A New Hash Competition

Since the discovery of collision attacks against several well-known cryptographic hash functions in 2004, a rush of new cryptanalytic results cast doubt on the current hash function standards. The relatively new NIST SHA-2 standards aren't yet immediately threatened, but their long-term viability is now in question. The US National Institute of Standards and Technology (NIST) has therefore begun an international competition to select a new SHA-3 standard. This article outlines the competition, its rules, the requirements for the hash function candidates, and the process that NIST will use to select the final winning SHA-3 standard.     

SHA-3候选算法Keccak的Matlab设计与实现

由KIST发起的新一代Hash函数标准SHA-3的全球公开征集过程目前已进入最后一轮筛选,Kcccak是进入最后一轮的J个候选者之一。介绍了Keccak算法及特点,给出了一种基于Matlab、带有图形界面GUI的Keccak程序设计与实现过程。本程序既可用于实际的Keccak Hash值运算,最重要的是为Keccak的教学与研究提供了一个方便直观的工具。     

Cryptographic hash standards: where do we go from here?

Successful attacks against the two most commonly used cryptographic hash functions, MD5 and SHA-1, have triggered a kind of feeding frenzy in the cryptographic community. Many researchers are now working on hash function attacks, and we can expect new results in this area for the next several years. This article discusses the SHA-1 attack and the US National Institute of Standards and Technology's (NIST's) plans for SHA-1 and hash functions in general.     

Hash key-based image encryption using crossover operator and chaos

This paper proposes a color image encryption scheme using one-time keys based on crossover operator, chaos and the Secure Hash Algorithm(SHA-2). The (SHA-2) is employed to generate a 256-bit hash value from both the plain-image and the secret hash keys to make the key stream change in each encryption process. The SHA-2 value is employed to generate three initial values of the chaotic system. The permutation-diffusion process is based on the crossover operator and XOR operator, respectively. Experimental results and security analysis show that the scheme can achieve good encryption result through only one round encryption process, the key space is large enough to resist against common attacks,so the scheme is reliable to be applied in image encryption and secure communication.     

Second order collision for the 42-step reduced DHA-256 hash function

At the Cryptographic Hash Workshop hosted by NIST in 2005, Lee et al. proposed the DHA-256 (Double Hash Algorithm-256) hash function. The design of DHA-256 builds upon the design of SHA-256, but introduces additional strengthening features such as optimizing the message expansion and step function against local collision attacks. Previously, DHA-256 was analyzed by J. Zhong and X. Lai, who presented a preimage attack on 35 steps of the compression function with complexity 2^239.6. In addition, the IAIK Krypto Group provided evidence that there exists a 9-step local collision for the DHA-256 compression function with probability higher than previously predicted. In this paper, we analyze DHA-256 in the context of higher order differential attacks. In particular, we provide a practical distinguisher for 42 out of 64 steps and give an example of a colliding quartet to validate our results.     

一类不平衡Feistel密码的安全性能分析

为评估一类不平衡Feistel密码的安全性能,通过列举的方法,对该密码抵抗差分密码分析和线性密码分析的能力进行了深入的研究。在轮函数是双射的假设条件下,证明了3,4,6,8,10,2r（r≥3）轮密码分别至少有1,1,3,4,5,r个轮函数的输入差分非零,从而若设轮函数的最大差分和线性逼近的概率分别为p和q,则2r（r≥3）轮密码的差分特征和线性特征的概率分别以pr和qr为上界。     

一类分组密码的安全性能研究

为评估一类分组密码的安全性能,通过列举的方法,对该分组密码抵抗差分密码分析的能力进行了深入的研究。在轮函数是双射的假设条件下,证明了3,4,6,9,12,4r轮分组密码分别至少有1,2,2,4,6,2r个轮函数的输入差分非零;从而若设轮函数的最大差分概率为p,则3,4,6,9,12,4r轮分组密码的差分特征的概率分别以p,p2,p2,p4,p6,p2r为上界。     

NIST新HASH算法征集活动综述

随着SHA-1漏洞被发现,对新的HASH算法的需求日渐突出。NIST专门对此召开两次研讨会,并举办了新算法征集活动,旨在发展新的HASH函数。该文对有关活动进行了综述,特别是对新算法的质量要求进行了分析。     

