95 research outputs found
Experimental Study of DIGIPASS GO3 and the Security of Authentication
Based on the analysis of -digit one-time passwords(OTP) generated by
DIGIPASS GO3 we were able to reconstruct the synchronisation system of the
token, the OTP generating algorithm and the verification protocol in details
essential for an attack. The OTPs are more predictable than expected. A forgery
attack is described. We argue the attack success probability is . That
is much higher than which may be expected if all the digits are
independent and uniformly distributed. Under natural assumptions even in a
relatively small bank or company with customers the number of
compromised accounts during a year may be more than
A Combinatorial Problem Related to Sparse Systems of Equations
Nowadays sparse systems of equations occur frequently in science and
engineering. In this contribution we deal with sparse systems common in
cryptanalysis. Given a cipher system, one converts it into a system of sparse
equations, and then the system is solved to retrieve either a key or a
plaintext. Raddum and Semaev proposed new methods for solving such sparse
systems. It turns out that a combinatorial MaxMinMax problem provides bounds on
the average computational complexity of sparse systems. In this paper we
initiate a study of a linear algebra variation of this MaxMinMax problem
New non-linearity parameters of Boolean functions
The study of non-linearity (linearity) of Boolean function was initiated by
Rothaus in 1976. The classical non-linearity of a Boolean function is the
minimum Hamming distance of its truth table to that of affine functions. In
this note we introduce new "multidimensional" non-linearity parameters
for conventional and vectorial Boolean functions with
coordinates in variables. The classical non-linearity may be treated as a
1-dimensional parameter in the new definition. -dimensional parameters for
are relevant to possible multidimensional extensions of the Fast
Correlation Attack in stream ciphers and Linear Cryptanalysis in block ciphers.
Besides we introduce a notion of optimal vectorial Boolean functions relevant
to the new parameters. For and even optimal Boolean functions
are exactly perfect nonlinear functions (generalizations of Rothaus' bent
functions) defined by Nyberg in 1991. By a computer search we find that this
property holds for too. That is an open problem for larger
and . The definitions may be easily extended to -ary
functions
Algorithm for SIS and MultiSIS problems
SIS problem has numerous applications in cryptography. Known algorithms for
solving that problem are exponential in complexity. A new algorithm is
suggested in this note, its complexity is sub-exponential for a range of
parameters
New Digital Signature Algorithm EHTv2
Every public-key encryption/decryption algorithm where the
set of possible plain-texts is identical to the set of possible cipher-texts
may be converted into a digital signature algorithm. That is quite different
in the lattice (code)-based public-key cryptography. The decryption algorithm on a random input produces a valid plain-text, that is a signature, with a negligible probability. That explains why it is so difficult to construct a new secure and efficient lattice-based digital signature system. Though several solutions are known and taking part in the NIST Post Quantum Standardisation Process there is still a need to construct digital signature algorithms based on new principles. In this work, a new and efficient digital signature algorithm is suggested. Its design is simple and transparent. Its security is based on the hardness of an approximate closest vector problem in the maximum norm for some q-ary lattices. The signature is several times shorter than that provided by the NIST Selected Digital Signature Algorithms with comparable security level, while the public key size is larger
Local limit theorem for large deviations and statistical box-tests
Let particles be independently allocated into boxes, where the -th box appears with the probability . Let be the number of boxes with exactly particles and . Asymptotical behavior of such random variables as tends to infinity was studied by many authors. It was previously known that if are all upper bounded and is upper and lower bounded by positive constants, then tends in distribution to a multivariate normal low. A stronger statement, namely
a large deviation local limit theorem for under the same condition, is here proved. Also all cumulants of are proved to be .
Then we study the hypothesis testing that the box distribution is uniform, denoted , with a recently introduced box-test. Its statistic is a quadratic form in variables . For a wide area of non-uniform , an asymptotical relation for the power of the quadratic and linear box-tests, the statistics of the latter are linear functions of , is proved. In particular,
the quadratic test asymptotically is at least as powerful as any of the linear box-tests, including the well-known empty-box test if is in
Summation polynomials and the discrete logarithm problem on elliptic curves
The aim of the paper is the construction of the index calculus
algorithm for the discrete logarithm problem on elliptic curves.
The
construction presented here is based on the problem of finding
bounded solutions to some explicit modular multivariate
polynomial equations. These equations arise from the elliptic
curve summation polynomials introduced here and may be computed
easily. Roughly speaking, we show that given the algorithm for
solving such equations, which works in polynomial or low
exponential time in the size of the input, one finds discrete
logarithms faster than by means of Pollard\u27s methods
New hash function designs
We suggest new hash function design principles. The basic idea is
that the hash value may be a combination of XOR\u27s and modular additions of values independently produced from different parts of the message.
We instantiate this framework with a function for computing the above values based on modular multiplication
New Results in the Linear Cryptanalysis of DES
Two open problems on using Matsui\u27s Algorithm 2 with multiple linear approximations posed earlier by Biryukov, De Cannire and M. Quisquater at Crypto\u2704 are solved in the present paper. That improves the linear cryptanalysis of 16-round DES reported by Matsui at Crypto\u2794
Improved Agreeing-Gluing Algorithm
In this paper we study the asymptotical complexity of solving a system of sparse algebraic equations over finite fields. An equation is called sparse if it depends
on a bounded number of variables. Finding
efficiently solutions to the system of such equations is an underlying hard problem in
the cryptanalysis of modern ciphers. New deterministic
Improved Agreeing-Gluing Algorithm is introduced.
The expected
running time of the Algorithm on uniformly random instances of the problem is rigorously estimated. The estimate is at present the best theoretical
bound on the complexity of solving average instances of the
problem. In particular, this is a significant improvement over those in our earlier papers [20,21].
In sparse Boolean equations a gap between the present worst case and the average time complexity of the problem has significantly increased. Also we formulate Average Time Complexity Conjecture. If proved that will have far-reaching consequences in the field of cryptanalysis and in computing in general
- …