S : a Flexible Coding for Tree Hashing
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Tivaware Peripheral Driver Library User's Guide
TivaWare™ Peripheral Driver Library USER’S GUIDE SW-TM4C-DRL-UG-2.0 Copyright © 2006-2013 Texas Instruments Incorporated Copyright Copyright © 2006-2013 Texas Instruments Incorporated. All rights reserved. Tiva and TivaWare are trademarks of Texas Instruments Instruments. ARM and Thumb are registered trademarks and Cortex is a trademark of ARM Limited. Other names and brands may be claimed as the property of others. Please be aware that an important notice concerning availability, standard warranty, and use in critical applications of Texas Instruments semicon- ductor products and disclaimers thereto appears at the end of this document. Texas Instruments 108 Wild Basin, Suite 350 Austin, TX 78746 www.ti.com/tiva-c Revision Information This is version 2.0 of this document, last updated on August 29, 2013. 2 August 29, 2013 Table of Contents Table of Contents Copyright ..................................................... 2 Revision Information ............................................... 2 1 Introduction ................................................. 7 2 Programming Model ............................................ 11 2.1 Introduction .................................................. 11 2.2 Direct Register Access Model ....................................... 11 2.3 Software Driver Model ............................................ 12 2.4 Combining The Models ........................................... 13 3 Analog Comparator ............................................ 15 3.1 Introduction ................................................. -
Keccak, More Than Just SHA3SUM
Keccak, More Than Just SHA3SUM Guido Bertoni1 Joan Daemen1 Michaël Peeters2 Gilles Van Assche1 1STMicroelectronics 2NXP Semiconductors FOSDEM 2013, Brussels, February 2-3, 2013 1 / 36 Outline 1 How it all began 2 Introducing Keccak 3 More than just SHA3SUM 4 Inside Keccak 5 Keccak and the community 2 / 36 How it all began Outline 1 How it all began 2 Introducing Keccak 3 More than just SHA3SUM 4 Inside Keccak 5 Keccak and the community 3 / 36 How it all began Let’s talk about hash functions... ??? These are “hashes” of some sort, but they ain’t hash functions... 4 / 36 How it all began Cryptographic hash functions ∗ h : f0, 1g ! f0, 1gn Input message Digest MD5: n = 128 (Ron Rivest, 1992) SHA-1: n = 160 (NSA, NIST, 1995) SHA-2: n 2 f224, 256, 384, 512g (NSA, NIST, 2001) 5 / 36 How it all began Why should you care? You probably use them several times a day: website authentication, digital signature, home banking, secure internet connections, software integrity, version control software, … 6 / 36 How it all began Breaking news in crypto 2004: SHA-0 broken (Joux et al.) 2004: MD5 broken (Wang et al.) 2005: practical attack on MD5 (Lenstra et al., and Klima) 2005: SHA-1 theoretically broken (Wang et al.) 2006: SHA-1 broken further (De Cannière and Rechberger) 2007: NIST calls for SHA-3 Who answered NIST’s call? 7 / 36 How it all began Keccak Team to the rescue! 8 / 36 How it all began The battlefield EDON-R BMW Sgàil LANE Grøstl ZK-Crypt Keccak Maraca NKS2D Hamsi MeshHash MD6 Waterfall StreamHash ECOH EnRUPT Twister Abacus MCSSHA3 WaMM Ponic -
NEWS of LONG AGO. Crop Control Solving the Problem. Oot of Contol
ttife bAVIE AfccoRb lS TfeE 6LDEST PAPER IN DAVIE CDUNtV AND CIRCULATES IN 30 CF THE 48 STATES. THE PAPER THAT THE PEOPLEftftAD. “HERE SHALL THE PRESS. THE PEOPLE’S RIGHTS MAINTAIN: UNAWED BY INFLUENCE AND UNBRIBED BY GAIN.*’ VOLUMN X L. MOCKSVILLE, NORTH CAROLINA, WEDNESDAY. FEBRUARY 1 . 1939 ; *- ' NUMBER 2 8 NEWS OF LONG AGO. Crop Control No Women In Tbe Legis Some Little Stingers W hat’s the Answer? 44 Years Ago. Far bo it from us to tell the far By EDWARD FINCH From The'Yeliow Jacket. From The Yellow Jacket. Vhal V at Happening In Davie lature. mers of the tobacco and cotton belt WANTED: To know where Folks boiled coffee and;settled it The North Carolina General As Before The New Deal Used Up how big an acreage they shall plant President Roosevelt has laid bis with an egg. sembly is without a woman mem but it sfems that the Lord placed unbalanced budget. 'Ladies rqjfle .on'side-saddles. The Alphabet, Drowned The ber for the first time in 10 years the land here to raise the bountiful The Republican Elephant boosts Little Johnnie worse brasstoeb and the third t :me during the. '10 Hogs and Plowed Up The crons and it is not up to mere man business, upward; the New Deal boots and daddy wore brogans. regular sessions since woman suff Cotton and Corn. to say what he shall plant, how Jackass tears it down Leeches operated more frequently rage went into effect 18 years ago much he shall plant, and the kind Did yon ever stop to realize that than the surgeon's knife. -
