检索结果-南通市图书馆

维普期刊数据库

collision attack on the Full Extended MD4 and Pseudo-Preimage attack on RIPEMD

在线全文

学校读者我要写书评

暂无评论

Journal of Computer Science & Technology 2013年第1期28卷 129-143页

作者： Gao-Li Wang School of Computer Science and Technology Donghua University Shanghai 201620 China State Key Laboratory of Information Security Institute of Information Engineering Chinese Academy of Sciences Beijing 100093 China

The cryptographic hash functions Extended MD4 and RIPEMD are double-branch hash functions, which consist of two parallel branches. Extended MD4 was proposed by Rivest in 1990, and RIPEMD was devised in the framework of the RIPE project （RACE Integrity Primitives Evaluation, 1988-1992）. On the basis of differential analysis and meet-in-the- middle attack principle, this paper proposes a collision attack on the full Extended MD4 and a pseudo-preimage attack on the full RIPEMD respectively. The collision attack on Extended MD4 holds with a complexity of 237, and a collision instance is presented. The pseudo-preimage attack on RIPEMD holds with a complexity of 21254, which optimizes the complexity order for brute-force attack. The results in this study will also be beneficial to the analysis of other double-branch hash functions such as RIPEMD-160.

关键词： collision attack preimage attack hash function Extended MD4 RIPEMD

维普期刊数据库

Classification of disturbance vectors for collision attack in SHA-1

在线全文

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2015年第11期58卷 103-112页

作者： TANG YuChen ZENG Guang HAN WenBao The Information Engineering University

A good disturbance vector is one of the key techniques to find SHA-1 collisions and to construct valid differential paths. The main work of this paper is to classify the types of the optimal disturbance ***, we improve the EEM disturbance vectors search algorithm by Manuel. We increase the Hamming weight of information window from 4 to 6, with 244 time complexity, which is 28 times better than that of Manuel’s work. Based on this result, we prove that there are only two types of the optimal disturbance vectors, type-I and type-II, which have minimum weight of 25 in the last 60 of the 80 expanded words, in the total 2512 disturbance vectors searching space.

关键词： Hash function SHA-1 collision attack disturbance vector extended expanded message

Clustering collision Power attack on RSA-CRT

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Computer Systems Science & Engineering 2021年第2期36卷 417-434页

作者： Wunan Wan Jun Chen Jinyue Xia Jinquan Zhang Shibin Zhang Hao Chen School of Cybersecurity Chengdu University of Information TechnologyChengdu610225China International Business Machines Corporation(IBM) New York10041 NY 212USA

In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message *** attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means *** exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was *** also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding *** reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation ***,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.

关键词： collision attack power analysis attack chosen-message attack module exponentiation RSA-CRT

Right or wrong collision rate analysis without profiling: full-automatic collision fault attack

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2018年第3期61卷 5-15页

作者： An WANG Yu ZHANG Weina TIAN Qian WANG Guoshuang ZHANG Liehuang ZHU School of Computer Science Beijing Institute of Technology State Key Laboratory of Cryptology College of Bioengineering Beijing Polytechnic Department of Electrical and Computer Engineering University of Maryland Science and Technology on Information Assurance Laboratory

In CHES 2010, Fault Sensitivity Analysis(FSA) on Advanced Encryption Standard(AES) hardware circuit based on S-box setup-time acquired by injecting clock glitches is proposed. Soon after, some improvements of FSA were presented such as colliding timing characteristics from Moradi et al. However,the acquisition of timing characteristics requires complex procedure due to the very gradual decrease of clock glitch cycle and the heavy requirements of setup-time samples. In HOST 2015, Wang et al. presented template-based right or wrong collision rate attack to improve the efficiency of FSA, but its profiling and plaintexts-choice procedures required too many encryptions. In this paper, we fix only one specific clock glitch cycle, and take the right or wrong collision rate as a collision distinguisher. So, the whole process is a non-profiling collision attack which can be executed automatically without massive pre-computations and interactions between PC and signal generator. According to the experiments, 256 encryptions are enough for exactly deciding whether two plaintext bytes can induce an S-box collision. Compared with the existing power analysis and FSA-based attacks on AES hardware, it costs negligible time(about 6.65 s) and storage space(only one byte), and no offline computations for finding the collision between two masked S-boxes. Furthermore, our study shows that the signal-to-noise ratio in FSA-based attacks is much higher than power-based attacks.

关键词： fault sensitivity analysis right or wrong collision rate analysis masking collision attack

Efficient collision attacks on smart card implementations of masked AES

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2015年第5期58卷 97-111页

作者： WANG An WANG ZongYue ZHENG XueXin WANG XiaoMei CHEN Man ZHANG GuoShuang WU LiJi Institute of Microelectronics Tsinghua University Key Laboratory of Cryptologic Technology and Information Security Ministry of EducationShandong University China Academy of Electronics and Information Technology School of Computer and Communication Engineering University of Science and TechnologyBeijing Science and Technology on Communication Security Laboratory

collision attack is often employed against some cryptographic algorithms such as AES and *** a usual countermeasure, masking can resist such attacks to some extent. In CHES 2011, Clavier et *** a collision-correlation attack based on Pearson correlation coefficient against masking. In this paper, a collision distinguisher based on least absolute deviation against masking is proposed. Subsequently, we suggest three other distinguishers based on least square method, least exponent method, and central moment product,respectively. Our experiments and simulations show that in practice, our distinguishers based on least absolute deviation and least square method perform much better than collision-correlation attack and other proposed distinguishers in this paper. We also give four application examples, which show that even if the masks are not reused, new distinguishers are competent to collision attacks.

关键词： power analysis attack collision attack least absolute deviation least square method masking

An Efficient Scheme of Authenticated Encryption with Associated Data

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

An Efficient Scheme of Authenticated Encryption with Associa...