scholarly journals New Semi-Free-Start Collision Attack Framework for Reduced RIPEMD-160

2019 ◽  
pp. 169-192
Author(s):  
Fukang Liu ◽  
Christoph Dobraunig ◽  
Florian Mendel ◽  
Takanori Isobe ◽  
Gaoli Wang ◽  
...  
Keyword(s):  
Hash Function ◽  
Time Complexity ◽  
Hash Functions ◽  
Stream Structure ◽  
Collision Attack ◽  
Time Period ◽  
Collision Attacks ◽  
Memory Complexity ◽  
New Framework

RIPEMD-160 is a hash function published in 1996, which shares similarities with other hash functions designed in this time-period like MD4, MD5 and SHA-1. However, for RIPEMD-160, no (semi-free-start) collision attacks on the full number of steps are known. Hence, it is still used, e.g., to generate Bitcoin addresses together with SHA-256, and is an ISO/IEC standard. Due to its dual-stream structure, even semifree- start collision attacks starting from the first step only reach 36 steps, which were firstly shown by Mendel et al. at Asiacrypt 2013 and later improved by Liu, Mendel and Wang at Asiacrypt 2017. Both of the attacks are based on a similar freedom degree utilization technique as proposed by Landelle and Peyrin at Eurocrypt 2013. However, the best known semi-free-start collision attack on 36 steps of RIPEMD-160 presented at Asiacrypt 2017 still requires 255.1 time and 232 memory. Consequently, a practical semi-free-start collision attack for the first 36 steps of RIPEMD-160 still requires a significant amount of resources. Considering the structure of these previous semi-free-start collision attacks for 36 steps of RIPEMD-160, it seems hard to extend it to more steps. Thus, we develop a different semi-free-start collision attack framework for reduced RIPEMD-160 by carefully investigating the message expansion of RIPEMD-160. Our new framework has several advantages. First of all, it allows to extend the attacks to more steps. Second, the memory complexity of the attacks is negligible. Hence, we were able to mount semi-free-start collision attacks on 36 and 37 steps of RIPEMD-160 with practical time complexity 241 and 249 respectively. Additionally, we describe semi-free-start collision attacks on 38 and 40 (out of 80) steps of RIPEMD-160 with time complexity 252 and 274.6, respectively. To the best of our knowledge, these are the best semi-free-start collision attacks for RIPEMD-160 starting from the first step with respect to the number of steps, including the first practical colliding message pairs for 36 and 37 steps of RIPEMD-160.

scholarly journals Quantum rebound attack to D-M structure based on ARIA algorithm

2021 ◽  
Vol 2078 (1) ◽  
pp. 012003
Author(s):  
Shanque Dou ◽  
Ming Mao ◽  
Yanjun Li ◽  
Dongying Qiu
Keyword(s):  
Quantum Computing ◽  
Hash Function ◽  
Block Cipher ◽  
Security Analysis ◽  
Hash Functions ◽  
Block Ciphers ◽  
Collision Attack ◽  
Cryptographic Algorithms ◽  
Collision Attacks ◽  
Quantum Technology

Abstract With the increasing application of quantum computing, quantum technology is increasingly used in the security analysis and research of multiple symmetric cryptographic algorithms such as block ciphers and hash functions. In 2020, Sasaki et al. proposed a dedicated quantum collision attack against hash functions in EUROCRYPT. Some differential trajectories with a probability of 2−2n/3 that cannot be used in the classical environment may be used to launch collision attacks in the quantum environment. The ARIA algorithm is a block cipher proposed by the Korean researcher Kwon et al. on ICISC 2003. The block cipher algorithm is similar to AES in structure. This article mainly analyzes the security of Davies-Meyer structure, and uses AIRA as the permutation function to construct ARIA hash function based on the DM hash model. A new AIRA differential path was found based on MILP, and 7 rounds of ARIA-DM hash function quantum rebound attacks were given.

scholarly journals Quantum Free-Start Collision Attacks on Double Block Length Hashing with Round-Reduced AES-256

2021 ◽  
pp. 316-336
Author(s):  
Amit Kumar Chauhan ◽  
Abhishek Kumar ◽  
Somitra Kumar Sanadhya
Keyword(s):  
Time Complexity ◽  
Block Length ◽  
Compression Function ◽  
Collision Attack ◽  
Classical Setting ◽  
Quantum Version ◽  
Collision Attacks ◽  
Double Block Length

