Security of a New Cryptographic Hash Function - Titanium

This paper introduces the security analysis of Titanium hash function that uses SF block cipher and follows sponge construction. A brief description of the sponge function and the design choice of Titanium are introduced. Basic security criteria of random function have been presented and studied on Titanium and then, differential cryptanalysis on Titanium has been performed and showed the resistance of it on the most recent differential attacks. A table of security discussions finalizes the paper and describes the complexity of Titanium on brute force cryptanalysis.

Download Full-text

A New Design of Cryptographic Hash Function: Gear

International Journal on Perceptive and Cognitive Computing ◽

10.31436/ijpcc.v1i1.14 ◽

2016 ◽

Vol 1 (1) ◽

Author(s):

Abdulaziz M Alkandari ◽

Khalil Ibrahim Alkandari ◽

Imad Fakhri Alshaikhli ◽

Mohammad A. AlAhmad

Keyword(s):

Hash Function ◽

Block Cipher ◽

Hash Functions ◽

Fixed Size ◽

Compression Function ◽

Cryptographic Hash Function ◽

Mode Of Operation ◽

Main Components ◽

Map Data ◽

And Diffusion

A hash function is any function that can be used to map data of arbitrary sizeto data of fixed size. A hash function usually has two main components: a permutationfunction or compression function and mode of operation. We will propose a new concretenovel design of a permutation based hash functions called Gear in this paper. It is a hashfunction based on block cipher in Davies-Meyer mode. It uses the patched version ofMerkle-DamgÃ¥rd, i.e. the wide pipe construction as its mode of operation. Thus, theintermediate chaining value has at least twice larger length than the output hash. Andthe permutations functions used in Gear are inspired from the SHA-3 finalist GrÃ¸estl hashfunction which is originally inspired from Rijndael design (AES). There is a very strongconfusion and diffusion in Gear as a result.

Download Full-text

Provable Security Against a Differential Attack

DAIMI Report Series ◽

10.7146/dpb.v23i473.6946 ◽

1994 ◽

Vol 23 (473) ◽

Cited By ~ 1

Author(s):

Kaisa Nyberg ◽

Lars Ramkilde Knudsen

Keyword(s):

Upper Bound ◽

Provable Security ◽

Block Cipher ◽

Differential Cryptanalysis ◽

Font Size ◽

Differential Attack ◽

Round Function ◽

Differential Attacks

The purpose of this paper is to show that there exist DES-like iterated ciphers, which are provably resistant against differential attacks. The main result on the security of a DES-like cipher with independent round keys is Theorem 1, which gives an upper bound to the probability of s-round differentials, as defined in Markov Ciphers and Differential Cryptanalysis by X. Lai et al. and this upper bound depends only on the round function of the iterated cipher. Moreover, it is shown that there exist functions such that the probabilities of differentials are less than or equal to 23-n, where n is the length of the plaintext block. We also show a prototype of an iterated block cipher, which is compatible with DES and has proven security against differential attacks.

Download Full-text

Improved Rectangle Attacks on SKINNY and CRAFT

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2021.i2.140-198 ◽

2021 ◽

pp. 140-198

Author(s):

Hosein Hadipour ◽

Nasour Bagheri ◽

Ling Song

Keyword(s):

