While IT has evolved from people-to-machine (Web 1.0) through people-to-people (Web 2.0) to machine-to-machine (Web 3.0), working styles have gradually changed from writing on paper to Cloud storage. Digital content development is critical to these changes. However, information security and privacy issues should also be addressed. Therefore, we proposed improvements to symmetric ciphers, one-way hash functions, and secure protocols.
The advanced encryption standard (AES) is applied as an encryption standard to replace data encryption standard (DES) and triple-DES in fields including e-commerce, embedded systems, and ubiquitous computing. Originally, AES performed matrix operations using the MixColumns() procedure, resulting in more complicated computations and increasingly complex software and hardware designs.
The proposed AES variant replaces the matrix with an XOR operation providing stronger security.
The proposed cipher’s advantages are
The security of round transformation in the proposed cipher is made stronger than AES by strengthening the resistance of the square attack from 4 to 3 rounds.
Most operations in the proposed cipher, including the TransByte() procedure, can be used for both encryption and decryption.
In future, we will focus on speeding up the cipher, especially on TransByte() and SubBlkXor().
Since 1993, the secure hash function family is an important standard in cryptography. We propose a novel view of complexity (and hence security fitness) by counting the number of terms involved in each equation, instead of analyzing the
probability of finding collisions within hash functions. We identified the near optimal versions, optSHA-1 and optSHA-256-XOR, using brute force and genetic approaches of SHA-1 and SHA-256-XOR, respectively; the latter had more computational efficiency. This analysis is useful for designers interested in the security of modular-addition-free hash functions suitable for hardware implementation with lower gate counts. The obtained message schedule parameter sets will be a good reference for further improvements of secure hash algorithm (SHA) functions.
The proposed generalized SHA (SHA-mn) uses arbitrary length messages as inputs for generating message digests with required lengths. We modified each SHA-mn step as a generalized version containing padding and parsing; setting the initial hash values, constants, Boolean expressions, functions, and message schedule;
initializing the eight working variables and for-loop operation; and computing the ith intermediate hash values. Furthermore, we solved the LHV problem, which does not exist in the original SHA family standard.
For security purposes, SHA-mn was generalized based on SHA family design rules. While the design was improved, there is disagreement regarding the method used to calculate the complexity according to the birthday paradox, as the collision of full SHA-1 was reported in 2005. Many studies focus on developing efficient ways for finding SHA-256/512 collisions. We therefore believe that the approximate complexity of SHA-mn under the birthday attack is 2mn/2.
The security of mobile ad hoc networks influences their applications. To achieve adequate security, autonomous key management (AKM) for numerous nodes is important. We propose modified AKM to reduce communications and computation costs to
t
1 of the original values without compromising security. Results show that
modified AKM is more practical because it can handle large numbers of dynamic
nodes in a MANET, while maintaining adequate security requirements. The proposed methodology is applicable to all schemes based on cryptographic threshold schemes for truncating message size without endangering security.
Further research will attempt to simplify the computation complexity of AKM operations for the workability of ad hoc devices. Furthermore, we will apply the proposed concept to vehicular ad hoc networks (VANETs) because their environments are more dynamic and the topology changes faster, resulting in narrower bandwidth.
References
[1] H. Sundmaeker, P. Guillemin, P. Friess and S. Woelfflé, "Vision and Challenges for Realising the Internet of Things," The Cluster of European Research projects on the Internet of Things (CERP-IoT), 2010.
[2] M. Luo, "Research on the Knowledge Management Based on GIS," in National Conference on Information Technology and Computer Science (CITCS), 2012.
[3] B. Daskala, "Flying 2.0 Enabling automated air travel by identifying and addressing the challenges of IoT & RFID technology," European Network and Information Security Agency (ENISA), 2010.
[4] J. Daemen and V. Rijmen, Advanced Encryption Standard (AES), Federal Information Processing Standards Publications (FIPS PUBS) 197, NIST, 2001.
[5] E. Biham1, A. Biryukov and A. Shamir, "Cryptanalysis of Skipjack Reduced to 31 Rounds Using," in Proceedings of Eurocrypt, LNCS 1592, 1999.
[6] E. Biham and N. Keller, "Cryptanalysis of reduced variants of Rijndael," in Proceedings of 3rd AES Conference, 2000.
[7] J. Daemen, L. Knudsen and V. Rijmen, "The block cipher Square," in Proceedings of the 4th International Workshop on Fast Software Encryption (FSE), LNCS 1267, 1997.
[8] J. Daemen and V. Rijmen, The Design of Rijndael, AES - The Advanced Encryption Standard, Springer, 2002.