Recently, Hosoyamada and Sasaki (EUROCRYPT 2020), and Xiaoyang Dong et al. (ASIACRYPT 2020) proposed quantum collision attacks against AES-like hashing modes AES-MMO and AES-MP. Their collision attacks are based on the quantum version of the rebound attack technique exploiting the differential trails whose probabilities are too low to be useful in the classical setting but large enough in the quantum setting. In this work, we present dedicated quantum free-start collision attacks on Hirose’s double block length compression function instantiated with AES-256, namely HCF-AES-256. The best publicly known classical attack against HCF-AES-256 covers up to 9 out of 14 rounds. We present a new 10-round differential trail for HCF-AES-256 with probability 2−160, and use it to find collisions with a quantum version of the rebound attack. Our attack succeeds with a time complexity of 285.11 and requires 216 qRAM in the quantum-attack setting, where an attacker can make only classical queries to the oracle and perform offline computations. We also present a quantum free-start collision attack on HCF-AES-256 with a time complexity of 286.07 which outperforms Chailloux, Naya-Plasencia, and Schrottenloher’s generic quantum collision attack (ASIACRYPT 2017) in a model when large qRAM is not available.

Data Integrity

2017 ◽  
Author(s):  
Keith M. Martin
Keyword(s):  
Hash Function ◽  
Hash Functions ◽  
Data Integrity ◽  
Message Authentication ◽  
Authenticated Encryption ◽  
Authentication Codes ◽  
Basic Model ◽  
Function Design ◽  
Security Properties ◽  
Different Levels

This chapter discusses cryptographic mechanisms for providing data integrity. We begin by identifying different levels of data integrity that can be provided. We then look in detail at hash functions, explaining the different security properties that they have, as well as presenting several different applications of a hash function. We then look at hash function design and illustrate this by discussing the hash function SHA-3. Next, we discuss message authentication codes (MACs), presenting a basic model and discussing basic properties. We compare two different MAC constructions, CBC-MAC and HMAC. Finally, we consider different ways of using MACs together with encryption. We focus on authenticated encryption modes, and illustrate these by describing Galois Counter mode.

scholarly journals Uniform logical cryptanalysis of CubeHash function

2010 ◽  
Vol 23 (3) ◽  
pp. 357-366
Author(s):  
Miodrag Milic ◽  
Vojin Senk
Keyword(s):  
Hash Function ◽  
Hash Functions ◽  
Promising Method ◽  
International Competition ◽  
Great Effort ◽  
Cryptographic Hash Function ◽  
The World ◽  
Cryptographic Hash Functions ◽  
Made In

In this paper we present results of uniform logical cryptanalysis method applied to cryptographic hash function CubeHash. During the last decade, some of the most popular cryptographic hash functions were broken. Therefore, in 2007, National Institute of Standards and Technology (NIST), announced an international competition for a new Hash Standard called SHA-3. Only 14 candidates passed first two selection rounds and CubeHash is one of them. A great effort is made in their analysis and comparison. Uniform logical cryptanalysis presents an interesting method for this purpose. Universal, adjustable to almost any cryptographic hash function, very fast and reliable, it presents a promising method in the world of cryptanalysis.

scholarly journals Comparing the speed of the selected hash and encryption algorithms

2017 ◽  
Vol 4 ◽  
pp. 82-86
Author(s):  
Dawid Górniak ◽  
Piotr Kopniak
Keyword(s):  
Programming Language ◽  
Research Group ◽  
Data Security ◽  
Hash Function ◽  
Hash Functions ◽  
Encryption Algorithm ◽  
Java Programming ◽  
Signature Generation ◽  
Encryption Algorithms ◽  
Valuable Thing

The data is often the most valuable thing that we collect on our computers. Without proper data security with encryption our valuable information may be illegally used by an unauthorised person. The article presents selected encryption methods and hash functions available in Boucy Castle library for Java programming language. The presented analysis applies to measurement of the speed of signature generation and verification. The signatures are for 240 bit encryption algorithms. In case of a hash function, the analysis refers to the speed of such functions. The fastest encryption algorithm and hash function from the research group were AES and SHA1.

