WO2010151098A1 - Cryptographic hash function - Google Patents
Cryptographic hash function Download PDFInfo
- Publication number
- WO2010151098A1 WO2010151098A1 PCT/MY2009/000075 MY2009000075W WO2010151098A1 WO 2010151098 A1 WO2010151098 A1 WO 2010151098A1 MY 2009000075 W MY2009000075 W MY 2009000075W WO 2010151098 A1 WO2010151098 A1 WO 2010151098A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- hash function
- bit
- input message
- message
- blocks
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/20—Manipulating the length of blocks of bits, e.g. padding or block truncation
Definitions
- the present invention relates to a method of generating a cryptographic hash function.
- Hash functions when applied in the area of cryptography, are usually selected to have some additional significant attributes. These basic attributes or prerequisites for a cryptographic hash function are the input message can be of a variable length, the output string has a fixed length, for any given input message, m, hash function, h(m) is relatively easy and fast to compute, using arithmetic and logic functions, hash function, h(m) is a one-way function and is collision-free.
- Cryptographic hash functions or message digest have numerous applications in data security. These applications include one-way function, message tampering detection, message authentication codes, digital signatures, user authentication when used with a secret key, code recognition for protecting original codes and on the other hand identifying malware, commitment schemes, key update and derivation, random number generation, detection of random errors, cryptographic primitive for block and stream ciphers.
- the recent crypto-analysis attacks on existing hash functions, such as SHA-1 have provided the motivation for improving the structure of such functions.
- the present invention is a method for generating a cryptographic hash function.
- the method comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
- FIG. 1 illustrates a method of generating a cryptographic hash function for a 192-bit hash function.
- FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function.
- the present invention relates to a method of generating a cryptographic hash function.
- this specification will describe the present invention according to the preferred embodiments of the present invention. However, it is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned that those skilled in the art may devise various modifications and equivalents without departing from the scope of the appended claims.
- the method of generating a cryptographic hash function relates to the principles provided by Merkle's work, Rivest MD-5, SHA-1 and RIPEMD with the implementation of a large number of modifications and improvements to enable the cryptographic hash function to generate a hash value that is able to resist crypto-analysis attacks.
- the method according to the embodiments of the present invention is intended to be used for message tampering detection, the same may also be applied to the various other applications of cryptographic hash functions.
- the method of generating the cryptographic hash function is based on division of an input message into 1024-bit sized blocks, utilizes six variables for a round function, with cascaded XOR operations and deliberate asymmetry in the structure of the hash function in order to provide higher security with negligible increase in execution time.
- the cryptographic hash function or message digest generated from the method according to one embodiment of the present invention is a 192-bit hash function, also known as Message Digest Procedure-192 (MDP-192).
- the cryptographic hash function generated is a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384), which a more secure version of the MDP-192.
- the cryptographic hash function generated is invertible to generate a block cipher.
- the method of generating the cryptographic hash function comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
- the input message, read as a binary message is divided into a plurality of 1024-bit blocks and a final block of the plurality of 1024-bit blocks is padded.
- the final block of the plurality of 1024-bit blocks is padded to generate a total length of a padded message having a perfect multiple of 1024-bit blocks.
- Padding is achieved by adding a single 1- bit, then adding a predetermined number of O-bits and finally adding a 64-bit integer representing a length of the input message.
- Extracting the n-bit hash function from the input message further comprises computing the plurality of equally sized blocks to generate a plurality of variables and concatenating the plurality of variables to generate the n-bit hash function.
- the value of n is 192 resulting in a 192-bit hash function, also known as Message Digest Procedure-192 (MDP-192).
- the value of n is 384 resulting in a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384).
- MDP-192 Message Digest Procedure-384
- the message digest is computed by concatenating the final values of the six variables: a f b f c f d f e f f f ; This is a 192-bit message digest where the final values of each variable are computed as follows: ⁇ Repeat End;
- ⁇ represents XOR that is Bitwise XOR
- ⁇ — represents ASG that is assigned to
- Wi «- (W 1-5 ⁇ W 1-I3 ) ⁇ (Wi -7 VW 1 -11 ) ⁇ «1 for i 32 to 191
- This probability value is, to a great extent, secure compared to SHA where its hash is 160-bit long with a collision probability of 8.27181 x 10 "25 .
- the increase in execution time is negligible considering the cost of risk involved with the transmission of certain messages and the tremendous progress in processor speeds.
- the MDP-192 provides a 192-bit hash function security that is much higher than 160-bit SHA-1. It requires 6.27710 x 2 57 operations versus 1.46150 x 2 48 in the case of SHA-1.
- FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function.
- MDP-192 an alteration to the Message Digest Procedure- 192 (MDP-192) will result in 192 security bits, which is the Message Digest Procedure- 384 (MDP-384).