[9] Eli Biham, Orr Dunkelman and Nathan Keller, "Related-Key Boomerang and Rectangle Attacks," in Proceedings of Eurocrypt, LNCS 3557, 2005.
[10] A. Biryukov, "The Boomerang Attack on 5 and 6-round AES," in Proceedings of Advanced Encryption Standard 4, LNCS 3373, 2005.
[11] D. R. Stinson, Cryptography Theory and Practice, 3 ed., CRC Press, 2005.
[12] J. H. Cheon, M. Kim, K. Kim, J. Y. Lee and S. Kang, "Improved Impossible Differential Cryptanalysis of Rijndael and Crypton," in Proceedings of The 4th International Conference on Information Security and Cryptology (ICISC), LNCS 2288, 2002.
[13] R. C. Phan, "Impossible Differential Cryptanalysis of 7-round Advanced Encryption .Standard (AES)," Information Processing Letters, vol. 91, no. 1, pp.
33-38, 2004.
[14] C. Jie, W. Yongzhuang and H. Yupu, "A New Method for Impossible Differential Cryptanalysis of 7-round Advanced Encryption Standard," in Proceedings of Communications, Circuits and Systems (ICCCAS), 2006.
[15] W. Zhang, W. Wu and D. Feng, "New Results on Impossible Differential Cryptanalysis of Reduced AES," in Proceedings of 10th International Conference on Information Security and Cryptology (ICISC), LNCS 4817, 2007.
[16] E. Biham, O. Dunkelman and N. Keller, "Related-Key Impossible Differential Attacks on 8-Round AES-192," in Proceedings of RSA Conference, LNCS 3860, 2006.
[17] J. Liu, B. Wei, X. Cheng and X. Wang, "An AES S-box to Increase Complexity and Cryptographic Analysis," in Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA), 2005.
[18] A. Grocholewska-CzuryJo' and J. Stoklosa, "Random Generation of S-Boxes for Block Ciphers," in Biometrics, Computer Security Systems and Artificial Intelligence Applications, Springer, 2006, pp. 121-135.
[19] D. Bhattacharya, N. Bansal and A. Banerjee, "A Near Optimal S-Box Design," in Proceedings of the 3rd International Conference on Information Systems Security (ICISS), LNCS 4812, 2007.
[20] L. Cui and Y. Cao, "A new s-box structure named Affine-power-affine,"
International Journal of Innovative Computing, Information and Control (IJICIC), vol. 3, no. 3, pp. 751-759, 2007.
[21] National Institute of Standards and Technology, Secure hash standard, Federal Information Processing Standards Publications (FIPS PUBS) 180-4, 2012.
[22] P. Pal and P. Sarkar, "PARSHA-256 – A New Parallelizable Hash Function and a Multithreaded Implementation," in Proceedings of 10th International Workshop on Fast Software Encryption 2003 (FSE), LNCS 2887, 2003.
[23] H. Handschuh and D. Naccache, "SHACAL," in Proceedings of 1st Open NESSIE Workshop, 2001.
[24] J. Lu, J. Kim, N. Keller and O. Dunkelman, "Related-Key Rectangle Attack on 42-Round SHACAL-2," in Proceedings of 9th Information Security Conference (ISC), LNCS 4176, 2006.
[25] H. Yoshida and A. Biryukov, "Analysis of a SHA-256 Variant," in Proceedings of 12th Annual Workshop on Selected Areas in Cryptography (SAC), LNCS 3897, 2005.
[26] B. Schneier, Applied Cryptography, 4 ed., John Wiley & Sons, 1996.
[27] F. Chabaud and A. Joux, "Differential Collisions in SHA-0," in Proceedings of Crypto, 1998.
[28] V. Rijmen and E. Oswald, "Update on SHA-1," in Proceedings of CT-RSA, LNCS 3376, 2005.
[29] X. Wang, H. Yu and Y. L. Yin, "Finding Collision in the Full SHA-1," in Proceedings of Crypto, LNCS 3621, 2005.
[30] E. A. Grechnikov, "Collisions for 72-step and 73-step SHA-1: Improvements in the Method of Characteristics," Cryptology ePrint Archive, Report 2010/413, 2010.
[31] H. Gilbert and H. Handschuh, "Security Analysis of SHA-256 and Sisters," in Proceedings of 6th Information Security Conference (SAC), LNCS 3006, 2003.
[32] F. Mendel, N. Pramstaller, C. Rechberger and V. Rijmen, "Analysis of Step-Reduced SHA-256," in Proceedings of 13th annual Fast Software Encryption workshop (FSE), LNCS 4047, 2006.
