On the Security of NMAC and Its Variants

Based on the three earlier MAC (Message Authentication Code) construction approaches, we propose and analyze some variants of NMAC. We propose  some key recovery attacks to  these  NMAC  variants, for  example, we can  recover  the  equivalent  inner  key  of NMAC  in  about O(2n/2) MAC  operations, in  a related key  setting. We  propose  NMAC-E, a  variant of NMAC  with  secret  envelop,  to  achieve  more  process  efficiency  and  no  loss  of security, which needs only one call to the  underlying hash  function, instead of two invocations in HMAC

Breaking H2H^2-MAC Using Birthday Paradox

$H^2$-MAC was proposed to increase efficiency over HMAC by omitting its outer key, and keep the advantage and security of HMAC at the same time. However, as pointed out by the designer, the security of $H^2$-MAC also depends on the secrecy of the intermediate value (the equivalent key) of the inner hashing. In this paper, we propose an efficient method to break $H^2$-MAC, by using a generalized birthday attack to recover the equivalent key, under the assumption that the underlying hash function is secure (weak collision resistance). We can successfully recover the equivalent key of $H^2$-MAC in about $2^{n/2}$ on-line MAC queries and $2^{n/2}$ off-line MAC computations with great probability. Moreover, we can improve the attack efficiency by reducing the on-line MAC queries, which can\u27t be done concurrently. This attack shows that the security of $H^2$-MAC is totally dependent on the (weak) collision resistance of the underlying hash function, instead of the PRF-AX of the underlying compression function in the origin security proof of $H^2$-MAC

On the Security of NMAC and Its Variants

We first propose a general equivalent key recovery attack to a $H^2$-MAC variant NMAC$_1$, which is also provable secure, by applying a generalized birthday attack. Our result shows that NMAC$_1$, even instantiated with a secure Merkle-Damgård hash function, is not secure. We further show that this equivalent key recovery attack to NMAC$_1$ is also applicable to NMAC for recovering the equivalent inner key of NMAC, in a related key setting. We propose and analyze a series of NMAC variants with different secret approaches and key distributions, we find that a variant NMAC-E, with secret envelop approach, can withstand most of the known attacks in this paper. However, all variants including NMAC itself, are vulnerable to on-line birthday attack for verifiable forgery. Hence, the underlying cryptographic hash functions, based on Merkle-Damgård construction, should be re-evaluated seriously

TAW: cost-effective threshold authentication with weights for internet of things

In the Internet of Things, based on the collaboration of sensing nodes, sensing data are collected and transmitted. The collaboration of sensing nodes also plays an important role in the safeguard of the Internet of Things. Owing to the limited ability of the single sensing node, the threshold authentication based on the collaboration of sensing nodes can improve the trust of security authentication of sensing nodes. The current threshold authentication schemes may require high-computational complexity, and more importantly, most of them are instantiated by membership authentication. It’s challenging to apply the current state of the arts to the case where sensing nodes with various weights join together to fulfill a relatively lightweight authentication. In this paper, we first design a communication key distribution scheme for sensing networks based on a symmetric operator. Using the permutation function, the scheme is able to generate characteristic sequences to improve the efficiency of key distribution in sensing networks. In addition, we propose a threshold authentication scheme based on weights, in which the higher weight represents the more important role in authentication. Our authentication scheme only requires lightweight operations, so that, it is extremely friendly to the IoT nodes with restricted computation power. The security analysis and the case verification demonstrate that our novel authentication protects IoT nodes without yielding significantly computational burden to the nodes

design of secure operating systems with high security levels

综述了国内外指示植物法、电镜技术、血清学法、分子生物学等方法检测核果类果树病毒的进展,提出了国内核果类果树病毒的研究方向

Beyond rigidity: obtain localisability with noisy ranging measurement

Location awareness is crucial for wireless networks, attracting many research efforts in recent years. One of the fundamental problems of localisation is to determine whether or not a network is uniquely localisable. To address this problem, existing approaches often adopt the rigidity theory, which assumes accurate inter-node distance measurements. Considering the measurement errors, we introduce the concept of strong localisability and propose an algorithm, called LAS, to identify and locate a kind of strongly localisable networks. Besides, we further conduct extensive simulations to show the performance of LAS design

New Algorithms for Counting Temporal Graph Pattern

Temporal networks can describe multiple types of complex systems with temporal information in the real world. As an effective method for analyzing such network, temporal graph pattern (TGP) counting has received extensive attention and has been applied in diverse domains. In this paper, we study the problem of counting the TGP in the temporal network. Then, an exact algorithm is proposed based on the time first search (TFS) algorithm. This algorithm can reduce the intermediate results generated in the graph isomorphism and has high computational efficiency. To further improve the algorithm performance, we design an estimation algorithm by applying the edge sampling strategy to the exact algorithm. Finally, we evaluate the performances of the two algorithms by counting both the symmetric and asymmetric TGP. Extensive experiments on real datasets demonstrated that the exact algorithm is faster than the existing algorithm and the estimation algorithm can greatly reduce the running time while guaranteeing the accuracy

survey of information security

2006年2月15日,财政部发布一整套新会汁准则体系,新体系一个显著的特点是扩大了公允价值的使用范围,同时由此也引发了某些担忧。公允价值难达“