Yu Sasaki,Lei Wang,Shuang Wu,Wenling Wu

DOI: https://doi.org/10.1007/978-3-642-34961-4_34

2012-01-01

Abstract:In this paper, improved cryptanalyses for the ISO standard hash function Whirlpool are presented with respect to the fundamental security notions. While a subspace distinguisher was presented on full version (10 rounds) of the compression function, its impact to the security of the hash function seems limited. In this paper, we discuss the (second) preimage and collision attacks for the hash function and the compression function of Whirlpool. Regarding the preimage attack, 6 rounds of the hash function are attacked with 2(481) computations while the previous best attack is for 5 rounds with 2(481.5) computations. Regarding the collision attack, 8 rounds of the compression function are attacked with 2(120) computations, while the previous best attack is for 7 rounds with 2(184) computations. To verify the correctness, especially for the rebound attack on the Sbox with an unbalanced Differential Distribution Table (DDT), the attack is partially implemented, and the differences from attacking the Sbox with balanced DDT are reported.

Fan Zhang,Zhijie Jerry Shi

DOI: https://doi.org/10.1109/ITNG.2011.70

2011-01-01

Abstract:In cryptography, a keyed-Hash Message Authentication Code (HMAC) is a type of message authentication code(MAC) calculated with a cryptographic hash function and a secret key. The security of the HMAC relies on the underlying hash function and the secret key. Whirlpool is a block cipher based hash algorithm that has been in public for about ten years. So far no effective attacks have been found on Whirlpool. As a result, HMAC with Whirlpool, i.e., HMAC-Whirlpool, is supposed to be secure. In this paper, we demonstrate that HMAC-Whirlpool is vulnerable to power analysis attacks. We designed two types of attacks: one is based on Differential Power Analysis (DPA) and the other on Correlation Power Analysis (CPA). We successfully launched the attacks at HMAC-Whirlpool running on an Atmel AVR processor. We also compared the attacks in terms of the number of power traces needed.

Wei Li,Zhi Tao,Dawu Gu,Yi Wang,Zhiqiang Liu,Ya Liu

DOI: https://doi.org/10.4304/jcp.8.11.2888-2894

2013-01-01

Journal of Computers

Abstract:The MD5, proposed by R. Riverst in 1992, is a widely used hash function with Merkle-Damgard structure. In the literature, many studies have been devoted to classical cryptanalysis on the MD5, such as the collision attack, the preimage attack etc. In this paper, we propose a new differential fault analysis on the MD5 compression function in the word-oriented random fault model. The simulating experimental results show that 144 random faults on average are required to obtain the current input message block. Our method not only increases the efficiency of fault injection, but also decreases the number of fault hash values. It provides a new reference for the security analysis of the same structure of the hash compression functions.

Wei Li,Wenwen Zhang,Dawu Gu,Zhi Tao,Zhihong Zhou,Ya Liu,Zhiqiang Liu

DOI: https://doi.org/10.3837/tiis.2015.02.018

2015-01-01

KSII Transactions on Internet and Information Systems

Abstract:The TWINE is a new Generalized Feistel Structure (GFS) lightweight cryptosystem in the Internet of Things. It has 36 rounds and the key lengths support 80 bits and 128 bits, which are flexible to provide security for the RFID, smart cards and other highly-constrained devices. Due to the strong attacking ability, fast speed, simple implementation and other characteristics, the differential fault analysis has become an important method to evaluate the security of lightweight cryptosystems. On the basis of the 4-bit fault model and the differential analysis, we propose an effective differential fault attack on the TWINE cryptosystem. Mathematical analysis and simulating experiments show that the attack could recover its 80-bit and 128-bit secret keys by introducing 8 faulty ciphertexts and 18 faulty ciphertexts on average, respectively. The result in this study describes that the TWINE is vulnerable to differential fault analysis. It will be beneficial to the analysis of the same type of other iterated lightweight cryptosystems in the Internet of Things.

Wei Li,Linfeng Liao,Dawu Gu,Chenyu Ge,Zhiyong Gao,Zhihong Zhou,Zheng Guo,Ya Liu,Zhiqiang Liu

DOI: https://doi.org/10.3837/tiis.2018.01.023

2018-01-01

Abstract:With the advancement and deployment of wireless communication techniques, wireless body area network (WBAN) has emerged as a promising approach for e-healthcare that collects the data of vital body parameters and movements for sensing and communicating wearable or implantable healthful related information. In order to avoid any possible rancorous attacks and resource abuse, employing lightweight ciphers is most effective to implement encryption, decryption, message authentication and digital signature for security of WBAN. As a typical lightweight cryptosystem with an extended sponge function framework, the PHOTON family is flexible to provide security for the RFID and other highly-constrained devices. In this paper, we propose a differential fault analysis to break three flavors of the PHOTON family successfully. The mathematical analysis and simulating experimental results show that 33, 69 and 86 random faults in average are required to recover each message input for PHOTON-80 /20/16, PHOTON-160/36/36 and PHOTON-224/32/32, respectively. It is the first result of breaking PHOTON with the differential fault analysis. It provides a new reference for the security analysis of the same structure of the lightweight hash functions in the WBAN.

