# Hash Algorithms 2015

 Hash Algorithms 2015

Hashing algorithms are used extensively in information security and forensics.  Research focuses on new methods and techniques to optimize security.  The articles cited here cover topics such as Secure Hash Algorithm (SHA)-1 and SHA-3, one time password generation, Keccac and Mceliece algorithms, and Bloom filters.  All were presented in 2015.

Aggarwal, K.; Verma, H.K., "Hash_RC6 — Variable Length Hash Algorithm using RC6," in Computer Engineering and Applications (ICACEA), 2015 International Conference on Advances in, pp. 450-456, 19-20 March 2015.

doi: 10.1109/ICACEA.2015.7164747

Abstract: In this paper, we present a hash algorithm using RC6 that can generate hash value of variable length. Hash algorithms play major part in cryptographic security as these algorithms are used to check the integrity of the received message. It is possible to generate hash algorithm using symmetric block cipher. The main idea behind this is that if the symmetric block algorithm is secure then the generated hash function will also be secure [1]. As RC6 is secure against various linear and differential attacks algorithm presented here will also be secure against these attack. The algorithm presented here can have variable number of rounds to generate hash value. It can also have variable block size.

Keywords: cryptography; Hash_RC6 - variable length hash algorithm; cryptographic security; differential attacks algorithm; generated hash function; linear attack algorithm; received message; symmetric block algorithm; symmetric block cipher; Ciphers; Computers; Encryption; Receivers; Registers; Throughput; Access Control; Asymmetric Encryption; Authentication; Confidentiality; Cryptography; Data Integrity; Hash; Non-Repudiation; RC6; Symmetric Encryption (ID#: 15-8647)

Pandiaraja, P.; Parasuraman, S., "Applying Secure Authentication Scheme to Protect DNS from Rebinding Attack Using Proxy," in Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on, pp. 1-6, 19-20 March 2015. doi: 10.1109/ICCPCT.2015.7159255

Abstract: Internet is critical to both the economy and society in today's world. Domain Name System (DNS) is a key building block of the internet and the DNS hides all technical infrastructures, software and hardware required for the domain name system to function correctly. It allows users to access websites and exchange emails. It runs a strong mechanism to provide the IP address of the internet host name. An attacker can launch rebinding attack when the DNS server sends a query to any particular server on the network. Different types of techniques have been proposed to prevent this attack that all have some pros and also cones. A new technique is proposed in this paper by using security proxy with a hash function. Rebinding attack can be avoided by using this technique. It provides a secured environment for the DNS to communicate with other DNS. While the source DNS are receiving response from any DNS it will authenticate of all the receiving packets and then sends the data to the client. It gives a secure environment for DNS communication. For this purpose 2 different algorithms are used, namely SHA-2 and AES algorithms. First a random ID will be given to the query and then the query is sent to the DNS server.

Keywords: Internet; authorisation; computer network security; cryptography; AES algorithms; DNS communication; DNS server; IP address; Internet host name; SHA-2; Websites; domain name system; emails; hash function; random ID; rebinding attack; secure authentication scheme; security proxy; Computer crime; Cryptography; Electronic mail; IP networks; Receivers; Servers; Advanced Encryption Standard; Proxy; Rebinding attack; Secure Hash algorithm (ID#: 15-8648)

Dakhore, S.; Lohiya, P., "Location Aware Selective Unlocking &amp; Secure Verification Safer Card Forenhancing RFID Security by Using SHA-3," in Advances in Computing and Communication Engineering (ICACCE), 2015 Second International Conference on, pp. 477-482, 1-2 May 2015. doi: 10.1109/ICACCE.2015.65

Abstract: In This Paper, we report a new approach for providing security as well as privacy to the corporate user. With the help of locations sensing mechanism by using GPS we can avoid the un-authorized reading & relay attacks on RFID system. For example, location sensing mechanism with RFID card is used for location specific application such as ATM cash transfer van for open the door of van. So after reaching the pre-specified location (ATM) the RFID card is active & then it accepts the fingerprint of the registered person only. In this way we get a stronger cross layer security. SHA-3 algorithm is used to avoid the collision (due to fraud fingerprint) effect on server side.

Keywords: Global Positioning System; banking; cryptography; fingerprint identification; mobility management (mobile radio);radiofrequency identification; relay networks (telecommunication); smart cards; telecommunication security; ATM cash transfer van; GPS; Global Positioning System; RFID card; RFID security; RFID system;SHA-3 algorithm; Secure Hash Algorithm 3;cross layer security; fingerprint; location aware selective unlocking; location sensing mechanism; location specific application; relay attacks; secure verification; Fingerprint recognition; Global Positioning System; Privacy; Radiofrequency identification; Relays; Security; Servers; Java Development kit (JDK); Location Aware Selective unlocking; RFID; Secure Hash Algorithm (ID#: 15-8649)

Ragini, K.; Sivasankar, S., "Security and Performance Analysis of Identity Based Schemes in Sensor Networks," in Innovations in Information, Embedded and Communication Systems (ICIIECS), 2015 International Conference on, pp. 1-5, 19-20 March 2015. doi: 10.1109/ICIIECS.2015.7192881

Abstract: Security and efficient data transmission without any hurdles caused by external Attackers is an issue in sensor networks. This paper deals with the provision of an assured efficient data transmission in the sensor networks. To ensure this requirement Hash based Message Authentication Code (HMAC) and Message Digest (MD) is envisaged by employing identity based digital signature scheme (IBS). Identity based scheme is an encryption scheme that generates an operation of developing secret code with secret key that protects the data during transmission without any cryptanalysis. To achieve the above requisite the modalities used in HMAC and MD5 which simulates the functional efficiency &security of data transmission in sensor networks.

