Results 1  10
of
34
Hash function balance and its impact on birthday attacks
 Advances in Cryptology – EUROCRYPT ’04, Lecture Notes in Computer Science
, 2004
"... Abstract. Textbooks tell us that a birthday attack on a hash function h with range size r requires r 1/2 trials (hash computations) to find a collision. But this is quite misleading, being true only if h is regular, meaning all points in the range have the same number of preimages under h; if h is ..."
Abstract

Cited by 27 (2 self)
 Add to MetaCart
Abstract. Textbooks tell us that a birthday attack on a hash function h with range size r requires r 1/2 trials (hash computations) to find a collision. But this is quite misleading, being true only if h is regular, meaning all points in the range have the same number of preimages under h; if h is not regular, fewer trials may be required. But how much fewer? This paper addresses this question by introducing a measure of the “amount of regularity ” of a hash function that we call its balance, and then providing estimates of the successrate of the birthday attack, and the expected number of trials to find a collision, as a function of the balance of the hash function being attacked. In particular, we will see that the number of trials can be significantly less than r 1/2 for hash functions of low balance. This leads us to examine popular design principles, such as the MD (MerkleDamg˚ard) transform, from the point of view of balance preservation, and to mount experiments to determine the balance of popular hash functions. 1
Infinite Gröbner bases and noncommutative Polly Cracker cryptosystems

"... We develop a public key cryptosystem whose security is based on the intractability of the ideal membership problem for a noncommutative algebra over a finite field. We show that this system, which is the noncommutative analogue of the Polly Cracker cryptosystem, is more secure than the commutative v ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
We develop a public key cryptosystem whose security is based on the intractability of the ideal membership problem for a noncommutative algebra over a finite field. We show that this system, which is the noncommutative analogue of the Polly Cracker cryptosystem, is more secure than the commutative version. This is due to the fact that there are a number of ideals of noncommutative algebras (over finite fields) that have infinite reduced Gröbner bases, and can be used to generate a public key. We present classes of such ideals and prove that they do not have a finite Gröbner basis under any admissible order. We also examine various techniques to realize finite Gröbner bases, in order to determine whether these ideals can be used effectively in the design of a public key cryptosystem. We then show how some of these classes of ideals, which have infinite reduced Gröbner bases, can be used to design a public key cryptosystem. We also study various techniques of encryption. Finally, we study techniques of cryptanalysis that may be used to attack the cryptosystems that we present. We show how poorly constructed public keys can in fact, reveal the private key, and discuss techniques to design public keys that adequately
Quantum mutual information and the onetime pad
, 2008
"... Alice and Bob share a correlated composite quantum system AB. If AB is used as the key for a onetime pad cryptographic system, we show that the maximum amount of information that Alice can send securely to Bob is the quantum mutual information of AB. 1 The onetime pad and mutual information A one ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Alice and Bob share a correlated composite quantum system AB. If AB is used as the key for a onetime pad cryptographic system, we show that the maximum amount of information that Alice can send securely to Bob is the quantum mutual information of AB. 1 The onetime pad and mutual information A onetime pad [1] is a cryptographic protocol in which communicators Alice and Bob initially have correlated random variables, collectively called the “key”, that are not correlated with any variables possessed by a potential eavesdropper Eve. (In most discussions, the key variables possessed by Alice and Bob are supposed to be perfectly correlated—e.g., they are identical copies of the same secret string of bits. We consider the more general case.) If the key variables are used only once, they allow Alice to send Bob a perfectly secret message over a public communication channel. The value of a key as a resource is the amount of information that can be sent secretly by
An Image Encryption method with Magnitude and Phase Manipulation using carrier images
 IJCS
, 2006
"... Abstract — We describe an effective method for image encryption which employs magnitude and phase manipulation using carrier images. Although it involves traditional methods like magnitude and phase encryptions, the novelty of this work lies in deploying the concept of carrier images for encryption ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
Abstract — We describe an effective method for image encryption which employs magnitude and phase manipulation using carrier images. Although it involves traditional methods like magnitude and phase encryptions, the novelty of this work lies in deploying the concept of carrier images for encryption purpose. To this end, a carrier image is randomly chosen from a set of stored images. One dimensional (1D) discrete Fourier transform (DFT) is then carried out on the original image to be encrypted along with the carrier image. Row wise spectral addition and scaling is performed between the magnitude spectra of the original and carrier images by randomly selecting the rows. Similarly, row wise phase addition and scaling is performed between the original and carrier images phase spectra by randomly selecting the rows. The encrypted image obtained by these two operations is further subjected to one more level of magnitude and phase manipulation using another randomly chosen carrier image by 1D DFT along the columns. The resulting encrypted image is found to be fully distorted, resulting in increasing the robustness of the proposed work. Further, applying the reverse process at the receiver, the decrypted image is found to be distortionless.