基于Matlab的Hash算法BLAKE的设计与实现

Hash算法I3工AKE是新一代安全Hash标准SHA-3全球公开征集过程中进入最后一轮的5个候选者之一。 给出一种基于Matlab的带有图形界面GUI的BLAKE程序的设计与实现过程。本程序可用于实际的BLAKE Hash 值的运算,最重要的是为BLAKE的教学与实验提供了更方便直观的工具。     

轻量级分组密码Pyjamask的不可能差分分析

Pyjamask是美国国家技术标准研究院征选后量子时代轻量级密码算法中进入第二轮的候选分组密码,对其抵抗现在流行的不可能差分分析分析为未来在实际系统中使用起到重要的作用.提出一些2.5轮不可能差分链并分析它们的结构特点和攻击效率,在一些最有效的不可能差分链的前后各接1轮和半轮,形成4轮Py-jamask多重不可能差分攻击路径.攻击结果表明Pyjamask的行混淆运算扩散性比较强,能较好地抵抗不可能差分分析,此结果是对Pyjamask安全性分析的一个重要补充.     

可重构计算平台上SHA系列函数的优化实现

针对当前哈希函数算法标准和应用需求不同的现状,以及同一系统对安全性可能有着不同的要求,采用可重构的设计思想,在对SHA-1、SHA-256、SHA-512三种哈希函数的不同特征进行深入分析的基础上,总结归纳出统一的处理模型。根据不同的要求,每一种SHA(SHA-1、SHA-256、SHA-512)系列哈希函数都可以单独灵活地执行。使用流水线,并在关键路径进行加法器的优化,提高了算法的吞吐率。并且使用效能比的概念,与M3服务器对比,可重构平台的效能比比通用服务器高很多。     

Hardware implementation analysis of SHA-256 and SHA-512 algorithms on FPGAs

Hash functions are common and important cryptographic primitives, which are very critical for data integrity assurance and data origin authentication security services. Field programmable gate arrays (FPGAs) being reconfigurable, flexible and physically secure are a natural choice for implementation of hash functions in a broad range of applications with different area-performance requirements. In this paper, we explore alternative architectures for the implementation of hash algorithms of the secure hash standards SHA-256 and SHA-512 on FPGAs and study their area-performance trade-offs. As several 64-bit adders are needed in SHA-512 hash value computation, new architectures proposed in this paper implement modulo-64 addition as modulo-32, modulo-16 and modulo-8 additions with a view to reduce the chip area. Hash function SHA-512 is implemented in different FPGA families of ALTERA to compare their performance metrics such as area, memory, latency, clocking frequency and throughput to guide a designer to select the most suitable FPGA for an application. In addition, a common architecture is designed for implementing SHA-256 and SHA-512 algorithms.     

密码杂凑函数及其安全性分析

文章提出了针对密码杂凑函数及其安全性进行研究的重要意义,列举了单向杂凑函数、MD5、SHA-1等技术原理进行了技术分析,并从攻击手段入手,分析了密码杂凑函数的安全性,提出对SHA-1与MD-5的＂破解＂应客观看待的观点。     

后量子密码算法的侧信道攻击与防御综述

为解决量子计算对公钥密码安全的威胁,后量子密码成为密码领域的前沿焦点研究问题.后量子密码通过数学理论保证了算法安全性,但在具体实现和应用中易受侧信道攻击,这严重威胁到后量子密码的安全性.本文基于美国NIST第二轮候选算法和中国CACR公钥密码竞赛第二轮的候选算法,针对基于格、基于编码、基于哈希、基于多变量等多种后量子密码算法进行分类调研,分析其抗侧信道攻击的安全性现状和现有防护策略.为了深入分析后量子密码的侧信道攻击方法,按照算法核心算子和攻击类型进行分类,总结了针对各类后量子密码常用的攻击手段、攻击点及攻击评价指标.进一步,根据攻击类型和攻击点,梳理了现有防护策略及相应的开销代价.最后我们在总结部分,根据攻击方法、防护手段和防护代价提出了一些安全建议,并且还分析了未来潜在的侧信道攻击手段与防御方案.     

The NIST Cryptographic Workshop on Hash Functions

In light of recent breakthroughs on the cryptanalysis of hash functions, the US National Institute for Standards and Technology (NIST) organized a workshop to solicit input on the current status of the Secure Hash Algorithm-1 (SHA-1) family of hash functions.     