Keywords: data communication; data protection; digital signatures; private key cryptography; telecommunication security; wireless sensor networks; HMAC; IBS; MD; data protection; data transmission security; hash based message authentication code ;identity based digital signature scheme; message digest; secret key encryption scheme; wireless sensor network security; Authentication; Cryptography; Data communication; Message authentication; Wireless sensor networks; HMAC; Hash algorithm; IBS; MD5; Security (ID#: 15-8650)

Fuss, J.; Gradinger, S.; Greslehner-Nimmervoll, B.; Kolmhofer, R., "Complexity Estimates of a SHA-1 Near-Collision Attack for GPU and FPGA," in Availability, Reliability and Security (ARES), 2015 10th International Conference on, pp. 274-280, 24-27 Aug. 2015. doi: 10.1109/ARES.2015.34

Abstract: The complexity estimate of a hash collision algorithm is given by the unit hash compressions. This paper shows that this figure can lead to false runtime estimates when accelerating the algorithm by the use of graphics processing units (GPU) and field-programmable gate arrays (FPGA). For demonstration, parts of the CPU reference implementation of Marc Stevens' SHA-1 Near-Collision Attack are implemented on these two accelerators by taking advantage of their specific architectures. The implementation, runtime behavior and performance of these ported algorithms are discussed, and in conclusion, it is shown that the acceleration results in different complexity estimates for each type of coprocessor.

Keywords: coprocessors; field programmable gate arrays; graphics processing units; FPGA; GPU; complexity estimation; coprocessor; field programmable gate arrays; graphics processing units; hash collision algorithm; unit hash compressions; Complexity theory; Field programmable gate arrays; Graphics processing units; Instruction sets; Kernel; Message systems; Throughput; FPGA; GPU; SHA-1; hash collisions; hash function; near-collision (ID#: 15-8651)

Kumar, A.; Arora, V., "Analyzing the Performance and Security by using SHA3 in WEP," in Engineering and Technology (ICETECH), 2015 IEEE International Conference on, pp. 1-4, 20-20 March 2015. doi: 10.1109/ICETECH.2015.7275026

Abstract: This paper deals with the problems arising in WEP and how we can improve it by using SHA3 in WEP. First part of the paper basically focuses on WLAN, WEP, Encryption and decryption in WEP, Weaknesses of WEP. Second part explains SHA3 (Secure Hash Algorithm-3) and its comparison with earlier versions. Practical work of Paper focuses on performance improvement in WEP by replacing CRC-32 with SHA3, by using perimeters like Packet Delivery Fraction, and End to End Delay.

Keywords: cryptography; telecommunication security; SHA3; WEP; end to end delay; packet delivery fraction; secure hash algorithm-3; Communication system security; Conferences; Delays; Encryption; Protocols; Wireless LAN; CRC-32; SHA1; SHA3; WEP; WLAN (ID#: 15-8652)

Yi Wang; Youhua Shi; Chao Wang; Yajun Ha, "FPGA-based SHA-3 Acceleration on a 32-bit Processor via Instruction Set Extension," in Electron Devices and Solid-State Circuits (EDSSC), 2015 IEEE International Conference on, pp. 305-308, 1-4 June 2015. doi: 10.1109/EDSSC.2015.7285111

Abstract: As embedded systems play more and more important roles Internet of Things (IoT), the integration of cryptographic functionalities is an urgent demand to ensure data and information security. Recently, Keccak was declared as the winner of the third generation of Secure Hashing Algorithm (SHA-3). However, implementing SHA-3 on a specific 32-bit processor failed to meet the performance requirement. On the other hand, implementing it as a cryptographic coprocessor consumes a lot of extra area and requires a customized driver program. Although implementing Keccak on a 64-bit platform is more efficient, this platform is not suitable for embedded implementation. In this paper, we propose a novel SHA-3 implementation using instruction set extension based on a 32-bit LEON3 processor (an open source processor), with the goals of reducing execution cycles and code size. Experimental results show that the proposed design reduces around 87% execution cycles and 10.5% code size as compared to reference designs. Our design takes up only 9.44% extra area with negligible speed overhead compared to the standard LEON3 processor. Compared to the existing hardware accelerators, our proposed design occupies only half of area resources and does not require extra driver programs to be developed when integrated into the overall system.

