DOCSLIB.ORG

Dynamic Cryptographic Hash Functions

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

CERIAS Tech Report 2007-20 DYNAMIC CRYPTOGRAPHIC HASH FUNCTIONS by William Speirs Center for Education and Research in Information Assurance and Security, Purdue University, West Lafayette, IN 47907-2086 DYNAMIC CRYPTOGRAPHIC HASH FUNCTIONS A Thesis Submitted to the Faculty of Purdue University by William Robert Speirs II In Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy May 2007 Purdue University West Lafayette, Indiana ii To my parents, Jeffrey and Ellen iii ACKNOWLEDGMENTS First and foremost I would like to thank my adviser, Samuel S. Wagstaff, Jr. His advice, guidance, and patience helped me to gain a deeper understanding of the field of cryptography and research in general. I would also like to thank only one of my committee members Eugene Spafford for supporting me and my efforts to complete this Ph.D. A special thanks to Bart Preneel (Katholieke Universiteit Leuven) for providing early ideas and agreeing to be part of my preliminary examination committee. I would also like to thank Moses Liskov (The College of William and Mary) for providing me with valuable insight and comments towards the end of my work. Thanks to The Center for Education and Research in Information Assurance and Security (CERIAS) and the Computer Science faculty and staff of Purdue University for providing me with all the necessary resources and an environment that allowed me to complete this work. A special thanks goes to the Pikewerks Corporation and the Air Force Research Laboratory for providing me with funding to accomplish additional research not directly related to this dissertation. Finally, I would like to thank my family and friends. My family has always shown me unconditional support through sometimes tumultuous periods and always encouraged me to pursue this degree. My friends always supported me and endured my sometimes negative discourse about this dissertation. A special thanks goes to my roommates Barry Wittman and Armand Navabi who were always there to humor my ideas and help me especially in those final trying weeks; stick with it guys. \This thesis is dedicated to all the professors that wanted to see me fail, to all the companies that supported me while I was trying to make some money to support my daughter, and all the graduate students in the strug- gle." { Christopher George Latore Wallace (modified) iv TABLE OF CONTENTS Page LIST OF TABLES : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : viii LIST OF FIGURES : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : ix ABBREVIATIONS : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : x ABSTRACT : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : xi 1 Introduction : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 1 1.1 A Brief History of Cryptographic Hash Functions : : : : : : : : : : : 1 1.2 Current Applications of Cryptographic Hash Functions : : : : : : : : 3 1.3 Motivation for Dynamic Hash Functions : : : : : : : : : : : : : : : : 5 1.4 Scope of This Dissertation : : : : : : : : : : : : : : : : : : : : : : : : 6 1.4.1 Message Authentication Codes : : : : : : : : : : : : : : : : : : 7 1.5 Contributions of This Dissertation : : : : : : : : : : : : : : : : : : : : 8 1.6 Organization of This Dissertation : : : : : : : : : : : : : : : : : : : : 9 1.7 Notation : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 10 2 Traditional Cryptographic Hash Functions : : : : : : : : : : : : : : : : : : 13 2.1 Function Families : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 15 2.2 Adversarial Model : : : : : : : : : : : : : : : : : : : : : : : : : : : : 16 2.3 Methods for Defining Security Properties : : : : : : : : : : : : : : : : 17 2.3.1 Experiment Descriptions : : : : : : : : : : : : : : : : : : : : : 18 2.3.2 The Fixed and Asymptotic Frameworks : : : : : : : : : : : : : 19 2.4 Formal Definitions of Security Properties : : : : : : : : : : : : : : : : 20 2.4.1 Preimage Resistance : : : : : : : : : : : : : : : : : : : : : : : 20 2.4.2 Second Preimage Resistance : : : : : : : : : : : : : : : : : : : 21 2.4.3 Collision Resistance : : : : : : : : : : : : : : : : : : : : : : : : 22 2.5 Notions of Security : : : : : : : : : : : : : : : : : : : : : : : : : : : : 23 v Page 2.5.1 Preimage Resistance : : : : : : : : : : : : : : : : : : : : : : : 24 2.5.2 Second Preimage Resistance : : : : : : : : : : : : : : : : : : : 26 2.5.3 Collision Resistance : : : : : : : : : : : : : : : : : : : : : : : : 27 2.5.4 Implications Between Notions of Security : : : : : : : : : : : : 27 3 Dynamic Cryptographic Hash Functions : : : : : : : : : : : : : : : : : : : 29 3.1 Background and Introduction : : : : : : : : : : : : : : : : : : : : : : 29 3.2 Definition of