WO2010151098A1 - Cryptographic hash function - Google Patents

Cryptographic hash function Download PDF

Info

Publication number
WO2010151098A1
WO2010151098A1 PCT/MY2009/000075 MY2009000075W WO2010151098A1 WO 2010151098 A1 WO2010151098 A1 WO 2010151098A1 MY 2009000075 W MY2009000075 W MY 2009000075W WO 2010151098 A1 WO2010151098 A1 WO 2010151098A1
Authority
WO
WIPO (PCT)
Prior art keywords
hash function
bit
input message
message
blocks
Prior art date
Application number
PCT/MY2009/000075
Other languages
French (fr)
Inventor
Magdy Saeb
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Priority to PCT/MY2009/000075 priority Critical patent/WO2010151098A1/en
Publication of WO2010151098A1 publication Critical patent/WO2010151098A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/20Manipulating the length of blocks of bits, e.g. padding or block truncation

Definitions

  • the present invention relates to a method of generating a cryptographic hash function.
  • Hash functions when applied in the area of cryptography, are usually selected to have some additional significant attributes. These basic attributes or prerequisites for a cryptographic hash function are the input message can be of a variable length, the output string has a fixed length, for any given input message, m, hash function, h(m) is relatively easy and fast to compute, using arithmetic and logic functions, hash function, h(m) is a one-way function and is collision-free.
  • Cryptographic hash functions or message digest have numerous applications in data security. These applications include one-way function, message tampering detection, message authentication codes, digital signatures, user authentication when used with a secret key, code recognition for protecting original codes and on the other hand identifying malware, commitment schemes, key update and derivation, random number generation, detection of random errors, cryptographic primitive for block and stream ciphers.
  • the recent crypto-analysis attacks on existing hash functions, such as SHA-1 have provided the motivation for improving the structure of such functions.
  • the present invention is a method for generating a cryptographic hash function.
  • the method comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
  • FIG. 1 illustrates a method of generating a cryptographic hash function for a 192-bit hash function.
  • FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function.
  • the present invention relates to a method of generating a cryptographic hash function.
  • this specification will describe the present invention according to the preferred embodiments of the present invention. However, it is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned that those skilled in the art may devise various modifications and equivalents without departing from the scope of the appended claims.
  • the method of generating a cryptographic hash function relates to the principles provided by Merkle's work, Rivest MD-5, SHA-1 and RIPEMD with the implementation of a large number of modifications and improvements to enable the cryptographic hash function to generate a hash value that is able to resist crypto-analysis attacks.
  • the method according to the embodiments of the present invention is intended to be used for message tampering detection, the same may also be applied to the various other applications of cryptographic hash functions.
  • the method of generating the cryptographic hash function is based on division of an input message into 1024-bit sized blocks, utilizes six variables for a round function, with cascaded XOR operations and deliberate asymmetry in the structure of the hash function in order to provide higher security with negligible increase in execution time.
  • the cryptographic hash function or message digest generated from the method according to one embodiment of the present invention is a 192-bit hash function, also known as Message Digest Procedure-192 (MDP-192).
  • the cryptographic hash function generated is a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384), which a more secure version of the MDP-192.
  • the cryptographic hash function generated is invertible to generate a block cipher.
  • the method of generating the cryptographic hash function comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
  • the input message, read as a binary message is divided into a plurality of 1024-bit blocks and a final block of the plurality of 1024-bit blocks is padded.
  • the final block of the plurality of 1024-bit blocks is padded to generate a total length of a padded message having a perfect multiple of 1024-bit blocks.
  • Padding is achieved by adding a single 1- bit, then adding a predetermined number of O-bits and finally adding a 64-bit integer representing a length of the input message.
  • Extracting the n-bit hash function from the input message further comprises computing the plurality of equally sized blocks to generate a plurality of variables and concatenating the plurality of variables to generate the n-bit hash function.
  • the value of n is 192 resulting in a 192-bit hash function, also known as Message Digest Procedure-192 (MDP-192).
  • the value of n is 384 resulting in a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384).
  • MDP-192 Message Digest Procedure-384
  • the message digest is computed by concatenating the final values of the six variables: a f b f c f d f e f f f ; This is a 192-bit message digest where the final values of each variable are computed as follows: ⁇ Repeat End;
  • represents XOR that is Bitwise XOR
  • ⁇ — represents ASG that is assigned to
  • Wi «- (W 1-5 ⁇ W 1-I3 ) ⁇ (Wi -7 VW 1 -11 ) ⁇ «1 for i 32 to 191
  • This probability value is, to a great extent, secure compared to SHA where its hash is 160-bit long with a collision probability of 8.27181 x 10 "25 .
  • the increase in execution time is negligible considering the cost of risk involved with the transmission of certain messages and the tremendous progress in processor speeds.
  • the MDP-192 provides a 192-bit hash function security that is much higher than 160-bit SHA-1. It requires 6.27710 x 2 57 operations versus 1.46150 x 2 48 in the case of SHA-1.
  • FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function.
  • MDP-192 an alteration to the Message Digest Procedure- 192 (MDP-192) will result in 192 security bits, which is the Message Digest Procedure- 384 (MDP-384).
  • MDP-192 the Message Digest Procedure- 384
  • This alteration utilizes the modularity of Message Digest Procedure-192 (MDP-192) as depicted in FIG. 2.
  • MDP-384 The execution time encountered with the Message Digest Procedure-384 (MDP-384) structure is by no means of great concern given the state-of-the-art of contemporary processors and capacities particularly the multithreading capabilities. A negligible additional memory requirement is needed for the Message Digest Procedure-384 (MDP- 384).

