We revisit narrow-pipe designs that are in practical use, and their security against preimage attacks. Our results are the best known preimage attacks on Tiger, MD4, and reduced SHA-2, with the result on Tiger being the first cryptanalytic shortcut attack on the full hash function. Our attacks runs in time 2 for finding preimages, and 2 for second-preimages. Both have memory requirement of orde...

This paper describes a meet-in-the-middle (MITM) attack against the round reduced versions of the block cipher mCrypton-64/96/128. We construct a 4-round distinguisher and lower the memory requirement from 2 to 2 using the differential enumeration technique. Based on the distinguisher, we launch a MITM attack on 7-round mCrypton-64/96/128 with complexities of 2 64-bit blocks and 2 encryptions. ...

A main contribution of this paper is an improved analysis against HMAC instantiating with reduced Whirlpool. It recovers equivalent keys, which are often denoted as Kin and Kout, of HMAC with 7-round Whirlpool, while the previous best attack can work only for 6 rounds. Our approach is applying the meet-in-the-middle (MITM) attack on AES to recover MAC keys of Whirlpool. Several techniques are p...

Maelstrom-0 is the second member of a family of AES-based hash functions whose designs are pioneered by Paulo Baretto and Vincent Rijmen. According to its designers, the function is designed to be an evolutionary lightweight alternative to the ISO standard Whirlpool. In this paper, we study the preimage resistance of the Maelstrom-0 hash function using its proposed 3CM chaining construction. Mo...

Solar power (SP) passive optical network (PON)-based fiber-wireless (FiWi) access systems are becoming increasingly popular as they provide coverage to rural and urban areas where no grid exists. Secure operation of such networks which includes solar- and/or battery-powered devices, is crucial for anticipating potential issues prolong the life operation. Since units (ONUs) may be powered by SP-...

Deep Neural Networks (DNNs) are vulnerable to deliberately crafted adversarial examples. In the past few years, many efforts have been spent on exploring query-optimisation attacks find examples of either black-box or white-box DNN models, as well defending countermeasures against those attacks. this article, we explore vulnerabilities models under umbrella Man-in-the-Middle (MitM) attacks, whi...

The security community seems to be thoroughly familiar with man-in-the-middle attacks. However, the common perception of this type of attack is outdated. It originates from when network connections were fixed, not mobile, before 24/7 connectivity became ubiquitous. The common perception of this attack stems from an era before the vulnerability of the protocol’s context was realised. Thanks to r...

Non-malleability is an important security property of commitment schemes. The property means security against the man-in-the-middle attack, and it is defined and proved in the simulation paradigm using the corresponding simulator. Many known non-malleable commitment schemes have the common drawback that their corresponding simulators do not work in a straight-line manner, requires rewinding of ...