Your search keyword '"Collision attack"' showing total 942 results

1. Collision Attacks on Hashing Modes of Areion

Author

Taiyama, Kodai, Sakamoto, Kosei, Shiba, Rentaro, Isobe, Takanori, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Kohlweiss, Markulf, editor, Di Pietro, Roberto, editor, and Beresford, Alastair, editor

Published

2025

2. Collision-Based Attacks on White-Box Implementations of the AES Block Cipher

Author

Lu, Jiqiang, Wang, Mingxue, Wang, Can, Yang, Chen, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Smith, Benjamin, editor, and Wu, Huapeng, editor

Published

2024

3. A Closer Look at the S-Box: Deeper Analysis of Round-Reduced ASCON-HASH

Author

Yu, Xiaorui, Liu, Fukang, Wang, Gaoli, Sun, Siwei, Meier, Willi, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Carlet, Claude, editor, Mandal, Kalikinkar, editor, and Rijmen, Vincent, editor

Published

2024

4. High-Order Collision Attack Vulnerabilities in Montgomery Ladder Implementations of RSA

Author

Varillon, Arnaud, Sauvage, Laurent, Danger, Jean-Luc, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Regazzoni, Francesco, editor, Mazumdar, Bodhisatwa, editor, and Parameswaran, Sri, editor

Published

2024

5. Cryptanalysis Of A Type Of White-Box Implementations Of The SM4 Block Cipher.

Author

Lu, Jiqiang, Li, Jingyu, Chen, Zexuan, and Li, Yanan

Subjects

*CRYPTOGRAPHY, *BLOCK ciphers, *LINEAR systems, *BOOLEAN functions, *BLOCK codes

Abstract

The SM4 block cipher is a Chinese national standard and an ISO international standard. Since white-box cryptography has many real-life applications nowadays, a few white-box implementations of SM4 has been proposed, among which a type of constructions is dominated, which uses a linear or affine diagonal block encoding to protect the original three 32-bit branches entering a round function and uses its inverse as the input encoding to the S-box layer. In this paper, we analyse the security of this type of constructions against Lepoint et al.'s collision-based attack method. Our experiment under a small fraction of (encodings, round key) combinations shows that the rank of the concerned linear system is much less than the number of the involved unknowns, meaning these white-box SM4 implementations should resist Lepoint et al.'s method, but we leave it as an open problem whether there are such encodings that the rank of the corresponding linear system is slightly less than the number of the involved unknowns, in which scenario Lepoint et al.'s method may be used to recover a round key for the case with linear encodings and to remove most white-box operations until mainly some Boolean masks for the case with affine encodings. [ABSTRACT FROM AUTHOR]

Published

2024

6. Improved 2-round collision attack on IoT hash standard ASCON-HASH

Author

Di Zhai, Wei Bai, Jianding Fu, Hongjian Gao, and Xueqiong Zhu

Subjects

IoT, ASCON, ASCON-HASH, Collision attack, Lightweight cryptograph, Science (General), Q1-390, Social sciences (General), H1-99

Abstract

Lightweight cryptography algorithms are a class of ciphers designed to protect data generated and transmitted by the Internet of Things. They typically have low requirements in terms of storage space and power consumption, and are well-suited for resource-limited application scenarios such as embedded systems, actuators, and sensors. The NIST-approved competition for lightweight cryptography aims to identify lightweight cryptographic algorithms that can serve as standards. Its objective is to enhance data security in various scenarios. Among the chosen standards for lightweight cryptography, ASCON has been selected. ASCON-HASH is a hash function within the ASCON family. This paper presents a detailed analysis of the differential characteristics of ASCON-HASH, utilizing the quadratic S-box. Additionally, we employ message modification techniques and ultimately demonstrate a non-practical collision attack on the 2-round ASCON-HASH, requiring a time complexity of 298 hash function calls.