[33] I. Nikolić and A. Biryukov, "Collisions for Step-Reduced SHA-256," in Proceedings of 15th International Workshop on Fast Software Encryption (FSE), LNCS 5086, 2008.
[34] S. K. Sanadhya and P. Sarkar, "New Collision Attacks against Up to 24-Step SHA-2," in Proceedings of Indocrypt, LNCS 5365, 2008.
[35] S. Indesteege, F. Mendel, B. Preneel and C. Rechberger, "Collisions and Other Non-random Properties for Step-Reduced SHA-256," in Proceedings of Selected Areas in Cryptography (SAC), LNCS 5381, 2009.
[36] K. Aoki, J. Guo, K. Matusiewicz, Y. Sasaki and L. Wang, "Preimages for Step-Reduced SHA-2," in Proceedings of Asiacrypt, 2009.
[37] F. Mendel, T. Nad and M. Schläffer, "Finding SHA-2 Characteristics: Searching through a Minefield of Contradictions," in Proceedings of Asiacrypt, LNCS 7073, 2011.
[38] A. Biryukov, M. Lamberger, F. Mendel and I. Nikolić, "Second-Order Differential Collisions for Reduced SHA-256," in Proceedings of ASIACRYPT, LNCS 7073, 2011.
[39] A. Khalili, J. Katz and W. Arbaugh, "Toward Secure Key Distribution in Truly Ad Hoc Networks," in Proceedings of the International Symposium on Applications and the Internet, 2003.
[40] B. Lehane, L. Doyle and D. O'Mahony, "Shared RSA key generation in a mobile ad hoc network," in Proceedings of the IEEE Military Communications Conference (MILCOM), 2003.
[41] H. Luo, J. Kong, P. Zerfos, S. Lu and L. Zhang, "Self-Securing Ad Hoc Wireless Networks," in Proceedings of the 7th IEEE Symposium on Computers and Communications (ISCC), 2002.
[42] H. Luo, J. Kong, P. Zerfos, S. Lu and L. Zhang, "URSA: Ubiquitous and Robust Access Control for Mobile Ad Hoc Networks," IEEE/ACM Transactions on Networking, vol. 12, no. 6, pp. 1049-1063, 2004.
[43] J. Kong, P. Zerfos, H. Luo, S. Lu and L. Zhang, "Providing Robust and Ubiquitous Security Support for Mobile Ad Hoc Networks," in Proceedings of the IEEE 9th International Conference on Network Protocols (ICNP), 2001.
[44] L. Zhou and Z. J. Haas, "Securing Ad Hoc Networks," IEEE Network on Network Security, vol. 13, no. 6, pp. 24-30, 1999.
[45] S. Capkuny, L. Butty'an and J. P. Hubaux, "Self-Organized Public-Key Management for Mobile Ad Hoc Networks," Technical Report 2002/34, EPFL/IC, 2002.
[46] M. Omar, Y. Challal and A. Bouabdallah, "Reliable and Fully Distributed Trust Model for Mobile Ad Hoc Networks," Computers & Security, vol. 28, pp.
199-214, 2009.
[47] Y. Park, Y. Park and S. Moon, "ID-based Private Key Update Protocol with Anonymity for Mobile Ad-Hoc Networks," in Proceedings of 2010 International Conference of Computational Science and its Applications, 2010.
[48] K. Hamouid and K. Adi, "Secure and Robust Threshold Key Management (SRKM) Scheme for Ad Hoc Networks," Security and communication networks, vol. 3, pp. 517-534, 2010.
[49] L. Li and R. S. Liu, "Securing Cluster-Based Ad Hoc Networks with Distributed Authorities," IEEE Transactions on Wireless Communications, vol. 9, no. 10, pp.
3072-3081, 2010.
[50] D. Saravanan, D. Rajalakshmi and D. Maheswari, "DYCRASEN: A Dynamic Cryptographic Asymmetric Key Management for Sensor Network using Hash Function," International Journal of Computer Applications, vol. 18, no. 8, pp.
1-3, 2011.
[51] H. Yang, H. Luo, F. Ye, S. Lu and L. Zhang, "Security in Mobile Ad HocNetworks Challenges and Solutions," IEEE Wireless Communications, vol.
11, no. 1, pp. 38-47, 2004.
[52] B. Zhu, F. Bao, R. H. Deng, M. S. Kankanhalli and G. Wang, "Efficient and Robust Key Management for Large Mobile Ad Hoc Networks," Computer networks, vol. 48, pp. 657-682, 2005.
[53] A. Shamir, "How to Share a Secret," Communications of the ACM, vol. 22, no.