- MDP-192 the Message Digest Procedure- 384
- This alteration utilizes the modularity of Message Digest Procedure-192 (MDP-192) as depicted in FIG. 2.
- MDP-384 The execution time encountered with the Message Digest Procedure-384 (MDP-384) structure is by no means of great concern given the state-of-the-art of contemporary processors and capacities particularly the multithreading capabilities. A negligible additional memory requirement is needed for the Message Digest Procedure-384 (MDP- 384).
Landscapes
- Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
A method for generating a cryptographic hash function, the method comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
Description
CRYPTOGRAPHIC HASH FUNCTION
FIELD OF INVENTION
The present invention relates to a method of generating a cryptographic hash function.
BACKGROUND ART
A hash function, h is a transformation that accepts a variable-size input message, m and returns a fixed-size string, which is called the hash value, h that is defined by h := h(m).
Hash functions, when applied in the area of cryptography, are usually selected to have some additional significant attributes. These basic attributes or prerequisites for a cryptographic hash function are the input message can be of a variable length, the output string has a fixed length, for any given input message, m, hash function, h(m) is relatively easy and fast to compute, using arithmetic and logic functions, hash function, h(m) is a one-way function and is collision-free.
Cryptographic hash functions or message digest have numerous applications in data security. These applications include one-way function, message tampering detection, message authentication codes, digital signatures, user authentication when used with a secret key, code recognition for protecting original codes and on the other hand identifying malware, commitment schemes, key update and derivation, random number generation, detection of random errors, cryptographic primitive for block and stream ciphers.
The recent crypto-analysis attacks on existing hash functions, such as SHA-1 , have provided the motivation for improving the structure of such functions.
SUMMARY OF INVENTION
In one embodiment of the present invention is a method for generating a cryptographic hash function. The method comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
The present invention consists of features and a combination of parts hereinafter fully described and illustrated in the accompanying drawings, it being understood that various changes in the details may be made without departing from the scope of the invention or sacrificing any of the advantages of the present invention.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
To further clarify various aspects of some embodiments of the present invention, a more particular description of the invention will be rendered by references to specific embodiments thereof, which are illustrated, in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail through the accompanying drawings in which:
FIG. 1 illustrates a method of generating a cryptographic hash function for a 192-bit hash function.
FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention relates to a method of generating a cryptographic hash function. Hereinafter, this specification will describe the present invention according to the preferred embodiments of the present invention. However, it is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned that those skilled in the art may devise various modifications and equivalents without departing from the scope of the appended claims.
The method of generating a cryptographic hash function according to the embodiments of the present invention relates to the principles provided by Merkle's work, Rivest MD-5, SHA-1 and RIPEMD with the implementation of a large number of modifications and improvements to enable the cryptographic hash function to generate a hash value that is able to resist crypto-analysis attacks. Although the method according to the embodiments of the present invention is intended to be used for message tampering detection, the same may also be applied to the various other applications of cryptographic hash functions.
The method of generating the cryptographic hash function according to the embodiments of the present invention is based on division of an input message into 1024-bit sized blocks, utilizes six variables for a round function, with cascaded XOR operations and deliberate asymmetry in the structure of the hash function in order to provide higher security with negligible increase in execution time. The cryptographic hash function or message digest generated from the method according to one embodiment of the present invention is a 192-bit hash function, also known as Message
Digest Procedure-192 (MDP-192). According to another embodiment of the present invention, the cryptographic hash function generated is a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384), which a more secure version of the MDP-192. In yet another embodiment of the present invention, the cryptographic hash function generated is invertible to generate a block cipher.
The method of generating the cryptographic hash function according to the embodiments of the present invention comprises reading an input message as a binary message, dividing the input message into a plurality of equally sized blocks and extracting an n-bit hash function from the input message.
The input message, read as a binary message is divided into a plurality of 1024-bit blocks and a final block of the plurality of 1024-bit blocks is padded. The final block of the plurality of 1024-bit blocks is padded to generate a total length of a padded message having a perfect multiple of 1024-bit blocks. Padding is achieved by adding a single 1- bit, then adding a predetermined number of O-bits and finally adding a 64-bit integer representing a length of the input message.
Extracting the n-bit hash function from the input message further comprises computing the plurality of equally sized blocks to generate a plurality of variables and concatenating the plurality of variables to generate the n-bit hash function. According to one embodiment of the present invention, the value of n is 192 resulting in a 192-bit hash function, also known as Message Digest Procedure-192 (MDP-192). According to another embodiment of the present invention, the value of n is 384 resulting in a 384-bit hash function, also known as Message Digest Procedure-384 (MDP-384).