Published

2024

7. Cryptanalysis of Two White-Box Implementations of the CLEFIA Block Cipher

Author

Lu, Jiqiang, Wang, Can, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Wang, Ding, editor, Liu, Zheli, editor, and Chen, Xiaofeng, editor

Published

2023

8. Collision Attacks on Round-Reduced SHA-3 Using Conditional Internal Differentials

Author

Zhang, Zhongyi, Hou, Chengan, Liu, Meicheng, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Hazay, Carmit, editor, and Stam, Martijn, editor

Published

2023

9. Analysis of RIPEMD-160: New Collision Attacks and Finding Characteristics with MILP

Author

Liu, Fukang, Wang, Gaoli, Sarkar, Santanu, Anand, Ravi, Meier, Willi, Li, Yingxin, Isobe, Takanori, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Hazay, Carmit, editor, and Stam, Martijn, editor

Published

2023

10. Related-Key Differential Cryptanalysis of GMiMC Used in Post-Quantum Signatures

Author

Chen, Shiyao, Guo, Chun, Guo, Jian, Liu, Li, Wang, Meiqin, Wei, Puwen, Xu, Zeyu, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Seo, Seung-Hyun, editor, and Seo, Hwajeong, editor

Published

2023

11. Search framework for neutral bits and boomerangs in SHA‐1 collision attacks

Author

Degang Li, Yang Yang, and Guang Zeng

Subjects

collision attack, cryptography, message searching, SHA‐1, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Neutral bits and boomerangs are key techniques for accelerating collision search in SHA‐1 attacks. The current acceleration techniques for SHA‐1 near‐collision attacks are reviewed and a generic search framework for neutral bits and boomerangs is presented. The framework can efficiently construct auxiliary paths for a given differential path and message bit relations and find and store ideal boomerangs. The framework was applied to free‐start attacks for 76‐step SHA‐1, and the complexity was reduced from 250.25 ${2}^{50.25}$ to 247.9 ${2}^{47.9}$. Relaxing the boomerang's restrictions on message words, the authors propose an accelerating technique termed semi‐boomerangs, combined with the search framework of boomerangs, which increases the speed of collision search by 3.48 times in a free‐start attack for 80‐step SHA‐1 and the complexity for 80‐step attack was reduced from 257.5 ${2}^{57.5}$ to 255.7 ${2}^{55.7}$.

Published

2023

12. Improved attacks against reduced-round Whirlwind.

Author

Wei, Congming, Dong, Bingyou, Hua, Jialiang, Dong, Xiaoyang, and Zhang, Guoyan

Subjects

WHIRLWINDS, TIME complexity

Abstract

The Whirlwind hash function was proposed by Barreto et al. (Des Codes Cryptogr 56(2–3):141–162, 2010, https://doi.org/10.1007/s10623-010-9391-y). In this paper, we focus on preimage and collision attacks on reduced-round Whirlwind. With the help of MILP models, a 7-round pseudo-preimage attack is presented. Then we revisit the framework of Ma et al. and successfully improve the preimage attack on 4-round Whirlwind with time complexity reduced from 2 497 to 2 417 . Meanwhile, by using quantum algorithms, we find a quantum collision attack on 5-round Whirlwind, which improves running time from 2 190.5 to 2 127.15 comparing to standard BHT algorithm while using the same amount of quantum memory. Also, semi-free-start collision of Whirlwind compression function is improved from 6 round to 7 round, while keeping complexity unchanged. [ABSTRACT FROM AUTHOR]

Published

2023

13. 结合 EDCA和 CPA的容错双向选择攻击.

Author

张美玲, 尚利蓉, and 郑 东

Abstract

Copyright of Journal of Frontiers of Computer Science & Technology is the property of Beijing Journal of Computer Engineering & Applications Journal Co Ltd. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2023

14. Search framework for neutral bits and boomerangs in SHA‐1 collision attacks.

Author

Li, Degang, Yang, Yang, and Zeng, Guang

Subjects

CRYPTOGRAPHY, VOCABULARY

Abstract

Neutral bits and boomerangs are key techniques for accelerating collision search in SHA‐1 attacks. The current acceleration techniques for SHA‐1 near‐collision attacks are reviewed and a generic search framework for neutral bits and boomerangs is presented. The framework can efficiently construct auxiliary paths for a given differential path and message bit relations and find and store ideal boomerangs. The framework was applied to free‐start attacks for 76‐step SHA‐1, and the complexity was reduced from 250.25 ${2}^{50.25}$ to 247.9 ${2}^{47.9}$. Relaxing the boomerang's restrictions on message words, the authors propose an accelerating technique termed semi‐boomerangs, combined with the search framework of boomerangs, which increases the speed of collision search by 3.48 times in a free‐start attack for 80‐step SHA‐1 and the complexity for 80‐step attack was reduced from 257.5 ${2}^{57.5}$ to 255.7 ${2}^{55.7}$. [ABSTRACT FROM AUTHOR]

