Automated Techniques for Hash Function and Block Cipher Cryptanalysis (Automatische technieken voor hashfunctie- en blokcijfercryptanalyse)
نویسنده
چکیده
The main purpose of science is simplicity, and as we understand more things, everything is becoming simpler. Edward Teller Cryptography is the study of mathematical techniques that ensure the confidentiality and integrity of information. This relatively new field started out as classified military technology, but has now become commonplace in our daily lives. Cryptography is not only used in banking cards, secure websites and electronic signatures, but also in public transport cards, car keys and garage door openers. Two building blocks in the domain of cryptography are block ciphers and (cryptographic) hash functions. Block ciphers use a secret key to transform a plaintext into a ciphertext, in such a way that this secret key is needed to recover the original plaintext. Hash functions transform an arbitrary-length message into a fixed-length hash value. These hash values can serve as “fingerprints” for the original messages: it should be infeasible to find two distinct messages with the same hash value (a collision). Yet, Wang et al. recently showed that finding collisions is feasible for MD5 and SHA-1, two of the most commonly used hash functions today. Although the SHA-2 family currently remains unbroken, its design is very similar. For this reason, the United States National Institute of Standards and Technology (NIST) launched an international competition for a new hash function standard: SHA-3. The research performed in this Ph.D. thesis closely follows the evaluation period of the SHA-3 competition. Results were obtained for hash functions ARIRANG, BLAKE, ESSENCE, Hamsi, Khichidi-1, LUX, Sarmal, Skein and TIB3. Outside of the competition, results were also obtained for a simplified version of the hash function HAS-V. In the area of cryptographic theory, observations were made on the resistance of regular hash functions against the birthday attack. The most commonly used hash functions: MD5, SHA-1 and SHA-2, as well two out of the five SHA-3 finalists (BLAKE and Skein) use operations such as addition modulo 2, exclusive OR, bitwise Boolean functions, bit shifts and bit rotations. Dissatisfied with commonly used ad hoc techniques to analyze such constructions, we introduced the framework of S-functions to allow for a simple and automated analysis. Recently, meet-in-the-middle attacks became a very popular way to analyze block ciphers and hash functions. We constructed a novel variant of this technique, and applied it in an automated way to the block ciphers XTEA and GOST. Our attacks require very few known plaintext-ciphertext pairs.
منابع مشابه
Impossible Differential Cryptanalysis of Reduced-Round Midori64 Block Cipher (Extended Version)
Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differ- ential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be either 64 bits for Midori64 or 128 bits for Midori128; however, both vers...
متن کاملRecent Methods for Cryptanalysis of Symmetric-key Cryptographic Algorithms (Recente Methoden voor de Cryptanalyse van Symmetrische-sleutel Cryptografische Algoritmen)
Cryptography is the art and science of secret communication. In the past it has been exclusively the occupation of the military. It is only during the last forty years that the study and practice of cryptography has reached the wide public. Nowadays, cryptography is not only actively studied in leading universities as part of their regular curriculum, but it is also widely used in our everyday ...
متن کاملBicliques for Preimages: Attacks on Skein-512 and the SHA-2 Family
We present a new concept of biclique as a tool for preimage attacks, which employs many powerful techniques from differential cryptanalysis of block ciphers and hash functions. The new tool has proved to be widely applicable by inspiring many authors to publish new results of the full versions of AES, KASUMI, IDEA, and Square. In this paper, we show how our concept leads to the first cryptanaly...
متن کاملCryptanalysis and design of symmetric primitives
This thesis focuses on the cryptanalysis and the design of block ciphers and hash functions. The thesis starts with an overview of methods for cryptanalysis of block ciphers which are based on differential cryptanalysis. We explain these concepts and also several combinations of these attacks. We propose new attacks on reduced versions of ARIA and AES. Furthermore, we analyze the strength of th...
متن کاملHeW: a Hash Function based on lightweight Block cipher FeW
A new hash function HeW: A hash function based on light weight block cipher FeW is proposed in this paper. The compression function of HeW is based on block cipher FeW. It is believed that key expansion algorithm of block cipher slows down the performance of the overlying hash function. Thereby, block ciphers become a less favourable choice to design a compression function. As a countermeasure,...
متن کامل