scispace - formally typeset
Search or ask a question
Journal Article

Security analysis of SHA-256 and sisters

TL;DR: In this article, the security of SHA-256, SHA-384 and SHA-512 against collision attacks was studied. But the authors concluded that neither Chabaud and Joux's attack, nor Dobbertin-style attacks also don't apply on the underlying structure.
Abstract: This paper studies the security of SHA-256, SHA-384 and SHA-512 against collision attacks and provides some insight into the security properties of the basic building blocks of the structure. It is concluded that neither Chabaud and Joux's attack, nor Dobbertin-style attacks apply. Differential and linear attacks also don't apply on the underlying structure. However we show that slightly simplified versions of the hash functions are surprisingly weak : whenever symmetric constants and initialization values are used throughout the computations, and modular additions are replaced by exclusive or operations, symmetric messages hash to symmetric digests. Therefore the complexity of collision search on these modified hash functions potentially becomes as low as one wishes.
Citations
More filters
Book ChapterDOI
TL;DR: This chapter provides a brief overview of the core aspects of blockchain technology, as well as the second-generation contract-based developments, and discusses key issues that must be considered in developing ledger based technologies in a banking context.
Abstract: In this chapter we provide an overview of the concept of blockchain technology and its potential to disrupt the world of banking through facilitating global money remittance, smart contracts, automated banking ledgers and digital assets. In this regard, we first provide a brief overview of the core aspects of this technology, as well as the second-generation contract-based developments. From there we discuss key issues that must be considered in developing such ledger based technologies in a banking context.

601 citations

Journal ArticleDOI
TL;DR: This paper discusses various research challenges that still exist in the literature, which provides better understanding of the problem, current solution space, and future research directions to defend IoT against different attacks.
Abstract: Internet technology is very pervasive today. The number of devices connected to the Internet, those with a digital identity, is increasing day by day. With the developments in the technology, Internet of Things (IoT) become important part of human life. However, it is not well defined and secure. Now, various security issues are considered as major problem for a full-fledged IoT environment. There exists a lot of security challenges with the proposed architectures and the technologies which make the backbone of the Internet of Things. Some efficient and promising security mechanisms have been developed to secure the IoT environment, however, there is a lot to do. The challenges are ever increasing and the solutions have to be ever improving. Therefore, aim of this paper is to discuss the history, background, statistics of IoT and security based analysis of IoT architecture. In addition, we will provide taxonomy of security challenges in IoT environment and taxonomy of various defense mechanisms. We conclude our paper discussing various research challenges that still exist in the literature, which provides better understanding of the problem, current solution space, and future research directions to defend IoT against different attacks.

260 citations

Journal ArticleDOI
TL;DR: The Blockchain architecture, which is an emerging scheme for constructing the distributed networks, is introduced to reshape the traditional IIoT architecture to form a new multicenter partially decentralized architecture that provides better security and privacy protection than the traditional architecture.
Abstract: Through the Industrial Internet of Things (IIoT), a smart factory has entered the booming period. However, as the number of nodes and network size become larger, the traditional IIoT architecture can no longer provide effective support for such enormous system. Therefore, we introduce the Blockchain architecture, which is an emerging scheme for constructing the distributed networks, to reshape the traditional IIoT architecture. First, the major problems of the traditional IIoT architecture are analyzed, and the existing improvements are summarized. Second, we introduce a security and privacy model to help design the Blockchain-based architecture. On this basis, we decompose and reorganize the original IIoT architecture to form a new multicenter partially decentralized architecture. Then, we introduce some relative security technologies to improve and optimize the new architecture. After that we design the data interaction process and the algorithms of the architecture. Finally, we use an automatic production platform to discuss the specific implementation. The experimental results show that the proposed architecture provides better security and privacy protection than the traditional architecture. Thus, the proposed architecture represents a significant improvement of the original architecture, which provides a new direction for the IIoT development.

242 citations

Proceedings ArticleDOI
01 Dec 2016
TL;DR: A perspective on how Cryptocurrencies mine is surveyed and compared and contrast current mining techniques as used by major Cryptocurrency, and the strengths, weaknesses, and possible threats to each mining strategy are evaluated.
Abstract: Cryptocurrencies have emerged as important financial software systems. They rely on a secure distributed ledger data structure; mining is an integral part of such systems. Mining adds records of past transactions to the distributed ledger known as Blockchain, allowing users to reach secure, robust consensus for each transaction. Mining also introduces wealth in the form of new units of currency. Cryptocurrencies lack a central authority to mediate transactions because they were designed as peer-to-peer systems. They rely on miners to validate transactions. Cryptocurrencies require strong, secure mining algorithms. In this paper we survey and compare and contrast current mining techniques as used by major Cryptocurrencies. We evaluate the strengths, weaknesses, and possible threats to each mining strategy. Overall, a perspective on how Cryptocurrencies mine, where they have comparable performance and assurance, and where they have unique threats and strengths are outlined.

