Do you want to publish a course? Click here

A New Non-MDS Hash Function Resisting Birthday Attack and Meet-in-the-middle Attack

209   0   0.0 ( 0 )
 Added by Shenghui Su
 Publication date 2014
and research's language is English




Ask ChatGPT about the research

To examine the integrity and authenticity of an IP address efficiently and economically, this paper proposes a new non-Merkle-Damgard structural (non-MDS) hash function called JUNA that is based on a multivariate permutation problem and an anomalous subset product problem to which no subexponential time solutions are found so far. JUNA includes an initialization algorithm and a compression algorithm, and converts a short message of n bits which is regarded as only one block into a digest of m bits, where 80 <= m <= 232 and 80 <= m <= n <= 4096. The analysis and proof show that the new hash is one-way, weakly collision-free, and strongly collision-free, and its security against existent attacks such as birthday attack and meet-in-the- middle attack is to O(2 ^ m). Moreover, a detailed proof that the new hash function is resistant to the birthday attack is given. Compared with the Chaum-Heijst-Pfitzmann hash based on a discrete logarithm problem, the new hash is lightweight, and thus it opens a door to convenience for utilization of lightweight digital signing schemes.



rate research

Read More

The traditional worms such as Blaster, Code Red, Slammer and Sasser, are still infecting vulnerable machines on the internet. They will remain as significant threats due to their fast spreading nature on the internet. Various traditional worms attack pattern has been analyzed from various logs at different OSI layers such as victim logs, attacker logs and IDS alert log. These worms attack pattern can be abstracted to form worms attack model which describes the process of worms infection. For the purpose of this paper, only Blaster variants were used during the experiment. This paper proposes a multi-step worm attack model which can be extended into research areas in alert correlation and computer forensic investigation.
289 - Jay Shah , Ayan Mahalanobis 2012
In Europe and North America, the most widely used stream cipher to ensure privacy and confidentiality of conversations in GSM mobile phones is the A5/1. In this paper, we present a new attack on the A5/1 stream cipher with an average time complexity of 2^(48.5), which is much less than the brute-force attack with a complexity of 2^(64). The attack has a 100% success rate and requires about 5.65GB storage. We provide a detailed description of our new attack along with its implementation and results.
We explore a new type of malicious script attacks: the persistent parasite attack. Persistent parasites are stealthy scripts, which persist for a long time in the browsers cache. We show to infect the caches of victims with parasite scripts via TCP injection. Once the cache is infected, we implement methodologies for propagation of the parasites to other popular domains on the victim client as well as to other caches on the network. We show how to design the parasites so that they stay long time in the victims cache not restricted to the duration of the users visit to the web site. We develop covert channels for communication between the attacker and the parasites, which allows the attacker to control which scripts are executed and when, and to exfiltrate private information to the attacker, such as cookies and passwords. We then demonstrate how to leverage the parasites to perform sophisticated attacks, and evaluate the attacks against a range of applications and security mechanisms on popular browsers. Finally we provide recommendations for countermeasures.
The visualization of future generation Wireless Communication Network WCN redirects the presumption of onward innovations, the fulfillment of user demands in the form of high data rates, energy efficiency, low latency, and long-range services. To content these demands, various technologies such as massive MIMO Multiple Input Multiple Output, UDN Ultra Dense Network, spectrum sharing, D2D Device to Device communication were improvised in the next generation WCN. In comparison to previous technologies, these technologies exhibit flat architecture, the involvement of clouds in the network, centralized architecture incorporating small cells which creates vulnerable breaches initiating menaces to the security of the network. The half-duplex attack is another threat to the WCN, where the resource spoofing mechanism is attained in the downlink phase of D2D communication. Instead of triggering an attack on both uplink and downlink, solely downlink is targeted by the attacker. This scheme allows the reduced failed attempt rate of the attacker as compared to the conventional attacks. The analysis is determined on the basis of Poissons distribution to determine the probability of failed attempts of half duplex attack in contrast to a full duplex attack
Mining is the important part of the blockchain used the proof of work (PoW) on its consensus, looking for the matching block through testing a number of hash calculations. In order to attract more hash computing power, the miner who finds the proper block can obtain some rewards. Actually, these hash calculations ensure that the data of the blockchain is not easily tampered. Thus, the incentive mechanism for mining affects the security of the blockchain directly. This paper presents an approach to attack against the difficulty adjustment algorithm (abbreviated as DAA) used in blockchain mining, which has a direct impact on miners earnings. In this method, the attack miner jumps between different blockchains to get more benefits than the honest miner who keep mining on only one blockchain. We build a probabilistic model to simulate the time to obtain the next block at different hash computing power called hashrate. Based on this model, we analyze the DAAs of the major cryptocurrencies, including Bitcoin, Bitcoin Cash, Zcash, and Bitcoin Gold. We further verify the effectiveness of this attack called jumping mining through simulation experiments, and also get the characters for the attack in the public block data of Bitcoin Gold. Finally, we give an improved DAA scheme against this attack. Extensive experiments are provided to support the efficiency of our designed scheme.
comments
Fetching comments Fetching comments
Sign in to be able to follow your search criteria
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا