a new algorithm for the unbalanced meet in the middle
play

A New Algorithm for the Unbalanced Meet-in-the-Middle Problem Ivica - PowerPoint PPT Presentation

Aug 22, 2023 •19 likes •399 views

Definitions State-of-the-art New Algorithm Conclusion A New Algorithm for the Unbalanced Meet-in-the-Middle Problem Ivica Nikoli c (joint with Yu Sasaki) NTU, Singapore Ivica Nikoli c (joint with Yu Sasaki) NTU, Singapore A New

  1. Definitions State-of-the-art New Algorithm Conclusion A New Algorithm for the Unbalanced Meet-in-the-Middle Problem Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  2. Definitions State-of-the-art New Algorithm Conclusion 1 Definitions 2 State-of-the-art 3 New Algorithm 4 Conclusion Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  3. Definitions State-of-the-art New Algorithm Conclusion Unbalanced Meet-in-the-Middle Example: From pseudo-preimage to preimage attack on SHA-256 Let the compression function be invertible in 2 64 Store 2 96 preimages for the second compression function Generate 2 160 images for the first Produce a collision in the middle H * IV SHA-256 SHA-256 compression compression Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  4. Definitions State-of-the-art New Algorithm Conclusion MITM � = meeting in the middle Diffie–Hellman introduced MITM to attack Double-DES. There, the two functions were indeed ”meeting in the middle” However, today MITM has a different, more general meaning Example, MITM attacks on AES have nothing to do with ”meeting in the middle”. Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  5. Definitions State-of-the-art New Algorithm Conclusion MITM = Collision search MITM attack is synonym for collision search So, instead of MITM we can talk about collisions between two functions f ( x ) and g ( y ) g f X Y Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  6. Definitions State-of-the-art New Algorithm Conclusion Collision types We can differentiate two types of collisions between f and g 1 f , g have range larger than domain. g f X Y 2 f , g have range not larger than domain. g f X Y Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  7. Definitions State-of-the-art New Algorithm Conclusion Our target: Unbalanced Collisions We deal only with the case 2. Furthermore, to simplify, we focus only on collision search between two n -bit functions f , g : f : { 0 , 1 } n → { 0 , 1 } n g : { 0 , 1 } n → { 0 , 1 } n Unbalanced collisions – g is R times more ”expensive” than f (in the previous example of SHA-256, R = 2 64 ) Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  8. Definitions State-of-the-art New Algorithm Conclusion 1 Definitions 2 State-of-the-art 3 New Algorithm 4 Conclusion Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  9. Definitions State-of-the-art New Algorithm Conclusion The balanced case When R = 1 ( f , g have the same cost) then use Floyd’s cycle finding algorithm √ n 2 = it requires time T = 2 N it requires negligible memory Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  10. Definitions State-of-the-art New Algorithm Conclusion The unbalanced case When R > 1, then use MITM √ � � N N Store R images of g (in time R R = RN ) √ Produce around RN images of f and check for collision √ � N Success because RN = N R √ Time: RN � N Memory: R Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  11. Definitions State-of-the-art New Algorithm Conclusion The unbalanced case - Tradeoff The standard MITM algorithm allows a tradeoff TM = N , √ where T ≥ RN . Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  12. Definitions State-of-the-art New Algorithm Conclusion Why the standard MITM algorithm can be bad Standard MITM : Huge jump of memory requirement when R goes beyond 1 Weird: the smaller the R , the larger the memory requirement Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  13. Definitions State-of-the-art New Algorithm Conclusion 1 Definitions 2 State-of-the-art 3 New Algorithm 4 Conclusion Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  14. Definitions State-of-the-art New Algorithm Conclusion Ideas New algorithm combines 2 ideas: 1 Unbalanced interleaving 2 van Oorschot-Wiener parallel collision search Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  15. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving Balanced interleaving Floyd’s algorithm used for collision search of 2 balanced functions selects the used function with equal probability. i.e. it finds a collision for H ( x ) defined as � f ( x ) if σ ( x ) = 0 H ( x ) = g ( x ) if σ ( x ) = 1 σ ( x ) outputs 0 or 1, with equal probability Collisions for H ( x ) is collision between f , g with probability 1 2 = ⇒ repeat the search 2 times Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  16. Definitions State-of-the-art New Algorithm Conclusion Balanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  17. Definitions State-of-the-art New Algorithm Conclusion Balanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  18. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving Unbalanced interleaving Define H ( x ) as � f ( x ) if σ ( x ) = 0 H ( x ) = g ( x ) if σ ( x ) = 1 σ ( x ) outputs 0 around R times more often than 1 Collisions for H ( x ) is collision between f , g with probability 1 R = ⇒ repeat the search R times Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  19. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  20. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  21. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  22. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Parallel Collision Search van Oorschot-Wiener algorithm can be used to find multiple collisions faster than Floyd’s algorithm: Useful when many collisions are required It requires memory Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  23. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Algorithm: Hash Table First, construct a hash table: Take a random point v 1 and produce a chain of values n − m v i = f ( v i − 1 ) , i = 2 , . . . , 2 2 Store ( v 2 , v 1 ) in hash table L n − m 2 Repeat for 2 m different points v f f f f f v 2 n-m . . . 1 2 2 2 f f f f v . . . f v 2 n-m 1 2 . . . m m 2 2 f f f f f v . . . v 2 n-m 1 2 Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  24. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Algorithm: Collision Search 1 Pick a random value w 1 2 Produce w i = f ( w i − 1 ) 3 Check if w i is in L . If not go to 2 4 By backtracking find the colliding values v f f f f f v 2 n-m . . . 1 2 2 2 v f f f f f v 2 n-m . . . 1 2 . . . m m 2 2 f f f f f v . . . v 2 n-m 1 2 f w f 1 Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  25. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Algorithm: Collision Search n + m During construction of L passed 2 values 2 n + m n − m If chain of w i ’s is of length around 2 n / 2 = 2 a collision 2 2 will occur n − m Time complexity of one collision: 2 2 v f f f . . . f f v 2 n-m 1 2 2 2 v f f f . . . f f v 2 n-m 1 2 . . . m m 2 2 v f f f f f v 2 n-m . . . 1 2 f w f 1 Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France FSE, March 3-5 2014 Plan 1 Match Box Meet-in-the-Middle Attacks Sieve-in-the-Middle Framework Match Box Cryptanalysis of KATAN 2 Description

1.61k views • 37 slides
Balanced and Unbalanced Collections Louis J. Billera Cornell University TLC Wake Forest,

Balanced and Unbalanced Collections Louis J. Billera Cornell University TLC Wake Forest,

Balanced and Unbalanced Collections Louis J. Billera Cornell University TLC Wake Forest, February 9, 2013 1 Balanced and Unbalanced Collections Balanced Collections Economic Equilibria Unbalanced Collections - Quantum Field Theory Poset

1.25k views • 124 slides
Desert Sky Middle School Virtual Meet the Teacher Hill/Willard/Crabtree/Chen Meet Your Teams

Desert Sky Middle School Virtual Meet the Teacher Hill/Willard/Crabtree/Chen Meet Your Teams

Desert Sky Middle School Virtual Meet the Teacher Hill/Willard/Crabtree/Chen Meet Your Teams Teachers: Ming Chen Meagan Willard Kristi Hill Lisa Crabtree Mandarin Math & SS Language Arts Science & SS & SS & SS Meet

551 views • 11 slides
Desert Sky Middle School Virtual Meet the Teacher Team C Team Introductions Tina Murray -

Desert Sky Middle School Virtual Meet the Teacher Team C Team Introductions Tina Murray -

Desert Sky Middle School Virtual Meet the Teacher Team C Team Introductions Tina Murray - Science Joe Isaac - Language Arts Lisa Nussmeier - Social Studies Melissa Little - Math Meet Our Specialists Sal Rodriguez - Physical Education (PE)

510 views • 12 slides
WELCOME TO GLEN HILLS MIDDLE SCHOOL OPEN HOUSE 2019-20 Meet the 8th Grade Team! Mike

WELCOME TO GLEN HILLS MIDDLE SCHOOL OPEN HOUSE 2019-20 Meet the 8th Grade Team! Mike

WELCOME TO GLEN HILLS MIDDLE SCHOOL OPEN HOUSE 2019-20 Meet the 8th Grade Team! Mike Birmingham Jaclyn Orozco Natalie Block Shana Lucas Spanish Math Special Education AVID Coordinator AVID Elective Meet the 8th Grade Team! Jen Clark

