Research of collision properties of the modified UMAC algorithm on crypto-code constructions

The transfer of information by telecommunication channels is accompanied by message hashing to control the integrity of the data and confirm the authenticity of the data. When using a reliable hash function, it is computationally difficult to create a fake message with a pre-existing hash code, however, due to the weaknesses of specific hashing algorithms, this threat can be feasible. To increase the level of cryptographic strength of transmitted messages over telecommunication channels, there are ways to create hash codes, which, according to practical research, are imperfect in terms of the speed of their formation and the degree of cryptographic strength. The collisional properties of hashing functions formed using the modified UMAC algorithm using the methodology for assessing the universality and strict universality of hash codes are investigated. Based on the results of the research, an assessment of the impact of the proposed modifications at the last stage of the generation of authentication codes on the provision of universal hashing properties was presented. The analysis of the advantages and disadvantages that accompany the formation of the hash code by the previously known methods is carried out. The scheme of cascading generation of data integrity and authenticity control codes using the UMAC algorithm on crypto-code constructions has been improved. Schemes of algorithms for checking hash codes were developed to meet the requirements of universality and strict universality. The calculation and analysis of collision search in the set of generated hash codes was carried out according to the requirements of a universal and strictly universal class for creating hash codes

Two-weight and three-weight linear codes constructed from Weil sums

<p style='text-indent:20px;'>Linear codes with few weights are widely used in strongly regular graphs, secret sharing schemes, association schemes and authentication codes. In this paper, we construct several two-weight and three-weight linear codes over finite fields by choosing suitable different defining sets. We also give some examples and some of the codes are optimal or almost optimal. Their applications to secret sharing schemes are also investigated.</p>

BusCount: A Provable Replay Protection Solution for Automotive CAN Networks

Information technology has become eminent in the development of modern cars. More than 50 Electronic Control Units (ECUs) realize vehicular functions in hardware and software, ranging from engine control and infotainment to future autonomous driving systems. Not only do the connections to the outside world pose new threats, but also the in-vehicle communication between ECUs, realized by bus systems such as Controller Area Network (CAN), needs to be protected against manipulation and replay of messages. Multiple countermeasures were presented in the past making use of Message Authentication Codes and time stamps and message counters, respectively, to provide message freshness, most prominently AUTOSAR’s Secure Onboard Communication (SecOC). In this paper, we focus on the latter ones. As one aspect of this paper, using an adequate formal model and proof, we will show that the currently considered solutions exhibit deficiencies that are hard if not impossible to overcome within the scope of the respective approaches. We further present a hardware-based approach that avoids these deficiencies and formally prove its freshness properties. In addition, we show its practicability by a hardware implementation. Finally, we evaluate our approach in comparison to counter-based solutions currently being used.

Algebraic Fault Analysis of SHA-256 Compression Function and Its Application

Cryptographic hash functions play an essential role in various aspects of cryptography, such as message authentication codes, pseudorandom number generation, digital signatures, and so on. Thus, the security of their hardware implementations is an important research topic. Hao et al. proposed an algebraic fault analysis (AFA) for the SHA-256 compression function in 2014. They showed that one could recover the whole of an unknown input of the SHA-256 compression function by injecting 65 faults and analyzing the outputs under normal and fault injection conditions. They also presented an almost universal forgery attack on HMAC-SHA-256 using this result. In our work, we conducted computer experiments for various fault-injection conditions in the AFA for the SHA-256 compression function. As a result, we found that one can recover the whole of an unknown input of the SHA-256 compression function by injecting an average of only 18 faults on average. We also conducted an AFA for the SHACAL-2 block cipher and an AFA for the SHA-256 compression function, enabling almost universal forgery of the chopMD-MAC function.

A High Fidelity Authentication Scheme for AMBTC Compressed Image Using Reference Table Encoding

In this paper, we propose a high-quality image authentication method based on absolute moment block truncation coding (AMBTC) compressed images. The existing AMBTC authentication methods may not be able to detect certain malicious tampering due to the way that the authentication codes are generated. In addition, these methods also suffer from their embedding technique, which limits the improvement of marked image quality. In our method, each block is classified as either a smooth block or a complex one based on its smoothness. To enhance the image quality, we toggle bits in bitmap of smooth block to generate a set of authentication codes. The pixel pair matching (PPM) technique is used to embed the code that causes the least error into the quantization values. To reduce the computation cost, we only use the original and flipped bitmaps to generate authentication codes for complex blocks, and select the one that causes the least error for embedment. The experimental results show that the proposed method not only obtains higher marked image quality but also achieves better detection performance compared with prior works.