Published

2023

15. Deep self-learning based dynamic secret key generation for novel secure and efficient hashing algorithm.

Author

Ullah, Fasee and Pun, Chi-Man

Subjects

*MACHINE learning, *ALGORITHMS, *DEEP learning, *TEXT messages, *VIDEO compression

Abstract

The hash function is an efficient source of the integrity and authentication of input text and other data messages (image & audio-video) in the cryptography field. Existing hashing algorithms are time-consuming and vulnerable to collision attacks, birthday attacks, meet-in-the-middle attacks, and key search attacks. In this context, we propose an innovative and secure hash algorithm that uses self-learning neurons during the implementation phase. Firstly, the proposed deep learning hashing algorithm accepts the variable length (ln) of the input text and image messages (im) at the input layer 0 and divides the whole input (M) into four characters, represented as message pair (MP). If the last MP contains less than four characters, have been completed by the assumption of the special cases and processed via the OR logical operation. Subsequently, the proposed pattern matching-swapping methods have resolved the conflict of the repeated characters in each MP. Secondly, the proposed novel dynamic secret keys are generated for each MP by introducing a skip and select basic conditions by omitting the consecutive 0's or 1's in key selection. Thirdly, upon successfully processing the phases above, the proposed novel hashing algorithm generates collision-free hash values using forwarding and backward propagation. Experimental results show that our proposed hashing algorithm is efficient and significantly outperforms in terms of sensitivity generated in hash output, speed, and collision resistance compared to the existing state-of-the-art hashing algorithms. [ABSTRACT FROM AUTHOR]

Published

2023

16. Cryptanalysis of Two White-Box Implementations of the SM4 Block Cipher

Author

Lu, Jiqiang, Li, Jingyu, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Liu, Joseph K., editor, Katsikas, Sokratis, editor, Meng, Weizhi, editor, Susilo, Willy, editor, and Intan, Rolly, editor

Published

2021

17. Near and Far Collision Attack on Masked AES

Author

Yang, Xiaoya, Niu, Yongchuan, Tang, Qingping, Zhang, Jiawei, Ding, Yaoling, Wang, An, Kacprzyk, Janusz, Series Editor, Pal, Nikhil R., Advisory Editor, Bello Perez, Rafael, Advisory Editor, Corchado, Emilio S., Advisory Editor, Hagras, Hani, Advisory Editor, Kóczy, László T., Advisory Editor, Kreinovich, Vladik, Advisory Editor, Lin, Chin-Teng, Advisory Editor, Lu, Jie, Advisory Editor, Melin, Patricia, Advisory Editor, Nedjah, Nadia, Advisory Editor, Nguyen, Ngoc Thanh, Advisory Editor, Wang, Jun, Advisory Editor, Liu, Qi, editor, Liu, Xiaodong, editor, Shen, Tao, editor, and Qiu, Xuesong, editor

Published

2021

18. Meet-in-the-Middle Attacks Revisited: Key-Recovery, Collision, and Preimage Attacks

Author

Dong, Xiaoyang, Hua, Jialiang, Sun, Siwei, Li, Zheng, Wang, Xiaoyun, Hu, Lei, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Malkin, Tal, editor, and Peikert, Chris, editor

Published

2021

19. Quantum Collision Attacks on Reduced SHA-256 and SHA-512

Author

Hosoyamada, Akinori, Sasaki, Yu, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Malkin, Tal, editor, and Peikert, Chris, editor

Published

2021

20. Investigating the Avalanche Effect of Various Cryptographically Secure Hash Functions and Hash-Based Applications

Author

Darshana Upadhyay, Nupur Gaikwad, Marzia Zaman, and Srinivas Sampalli

Subjects

Avalanche effect, cryptographically secure hash functions, SAC (Strict Avalanche Criterion), BIC (Bit Independence Criterion), message authentication code, collision attack, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In modern cryptography, hash functions are considered as one of the key components for secure communication. They play a vital role in a wide range of applications such as ensuring the authentication and integrity of the data, in forensic investigation, password storage, random number generations for unique session keys, and for creating a unified view in blockchain. The Avalanche effect (also known as diffusion) is an important characteristic of a hash function where a minor change in the hash function’s input will result in a significantly different output. The absence of this property implies that the hash function is vulnerable to various attacks such as collision attack, length extension attack, and preimage attack. Through this research, we have investigated the Avalanche effect of sixteen hash functions and two hash-based applications, namely Hash-based Message Authentication Code (HMAC) and Public Key Cryptography Standards (PKCS). To measure the performance of these hash functions and hash-based applications, we have implemented a generic circuit using CrypTool for automating the simulation process for multiple trials. Simulation results indicate that around half of the inputs of each hash function failed to exhibit the Strict Avalanche Criterion (SAC) and, Bit Independence Criterion (BIC). Moreover, we ranked the hash functions based on Multi Criteria Decision Metrics (MCDM) using intermediate states of simulation results. Furthermore, a total of fifteen statistical tests were carried out to evaluate the randomization property of the hash functions using NIST (National Institute of Standards and Technology) toolkit. This study is aimed to open up a future scope of research to the need for improvement of various hash functions by analyzing the randomization and non-correlation properties of existing functions in terms of the Avalanche effect.