Reference is first being made to FIG. 1. FIG. 1 illustrates a method of generating a cryptographic hash function for a 192-bit hash function. For a given set of 1024-bit blocks (M0, Mi... Mn, where each block is 32 32-bit words), an example for the Message Digest Procedure-192 (MDP-192) is as follows: Begin
Repeat Begin
{For all M k for k =1 , 2, ...n}
{Within each block M k , process each word Wj as follows :} for i = 1 to 192
{That is the reason we need to expand Wj from 32 values to 192 since each 1024-bit message Mi is only 32 32-bit words} begin temp «- ( a j-i <« ITi1 ) + φf-1 (a, b, c) + φM (c, d, e) + f M + WM + K1 -1 ; ai <— temp ; b i <- θ M <« m5;
d j <— bj.1 «< m2 © a i-i <« m1 ; e i «— c i -1 <« rri3 ® b i .1 <« m2 ;
end;
{The number of rotations for each branch mi is optimized for fast avalanche effect}
Repeat this iteration loop until end-of-message;
{That is Repeat for all blocks Mk for k=1 , 2 ... n, until end-of-message. After processing the message, the message digest is computed by concatenating the final values of the six variables: af bf cf df ef ff ; This is a 192-bit message digest where the final values of each variable are computed as follows: } Repeat End;
bf <— bo @ bf ;
Cf <- C0 # Cf ; df «— do © df ; ; ff t- fo © ff ! End. wherein
<« m represents ROTL m that is Rotate to the left m times; + represents ADD that is addition;
© represents XOR that is Bitwise XOR; <— represents ASG that is assigned to;
Λ represents AND that is Bitwise AND; v represents OR that is Bitwise OR; and "~ represents INV that is complement.
The function cpi (X, Y, Z) is given as follows:
<Pι(X, Y, Z) = (X Λ Y) v ((»- x) AZ) for i = 0 to 31
Φι (X, Y, Z) = X Φ («- Y) • Z for i = 31 to 63
cpi (X, Y, Z) = ((r- X)Λ Z)V (YΛ (Γ- Z)) V ({r- Y) ΛX) for i = 64 to 95
(Pi (X, Y, Z) = (X ® (r- Z) © Y) for i = 96 to 127
Φι (X, Y, Z) = (X ΛZ)v ((Γ- Y)Λ (r- Z)) for i = 128 to 159
<pi (X, Y, Z) = X # Y # Z for i = 160 to 191
The constans Kj is given as follows:
Ki ÷- (6071498F)h for i = 0 to 31
K1 ÷- (A205B064) h for i = 32 to 63
Ki ÷- (BB40E64E) h for i = 64 to 95
Ki ÷~ (4E1560F1) h for i = 96 to 127
Ki H36C2F808) h for i = 128 to 159
Ki ÷- (EFC23920) h for i =160 to 191
Wi «- (W1-5 Λ W1-I3) © (Wi-7VW1 -11) <«1 for i = 32 to 191
Finally to initialize the iteration, the following Initialization Values (IV) are utilized: a0 <— (5F7F45CC) h, Based on Electron Charge bo <- (364BD04C) h, Based on Electron Mass
C0 <— (23E50E70) h, Based on Avogadro's number do <- (4C081C80)h, Based on Earth's Diameter e0 <- (239BE7E9) h, Based on Earth's Mass fo <- (14B7F480) h, Based on Moon's Diameter
The probability of collision or birth day paradox of the resulting 192-bit hash function from the Message Digest Procedure-192 (MDP-192) is defined by: Pr {collision} = Pr {h Cm1) = h (m2)} « 1.26218x irj29, where ITi1 and m2 are two different input messages. This probability value is, to a great extent, secure compared to SHA where its hash is 160-bit long with a collision probability of 8.27181 x 10"25. The increase in execution time is negligible considering the cost of risk involved with the transmission of certain messages and the tremendous progress in processor speeds. With regards to the brute force attack, the MDP-192 provides a 192-bit hash function security that is much higher than 160-bit SHA-1. It requires 6.27710 x 257 operations versus 1.46150 x 248 in the case of SHA-1.
Reference is now being made to FIG. 2. FIG. 2 illustrates a method of generating a cryptographic hash function for a 384-bit hash function. According to another embodiment of the present invention, an alteration to the Message Digest Procedure- 192 (MDP-192) will result in 192 security bits, which is the Message Digest Procedure- 384 (MDP-384). This alteration utilizes the modularity of Message Digest Procedure-192 (MDP-192) as depicted in FIG. 2.
The execution time encountered with the Message Digest Procedure-384 (MDP-384) structure is by no means of great concern given the state-of-the-art of contemporary processors and capacities particularly the multithreading capabilities. A negligible additional memory requirement is needed for the Message Digest Procedure-384 (MDP- 384).
Claims
1. A method for generating a cryptographic hash function, the method comprises reading an input message as a binary message; dividing the input message into a plurality of equally sized blocks; and extracting an n-bit hash function from the input message.