190 views • 18 slides
s e i t i v i t c A r a l u c i r r u c a r t x E Elm Middle School Why

s e i t i v i t c A r a l u c i r r u c a r t x E Elm Middle School Why

s e i t i v i t c A r a l u c i r r u c a r t x E Elm Middle School Why be involved? Fun Develop skills such as time management, Explore career prioritization, and interests organization, Meet people and

540 views • 15 slides
Welcome to Grapevine Middle School Meet the Counselors Mrs. Johnson- Counselor Traditional A-Z

Welcome to Grapevine Middle School Meet the Counselors Mrs. Johnson- Counselor Traditional A-Z

Welcome to Grapevine Middle School Meet the Counselors Mrs. Johnson- Counselor Traditional A-Z Mrs. Gardner- Counselor Specializing in STEM and Dual Language Mrs. Lemke Student Advocate GMS Administration Principal Dr. Koehler

710 views • 14 slides
Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei Sun 1 Patrick Derbez 2 Yosuke Todo 3 Bing Sun 4 Lei Hu 1 1 Institute of Information Engineering, Chinese Academy of Sciences, China 2 Univ Rennes,

1.17k views • 87 slides
Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei Sun 1 Patrick Derbez 2 Yosuke Todo 3 Bing Sun 4 Lei Hu 1 1 Institute of Information Engineering, Chinese Academy of Sciences, China 2 Universit

726 views • 60 slides
Road to Blended Learning How to use TCI Strategies in a Middle School Classroom Meet the

Road to Blended Learning How to use TCI Strategies in a Middle School Classroom Meet the

Road to Blended Learning How to use TCI Strategies in a Middle School Classroom Meet the Speakers! Dawn Smith Tom McClellan National Account Manager Customer Success Manager What Well Be Covering The Cooperative, Tolerant yet

347 views • 24 slides
Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez

Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez

Introduction Demirci and Sel cuk Attack Differential Enumeration Technique Conclusion Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez 1 Pierre-Alain Fouque 1 , 2 Ecole Normale Sup

1.25k views • 60 slides
Notes to Slides Slide 2: The Middle East sits where Africa, Asia and Europe meet. The Greater

Notes to Slides Slide 2: The Middle East sits where Africa, Asia and Europe meet. The Greater

Notes to Slides Slide 2: The Middle East sits where Africa, Asia and Europe meet. The Greater Middle East includes all countries on the map to the left including Afghanistan and Pakistan, and all the other "stans," but it also includes

138 views • 3 slides
Welcome to Middle School Information Night Join the Conversation on Twitter Using #MSInfoNight

Welcome to Middle School Information Night Join the Conversation on Twitter Using #MSInfoNight

Welcome to Middle School Information Night Join the Conversation on Twitter Using #MSInfoNight Meet Your Principals Dr. Lori Wiggins Dr. Casey Robinson Keisha Boggan Gunston H-B Woodlawn Jefferson 2 Meet Your Principals David McBride

359 views • 20 slides
Meet in the Middle - STP March 20, 2019 1 / 17 Last weeks exercise Solution on whiteboard.

Meet in the Middle - STP March 20, 2019 1 / 17 Last weeks exercise Solution on whiteboard.

Meet in the Middle - STP March 20, 2019 1 / 17 Last weeks exercise Solution on whiteboard. 2 / 17 Recap of MitM attack Whiteboard 3 / 17 Searching for attacks By hand - Last week(s) Using the computer - This week 4 / 17

689 views • 23 slides
Blended Learning Teaching Strategies Middle School Science Meet the Speakers! Nathan Marsha

Blended Learning Teaching Strategies Middle School Science Meet the Speakers! Nathan Marsha

Blended Learning Teaching Strategies Middle School Science Meet the Speakers! Nathan Marsha Curriculum Developer Director, Product Experience Icebreaker 1. Get two sticky notes (or tear a sheet of paper in half). 2. Think about your

538 views • 39 slides
Good Nutrition Malnutrition: under, over or unbalanced consumption of nutrients leads to

Good Nutrition Malnutrition: under, over or unbalanced consumption of nutrients leads to

