Algebraic Fault Analysis of SHA-256 Compression Function and Its Application

Cryptographic hash functions play an essential role in various aspects of cryptography, such as message authentication codes, pseudorandom number generation, digital signatures, and so on. Thus, the security of their hardware implementations is an important research topic. Hao et al. proposed an algebraic fault analysis (AFA) for the SHA-256 compression function in 2014. They showed that one could recover the whole of an unknown input of the SHA-256 compression function by injecting 65 faults and analyzing the outputs under normal and fault injection conditions. They also presented an almost universal forgery attack on HMAC-SHA-256 using this result. In our work, we conducted computer experiments for various fault-injection conditions in the AFA for the SHA-256 compression function. As a result, we found that one can recover the whole of an unknown input of the SHA-256 compression function by injecting an average of only 18 faults on average. We also conducted an AFA for the SHACAL-2 block cipher and an AFA for the SHA-256 compression function, enabling almost universal forgery of the chopMD-MAC function.

A Guideline on Pseudorandom Number Generation (PRNG) in the IoT

Random numbers are an essential input to many functions on the Internet of Things (IoT). Common use cases of randomness range from low-level packet transmission to advanced algorithms of artificial intelligence as well as security and trust, which heavily rely on unpredictable random sources. In the constrained IoT, though, unpredictable random sources are a challenging desire due to limited resources, deterministic real-time operations, and frequent lack of a user interface. In this article, we revisit the generation of randomness from the perspective of an IoT operating system (OS) that needs to support general purpose or crypto-secure random numbers. We analyze the potential attack surface, derive common requirements, and discuss the potentials and shortcomings of current IoT OSs. A systematic evaluation of current IoT hardware components and popular software generators based on well-established test suits and on experiments for measuring performance give rise to a set of clear recommendations on how to build such a random subsystem and which generators to use.

Modification of the Logistic Map Using Fuzzy Numbers with Application to Pseudorandom Number Generation and Image Encryption

A modification of the classic logistic map is proposed, using fuzzy triangular numbers. The resulting map is analysed through its Lyapunov exponent (LE) and bifurcation diagrams. It shows higher complexity compared to the classic logistic map and showcases phenomena, like antimonotonicity and crisis. The map is then applied to the problem of pseudo random bit generation, using a simple rule to generate the bit sequence. The resulting random bit generator (RBG) successfully passes the National Institute of Standards and Technology (NIST) statistical tests, and it is then successfully applied to the problem of image encryption.

Twister Generator of Stochastic Planes

Various pseudorandom number generation algorithms may be used to create a discrete stochastic plane. If a Cartesian completeness property is required of the plane, it must be uniform. The point is, employing the concept of uncontrolled random number generation may yield low-quality results, since original sequences may omit random numbers or not be sufficiently uniform. We present a novel approach for generating stochastic Cartesian planes according to the model of complete twister sequences featuring uniform random numbers without omissions or repetitions. Simulation results confirm that the random planes obtained are indeed perfectly uniform. Moreover, recombining the original complete uniform sequence parameters allows the number of planes created to be significantly increased without using any extra random access memory.

Counterfeit Indeterminacy and Kane’s Self-Forming Actions

Kane provides Self-Forming Actions (SFAs) as a rebuttal to allegations that indeterministic choices are determined by luck and are therefore not free. This paper explicates Kane’s proposal and provides a conceptual complication for Kane’s SFAs. The quantum events in an indeterministic world can be recreated in a deterministic world by pseudorandom number generation. This deterministic world is indistinguishable from the indeterministic world it simulates at the quantum, neurological, and phenomenological levels. Thus, indeterministic quantum behavior cannot secure free will in Kane’s SFAs in any way which is not reproducible in a deterministic world. The paper addresses the objections that the proposed problem is merely an epistemic rather than metaphysical one and that a deterministic agent does not have plural voluntary control. I conjecture that a dualistic account of libertarian free will may dodge the problems I raise regarding Kane’s SFAs.