scholarly journals Security Analysis of Zipper Hash Against Multicollisions Attacks

2012 ◽  
Vol 2 (3) ◽  
pp. 226-231
Author(s):  
N. Bagheri
Keyword(s):  
Hash Function ◽  
Time Complexity ◽  
Security Analysis ◽  
Birthday Attack

In this paper,  the existence of multicollisions in Zipper Hash structure, a new Hash structure which was introduced to strengthen the iterated Hash structures, is presented. This study shows that finding multicollisions, i.e. 2k-way collision, in this Hash structure is not much harder than finding such  multicollisions in ordinary Merkle  - Damgard (MD)  structure. In fact, the complexity of the attacks is approximately n/2 times harder than what has been found for MD structures. Then, these large multicollisions are used as a tool to find D-way preimage for this structure. The complexity of finding 2K-way multicollisions and 2k-way preimages are  (eq) and (eq) respectively. Similar to what has been proved by Joux for MD, it is shown in this paper that this structure could not be used to create a Hash function with 2n-bit length by concatenating this structure with any other Hash structure by Hash’s output length of n-bite. It is also shown that time complexity of finding a collision for this concatenated structure is (eq)  which is much smaller than what was expected from generic-birthday attack which would be (eq) . In addition, it is shown that increasing the number of rounds of this Hash function can not improve its security against this attack significantly and the attacker can find multicollisions on this Hash function which means that this Hash function has a structural flaw.

scholarly journals The suffix-free-prefix-free hash function construction and its indifferentiability security analysis

2012 ◽  
Vol 11 (6) ◽  
pp. 419-434 ◽  
Author(s):  
Nasour Bagheri ◽  
Praveen Gauravaram ◽  
Lars R. Knudsen ◽  
Erik Zenner
Keyword(s):  
Hash Function ◽  
Security Analysis ◽  
Function Construction

scholarly journals Security Analysis of LNMNT-LightWeight Crypto Hash Function for IoT

IEEE Access ◽  
2021 ◽  
pp. 1-1
Author(s):  
Nubila Nabeel ◽  
Mohamed Hadi Habaebi ◽  
M D. Rafiqul Islam
Keyword(s):  
Hash Function ◽  
Security Analysis

User Authentication Scheme for Internet of Things Using Near-Field Communication

2020 ◽  
Vol 27 (05) ◽  
pp. 2040012
Author(s):  
Muhammad H. Alharbi ◽  
Omar H. Alhazmi
Keyword(s):  
Internet Of Things ◽  
Private Information ◽  
Hash Function ◽  
User Authentication ◽  
Near Field ◽  
Security Analysis ◽  
Xor Operation ◽  
Different Types ◽  
User Authentication Scheme ◽  
The Internet Of Things

In the Internet of things (IoT), the user authentication process is becoming more critical with the growing number of the services provided by IoT. Securing access to these services by the user authentication process leads to high security to prevent any attack on the IoT network. The approach keeps the private information secured efficiently and ensuring that only authorized users can access this information. The proposed scheme uses only Chaskey hash function and XOR operation. The security analysis proves that it is immune to different types of attacks. Furthermore, the scheme is faster, lighter on resources and energy consumption compared to other existing schemes. Finally, we compare the proposed scheme to several other existing schemes on several aspects highlighting main differences.

scholarly journals Security Analysis of BLAKE2’s Modes of Operation

2016 ◽  
pp. 158-176
Author(s):  
Atul Luykx ◽  
Bart Mennink ◽  
Samuel Neves
Keyword(s):  
Hash Function ◽  
Random Function ◽  
Security Analysis ◽  
Building Blocks ◽  
Modes Of Operation ◽  
Compression Function ◽  
Ideal Cipher ◽  
Generic Attacks ◽  
Carry Over ◽  
Ideal Cipher Model