1/12/18 W.I.T.S. Personal Trainer Certification Lecture Three: Test Title Nutrition; Exercise Prescription for Weight Management; Exercise Prescription for Cardiovascular Fitness Good Nutrition Malnutrition: under, over or unbalanced

615 views • 26 slides
Experiments with Mixed Prevision Algorithms in Linear Algebra Jack Dongarra (UTK/ORNL/U

Experiments with Mixed Prevision Algorithms in Linear Algebra Jack Dongarra (UTK/ORNL/U

Experiments with Mixed Prevision Algorithms in Linear Algebra Jack Dongarra (UTK/ORNL/U Manchester) Azzam Haidar (Nvidia) Stan Tomov (UTK) Nick Higham (U of Manchester) 8/28/19 1 Mixed Precision Today many precisions to deal with (IEEE

391 views • 26 slides
Tree-based model algorithm for maintaining consistency in real-time collaborative editing

Tree-based model algorithm for maintaining consistency in real-time collaborative editing

Tree-based model algorithm for maintaining consistency in real-time collaborative editing systems C. Ignat, M. C. Norrie Institute for Information Systems Swiss Federal Institute of Technology (ETH) ETH-Zentrum, CH-8092 Zurich, Switzerland

279 views • 15 slides
A C A Core R Robot Al Algorithm hm: I Inverse K Kinematics Setting a robots joints so

A C A Core R Robot Al Algorithm hm: I Inverse K Kinematics Setting a robots joints so

A C A Core R Robot Al Algorithm hm: I Inverse K Kinematics Setting a robots joints so end effector reaches a target Input: current robot geometry Output: required joint increments Computationally intensive problem all limbed

259 views • 6 slides
Estimating the Variance of Complex Differentially Private Algorithms Robert Ashmead JSM 2019,

Estimating the Variance of Complex Differentially Private Algorithms Robert Ashmead JSM 2019,

Estimating the Variance of Complex Differentially Private Algorithms Robert Ashmead JSM 2019, Denver, Colorado Collaborators John Abowd, Philip Leclerc, and William Sexton of the U.S. Census Bureau and the entire team working on differentially

314 views • 30 slides
Competitive Online Routing Algorithms in Delaunay Triangulations Presented by Anders Lundgren

Competitive Online Routing Algorithms in Delaunay Triangulations Presented by Anders Lundgren

Competitive Online Routing Algorithms in Delaunay Triangulations Presented by Anders Lundgren and Agata Gruza Computing Dirichlet Tesselantions: Adrian Bowyer Computing the N-Dimensional Deluanay Tessellation with Application to Voronoi

494 views • 33 slides
FAST APPROXIMATE NEAREST NEIGHBORS WITH AUTOMATIC ALGORITHM CONFIGURATION Marius Muja, David G.

FAST APPROXIMATE NEAREST NEIGHBORS WITH AUTOMATIC ALGORITHM CONFIGURATION Marius Muja, David G.

FAST APPROXIMATE NEAREST NEIGHBORS WITH AUTOMATIC ALGORITHM CONFIGURATION Marius Muja, David G. Lowe, 2009 Presented by: Gautam Gunjala & Jordan Zhang Nearest Neighbors? Given points P={p 1 , ,p n } in a vector space X,preprocess such

560 views • 33 slides
The Sliding Window Algorithm The Sliding Window algorithm sums several small

The Sliding Window Algorithm The Sliding Window algorithm sums several small

The Sliding Window Algorithm The Sliding Window algorithm sums several small sub-matrices of a matrix of values. The maximum of these sums is then located and it's coordinates passed out of the program. This is used as a

466 views • 22 slides
How Policymakers Can Foster Algorithmic Accountability Joshua a New @josh sh_a _a_ne new

How Policymakers Can Foster Algorithmic Accountability Joshua a New @josh sh_a _a_ne new

THE CENTER FOR DATA INNOVATION | DATAINNOVATION.ORG How Policymakers Can Foster Algorithmic Accountability Joshua a New @josh sh_a _a_ne new Accountab abili lity y in the Algorithmic Economy May 22, 2018 THE CENTER FOR DATA INNOVATION

375 views • 14 slides

More recommend