3,652 research outputs found
The universality of iterated hashing over variable-length strings
Iterated hash functions process strings recursively, one character at a time.
At each iteration, they compute a new hash value from the preceding hash value
and the next character. We prove that iterated hashing can be pairwise
independent, but never 3-wise independent. We show that it can be almost
universal over strings much longer than the number of hash values; we bound the
maximal string length given the collision probability
Key recycling in authentication
In their seminal work on authentication, Wegman and Carter propose that to
authenticate multiple messages, it is sufficient to reuse the same hash
function as long as each tag is encrypted with a one-time pad. They argue that
because the one-time pad is perfectly hiding, the hash function used remains
completely unknown to the adversary.
Since their proof is not composable, we revisit it using a composable
security framework. It turns out that the above argument is insufficient: if
the adversary learns whether a corrupted message was accepted or rejected,
information about the hash function is leaked, and after a bounded finite
amount of rounds it is completely known. We show however that this leak is very
small: Wegman and Carter's protocol is still -secure, if
-almost strongly universal hash functions are used. This implies
that the secret key corresponding to the choice of hash function can be reused
in the next round of authentication without any additional error than this
.
We also show that if the players have a mild form of synchronization, namely
that the receiver knows when a message should be received, the key can be
recycled for any arbitrary task, not only new rounds of authentication.Comment: 17+3 pages. 11 figures. v3: Rewritten with AC instead of UC. Extended
the main result to both synchronous and asynchronous networks. Matches
published version up to layout and updated references. v2: updated
introduction and reference
Regular and almost universal hashing: an efficient implementation
Random hashing can provide guarantees regarding the performance of data
structures such as hash tables---even in an adversarial setting. Many existing
families of hash functions are universal: given two data objects, the
probability that they have the same hash value is low given that we pick hash
functions at random. However, universality fails to ensure that all hash
functions are well behaved. We further require regularity: when picking data
objects at random they should have a low probability of having the same hash
value, for any fixed hash function. We present the efficient implementation of
a family of non-cryptographic hash functions (PM+) offering good running times,
good memory usage as well as distinguishing theoretical guarantees: almost
universality and component-wise regularity. On a variety of platforms, our
implementations are comparable to the state of the art in performance. On
recent Intel processors, PM+ achieves a speed of 4.7 bytes per cycle for 32-bit
outputs and 3.3 bytes per cycle for 64-bit outputs. We review vectorization
through SIMD instructions (e.g., AVX2) and optimizations for superscalar
execution.Comment: accepted for publication in Software: Practice and Experience in
September 201
New security notions and feasibility results for authentication of quantum data
We give a new class of security definitions for authentication in the quantum
setting. These definitions capture and strengthen existing definitions of
security against quantum adversaries for both classical message authentication
codes (MACs) and well as full quantum state authentication schemes. The main
feature of our definitions is that they precisely characterize the effective
behavior of any adversary when the authentication protocol accepts, including
correlations with the key. Our definitions readily yield a host of desirable
properties and interesting consequences; for example, our security definition
for full quantum state authentication implies that the entire secret key can be
re-used if the authentication protocol succeeds.
Next, we present several protocols satisfying our security definitions. We
show that the classical Wegman-Carter authentication scheme with 3-universal
hashing is secure against superposition attacks, as well as adversaries with
quantum side information. We then present conceptually simple constructions of
full quantum state authentication.
Finally, we prove a lifting theorem which shows that, as long as a protocol
can securely authenticate the maximally entangled state, it can securely
authenticate any state, even those that are entangled with the adversary. Thus,
this shows that protocols satisfying a fairly weak form of authentication
security automatically satisfy a stronger notion of security (in particular,
the definition of Dupuis, et al (2012)).Comment: 50 pages, QCrypt 2016 - 6th International Conference on Quantum
Cryptography, added a new lifting theorem that shows equivalence between a
weak form of authentication security and a stronger notion that considers
side informatio
Twofold Video Hashing with Automatic Synchronization
Video hashing finds a wide array of applications in content authentication,
robust retrieval and anti-piracy search. While much of the existing research
has focused on extracting robust and secure content descriptors, a significant
open challenge still remains: Most existing video hashing methods are fallible
to temporal desynchronization. That is, when the query video results by
deleting or inserting some frames from the reference video, most existing
methods assume the positions of the deleted (or inserted) frames are either
perfectly known or reliably estimated. This assumption may be okay under
typical transcoding and frame-rate changes but is highly inappropriate in
adversarial scenarios such as anti-piracy video search. For example, an illegal
uploader will try to bypass the 'piracy check' mechanism of YouTube/Dailymotion
etc by performing a cleverly designed non-uniform resampling of the video. We
present a new solution based on dynamic time warping (DTW), which can implement
automatic synchronization and can be used together with existing video hashing
methods. The second contribution of this paper is to propose a new robust
feature extraction method called flow hashing (FH), based on frame averaging
and optical flow descriptors. Finally, a fusion mechanism called distance
boosting is proposed to combine the information extracted by DTW and FH.
Experiments on real video collections show that such a hash extraction and
comparison enables unprecedented robustness under both spatial and temporal
attacks.Comment: submitted to Image Processing (ICIP), 2014 21st IEEE International
Conference o
From Graphs to Keyed Quantum Hash Functions
We present two new constructions of quantum hash functions: the first based
on expander graphs and the second based on extractor functions and estimate the
amount of randomness that is needed to construct them. We also propose a keyed
quantum hash function based on extractor function that can be used in quantum
message authentication codes and assess its security in a limited attacker
model
- …