a Dynamic Cryptographic Hash Function : : : : : : : : 30 3.3 Traditional Properties for Dynamic Hash Functions : : : : : : : : : : 32 3.4 Dynamic Versions of the Traditional Properties : : : : : : : : : : : : 35 3.5 Properties Without Traditional Analogs : : : : : : : : : : : : : : : : 40 3.5.1 Security Parameter Collision Resistance : : : : : : : : : : : : 41 3.5.2 Digest Resistance : : : : : : : : : : : : : : : : : : : : : : : : : 42 3.6 Implications Between Security Properties : : : : : : : : : : : : : : : : 44 3.7 Notions of Security : : : : : : : : : : : : : : : : : : : : : : : : : : : : 49 3.7.1 Implications Between Notions of Security : : : : : : : : : : : : 52 3.8 Using Dynamic Hash Functions in Practice : : : : : : : : : : : : : : : 54 3.8.1 Expected Security for an Ideal Dynamic Hash Function : : : : 54 3.8.2 Choosing the Right Security Parameter : : : : : : : : : : : : : 56 4 Cryptographic Hash Function Constructions : : : : : : : : : : : : : : : : : 58 4.1 The Merkle-Damg˚ard Construction : : : : : : : : : : : : : : : : : : : 59 4.1.1 Proofs for Preimage Resistance and Collision Resistance : : : 60 4.2 Attacks Against the Merkle-Damg˚ard Construction : : : : : : : : : : 63 4.2.1 The Birthday Attack : : : : : : : : : : : : : : : : : : : : : : : 64 4.2.2 The Length Extension Attack : : : : : : : : : : : : : : : : : : 65 4.2.3 The Multi-Collision Attack : : : : : : : : : : : : : : : : : : : : 65 4.2.4 Herding Attack : : : : : : : : : : : : : : : : : : : : : : : : : : 68 4.2.5 Long Message Second Preimage Attack : : : : : : : : : : : : : 70 4.2.6 Fixed Point Attack : : : : : : : : : : : : : : : : : : : : : : : : 72 vi Page 4.3 New Constructions : : : : : : : : : : : : : : : : : : : : : : : : : : : : 73 4.3.1 The Wide-Pipe Hash and Double-Pipe Hash : : : : : : : : : : 73 4.3.2 Prefix-Free Merkle-Damg˚ard : : : : : : : : : : : : : : : : : : : 76 4.3.3 Enveloped Merkle-Damg˚ard : : : : : : : : : : : : : : : : : : : 78 4.3.4 The Hash Iterative Framework : : : : : : : : : : : : : : : : : : 79 4.3.5 Randomized Hashing: RMX : : : : : : : : : : : : : : : : : : : 82 4.3.6 3C and 3C-X : : : : : : : : : : : : : : : : : : : : : : : : : : : 83 5 A Dynamic Hash Function Construction : : : : : : : : : : : : : : : : : : : 87 5.1 Construction Description : : : : : : : : : : : : : : : : : : : : : : : : : 88 5.1.1 Initial Value Creation : : : : : : : : : : : : : : : : : : : : : : : 90 5.1.2 Message Processing : : : : : : : : : : : : : : : : : : : : : : : : 90 5.1.3 Message Padding : : : : : : : : : : : : : : : : : : : : : : : : : 91 5.1.4 Digest Creation : : : : : : : : : : : : : : : : : : : : : : : : : : 92 5.1.5 Security Parameter Bounds : : : : : : : : : : : : : : : : : : : 93 5.2 The Security of This Construction : : : : : : : : : : : : : : : : : : : : 93 5.2.1 Dynamic Preimage Resistance : : : : : : : : : : : : : : : : : : 97 5.2.2 Dynamic Collision Resistance : : : : : : : : : : : : : : : : : : 100 5.2.3 Security Parameter Collision Resistance : : : : : : : : : : : : 104 5.2.4 Digest Resistance : : : : : : : : : : : : : : : : : : : : : : : : : 105 5.3 Expanding the Digest Size Beyond 4n : : : : : : : : : : : : : : : : : : 106 5.4 Additional Properties : : : : : : : : : : : : : : : : : : : : : : : : : : : 108 5.5 Provisions for Adding Salt : : : : : : : : : : : : : : : : : : : : : : : : 109 5.6 Preventing the Multi-Collision Attack : : : : : : : : : : : : : : : : : : 110 5.7 Implementation Issues : : : : : : : : : : : : : : : : : : : : : : : : : : 111 5.7.1 Speed Comparison : : : : : : : : : : : : : : : : : : : : : : : : 112 6 Summary : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 114 6.1 Conclusion : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 114 6.2 Future Work : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 115 vii Page LIST OF REFERENCES : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 117 A Additional Experiments for Dynamic Hash Function Security Properties : : 124 B Birthday Attacks : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 127 B.1 Preimage : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 127 B.2 Collision : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 128 B.3 k-Collisions : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 129 VITA : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 131 viii LIST OF TABLES Table Page 1.1 Symbols and their description. : : : : : : : : : : : : : : : : : : : : : : 11 1.2 Variables and their description. : : : : : : : : : : : : : : : : : : : : : 12 2.1 The seven notions of security for traditional hash functions. : : : : : 24 5.1 The relative speed of the dynamic hash function construction. : : : : 112 ix LIST OF FIGURES Figure
Recommended publications
  • Cryptographic Hash Functions and Message Authentication Code

