19 research outputs found
Использование BDS-статистики для оценки параметров одномерных отображений по наблюдению хаотического временного ряда
For the analysis of structural stealthiness of transmission systems of the information with random bearing, shaped one-dimensional representation, offers a new method of an estimate of its parameters with use nonparametric BDS-statistics. It is in-process shown, that, leaning against difference in absolute concepts in a phase space random, regular and random processes with independent values it is possible to solve a problem estimates of parameters representation on observation of random time series against a white noise. Outcomes of numerical modeling of the offered method of an estimate of parameters of random representations for various character of noise are resulted.Для анализа структурной скрытности систем передачи информации с хаотической несущей, формируемой одномерным отображением, предложен новый метод оценки его параметров
с использованием непараметрической BDS-статистики. В работе показано, что, опираясь на различие в топологических свойствах в фазовом пространстве хаотических, регулярных и случайных процессов с независимыми значениями можно решать задачу оценки параметров
отображения по наблюдению хаотического временного ряда на фоне белого шума. Приведены результаты численного моделирования предложенного метода оценки параметров хаотических отображений для различного характера шума
Підходи до побудови швидких алгоритмів хешування
Розглянуто конструкції хешування та підходи до їх розпаралелення. Запропоновано узагальнену конструкцію паралельного хешування, стійку до відомих атак. Визначено оцінки тривалості хешування для різних реалізацій цієї конструкції. Дані оцінки були порівняні з аналогічними оцінками для відомих конструкцій.Hash constructions and approaches of their parallel computation are considered. The generalized construction of parallel hashing, that is infeasible to known attacks, is proposed. The hash computation
durations of this construction different implementations are evaluated. The results of the evaluations were compared with ones of the known constructions
Preimage resistance beyond the birthday bound: Double-length hashing revisited
Security proofs are an essential part of modern cryptography. Often the challenge is not to come up with appropriate schemes but rather to technically prove that these satisfy the desired security properties.
We provide for the first time techniques for proving asymptotically optimal preimage resistance bounds for block cipher based double length, double call hash functions. More precisely, we consider for some \keylength>\blocklength compression functions H:\{0,1\}^{\keylength+\blocklength} \rightarrow \{0,1\}^{2\blocklength} using two calls to an ideal block cipher with an \blocklength-bit block size. Optimally, an adversary trying to find a preimage for should require \Omega(2^{2\blocklength}) queries to the underlying block cipher. As a matter of fact there have been several attempts to prove the preimage resistance of such compression functions, but no proof did go beyond the \Omega(2^{\blocklength}) barrier, therefore leaving a huge gap when compared to the optimal bound.
In this paper, we introduce two new techniques on how to lift this bound to \Omega(2^{2\blocklength}). We demonstrate our new techniques for a simple and natural design of , being the concatenation of two instances of the well-known Davies-Meyer compression function
Attacks On a Double Length Blockcipher-based Hash Proposal
In this paper we attack a -bit double length hash function
proposed by Lee et al. This proposal is a
blockcipher-based hash function with hash rate . The designers
claimed that it could achieve ideal collision resistance and gave a
security proof. However, we find a collision attack with complexity of
and a preimage attack with complexity of
. Our result shows this construction is much worse
than an ideal -bit hash function
The Security of Abreast-DM in the Ideal Cipher Model
In this paper, we give a security proof for Abreast-DM in terms of collision resistance and preimage resistance. As old as Tandem-DM, the compression function Abreast-DM is one of the most well-known constructions for double block length compression functions. The bounds on the number of queries for collision resistance and preimage resistance are given by O(2^n). Based on a novel technique using query-response cycles, our security proof is simpler than those for MDC-2 and Tandem-DM. We also present a wide class of Abreast-DM variants that enjoy a birthday-type security guarantee with a simple proof
More Insights on Blockcipher-Based Hash Functions
In this paper we give more insights on the security of
blockcipher-based hash functions. We give a very simple criterion to
build a secure large class of Single-Block-Length (SBL) or double
call Double-Block-Length (DBL) compression functions based on blockciphers, where is the key length and is the block
length and is an integer.
This criterion is simpler than previous works in the literature.
Based on the criterion, we can get many results from this criterion,
and we can get a conclusion on such class of blockcipher-based hash
functions. We solved the open problem left by Hirose. Our results
show that to build a secure double call DBL compression function, it
is required where is the number of message blocks.