11, pp. 612-613, 1979.
[54] Y. Desmedt, "Threshold Cryptography," European Transactions on Telecommunications, vol. 5, no. 4, pp. 449-457, 1944.
[55] Y. Desmedt and Y. Frankel, "Threshold Cryptosystems," in Proceedings of Crypto, LNCS 0435, 1990.
[56] R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin, "Secure Distributed Key Generation for Discrete-Log Based Cryptosystem," in Proceedings of Eurocrypt, LNCS 1592, 1999.
[57] W. J. Tsaur and H. T. Pai, "Dynamic Key Management Schemes for Secure Group Communication Based on Hierarchical Clustering in Mobile Ad Hoc Networks," in Proceedings of International Workshops on Frontiers of High Performance Computing and Networking (ISPA), LNCS 4743, 2007.
[58] K. Lauter, "The Advantages of Elliptic Curve Cryptography for Wireless Security," IEEE Wireless Communications, vol. 11, no. 1, pp. 62-67, 2004.
[59] M. Girault, "Self-Certified Public Keys," in Proceedings of Eurocrypt, LNCS 547, 1991.
[60] S. Bakhtiari, R. Safavi-Naini and J. Pieprzyk, "Cryptographic Hash Functions: A Survey," Technical Report 95-09, University of Wollongong, 1995.
[61] National Institute of Standards and Technology, Secure hash standard, Federal Information Processing Standards Publications (FIPS PUBS) 180, 1993.
[62] National Institute of Standards and Technology, Secure hash standard, Federal Information Processing Standards Publications (FIPS PUBS) 180-1, 1995.
[63] National Institute of Standards and Technology, Secure hash standard, Federal Information Processing Standards Publications (FIPS PUBS) 180-2, NIST, 2002.
[64] National Institute of Standards and Technology, Secure hash standard, Federal Information Processing Standards Publications (FIPS PUBS) 180-3, 2008.
[65] J. H. Holland, Adaptation in Natural and Artificial System, The University of Michigan Press, 1975.
[66] S. Adcock, "Genetic Algorithm Utility Library," [Online]. Available:
http://gaul.sourceforge.net.
[67] Y. S. Yeh, C. Y. Lee, T. Y. Huang and C. H. Lin, "A Transpositional Advanced Encryption Standard (AES) Resists 3-Round Square Attack," International Journal of Innovative Computing, Information and Control, vol. 5, no. 5, pp.
1349-4198, 2009.
[68] M. Matsui, "Linear cryptanalysis method for DES cipher," in Proceedings of
Eurocrypt, LNCS 765, 1994.
[69] C. Y. Lee, C. H. Lin, D. J. Chen and Y. S. Yeh, "Generalized Secure Hash Algorithm: SHA-X," International Journal of Advancements in Computing Technology(IJACT), vol. 4, no. 7, pp. 41-52, 2012.
[70] C. H. Lin, C. Y. Lee, K. M. Kavi, D. J. Chen and Y. S. Yeh, "An evaluation criterion and an approach to improve the security fitness of SHA-256 via genetic algorithm," Journal of Information Science and Engineering, (to appear).
[71] X. Wang, H. Yu and Y. L. Yin, "Efficient Collision Search Attacks on SHA-0," in Proceedings of Crypto, LNCS 3621, 2005.
[72] K. Matusiewicz, J. Pieprzyk, N. Pramstaller, C. Rechberger and V. Rijmen,
"Analysis of Simplified Variants of SHA-256," in Proceedings of Western Europe - an Workshop on Research in Cryptology (WEWoRC), 2005.
[73] Y. S. Yeh, T. Y. Huang, I T. Chen and S. C. Chou, "Analyze SHA-1 in Message Schedule," Journal of Discrete Mathematical Sciences & Cryptography, vol. 10, no. 1, pp. 1-7, 2007.
[74] C. H. Lin, C. Y. Lee and D. J. Chen, "Modified automous key management scheme with reduced communication/computation costs in MANET," Computing and Informatics, vol. 30, pp. 1167-1180, 2011.
[75] E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer, 1993.
[76] C. H. Lin, C. Y. Lee, S. Y. Lu and S. P. Chien, "Unseen Visible Watermarking for Gray Level Images Based on Gamma Correction," in Proceedings of International Conference on Future-Generation Communication and Networking (FGCN), CCIS 265, 2011.
[77] C. H. Lin, C. Y. Lee, T. C. Yang and S. P. Lai, "Visible Watermarking Based on Multi-parameters Adjustable Gamma Correction," in Proceedings of International Conference on Future-Generation Communication and Networking (FGCN), CCIS 265, 2011.