General Framework ◽

Block Cipher ◽

Security Analysis ◽

Differential Cryptanalysis ◽

Advanced Method ◽

Model Based ◽

Tweakable Block Cipher ◽

First Time

The boomerang and rectangle attacks are adaptions of differential cryptanalysis that regard the target cipher E as a composition of two sub-ciphers, i.e., E = E1 ∘ E0, to construct a distinguisher for E with probability p2q2 by concatenating two short differential trails for E0 and E1 with probability p and q respectively. According to the previous research, the dependency between these two differential characteristics has a great impact on the probability of boomerang and rectangle distinguishers. Dunkelman et al. proposed the sandwich attack to formalise such dependency that regards E as three parts, i.e., E = E1 ∘ Em ∘ E0, where Em contains the dependency between two differential trails, satisfying some differential propagation with probability r. Accordingly, the entire probability is p2q2r. Recently, Song et al. have proposed a general framework to identify the actual boundaries of Em and systematically evaluate the probability of Em with any number of rounds, and applied their method to accurately evaluate the probabilities of the best SKINNY’s boomerang distinguishers. In this paper, using a more advanced method to search for boomerang distinguishers, we show that the best previous boomerang distinguishers for SKINNY can be significantly improved in terms of probability and number of rounds. More precisely, we propose related-tweakey boomerang distinguishers for up to 19, 21, 23, and 25 rounds of SKINNY-64-128, SKINNY-128-256, SKINNY-64-192 and SKINNY-128-384 respectively, which improve the previous boomerang distinguishers of these variants of SKINNY by 1, 2, 1, and 1 round respectively. Based on the improved boomerang distinguishers for SKINNY, we provide related-tweakey rectangle attacks on 23 rounds of SKINNY-64-128, 24 rounds of SKINNY-128-256, 29 rounds of SKINNY-64-192, and 30 rounds of SKINNY-128-384. It is worth noting that our improved related-tweakey rectangle attacks on SKINNY-64-192, SKINNY-128-256 and SKINNY-128-384 can be directly applied for the same number of rounds of ForkSkinny-64-192, ForkSkinny-128-256 and ForkSkinny-128-384 respectively. CRAFT is another SKINNY-like tweakable block cipher for which we provide the security analysis against rectangle attack for the first time. As a result, we provide a 14-round boomerang distinguisher for CRAFT in the single-tweak model based on which we propose a single-tweak rectangle attack on 18 rounds of this cipher. Moreover, following the previous research regarding the evaluation of switching in multiple rounds of boomerang distinguishers, we also introduce new tools called Double Boomerang Connectivity Table (DBCT), LBCT⫤, and UBCT⊨ to evaluate the boomerang switch through the multiple rounds more accurately.

Download Full-text

Encryption Efficiency Analysis and Security Evaluation of RC6 Block Cipher for Digital Images

African Journal of Information & Communication Technology ◽

10.5130/ajict.v3i1.438 ◽

2007 ◽

Vol 3 (1) ◽

Author(s):

Osama Salah Faragallah ◽

Hossam El-din Hussien Ahmed ◽

Hamdy Mohamed Kalash ◽

...

Keyword(s):

Real Time ◽

Block Cipher ◽

Digital Images ◽

Security Analysis ◽

Experimental Tests ◽

Design Parameters ◽

Security Evaluation ◽

Secret Key ◽

Key Length ◽

Differential Attacks

This paper investigates the encryption efficiency of RC6 block cipher application to digital images, providing a new mathematical measure for encryption efficiency, which we will call the encryption quality instead of visual inspection, The encryption quality of RC6 block cipher is investigated among its several design parameters such as word size, number of rounds, and secret key length and the optimal choices for the best values of such design parameters are given. Also, the security analysis of RC6 block cipher for digital images is investigated from strict cryptographic viewpoint. The security estimations of RC6 block cipher for digital images against brute-force, statistical, and differential attacks are explored. Experiments are made to test the security of RC6 block cipher for digital images against all aforementioned types of attacks. Experiments and results verify and prove that RC6 block cipher is highly secure for real-time image encryption from cryptographic viewpoint. Thorough experimental tests are carried out with detailed analysis, demonstrating the high security of RC6 block cipher algorithm. So, RC6 block cipher can be considered to be a real-time secure symmetric encryption for digital images.