    Cryptographic Hash Functions and Message Authentication Code

    Cryptographic Hash Functions and Message Authentication Code Thierry Sans Cryptographic hashing H m1 m2 x1 m3 x2 H(m) = x is a hash function if • H is one-way function • m is a message of any length • x is a message digest of a fixed length ➡ H is a lossy compression function necessarily there exists x, m1 and m2 | H(m1) = H(m2) = x Computational complexity m H x • Given H and m, computing x is easy (polynomial or linear) • Given H and x, computing m is hard (exponential) ➡ H is not invertible Preimage resistance and collision resistance m H x PR - Preimage Resistance (a.k.a One Way) ➡ given H and x, hard to find m e.g. password storage 2PR - Second Preimage Resistance (a.k.a Weak Collision Resistance) ➡ given H, m and x, hard to find m’ such that H(m) = H(m’) = x e.g. virus identification CR - Collision Resistance (a.k.a Strong Collision Resistance) ➡ given H, hard to find m and m’ such that H(m) = H(m’) = x e.g. digital signatures CR → 2PR and CR → PR Hash functions in practice IV n’ bits n bits n’ bits Common hash functions m H x Name SHA-2 SHA-3 MD5 SHA-1 Variant SHA-224 SHA-256 SHA-384 SHA-512 SHA3-224 SHA3-256 SHA3-384 SHA3-512 Year 1992 1993 2001 2012 Guido Bertoni, Joan Daemen, Michaël Designer Rivest NSA NSA Peeters, and Gilles Van Assche Input 512 512 512 512 1024 1024 1152 1088 832 576 n bits Output 128 160 224 256 384 512 224 256 384 512 n’ bits Speed 6.8 11.4 15.8 17.7 12.5 cycle/byte Considered Broken yes yes no no How to hash long messages ? Merkle–Damgård construction m split m in blocks of n bits and add padding p n bits m1
  • Diamondoid Mechanosynthesis Prepared for the International Technology Roadmap for Productive Nanosystems

    Diamondoid Mechanosynthesis Prepared for the International Technology Roadmap for Productive Nanosystems

