63 research outputs found
Attacks On a Double Length Blockcipher-based Hash Proposal
In this paper we attack a -bit double length hash function
proposed by Lee et al. This proposal is a
blockcipher-based hash function with hash rate . The designers
claimed that it could achieve ideal collision resistance and gave a
security proof. However, we find a collision attack with complexity of
and a preimage attack with complexity of
. Our result shows this construction is much worse
than an ideal -bit hash function
More Insights on Blockcipher-Based Hash Functions
In this paper we give more insights on the security of
blockcipher-based hash functions. We give a very simple criterion to
build a secure large class of Single-Block-Length (SBL) or double
call Double-Block-Length (DBL) compression functions based on blockciphers, where is the key length and is the block
length and is an integer.
This criterion is simpler than previous works in the literature.
Based on the criterion, we can get many results from this criterion,
and we can get a conclusion on such class of blockcipher-based hash
functions. We solved the open problem left by Hirose. Our results
show that to build a secure double call DBL compression function, it
is required where is the number of message blocks.
Thus, we can only build rate 1/2 secure double DBL blockcipher-based
compression functions if .
At last, we pointed out flaws in Stam\u27s theorem about
supercharged functions and gave a revision of this theorem and added
another condition for the security of supercharged compression
functions
Improvements for Finding Impossible Differentials of Block Cipher Structures
We improve Wu and Wangâs method for finding impossible differentials of block cipher structures. This improvement is more general than Wu and Wangâs method where it can find more impossible differentials with less time. We apply it on Gen-CAST256, Misty, Gen-Skipjack, Four-Cell, Gen-MARS, SMS4, MIBS, Camelliaâ, LBlock, E2, and SNAKE block ciphers. All impossible differentials discovered by the algorithm are the same as Wuâs method. Besides, for the 8-round MIBS block cipher, we find 4 new impossible differentials, which are not listed in Wu and Wangâs results. The experiment results show that the improved algorithm can not only find more impossible differentials, but also largely reduce the search time
Impossible Differential Cryptanalysis of FOX
Block ciphers are the very foundation of computer and information
security. FOX, also known as IDEA NXT, is a family of block ciphers
published in 2004 and is famous for its provable security to
cryptanalysis. In this paper, we apply impossible differential
cryptanalysis on FOX cipher. We find a 4-round impossible
difference, by using which adversaries can attack 5, 6 and 7-round
FOX64 with , and one-round encryptions
respectively. Compared to the previous best attack with ,
and full-round encryptions to 5, 6 and
7-round FOX64, the method in this paper is the best attack to FOX
cipher. This attack can also be applied to 5-round FOX128 with
one-round encryptions
A Unified Method for Finding Impossible Differentials of Block Cipher Structures
In this paper, we propose a systematic method for finding impossible
differentials for block cipher structures, better than the
-method introduced by Kim \textit{et al}~\cite{Kim03}.
It is referred as a unified impossible differential finding method
(UID-method). We apply the UID-method to some popular block ciphers
such as {\sf Gen-Skipjack}, {\sf Gen-CAST256}, {\sf Gen-MARS}, {\sf
Gen-RC6}, {\sf Four-Cell}, {\sf SMS4} and give the detailed
impossible differentials. By the UID-method, we find a 16-round
impossible differential on {\sf Gen-Skipjack} and a 19-round
impossible differential on {\sf Gen-CAST256}. Thus we disprove the
\textsl{Conjecture 2} proposed in
\textsl{Asiacrypt\u2700}~\cite{Sung00} and the theorem in
\textsl{FSE\u2709} rump session presentation~\cite{Pudovkina09}. On
{\sf Gen-MARS} and {\sf SMS4}, the impossible differentials find by
the UID-method are much longer than that found by the
-method. On the {\sf Four-Cell} block cipher, our
result is the same as the best result previously obtained by
case-by-case treatment
Pseudorandomness Analysis of the Lai-Massey Scheme
At Asiacryptâ99, Vaudenay modified the structure in the IDEA cipher to a new scheme, which they called as the Lai-Massey scheme. It is proved that 3-round Lai-Massey scheme is sufficient for pseudorandomness and 4-round Lai-Massey scheme is sufficient for strong pseudorandomness. But the author didnât point out whether three rounds and four rounds are necessary for the pseudorandomness and strong pseudorandomness of the Lai-Massey Scheme. In this paper we find a two round pseudorandomness distinguisher and a three-round strong pseudorandomness distinguisher, thus prove that three rounds is necessary for the pseudorandomness and four rounds is necessary for the strong pseudorandomness
Genome-wide eQTLs and heritability for gene expression traits in unrelated individuals
BACKGROUND: While the possible sources underlying the so-called âmissing heritabilityâ evident in current genome-wide association studies (GWAS) of complex traits have been actively pursued in recent years, resolving this mystery remains a challenging task. Studying heritability of genome-wide gene expression traits can shed light on the goal of understanding the relationship between phenotype and genotype. Here we used microarray gene expression measurements of lymphoblastoid cell lines and genome-wide SNP genotype data from 210 HapMap individuals to examine the heritability of gene expression traits. RESULTS: Heritability levels for expression of 10,720 genes were estimated by applying variance component model analyses and 1,043 expression quantitative loci (eQTLs) were detected. Our results indicate that gene expression traits display a bimodal distribution of heritability, one peak close to 0% and the other summit approaching 100%. Such a pattern of the within-population variability of gene expression heritability is common among different HapMap populations of unrelated individuals but different from that obtained in the CEU and YRI trio samples. Higher heritability levels are shown by housekeeping genes and genes associated with cis eQTLs. Both cis and trans eQTLs make comparable cumulative contributions to the heritability. Finally, we modelled gene-gene interactions (epistasis) for genes with multiple eQTLs and revealed that epistasis was not prevailing in all genes but made a substantial contribution in explaining total heritability for some genes analysed. CONCLUSIONS: We utilised a mixed effect model analysis for estimating genetic components from population based samples. On basis of analyses of genome-wide gene expression from four HapMap populations, we demonstrated detailed exploitation of the distribution of genetic heritabilities for expression traits from different populations, and highlighted the importance of studying interaction at the gene expression level as an important source of variation underlying missing heritability. ELECTRONIC SUPPLEMENTARY MATERIAL: The online version of this article (doi:10.1186/1471-2164-15-13) contains supplementary material, which is available to authorized users
- âŠ