Results 1  10
of
24
Hash function balance and its impact on birthday attacks
 Advances in Cryptology – EUROCRYPT ’04, Lecture Notes in Computer Science
, 2004
"... Abstract. Textbooks tell us that a birthday attack on a hash function h with range size r requires r 1/2 trials (hash computations) to find a collision. But this is quite misleading, being true only if h is regular, meaning all points in the range have the same number of preimages under h; if h is ..."
Abstract

Cited by 27 (2 self)
 Add to MetaCart
Abstract. Textbooks tell us that a birthday attack on a hash function h with range size r requires r 1/2 trials (hash computations) to find a collision. But this is quite misleading, being true only if h is regular, meaning all points in the range have the same number of preimages under h; if h is not regular, fewer trials may be required. But how much fewer? This paper addresses this question by introducing a measure of the “amount of regularity ” of a hash function that we call its balance, and then providing estimates of the successrate of the birthday attack, and the expected number of trials to find a collision, as a function of the balance of the hash function being attacked. In particular, we will see that the number of trials can be significantly less than r 1/2 for hash functions of low balance. This leads us to examine popular design principles, such as the MD (MerkleDamg˚ard) transform, from the point of view of balance preservation, and to mount experiments to determine the balance of popular hash functions. 1
Infinite Gröbner bases and noncommutative Polly Cracker cryptosystems

"... We develop a public key cryptosystem whose security is based on the intractability of the ideal membership problem for a noncommutative algebra over a finite field. We show that this system, which is the noncommutative analogue of the Polly Cracker cryptosystem, is more secure than the commutative v ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
We develop a public key cryptosystem whose security is based on the intractability of the ideal membership problem for a noncommutative algebra over a finite field. We show that this system, which is the noncommutative analogue of the Polly Cracker cryptosystem, is more secure than the commutative version. This is due to the fact that there are a number of ideals of noncommutative algebras (over finite fields) that have infinite reduced Gröbner bases, and can be used to generate a public key. We present classes of such ideals and prove that they do not have a finite Gröbner basis under any admissible order. We also examine various techniques to realize finite Gröbner bases, in order to determine whether these ideals can be used effectively in the design of a public key cryptosystem. We then show how some of these classes of ideals, which have infinite reduced Gröbner bases, can be used to design a public key cryptosystem. We also study various techniques of encryption. Finally, we study techniques of cryptanalysis that may be used to attack the cryptosystems that we present. We show how poorly constructed public keys can in fact, reveal the private key, and discuss techniques to design public keys that adequately
Quantum mutual information and the onetime pad
, 2008
"... Alice and Bob share a correlated composite quantum system AB. If AB is used as the key for a onetime pad cryptographic system, we show that the maximum amount of information that Alice can send securely to Bob is the quantum mutual information of AB. 1 The onetime pad and mutual information A one ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Alice and Bob share a correlated composite quantum system AB. If AB is used as the key for a onetime pad cryptographic system, we show that the maximum amount of information that Alice can send securely to Bob is the quantum mutual information of AB. 1 The onetime pad and mutual information A onetime pad [1] is a cryptographic protocol in which communicators Alice and Bob initially have correlated random variables, collectively called the “key”, that are not correlated with any variables possessed by a potential eavesdropper Eve. (In most discussions, the key variables possessed by Alice and Bob are supposed to be perfectly correlated—e.g., they are identical copies of the same secret string of bits. We consider the more general case.) If the key variables are used only once, they allow Alice to send Bob a perfectly secret message over a public communication channel. The value of a key as a resource is the amount of information that can be sent secretly by
An Image Encryption method with Magnitude and Phase Manipulation using carrier images
 IJCS
, 2006
"... Abstract — We describe an effective method for image encryption which employs magnitude and phase manipulation using carrier images. Although it involves traditional methods like magnitude and phase encryptions, the novelty of this work lies in deploying the concept of carrier images for encryption ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract — We describe an effective method for image encryption which employs magnitude and phase manipulation using carrier images. Although it involves traditional methods like magnitude and phase encryptions, the novelty of this work lies in deploying the concept of carrier images for encryption purpose. To this end, a carrier image is randomly chosen from a set of stored images. One dimensional (1D) discrete Fourier transform (DFT) is then carried out on the original image to be encrypted along with the carrier image. Row wise spectral addition and scaling is performed between the magnitude spectra of the original and carrier images by randomly selecting the rows. Similarly, row wise phase addition and scaling is performed between the original and carrier images phase spectra by randomly selecting the rows. The encrypted image obtained by these two operations is further subjected to one more level of magnitude and phase manipulation using another randomly chosen carrier image by 1D DFT along the columns. The resulting encrypted image is found to be fully distorted, resulting in increasing the robustness of the proposed work. Further, applying the reverse process at the receiver, the decrypted image is found to be distortionless.