    IMM White Paper Scanning Probe Diamondoid Mechanosynthesis Prepared for the International Technology Roadmap for Productive Nanosystems 1 August 2007 D.R. Forrest, R. A. Freitas, N. Jacobstein One proposed pathway to atomically precise manufacturing is scanning probe diamondoid mechanosynthesis (DMS): employing scanning probe technology for positional control in combination with novel reactive tips to fabricate atomically-precise diamondoid components under positional control. This pathway has its roots in the 1986 book Engines of Creation, in which the manufacture of diamondoid parts was proposed as a long-term objective by Drexler [1], and in the 1989 demonstration by Donald Eigler at IBM that individual atoms could be manipulated by a scanning tunelling microscope [2]. The proposed DMS-based pathway would skip the intermediate enabling technologies proposed by Drexler [1a, 1b, 1c] (these begin with polymeric structures and solution-phase synthesis) and would instead move toward advanced DMS in a more direct way. Although DMS has not yet been realized experimentally, there is a strong base of experimental results and theory that indicate it can be achieved in the near term. • Scanning probe positional assembly with single atoms has been successfully demonstrated in by different research groups for Fe and CO on Ag, Si on Si, and H on Si and CNHCH3. • Theoretical treatments of tip reactions show that carbon dimers1 can be transferred to diamond surfaces with high fidelity. • A study on tip design showed that many variations on a design turn out to be suitable for accurate carbon dimer placement. Therefore, efforts can be focused on the variations of tooltips of many kinds that are easier to synthesize.
  • Nanorobot Construction Crews

    Nanorobot Construction Crews

    Nanorobot Construction Crews Jaeseung Jeong, Ph.D Department of Bio and Brain engineering, KAIST Nanorobotics • Nanorobotics is the technology of creating machines or robots atltthit or close to the microscopi c scal lfe of a nanomet res (10-9 metres). More specifically, nanorobotics refers to the still largely ‘hypothetical’ nanotechnology engineering discipline of designing and building nanorobots. • Nanorobots ((,,nanobots, nanoids, nanites or nanonites ) would be typically devices ranging in size from 0.1-10 micrometers and constructed of nanoscale or molecular components. As no artificial non-biological nanorobots have yet been created, they remain a ‘hypothetical’ concept. • Another definition sometimes used is a robot which allows precision interactions with nanoscale objects , or can manipulate with nanoscale resolution. • Followingggpp this definition even a large apparatus such as an atomic force microscope can be considered a nanorobotic instrument when configured to perform nanomanipulation. • Also, macroscalble robots or mi crorob ots which can move wi th nanoscale precision can also be considered nanorobots. The T-1000 in Terminator 2: Judggyment Day • Since nanorobots would be microscopic in size , it would probably be necessary for very large numbers of them to work together to perform microscopic and macroscopic tasks. • These nanorobot swarms are fdifound in many sci ence fi fitiction stories, such as The T-1000 in Terminator 2: Judgment Day, nanomachine i n Meta l G ear So lid. • The word "nanobot" (also "nanite",,g, "nanogene", or "nanoant") is often used to indicate this fictional context and is a n info rma l o r eve n pejo rat ive term to refer to the engineering concept of nanorobots.
  • Grostl-Comment-April28.Pdf

    Grostl-Comment-April28.Pdf

    Some notes on Grøstl John Kelsey, NIST, April 2009 These are some quick notes on some properties and observations of Grøstl. Nothing in this note threatens the hash function; instead, I'm pointing out some properties that are a bit surprising, and some broad approaches someone might take to get attacks to work. I've discussed these with the Grøstl team, and gotten quite a bit of useful feedback. I'm pretty sure they agree that my observations are correct, but obviously, any errors here are mine alone. 1 Grøstl Compression Function The Grøstl compression function is built from two different fixed permutations, P and Q, on 2n bits, where n is the final hash output size. The design is quite interesting; among other things, this (like LANE and Luffa, among others) takes away the key schedule as a way of affecting things inside P and Q. Here is a picture of the Grøstl compression function: M Q v u w Y + P + Z In this diagram, I've labeled the input hash chaining value Y, the output Z, and the message M. Similarly, I have introduced variables for the internal values inside the compression function--u, v, and w. I'll use this notation a lot in the next few pages to simplify discussion. To write this in terms of equations: u = Y xor M v = Q(M) w = P(u) Z = v xor w xor Y or, in a shorter form: Z = Q(M) xor P(Y xor M) xor Y It's important to remember here that all variables are 2n bits, so for a 256-bit hash, they're 512 bits each.
  • Methods and Tools for Analysis of Symmetric Cryptographic Primitives