Keywords: coprocessors; cryptography; embedded systems; field programmable gate arrays; instruction sets;32-bit LEON3 processor; 64-bit platform; FPGA-based SHA-3 acceleration; Internet of things; IoT; KECCAK; code size; cryptographic coprocessor; cryptographic functionalities; data security; embedded implementation; embedded systems; execution cycles; information security; instruction set extension; open source processor; secure hashing algorithm; speed overhead; Acceleration; Algorithm design and analysis; Cryptography; Field programmable gate arrays; Hardware; Registers; Throughput (ID#: 15-8653)

Vinayaga Sundaram, B.; Ramnath, M.; Prasanth, M.; Varsha Sundaram, J., "Encryption and Hash Based Security in Internet of Things," in Signal Processing, Communication and Networking (ICSCN), 2015 3rd International Conference on, pp. 1-6, 26-28 March 2015. doi: 10.1109/ICSCN.2015.7219926

Abstract: The Internet of Things (IoT) promises to be the next big revolution of the World Wide Web. It has a very wide range of applications, ranging from smart cities, smart homes, monitoring radiation levels in nuclear plants, animal tracking, health surveillance and a lot more. When nodes in wireless sensor networks are monitored through internet it becomes a part of Internet of Things. This brings in a lot of concerns related to security, privacy, standardization, power management. This paper aims at enhancing security in smart home systems. Devices like thermostat, air conditioners, doors and lighting systems are connected with each other and the internet through the internet of things technologies. Encryption and hash algorithms are proposed in this paper through which devices in the IoT can securely send messages between them. Encryption algorithm is used to ensure confidentiality as the attackers cannot interpret the cipher text that is sent. In order to ensure integrity (cipher text is not changed) hash algorithm is used.

Keywords: Internet; Internet of Things; Web sites; computer network security; cryptography; data integrity; home automation; telecommunication power management; wireless sensor networks; Internet; Internet of Things; World Wide Web; animal tracking; encryption; hash based security; health surveillance; loT; nuclear plant radiation level monitoring; power management; smart city; smart home system security enhancement; wireless sensor network; Cryptography; Monitoring; Prediction algorithms; Internet of Things; Security; Smart Homes; ireless Sensor Networks (ID#: 15-8654)

Mozaffari-Kermani, M.; Azarderakhsh, R., "Reliable Hash Trees for Post-Quantum Stateless Cryptographic Hash-Based Signatures," in Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS), 2015 IEEE International Symposium on, pp. 103-108, 12-14 Oct. 2015. doi: 10.1109/DFT.2015.7315144

Abstract: The potential advent of quantum computers in coming years has motivated security researchers to start developing resistant systems capable of thwarting future attacks, i.e., developing post-quantum cryptographic approaches. Hash-based, code-based, lattice-based, multivariate-quadratic-equations, and secret-key cryptography are all potential candidates, the merit of which is that they are believed to resist both classical and quantum computers and applying “Shor's algorithm”-the quantum-computer discrete-logarithm algorithm that breaks classical schemes-to them is infeasible. In this paper, we propose reliable and error detection hash trees for stateless hash-based signatures which are believed to be one of the prominent post-quantum schemes, offering security proofs relative to plausible properties of the hash function. We note that this work on the emerging area of reliable, error detection post-quantum cryptography, can be extended and scaled to other approaches as well. We also note that the proposed approaches make such schemes more reliable against natural faults and help protecting them against malicious faults. We propose, benchmark, and discuss fault diagnosis methods for this post-quantum cryptography variant choosing a case study for hash functions, and present the simulations and implementations results to show the applicability of the presented schemes. The presented architectures can be tailored for different reliability objectives based on the resources available, and would initiate the new research area of reliable, error detection postquantum cryptographic architectures.

Keywords: error detection; fault diagnosis; private key cryptography; Shor algorithm; code-based cryptography; error detection post-quantum cryptographic architecture; fault diagnosis methods; hash function; lattice-based cryptography; multivariate-quadratic-equation; post-quantum stateless cryptographic hash-based signature; quantum-computer discrete-logarithm algorithm; reliable hash tree; secret-key cryptography; Computer architecture; Cryptography; Hardware; Reliability; Transient analysis; Vegetation; Error detection; hash-based signatures; postquantum cryptography; reliability (ID#: 15-8655)

Aldwairi, M.; Al-Khamaiseh, K., "Exhaust: Optimizing Wu-Manber Pattern Matching For Intrusion Detection using Bloom filters," in Web Applications and Networking (WSWAN), 2015 2nd World Symposium on, pp. 1-6, 21-23 March 2015. doi: 10.1109/WSWAN.2015.7209081

Abstract: Intrusion detection systems are widely accepted as one of the main tools for monitoring and analyzing host and network traffic to protect data from illegal access or modification. Almost all types of signature-based intrusion detection systems must employ a pattern matching algorithm to inspect packets for malicious signatures. Unfortunately, pattern matching algorithms dominate the execution time and have become the bottleneck. To remedy that, we introduce a new software-based pattern matching algorithm that modifies Wu-Manber pattern matching algorithm using Bloom filters. The Bloom filter acts as an exclusion filter to reduce the number of searches to the large HASH table. The HASH table is accessed if there is a probable match represented by a shift value of zero. On average the HASH table search is skipped 10.6% of the time with a worst case average running time speedup over Wu-Manber of 33%. The maximum overhead incurred on preprocessing time is 1.1% and the worst case increase in memory usage was limited to 0.33%.

