Cryptanalysis of a Fragile Watermark Based H.264/AVC Video Authentication Scheme

H.264/AVC is a widespread standard for high definition video (HD) for example DVD and HD videos on the internet. To prevent unauthorized modifications, video authentication can be used. In this paper, we present a cryptanalysis of a H.264/AVC video authentication scheme proposed by Saadi et al. [1] at EUSIPCO 2009. Our result will prevent situations where newer schemes are developed from the scheme thus amplifying the flaw. The designers claimed that the scheme can detect modifications on watermarked video. However, we show that an attacker can modify the watermarked video and compute a valid watermark such that the recipient will retrieve a watermark from the modified watermarked video that will match what the recipient computes during video authentication check. Thus, the recipient will think the tampered video is authentic. The first main problem of the scheme is its use of hash functions for watermark generation. Since hash functions are public functions not depending on any secret, the attacker can modify the watermarked video and feed this through the hash function to compute a new watermark. The second problem is that it is possible for the attacker to perform watermark embedding thus producing a modified watermarked video. On receiving the modified video, the recipient recomputes the watermark and compares this with the watermark extracted from the video. They will match because the embedded watermark and recomputed watermark use the same hash function based watermark generation and the same input i.e. the modified video. Our cryptanalysis strategy applies to any watermarking based video authentication scheme where the watermark and embedding are not functions of secrets. As countermeasure, the functions should be designed so that only legitimate parties can perform them. We present two improved schemes that solve this problem based on private key signing functions and message authentication functions respectively.

Download Full-text

Data Integrity

10.1093/oso/9780198788003.003.0006 ◽

2017 ◽

Author(s):

Keith M. Martin

Keyword(s):

Hash Function ◽

Hash Functions ◽

Data Integrity ◽

Message Authentication ◽

Authenticated Encryption ◽

Authentication Codes ◽

Basic Model ◽

Function Design ◽

Security Properties ◽

Different Levels

This chapter discusses cryptographic mechanisms for providing data integrity. We begin by identifying different levels of data integrity that can be provided. We then look in detail at hash functions, explaining the different security properties that they have, as well as presenting several different applications of a hash function. We then look at hash function design and illustrate this by discussing the hash function SHA-3. Next, we discuss message authentication codes (MACs), presenting a basic model and discussing basic properties. We compare two different MAC constructions, CBC-MAC and HMAC. Finally, we consider different ways of using MACs together with encryption. We focus on authenticated encryption modes, and illustrate these by describing Galois Counter mode.

Download Full-text

Hash Functions and Their Applications

Algorithmic Strategies for Solving Complex Problems in Cryptography - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-2915-6.ch005 ◽

2018 ◽

pp. 66-77

Author(s):

Kannan Balasubramanian

Keyword(s):

Hash Function ◽

Hash Functions ◽

Digital Signatures ◽

Message Authentication ◽

Authenticated Encryption ◽

Authentication Codes ◽

Message Authentication Codes ◽

Message Digest ◽

Cryptographic Hash Functions

Cryptographic Hash Functions are used to achieve a number of Security goals like Message Authentication, Message Integrity, and are also used to implement Digital Signatures (Non-repudiation), and Entity Authentication. This chapter discusses the construction of hash functions and the various attacks on the Hash functions. The Message Authentication Codes are similar to the Hash functions except that they require a key for producing the message digest or hash. Authenticated Encryption is a scheme that combines hashing and Encryption. The Various types of hash functions like one-way hash function, Collision Resistant hash function and Universal hash functions are also discussed in this chapter.