    Methods and Tools for Analysis of Symmetric Cryptographic Primitives

    METHODSANDTOOLS FOR ANALYSIS OF SYMMETRICCRYPTOGRAPHIC PRIMITIVES Oleksandr Kazymyrov dissertation for the degree of philosophiae doctor the selmer center department of informatics university of bergen norway DECEMBER 1, 2014 A CKNOWLEDGMENTS It is impossible to thank all those who have, directly or indirectly, helped me with this thesis, giving of their time and experience. I wish to use this opportunity to thank some of them. Foremost, I would like to express my very great appreciation to my main supervisor Tor Helleseth, who has shared his extensive knowledge and expe- rience, and made warm conditions for the comfortable research in one of the rainiest cities in the world. I owe a great deal to Lilya Budaghyan, who was always ready to offer assistance and suggestions during my research. Advice given by Alexander Kholosha has been a great help in the early stages of my work on the thesis. My grateful thanks are also extended to all my friends and colleagues at the Selmer Center for creating such a pleasant environment to work in. I am particularly grateful to Kjell Jørgen Hole, Matthew G. Parker and Håvard Raddum for the shared teaching experience they provided. Moreover, I am very grateful for the comments and propositions given by everyone who proofread my thesis. In addition, I would like to thank the administrative staff at the Department of Informatics for their immediate and exhaustive solutions of practical issues. I wish to acknowledge the staff at the Department of Information Tech- nologies Security, Kharkiv National University of Radioelectronics, Ukraine, especially Roman Oliynykov, Ivan Gorbenko, Viktor Dolgov and Oleksandr Kuznetsov for their patient guidance, enthusiastic encouragement and useful critiques.
  • Diffie and Hellman Receive 2015 Turing Award Rod Searcey/Stanford University

    Diffie and Hellman Receive 2015 Turing Award Rod Searcey/Stanford University

    Diffie and Hellman Receive 2015 Turing Award Rod Searcey/Stanford University. Linda A. Cicero/Stanford News Service. Whitfield Diffie Martin E. Hellman ernment–private sector relations, and attracts billions of Whitfield Diffie, former chief security officer of Sun Mi- dollars in research and development,” said ACM President crosystems, and Martin E. Hellman, professor emeritus Alexander L. Wolf. “In 1976, Diffie and Hellman imagined of electrical engineering at Stanford University, have been a future where people would regularly communicate awarded the 2015 A. M. Turing Award of the Association through electronic networks and be vulnerable to having for Computing Machinery for their critical contributions their communications stolen or altered. Now, after nearly to modern cryptography. forty years, we see that their forecasts were remarkably Citation prescient.” The ability for two parties to use encryption to commu- “Public-key cryptography is fundamental for our indus- nicate privately over an otherwise insecure channel is try,” said Andrei Broder, Google Distinguished Scientist. fundamental for billions of people around the world. On “The ability to protect private data rests on protocols for a daily basis, individuals establish secure online connec- confirming an owner’s identity and for ensuring the integ- tions with banks, e-commerce sites, email servers, and the rity and confidentiality of communications. These widely cloud. Diffie and Hellman’s groundbreaking 1976 paper, used protocols were made possible through the ideas and “New Directions in Cryptography,” introduced the ideas of methods pioneered by Diffie and Hellman.” public-key cryptography and digital signatures, which are Cryptography is a practice that facilitates communi- the foundation for most regularly used security protocols cation between two parties so that the communication on the Internet today.
  • The Molecular Epair of the Rain, Part II by Ralph Merkle, Ph.D

