225 research outputs found
Delayed Warming Hiatus over the Tibetan Plateau
A reduction in the warming rate for the global surface temperature since the late 1990s has attracted much attention and caused a great deal of controversy. During the same time period, however, most previous studies have reported enhanced warming over the Tibetan Plateau (TP). In this study we further examined the temperature trend of the TP and surrounding areas based on the homogenized temperature records for the period 1980–2014, we found that for the TP regions lower than 4000 m the warming rate has started to slow down since the late 1990s, a similar pattern consistent with the whole China and the global temperature trend. However, for the TP regions higher than 4000 m, this reduction in warming rate did not occur until the mid‐2000s. This delayed warming hiatus could be related to changes in regional radiative, energy, and land surface processes in recent years
Improved Meet-in-the-Middle Attacks on Reduced-Round Kalyna-128/256 and Kalyna-256/512
Kalyna is an SPN-based block cipher that was selected during Ukrainian National Public Cryptographic Competition (2007-2010)
and its slight modification was approved as the new encryption standard of Ukraine. In this paper, we focus on the key-recovery attacks on reduced-round Kalyna-128/256 and Kalyna-256/512 with meet-in-the-middle method. The differential enumeration technique and key-dependent sieve technique which are popular to analyze AES are used to attack them. Using the key-dependent sieve technique to improve the complexity is not an easy task, we should build some tables to achieve this. Since the encryption procedure of Kalyna employs a pre- and post-whitening operations using addition modulo applied on the state columns independently, we carefully study the propagation of this operation and propose an addition plaintext structure to solve this. For Kalyna-128/256, we propose a 6-round distinguisher, and achieve a 9-round (out of total 14-round) attack. For Kalyna-256/512, we propose a 7-round distinguisher, then achieve an 11-round (out of total 18-round) attack. As far as we know, these are currently the best results on Kalyna-128/256 and Kalyna-256/512
Cryptanalysis of the Hash Function LUX-256
LUX is a new hash function submitted to NIST\u27s SHA-3 competition. In this paper, we found some non-random properties of LUX due to the weakness of origin shift vector. We also give reduced blank round collision attack, free-start collision attack and free-start preimage attack on LUX-256. The two collision attacks are trivial. The free-start preimage attack has complexity of about 2^80 and requires negligible memory
Differential Cryptanalysis of SMS4 Block Cipher
SMS4 is a 128-bit block cipher used in the
WAPI standard for wireless networks in China. In this paper, we
analyze the security of SMS4 block cipher against differential
cryptanalysis. Firstly, we prove three theorems and one corollary
that reflect relationships of 5- and 6-round SMS4. Nextly, by
these relationships, we clarify the minimum number of differentially
active S-boxes in 6-, 7- and 12-round SMS4 respectively.
Finally, based on the above results, we present a family of about
differential characteristics for 19-round SMS4, which
leads to an attack on 23-round SMS4 with chosen
plaintexts and encryptions. Our attack is the best known
attack on SMS4 so far
Near-Collisions on the Reduced-Round Compression Functions of Skein and BLAKE
The SHA-3 competition organized by NIST aims
to find a new hash standard as a replacement of SHA-2. Till now, 14
submissions have been selected as the second round candidates,
including Skein and BLAKE, both of which have components based on
modular addition, rotation and bitwise XOR (ARX). In this paper, we
propose improved near-collision attacks on the reduced-round
compression functions of Skein and a variant of BLAKE. The attacks
are based on linear differentials of the modular additions. The
computational complexity of near-collision attacks on a 4-round
compression function of BLAKE-32, 4-round and 5-round compression
functions of BLAKE-64 are 2^{21}, 2^{16} and 2^{216}
respectively, and the attacks on a 24-round compression functions of
Skein-256, Skein-512 and Skein-1024 have a complexity of 2^{60},
2^{230} and 2^{395} respectively
Security on Generalized Feistel Scheme with SP Round Function
This paper studies the security against differential/linear
cryptanalysis and the pseudorandomness for a class of generalized
Feistel scheme with SP round function called . We consider
the minimum number of active s-boxes in some consecutive rounds of
,i.e., in four, eight and sixteen consecutive rounds, which
provide the upper bound of the maximum differential/linear
probabilities of 16-round scheme, in order to evaluate the
strength against differential/linear cryptanalysis. Furthermore,
We investigate the pseudorandomness of , point out 7-round
is not pseudorandom for non-adaptive adversary, by using
some distinguishers, and prove that 8-round is pseudorandom
for any adversaries
Cryptanalysis of the MEM Mode of Operation
The MEM mode is a nonce-based enciphering mode of operation proposed by Chakraborty and Sarkar, which was claimed to be secure against symmetric nonce respecting adversaries. We show that this is not correct by using two very simple attcks. One attack need one decryption and one decryption queries, and the other only need one encryption query
Improved Integral Cryptanalysis of FOX Block Cipher
FOX is a new family of block ciphers presented recently, which is
based upon some results on proven security and has high
performances on various platforms. In this paper, we construct
some distinguishers between 3-round FOX and a random permutation
of the blocks space. By using integral attack and
collision-searching techniques, the distinguishers are used to
attack on 4, 5, 6 and 7-round of FOX64, 4 and 5-round FOX128. The
attack is more efficient than previous integral attack on FOX. The
complexity of improved integral attack is on 4-round
FOX128, against 5-round FOX128 respectively. For
FOX64, the complexity of improved integral attack is on
4-round FOX64, against 5-round FOX64,
against 6-round FOX64, against 7-round FOX64
respectively. Therefore, 4-round FOX64/64, 5-round FOX64/128,
6-round FOX64/192, 7-round FOX64/256 and 5-round FOX128/256 are
not immune to the attack in this paper
- …