Download Full-text

A Safe and Efficient Message Authentication Scheme In The Internet Of Vehicles

2020 International Conference on Information Science, Parallel and Distributed Systems (ISPDS) ◽

10.1109/ispds51347.2020.00010 ◽

2020 ◽

Author(s):

Chenyang Yan ◽

Yulei Zhang ◽

Hongshuo Wang ◽

Shaoyang Yu

Keyword(s):

Authentication Scheme ◽

The Internet ◽

Message Authentication ◽

Internet Of Vehicles

Download Full-text

BREAKING AND REPAIRING AN APPROXIMATE MESSAGE AUTHENTICATION SCHEME

Discrete Mathematics Algorithms and Applications ◽

10.1142/s1793830911001292 ◽

2011 ◽

Vol 03 (03) ◽

pp. 393-412 ◽

Cited By ~ 6

Author(s):

DONGVU TONIEN ◽

REIHANEH SAFAVI-NAINI ◽

PETER NICKOLAS

Keyword(s):

Hash Functions ◽

Authentication Scheme ◽

Multimedia Communications ◽

Selection Function ◽

Message Authentication ◽

Biometric Authentication ◽

Original Design ◽

Original Scheme ◽

Message Digest ◽

Corrected Scheme

Traditional hash functions are designed to protect against even the slightest modification of a message. Thus, one bit changed in a message would result in a totally different message digest when a hash function is applied. This feature is not suitable for applications whose message spaces admit a certain fuzziness, such as multimedia communications or biometric authentication applications. In these applications, approximate hash functions must be designed so that the distance between messages are proportionally reflected in the distance between message digests. Most of the previous designs of approximate hash functions employ traditional hash functions. In an ingenious approximate message authentication scheme for an N-ary alphabet recently proposed by Ge, Arce and Crescenzo, the approximate hash functions are based on the majority selection function. This scheme is suitable for N-ary messages with arbitrary alphabet size N. In this paper, we show a hidden property of the majority selection function, which allows us to successfully break this scheme. We show that an adversary, by observing just one message and digest pair, without any knowledge of the secret information, can generate N - 1 new valid message and digest pairs. In order to resist the attack, we propose some modifications to the original design. The corrected scheme is as efficient as the original scheme and it is secure against the attack. By a new combinatorial approach, we calculate explicitly the security parameters of the corrected scheme.

Download Full-text

Message Authentication Scheme for ad hoc Networks with Homomorphic Hash Function

2019 2nd World Symposium on Communication Engineering (WSCE) ◽

10.1109/wsce49000.2019.9040951 ◽

2019 ◽

Author(s):

Seiya Matsunaga ◽

Naotoshi Adachi

Keyword(s):

Ad Hoc Networks ◽

Hash Function ◽

Ad Hoc ◽

Authentication Scheme ◽

Message Authentication ◽

Hoc Networks

Download Full-text

High Speed FPGA Implementation of Cryptographic KECCAK Hash Function Crypto-Processor

Journal of Circuits System and Computers ◽

10.1142/s0218126616500262 ◽

2016 ◽

Vol 25 (04) ◽

pp. 1650026 ◽

Cited By ~ 11

Author(s):

Fatma Kahri ◽

Hassen Mestiri ◽

Belgacem Bouallegue ◽

Mohsen Machhout

Keyword(s):

Hash Function ◽

High Speed ◽

Hash Functions ◽

Message Authentication ◽

Authentication Codes ◽

Trade Off ◽

Security Applications ◽

Hash Algorithm ◽

The Us ◽

Cryptographic Hash Functions

Cryptographic hash functions are at the heart of many information security applications like message authentication codes (MACs), digital signatures and other forms of authentication. One of the methods to ensure information integrity is the use of hash functions, which generates a stream of bytes (hash) that must be unique. But most functions can no longer prevent malicious attacks and ensure that the information have just a hash. Because of the weakening of the widely used SHA-1 hash algorithm and concerns over the similarly-structured algorithms of the SHA-2 family, the US National Institute of Standards and Technology (NIST) has initiated the SHA-3 contest in order to select a suitable drop-in replacement. KECCAK hash function has been submitted to SHA-3 competition and it belongs to the final five candidate functions. In this paper, we present the implementation details of the hash function’s KECCAK algorithm, moreover, the proposed KECCAK design has been implemented on XILINX FPGAs. Its area, frequency, throughput and efficiency have been derived and compared and it is shown that the proposed design allows a trade-off between the maximum frequency and the area implementation.

Download Full-text