    The Molecular Epair of the Rain, Part II by Ralph Merkle, Ph.D

    THIS ISSUE'S FEATURE: The Molecular epair of the rain, Part II By Ralph Merkle, Ph.D. Michael Perry, Ph.D. introduces us to "The Realities of Patient Storage" in this issue's For the Record lUS: Book Reviews, Relocation Reports, and Cryonics Fiction by Linda Dunn and Richard Shock ISSN 1054-4305 $4.50 "What is Cryonics?" Cryonics is the ultra-low-temperature preservation (biostasis) of terminal patients. The goal of biostasis and the technology of cryonics is the transport of today's terminal patients to a time in the future when cell and tissue repair technology will be available, and restoration to full function and health will be possible, a time when cures will exist for virtually all of today's diseases, including aging. As human knowledge and medical technology continue to expand in scope, people considered beyond hope of restoration (by today's medical standards) will be restored to health. (This historical trend is very clear.) The coming control over living systems should allow fabrication of new organisms and sub-cell-sized devices for repair and revival of patients waiting in cryonic suspension. The challenge for cryonicists today is to devise techniques that will ensure the patients' survival. Subscribe to CRY 0 ICS Magazine! CRYONICS magazine explores the practical, research, nanotechnology and molecular scientific, and social aspects of ultra­ engineering, book reviews, the physical low temperature pre­ format of memory and personality, the servation of humans. nature of identity, cryonics history, and As the quarterly much more. ·s FEAfURE' • .r h< • • f h THISISSUE oena\f'JI pu bl 1cat1on o t e •Ao\ecu\ar"' ~"h~>~'"''·~··o· C r If you're a first- The IV\ Bg Ra~1 RYfl'J\ Alcor Foundation-the THIS issuE's • ~L vJcs time subscriber, you p\1.\l.
  • Modes of Operation for Compressed Sensing Based Encryption

    Modes of Operation for Compressed Sensing Based Encryption

    Modes of Operation for Compressed Sensing based Encryption DISSERTATION zur Erlangung des Grades eines Doktors der Naturwissenschaften Dr. rer. nat. vorgelegt von Robin Fay, M. Sc. eingereicht bei der Naturwissenschaftlich-Technischen Fakultät der Universität Siegen Siegen 2017 1. Gutachter: Prof. Dr. rer. nat. Christoph Ruland 2. Gutachter: Prof. Dr.-Ing. Robert Fischer Tag der mündlichen Prüfung: 14.06.2017 To Verena ... s7+OZThMeDz6/wjq29ACJxERLMATbFdP2jZ7I6tpyLJDYa/yjCz6OYmBOK548fer 76 zoelzF8dNf /0k8H1KgTuMdPQg4ukQNmadG8vSnHGOVpXNEPWX7sBOTpn3CJzei d3hbFD/cOgYP4N5wFs8auDaUaycgRicPAWGowa18aYbTkbjNfswk4zPvRIF++EGH UbdBMdOWWQp4Gf44ZbMiMTlzzm6xLa5gRQ65eSUgnOoZLyt3qEY+DIZW5+N s B C A j GBttjsJtaS6XheB7mIOphMZUTj5lJM0CDMNVJiL39bq/TQLocvV/4inFUNhfa8ZM 7kazoz5tqjxCZocBi153PSsFae0BksynaA9ZIvPZM9N4++oAkBiFeZxRRdGLUQ6H e5A6HFyxsMELs8WN65SCDpQNd2FwdkzuiTZ4RkDCiJ1Dl9vXICuZVx05StDmYrgx S6mWzcg1aAsEm2k+Skhayux4a+qtl9sDJ5JcDLECo8acz+RL7/ ovnzuExZ3trm+O 6GN9c7mJBgCfEDkeror5Af4VHUtZbD4vALyqWCr42u4yxVjSj5fWIC9k4aJy6XzQ cRKGnsNrV0ZcGokFRO+IAcuWBIp4o3m3Amst8MyayKU+b94VgnrJAo02Fp0873wa hyJlqVF9fYyRX+couaIvi5dW/e15YX/xPd9hdTYd7S5mCmpoLo7cqYHCVuKWyOGw ZLu1ziPXKIYNEegeAP8iyeaJLnPInI1+z4447IsovnbgZxM3ktWO6k07IOH7zTy9 w+0UzbXdD/qdJI1rENyriAO986J4bUib+9sY/2/kLlL7nPy5Kxg3 Et0Fi3I9/+c/ IYOwNYaCotW+hPtHlw46dcDO1Jz0rMQMf1XCdn0kDQ61nHe5MGTz2uNtR3bty+7U CLgNPkv17hFPu/lX3YtlKvw04p6AZJTyktsSPjubqrE9PG00L5np1V3B/x+CCe2p niojR2m01TK17/oT1p0enFvDV8C351BRnjC86Z2OlbadnB9DnQSP3XH4JdQfbtN8 BXhOglfobjt5T9SHVZpBbzhDzeXAF1dmoZQ8JhdZ03EEDHjzYsXD1KUA6Xey03wU uwnrpTPzD99cdQM7vwCBdJnIPYaD2fT9NwAHICXdlp0pVy5NH20biAADH6GQr4Vc
  • Molecular Nanotechnology - Wikipedia, the Free Encyclopedia

