on the security of tandem dm
play

On the Security of Tandem-DM Ewan Fleischmann, Michael Gorski, - PowerPoint PPT Presentation

Jun 06, 2023 •213 likes •771 views

Outline Introduction Security of Tandem-DM Concluding Remarks On the Security of Tandem-DM Ewan Fleischmann, Michael Gorski, Stefan Lucks Bauhaus-University Weimar February 23, 2009 Ewan Fleischmann, Michael Gorski, Stefan Lucks On the

  1. Outline Introduction Security of Tandem-DM Concluding Remarks On the Security of Tandem-DM Ewan Fleischmann, Michael Gorski, Stefan Lucks Bauhaus-University Weimar February 23, 2009 Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  2. Outline Introduction Security of Tandem-DM Concluding Remarks Introduction 1 Blockcipher Based Hashing Examples of DBL Hash Functions Security of Tandem-DM 2 Results on Collision Resistance Results on Preimage Resistance Model for the proof Proof Details Concluding Remarks 3 Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  3. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Approaches to building a cryptographic hash function From Scratch (MD4, MD5, SHA-0/1, SHA-256/512, RIPEMD, ...) From a blockcipher (MMO, DM, MDC-2/4, Tandem-DM, Abreast-DM, ...) From number-theoretic primitives or hard problems (lattices, modular arithmetic, ...) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  4. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Approaches to building a cryptographic hash function From Scratch (MD4, MD5, SHA-0/1, SHA-256/512, RIPEMD, ...) From a blockcipher (MMO, DM, MDC-2/4, Tandem-DM, Abreast-DM, ...) From number-theoretic primitives or hard problems (lattices, modular arithmetic, ...) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  5. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Approaches to building a cryptographic hash function From Scratch (MD4, MD5, SHA-0/1, SHA-256/512, RIPEMD, ...) From a blockcipher (MMO, DM, MDC-2/4, Tandem-DM, Abreast-DM, ...) From number-theoretic primitives or hard problems (lattices, modular arithmetic, ...) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  6. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Approaches to building a cryptographic hash function From Scratch (MD4, MD5, SHA-0/1, SHA-256/512, RIPEMD, ...) From a blockcipher (MMO, DM, MDC-2/4, Tandem-DM, Abreast-DM, ...) From number-theoretic primitives or hard problems (lattices, modular arithmetic, ...) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  7. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - Why? Several attacks on MD4-type functions in recent years (MD4/5, SHA family, RIPEMED, ...) Only one primitve for encryption and hashing Low cost hardware Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  8. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - Why? Several attacks on MD4-type functions in recent years (MD4/5, SHA family, RIPEMED, ...) Only one primitve for encryption and hashing Low cost hardware Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  9. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - Why? Several attacks on MD4-type functions in recent years (MD4/5, SHA family, RIPEMED, ...) Only one primitve for encryption and hashing Low cost hardware Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  10. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - Why not? Usually slower than dedicated hash function Weaknesses not relevant for encryption (e.g. DES weak keys) Output length too short (e.g. 128 bits for AES) = ⇒ double block length constructions needed (e.g. hash output size of 256 bits for AES) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  11. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - Why not? Usually slower than dedicated hash function Weaknesses not relevant for encryption (e.g. DES weak keys) Output length too short (e.g. 128 bits for AES) = ⇒ double block length constructions needed (e.g. hash output size of 256 bits for AES) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  12. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - Why not? Usually slower than dedicated hash function Weaknesses not relevant for encryption (e.g. DES weak keys) Output length too short (e.g. 128 bits for AES) = ⇒ double block length constructions needed (e.g. hash output size of 256 bits for AES) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  13. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - Why not? Usually slower than dedicated hash function Weaknesses not relevant for encryption (e.g. DES weak keys) Output length too short (e.g. 128 bits for AES) = ⇒ double block length constructions needed (e.g. hash output size of 256 bits for AES) Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  14. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - The Goal ’Secure’ (ideal cipher model) e.g. birthday type collision resistance Long hash output (e.g. >> 128 bits = blocksize) Efficient: efficiency = size of message input number of blockcipher calls needed to process this input Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  15. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - The Goal ’Secure’ (ideal cipher model) e.g. birthday type collision resistance Long hash output (e.g. >> 128 bits = blocksize) Efficient: efficiency = size of message input number of blockcipher calls needed to process this input Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  16. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - The Goal ’Secure’ (ideal cipher model) e.g. birthday type collision resistance Long hash output (e.g. >> 128 bits = blocksize) Efficient: efficiency = size of message input number of blockcipher calls needed to process this input Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  17. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Blockcipher Based Hashing - The Goal ’Secure’ (ideal cipher model) e.g. birthday type collision resistance Long hash output (e.g. >> 128 bits = blocksize) Efficient: efficiency = size of message input number of blockcipher calls needed to process this input Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  18. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Example: Hirose’s FSE’06 proposal H i − 1 E H i G i − 1 M i const G i E Rate 1/2, Output size: 2n (i.e. AES-256 256 bits) Collision Resistance: > 2 124 . 5 for CF ( n , 2 n )-blockchiffre, n-bit cipher/plaintext, 2n-bit key Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  19. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Example: Hirose’s FSE’06 proposal H i − 1 E H i G i − 1 M i const G i E Rate 1/2, Output size: 2n (i.e. AES-256 256 bits) Collision Resistance: > 2 124 . 5 for CF ( n , 2 n )-blockchiffre, n-bit cipher/plaintext, 2n-bit key Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  20. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Example: Hirose’s FSE’06 proposal H i − 1 E H i G i − 1 M i const G i E Rate 1/2, Output size: 2n (i.e. AES-256 256 bits) Collision Resistance: > 2 124 . 5 for CF ( n , 2 n )-blockchiffre, n-bit cipher/plaintext, 2n-bit key Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