Classification of the SHA-3 Candidates
Classification of the SHA-3 Candidates Ewan Fleischmann1, Christian Forler1;2, and Michael Gorski1 1 Bauhaus-University Weimar fEwan.Fleischmann, [email protected] 2 Sirrix AG security technologies [email protected] Version 0.90 April 19, 2009 Abstract. In this note we give an overview on the current state of the SHA-3 candidates. First, we classify all publicly known candidates and, second, we outline and summarize the performance data as given in the candidates documentation for 64-bit and 32-bit implementations. We define performance classes and classify the hash algorithms. Note, that this article will be updated as soon as new can- didates arrive or new cryptanalytic results get published. Comments to the authors of this article are welcome. Keywords: hash function, SHA-3, classification. 1 Introduction The design of secure and practical hash functions is of great interest since most practical hash functions, like MD5 [82], SHA-0 [78] or SHA-1 [76] have been broken. Due to the SHA- 3 competition [75], many new proposals for hash function primitives have been submitted to become the new SHA-3 algorithm. This article is organized as follows: In Section 2 we define criteria that we will use to classify the SHA-3 candidate algorithms. In Section 3 we give an overview of the software performance claimed by the algorithm's authors. 2 Classification of the SHA-3 Candidates We have defined in the following some attributes including characteristics that are used in our classification. Tables 1-2 show all SHA-3. The attribute characteristics \X" means that the SHA-3 candidate has the attribute and\-" that the SHA-3 candidate does not have it. -
Vysoké Učení Technické V Brně Hashovací Funkce A
View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Digital library of Brno University of Technology VYSOKÉ U ČENÍ TECHNICKÉ V BRN Ě BRNO UNIVERSITY OF TECHNOLOGY FAKULTA ELEKTROTECHNIKY A KOMUNIKA ČNÍCH TECHNOLOGIÍ ÚSTAV TELEKOMUNIKACÍ FACULTY OF ELECTRICAL ENGINEERING AND COMMUNICATION DEPARTMENT OF TELECOMMUNICATIONS HASHOVACÍ FUNKCE A JEJICH VYUŽITÍ PŘI AUTENTIZACI HASH FUNCTION AND THEIR USAGE IN USER AUTHENTICATION DIPLOMOVÁ PRÁCE MASTER´S THESIS AUTOR PRÁCE Bc. IGOR PILLER AUTHOR VEDOUCÍ PRÁCE Ing. JAN HAJNÝ SUPERVISOR BRNO 2009 Abstrakt Práce se zabývá hashovacími funkcemi a jejich využitím p ři autentizaci. Obsahuje základní teorii o hashovacích funkcích a popis jejich základních konstruk čních prvk ů. Konkrétn ě se práce zam ěř uje na hashovací funkce LMHash, MD4, MD5 a funkce z rodiny SHA, které porovnává z hlediska bezpe čnosti. Práce obecn ě popisuje nejpoužívan ější útoky na hashovací funkce, poukazuje na slabiny sou časné konstrukce a nabízí výhled do budoucnosti hashovacích funkcí. Dále práce nasti ňuje problematiku autentizace a popisuje použití hashovacích funkcí v této oblasti. V praktické části je realizován obecný autentiza ční rámec v programovacím jazyce C#. Výsledkem realizace jsou klientská a serverová aplikace, na kterých byly úsp ěšn ě vyzkoušeny dv ě vybrané autentiza ční metody. P ři realizaci bylo dbáno na flexibilitu řešení a možné budoucí využití jiných metod autentizace. Klí čová slova: hash, hashovací funkce, autentizace, LMHash, MD4, MD5, SHA Abstract This thesis concerns with hash functions and their usage in authentication. It presents basics of hash functions theory and construction elements. In particular the thesis focuses on LMHash, MD4, MD5 and SHA family hash functions, which are compared from the security point of view. -
Authentication Protocols in Pervasive Computing