Download Full-text

Double-block Hash-then-Sum: A Paradigm for Constructing BBB Secure PRF

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2018.i3.36-92 ◽

2018 ◽

pp. 36-92 ◽

Cited By ~ 2

Author(s):

Nilanjan Datta ◽

Avijit Dutta ◽

Mridul Nandi ◽

Goutam Paul

Keyword(s):

Hash Function ◽

Random Function ◽

Design Principle ◽

Block Cipher ◽

Security Requirements ◽

Design Paradigm ◽

Beyond Birthday Bound ◽

Generic Design

SUM-ECBC (Yasuda, CT-RSA 2010) is the first beyond birthday bound (BBB) secure block cipher based deterministic MAC. After this work, some more BBB secure deterministic MACs have been proposed, namely PMAC_Plus (Yasuda, CRYPTO 2011), 3kf9 (Zhang et al., ASIACRYPT 2012) and LightMAC_Plus (Naito, ASIACRYPT 2017). In this paper, we have abstracted out the inherent design principle of all these BBB secure MACs and present a generic design paradigm to construct a BBB secure pseudo random function, namely Double-block Hash-then- Sum or in short (DbHtS). A DbHtS construction, as the name implies, computes a double block hash on the message and then sum the encrypted output of the two hash blocks. Our result renders that if the underlying hash function meets certain security requirements (namely cover-free and block-wise universal advantage is low), DbHtS construction provides 2n/3-bit security. We demonstrate the applicability of our result by instantiating all the existing beyond birthday secure deterministic MACs (e.g., SUM-ECBC, PMAC_Plus, 3kf9, LightMAC_Plus) as well as a simple two-keyed variant for each of them and some algebraic hash based constructions.

Download Full-text

Design of a New Cryptographic Hash Function – Titanium

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v10.i2.pp827-832 ◽

2018 ◽

Vol 10 (2) ◽

pp. 827 ◽

Cited By ~ 1

Author(s):

Mohammad A. AlAhmad

Keyword(s):

Hash Function ◽

Stream Cipher ◽

Block Cipher ◽

Cryptographic Hash Function ◽

Construction Paper ◽

Speed Performance ◽

State Of Art

This paper introduces a new cryptographic hash function that follows sponge construction. Paper begins with outlining the structure of the construction. Next part describes the functionality of Titanium and cipher used. A competition between block cipher and stream cipher is presented and showed the reason of using block cipher rather than stream cipher. Speed performance is calculated and analyzed using state-of-art CPUs.

Download Full-text

Security Analysis of BLAKE2’s Modes of Operation

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2016.i1.158-176 ◽

2016 ◽

pp. 158-176

Author(s):

Atul Luykx ◽

Bart Mennink ◽

Samuel Neves

Keyword(s):

Hash Function ◽

Random Function ◽

Security Analysis ◽

Building Blocks ◽

Modes Of Operation ◽

Compression Function ◽

Ideal Cipher ◽

Generic Attacks ◽

Carry Over ◽

Ideal Cipher Model

BLAKE2 is a hash function introduced at ACNS 2013, which has been adopted in many constructions and applications. It is a successor to the SHA-3 finalist BLAKE, which received a significant amount of security analysis. Nevertheless, BLAKE2 introduces sufficient changes so that not all results from BLAKE carry over, meaning new analysis is necessary. To date, all known cryptanalysis done on BLAKE2 has focused on its underlying building blocks, with little focus placed on understanding BLAKE2’s generic security. We prove that BLAKE2’s compression function is indifferentiable from a random function in a weakly ideal cipher model, which was not the case for BLAKE. This implies that there are no generic attacks against any of the modes that BLAKE2 uses.