2. The method according to claim 1 , wherein dividing the input message into the plurality of equally sized blocks further comprises dividing the input message into a plurality of 1024-bit blocks; and padding a final block of the plurality of 1024-bit blocks;
3. The method according to claim 2, wherein padding the final block of the plurality of 1024-bit blocks further comprises adding a single 1-bit; adding a predetermined number of O-bits; and adding a 64-bit integer representing a length of the input message.
4. The method according to claim 1 , wherein extracting the n-bit hash function from the input message further comprises computing the plurality of equally sized blocks to generate a plurality of variables; and concatenating the plurality of variables to generate the n-bit hash function.
5. The method according to claim 4, wherein computing the plurality of equally sized blocks to generate the plurality of variables further comprises iterating a sequence of rotation, addition and XOR operation to generate six variables.
6. The method according to claim 1 , wherein the value of n is 192.
7. The method according to claim 1 , wherein the value of n is 384.
8. The method according to claim 1, wherein n-bit hash function is invertible to generate a block cipher.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/MY2009/000075 WO2010151098A1 (en) | 2009-06-22 | 2009-06-22 | Cryptographic hash function |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/MY2009/000075 WO2010151098A1 (en) | 2009-06-22 | 2009-06-22 | Cryptographic hash function |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2010151098A1 true WO2010151098A1 (en) | 2010-12-29 |
Family
ID=43386720
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/MY2009/000075 WO2010151098A1 (en) | 2009-06-22 | 2009-06-22 | Cryptographic hash function |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2010151098A1 (en) |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5608801A (en) * | 1995-11-16 | 1997-03-04 | Bell Communications Research, Inc. | Efficient cryptographic hash functions and methods for amplifying the security of hash functions and pseudo-random functions |
-
2009
- 2009-06-22 WO PCT/MY2009/000075 patent/WO2010151098A1/en active Application Filing
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5608801A (en) * | 1995-11-16 | 1997-03-04 | Bell Communications Research, Inc. | Efficient cryptographic hash functions and methods for amplifying the security of hash functions and pseudo-random functions |
Non-Patent Citations (3)
Title |
---|
H.A ALHASSAN ET AL.: "The Pyramids Block Cipher", INTERNATIONAL JOURNAL ON NETWORK SECURITY (IJNS), vol. 1, no. 1, 2005, pages 52 - 60 * |
KEFA RABAH: "Secure Implementation of Message Digest, Authentication and Digital Signature", INFORMATION TECHNOLOGY JOURNAL, vol. 4, no. 3, 2005, pages 204 - 221 * |
ROBERT P. MCEVOY ET AL.: "Optimisation of the SHA-2 Family of Hash Function on FPGAs", IEEE COMPUTER SOCIETY ANNUAL SYMPOSIUM ON VLSI TECHNOLOGIES AND ARCHITECTURES, 2 March 2006 (2006-03-02) * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2691906B1 (en) | Method and system for protecting execution of cryptographic hash functions | |
US10009171B2 (en) | Construction and uses of variable-input-length tweakable ciphers | |
US7546461B2 (en) | Strengthening secure hash functions | |
Schaad et al. | Advanced Encryption Standard (AES) key wrap algorithm | |
US20080084996A1 (en) | Authenticated encryption method and apparatus | |
US20090262925A1 (en) | Method for designing a secure hash function and a system thereof | |
JP5462636B2 (en) | Method and apparatus for encrypting plaintext messages | |
US20090220083A1 (en) | Stream cipher using multiplication over a finite field of even characteristic | |
US20120314857A1 (en) | Block encryption device, block decryption device, block encryption method, block decryption method and program | |
NZ277128A (en) | Public key encryption system and mixture generator | |
JP2008513811A (en) | Calculation conversion method and system | |
Sleem et al. | TestU01 and Practrand: Tools for a randomness evaluation for famous multimedia ciphers | |
Tiwari | Cryptography in blockchain | |
US20040120521A1 (en) | Method and system for data encryption and decryption | |
Liu et al. | Improving tag generation for memory data authentication in embedded processor systems | |
WO2010151098A1 (en) | Cryptographic hash function | |
Abad et al. | Enhanced key generation algorithm of hashing message authentication code | |
JP2015082077A (en) | Encryption device, control method, and program | |
Rathod et al. | Meta-Analysis of Popular Encryption and Hashing Algorithms | |
Liu | Software protection with encryption and verification | |
Pandey et al. | Architecture based on MD5 and MD5-512 Bit Applications | |
Schaad et al. | RFC3394: advanced encryption standard (AES) key wrap algorithm | |
Paar et al. | Hash Functions | |
Alharbi et al. | Proposal of an Efficient Encryption Algorithm for Securing Communicated Information | |
Abutaha et al. | EDIH: Enhancement Data Integrity using Hill Cipher Hash algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09846589 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 09846589 Country of ref document: EP Kind code of ref document: A1 |