一类基于混沌函数的分组密码的安全性评估

评估了一类基于混沌函数的分组密码(generalized Feistel structure,简称GFS)抵抗差分密码分析和线性密码分析的能力.如果轮函数是双射且它的最大差分特征概率和线性逼近概率分别是p和q,则r轮GFS的最大差分特征和线性逼近的概率分别以p^r-1和q^r-1为其上界.     

基于明文相关的混沌映射与SHA-256算法数字图像的加密与监测

针对数字图像的传播安全性问题,以及数字图像加密脱离明文、过分依赖混沌系统的问题,提出了基于明文相关的混沌映射与SHA-256算法数字图像的加密与监测算法。算法通过使用SHA-256算法计算明文图像的哈希值,作为摘要来监测数字图像的传播;使用前向扩散、关联明文的置乱与后向扩散的方法对数字图像进行加密,Lorenz混沌映射产生相应的密码。结果表明该算法具有较好的抵抗各种攻击的能力,达到了图像传播的安全性与隐蔽性的目的。     

The parazoa family: generalizing the sponge hash functions

Sponge functions were introduced by Bertoni et?al. as an alternative to the classical Merkle-Damg?rd design. Many hash function submissions to the SHA-3 competition launched by NIST in 2007, such as CubeHash, Fugue, Hamsi, JH, Keccak and Luffa, derive from the original sponge design, and security guarantees from some of these constructions are typically based on indifferentiability results. Although indifferentiability proofs for these designs often bear significant similarities, these have so far been obtained independently for each construction. In this work, we introduce the parazoa family of hash functions as a generalization of “sponge-like” functions. Similarly to the sponge design, the parazoa family consists of compression and extraction phases. The parazoa hash functions, however, extend the sponge construction by enabling the use of a wider class of compression and extraction functions that need to satisfy certain properties. More importantly, we prove that the parazoa functions satisfy the indifferentiability notion of Maurer et?al. under the assumption that the underlying permutation is ideal. Not surprisingly, our indifferentiability result confirms the bound on the original sponge function, but it also carries over to a wider spectrum of hash functions and eliminates the need for a separate indifferentiability analysis.     

A novel hash function based fragile watermarking method for image integrity

In recent years, tampering and altering of digital images have become easier with the rapid development of computer technologies such as digital image editing tools. Therefore, verification of image integrity and tamper detection of digital images have become a great challenge. Fragile watermarking is the most widely used method for protecting the integrity and content authenticity of the image. In this paper, by using SHA-256 hash function, a novel block based fragile watermark embedding and tamper detection method is proposed. In watermark embedding phase, host image is divided into 32?×?32 non-overlapped blocks. Each 32?×?32 block is then divided into four 16?×?16 nonoverlapped sub-blocks. The entire hash value of the first three sub-blocks is generated as a watermark using SHA-256 hash function. The generated 256-bit binary watermark is embedded into the least significant bits (LSBs) of the fourth sub-block and watermarked image is obtained. In tamper detection phase, the detection of tampered block has been performed by comparing the hash value obtained from the three sub-blocks with the extracted watermark from the fourth sub-block of the watermarked image. The performance of the proposed method has been evaluated by applying linear and nonlinear attacks to the different regions of the watermarked images. Experimental results show that the proposed method detects all the tampered regions of the attacked images and high visual quality of watermarked images has been obtained.

     

Encrypted separable reversible watermarking with authentication and error correction

Reversible Watermarking (RW) in encrypted images helps to reconstruct the original content and embedded data without distortion while protecting the owner’s privacy. The security and integrity of embedded data is very much demanding. In this paper, an efficient RW method is proposed that recovers the embedded data from the marked encrypted color palette images in the presence of attacks. In this method, embeddable color-triples are constructed by employing color partitioning. Next, the cryptographic SHA-256 hash and Bose–Chaudhuri–Hocquenghem (BCH) are applied over the secret information to ensure the authenticity and integrity. The hash authenticated secret data is embedded into the encrypted color palette image. The secret data is extracted using the separable color partitioning method and authenticated with cryptographic hash function. The proposed method has higher embedding capacity when compared to other relative schemes. The BCH codes helps to recover the secret data and cover image in the presence of noise and attacks.