BLAKE2 is a hash function introduced at ACNS 2013, which has been adopted in many constructions and applications. It is a successor to the SHA-3 finalist BLAKE, which received a significant amount of security analysis. Nevertheless, BLAKE2 introduces sufficient changes so that not all results from BLAKE carry over, meaning new analysis is necessary. To date, all known cryptanalysis done on BLAKE2 has focused on its underlying building blocks, with little focus placed on understanding BLAKE2’s generic security. We prove that BLAKE2’s compression function is indifferentiable from a random function in a weakly ideal cipher model, which was not the case for BLAKE. This implies that there are no generic attacks against any of the modes that BLAKE2 uses.

scholarly journals Cryptanalysis of the Legendre PRF and Generalizations

2020 ◽  
pp. 313-330
Author(s):  
Ward Beullens ◽  
Tim Beyne ◽  
Aleksei Udovenko ◽  
Giuseppe Vitto
Keyword(s):  
Large Class ◽  
Time Complexity ◽  
Security Analysis ◽  
Log P ◽  
Multiparty Computation ◽  
Practical Relevance ◽  
Legendre Symbol ◽  
Weak Keys

The Legendre PRF relies on the conjectured pseudorandomness properties of the Legendre symbol with a hidden shift. Originally proposed as a PRG by Damgård at CRYPTO 1988, it was recently suggested as an efficient PRF for multiparty computation purposes by Grassi et al. at CCS 2016. Moreover, the Legendre PRF is being considered for usage in the Ethereum 2.0 blockchain.This paper improves previous attacks on the Legendre PRF and its higher-degree variant due to Khovratovich by reducing the time complexity from O(< (p log p/M) to O(p log2 p/M2) Legendre symbol evaluations when M ≤ 4√ p log2 p queries are available. The practical relevance of our improved attack is demonstrated by breaking three concrete instances of the PRF proposed by the Ethereum foundation. Furthermore, we generalize our attack in a nontrivial way to the higher-degree variant of the Legendre PRF and we point out a large class of weak keys for this construction. Lastly, we provide the first security analysis of two additional generalizations of the Legendre PRF originally proposed by Damgård in the PRG setting, namely the Jacobi PRF and the power residue PRF.

scholarly journals A provably secure non-iterative hash function resisting birthday attack

2016 ◽  
Vol 654 ◽  
pp. 128-142 ◽  
Author(s):  
Shenghui Su ◽  
Tao Xie ◽  
Shuwang Lü
Keyword(s):  
Hash Function ◽  
Birthday Attack ◽  
Provably Secure

scholarly journals Integral Distinguishers of the Full-Round Lightweight Block Cipher SAT_Jo

2021 ◽  
Vol 2021 ◽  
pp. 1-9
Author(s):  
Xueying Qiu ◽  
Yongzhuang Wei ◽  
Samir Hodzic ◽  
Enes Pasalic
Keyword(s):  
Linear Programming ◽  
Integer Linear Programming ◽  
Mixed Integer Linear Programming ◽  
Time Complexity ◽  
Block Cipher ◽  
Security Analysis ◽  
Mixed Integer ◽  
Substitution Boxes ◽  
Lightweight Block Cipher ◽  
The One

Integral cryptanalysis based on division property is a powerful cryptanalytic method whose range of successful applications was recently extended through the use of Mixed-Integer Linear Programming (MILP). Although this technique was demonstrated to be efficient in specifying distinguishers of reduced round versions of several families of lightweight block ciphers (such as SIMON, PRESENT, and few others), we show that this method provides distinguishers for a full-round block cipher SAT_Jo. SAT_Jo cipher is very similar to the well-known PRESENT block cipher, which has successfully withstood the known cryptanalytic methods. The main difference compared to PRESENT, which turns out to induce severe weaknesses of SAT_Jo algorithm, is its different choice of substitution boxes (S-boxes) and the bit-permutation layer for the reasons of making the cipher highly resource-efficient. Even though the designers provided a security analysis of this scheme against some major generic cryptanalytic methods, an application of the bit-division property in combination with MILP was not considered. By specifying integral distinguishers for the full-round SAT_Jo algorithm using this method, we essentially disapprove its use in intended applications. Using a 30-round distinguisher, we also describe a subkey recovery attack on the SAT_Jo algorithm whose time complexity is about 2 66 encryptions (noting that SAT_Jo is designed to provide 80 bits of security). Moreover, it seems that the choice of bit-permutation induces weak division properties since replacing the original bit-permutation of SAT_Jo by the one used in PRESENT immediately renders integral distinguishers inefficient.