Keywords: data structures; digital signatures; search problems; security of data; Bloom filters; HASH table search; Wu-Manber pattern matching; data protection; exclusion filter; execution time; host traffic; network traffic; signature-based intrusion detection systems; Classification algorithms; Filtering algorithms; Filtering theory; Intrusion detection; Matched filters; Pattern matching; Payloads; Bloom Filters; Intrusion Detection Systems; Network Security; Pattern Matching; Wu-Manber (ID#: 15-8656)

Harikrishnan, T.; Babu, C., "Cryptanalysis of Hummingbird Algorithm with Improved Security and Throughput," in VLSI Systems, Architecture, Technology and Applications (VLSI-SATA), 2015 International Conference on, pp. 1-6, 8-10 Jan. 2015. doi: 10.1109/VLSI-SATA.2015.7050460

Abstract: Hummingbird is a Lightweight Authenticated Cryptographic Encryption Algorithm. This light weight cryptographic algorithm is suitable for resource constrained devices like RFID tags, Smart cards and wireless sensors. The key issue of designing this cryptographic algorithm is to deal with the trade off among security, cost and performance and find an optimal cost-performance ratio. This paper is an attempt to find out an efficient hardware implementation of Hummingbird Cryptographic algorithm to get improved security and improved throughput by adding Hash functions. In this paper, we have implemented an encryption and decryption core in Spartan 3E and have compared the results with the existing lightweight cryptographic algorithms. The experimental result shows that this algorithm has higher security and throughput with improved area than the existing algorithms.

Keywords: cryptography; telecommunication security; Hash functions; RFID tags; Spartan 3E; decryption core; hummingbird algorithm cryptanalysis; hummingbird cryptographic algorithm; lightweight authenticated cryptographic encryption algorithm; optimal cost-performance ratio; resource constrained devices; security; smart cards; wireless sensors; Authentication; Ciphers; Logic gates; Protocols; Radiofrequency identification; FPGA Implementation; Lightweight Cryptography; Mutual authentication protocol; Security analysis (ID#: 15-8657)

Rao, Muzaffar; Newe, Thomas; Grout, Ian; Lewis, Elfed; Mathur, Avijit, "FPGA Based Reconfigurable IPSec AH Core Suitable for IoT Applications," in Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing (CIT/IUCC/DASC/PICOM), 2015 IEEE International Conference on, pp. 2212-2216, 26-28 Oct. 2015. doi: 10.1109/CIT/IUCC/DASC/PICOM.2015.327

Abstract: Real-world deployments of Internet of Things (IoTs) applications require secure communication. The IPSec (Internet Protocol Security) is an important and widely used security protocol (in the IP layer) to provide end to end secure communication. Implementation of the IPSec is a computing intensive work, which significantly limits the performance of the high speed networks. To overcome this issue, hardware implementation of IPSec is a best solution. IPSec includes two main protocols namely, Authentication Header (AH) and Encapsulating Security Payload (ESP) with two modes of operations, transport mode and tunnel mode. In this work we presented an FPGA implementation of IPSec AH protocol. This implementation supports both, tunnel and transport mode of operation. Cryptographic hash function called Secure Hash Algorithm -- 3 (SHA-3) is used to calculate hash value for AH protocol. The proposed IPSec AH core can be used to provide data authentication security service to IoT applications.

Keywords: Authentication; Cryptography Field programmable gate arrays; IP networks; Internet; Protocols; AH; FPGA; IPSec; SHA-3 (ID#: 15-8658)

Patil, M.A.; Karule, P.T., "Design and Implementation of Keccak Hash Function for Cryptography," in Communications and Signal Processing (ICCSP), 2015 International Conference on, pp. 0875-0878, 2-4 April 2015. doi: 10.1109/ICCSP.2015.7322620

Abstract: Security has become a very demanding parameter in today's world of speed communication. It plays an important role in the network and communication fields where cryptographic processes are involved. These processes involve hash function generation which is a one-way encryption code used for security of data. The main examples include digital signatures, MAC (message authentication codes) and in smart cards. Keccak, the SHA-3 (secure hash algorithm) has been discussed in this paper which consists of padding and permutation module. This is a one way encryption process. High level of parallelism is exhibited by this algorithm. This has been implemented on FPGA. The implementation process is very fast and effective. The algorithm aims at increasing the throughput and reducing the area.

Keywords: cryptography; digital signatures; field programmable gate arrays; smart cards; telecommunication security; FPGA; Keccak Hash function implementation;MAC;SHA-3;cryptographic process; cryptography; data security; digital signature; message authentication code; one-way encryption code; smart card; Algorithm design and analysis; Cryptography; Hardware; Registers; Software; Cryptography; FPGA; encryption; hash function; permutation; security (ID#: 15-8659)

Guifen Zhao; Ying Li; Liping Du; Xin Zhao, "Asynchronous Challenge-Response Authentication Solution Based on Smart Card in Cloud Environment," in Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, pp. 156-159, 24-26 April 2015. doi: 10.1109/ICISCE.2015.42

Abstract: In order to achieve secure authentication, an asynchronous challenge-response authentication solution is proposed. SD key, encryption cards or encryption machine provide encryption service. Hash function, symmetric algorithm and combined secret key method are adopted while authenticating. The authentication security is guaranteed due to the properties of hash function, combined secret key method and one-time authentication token generation method. Generate random numbers, one-time combined secret key and one-time token on the basis of smart card, encryption cards and cryptographic technique, which can avoid guessing attack. Moreover, the replay attack is avoided because of the time factor. The authentication solution is applicable for cloud application systems to realize multi-factor authentication and enhance the security of authentication.

