Preimages for Step-Reduced SHA-2

In this paper, we present a preimage attack for 42 step-reduced SHA-256 with time complexity $2^{251.7}$ and memory requirements of order $2^{12}$. The same attack also applies to 42 step-reduced SHA-512 with time complexity $2^{502.3}$ and memory requirements of order $2^{22}$. Our attack is meet-in-the-middle preimage attack

Improving Data Integrity in Communication Systems by Designing a New Security Hash Algorithm

The objective of this paper is to design a new secure hash algorithm with final hash code length 512 bits. The proposed hash code algorithm based on the combination of SHA-256 algorithm -with modification in its message expansion- and MD5algorithm based on double-Davis-Mayer scheme to reduce the weakness existing in these functions.In this paper; we modified message expansion for SHA-256 in the proposed algorithm .By using MATLAB, The proposed algorithm has been simulated. And hash code for different messages is obtained using MD5, SHA-256, combination of MD5 and SHA-256 with final hash code length 265 bits algorithms and the proposed algorithm . Hash code of the proposed algorithm is different from hash code obtained by MD5, SHA-256 and combination of MD5 and SHA-256 with final hash code length 256 bits algorithms for the same messages. Avalanche test, with one bit difference and more than one bit difference, is applied toSHA-256, combination of MD5 and SHA-256 with final hash code length 256 bits and the proposed algorithm .The proposed algorithm passed avalanche test with higher probability than SHA-256   and combination of MD5 and SHA-256 with final hash code length 256 bit algorithms .The proposed algorithm is more complicated and more secure

Applications of cryptanalysis methods to some symmetric key primitives

Block ciphers and hash functions are important cryptographic primitives that are used to secure the exchange of critical information. With the continuous increase in computational power available to attackers, information security systems including their underlying primitives need continuous improvements. Various cryptanalysis methods are used to examine the strength and weakness of hash functions and block ciphers. In this work, we study the Lesamnta-512 and DHA-256 hash functions and the LAC authenticated encryption scheme. In particular, we study the resistance of the underlying block cipher of the Lesamnta-512 hash function against impossible differential attacks, the resistance of the DHA-256 compression function against collision attacks. We also study MAC forgery attacks against LAC. Throughout our analysis, we use different automated methods to facilitate our analysis. For the cryptanalysis of Lesamnta-512, two automated methods are studied for finding an impossible differential path with the maximum length. Using the obtained impossible differential path, impossible differential cryptanalysis of Lesamnta-512 is performed for 16 rounds. For the DHA-256 hash function, we used an algebraic method to find collisions for its 17-step reduced compression function by deriving difference equations for each step and then solving them when the conditions for collisions are imposed on these equations. For LAC, the differential behavior of the different operations of the cipher is represented into a set of linear equations. Then, a Mixed Integer Linear Programming (MILP) approach is used to find a high probability characteristic. This characteristic is then used to perform a forgery attack on LAC encryption authenticated cipher

Approaches to Overpower Proof-of-Work Blockchains Despite Minority

Blockchain (BC) technology has been established in 2009 by Nakamoto, using the Proof-of-Work (PoW) to reach consensus in public permissionless networks (Praveen et al., 2020). Since then, several consensus algorithms were proposed to provide equal (or higher) levels of security, democracy, and scalability, yet with lower levels of energy consumption. However, Nakamoto's model (a.k.a. Bitcoin) still dominates as the most trusted model in the described sittings since alternative solutions might provide lower energy consumption and higher scalability, but they would always require deviating the system towards unrecommended centralization or lower levels of security. That is, Nakamoto's model claims to tolerate (up to) < 50% of the network being controlled by a dishonest party (minority), which cannot be realized in alternative solutions without sacrificing the full decentralization property. In this paper, we investigate this tolerance claim, and we review several approaches that can be used to undermine/overpower PoW-based BCs, even with minority. We discuss those BCs taking Bitcoin as a representative application, where needed. However, the presented approaches can be applied in any PoW-based BC. Specifically, we technically discuss how a dishonest miner in minority, can take over the network using improved Brute-forcing, AI-assisted mining, Quantum Computing, Sharding, Partial Pre-imaging, Selfish mining, among other approaches. Our review serves as a needed collective technical reference (concluding more than 100 references), for practitioners and researchers, who either seek a reliable security implementation of PoW-based BC applications, or seek a comparison of PoW-based, against other BCs, in terms of adversary tolerance