  21. Outline Introduction Blockcipher Based Hashing Security of Tandem-DM Examples of DBL Hash Functions Concluding Remarks Tandem-DM - a DBL hash function E H i − 1 H i M i G i − 1 G i E Rate 1 / 2, Output: 2 n (i.e. AES-256: 2 n = 256-bit) Proof of Collision Resistance: this presentation/paper ( n , 2 n )-blockchiffre, n-bit cipher/plaintext, 2n-bit key Ewan Fleischmann, Michael Gorski, Stefan Lucks On the Security of Tandem-DM

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DNA Short Tandem Repeats Organism DNA Short Tandem Repeats Organ DNA Short Tandem Repeats Cell

DNA Short Tandem Repeats Organism DNA Short Tandem Repeats Organ DNA Short Tandem Repeats Cell

DNA Short Tandem Repeats Organism DNA Short Tandem Repeats Organ DNA Short Tandem Repeats Cell Weights 1kg a bag of sugar 1g paper clip 1mg (milligram) 0.001g brain of a bee 1g (microgram) 0.000001g weight of a

1.38k views • 102 slides
Tandem modeling investigations Dan Ellis International Computer Science Institute, Berkeley CA

Tandem modeling investigations Dan Ellis International Computer Science Institute, Berkeley CA

Tandem modeling investigations Dan Ellis International Computer Science Institute, Berkeley CA <dpwe@icsi.berkeley.edu> Outline 1 What makes Tandem successful? 2 Can we make Tandem better? 3 Does Tandem work with LVCSR tricks?

716 views • 7 slides
The Collision Security of Tandem-DM in the Ideal Cipher Model Jooyoung Lee 1 Martijn Stam 2 John

The Collision Security of Tandem-DM in the Ideal Cipher Model Jooyoung Lee 1 Martijn Stam 2 John

The Collision Security of Tandem-DM in the Ideal Cipher Model Jooyoung Lee 1 Martijn Stam 2 John Steinberger 3 1 Faculty of Mathematics and Statistics, Sejong University, Seoul, Korea 2 Department of Computer Science, University of Bristol,

647 views • 52 slides
Tandem Nishita Muhnot | Kevin Scott | Tiffany Tsai | Ari Zilnik Whats Tandem? The

Tandem Nishita Muhnot | Kevin Scott | Tiffany Tsai | Ari Zilnik Whats Tandem? The