Authentication protocols in pervasive¡ computing Nguyen Hoang Long University College University of Oxford A thesis submitted for the degree of Doctor of Philosophy Hilary Term 2009 Abstract The popularity of personal computing devices (e.g. smart cards) exposes users to risks, notably identity theft, and creates new requirements for secure communication. A recently proposed approach to creating secure communication is to use human trust and human interactions. These approaches potentially eliminate the need for passwords as in Blue- tooth, shared secrets or trusted parties, which are often too complex and expensive to use in portable devices. In this new technology, handheld devices exchange data (e.g. payment, heart rates or public keys) over some medium (e.g. WiFi) and then display a short and non-secret digest of the protocol's run that the devices' human owners manually compare to ensure they agree on the same data, i.e. human interactions are used to prevent fraud. In this thesis, we present several new protocols of this type which are designed to optimise the work required of humans to achieve a given level of security. We discover that the design of these protocols is influenced by several principles, including the ideas of commitment without knowledge and separation of security concerns, where random and cryptographic attacks should be tackled separately. Underpinning the technology is a new cryptographic function, termed a keyed digest func- tion, which produces a short number for humans to compare. This is similar to the notion of a universal hash function, but its output length is shorter (e.g. -
Intelligent Transportation Systems (Its)
U.S. Department of Transportation Federal Highway Administration INTELLIGENT TRANSPORTATION SYSTEMS (ITS) Information Security Analysis November 1997 Intelligent Transportation Systems Joint Program Office Notice This document is disseminated under the sponsorship of the Department of Transportation in the interest of information exchange. The United States Government assumes no liability for its contents or use thereof. Technical Report Documentation Page 1. Report No. 2. Government Accession No. FHWA-JPO-98-009 4. Title and Subtitle November, 1997 Intelligent Transportation Systems (ITS) Information Security Analysis 6. Performing Organization Code 8. Performing Organization Report No. 7. Author(s) Keith Biesecker, Elizabeth Foreman, Kevin Jones, Barbara Staples 9. Performing Organization Name and Address 10. Work Unit No. (TRAIS) Mitretek Systems 7525 Colshire Drive 11. Contract or Grant No. McLean, VA DTFH61- -95-C-00040 13. Type of Report and Period Covered 12. Sponsoring Agency Name and Address Department of Transportation FHWA Intelligent Transportation Systems Joint Program Office 400 Seventh Street, S.W. - Room 3422 14. Sponsoring Agency Code Washington, DC. 20590 HVH-1 15. Supplementary Notes William S. Jones 16. Abstract The Intelligent Transportation Systems (ITS) program is the application of information technologies (computing, sensing, and communications) to surface transportation. Because of a reliance on these technologies, ITS will become increasingly dependent on information security. By understanding how to achieve and maintain secure systems, the ITS community can develop comprehensive information security practices and appropriate security policies for ITS programs. Subsequently, they can put these into practice. This document presents the results from an information security analysis that was based on the National ITS Architecture. -
Department of Homeland Security ��������������������������
Department of Homeland Security �������������������������� Management Advisory Report: A Guide for Assessing Cybersecurity within the Office of Inspector General Community This report was prepared on behalf of Council of the Inspectors General on Integrity and Efficiency. OIG-14-43 February 2014 OFFICE OF INSPECTOR GENERAL Department of Homeland Security Washington, DC 20528 I www.oig.dhs.gov February 24, 2014 MEMORANDUM FOR: Council ofthe Inspectors General on Integrity and n~ONc- FROM: 4arlton I. Mann Chief Operating Officer SUBJECT: Management Advisory Report: A Guide for Assessing Cybersecurity Within the Office of Inspector General Community The Council ofthe Inspectors General on Integrity and Efficiency {CIGIE) tasked the Cybersecurity Working Group with undertaking a review in which it would examine the role of the Inspector General community in current Federal cybersecurity initiatives. CIGIE proposed that the Cybersecurity Working Group work under the auspices of the Information Technology (IT) Committee. As a member of the IT Committee, the Department of Homeland Security (DHS) Office of Inspector General (OIG) was asked to lead and coordinate the Cybersecurity Working Group's efforts in identifying the Inspector Generals' cybersecurity oversight role. I am pleased to provide CIGIE with a high-level audit guide that can be used as a baseline for cyber and IT security-related reviews conducted by the Inspector General community. The guide is based on the subject matter expertise of DHS OIG IT audit managers and specialists, legal research, and a review of applicable websites and audit programs developed within the OIG community. The intent ofthis guide is to provide a foundation for conducting cybersecurity and IT system security-related audits. -
