The paper discusses the security of compression function and hash function with Merkle-Damg̊ard construction and provides the complexity bound of finding a collision and primage of hash function based on the condition probability of compression function y = F (x, k). we make a conclusion that in Merkle-Dammåard construction, the requirement of free start collision resistant and free start collis...

The goal of this paper is to analyze the security of dithered variants of the Merkle-Damgård mode of operation that use a third input to indicate the position of a block in the message to be hashed. These modes of operation for hash functions have been proposed to avoid some structural weaknesses of the Merkle-Damgard paradigm, e.g. that second preimages can be constructed in much less than 2 w...

Chosen-target-forced-prefix (CTFP) preimage resistance is a hash function security property guaranteeing the inability of an attacker to commit to a hash function outcome h without knowing the prefix of the message to be hashed in advance. At EUROCRYPT 2006, Kelsey and Kohno described the herding attack against the Merkle-Damg̊ard design that results in a CTFP-preimage of length about n/3 blocks...

In this paper we propose a method to construct logarithmic signatures which are not amalgamated transversal and further do not even have a periodic block. The latter property was crucial for the successful attack on the system MST 3 by Blackburn et al. [1]. The idea for our construction is based on the theory in Szabó’s book about group factorizations [12].

In this paper we present adaptive key recovery attacks on NTRU-based somewhat homomorphic encryption schemes. Among such schemes, we study the proposal by Bos et al [BLLN13] in 2013. Given access to a decryption oracle, the attack allows us to compute the private key for all parameter choices. Such attacks show that one must be very careful about the use of homomorphic encryption in practice. T...

Chaskey is a Message Authentication Code (MAC) for 32bit microcontrollers proposed by Mouha et. al at SAC 2014. Its underlying blockcipher uses an Even-Mansour construction with a permutation based on the ARX methodology. In this paper, we present key-recovery attacks against Chaskey in the single and multi-user setting. These attacks are based on recent work by Fouque, Joux and Mavromati prese...

To attack a well-known occlusion problem of conventional optical see-through displays, we have been developing ELMO (an Enhanced optical seethrough display using an LCD panel for Mutual Occlusion). The latest prototype display under construction has a real-time rangefinder as well as an embedded light-blocking mechanism, thereby presents a mixed reality environment with correct mutual occlusion...

This paper shows a surprising similarity between the construction of, respectively, impossible differentials and square distinguishers. This observation is illustrated by comparing two attacks on IDEA (Biham & al., FSE’99 [2], Nakahara & al., 2001 [7]). Using this similarity, we also derive a 16-round square distinguisher on Skipjack, directly based on the impossible differential attack present...

In this paper we show that we are close at the proof that the type of characteristics used by Biham and Shamir in their diierential attack on DES 3] are in fact the best characteristics we can nd for DES. Furthermore we show that the criteria for the construction of DES-like S-boxes proposed by Kim 6] are insuucient to assure resistance against diierential attacks. We show several good iterativ...

The Denial of Service Testing Framework (dosTF) being developed as part of the joint India-Australia research project for ‘Protecting Critical Infrastructure from Denial of Service Attacks’ allows for the construction, monitoring and management of emulated Distributed Denial of Service attacks using modest hardware resources. The purpose of the testbed is to study the effectiveness of different...