Landscapes

  • Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A method for generating a cryptographic hash function, the method comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.

Description

CRYPTOGRAPHIC HASH FUNCTION
FIELD OF INVENTION
The present invention relates to a method of generating a cryptographic hash function.
BACKGROUND ART
A hash function, h is a transformation that accepts a variable-size input message, m and returns a fixed-size string, which is called the hash value, h that is defined by h := h(m).
Hash functions, when applied in the area of cryptography, are usually selected to have some additional significant attributes. These basic attributes or prerequisites for a cryptographic hash function are the input message can be of a variable length, the output string has a fixed length, for any given input message, m, hash function, h(m) is relatively easy and fast to compute, using arithmetic and logic functions, hash function, h(m) is a one-way function and is collision-free.
Cryptographic hash functions or message digest have numerous applications in data security. These applications include one-way function, message tampering detection, message authentication codes, digital signatures, user authentication when used with a secret key, code recognition for protecting original codes and on the other hand identifying malware, commitment schemes, key update and derivation, random number generation, detection of random errors, cryptographic primitive for block and stream ciphers. The recent crypto-analysis attacks on existing hash functions, such as SHA-1 , have provided the motivation for improving the structure of such functions.
SUMMARY OF INVENTION
In one embodiment of the present invention is a method for generating a cryptographic hash function. The method comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
The present invention consists of features and a combination of parts hereinafter fully described and illustrated in the accompanying drawings, it being understood that various changes in the details may be made without departing from the scope of the invention or sacrificing any of the advantages of the present invention.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
To further clarify various aspects of some embodiments of the present invention, a more particular description of the invention will be rendered by references to specific embodiments thereof, which are illustrated, in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail through the accompanying drawings in which:
FIG. 1 illustrates a method of generating a cryptographic hash function for a 192-bit hash function.
FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention relates to a method of generating a cryptographic hash function. Hereinafter, this specification will describe the present invention according to the preferred embodiments of the present invention. However, it is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned that those skilled in the art may devise various modifications and equivalents without departing from the scope of the appended claims.
The method of generating a cryptographic hash function according to the embodiments of the present invention relates to the principles provided by Merkle's work, Rivest MD-5, SHA-1 and RIPEMD with the implementation of a large number of modifications and improvements to enable the cryptographic hash function to generate a hash value that is able to resist crypto-analysis attacks. Although the method according to the embodiments of the present invention is intended to be used for message tampering detection, the same may also be applied to the various other applications of cryptographic hash functions.
The method of generating the cryptographic hash function according to the embodiments of the present invention is based on division of an input message into 1024-bit sized blocks, utilizes six variables for a round function, with cascaded XOR operations and deliberate asymmetry in the structure of the hash function in order to provide higher security with negligible increase in execution time. The cryptographic hash function or message digest generated from the method according to one embodiment of the present invention is a 192-bit hash function, also known as Message Digest Procedure-192 (MDP-192). According to another embodiment of the present invention, the cryptographic hash function generated is a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384), which a more secure version of the MDP-192. In yet another embodiment of the present invention, the cryptographic hash function generated is invertible to generate a block cipher.
The method of generating the cryptographic hash function according to the embodiments of the present invention comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