A Study on RAM Requirements of Various SHA-3 Candidates on Low-Cost 8-Bit Cpus
A Study on RAM Requirements of Various SHA-3 Candidates on Low-cost 8-bit CPUs Kota Ideguchi1, Toru Owada1, Hirotaka Yoshida12 1 Systems Development Laboratory, Hitachi, Ltd., 292 Yoshida-cho, Totsuka-ku, Yokohama-shi, Kanagawa-ken, 244-0817 Japan [email protected] 2 Katholieke Universiteit Leuven, Dept. ESAT/SCD-COSIC, Kasteelpark Arenberg 10, B–3001 Heverlee, Belgium Abstract. In this paper, we compare the implementation costs of vari- ous SHA-3 candidates on low-cost 8-bit CPUs by estimating RAM/ROM requirements of them. As a first step toward this kind of research, in our comparison, we make reasonable estimations of RAM/ROM require- ments of them which can be done without implementation. 1 Introduction A cryptographic hash algorithm is an algorithm that takes input strings of ar- bitrary length and maps them to short output strings of fixed length. In November 2007, the US National Institute of Standards and Technology (NIST) opened a public competition to develop a new hash algorithm. The competition is NIST’s response to recent advances in the cryptanalysis of hash algorithms. The new hash algorithm will be referred to as SHA-3. In November 2008, the first round of the competition started. NIST received 64 submissions for the competition. After NIST internal reviews of them, 51 were selected for meeting the minimum submission requirements, and accepted as the First Round Candidates. In the first round technical evaluation, NIST performs various tests such as an efficiency analysis on the NIST reference platform (a common PC) and NIST also invites the public to compare results on additional platforms (e.g., 8-bit processors, Digital Signal Processors, dedicated CMOS etc.). -
Team-Fly® the SSCP® Prep Guide Mastering the Seven Key Areas of System Security
Y L F M A E T Team-Fly® The SSCP® Prep Guide Mastering the Seven Key Areas of System Security Debra S. Isaac Michael J. Isaac Ronald D. Krutz, Consulting Editor The SSCP® Prep Guide Mastering the Seven Key Areas of System Security Debra S. Isaac Michael J. Isaac Ronald D. Krutz, Consulting Editor Publisher: Robert Ipsen Executive Editor: Carol Long Assistant Developmental Editor: Scott Amerman Editorial Manager: Kathryn A. Malm Managing Editor: Angela Smith Text Composition: John Wiley Composition Services This book is printed on acid-free paper. ∞ Copyright © 2003 by Wiley Publishing, Inc., Indianapolis, Indiana. All rights reserved. Published simultaneously in Canada No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rose- wood Drive, Danvers, MA 01923, (978) 646-8700, fax (978) 646-8700. Requests to the Pub- lisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4447, E-mail: [email protected]. Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. -
Design Rational
The SANDstorm Hash Mark Torgerson and Richard Schroeppel Tim Draelos, Nathan Dautenhahn, Sean Malone, Andrea Walker, Michael Collins, Hilarie Orman* Cryptography and Information Systems Surety Department Sandia National Laboratories P.O. Box 5800 Albuquerque, New Mexico 87185-0785 *Purple Streak, Inc. 500 S. Maple Dr. Woodland Hills, UT 84653 Sandia is a multiprogram laboratory operated by Sandia Corporation, a Lockheed Martin Company, for the United States Department of Energy’s National Nuclear Security Administration under Contract DE-AC04-94AL85000. Page 1 of 39 Table of Contents 1. Introduction..................................................................................................................... 3 Design Overview ............................................................................................................ 4 Notation and Conventions............................................................................................... 4 2. The SANDstorm Padding and Message Length ............................................................. 6 3. The SANDstorm Mode................................................................................................... 6 SANDstorm Mode Description....................................................................................... 7 SANDstorm Mode Performance..................................................................................... 9 Choice of Superblock Size............................................................................................ 10 4.