Cryptanalysis of Some AES-based Cryptographic Primitives

Current information security systems rely heavily on symmetric key cryptographic primitives as one of their basic building blocks. In order to boost the efficiency of the security systems, designers of the underlying primitives often tend to avoid the use of provably secure designs. In fact, they adopt ad hoc designs with claimed security assumptions in the hope that they resist known cryptanalytic attacks. Accordingly, the security evaluation of such primitives continually remains an open field. In this thesis, we analyze the security of two cryptographic hash functions and one block cipher. We primarily focus on the recent AES-based designs used in the new Russian Federation cryptographic hashing and encryption suite GOST because the majority of our work was carried out during the open research competition run by the Russian standardization body TC26 for the analysis of their new cryptographic hash function Streebog. Although, there exist security proofs for the resistance of AES- based primitives against standard differential and linear attacks, other cryptanalytic techniques such as integral, rebound, and meet-in-the-middle attacks have proven to be effective. The results presented in this thesis can be summarized as follows: Initially, we analyze various security aspects of the Russian cryptographic hash function GOST R 34.11-2012, also known as Streebog or Stribog. In particular, our work investigates five security aspects of Streebog. Firstly, we present a collision analysis of the compression function and its in- ternal cipher in the form of a series of modified rebound attacks. Secondly, we propose an integral distinguisher for the 7- and 8-round compression function. Thirdly, we investigate the one wayness of Streebog with respect to two approaches of the meet-in-the-middle attack, where we present a preimage analysis of the compression function and combine the results with a multicollision attack to generate a preimage of the hash function output. Fourthly, we investigate Streebog in the context of malicious hashing and by utilizing a carefully tailored differential path, we present a backdoored version of the hash function where collisions can be generated with practical complexity. Lastly, we propose a fault analysis attack which retrieves the inputs of the compression function and utilize it to recover the secret key when Streebog is used in the keyed simple prefix and secret-IV MACs, HMAC, or NMAC. All the presented results are on reduced round variants of the function except for our analysis of the malicious version of Streebog and our fault analysis attack where both attacks cover the full round hash function. Next, we examine the preimage resistance of the AES-based Maelstrom-0 hash function which is designed to be a lightweight alternative to the ISO standardized hash function Whirlpool. One of the distinguishing features of the Maelstrom-0 design is the proposal of a new chaining construction called 3CM which is based on the 3C/3C+ family. In our analysis, we employ a 4-stage approach that uses a modified technique to defeat the 3CM chaining construction and generates preimages of the 6-round reduced Maelstrom-0 hash function. Finally, we provide a key recovery attack on the new Russian encryption standard GOST R 34.12- 2015, also known as Kuznyechik. Although Kuznyechik adopts an AES-based design, it exhibits a faster diffusion rate as it employs an optimal diffusion transformation. In our analysis, we propose a meet-in-the-middle attack using the idea of efficient differential enumeration where we construct a three round distinguisher and consequently are able to recover 16-bytes of the master key of the reduced 5-round cipher. We also present partial sequence matching, by which we generate, store, and match parts of the compared parameters while maintaining negligible probability of matching error, thus the overall online time complexity of the attack is reduced

Preimage Attacks on Reduced DHA-256 *

DHA-256 (Double Hash Algorithm) was proposed at the Cryptographic Hash Workshop hosted by NIST in November 2005. DHA-256 is a dedicated hash function with output length of 256 bits and 64 steps of operations designed to enhance SHA-256 security. In this paper, we show two attacks on reduced DHA-256. The first attack finds one-block second preimage and preimage of 26-step DHA-256 with time complexity of 2 223.82 compression function operations and 2 32 x 9 words memory. The second attack finds pseudo-preimage and preimage of 35-step DHA-256 with time complexity of 2 239.63 and 2 248.82 compression function operations, respectively, and 2 16 x 11 words memory. To the best of our knowledge, this is the first paper that analyzes second preimage resistance and preimage resistance of DHA-256. Keywords: DHA-256, meet-in-the-middle, second preimage, preimage, hash function 1

Collected Papers (on Neutrosophics, Plithogenics, Hypersoft Set, Hypergraphs, and other topics), Volume X

This tenth volume of Collected Papers includes 86 papers in English and Spanish languages comprising 972 pages, written between 2014-2022 by the author alone or in collaboration with the following 105 co-authors (alphabetically ordered) from 26 countries: Abu Sufian, Ali Hassan, Ali Safaa Sadiq, Anirudha Ghosh, Assia Bakali, Atiqe Ur Rahman, Laura Bogdan, Willem K.M. Brauers, Erick González Caballero, Fausto Cavallaro, Gavrilă Calefariu, T. Chalapathi, Victor Christianto, Mihaela Colhon, Sergiu Boris Cononovici, Mamoni Dhar, Irfan Deli, Rebeca Escobar-Jara, Alexandru Gal, N. Gandotra, Sudipta Gayen, Vassilis C. Gerogiannis, Noel Batista Hernández, Hongnian Yu, Hongbo Wang, Mihaiela Iliescu, F. Nirmala Irudayam, Sripati Jha, Darjan Karabašević, T. Katican, Bakhtawar Ali Khan, Hina Khan, Volodymyr Krasnoholovets, R. Kiran Kumar, Manoranjan Kumar Singh, Ranjan Kumar, M. Lathamaheswari, Yasar Mahmood, Nivetha Martin, Adrian Mărgean, Octavian Melinte, Mingcong Deng, Marcel Migdalovici, Monika Moga, Sana Moin, Mohamed Abdel-Basset, Mohamed Elhoseny, Rehab Mohamed, Mohamed Talea, Kalyan Mondal, Muhammad Aslam, Muhammad Aslam Malik, Muhammad Ihsan, Muhammad Naveed Jafar, Muhammad Rayees Ahmad, Muhammad Saeed, Muhammad Saqlain, Muhammad Shabir, Mujahid Abbas, Mumtaz Ali, Radu I. Munteanu, Ghulam Murtaza, Munazza Naz, Tahsin Oner, ‪Gabrijela Popović‬‬‬‬‬, Surapati Pramanik, R. Priya, S.P. Priyadharshini, Midha Qayyum, Quang-Thinh Bui, Shazia Rana, Akbara Rezaei, Jesús Estupiñán Ricardo, Rıdvan Sahin, Saeeda Mirvakili, Said Broumi, A. A. Salama, Flavius Aurelian Sârbu, Ganeshsree Selvachandran, Javid Shabbir, Shio Gai Quek, Son Hoang Le, Florentin Smarandache, Dragiša Stanujkić, S. Sudha, Taha Yasin Ozturk, Zaigham Tahir, The Houw Iong, Ayse Topal, Alptekin Ulutaș, Maikel Yelandi Leyva Vázquez, Rizha Vitania, Luige Vlădăreanu, Victor Vlădăreanu, Ștefan Vlăduțescu, J. Vimala, Dan Valeriu Voinea, Adem Yolcu, Yongfei Feng, Abd El-Nasser H. Zaied, Edmundas Kazimieras Zavadskas.‬