Shi HUANG,Wenzhuo LIU,Tianjie CAO

DOI: https://doi.org/10.3876/j.issn.1000-1980.2015.03.015

2015-01-01

Abstract:Based on analysis of existing remote data integrity verification methods and using homomorphic hashing and pseudo-random numbers in the tag blocking stage, a data integrity verification method, supporting dynamic data and considering challenges to be unlimited, is proposed to deal with the problem of users ’ data integrity verification in cloud storage. The effectiveness of this method is verified through security and performance analyses. With a guarantee of maintaining the remote data integrity, the method can reduce the redundancy of storage space and the bandwidth consumption in data communication.

LI Wei,WANG Menglin,GU Dawu,LI Jiayao,CAI Tianpei,XU Guangwei

DOI: https://doi.org/10.11959/j.issn.1000-436x.2021039

2021-01-01

Abstract:The security analysis of TWINE against the ciphertext-only fault analysis was proposed.The secret key of TWINE could be recovered with a success probability at least 99% using a series of distinguishers of SEI、MLE、HW、GF、GF-SEI、GF-MLE、Parzen-HW、MLE-HE、HW-HE and HW-MLE-HE.Among them, the novel proposed distinguishers of MLE-HE、HW-HE and HW-MLE-HE can effectively reduce the faults and improve the attack efficiency in simulating experiments.It provides a significant reference for analyzing the security of lightweight ciphers in the Internet of Things.

Huafei Zhu,Lixin Ran,Yumin Wang

IF: 1.019

1999-01-01

Chinese Journal of Electronics

Abstract:Cryptographic hash functions are very important for cryptographic protocols such as signature scheme and message authentication. Based on the pioneer work of X. Lai et al., a new framework of hash algorithm is developed in this paper. In our hash scheme, an extra pseudorandom keystream generator is not needed which may be more conveniently for practical use. We have proved that the security of the new hash scheme is equivalent to that of feedback shift registers (FSRs) controlled by 2m - bit security keys.

Congming Wei,Bingyou Dong,Jialiang Hua,Xiaoyang Dong,Guoyan Zhang

DOI: https://doi.org/10.1007/s10623-023-01254-0

IF: 1.4

2023-01-01

Designs Codes and Cryptography

Abstract:The Whirlwind hash function was proposed by Barreto et al. (Des Codes Cryptogr 56(2–3):141–162, 2010, https://doi.org/10.1007/s10623-010-9391-y ). In this paper, we focus on preimage and collision attacks on reduced-round Whirlwind. With the help of MILP models, a 7-round pseudo-preimage attack is presented. Then we revisit the framework of Ma et al. and successfully improve the preimage attack on 4-round Whirlwind with time complexity reduced from 2^497 to 2^417 . Meanwhile, by using quantum algorithms, we find a quantum collision attack on 5-round Whirlwind, which improves running time from 2^190.5 to 2^127.15 comparing to standard BHT algorithm while using the same amount of quantum memory. Also, semi-free-start collision of Whirlwind compression function is improved from 6 round to 7 round, while keeping complexity unchanged.

Yang Su,Yansong Gao,Omid Kavehei,Damith C. Ranasinghe

DOI: https://doi.org/10.48550/arXiv.1902.03040

2019-02-08

Abstract:Recently, we have witnessed the emergence of intermittently powered computational devices, an early example is the Intel WISP (Wireless Identification and Sensing Platform). How we engineer basic security services to realize mutual authentication, confidentiality and preserve privacy of information collected, stored and transmitted by, and establish the veracity of measurements taken from, such devices remain an open challenge; especially for batteryless and intermittently powered devices. While the cryptographic community has significantly progressed lightweight (in terms of area overhead) security primitives for low cost and power efficient hardware implementations, lightweight software implementations of security primitives for resource constrained devices are less investigated. Especially, the problem of providing security for intermittently powered computational devices is unexplored. In this paper, we illustrate the unique challenges posed by an emerging class of intermittently powered and energy constrained computational IoT devices for engineering security solutions. We focus on the construction and evaluation of a basic hash primitive---both existing cryptographic hash functions and non-cryptographic hash functions built upon lightweight block ciphers. We provide software implementation benchmarks for eight primitives on a low power and resource limited computational device, and outline an execution model for these primitives under intermittent powering.