The input message, read as a binary message is divided into a plurality of 1024-bit blocks and a final block of the plurality of 1024-bit blocks is padded. The final block of the plurality of 1024-bit blocks is padded to generate a total length of a padded message having a perfect multiple of 1024-bit blocks. Padding is achieved by adding a single 1- bit, then adding a predetermined number of O-bits and finally adding a 64-bit integer representing a length of the input message.
Extracting the n-bit hash function from the input message further comprises computing the plurality of equally sized blocks to generate a plurality of variables and concatenating the plurality of variables to generate the n-bit hash function. According to one embodiment of the present invention, the value of n is 192 resulting in a 192-bit hash function, also known as Message Digest Procedure-192 (MDP-192). According to another embodiment of the present invention, the value of n is 384 resulting in a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384). Reference is first being made to FIG. 1. FIG. 1 illustrates a method of generating a cryptographic hash function for a 192-bit hash function. For a given set of 1024-bit blocks (M0, Mi... Mn, where each block is 32 32-bit words), an example for the Message Digest Procedure-192 (MDP-192) is as follows: Begin
Repeat Begin
{For all M k for k =1 , 2, ...n}
{Within each block M k , process each word Wj as follows :} for i = 1 to 192
{That is the reason we need to expand Wj from 32 values to 192 since each 1024-bit message Mi is only 32 32-bit words} begin temp «- ( a j-i <« ITi1 ) + φf-1 (a, b, c) + φM (c, d, e) + f M + WM + K1 -1 ; ai <— temp ; b i <- θ M <« m5;
Figure imgf000008_0001
d j <— bj.1 «< m2 © a i-i <« m1 ; e i «— c i -1 <« rri3 ® b i .1 <« m2 ;
Figure imgf000008_0002
end;
{The number of rotations for each branch mi is optimized for fast avalanche effect}
Repeat this iteration loop until end-of-message; {That is Repeat for all blocks Mk for k=1 , 2 ... n, until end-of-message. After processing the message, the message digest is computed by concatenating the final values of the six variables: af bf cf df ef ff ; This is a 192-bit message digest where the final values of each variable are computed as follows: } Repeat End;
bf <— bo @ bf ;
Cf <- C0 # Cf ; df «— do © df ; ; ff t- fo © ff ! End. wherein
<« m represents ROTL m that is Rotate to the left m times; + represents ADD that is addition;
© represents XOR that is Bitwise XOR; <— represents ASG that is assigned to;
Λ represents AND that is Bitwise AND; v represents OR that is Bitwise OR; and "~ represents INV that is complement.
The function cpi (X, Y, Z) is given as follows:
<Pι(X, Y, Z) = (X Λ Y) v ((»- x) AZ) for i = 0 to 31
Φι (X, Y, Z) = X Φ («- Y) • Z for i = 31 to 63 cpi (X, Y, Z) = ((r- X)Λ Z)V (YΛ (Γ- Z)) V ({r- Y) ΛX) for i = 64 to 95
(Pi (X, Y, Z) = (X ® (r- Z) © Y) for i = 96 to 127
Φι (X, Y, Z) = (X ΛZ)v ((Γ- Y)Λ (r- Z)) for i = 128 to 159
<pi (X, Y, Z) = X # Y # Z for i = 160 to 191
The constans Kj is given as follows:
Ki ÷- (6071498F)h for i = 0 to 31
K1 ÷- (A205B064) h for i = 32 to 63
Ki ÷- (BB40E64E) h for i = 64 to 95
Ki ÷~ (4E1560F1) h for i = 96 to 127
Ki H36C2F808) h for i = 128 to 159
Ki ÷- (EFC23920) h for i =160 to 191
The values of Wi is given as follows:
Figure imgf000010_0001
Wi «- (W1-5 Λ W1-I3) © (Wi-7VW1 -11) <«1 for i = 32 to 191
Finally to initialize the iteration, the following Initialization Values (IV) are utilized: a0 <— (5F7F45CC) h, Based on Electron Charge bo <- (364BD04C) h, Based on Electron Mass
C0 <— (23E50E70) h, Based on Avogadro's number do <- (4C081C80)h, Based on Earth's Diameter e0 <- (239BE7E9) h, Based on Earth's Mass fo <- (14B7F480) h, Based on Moon's Diameter The probability of collision or birth day paradox of the resulting 192-bit hash function from the Message Digest Procedure-192 (MDP-192) is defined by: Pr {collision} = Pr {h Cm1) = h (m2)} « 1.26218x irj29, where ITi1 and m2 are two different input messages. This probability value is, to a great extent, secure compared to SHA where its hash is 160-bit long with a collision probability of 8.27181 x 10"25. The increase in execution time is negligible considering the cost of risk involved with the transmission of certain messages and the tremendous progress in processor speeds. With regards to the brute force attack, the MDP-192 provides a 192-bit hash function security that is much higher than 160-bit SHA-1. It requires 6.27710 x 257 operations versus 1.46150 x 248 in the case of SHA-1.
Reference is now being made to FIG. 2. FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function. According to another embodiment of the present invention, an alteration to the Message Digest Procedure- 192 (MDP-192) will result in 192 security bits, which is the Message Digest Procedure- 384 (MDP-384). This alteration utilizes the modularity of Message Digest Procedure-192 (MDP-192) as depicted in FIG. 2.
The execution time encountered with the Message Digest Procedure-384 (MDP-384) structure is by no means of great concern given the state-of-the-art of contemporary processors and capacities particularly the multithreading capabilities. A negligible additional memory requirement is needed for the Message Digest Procedure-384 (MDP- 384).

