NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 3
  • Tagged with
  • 3
  • 3
  • 2
  • 2
  • 2
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 3 of 3 (0.062 seconds)

Spelling suggestions: "subject:"distinguishing attack"" "subject:"distinguishing cuttack""

1

MAC Constructions: Security Bounds and Distinguishing Attacks

Mandal, Avradip 17 May 2007 (has links)
We provide a simple and improved security analysis of PMAC, a Parallelizable MAC (Message Authentication Code) defined over arbitrary messages. A similar kind of result was shown by Bellare, Pietrzak and Rogaway at Crypto 2005, where they have provided an improved bound for CBC (Cipher Block Chaining) MAC, which was introduced by Bellare, Killan and Rogaway at Crypto 1994. Our analysis idea is much more simpler to understand and is borrowed from the work by Nandi for proving Indistinguishability at Indocrypt 2005 and work by Bernstein. It shows that the advantage for any distinguishing attack for n-bit PMAC based on a random function is bounded by O(??q / 2^n), where ?? is the total number of blocks in all q queries made by the attacker. In the original paper by Black and Rogaway at Eurocrypt 2002 where PMAC was introduced, the bound is O(??^2 / 2^n). We also compute the collision probability of CBC MAC for suitably chosen messages. We show that the probability is ??( lq^2 / N) where l is the number of message blocks, N is the size of the domain and q is the total number of queries. For random oracles the probability is O(q^2 / N). This improved collision probability will help us to have an efficient distinguishing attack and MAC-forgery attack. We also show that the collision probability for PMAC is ??(q^2 / N) (strictly greater than the birthday bound). We have used a purely combinatorial approach to obtain this bound. Similar analysis can be made for other CBC MAC extensions like XCBC, TMAC and OMAC.
Cryptography
MAC
Security
Distinguishing Attack
2

MAC Constructions: Security Bounds and Distinguishing Attacks

Mandal, Avradip 17 May 2007 (has links)
We provide a simple and improved security analysis of PMAC, a Parallelizable MAC (Message Authentication Code) defined over arbitrary messages. A similar kind of result was shown by Bellare, Pietrzak and Rogaway at Crypto 2005, where they have provided an improved bound for CBC (Cipher Block Chaining) MAC, which was introduced by Bellare, Killan and Rogaway at Crypto 1994. Our analysis idea is much more simpler to understand and is borrowed from the work by Nandi for proving Indistinguishability at Indocrypt 2005 and work by Bernstein. It shows that the advantage for any distinguishing attack for n-bit PMAC based on a random function is bounded by O(σq / 2^n), where σ is the total number of blocks in all q queries made by the attacker. In the original paper by Black and Rogaway at Eurocrypt 2002 where PMAC was introduced, the bound is O(σ^2 / 2^n). We also compute the collision probability of CBC MAC for suitably chosen messages. We show that the probability is Ω( lq^2 / N) where l is the number of message blocks, N is the size of the domain and q is the total number of queries. For random oracles the probability is O(q^2 / N). This improved collision probability will help us to have an efficient distinguishing attack and MAC-forgery attack. We also show that the collision probability for PMAC is Ω(q^2 / N) (strictly greater than the birthday bound). We have used a purely combinatorial approach to obtain this bound. Similar analysis can be made for other CBC MAC extensions like XCBC, TMAC and OMAC.
Cryptography
MAC
Security
Distinguishing Attack
Combinatorics and Optimization
3

Two Versions Of The Stream Cipher Snow

Yilmaz, Erdem 01 December 2004 (has links) (PDF)
Two versions of SNOW, which are word-oriented stream ciphers proposed by P. Ekdahl and T. Johansson in 2000 and 2002, are studied together with cryptanalytic attacks on the first version. The reported attacks on SNOW1.0 are the &ldquo / guess-and-determine attack&rdquo / s by Hawkes and Rose and the &ldquo / distinguishing attack&rdquo / by Coppersmith, Halevi and Jutla in 2002. A review of the distinguishing attack on SNOW1.0 is given using the approach made by the designers of SNOW in 2002 on another cipher, SOBER-t32. However, since the calculation methods for the complexities of the attack are different, the values found with the method of the designers of SNOW are higher than the ones found by Coppersmith, Halevi and Jutla. The correlations in the finite state machine that make the distinguishing attack possible and how these correlations are affected by the operations in the finite state machine are investigated. Since the substitution boxes (S-boxes) play an important role in destroying the correlation and linearity caused by Linear Feedback Shift Register, the s-boxes of the two versions of SNOW are examined for the criteria of Linear Approximation Table (LAT), Difference Distribution Table (DDT) and Auto-correlation Table distributions. The randomness tests are performed using NIST statistical test suite for both of the ciphers. The results of the tests are presented.
QA Analysis 299.6-433

Page generated in 0.0656 seconds