Improved Cryptanalysis of Skein

The hash function Skein is the submission of Ferguson et al. to the NIST Hash Competition, and is arguably a serious candidate for selection as SHA-3. This paper presents the rst third-party analysis of Skein, with an extensive study of its main component: the block cipher Three sh. We notably investigate near collisions, distinguishers, impossible di erentials, key recovery using related-key di erential and boomerang attacks. In particular, we present near collisions on up to 17 rounds, an impossible di erential on 21 rounds, a related-key boomerang distinguisher on 34 rounds, a known-related-key boomerang distinguisher on 35 rounds, and key recovery attacks on up to 32 rounds, out of 72 in total for Threefish-512. None of our attacks directly extends to the full Skein hash. However, the pseudorandomness of Threefish is required to validate the security proofs on Skein, and our results conclude that at least 3

Candida albicans-produced farnesol stimulates Pseudomonas quinolone signal production in LasR-defective Pseudomonas aeruginosa strains

Candida albicans has been previously shown to stimulate the production of Pseudomonas aeruginosa phenazine toxins in dual-species colony biofilms. Here, we report that P. aeruginosa lasR mutants, which lack the master quorum sensing system regulator, regain the ability to produce quorum-sensing-regulated phenazines when cultured with C. albicans. Farnesol, a signalling molecule produced by C. albicans, was sufficient to stimulate phenazine production in LasR− laboratory strains and clinical isolates. P. aeruginosa ΔlasR mutants are defective in production of the Pseudomonas quinolone signal (PQS) due to their inability to properly induce pqsH, which encodes the enzyme necessary for the last step in PQS biosynthesis. We show that expression of pqsH in a ΔlasR strain was sufficient to restore PQS production, and that farnesol restored pqsH expression in ΔlasR mutants. The farnesol-mediated increase in pqsH required RhlR, a transcriptional regulator downstream of LasR, and farnesol led to higher levels of N-butyryl-homoserine lactone, the small molecule activator of RhlR. Farnesol promotes the production of reactive oxygen species (ROS) in a variety of species. Because the antioxidant N-acetylcysteine suppressed farnesol-induced RhlR activity in LasR− strains, and hydrogen peroxide was sufficient to restore PQS production in las mutants, we propose that ROS are responsible for the activation of downstream portions of this quorum sensing pathway. LasR mutants frequently arise in the lungs of patients chronically infected with P. aeruginosa. The finding that C. albicans, farnesol or ROS stimulate virulence factor production in lasR strains provides new insight into the virulence potential of these strains

Cryptanalysis of ESSENCE

ESSENCE is a hash function submitted to the NIST Hash Competition that stands out as a hardware-friendly and highly parallelizable design. Previous analysis showed some non-randomness in the compression function which could not be extended to an attack on the hash function and ESSENCE remained unbroken. Preliminary analysis in its documentation argues that it resists standard differential cryptanalysis. This paper disproves this claim, showing that advanced techniques can be used to significantly reduce the cost of such attacks: using a manually found differential characteristic and an advanced search algorithm, we obtain collision attacks on the full ESSENCE-256 and ESSENCE-512, with respective complexities 2^67.4 and 2^134.7. In addition, we show how to use these attacks to forge valid (message, MAC) pairs for HMAC-ESSENCE-256 and HMAC-ESSENCE-512, essentially at the same cost as a collision

Rotational Cryptanalysis of ARX

In this paper we analyze the security of systems based on modular additions, rotations, and XORs (ARX systems). We provide both theoretical support for their security and practical cryptanalysis of real ARX primitives. We use a technique called rotational cryptanalysis , that is universal for the ARX systems and is quite efficient. We illustrate the method with the best known attack on reduced versions of the block cipher Threefish (the core of Skein). Additionally, we prove that ARX with constants are functionally complete, i.e. any function can be real- ized with these operations

Standardized signature algorithms on ultra-constrained 4-bit MCU

In this work, we implement all three digital signature schemes specified in Digital Signature Standard (FIPS 186-3), including DSA and RSA (based on modular exponentiation) as well as ECDSA (based on elliptic curve point multiplication), on an ultra-constrained 4-bit MCU of the EPSON S1C63 family. Myriads of 4-bit MCUs are widely deployed in legacy devices, and some in security applications due to their ultra low-power consumption. However, public-key cryptography, especially digital signature, on 4-bit MCU is usually neglected and even regarded as infeasible. Our highly energy-efficient implementation can give rise to a variety of security functionalities for these ultra-constrained devices.NRF (Natl Research Foundation, S’pore)Accepted versio