Published

2022

21. Enhanced Side-Channel Analysis on ECDSA Employing Fixed-Base Comb Method.

Author

Jin, Sunghyun, Cho, Sung Min, Kim, HeeSeok, and Hong, Seokhie

Subjects

*LEAK detection, *MICROCONTROLLERS, *COMPUTER crimes, *DIGITAL signatures, *MULTIPLICATION

Abstract

Table-based scalar multiplication provides practical security for ECDSA signature generation. However, a novel key recovery attack against this form of ECDSA signature generation that exploits the collisions between entries was recently proposed at CHES 2021. This attack is possible even if table entries are unknown, such as with random permutated entry ordering. In this paper, we enhance the efficiency of the key recovery attack against secure ECDSA signature generation based on fixed-base comb scalar multiplication. We significantly reduce the required number of traces by compressing collision information using the mathematical relationship between table entry collisions. We verify this is a practical threat by performing an experiment on fixed-base comb method with window width $w=4$ w = 4 . Using our method, up to 27 traces are needed, much fewer than 1,019 traces required in the CHES publication. We cluster real traces measured using 32-bit STM32F4 microcontroller. In the experiment, we provide a selection method of points of interest using variance traces and unsupervised clustering-based leakage detection. With the selection method, we succeed in clustering leakages into 16 classes with a 100% success rate with 32-bit MCU. This represents the first experiment to cluster the more leakage classes with a 32-bit MCU than in literature. [ABSTRACT FROM AUTHOR]

Published

2022

22. Finding Collisions against 4-Round SHA-3-384 in Practical Time

Author

Senyang Huang, Orna Agmon Ben-Yehuda, Orr Dunkelman, and Alexander Maximov

Subjects

SHA-3 hash function, collision attack, deduce-and-sieve algorithm, SAT solver, Computer engineering. Computer hardware, TK7885-7895

Abstract

The Keccak sponge function family, designed by Bertoni et al. in 2007, was selected by the U.S. National Institute of Standards and Technology (NIST) in 2012 as the next generation of Secure Hash Algorithm (SHA-3). Due to its theoretical and practical importance, cryptanalysis of SHA-3 has attracted a lot of attention. Currently, the most powerful collision attack on SHA-3 is Jian Guo et al.’s linearisation technique. However, this technique is infeasible for variants with a smaller input space, such as SHA-3-384. In this work we improve upon previous results by utilising three ideas which were not used in previous works on collision attacks against SHA-3. First, we use 2-block messages instead of 1-block messages, to reduce constraints and increase flexibility in our solutions. Second, we reduce the connectivity problem into a satisfiability (SAT) problem, instead of applying the linearisation technique. Finally, we propose an efficient deduce-and-sieve algorithm on the basis of two new non-random properties of the Keccak non-linear layer. The resulting collision-finding algorithm on 4-round SHA-3-384 has a practical time complexity of 259.64 (and a memory complexity of 245.94). This greatly improves upon the best known collision attack so far: Dinur et al. achieved an impractical 2147 time complexity. Our attack does not threaten the security margin of the SHA-3 hash function. However, the tools developed in this paper could be used to analyse other cryptographic primitives as well as to develop new and faster SAT solvers.