Claims

1. A method for generating a cryptographic hash function, the method comprises reading an input message as a binary message; dividing the input message into a plurality of equally sized blocks; and extracting an n-bit hash function from the input message.
2. The method according to claim 1 , wherein dividing the input message into the plurality of equally sized blocks further comprises dividing the input message into a plurality of 1024-bit blocks; and padding a final block of the plurality of 1024-bit blocks;
3. The method according to claim 2, wherein padding the final block of the plurality of 1024-bit blocks further comprises adding a single 1-bit; adding a predetermined number of O-bits; and adding a 64-bit integer representing a length of the input message.
4. The method according to claim 1 , wherein extracting the n-bit hash function from the input message further comprises computing the plurality of equally sized blocks to generate a plurality of variables; and concatenating the plurality of variables to generate the n-bit hash function.
5. The method according to claim 4, wherein computing the plurality of equally sized blocks to generate the plurality of variables further comprises iterating a sequence of rotation, addition and XOR operation to generate six variables.
6. The method according to claim 1 , wherein the value of n is 192.
7. The method according to claim 1 , wherein the value of n is 384.
8. The method according to claim 1, wherein n-bit hash function is invertible to generate a block cipher.
PCT/MY2009/000075 2009-06-22 2009-06-22 Cryptographic hash function WO2010151098A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/MY2009/000075 WO2010151098A1 (en) 2009-06-22 2009-06-22 Cryptographic hash function