    Molecular Nanotechnology - Wikipedia, the Free Encyclopedia

    Molecular nanotechnology - Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Molecular_manufacturing Molecular nanotechnology From Wikipedia, the free encyclopedia (Redirected from Molecular manufacturing) Part of the article series on Molecular nanotechnology (MNT) is the concept of Nanotechnology topics Molecular Nanotechnology engineering functional mechanical systems at the History · Implications Applications · Organizations molecular scale.[1] An equivalent definition would be Molecular assembler Popular culture · List of topics "machines at the molecular scale designed and built Mechanosynthesis Subfields and related fields atom-by-atom". This is distinct from nanoscale Nanorobotics Nanomedicine materials. Based on Richard Feynman's vision of Molecular self-assembly Grey goo miniature factories using nanomachines to build Molecular electronics K. Eric Drexler complex products (including additional Scanning probe microscopy Engines of Creation Nanolithography nanomachines), this advanced form of See also: Nanotechnology Molecular nanotechnology [2] nanotechnology (or molecular manufacturing ) Nanomaterials would make use of positionally-controlled Nanomaterials · Fullerene mechanosynthesis guided by molecular machine systems. MNT would involve combining Carbon nanotubes physical principles demonstrated by chemistry, other nanotechnologies, and the molecular Nanotube membranes machinery Fullerene chemistry Applications · Popular culture Timeline · Carbon allotropes Nanoparticles · Quantum dots Colloidal gold · Colloidal
  • Practical Forward Secure Signatures Using Minimal Security Assumptions

    Practical Forward Secure Signatures Using Minimal Security Assumptions

    Practical Forward Secure Signatures using Minimal Security Assumptions Vom Fachbereich Informatik der Technischen Universit¨atDarmstadt genehmigte Dissertation zur Erlangung des Grades Doktor rerum naturalium (Dr. rer. nat.) von Dipl.-Inform. Andreas H¨ulsing geboren in Karlsruhe. Referenten: Prof. Dr. Johannes Buchmann Prof. Dr. Tanja Lange Tag der Einreichung: 07. August 2013 Tag der m¨undlichen Pr¨ufung: 23. September 2013 Hochschulkennziffer: D 17 Darmstadt 2013 List of Publications [1] Johannes Buchmann, Erik Dahmen, Sarah Ereth, Andreas H¨ulsing,and Markus R¨uckert. On the security of the Winternitz one-time signature scheme. In A. Ni- taj and D. Pointcheval, editors, Africacrypt 2011, volume 6737 of Lecture Notes in Computer Science, pages 363{378. Springer Berlin / Heidelberg, 2011. Cited on page 17. [2] Johannes Buchmann, Erik Dahmen, and Andreas H¨ulsing.XMSS - a practical forward secure signature scheme based on minimal security assumptions. In Bo- Yin Yang, editor, Post-Quantum Cryptography, volume 7071 of Lecture Notes in Computer Science, pages 117{129. Springer Berlin / Heidelberg, 2011. Cited on pages 41, 73, and 81. [3] Andreas H¨ulsing,Albrecht Petzoldt, Michael Schneider, and Sidi Mohamed El Yousfi Alaoui. Postquantum Signaturverfahren Heute. In Ulrich Waldmann, editor, 22. SIT-Smartcard Workshop 2012, IHK Darmstadt, Feb 2012. Fraun- hofer Verlag Stuttgart. [4] Andreas H¨ulsing,Christoph Busold, and Johannes Buchmann. Forward secure signatures on smart cards. In Lars R. Knudsen and Huapeng Wu, editors, Se- lected Areas in Cryptography, volume 7707 of Lecture Notes in Computer Science, pages 66{80. Springer Berlin Heidelberg, 2013. Cited on pages 63, 73, and 81. [5] Johannes Braun, Andreas H¨ulsing,Alex Wiesmaier, Martin A.G.
  • Broad View of Cryptographic Hash Functions