Download Full-text

On optimal size in truncated differential attacks

Studia Scientiarum Mathematicarum Hungarica ◽

10.1556/012.2015.52.2.1314 ◽

2015 ◽

Vol 52 (2) ◽

pp. 246-254 ◽

Cited By ~ 2

Author(s):

Nicolas T. Courtois ◽

Theodosis Mourouzis ◽

Anna Grocholewska-Czuryło ◽

Jean-Jacques Quisquater

Keyword(s):

Block Cipher ◽

Ad Hoc ◽

Differential Cryptanalysis ◽

Optimal Size ◽

Potential Space ◽

Differential Attack ◽

Pass Through ◽

Differential Attacks ◽

Differential Properties ◽

Truncated Differential

Differential Cryptanalysis (DC) is one of the oldest known attacks on block ciphers. DC is based on tracking of changes in the differences between two messages as they pass through the consecutive rounds of encryption. However DC remains very poorly understood. In his textbook written in the late 1990s Schneier wrote that against differential cryptanalysis, GOST is “probably stronger than DES”. In fact Knudsen have soon proposed more powerful advanced differential attacks however the potential space of such attacks is truly immense. To this day there is no method which allows to evaluate the security of a cipher against such attacks in a systematic way. Instead, attacks are designed and improved in ad-hoc ways with heuristics [6–13,21]. The best differential attack known has time complexity of 2179 [13]. In this paper we show that for a given block cipher there exists an optimal size for advanced differential properties. This new understanding allows to considerably reduce the space to be searched for “good” truncated differential properties suitable for an attack.

Download Full-text

CFA: A New Family of Hybrid CA-Based PRNGs

Security and Communication Networks ◽

10.1155/2021/6640052 ◽

2021 ◽

Vol 2021 ◽

pp. 1-21

Author(s):

Fatima Ezzahra Ziani ◽

Anas Sadak ◽

Charifa Hanin ◽

Bouchra Echandouri ◽

Fouzia Omary

Keyword(s):

Cellular Automata ◽

Cellular Automaton ◽

Hash Function ◽

Block Cipher ◽

General Structure ◽

Security Analysis ◽

Pseudorandom Number Generator ◽

Number Generator ◽

Cryptographic Primitives ◽

New Family

In this article, a new Pseudorandom Number Generator (PRNG) construction is proposed. It is based on cellular automata (CAs) and comprises other cryptographic primitives organized as blocks. Each of these blocks has a purpose and serves toward obtaining a higher level of randomness. The construction described is modular, and each of its blocks can be replaced, modified, or adapted according to the user, the application, or the level of randomness required. The authors first describe a general structure and the design principles behind each of the components. Next, a concrete example using the SHA-3 hash function, a hybrid cellular automaton, and the AES block cipher is provided. Then, the security analysis and the statistical properties for this specific instance of the scheme are presented.

Download Full-text

Quantum rebound attack to D-M structure based on ARIA algorithm

Journal of Physics Conference Series ◽

10.1088/1742-6596/2078/1/012003 ◽

2021 ◽

Vol 2078 (1) ◽

pp. 012003

Author(s):

Shanque Dou ◽

Ming Mao ◽

Yanjun Li ◽

Dongying Qiu

Keyword(s):

Quantum Computing ◽

Hash Function ◽

Block Cipher ◽

Security Analysis ◽

Hash Functions ◽

Block Ciphers ◽

Collision Attack ◽

Cryptographic Algorithms ◽

Collision Attacks ◽

Quantum Technology

Abstract With the increasing application of quantum computing, quantum technology is increasingly used in the security analysis and research of multiple symmetric cryptographic algorithms such as block ciphers and hash functions. In 2020, Sasaki et al. proposed a dedicated quantum collision attack against hash functions in EUROCRYPT. Some differential trajectories with a probability of 2−2n/3 that cannot be used in the classical environment may be used to launch collision attacks in the quantum environment. The ARIA algorithm is a block cipher proposed by the Korean researcher Kwon et al. on ICISC 2003. The block cipher algorithm is similar to AES in structure. This article mainly analyzes the security of Davies-Meyer structure, and uses AIRA as the permutation function to construct ARIA hash function based on the DM hash model. A new AIRA differential path was found based on MILP, and 7 rounds of ARIA-DM hash function quantum rebound attacks were given.

Download Full-text