Passive attacks on a class of authentication protocols for RFID
 In ICISC
, 2007
"... Abstract. Mutual authentication mechanisms can be used in RFID systems to preserve the confidentiality of the RFID tags. Hiding the unique IDs of the tags is critical to prevent unauthorized tag tracking. In this paper, we analyze two mutual authentication protocols called M2AP and EMAP, recently p ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. Mutual authentication mechanisms can be used in RFID systems to preserve the confidentiality of the RFID tags. Hiding the unique IDs of the tags is critical to prevent unauthorized tag tracking. In this paper, we analyze two mutual authentication protocols called M2AP and EMAP, recently proposed by PerisLopez et. al. We show that a passive adversary eavesdropping on the open wireless medium, can extract the unique ID of the RFID tag by collecting an expected O(log2 L) challengeresponse exchange messages between the tag and the reader, where L is the length of the tag’s unique ID. To date, previously known attacks on M2AP and EMAP require the active probing of each tag. Furthermore, attacks on M2AP require O(L) active queries to be sent to the tag by a rogue reader, as opposed to O(log2 L).
Abstract Encryption of Covert Information into Multiple Statistical Distributions
, 2006
"... A novel strategy to encrypt covert information (code) via unitary projections into the null spaces of illconditioned eigenstructures of multiple host statistical distributions, inferred from incomplete constraints, is presented. The host pdf ’s are inferred using the maximum entropy principle. The ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
A novel strategy to encrypt covert information (code) via unitary projections into the null spaces of illconditioned eigenstructures of multiple host statistical distributions, inferred from incomplete constraints, is presented. The host pdf ’s are inferred using the maximum entropy principle. The projection of the covert information is dependent upon the pdf ’s of the host statistical distributions. The security of the encryption/decryption strategy is based on the extreme instability of the encoding process. A selfconsistent procedure to derive keys for both symmetric and asymmetric cryptography is presented. The advantages of using a multiple pdf model to achieve encryption of covert information are briefly highlighted. Numerical simulations exemplify the efficacy of the model.
Le cryptosystème noncommutatif A.Balan ∗
, 2008
"... We show a new cryptosystem based on noncommutativ calculations of matrices, more specially nilpotent matrices. The cryptosystem seems powerful to restsist against usual attacks. 1 ..."
Abstract
 Add to MetaCart
We show a new cryptosystem based on noncommutativ calculations of matrices, more specially nilpotent matrices. The cryptosystem seems powerful to restsist against usual attacks. 1
SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks (2010) Published online in Wiley Online Library (wileyonlinelibrary.com). DOI: 10.1002/sec.274 RESEARCH ARTICLE
"... Although codingbased public key encryption schemes such as McEliece and Niederreiter cryptosystems have been well studied, it is not a trivial task to design an efficient codingbased cryptosystem with semantic security against adaptive chosen ciphertext attacks (INDCCA2). To tackle this challengi ..."
Abstract
 Add to MetaCart
Although codingbased public key encryption schemes such as McEliece and Niederreiter cryptosystems have been well studied, it is not a trivial task to design an efficient codingbased cryptosystem with semantic security against adaptive chosen ciphertext attacks (INDCCA2). To tackle this challenging issue, in this paper, we first propose an efficient INDCCA2secure public key encryption scheme based on coding theory. We then use the provable security technique to formally prove the security of the proposed scheme is tightly related to the syndrome decoding (SD) problem in the random oracle model. Compared with the previously reported schemes, the proposed scheme is merited with simple construction and fast encryption speed. Copyright © 2010 John Wiley & Sons, Ltd.