    Broad View of Cryptographic Hash Functions

    IJCSI International Journal of Computer Science Issues, Vol. 10, Issue 4, No 1, July 2013 ISSN (Print): 1694-0814 | ISSN (Online): 1694-0784 www.IJCSI.org 239 Broad View of Cryptographic Hash Functions 1 2 Mohammad A. AlAhmad , Imad Fakhri Alshaikhli 1 Department of Computer Science, International Islamic University of Malaysia, 53100 Jalan Gombak Kuala Lumpur, Malaysia, 2 Department of Computer Science, International Islamic University of Malaysia, 53100 Jalan Gombak Kuala Lumpur, Malaysia Abstract Cryptographic hash function is a function that takes an arbitrary length as an input and produces a fixed size of an output. The viability of using cryptographic hash function is to verify data integrity and sender identity or source of information. This paper provides a detailed overview of cryptographic hash functions. It includes the properties, classification, constructions, attacks, applications and an overview of a selected dedicated cryptographic hash functions. Keywords-cryptographic hash function, construction, attack, classification, SHA-1, SHA-2, SHA-3. Figure 1. Classification of cryptographic hash function 1. INTRODUCTION CRHF usually deals with longer length hash values. An A cryptographic hash function H is an algorithm that takes an unkeyed hash function is a function for a fixed positive integer n * arbitrary length of message as an input {0, 1} and produce a which has, as a minimum, the following two properties: n fixed length of an output called message digest {0, 1} 1) Compression: h maps an input x of arbitrary finite bit (sometimes called an imprint, digital fingerprint, hash code, hash length, to an output h(x) of fixed bit length n.
  • HCAHF: a New Family of CA-Based Hash Functions

    HCAHF: a New Family of CA-Based Hash Functions

    (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 10, No. 12, 2019 HCAHF: A New Family of CA-based Hash Functions Anas Sadak1, Fatima Ezzahra Ziani2, Bouchra Echandouri3, Charifa Hanin4, Fouzia Omary5 Faculty of Science, Mohammed V University Rabat, Morocco Abstract—Cryptographic hash functions (CHF) represent a The article is organized as follows: in Section 2, a core cryptographic primitive. They have application in digital background on cellular automata and hash functions is signature and message authentication protocols. Their main included. In Section 3, some related works are presented. building block are Boolean functions. Those functions provide Section 4 details the hashing scheme proposed. In Section 5, pseudo-randomness and sensitivity to the input. They also help the result of the different statistical tests and the cryptographic prevent and lower the risk of attacks targeted at CHF. Cellular properties of cellular automata are provided. Next, in Section 6 automata (CA) are a class of Boolean functions that exhibit good a security analysis is performed. Finally, Section 7 summarizes cryptographic properties and display a chaotic behavior. In this the article. article, a new hash function based on CA is proposed. A description of the algorithm and the security measures to II. BACKGROUND increase the robustness of the construction are presented. A security analysis against generic and dedicated attacks is A. Cryptographic Hash Functions (CHF) included. It shows that the hashing algorithm has good security Cryptographic hash functions with good security properties features and meet the security requirements of a good hashing represent a significant part of cryptography. They are the basis scheme.