Keywords: cloud computing; message authentication; private key cryptography; smart cards; SD key; asynchronous challenge-response authentication solution; authentication security; cloud application systems; combined secret key method; cryptographic technique; encryption cards; encryption machine; encryption service; hash function; multifactor authentication; one-time authentication token generation method; one-time combined secret key; random number generation; replay attack; smart card; symmetric algorithm; time factor; Authentication; Encryption; Servers; Smart cards; Time factors; One-time password; asynchronous challenge-response authentication; multi-factor authentication; smart card (ID#: 15-8660)

Amin, R.; Biswas, G.P., "Anonymity Preserving Secure Hash Function Based Authentication Scheme for Consumer USB Mass Storage Device," in Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on, pp. 1-6, 7-8 Feb. 2015

doi: 10.1109/C3IT.2015.7060190

Abstract: A USB (Universal Serial Bus) mass storage device, which makes a (USB) device accessible to a host computing device and enables file transfers after completing mutual authentication between the authentication server and the user. It is also very popular device because of it's portability, large storage capacity and high transmission speed. To protect the privacy of a file transferred to a storage device, several security protocols have been proposed but none of them is completely free from security weaknesses. Recently He et al. proposed a multi-factor based security protocol which is efficient but the protocol is not applicable for practical implementation, as they does not provide password change procedure which is an essential phase in any password based user authentication and key agreement protocol. As the computation and implementation of the cryptographic one-way hash function is more trouble-free than other existing cryptographic algorithms, we proposed a light weight and anonymity preserving three factor user authentication and key agreement protocol for consumer mass storage devices and analyzes our proposed protocol using BAN logic. Furthermore, we have presented informal security analysis of the proposed protocol and confirmed that the protocol is completely free from security weaknesses and applicable for practical implementation.

Keywords: cryptographic protocols; file organisation; BAN logic; USB device; anonymity preserving secure hash function based authentication scheme; anonymity preserving three factor user authentication; authentication server; consumer USB mass storage device; consumer mass storage devices; cryptographic algorithms; cryptographic one-way hash function; file transfers; host computing device; informal security analysis; key agreement protocol; multifactor based security protocols; password based user authentication; password change procedure; storage capacity; universal serial bus mass storage device; Authentication; Cryptography; Protocols; Servers; Smart cards; Universal Serial Bus; Anonymity; Attack; File Secrecy; USB MSD; authentication (ID#: 15-8661)

Dubey, Gaurav; Khurana, Vikram; Sachdeva, Shelly, "Implementing Security Technique on Generic Database," in Contemporary Computing (IC3), 2015 Eighth International Conference on, pp.370-376, 20-22 Aug. 2015. doi: 10.1109/IC3.2015.7346709

Abstract: Database maintenance has become an important issue in today's world. Addition or alteration of any field to an existing database schema cost high to a corporation. Whenever new data types are introduced or existing types are modified in a conventional relational database system, the physical design of the database must be changed accordingly. For this reason, it is desirable that a database should be flexible and allow for modification and addition of new types of data without having to change the physical database schema. The generic model is designed to allow a wide variety of data to be accommodated in a general purpose set of data structures. This generic mechanism for data storage has been used in various information systems such as banking, defense, e-commerce and especially healthcare domain. But, addressing security on generic databases is a challenging task. To the best of our knowledge, applying security on generic database has not been addressed yet. Various cryptographic security techniques, such as hashing algorithms, public and private key algorithms, have already been applied on a database. In this paper, we are proposing an extra layer of security to the existing databases, through Negative Database technique. The advantages of the negative database approach on generic database has been demonstrated and emphasized. Correspondingly, the complexity of the proposed algorithm has been computed.

Keywords: Data models; Databases; Diseases; Encryption; Database security; Generic Database; Information Security; Negative Database; Privacy; Security (ID#: 15-8662)

Xiaojing An; Haipeng Jia; Yunquan Zhang, "Optimized Password Recovery for Encrypted RAR on GPUs," in High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, pp. 591-598, 24-26 Aug. 2015. doi: 10.1109/HPCC-CSS-ICESS.2015.270

Abstract: Files are often compressed for efficiency. RAR is a common archive file format that supports data compression, error recovery and file spanning. RAR uses classic symmetric encryption algorithm SHA-1 hashing and AES algorithm for encryption. These two algorithms cannot be cracked, so the only method of password recovery is brute force, which is very time-consuming. In this paper, we present an approach using GPUs to speed up the password recovery process. However, because the major calculation and time-consuming part, SHA-1 hashing, is hard to be parallelized, so this paper adopts coarse granularity parallel. That is, one GPU thread is responsible for the validation of one password. We mainly use four optimization methods to optimize this parallel version: asynchronous parallel between CPU and GPU, redundant calculations and conditional statements reduction, data locality by using LDS, and the usage of registers optimization. Experiment result shows that the final version reaches 43~57 times speedup on an AMD FirePro W8000 GPU, compared to a well-optimized serial version on Intel Core i5 CPU. Meanwhile, linear performance acceleration is achieved when using multi-GPUs.