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/MY2009/000075 WO2010151098A1 (en) 2009-06-22 2009-06-22 Cryptographic hash function

Publications (1)

Publication Number Publication Date
WO2010151098A1 true WO2010151098A1 (en) 2010-12-29

Family

ID=43386720

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2009/000075 WO2010151098A1 (en) 2009-06-22 2009-06-22 Cryptographic hash function

Country Status (1)

Country Link
WO (1) WO2010151098A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5608801A (en) * 1995-11-16 1997-03-04 Bell Communications Research, Inc. Efficient cryptographic hash functions and methods for amplifying the security of hash functions and pseudo-random functions

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5608801A (en) * 1995-11-16 1997-03-04 Bell Communications Research, Inc. Efficient cryptographic hash functions and methods for amplifying the security of hash functions and pseudo-random functions

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
H.A ALHASSAN ET AL.: "The Pyramids Block Cipher", INTERNATIONAL JOURNAL ON NETWORK SECURITY (IJNS), vol. 1, no. 1, 2005, pages 52 - 60 *
KEFA RABAH: "Secure Implementation of Message Digest, Authentication and Digital Signature", INFORMATION TECHNOLOGY JOURNAL, vol. 4, no. 3, 2005, pages 204 - 221 *
ROBERT P. MCEVOY ET AL.: "Optimisation of the SHA-2 Family of Hash Function on FPGAs", IEEE COMPUTER SOCIETY ANNUAL SYMPOSIUM ON VLSI TECHNOLOGIES AND ARCHITECTURES, 2 March 2006 (2006-03-02) *

Similar Documents

Publication Publication Date Title
EP2691906B1 (en) Method and system for protecting execution of cryptographic hash functions
US10009171B2 (en) Construction and uses of variable-input-length tweakable ciphers
US7546461B2 (en) Strengthening secure hash functions
Schaad et al. Advanced Encryption Standard (AES) key wrap algorithm
US20080084996A1 (en) Authenticated encryption method and apparatus
US20090262925A1 (en) Method for designing a secure hash function and a system thereof
JP5462636B2 (en) Method and apparatus for encrypting plaintext messages
US20090220083A1 (en) Stream cipher using multiplication over a finite field of even characteristic
US20120314857A1 (en) Block encryption device, block decryption device, block encryption method, block decryption method and program
NZ277128A (en) Public key encryption system and mixture generator
JP2008513811A (en) Calculation conversion method and system
Sleem et al. TestU01 and Practrand: Tools for a randomness evaluation for famous multimedia ciphers
Tiwari Cryptography in blockchain
US20040120521A1 (en) Method and system for data encryption and decryption
Liu et al. Improving tag generation for memory data authentication in embedded processor systems
WO2010151098A1 (en) Cryptographic hash function
Abad et al. Enhanced key generation algorithm of hashing message authentication code
JP2015082077A (en) Encryption device, control method, and program
Rathod et al. Meta-Analysis of Popular Encryption and Hashing Algorithms
Liu Software protection with encryption and verification
Pandey et al. Architecture based on MD5 and MD5-512 Bit Applications
Schaad et al. RFC3394: advanced encryption standard (AES) key wrap algorithm
Paar et al. Hash Functions
Alharbi et al. Proposal of an Efficient Encryption Algorithm for Securing Communicated Information
Abutaha et al. EDIH: Enhancement Data Integrity using Hill Cipher Hash algorithm

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09846589

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09846589

Country of ref document: EP

Kind code of ref document: A1