Published

2022

23. A comprehensive review of the security flaws of hashing algorithms

Author

Sadeghi-Nasab, Alireza and Rafe, Vahid

Published

2023

24. Efficient Collision Attack Frameworks for RIPEMD-160

Author

Liu, Fukang, Dobraunig, Christoph, Mendel, Florian, Isobe, Takanori, Wang, Gaoli, Cao, Zhenfu, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Woeginger, Gerhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Boldyreva, Alexandra, editor, and Micciancio, Daniele, editor

Published

2019

25. Cryptanalysis of a white‐box SM4 implementation based on collision attack.

Author

Wang, Rusi, Guo, Hua, Lu, Jiqiang, and Liu, Jianwei

Subjects

CRYPTOGRAPHY, DIGITAL rights management, BLOCK ciphers, STRATEGIC planning, COMPUTER software

Abstract

White‐box cryptography is to primarily protect the key of a cipher from being extracted in a white‐box scenario, where an adversary has full access to the execution environment of software implementation. Since the introduction of white‐box cryptography, a number of white‐box implementations of the Chinese SM4 block cipher standard have been proposed, and all of them have been attacked based on Billet et al.'s attack. In this study, we show that collision‐based attack can work more efficiently on Shi et al.'s white‐box SM4 implementation than the previously published attacks, by devising an attack with a time complexity of 223, significantly reducing the previously known time complexity of 249 to a very practical level. Our attack can also be similarly applied to some other white‐box SM4 implementations. [ABSTRACT FROM AUTHOR]

Published

2022

26. Improvement on a Masked White-Box Cryptographic Implementation

Author

Seungkwang Lee and Myungchul Kim

Subjects

White-box cryptography, AES, DCA, collision attack, bucketing attack, countermeasure, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

White-box cryptography is a software technique to protect secret keys of cryptographic algorithms from attackers who have access to memory. By adapting techniques of differential power analysis to computation traces consisting of runtime information, Differential Computation Analysis (DCA) has recovered the secret keys from white-box cryptographic implementations. In order to thwart DCA, a masked white-box implementation was suggested. It was a customized masking technique that randomizes all the values in the lookup tables with different masks. However, the round output was only permuted by byte encodings, not protected by masking. This is the main reason behind the success of DCA variants on the masked white-box implementation. In this paper, we improve the masked white-box cryptography in such a way to protect against DCA variants by obfuscating the round output with random masks. Specifically, we introduce a white-box AES (WB-AES) implementation applying the masking technique to the key-dependent intermediate value and the several outer-round outputs computed by partial bits of the key. Our analysis and experimental results show that the proposed WB-AES can protect against DCA variants including DCA with a 2-byte key guess, collision, and bucketing attacks. This work requires approximately 3.7 times the table size and 0.7 times the number of lookups compared to the previous masked WB-AES.

Published

2020

27. Novel Key Recovery Attack on Secure ECDSA Implementation by Exploiting Collisions between Unknown Entries

Author

Sunghyun Jin, Sangyub Lee, Sung Min Cho, HeeSeok Kim, and Seokhie Hong

Subjects

Public-key cryptography, Digital signature, ECDSA, Scalar multiplication, Side-channel analysis, Collision attack, Computer engineering. Computer hardware, TK7885-7895, Information technology, T58.5-58.64

Abstract

In this paper, we propose a novel key recovery attack against secure ECDSA signature generation employing regular table-based scalar multiplication. Our attack exploits novel leakage, denoted by collision information, which can be constructed by iteratively determining whether two entries loaded from the table are the same or not through side-channel collision analysis. Without knowing the actual value of the table entries, an adversary can recover the private key of ECDSA by finding the condition for which several nonces are linearly dependent by exploiting only the collision information. We show that this condition can be satisfied practically with a reasonable number of digital signatures and corresponding traces. Furthermore, we also show that all entries in the pre-computation table can be recovered using the recovered private key and a sufficient number of digital signatures based on the collision information. As case studies, we find that fixed-base comb and T_SM scalar multiplication are vulnerable to our attack. Finally, we verify that our attack is a real threat by conducting an experiment with power consumption traces acquired during T_SM scalar multiplication operations on an ARM Cortex-M based microcontroller. We also provide the details for validation process.

