression function for 8 times. Findings revealed that the hash value of the modified algorithm was not cracked or hacked during the experiment and testing using powerful online cracking tool, bruteforce and rainbow table such as CrackingStation and Rainbow Crack and bruteforcer which are available online thus improved its security level compared to the original SHA1

Comparison of hash function algorithms against attacks: a review

Hash functions are considered key components of nearly all cryptographic protocols, as well as of many security applications such as message authentication codes, data integrity, password storage, and random number generation. Many hash function algorithms have been proposed in order to ensure authentication and integrity of the data, including MD5, SHA-1, SHA-2, SHA-3 and RIPEMD. This paper involves an overview of these standard algorithms, and also provides a focus on their limitations against common attacks. These study shows that these standard hash function algorithms suffer collision attacks and time inefficiency. Other types of hash functions are also highlighted in comparison with the standard hash function algorithm in performing the resistance against common attacks. It shows that these algorithms are still weak to resist against collision attacks

Chosen-Prefix Collisions for MD5 and Applications

We present a novel, automated way to find differential paths for MD5. Its main application is in the construction of \emph{chosen-prefix collisions}. We have shown how, at an approximate expected cost of $2^{39}$ calls to the MD5 compression function, for any two chosen message prefixes $P$ and $P'$, suffixes $S$ and $S'$ can be constructed such that the concatenated values $P\|S$ and $P'\|S'$ collide under MD5. The practical attack potential of this construction of chosen-prefix collisions is of greater concern than the MD5-collisions that were published before. This is illustrated by a pair of MD5-based X.509 certificates one of which was signed by a commercial Certification Authority (CA) as a legitimate website certificate, while the other one is a certificate for a rogue CA that is entirely under our control (cf.\ \url{http://www.win.tue.nl/hashclash/rogue-ca/}). Other examples, such as MD5-colliding executables, are presented as well. More details can be found on \url{http://www.win.tue.nl/hashclash/ChosenPrefixCollisions/}

Reverse-Engineering of the Cryptanalytic Attack Used in the Flame Super-Malware

In May 2012, a highly advanced malware for espionage dubbed Flame was found targeting the Middle-East. As it turned out, it used a forged signature to infect Windows machines by MITM-ing Windows Update. Using counter-cryptanalysis, Stevens found that the forged signature was made possible by a chosen-prefix attack on MD5 \cite{DBLP:conf/crypto/Stevens13}. He uncovered some details that prove that this attack differs from collision attacks in the public literature, yet many questions about techniques and complexity remained unanswered. In this paper, we demonstrate that significantly more information can be deduced from the example collision. Namely, that these details are actually sufficient to reconstruct the collision attack to a great extent using some weak logical assumptions. In particular, we contribute an analysis of the differential path family for each of the four near-collision blocks, the chaining value differences elimination procedure and a complexity analysis of the near-collision block attacks and the associated birthday search for various parameter choices. Furthermore, we were able to prove a lower-bound for the attack's complexity. This reverse-engineering of a non-academic cryptanalytic attack exploited in the real world seems to be without precedent. As it allegedly was developed by some nation-state(s) \cite{WashingtonPost_Flame,kaspersky_flame,crysis_flame}, we discuss potential insights to their cryptanalytic knowledge and capabilities

Reverse-Engineering of the Cryptanalytic Attack Used in the Flame Super-Malware

In May 2012, a highly advanced malware for espionage dubbed Flame was found targeting the Middle-East. As it turned out, it used a forged signature to infect Windows machines by MITM-ing Windows Update. Using counter-cryptanalysis, Stevens found that the forged signature was made possible by a chosen-prefix attack on MD5 \cite{DBLP:conf/crypto/Stevens13}. He uncovered some details that prove that this attack differs from collision attacks in the public literature, yet many questions about techniques and complexity remained unanswered. In this paper, we demonstrate that significantly more information can be deduced from the example collision. Namely, that these details are actually sufficient to reconstruct the collision attack to a great extent using some weak logical assumptions. In particular, we contribute an analysis of the differential path family for each of the four near-collision blocks, the chaining value differences elimination procedure and a complexity analysis of the near-collision block attacks and the associated birthday search for various parameter choices. Furthermore, we were able to prove a lower-bound for the attack's complexity. This reverse-engineering of a non-academic cryptanalytic attack exploited in the real world seems to be without precedent. As it allegedly was developed by some nation-state(s), we discuss potential insights to their cryptanalytic knowledge and capabilities

Cryptanalysis of Hash Functions

The aim of this thesis is to evaluate the applicability of the recently developed biclique [KRS11] to the preimage attack performed by Sasaki and Aoki [SA09]. This led to a slightly improved time complexity of 2^{121.3} compression function evaluations and a greatly improved memory complexity of 2^{20.7} 32-bit memory words. Thanks to this reasonable memory requirement, an attack faster than brute force can be actually implemented, though its execution time would still be infeasibleope