Cryptography and Security

Rui-Xin Zhan,K. Y. Chau,Zhe-Ming Lu,Bei-Bei Liu,W. H. Ip

DOI: https://doi.org/10.1109/isda.2008.66

2008-01-01

Abstract:Image hashing function maps an image into a bit string which can be used to authenticate the originality of the image. In this paper, we propose a perceptual image hashing scheme that is secure and robust to visually insignificant changes but fragile enough to detect and precisely locate malicious attacks. The proposed image hashing method is based on the outlines of one-dimensional signals re-arranged from the 8times8 DCT blocks. The final image hash is obtained by applying binary quantization to the DWT coefficients of the obtained 1-D signals. Experimental results are presented to show the effectiveness of the proposed scheme.

Di Zhai,Wei Bai,Jianding Fu,Hongjian Gao,Xueqiong Zhu

DOI: https://doi.org/10.1016/j.heliyon.2024.e26119

IF: 3.776

2024-02-28

Heliyon

Abstract:Lightweight cryptography algorithms are a class of ciphers designed to protect data generated and transmitted by the Internet of Things. They typically have low requirements in terms of storage space and power consumption, and are well-suited for resource-limited application scenarios such as embedded systems, actuators, and sensors. The NIST-approved competition for lightweight cryptography aims to identify lightweight cryptographic algorithms that can serve as standards. Its objective is to enhance data security in various scenarios. Among the chosen standards for lightweight cryptography, ASCON has been selected. ASCON-HASH is a hash function within the ASCON family. This paper presents a detailed analysis of the differential characteristics of ASCON-HASH, utilizing the quadratic S-box. Additionally, we employ message modification techniques and ultimately demonstrate a non-practical collision attack on the 2-round ASCON-HASH, requiring a time complexity of 2 98 hash function calls.

Nikolaos Doukas,Oleksandr P. Markovskyi,Nikolaos G. Bardis

DOI: https://doi.org/10.1016/j.tcs.2019.10.015

IF: 1.002

2019-12-01

Theoretical Computer Science

Abstract:Cloud based storage is being widely used as a viable solution to the problem of data storage in contexts where financial and practical considerations prohibit the use of locally based hardware and software resources. User reservations and legal constraints however have given rise to questions about the verifiability of the integrity of the stored data, especially in the case of public cloud infrastructure. A new problem has hence arisen, that of auditing stored files in order to obtain Proof of Retrievability. Secure cloud storage systems are limited by the overheads they require in order to provide the required security levels. Combined use of cloud and local computational resources is necessary in order to enable the desirable user experiences. With increasing local processing capacities, the most significant relevance is encountered in the Big Data Processing paradigm. The volumes of data that need to be processed are overwhelming to such an extent that approaches which use unlimited amounts of power, for processing and storage are not feasible. This paper focuses on a recent study of hash function requirements for big data applications and an associated key – based hash function design technique that makes the real – time collection, summarization, analysis and decision making based on streaming data. A file auditing technique is proposed that uses fundamental big data mass processing operations in order to develop an efficient and reliable proof of recoverability algorithm.

computer science, theory & methods

Wael Alosaimi,Abdullah Alharbi,Hashem Alyami,Bader Alouffi,Ahmed Almulihi,Mohd Nadeem,Rajeev Kumar,Alka Agrawal

DOI: https://doi.org/10.3934/math.2024342

2024-01-01

AIMS Mathematics

Abstract:The Internet of Things (IoT) market is experiencing exponential growth, with projections increasing from 15 billion dollars to an estimated 75 billion dollars by 2025. Quantum computing has emerged as a key enabler for managing the rapid expansion of IoT technology, serving as the foundation for quantum computing support. However, the adoption of quantum computing also introduces numerous privacy and security challenges. We delve into the critical realm of quantum-level security within a typical quantum IoT. To achieve this objective, we identified and precisely analyzed security attributes at various levels integral to quantum computing. A hierarchical tree of quantum computing security attributes was envisioned, providing a structured approach for systematic and efficient security considerations. To assess the impact of security on the quantum-IoT landscape, we employed a unified computational model based on Multi-Criteria Decision-Making (MCDM), incorporating the Analytical Hierarchy Process (AHP) and the Technique for Ordering Preferences by Similarity to Ideal Solutions (TOPSIS) within a fuzzy environment. Fuzzy sets were used to provide practical solutions that can accommodate the nuances of diverse and ambiguous opinions, ultimately yielding precise alternatives and factors. The projected undertaking was poised to empower practitioners in the quantum-IoT realm by aiding in the identification, selection, and prioritization of optimal security factors through the lens of quantum computing.

mathematics, applied

Guanglu Wei,Kai Fan,Kuan Zhang,Haoyang Wang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/jiot.2023.3323275