Published

2021

28. Multiple-Differential Mechanism for Collision-Optimized Divide-and-Conquer Attacks.

Author

Ou, Changhai, Zhou, Chengju, Lam, Siew-Kei, and Jiang, Guiyuan

Abstract

Several combined attacks have shown promising results in recovering cryptographic keys by introducing collision information into divide-and-conquer attacks to transform a part of the best key candidates within given thresholds into a much smaller collision space. However, these Collision-Optimized Divide-and-Conquer Attacks (CODCAs) uniformly demarcate the thresholds for all sub-keys, which is unreasonable. Moreover, the inadequate exploitation of collision information and backward fault tolerance mechanisms of CODCAs also lead to low attack efficiency. Finally, existing CODCAs mainly focus on improving collision detection algorithms but lack theoretical basis. We exploit Correlation-Enhanced Collision Attack (CECA) to optimize Template Attack (TA). To overcome the above-mentioned problems, we first introduce guessing theory into TA to enable the quick estimation of success probability and the corresponding complexity of key recovery. Next, a novel Multiple-Differential mechanism for CODCAs (MD-CODCA) is proposed. The first two differential mechanisms construct collision chains satisfying the given number of collisions from several sub-keys with the fewest candidates under a fixed probability provided by guessing theory, then exploit them to vote for the remaining sub-keys. This guarantees that the number of remaining chains is minimal, and makes MD-CODCA suitable for very high thresholds. Our third differential mechanism simply divides the key into several large non-overlapping “blocks” to further exploit intra-block collisions from the remaining candidates and properly ignore the inter-block collisions, thus facilitating the later key enumeration. The experimental results show that MD-CODCA significantly reduces the candidate space and lowers the complexity of collision detection, without considerably reducing the success probability of attacks. [ABSTRACT FROM AUTHOR]

Published

2021

29. The Science of Guessing in Collision-Optimized Divide-and-Conquer Attacks.

Author

Ou, Changhai, Lam, Siew-Kei, and Jiang, Guiyuan

Subjects

*FAULT-tolerant computing, *COMPLEXITY (Philosophy), *CECUM

Abstract

Recovering keys ranked in very deep candidate space efficiently is a very important but challenging issue in side-channel attacks (SCAs). State-of-the-art collision-optimized divide-and-conquer attacks (CODCAs) extract collision information from a collision attack to optimize the key recovery of a divide-and-conquer attack, and transform the very huge guessing space to a much smaller collision space. However, the inefficient collision detection makes them time consuming. The very limited collisions exploited and large performance difference between the collision attack and the divide-and-conquer attack in CODCAs also prevent their application in much larger spaces. In this article, we propose a Minkowski distance enhanced collision attack (MDCA) with performance closer to template attack (TA) compared to traditional correlation-enhanced collision attack (CECA), thus making the optimization more practical and meaningful. Next, we build a more advanced CODCA named full-collision chain (FCC) from TA and MDCA to exploit all collisions. Moreover, to minimize the thresholds while guaranteeing a high success probability of key recovery, we propose a fault-tolerant scheme to optimize FCC. The full key is divided into several big “blocks,” on which a fault-tolerant vector (FTV) is exploited to flexibly adjust its chain space. Finally, guessing theory is exploited to optimize thresholds determination and search order of subkeys. Experimental results show that FCC notably outperforms the existing CODCAs. [ABSTRACT FROM AUTHOR]

Published

2021

30. An Efficient Collision Power Attack on AES Encryption in Edge Computing

Author

Yongchuan Niu, Jiawei Zhang, An Wang, and Caisen Chen

Subjects

Edge computing, collision attack, scalable collision, side-channel attack, linear layer, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Edge computing has become a promising paradigm for the context-aware and delay-sensitive IoT data analytics. For the sake of security, some cryptographic algorithms such as AES, RSA, and so on, are employed for the encryption communication and authentication. The collision power attack is a typical physical attack to recover the secret key of the AES algorithm. However, almost all collision attacks aim at the detection of internal collisions caused by the output of S-boxes, and the linear layers are not concerned with those protected implementations. The relation between the mask and the masked data has been given little attention and stays as is, where the leakages still exist. In this paper, we focus on three typical AES implementations in edge computing, and propose a new type of collision attack by making use of leakages from linear layers, which is capable of breaking masking schemes with uniformly distributed random masks. In addition, a novel scalable collision attack of general applicability and high-efficiency is proposed and applied to masked linear layers and masked S-boxes. It can reach an equal level of performance compared to the second-order power analysis with acceptable off-line search, which improves the known collision attacks significantly.

Published

2019

31. Algebraic Collision Attacks on Keccak

Author

Rachelle Heim Boissier, Camille Noûs, and Yann Rotella

Subjects

Keccak, Algebraic Cryptanalysis, Hash functions, Linearization, Collision attack, Computer engineering. Computer hardware, TK7885-7895

Abstract

In this paper, we analyze the collision resistance of the two smallest versions of Keccak which have a width of 200 and 400 bits respectively. We show that algebraic and linearization techniques can serve collision cryptanalysis by using some interesting properties of the linear part of the round function of Keccak. We present an attack on the Keccak versions that could be used in lightweight cryptography reduced to two rounds. For Keccak[40, 160] (resp. Keccak[72, 128] and Keccak[144, 256]) our attack has a computational complexity of 273 (resp. 252.5 and 2101.5) Keccak calls.