Keywords: cryptography; data compression; data reduction; file organisation; graphics processing units; multi-threading; AES algorithm; AMD FirePro W8000 GPU;CPU;GPU thread; Intel Core; LDS; SHA-1 hashing; asynchronous parallel; classic symmetric encryption algorithm; coarse granularity parallel; conditional statement reduction; data compression; data locality; encrypted RAR; error recovery; file compression; file spanning; linear performance acceleration; optimized password recovery; password recovery method; password recovery process; password validation; register optimization; Algorithm design and analysis; Encryption; Force; Graphics processing units; Optimization; Registers; GPGPU; OpenCL; RAR password recovery; performance optimization (ID#: 15-8663)

Thomas, M.; Panchami, V., "An Encryption Protocol for End-To-End Secure Transmission of SMS," in Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on, pp. 1-6, 19-20 March 2015. doi: 10.1109/ICCPCT.2015.7159471

Abstract: Short Message Service (SMS) is a process of transmission of short messages over the network. SMS is used in daily life applications including mobile commerce, mobile banking, and so on. It is a robust communication channel to transmit information. SMS pursue a store and forward way of transmitting messages. The private information like passwords, account number, passport number, and license number are also send through message. The traditional messaging service does not provide security to the message since the information contained in the SMS transmits as plain text from one mobile phone to other. This paper explains an efficient encryption protocol for securely transmitting the confidential SMS from one mobile user to other which serves the cryptographic goals like confidentiality, authentication and integrity to the messages. The Blowfish encryption algorithm gives confidentiality to the message, the EasySMS protocol is used to gain authentication and MD5 hashing algorithm helps to achieve integrity of the messages. Blowfish algorithm utilizes only less battery power when compared to other encryption algorithms. The protocol prevents various attacks, including SMS disclosure, replay attack, man-in-the middle attack and over the air modification.

Keywords: cryptographic protocols; data integrity; data privacy; electronic messaging; message authentication; mobile radio; Blowfish encryption algorithm; SMS disclosure; encryption protocol; end-to-end secure transmission; man-in-the middle attack; message authentication; message confidentiality; message integrity; mobile phone; over the air modification; replay attack; short message service; Authentication; Encryption; Mobile communication; Protocols; Throughput; Asymmetric Encryption; Cryptography; Encryption; Secure Transmission; Symmetric Encryption (ID#: 15-8664)

Wahab, Hala B.Abdul; Mohammed, Mohanad A., "Improvement A5/1 Encryption Algorithm Based on Sponge Techniques," in Information Technology and Computer Applications Congress (WCITCA), 2015 World Congress on, pp. 1-5, 11-13 June 2015. doi: 10.1109/WCITCA.2015.7367031

Abstract: A5/1 stream cipher is used in Global System for Mobile Communications (GSM) in order to provide privacy on air communication. In this paper introduce new improvements to the A5/1 stream cipher based on using new technology concepts called sponge function. Sponge functions that represent in this paper constructed based on combine between the advantage of stream cipher and hash concepts. New S-box generation is proposed to provide the dynamic features to the sponge technology in order solve the weakness that appear in majority function that used in A5/1 stream cipher by provide dynamic behavior in number of registers and transformation. According the experimental results and the compassion between the A5/1 and the proposed improvement shown the proposed algorithm will increase the randomness features for the A5/l algorithm. The output bit-stream generated by the proposed stream cipher has improved the randomness performance and provide more security to the GSM security algorithm.

Keywords: Ciphers; Encryption; GSM; Heuristic algorithms; Mobile communication; Registers; A5/1; GSM; randomness; s-box; sponge; stream cipher (ID#: 15-8665)

Mathe, S.E.; Boppana, L.; Kodali, R.K., "Implementation of Elliptic Curve Digital Signature Algorithm on an IRIS mote using SHA-512," in Industrial Instrumentation and Control (ICIC), 2015 International Conference on, pp. 445-449, 28-30 May 2015. doi: 10.1109/IIC.2015.7150783

Abstract: Wireless Sensor Networks (WSN) are spatially distributed nodes monitoring physical or environmental conditions such as temperature, pressure, sound, light etc using sensors. The sensed data is cooperatively passed through a series of nodes in a network to a main base-station (BS) where it is analysed by the user. The data is communicated over a wireless channel between the nodes and since wireless channel has minimum security, the data has to communicated in a secure manner. Different encryption techniques can be applied to transmit the data securely. This work provides an efficient implementation of Elliptic Curve Digital Signature Algorithm (ECDSA) using SHA-512 algorithm on an IRIS mote. The ECDSA does not actually encrypt the data but provides a means to check the integrity of the received data. If the received data has been modified by an attacker, the ECDSA detects it and signals to the transmitter for retransmission. The SHA-512 algorithm is the hash algorithm used in the ECDSA and is implemented for an 8-bit architecture. The SHA-512 algorithm is chosen as it provides better security than its predecessors.