209 citations

Journal ArticleDOI
TL;DR: In this article, a real-time attribution of power losses to each transaction involving one generator and one load node is done by defining some suitable indices, and the experimental section of the paper considers a medium voltage microgrid and two different operational scenarios.
Abstract: The present paper considers some technical issues related to the “energy blockchain” paradigm applied to microgrids. In particular, what appears from the study is that the superposition of energy transactions in a microgrid creates a variation of the power losses in all the branches of the microgrid. Traditional power losses allocation in distribution systems takes into account only generators while, in this paper, a real-time attribution of power losses to each transaction involving one generator and one load node is done by defining some suitable indices. Besides, the presence of P–V nodes increases the level of reactive flows and provides a more complex technical perspective. For this reason, reactive power generation for voltage support at P–V nodes poses a further problem of reactive power flow exchange, which is worth of investigation in future works in order to define a possible way of remuneration. The experimental section of the paper considers a medium voltage microgrid and two different operational scenarios.

197 citations

References
More filters
Proceedings Article
01 Apr 1992
TL;DR: This document describes the MD5 message-digest algorithm, which takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input.
Abstract: This document describes the MD5 message-digest algorithm. The algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. This memo provides information for the Internet community. It does not specify an Internet standard.

3,514 citations

Book ChapterDOI
01 Jul 1989
TL;DR: Apart from suggesting a generally sound design principle for hash functions, the results give a unified view of several apparently unrelated constructions of hash functions proposed earlier, and suggests changes to other proposed constructions to make a proof of security potentially easier.
Abstract: We show that if there exists a computationally collision free function f from m bits to t bits where m > t, then there exists a computationally collision free function h mapping messages of arbitrary polynomial lengths to t-bit strings.Let n be the length of the message, h can be constructed either such that it can be evaluated in time linear in n using 1 processor, or such that it takes time O(log(n)) using O(n) processors, counting evaluations of f as one step. Finally, for any constant k and large n, a speedup by a factor of k over the first construction is available using k processors.Apart from suggesting a generally sound design principle for hash functions, our results give a unified view of several apparently unrelated constructions of hash functions proposed earlier. It also suggests changes to other proposed constructions to make a proof of security potentially easier.We give three concrete examples of constructions, based on modular squaring, on Wolfram's pseudoranddom bit generator [Wo], and on the knapsack problem.

1,284 citations

Book ChapterDOI
11 Aug 1990
TL;DR: The MD4 message digest algorithm takes an input message of arbitrary length and produces an output 128-bit "fingerprint" or "message digest", in such a way that it is (hopefully) computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest.
Abstract: The MD4 message digest algorithm takes an input message of arbitrary length and produces an output 128-bit "fingerprint" or "message digest", in such a way that it is (hopefully) computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest. The MD4 algorithm is thus ideal for digital signature applications: a large file can be securely "compressed" with MD4 before being signed with (say) the RSA public-key cryptosystem.The MD4 algorithm is designed to be quite fast on 32-bit machines. For example, on a SUN Sparc station, MD4 runs at 1,450,000 bytes/second (11.6 Mbit/sec). In addition, the MD4 algorithm does not require any large substitution tables; the algorithm can be coded quite compactly.The MD4 algorithm is being placed in the public domain for review and possible adoption as a standard.

550 citations

Book ChapterDOI
21 Feb 1996
TL;DR: A new version of RIPEMD with a 160-bit result is proposed, as well as a plug-in substitute for RIPEMd with a 128- bit result, and the software performance of several MD4-based algorithms is compared.
Abstract: Cryptographic hash functions are an important tool in cryptography for applications such as digital fingerprinting of messages, message authentication, and key derivation. During the last five years, several fast software hash functions have been proposed; most of them are based on the design principles of Ron Rivest's MD4. One such proposal was RIPEMD, which was developed in the framework of the EU project RIPE (Race Integrity Primitives Evaluation). Because of recent progress in the cryptanalysis of these hash functions, we propose a new version of RIPEMD with a 160-bit result, as well as a plug-in substitute for RIPEMD with a 128-bit result. We also compare the software performance of several MD4-based algorithms, which is of independent interest.

519 citations

Book ChapterDOI
18 Aug 2002
TL;DR: In this paper, a formal and quantitative treatment of the 64 most basic hash function constructions considered by Preneel, Govaerts, and Vandewalle is provided.
Abstract: Preneel, Govaerts, and Vandewalle [6] considered the 64 most basic ways to construct a hash function H: {0, 1}* ? {0, 1}n from a block cipher E: {0, 1}n × {0, 1}n ? {0, 1}n. They regarded 12 of these 64 schemes as secure, though no proofs or formal claims were given. The remaining 52 schemes were shown to be subject to various attacks. Here we provide a formal and quantitative treatment of the 64 constructions considered by PGV. We prove that, in a black-box model, the 12 schemes that PGV singled out as secure really are secure: we give tight upper and lower bounds on their collision resistance. Furthermore, by stepping outside of the Merkle-Damgard approach to analysis, we show that an additional 8 of the 64 schemes are just as collision resistant (up to a small constant) as the first group of schemes. Nonetheless, we are able to differentiate among the 20 collision-resistant schemes by bounding their security as one-way functions. We suggest that proving black-box bounds, of the style given here, is a feasible and useful step for understanding the security of any block-cipher-based hash-function construction.

374 citations