Published

2021

32. The First Collision for Full SHA-1

Author

Stevens, Marc, Bursztein, Elie, Karpman, Pierre, Albertini, Ange, Markov, Yarik, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Katz, Jonathan, editor, and Shacham, Hovav, editor

Published

2017

33. WEM: A New Family of White-Box Block Ciphers Based on the Even-Mansour Construction

Author

Cho, Jihoon, Choi, Kyu Young, Dinur, Itai, Dunkelman, Orr, Keller, Nathan, Moon, Dukjae, Veidberg, Aviya, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, and Handschuh, Helena, editor

Published

2017

34. Clustering Collision Power Attack on RSA-CRT.

Author

Wunan Wan, Jun Chen, Jinyue Xia, Jinquan Zhang, Shibin Zhang, and Hao Chen

Subjects

CHINESE remainder theorem, IMAGE segmentation, K-means clustering, MACHINE learning, NOISE control

Abstract

In this paper, we propose two new attack algorithms on RSA implementations with CRT (Chinese remainder theorem). To improve the attack efficiency considerably, a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs. This attack method is that the key parameters dp and dq are segmented by byte, and the modular multiplication collisions are identified by k-means clustering. The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs, and the exponent d was obtained. We also propose a second order clustering collision power analysis attack against RSA implementation with CRT, which applies double blinding exponentiation. To reduce noise and artificial participation, we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions. Thus, we recovered approximately 91% of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods. [ABSTRACT FROM AUTHOR]

Published

2021

35. Cryptanalysis of the Legendre PRF and Generalizations

Author

Ward Beullens, Tim Beyne, Aleksei Udovenko, and Giuseppe Vitto

Subjects

Cryptanalysis, Legendre PRF, MPC-friendly primitives, Collision attack, Computer engineering. Computer hardware, TK7885-7895

Abstract

The Legendre PRF relies on the conjectured pseudorandomness properties of the Legendre symbol with a hidden shift. Originally proposed as a PRG by Damgård at CRYPTO 1988, it was recently suggested as an efficient PRF for multiparty computation purposes by Grassi et al. at CCS 2016. Moreover, the Legendre PRF is being considered for usage in the Ethereum 2.0 blockchain. This paper improves previous attacks on the Legendre PRF and its higher-degree variant due to Khovratovich by reducing the time complexity from O(< (p log p/M) to O(p log2 p/M2) Legendre symbol evaluations when M ≤ 4√ p log2 p queries are available. The practical relevance of our improved attack is demonstrated by breaking three concrete instances of the PRF proposed by the Ethereum foundation. Furthermore, we generalize our attack in a nontrivial way to the higher-degree variant of the Legendre PRF and we point out a large class of weak keys for this construction. Lastly, we provide the first security analysis of two additional generalizations of the Legendre PRF originally proposed by Damgård in the PRG setting, namely the Jacobi PRF and the power residue PRF.

Published

2020

36. A Lightweight Detection Algorithm For Collision-Optimized Divide-and-Conquer Attacks.

Author

Ou, Changhai, Lam, Siew-Kei, Zhou, Chengju, Jiang, Guiyuan, and Zhang, Fan

Subjects

*ALGORITHMS, *LIQUID crystal displays, *FAULT tolerance (Engineering)

Abstract

By introducing collision information into divide-and-conquer attacks, several existing works transform the original candidate space, which may be too large to enumerate, into a significantly smaller collision space, thus making key recovery possible. However, the inefficient collision detection algorithms and fault tolerance mechanisms make them time-consuming and their success rate low. Moreover, they may still leave very huge chain spaces that makes it difficult for key recovery. In this article, we exploit collision attack to optimize Template Attack (TA), and propose a Lightweight Collision Detection (LCD) algorithm. The proposed method exploits a jump detection mechanism to efficiently reduce the repetitive collision detections on chains with the same prefix sub-chains. We then introduce guessing theory to reorder the collision detection of the sub-keys according to their guessing lengths, and provide us with an evaluation tool. Finally, we design a highly efficient fault tolerance mechanism for our LCD to allow flexible thresholds adjustment, and further optimize sieving mechanism to efficiently extract the best chains with the largest number of collisions. Experimental results fully demonstrate LCD's superiority. [ABSTRACT FROM AUTHOR]