Cryptanalysis of a Fragile Watermark Based H.264/AVC Video Authentication Scheme

2011 ◽  
Vol 145 ◽  
pp. 552-556 ◽  
Author(s):  
Grace C.W. Ting ◽  
Bok Min Goi ◽  
S. W. Lee
Keyword(s):  
Hash Function ◽  
Hash Functions ◽  
Authentication Scheme ◽  
The Internet ◽  
Message Authentication ◽  
High Definition ◽  
Video Authentication ◽  
Fragile Watermark ◽  
Private Key ◽  
Watermark Embedding

H.264/AVC is a widespread standard for high definition video (HD) for example DVD and HD videos on the internet. To prevent unauthorized modifications, video authentication can be used. In this paper, we present a cryptanalysis of a H.264/AVC video authentication scheme proposed by Saadi et al. [1] at EUSIPCO 2009. Our result will prevent situations where newer schemes are developed from the scheme thus amplifying the flaw. The designers claimed that the scheme can detect modifications on watermarked video. However, we show that an attacker can modify the watermarked video and compute a valid watermark such that the recipient will retrieve a watermark from the modified watermarked video that will match what the recipient computes during video authentication check. Thus, the recipient will think the tampered video is authentic. The first main problem of the scheme is its use of hash functions for watermark generation. Since hash functions are public functions not depending on any secret, the attacker can modify the watermarked video and feed this through the hash function to compute a new watermark. The second problem is that it is possible for the attacker to perform watermark embedding thus producing a modified watermarked video. On receiving the modified video, the recipient recomputes the watermark and compares this with the watermark extracted from the video. They will match because the embedded watermark and recomputed watermark use the same hash function based watermark generation and the same input i.e. the modified video. Our cryptanalysis strategy applies to any watermarking based video authentication scheme where the watermark and embedding are not functions of secrets. As countermeasure, the functions should be designed so that only legitimate parties can perform them. We present two improved schemes that solve this problem based on private key signing functions and message authentication functions respectively.

Hash Functions and Their Applications

2018 ◽  
pp. 66-77
Author(s):  
Kannan Balasubramanian
Keyword(s):  
Hash Function ◽  
Hash Functions ◽  
Digital Signatures ◽  
Message Authentication ◽  
Authenticated Encryption ◽  
Authentication Codes ◽  
Message Authentication Codes ◽  
Message Digest ◽  
Cryptographic Hash Functions

Cryptographic Hash Functions are used to achieve a number of Security goals like Message Authentication, Message Integrity, and are also used to implement Digital Signatures (Non-repudiation), and Entity Authentication. This chapter discusses the construction of hash functions and the various attacks on the Hash functions. The Message Authentication Codes are similar to the Hash functions except that they require a key for producing the message digest or hash. Authenticated Encryption is a scheme that combines hashing and Encryption. The Various types of hash functions like one-way hash function, Collision Resistant hash function and Universal hash functions are also discussed in this chapter.

scholarly journals Known-Key Distinguishing and Partial-Collision Attacks on GFN-2 with SP F-Function

2020 ◽  
Vol 2020 ◽  
pp. 1-8
Author(s):  
Deukjo Hong
Keyword(s):  
Distinguishing Attack ◽  
Collision Attack ◽  
Collision Attacks

We study known-key distinguishing and partial-collision attacks on GFN-2 structures with various block lengths in this paper. For 4-branch GFN-2, we present 15-round known-key distinguishing attack and 11-round partial-collision attack which improve previous results. We also present 17-round known-key distinguishing attack on 6-branch GFN-2 and 27-round known-key distinguishing attack on 8-branch GFN-2 and show that several partial-collision attacks are derived from them. Additionally, some attacks are valid under special conditions for the F-function.

Design and Analysis on a Parallel Chaos-Based Hash Function

2020 ◽  
Vol 30 (13) ◽  
pp. 2050188
Author(s):  
Zhuo Liu ◽  
Yong Wang ◽  
Gongkun Jiang ◽  
Leo Yu Zhang
Keyword(s):  
Hash Function ◽  
High Efficiency ◽  
Chaotic Map ◽  
Hash Functions ◽  
Data Integrity ◽  
Security Requirements ◽  
Computing Platform ◽  
Performance Requirements ◽  
Data Capacity ◽  
Parallel Mode

The inherent random-like behavior and one-way property of iteration in chaotic systems provide a good basis for designing Hash function. In the era of big data, due to the increasing data capacity in applications, fast Hash functions with parallel mode are highly desirable when authenticating data integrity. We analyze the issue of how to parallelize Hash function with iterative structure. Some security requirements on parallel Hash function are presented. In addition, using chaotic map and block cipher, we construct a keyed parallel Hash function. The message blocks are firstly processed in parallel by a DM-like structure. Furthermore, a tree mode with chaotic map is utilized to combine the outputs of the hash round function in parallel. The proposed Hash function is analyzed by theory and tested by computer simulations. The test results show that the proposed scheme can resist the various common attacks against Hash functions. It satisfies the secure performance requirements of Hash function. Owing to the usage of the parallel mode to process messages, the proposed chaos-based Hash function possess high efficiency and has high potential in applications to guarantee data integrity on a parallel computing platform.

Sign in / Sign up

Export Citation Format

Share Document