Keywords: digital signatures; public key cryptography; radio transmitters; telecommunication security; wireless channels; wireless sensor networks; IRIS mote;SHA-512 algorithm; WSN; elliptic curve digital signature algorithm; encryption techniques; main base station; minimum security; received data; retransmission transmitter; wireless channel; wireless sensor networks; word length 8 bit; Algorithm design and analysis; Elliptic curve cryptography; Elliptic curves; Wireless sensor networks; ECDSA; IRIS mote; SHA-512; WSN (ID#: 15-8666)

Zhenjiu Xiao; Yongbin Wang; Zhengtao Jiang, "Research and Implementation of Four-Prime RSA Digital Signature Algorithm," in Computer and Information Science (ICIS), 2015 IEEE/ACIS 14th International Conference on, pp. 545-549, June 28 2015-July 1 2015. doi: 10.1109/ICIS.2015.7166652

Abstract: Big module RSA signature algorithm is very popular these years. We try to improve it and get more operation efficiency. We proposed a four-prime Chinese Remainder Theorem (CRT)-RSA digital signature algorithm in this paper. We used the Hash function SHA512 to make message digest. We optimized large number modular exponentiation with CRT combining in Montgomery algorithm. Our experiment shows that our method got good performance. The security analysis shows higher signature efficiency on resistance of common attacks.

Keywords: digital signatures; public key cryptography; CRT; Chinese remainder theorem; Montgomery algorithm; big module RSA signature algorithm; four-prime RSA digital signature algorithm; modular exponentiation; security analysis; Algorithm design and analysis; Digital signatures; Encryption; Public key cryptography; Chinese remainder theorem; Digital signature; Four prime; Hash function; Montgomery algorithm; RSA encryption algorithm (ID#: 15-8667)

Rahman, L., "Detecting MITM Based on Challenge Request Protocol," in Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual, vol. 3, pp. 625-626, 1-5 July 2015. doi: 10.1109/COMPSAC.2015.135

Abstract: There are various issues on current wireless network technology. MITM (Man-In-The-Middle) attack is generally done by spoofing between network access point and clients. MITM attacked is hard to be aware by the client. In this paper, we propose an algorithm, SALT-HASH, to detect MITM attack without necessity of certifications.

Keywords: computer network security; protocols; radio networks; MITM attack; MITM detection; SALT-HASH; challenge request protocol; man-in-the-middle; network access point; spoofing; wireless network technology; Authentication; Certification; Computers; Protocols; Usability; Wireless networks; Challenge request; MITM; SALT (ID#: 15-8668)

Ahmad, M.; Pervez, Z.; Byeong Ho Kang; Sungyoung Lee, "O-Bin: Oblivious Binning for Encrypted Data over Cloud," in Advanced Information Networking and Applications (AINA), 2015 IEEE 29th International Conference on, pp. 352-357, 24-27 March 2015. doi: 10.1109/AINA.2015.206

Abstract: In recent years, the data growth rate has been observed growing at a staggering rate. Considering data search as a primitive operation and to optimize this process on large volume of data, various solution have been evolved over a period of time. Other than finding the precise similarity, these algorithms aim to find the approximate similarities and arrange them into bins. Locality sensitive hashing (LSH) is one such algorithm that discovers probable similarities prior calculating the exact similarity thus enhance the overall search process in high dimensional search space. Realizing same strategy for encrypted data and that too in public cloud introduces few challenges to be resolved before probable similarity discovery. To address these issues and to formalize a similar strategy like LSH, in this paper we have formalized a technique O-Bin that is designed to work over encrypted data in cloud. By exploiting existing cryptographic primitives, O-Bin preserves the data privacy during the similarity discovery for the binning process. Our experimental evaluation for O-Bin produces results similar to LSH for encrypted data.

Keywords: cloud computing; cryptography; data privacy; information retrieval; LSH; O-Bin; approximate similarities; cryptographic primitives; data growth rate; data privacy; data search; encrypted data; high dimensional search space; locality sensitive hashing; oblivious binning process; probable similarity discovery; public cloud; search process; Cloud computing; Data privacy; Encryption; Outsourcing; Servers; Binning; Cloud; Security and Privacy; Similarity discovery (ID#: 15-8669)

Grawinkel, M.; Mardaus, M.; Suess, T.; Brinkmann, A., "Evaluation of a Hash-Compress-Encrypt Pipeline for Storage System Applications," in Networking, Architecture and Storage (NAS), 2015 IEEE International Conference on, pp. 355-356, 6-7 Aug. 2015. doi: 10.1109/NAS.2015.7255216

Abstract: Great efforts are made to store data in a secure, reliable, and authentic way in large storage systems. Specialized, system specific clients help to achieve these goals. Nevertheless, often standard tools for hashing, compressing, and encrypting data are arranged in transparent pipelines. We analyze the potential of Unix shell pipelines with several high-speed and high-compression algorithms that can be used to achieve data security, reduction, and authenticity. Furthermore, we compare the pipelines of standard tools against a house made pipeline implemented in C++ and show that there is great potential for performance improvement.