Thus, we can only build rate 1/2 secure double DBL blockcipher-based
compression functions if .
At last, we pointed out flaws in Stam\u27s theorem about
supercharged functions and gave a revision of this theorem and added
another condition for the security of supercharged compression
functions
Practical Homomorphic Evaluation of Block-Cipher-Based Hash Functions with Applications
Fully homomorphic encryption (FHE) is a powerful cryptographic technique allowing to perform computation directly over encrypted data. Motivated by the overhead induced by the homomorphic ciphertexts during encryption and transmission, the transciphering technique, consisting in switching from a symmetric encryption to FHE encrypted data was investigated in several papers. Different stream and block ciphers were evaluated in terms of their FHE-friendliness , meaning practical implementations costs while maintaining sufficient security levels.
In this work, we present a first evaluation of hash functions in the homomorphic domain, based on well-chosen block ciphers. More precisely, we investigate the cost of transforming PRINCE, SIMON, SPECK, and LowMC, a set of lightweight block-ciphers into secure hash primitives using well-established hash functions constructions based on block-ciphers, and provide evaluation under bootstrappable FHE schemes. We also motivate the necessity of practical homomorphic evaluation of hash functions by providing several use cases in which the integrity of private data is also required. In particular, our hash constructions can be of significant use in a threshold-homomorphic based protocol for the single secret leader election problem occurring in blockchains with Proof-of-stake consensus. Our experiments showed that using a TFHE implementation of a hash function, we are able to achieve practical runtime, and appropriate security levels (e.g., for PRINCE it takes 1.28 minutes to obtain a 128 bits of hash)
Distinguisher and Related-Key Attack on the Full AES-256 (Extended Version)
In this paper we construct a chosen-key distinguisher and a
related-key attack on the full 256-bit key AES. We define a
notion of {\em differential -multicollision} and show that for
AES-256 -multicollisions can be constructed in time and with negligible memory, while we prove that the same
task for an ideal cipher of the same block size would require at
least time. Using similar
approach and with the same complexity we can also construct
-pseudo collisions for AES-256 in Davies-Meyer hashing mode, a
scheme which is provably secure in the ideal-cipher model. We have
also computed partial -multicollisions in time
on a PC to verify our results. These results show that AES-256 can
not model an ideal cipher in theoretical constructions.
Finally, we extend our results
to find the first publicly known attack on the full 14-round
AES-256: a related-key distinguisher which works for one out of
every keys with data and time complexity and
negligible memory. This distinguisher is translated into a
key-recovery
attack with total complexity of time and memory
The preimage security of double-block-length compression functions
We give improved bounds on the preimage security of the three ``classical\u27\u27 double-block-length, double-call, blockcipher-based compression functions, these being Abreast-DM, Tandem-DM and
Hirose\u27s scheme. For Hirose\u27s scheme, we show that an
adversary must make at least blockcipher queries to achieve chance of inverting a randomly chosen point in the range.
For Abreast-DM and Tandem-DM we show that
at least queries are necessary.
These bounds improve upon the previous best bounds of queries, and are optimal up to a constant factor since the compression functions in question have range of size
Security of Cyclic Double Block Length Hash Functions including Abreast-DM
We provide the first proof of security for Abreast-DM, one of the oldest and most well-known constructions for turning a block cipher with -bit block length and -bit key length into a 2n-bit cryptographic hash function. In particular, we prove that when Abreast-DM is instantiated with AES-256, i.e. a block cipher with 128-bit block length and 256-bit key length, any adversary that asks less than 2^124.42 queries cannot find a collision with success probability greater than 1/2. Surprisingly, this about 15 years old construction is one of the few constructions that have the desirable feature of a near-optimal collision resistance guarantee.
We generalize our techniques used in the proof of Abreast-DM to a huge class of double block length (DBL) hash functions that we will call Cyclic-DM. Using this generalized theorem we are able to derive several DBL constructions that lead to compression functions that even have a higher security guarantee and are more efficient than Abreast-DM. Furthermore we give DBL constructions that have the highest security guarantee of all DBL compression functions currently known in literature. We also provide an analysis of preimage resistance for Cyclic-DM compression functions. Note that this work has been already presented at Dagstuhl \u2709