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:In recent years, the Internet of Things (IoT) has gained immense popularity in various aspects of work, learning, and daily life. Within the Internet of Things realm, there is a growing concern regarding communication security issues between users and servers. However, addressing the communication security between servers is equally imperative, which has not received as much attention. To this end, we propose a certificateless anonymous authenticated key agreement (AKA) algorithm based on Learning with Errors (LWE) and Inhomogeneous Small Integer Solution (ISIS) security assumptions. Our scheme provides strong resistance to quantum attacks and protects the privacy of communication servers. It also has constant communication costs and lower computational requirements than existing lattice-based anonymous AKA algorithms on the broadcast channel. Additionally, the proposed scheme eliminates the resource consumption of managing complex certificates and addresses the security risks associated with key escrow in the key generation center (KGC). Through security and performance analysis, we demonstrate that our approach can enhance the security of IoT-based healthcare systems while significantly improving communication efficiency. Our proposed scheme provides a promising solution to security issues related to server communication in IoT systems.

computer science, information systems,telecommunications,engineering, electrical & electronic

Jian Guo,Yu Sasaki,Lei Wang,Shuang Wu

DOI: https://doi.org/10.1007/978-3-642-42045-0_2

2015-01-01

Abstract:In this paper, we present universal forgery and key recovery attacks on the most popular hash-based MAC constructions, e.g., HMAC and NMAC, instantiated with an AES-like hash function Whirlpool. These attacks work with Whirlpool reduced to 6 out of 10 rounds in single-key setting. To the best of our knowledge, this is the first result on "original" key recovery for HMAC ( previous works only succeeded in recovering the equivalent keys). Interestingly, the number of attacked rounds is comparable with that for collision and preimage attacks on Whirlpool hash function itself. Lastly, we present a distinguishing-H attack against the full HMAC- and NMAC-Whirlpool.

Yuan Zhang,Chunxiang Xu,Jining Zhao,Xiaojun Zhang,Junwei Wen

DOI: https://doi.org/10.1016/j.jisa.2015.05.001

IF: 4.96

2015-01-01

Journal of Information Security and Applications

Abstract:Cloud storage provides an efficient way for users to work together as a group by sharing data with each other. However, since shared data can be accessed and modified by multiple users and group membership may be changed frequently, this new paradigm poses many challenges for keeping integrity of shared data. Recently, Yuan et al. proposed an efficient integrity checking scheme (IEEE INFOCOM 2014, doi: 10.1109/INFOCOM.2014.6848154) for cloud data sharing with multi-user modification, which had many appealing features. They claimed that the scheme is secure and efficient, and they also provided the formal security proof and the performance evaluation. Regretfully, existing two security flaws in Yuan et al.'s scheme are pointed out in this letter. Specifically, by fooling the third-party auditor (TPA) into trusting that the data is well maintained by the cloud server, an adversary can process the following two deceiving methods. Firstly, the adversary can modify the shared data and tamper with the interaction messages between the cloud server and the TPA, thus invalidating shared data integrity checking. Secondly, an adversary, who records a fraction of the cloud-stored data, can overwrite the vast majority of the shared data by using the recorded data and passing shared data integrity verification. Furthermore, we suggest a solution to the two security flaws while retaining all the desirable features of the original scheme.

Yizhuo Tan,Hrvoje Kukina,Jakub Szefer

2024-10-10

Abstract:As the quantum research community continues to grow and new algorithms are designed, developed, and implemented, it is crucial to start thinking about security aspects and potential threats that could result in misuse of the algorithms, or jeopardize the information processed with these quantum algorithms. This work focuses on exploration of two types of potential attacks that could be deployed on a cloud-based quantum computer by an attacker circuit trying to interfere with victim circuit. The two attacks, called Improper Initialization Attack (IIA) and Higher Energy Attack (HEA), are for the first time applied to a well-known and widely used quantum algorithm: HHL. The HHL algorithm is used in the field of machine learning and big data for solving systems of linear equations. This work evaluates the effect of the attacks on different qubits within the HHL algorithm: ancilla qubit, clock qubit, and b qubit. This work demonstrates that the two attacks are able to cause incorrect results, even when only one of the qubits in the victim algorithm is attacked. Having discovered the vulnerabilities, the work motivates the need for future work to develop defense strategies for each of these attack scenarios.

Cryptography and Security,Quantum Physics

Zhiwei Yu,Chaokun Wang,Clark Thomborson,Jianmin Wang,Shiguo Lian,Athanasios V. Vasilakos

DOI: https://doi.org/10.1002/spe.1088

2012-01-01

Abstract:With the rapid development of cloud computing, software applications are shifting onto cloud storage rather than remaining within local networks. Software distributions within the cloud are subject to security breaches, privacy abuses, and access control violations. In this paper, we identify an insider threat to access control which is not completely eliminated by the usual techniques of encryption, cryptographic hashes, and access-control labels. We address this threat using software watermarking. We evaluate our access-control scheme within the context of a Collaboration-oriented Architecture, as defined by The Jericho Forum. Copyright © 2011 John Wiley & Sons, Ltd.