Keywords: C++ language; cryptography; data reduction; file organisation; pipeline processing; C++;Unix shell pipelines; data authenticity; data reduction; data security; hash-compress-encrypt pipeline evaluation; high-compression algorithms; high-speed algorithms; performance improvement; standard tools; storage system applications; transparent pipelines; Cryptography; Data processing; Hardware; Pipelines; Reliability; Standards; Throughput (ID#: 15-8670)

Kharod, Seema; Sharma, Nidhi; Sharma, Alok, "An Improved Hashing Based Password Security Scheme Using Salting and Differential Masking," in Reliability, Infocom Technologies and Optimization (ICRITO) (Trends and Future Directions), 2015 4th International Conference on, pp. 1-5, 2-4 Sept. 2015

doi: 10.1109/ICRITO.2015.7359225

Abstract: In this era of digitization, the foremost requirement is information security which is normally secured by some authentication process. Password security is a major issue for any authenticating process and different researches in past have proposed different techniques like hashing, salting, honeywords to make the process most secured. Here, we propose a new technique which involves hashing, then salting and a crash list generation formed by differential masking process. The crash list for any user is stored in the password file. Any security breach with the password file can lead to login attempts by hacker using one of these passwords from the list. An attempt to log in using any of these crash list words raises an alarm for the application and the application can block that user or address. This process performs a unique hashing algorithm with very low time complexity as most of the steps involved simple binary operations.

Keywords: Authentication; Computer crashes; Computer crime; Databases; Force; Time complexity; Login; authentication; crash list; differential masking; hashing; password security; salting (ID#: 15-8671)

Chankasame, W.; Wimol San-Um, "A Chaos-Based Keyed Hash Function for Secure Protocol and Messege Authentication in Mobile Ad Hoc Wireless Networks," in Science and Information Conference (SAI), 2015, pp. 1357-1364, 28-30 July 2015. doi: 10.1109/SAI.2015.7237319

Abstract: The design of communication protocols in the Mobile Ad hoc Networks (MANET) is challenging due to limited wireless transmission ranges of node mobility, limited power resources, and limited physical security. The advantages of MANET include simple and fast deployment, robustness, adaptive and self-organizing networks. Nonetheless, routing protocols are important operations for communication among wireless devices. Assuring secure routing protocols is challenging since MANET wireless networks are highly vulnerable to security attacks. Most traditional routing protocols and message authentication designs do not address security, and are mainly based on a mutual trust relationship among nodes. This paper therefore proposes a new chaos-based keyed hash function that can be used for communication protocols in MANET. The proposed chaotic map realizes an absolute-value nonlinearity, which offers robust chaos over wide parameter spaces, i.e. high degree of randomness through chaoticity measurements using Lyapunov exponent. The proposed keyed hash function structure is compact through the use of a single stage chaos-based topology. Hash function operations involve an initial stage when the chaotic map accepts input message and initial conditions, and a hashing stage where alterable-length hash values are generated iteratively. Hashing performances are evaluated in terms of original message condition changes, statistical analyses, and collision analyses. Results of hashing performances show that the mean changed probabilities are very close to 50%, and the mean changed bit number is also close to a half of hash value lengths. The proposed keyed hash function enhances the collision resistance, comparing to typical MD5 and SHA1, and is faster than other complicated chaos-based approaches.

Keywords: cryptographic protocols; mobile ad hoc networks; routing protocols; statistical analysis; telecommunication security; Lyapunov exponent; MANET; MANET wireless networks; chaos based keyed hash function; chaoticity measurements; collision analyses; communication protocols; keyed hash function structure; limited physical security; limited power resources; message authentication; mobile ad hoc networks; mobile ad hoc wireless networks; node mobility; routing protocols; secure protocol; secure routing protocols; security attacks; statistical analyses; wireless devices; wireless transmission; Algorithm design and analysis; Chaotic communication; Mobile ad hoc networks; Protocols; Security; Clustering; Coverage and connectivity; Mobility Management; Social networks; Topology control; synchronization (ID#: 15-8672)

Shimbre, N.; Deshpande, P., "Enhancing Distributed Data Storage Security for Cloud Computing Using TPA and AES Algorithm," in Computing Communication Control and Automation (ICCUBEA), 2015 International Conference on, pp. 35-39, 26-27 Feb. 2015. doi: 10.1109/ICCUBEA.2015.16

Abstract: Cloud computing model is very exciting model especially for business peoples. Many business peoples are getting attracted towards cloud computing model because of the features easy to manage, device independent, location independent. But this cloud models comes with many security issues. A business person keeps crucial information on cloud, so security of data is crucial issue as probability of hacking and unauthorised access is there. Also availability is a major concern on cloud. This paper, discusses the file distribution and SHA-1 technique. When file is distributed then data is also segregated into many servers. So here the need of data security arises. Every block of file contains its own hash code, using hash code which will enhance user authentication process, only authorized person can access the data. Here, the data is encrypted using advanced encryption standard, so data is successfully and securely stored on cloud. Third party auditor is used for public auditing. This paper discusses the handling of some security issues like Fast error localization, data integrity, data security. The proposed design allows users to audit the data with lightweight communication and computation cost. Analysis shows that proposed system is highly efficient against malicious data modification attack and server colluding attack. Performance and extensive security analysis shows that proposed systems are provably secure and highly efficient.

Keywords: business data processing; cloud computing; cryptography; data integrity; storage management; AES algorithm;SHA-1 technique; TPA algorithm; advanced encryption standard; business peoples; cloud computing model; data integrity; data security issues; distributed data storage security; fast error localization; file distribution technique; hacking; hash code; malicious data modification attack; public auditing; server colluding attack; third party auditor; unauthorised access; user authentication process; Cloud computing; Computational modeling; Encryption; Memory; Servers; CSP and TPA; Cloud security; Encryption; Hash code (ID#: 15-8673)

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.