360 research outputs found
Preimage Attacks on 41-Step SHA-256 and 46-Step SHA-512
In this paper, we propose preimage attacks on 41-step SHA-256 and 46-step SHA-512,
which drastically increase the number of attacked steps compared to the best previous preimage attack working for only 24 steps.
The time complexity for 41-step SHA-256 is compression function operations and the memory requirement is
words.
The time complexity for 46-step SHA-512 is compression function operations and the memory requirement is
words.
Our attack is a meet-in-the-middle attack.
We first consider the application of previous meet-in-the-middle attack techniques to SHA-2.
We then analyze the message expansion of SHA-2 by considering all previous techniques
to find a new independent message-word partition.
We first explain the attack on 40-step SHA-256 whose complexity is to describe the ideas.
We then explain how to extend the attack
REISCH: incorporating lightweight and reliable algorithms into healthcare applications of WSNs
Healthcare institutions require advanced technology to collect patients' data accurately and continuously. The tradition technologies still suffer from two problems: performance and security efficiency. The existing research has serious drawbacks when using public-key mechanisms such as digital signature algorithms. In this paper, we propose Reliable and Efficient Integrity Scheme for Data Collection in HWSN (REISCH) to alleviate these problems by using secure and lightweight signature algorithms. The results of the performance analysis indicate that our scheme provides high efficiency in data integration between sensors and server (saves more than 24% of alive sensors compared to traditional algorithms). Additionally, we use Automated Validation of Internet Security Protocols and Applications (AVISPA) to validate the security procedures in our scheme. Security analysis results confirm that REISCH is safe against some well-known attacks
Security of the SHA-3 candidates Keccak and Blue Midnight Wish: Zero-sum property
The SHA-3 competition for the new cryptographic standard was initiated by National Institute of Standards and Technology (NIST) in 2007. In the following years, the event grew to one of the top areas currently being researched by the CS and cryptographic communities. The first objective of this thesis is to overview, analyse, and critique the SHA-3 competition. The second one is to perform an in-depth study of the security of two candidate hash functions, the finalist Keccak and the second round candidate Blue Midnight Wish. The study shall primarily focus on zero-sum distinguishers. First we attempt to attack reduced versions of these hash functions and see if any vulnerabilities can be detected. This is followed by attacks on their full versions. In the process, a novel approach is utilized in the search of zero-sum distinguishers by employing SAT solvers. We conclude that while such complex attacks can theoretically uncover undesired properties of the two hash functions presented, such attacks are still far from being fully realized due to current limitations in computing power
Overview of blockchain technology cryptographic security
This thesis work is aimed at developing understanding of the hash functions and algorithms being used in blockchain technologies Bitcoin in comparison to Ethereum and private blockchain hash functions. This study attempts to answer one fundamental research question: “What considerations are important in assessing blockchain cryptographic security, with an emphasis on hash functions”.
The study was carried out qualitatively using a desk research approach and combining this approach with using two public blockchains-based cryptocurrencies; Ethereum and Bitcoin as case studies. The research aims to provide a holistic view of blockchain cryptographic security comparing Bitcoin and Ethereum as use cases, and thus providing a consolidated document which students studying cryptography can access to obtain a better understanding of what is involved in blockchain security. From an academic perspective, the research aims at providing a model which can be used in assessing what is important to consider in the cryptographic security of blockchains.
Three main categories of factors considered were presented in the proposed model which were strategical factors, complexity attributes and technical drivers. This results in a base crucial metrics such as absence of secret seeds, efficiency of verification, preimage collision resistance, fixed output size, low collision probability, and even distribution of preimages in output
Improving Data Integrity in Communication Systems by Designing a New Security Hash Algorithm
The objective of this paper is to design a new secure hash algorithm with final hash code length 512 bits. The proposed hash code algorithm based on the combination of SHA-256 algorithm -with modification in its message expansion- and MD5algorithm based on double-Davis-Mayer scheme to reduce the weakness existing in these functions.In this paper; we modified message expansion for SHA-256 in the proposed algorithm .By using MATLAB, The proposed algorithm has been simulated. And hash code for different messages is obtained using MD5, SHA-256, combination of MD5 and SHA-256 with final hash code length 265 bits algorithms and the proposed algorithm . Hash code of the proposed algorithm is different from hash code obtained by MD5, SHA-256 and combination of MD5 and SHA-256 with final hash code length 256 bits algorithms for the same messages. Avalanche test, with one bit difference and more than one bit difference, is applied toSHA-256, combination of MD5 and SHA-256 with final hash code length 256 bits and the proposed algorithm .The proposed algorithm passed avalanche test with higher probability than SHA-256Â Â and combination of MD5 and SHA-256 with final hash code length 256 bit algorithms .The proposed algorithm is more complicated and more secure
Inverting Cryptographic Hash Functions via Cube-and-Conquer
MD4 and MD5 are seminal cryptographic hash functions proposed in early 1990s.
MD4 consists of 48 steps and produces a 128-bit hash given a message of
arbitrary finite size. MD5 is a more secure 64-step extension of MD4. Both MD4
and MD5 are vulnerable to practical collision attacks, yet it is still not
realistic to invert them, i.e. to find a message given a hash. In 2007, the
39-step version of MD4 was inverted via reducing to SAT and applying a CDCL
solver along with the so-called Dobbertin's constraints. As for MD5, in 2012
its 28-step version was inverted via a CDCL solver for one specified hash
without adding any additional constraints. In this study, Cube-and-Conquer (a
combination of CDCL and lookahead) is applied to invert step-reduced versions
of MD4 and MD5. For this purpose, two algorithms are proposed. The first one
generates inversion problems for MD4 by gradually modifying the Dobbertin's
constraints. The second algorithm tries the cubing phase of Cube-and-Conquer
with different cutoff thresholds to find the one with minimal runtime
estimation of the conquer phase. This algorithm operates in two modes: (i)
estimating the hardness of a given propositional Boolean formula; (ii)
incomplete SAT-solving of a given satisfiable propositional Boolean formula.
While the first algorithm is focused on inverting step-reduced MD4, the second
one is not area-specific and so is applicable to a variety of classes of hard
SAT instances. In this study, 40-, 41-, 42-, and 43-step MD4 are inverted for
the first time via the first algorithm and the estimating mode of the second
algorithm. 28-step MD5 is inverted for four hashes via the incomplete
SAT-solving mode of the second algorithm. For three hashes out of them this is
done for the first time.Comment: 40 pages, 11 figures. A revised submission to JAI
- …