3,405 research outputs found
Simultaneous hashing of multiple messages
We describe a method for efficiently hashing multiple messages of different lengths. Such computations occur in various scenarios, and one of them is when an operating system checks the integrity of its components during boot time. These tasks can gain performance by parallelizing the computations and using SIMD architectures. For such scenarios, we compare the performance of a new 4-buffers SHA-256 S-HASH implementation, to that of the standard serial hashing. Our results are measured on the 2nd Generation Intel® Core™ Processor, and demonstrate SHA-256 processing at effectively ~5.2 Cycles per Byte, when hashing from any of the three cache levels, or from the system memory. This represents speedup by a factor of 3.42x compared to OpenSSL (1.0.1), and by 2.25x compared to the recent and faster n-SMS method. For hashing from a disk, we show an effective rate of ~6.73 Cycles/Byte, which is almost 3 times faster than OpenSSL (1.0.1) under the same conditions. These results indicate that for some usage models, SHA-256 is significantly faster than commonly perceived
Versatile FPGA architecture for skein hashing algorithm
Digital communications and data storage are expanding at fast rates, increasing the need for advanced cryptographic standards to validate and provide privacy for that data. One of the basic components commonly used in information security systems is cryptographic hashing. Cryptographic hashing involves the compression of an arbitrary block of data into a fixed-size string of bits known as the hash value. These functions are designed such that it is computationally infeasible to determine a message that results in a given hash value. It should also be infeasible to find two messages with the same hash value and to change a message without its hash value being changed. Some of the most common uses of these algorithms are digital signatures, message authentication codes, file identification, and data integrity. Due to developments in attacks on the Secure Hash Standard (SHS), which includes SHA-1 and SHA-2 (SHA-224, SHA-256, SHA-384, SHA-512), the National Institute of Standards and Technology (NIST) will be selecting a new hashing algorithm to replace the current standards. In 2008, 64 algorithms were entered into the NIST competition and in December 2010, five finalists were chosen. The final candidates are BLAKE, Keccak, Gr{o}stl, JH, and Skein. In 2012, one of these algorithms will be selected for the Secure Hash Algorithm 3 (SHA-3). This thesis focuses on the development of a versatile hardware architecture for Skein that provides both sequential and tree hashing functions of Skein. The performance optimizations rely heavily on pipelined and unrolled architectures to allow for simultaneous hashing of multiple unique messages and reduced area tree hashing implementations. Additional result of this thesis is a comprehensive overview of the newly developed architectures and an analysis of their performance in comparison with other software and hardware implementations
Coding against a Limited-view Adversary: The Effect of Causality and Feedback
We consider the problem of communication over a multi-path network in the
presence of a causal adversary. The limited-view causal adversary is able to
eavesdrop on a subset of links and also jam on a potentially overlapping subset
of links based on the current and past information. To ensure that the
communication takes place reliably and secretly, resilient network codes with
necessary redundancy are needed. We study two adversarial models - additive and
overwrite jamming and we optionally assume passive feedback from decoder to
encoder, i.e., the encoder sees everything that the decoder sees. The problem
assumes transmissions are in the large alphabet regime. For both jamming
models, we find the capacity under four scenarios - reliability without
feedback, reliability and secrecy without feedback, reliability with passive
feedback, reliability and secrecy with passive feedback. We observe that, in
comparison to the non-causal setting, the capacity with a causal adversary is
strictly increased for a wide variety of parameter settings and present our
intuition through several examples.Comment: 15 page
CATS: linearizability and partition tolerance in scalable and self-organizing key-value stores
Distributed key-value stores provide scalable, fault-tolerant, and self-organizing
storage services, but fall short of guaranteeing linearizable consistency
in partially synchronous, lossy, partitionable, and dynamic networks, when data
is distributed and replicated automatically by the principle of consistent hashing.
This paper introduces consistent quorums as a solution for achieving atomic
consistency. We present the design and implementation of CATS, a distributed
key-value store which uses consistent quorums to guarantee linearizability and partition tolerance in such adverse and dynamic network conditions. CATS is
scalable, elastic, and self-organizing; key properties for modern cloud storage
middleware. Our system shows that consistency can be achieved with practical
performance and modest throughput overhead (5%) for read-intensive workloads
Optimization of Tree Modes for Parallel Hash Functions: A Case Study
This paper focuses on parallel hash functions based on tree modes of
operation for an inner Variable-Input-Length function. This inner function can
be either a single-block-length (SBL) and prefix-free MD hash function, or a
sponge-based hash function. We discuss the various forms of optimality that can
be obtained when designing parallel hash functions based on trees where all
leaves have the same depth. The first result is a scheme which optimizes the
tree topology in order to decrease the running time. Then, without affecting
the optimal running time we show that we can slightly change the corresponding
tree topology so as to minimize the number of required processors as well.
Consequently, the resulting scheme decreases in the first place the running
time and in the second place the number of required processors.Comment: Preprint version. Added citations, IEEE Transactions on Computers,
201
Backscatter from the Data Plane --- Threats to Stability and Security in Information-Centric Networking
Information-centric networking proposals attract much attention in the
ongoing search for a future communication paradigm of the Internet. Replacing
the host-to-host connectivity by a data-oriented publish/subscribe service
eases content distribution and authentication by concept, while eliminating
threats from unwanted traffic at an end host as are common in today's Internet.
However, current approaches to content routing heavily rely on data-driven
protocol events and thereby introduce a strong coupling of the control to the
data plane in the underlying routing infrastructure. In this paper, threats to
the stability and security of the content distribution system are analyzed in
theory and practical experiments. We derive relations between state resources
and the performance of routers and demonstrate how this coupling can be misused
in practice. We discuss new attack vectors present in its current state of
development, as well as possibilities and limitations to mitigate them.Comment: 15 page
Identification via Quantum Channels in the Presence of Prior Correlation and Feedback
Continuing our earlier work (quant-ph/0401060), we give two alternative
proofs of the result that a noiseless qubit channel has identification capacity
2: the first is direct by a "maximal code with random extension" argument, the
second is by showing that 1 bit of entanglement (which can be generated by
transmitting 1 qubit) and negligible (quantum) communication has identification
capacity 2.
This generalises a random hashing construction of Ahlswede and Dueck: that 1
shared random bit together with negligible communication has identification
capacity 1.
We then apply these results to prove capacity formulas for various quantum
feedback channels: passive classical feedback for quantum-classical channels, a
feedback model for classical-quantum channels, and "coherent feedback" for
general channels.Comment: 19 pages. Requires Rinton-P9x6.cls. v2 has some minor errors/typoes
corrected and the claims of remark 22 toned down (proofs are not so easy
after all). v3 has references to simultaneous ID coding removed: there were
necessary changes in quant-ph/0401060. v4 (final form) has minor correction
Asymptotic Analysis of Plausible Tree Hash Modes for SHA-3
Discussions about the choice of a tree hash mode of operation for a
standardization have recently been undertaken. It appears that a single tree
mode cannot address adequately all possible uses and specifications of a
system. In this paper, we review the tree modes which have been proposed, we
discuss their problems and propose remedies. We make the reasonable assumption
that communicating systems have different specifications and that software
applications are of different types (securing stored content or live-streamed
content). Finally, we propose new modes of operation that address the resource
usage problem for the three most representative categories of devices and we
analyse their asymptotic behavior
- …