Published

2020

37. Trick or Tweak: On the (In)security of OTR’s Tweaks

Author

Bost, Raphael, Sanders, Olivier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Cheon, Jung Hee, editor, and Takagi, Tsuyoshi, editor

Published

2016

38. Robust and One-Pass Parallel Computation of Correlation-Based Attacks at Arbitrary Order

Author

Schneider, Tobias, Moradi, Amir, Güneysu, Tim, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Standaert, François-Xavier, editor, and Oswald, Elisabeth, editor

Published

2016

39. Towards Fresh and Hybrid Re-Keying Schemes with Beyond Birthday Security

Author

Dobraunig, Christoph, Koeune, François, Mangard, Stefan, Mendel, Florian, Standaert, François-Xavier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Homma, Naofumi, editor, and Medwed, Marcel, editor

Published

2016

40. Group Verification Based Multiple-Differential Collision Attack

Author

Ou, Changhai, Wang, Zhu, Sun, Degang, Zhou, Xinping, Ai, Juan, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Lam, Kwok-Yan, editor, Chi, Chi-Hung, editor, and Qing, Sihan, editor

Published

2016

41. Towards Fair and Efficient Evaluations of Leaking Cryptographic Devices : Overview of the ERC Project CRASH, Part I (Invited Talk)

Author

Standaert, François-Xavier, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Carlet, Claude, editor, Hasan, M. Anwar, editor, and Saraswat, Vishal, editor

Published

2016

42. Collision Attacks on CAESAR Second-Round Candidate: ELmD

Author

Zhang, Jian, Wu, Wenling, Zheng, Yafei, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Bao, Feng, editor, Chen, Liqun, editor, Deng, Robert H., editor, and Wang, Guojun, editor

Published

2016

43. Implementation and Performance Analysis of Enhanced SHA-192

Author

Harshita, Sarvesh Tanwar, Afzalpulkar, Nitin, editor, Srivastava, Vishnu, editor, Singh, Ghanshyam, editor, and Bhatnagar, Deepak, editor

Published

2016

44. Password Encryption and Storage for Everyone

Author

Edmunds, Ben and Edmunds, Ben

Published

2016

45. Branching Heuristics in Differential Collision Search with Applications to SHA-512

Author

Eichlseder, Maria, Mendel, Florian, Schläffer, Martin, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Cid, Carlos, editor, and Rechberger, Christian, editor

Published

2015

46. Collision Attack on 5 Rounds of Grøstl

Author

Mendel, Florian, Rijmen, Vincent, Schläffer, Martin, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Cid, Carlos, editor, and Rechberger, Christian, editor

Published

2015

47. Automatically Checking Commitment Protocols in ProVerif without False Attacks

Author

Chothia, Tom, Smyth, Ben, Staite, Chris, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Focardi, Riccardo, editor, and Myers, Andrew, editor

Published

2015

48. Two Operands of Multipliers in Side-Channel Attack

Author

Sugawara, Takeshi, Suzuki, Daisuke, Saeki, Minoru, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Mangard, Stefan, editor, and Poschmann, Axel Y., editor

Published

2015

49. Combining Leakage-Resilient PRFs and Shuffling : Towards Bounded Security for Small Embedded Devices

Author

Grosso, Vincent, Poussier, Romain, Standaert, François-Xavier, Gaspar, Lubos, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Joye, Marc, editor, and Moradi, Amir, editor

Published

2015

50. Collision Attack on 4-Branch, Type-2 GFN Based Hash Functions Using Sliced Biclique Cryptanalysis Technique

Author

Agrawal, Megha, Chang, Donghoon, Ghosh, Mohona, Sanadhya, Somitra Kumar, Hutchison, David, Series editor, Kanade, Takeo, Series editor, Kittler, Josef, Series editor, Kleinberg, Jon M., Series editor, Mattern, Friedemann, Series editor, Mitchell, John C., Series editor, Naor, Moni, Series editor, Pandu Rangan, C., Series editor, Steffen, Bernhard, Series editor, Terzopoulos, Demetri, Series editor, Tygar, Doug, Series editor, Weikum, Gerhard, Series editor, Lin, Dongdai, editor, Yung, Moti, editor, and Zhou, Jianying, editor

Published

2015