Cryptanalysis of a homomorphic publickey cryptosystem
, 2006
"... The aims of this research are to give a precise description of a new homomorphic publickey encryption scheme proposed by Grigoriev and Ponomarenko [7] in 2004 and to break Grigoriev and Ponomarenko homomorphic publickey cryptosystem. Firstly, we prove some properties of linear fractional transform ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
The aims of this research are to give a precise description of a new homomorphic publickey encryption scheme proposed by Grigoriev and Ponomarenko [7] in 2004 and to break Grigoriev and Ponomarenko homomorphic publickey cryptosystem. Firstly, we prove some properties of linear fractional transformations. We analyze the Xnrepresentation algorithm which is used in the decryption scheme of Grigoriev and Ponomarenko homomorphic publickey cryptosystem and by these properties of the linear fractional transformations, we correct and modify the Xnrepresentation algorithm. We implement the modified Xnrepresentation algorithm by programming it and we prove the correctness of the modified Xnrepresentation algorithm. Secondly, we find an explicit formula to compute the X(n, S)representations of elements of the group Γn. The X(n, S)representation algorithm is used in the decryption scheme of Grigoriev and Ponomarenko homomorphic publickey cryptosystem and we modify the X(n, S)representation algorithm. We implement the modified X(n, S)representation algorithm by programming it and we justify the modified
Abstract Encryption of Covert Information into Multiple Statistical Distributions
, 2006
"... A novel strategy to encrypt covert information (code) via unitary projections into the null spaces of illconditioned eigenstructures of multiple host statistical distributions, inferred from incomplete constraints, is presented. The host pdf ’s are inferred using the maximum entropy principle. The ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
A novel strategy to encrypt covert information (code) via unitary projections into the null spaces of illconditioned eigenstructures of multiple host statistical distributions, inferred from incomplete constraints, is presented. The host pdf ’s are inferred using the maximum entropy principle. The projection of the covert information is dependent upon the pdf ’s of the host statistical distributions. The security of the encryption/decryption strategy is based on the extreme instability of the encoding process. A selfconsistent procedure to derive keys for both symmetric and asymmetric cryptography is presented. The advantages of using a multiple pdf model to achieve encryption of covert information are briefly highlighted. Numerical simulations exemplify the efficacy of the model.
Cryptographic Accelerators on the UltraSPARC T2 with the Solaris Cryptographic Framework
"... As the both the requirement and demand for secure systems increases, so to will the ubiquitousness of cryptography. The most secure cryptographic schemes often involve complicated algorithms and are by no means cheap to implement on standard hardware, and it is this that has led to the development o ..."
Abstract
 Add to MetaCart
As the both the requirement and demand for secure systems increases, so to will the ubiquitousness of cryptography. The most secure cryptographic schemes often involve complicated algorithms and are by no means cheap to implement on standard hardware, and it is this that has led to the development of cryptographic hardware accelerators. Optimizing software to take advantage of these hardware devices is a problem akin to that of effective parallelization and this project aims to determine how these accelerators perform and under what conditions their use is costeffective. Through the development of code designed to exercise the particular accelerators existing on the Solaris UltraSPARC T2 via the Solaris Cryptographic Framework (SCF) the system’s performance under a variety of different conditions was assessed. A suggestion for the possible design of a benchmark exclusively for hardware accelerated cryptography is also given. The results indicate that substantial performance gains can be had with