Hash Algorithm In Verification Of Certificate Data Integrity And Security

The hash function is the most important cryptographic primitive function and is an integral part of the blockchain data structure. Hashes are often used in cryptographic protocols, information security applications such as Digital Signatures and message authentication codes (MACs). In the current development of certificate data security, there are 2 (two) types of hashes that are widely applied, namely, MD and SHA. However, when it comes to efficiency, in this study the hash type SHA-256 is used because it can be calculated faster with a better level of security. In the hypothesis, the Merkle-Damgård construction method is also proposed to support data integrity verification. Moreover, a cryptographic hash function is a one-way function that converts input data of arbitrary length and produces output of a fixed length so that it can be used to securely authenticate users without storing passwords locally. Since basically, cryptographic hash functions have many different uses in various situations, this research resulted in the use of hash algorithms in verifying the integrity and authenticity of certificate information.

PLCrypto: A Symmetric Cryptographic Library for Programmable Logic Controllers

Programmable Logic Controllers (PLCs) are control devices widely used in industrial automation. They can be found in critical infrastructures like power grids, water systems, nuclear plants, manufacturing systems, etc. This paper introduces PLCrypto, a software cryptographic library that implements lightweight symmetric cryptographic algorithms for PLCs using a standard PLC programming language called structured text (ST). To the best of our knowledge, PLCrypto is the first ST-based cryptographic library that is executable on commercial off-the-shelf PLCs. PLCrypto includes a wide range of commonly used algorithms, totaling ten algorithms, including one-way functions, message authentication codes, hash functions, block ciphers, and pseudo-random functions/generators. PLCrypto can be used to protect the confidentiality and integrity of data on PLCs without additional hardware or firmware modification. This paper also presents general optimization methodologies and techniques used in PLCrypto for implementing primitive operations like bit-shifting/rotation, substitution, and permutation. The optimization tricks we distilled from our practice can also guide future implementation of other computationheavy programs on PLCs. To demonstrate a use case of PLCrypto in practice, we further realize a cryptographic protocol called proof of aliveness as a case study. We benchmarked the algorithms and protocols in PLCrypto on a commercial PLC, Allen Bradley ControlLogix 5571, which is widely used in the real world. Also, we make our source codes publicly available, so plant operators can freely deploy our library in practice.

Efficient Secret Image Sharing Scheme with Authentication and Cheating Prevention

Due to the widespread adoption and popularity of digital images in distributed storage, Secret Image Sharing (SIS) has attracted much attention. However, preventing the cheating of shares is an important problem that needs to be solved in the traditional SIS scheme. An adversary without image shares may participate in the restoration phase as a share owner. In this phase, the adversary can obtain real shares or prevent recovering real images by submitting fake shadows. Our schemes are based on the original Thien-Lin’s scheme. In the scheme I, we use some XOR operations to get two authentication codes through all secret pixel values to achieve a lightweight and fast-calculated authentication scheme for cheating prevention. This scheme is suitable for small devices with limited resources. In scheme II, we use a hash algorithm to generate the authentication code. This scheme is suitable for environments with larger storage space and higher security levels. Since all pixel values are involved in the authentication in our proposed schemes, it can prevent fake shadow images from cheating. Meanwhile, the shadow size is almost the same as the original Thien-Lin’s scheme. Experimental results and theoretical analysis show that the proposed schemes are feasible and effective.

An active detection of compromised nodes based on en-route trap in wireless sensor network

With the development and wide use of wireless sensor network, security arises as an essential issue since sensors with restrict resources are deployed in wild areas in an unattended manner. Most of current en-route filtering schemes could filter false data effectively; however, the compromised nodes could take use of the filtering scheme to launch Fictitious False data Dropping attack, the detection of this attack is extremely difficult since the previous hop node is unable to distinguish whether the forwarding node dropt a false data report with incorrect Message Authentication Codes or a legitimate report. This is the first attempt to address the Fictitious False data Dropping attack; in this article, we propose an Active Detection of compromised nodes based on En-route Trap to trap compromised nodes in the scenario of a false data dropping. A trust model is used to evaluate trust level of neighbor nodes with respect to their authentication behaviors. A detecting algorithm of compromised node is used to detect compromised nodes. Simulation results showed that our scheme can address the Fictitious False data Dropping attack and detect 60% of compromised nodes with a low false positive rate; consequently, the packet accuracy of an Active Detection of compromised nodes based on En-route Trap increases rapidly and reaches to 86%.