scholarly journals Alpha-DBL: A Reasonable High Secure Double-Block-Length Hash Function

2021 ◽  
Vol 2 (12) ◽  
pp. 11-17
Author(s):  
Hoang Dinh Linh ◽  
Tran Hong Thai
Keyword(s):  
Hash Function ◽  
Security Analysis ◽  
Block Size ◽  
Block Length ◽  
Preimage Resistance ◽  
Single Block ◽  
Double Block Length ◽  
Function Construction ◽  
Security Bound ◽  
Better Than

Abstract—We propose a new double-block-length compression function which is called Alpha-DBL. This scheme uses two parallel secure single block length schemes based on a block cipher with -bit key and -bit block size to compress a -bit string to a -bit one. We show that the Alpha-DBL scheme attains nearly optimal collision security and preimage security bounds (up to  and  queries for finding a collision and a preimage, respectively). More precisely, for , no adversary making less than  queries can find a collision with probability greater than 1/2. To our knowledge, this collision security bound is nearly better than other such compression functions. In addition, we provide a preimage security analysis of Alpha-DBL that shows security bound of  queries for . Using this scheme in the iterated hash function construction can preserve the collision resistance security and the preimage resistance security.Tóm tắt—Chúng tôi đề xuất một hàm nén độ dài khối kép mới được gọi là Alpha-DBL. Lược đồ này sử dụng hai lược đồ độ dài khối đơn an toàn song song dựa trên mã khối với khóa -bit và kích thước khối -bit để nén chuỗi -bit thành chuỗi -bit. Chúng tôi đã chứng minh rằng, lược đồ Alpha-DBL đạt được cận an toàn kháng va chạm và kháng tiền ảnh gần như tối ưu (tối đa  và  truy vấn tương ứng để tìm va chạm và tiền ảnh). Cụ thể với , một kẻ tấn công bất kỳ thực hiện ít hơn  truy vấn chỉ có thể tìm thấy một va chạm với xác suất nhỏ hơn 1/2. Theo hiểu biết của chúng tôi, cận an toàn kháng va chạm này tốt hơn so với các hàm nén khác. Ngoài ra, chúng tôi đã đưa ra phân tích độ an toàn kháng tiền ảnh của Alpha-DBL cho thấy cận an toàn là 2  truy vấn cho . Sử dụng lược đồ này trong việc xây dựng hàm băm được lặp có thể bảo toàn độ an toàn kháng va chạm và an toàn kháng tiền ảnh. 

scholarly journals Security Analysis of a Certificateless Signature from Lattices

2017 ◽  
Vol 2017 ◽  
pp. 1-7
Author(s):  
Seunghwan Chang ◽  
Hyang-Sook Lee ◽  
Juhee Lee ◽  
Seongan Lim
Keyword(s):  
Hash Function ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Strong Type ◽  
Security Proof ◽  
Forking Lemma ◽  
Certificateless Signature ◽  
Adversarial Model

Tian and Huang proposed a lattice-based CLS scheme based on the hardness of the SIS problem and proved, in the random oracle model, that the scheme is existentially unforgeable against strong adversaries. Their security proof uses the general forking lemma under the assumption that the underlying hash function H is a random oracle. We show that the hash function in the scheme is neither one-way nor collision-resistant in the view of a strong Type 1 adversary. We point out flaws in the security arguments and present attack algorithms that are successful in the strong Type 1 adversarial model using the weak properties of the hash function.

Sign in / Sign up

Export Citation Format

Share Document