Tandem Nishita Muhnot | Kevin Scott | Tiffany Tsai | Ari Zilnik Whats Tandem? The Market Name Rating Price Repair Step by Videos Messaging Route Sensing Emergency Injury Help Challenge Instruction step Mapping Request

1.78k views • 149 slides
Tandem bike for autistic person (Team Tandem) Team Members: Client: Callie Mataczynski - Team

Tandem bike for autistic person (Team Tandem) Team Members: Client: Callie Mataczynski - Team

Tandem bike for autistic person (Team Tandem) Team Members: Client: Callie Mataczynski - Team Leader Eric Arndt - Communicator Advisor: Aaron Wagner - BWIG/BPAG Mengizem Tizale - BSAC 1 Presentation Overview 2

196 views • 15 slides
Orientations bipolaires et chemins tandem Eric Fusy (CNRS/LIX) Travaux avec Mireille

Orientations bipolaires et chemins tandem Eric Fusy (CNRS/LIX) Travaux avec Mireille

Orientations bipolaires et chemins tandem Eric Fusy (CNRS/LIX) Travaux avec Mireille Bousquet-M elou et Kilian Raschel Journ ees Alea, 2017 Tandem walks A tandem-walk is a walk in Z 2 with step-set { N, W, SE } in the plane Z 2 in the

780 views • 30 slides
The Potential of Tandem Photovoltaic Solar Cells Tandem Photovoltaic Solar Cells for Indoor

The Potential of Tandem Photovoltaic Solar Cells Tandem Photovoltaic Solar Cells for Indoor

The Potential of Tandem Photovoltaic Solar Cells Tandem Photovoltaic Solar Cells for Indoor Applications pp Ben Minnaert and Peter Veelaert Faculty of Engineering and Architecture Ghent University, Belgium Ben.Minnaert@UGent.be Low power indoor

906 views • 9 slides
Modeling Wind Shielding for FPSO Tandem Offloading using CFD Bob Gordon, Granherne Satpreet

Modeling Wind Shielding for FPSO Tandem Offloading using CFD Bob Gordon, Granherne Satpreet

Modeling Wind Shielding for FPSO Tandem Offloading using CFD Bob Gordon, Granherne Satpreet Nanda, CD-adapco Presentation Outline FPSO Tandem Offloading Examples of Shielding in Offshore Applications Wind Tunnel Tests for Tandem

1.03k views • 20 slides
Direct analysis of neutrals using superconducting detector in tandem mass spectrometry TOD:

Direct analysis of neutrals using superconducting detector in tandem mass spectrometry TOD:

Direct analysis of neutrals using superconducting detector in tandem mass spectrometry TOD: Novel Developments in Mass Spectrometry Instrumentation: Analyzers, Detectors, Tandem Instruments ! City hall, May 31, 2009 ASMS2009, Philadelphia !

127 views • 9 slides
Status of the TanDEM-X Mission Irena Hajnsek*, Daniel Schulze, Thomas Busche, Manfred Zink,

Status of the TanDEM-X Mission Irena Hajnsek*, Daniel Schulze, Thomas Busche, Manfred Zink,

Status of the TanDEM-X Mission Irena Hajnsek*, Daniel Schulze, Thomas Busche, Manfred Zink, Gerhard Krieger, Alberto Moreira & TanDEM-X Team Microwaves and Radar Institute, DLR - German Aerospace Center *ETH Zrich, Environmental

349 views • 22 slides
How to break into a Tandem System and how to prevent it! Carl Weber GreenHouse Software

How to break into a Tandem System and how to prevent it! Carl Weber GreenHouse Software

1234 How to break into a Tandem System and how to prevent it! Carl Weber GreenHouse Software & Consulting Security SIG of ETUG, 25. September 2012 1234 This This is is what what you you have have to to secure secure 1234

1.11k views • 99 slides
Joint Optimisation of Tandem Systems using Gaussian Mixture Density Neural Network Discriminative

Joint Optimisation of Tandem Systems using Gaussian Mixture Density Neural Network Discriminative

Joint Optimisation of Tandem Systems using Gaussian Mixture Density Neural Network Discriminative Sequence Training Chao Zhang and Phil Woodland March 8, 2017 Cambridge University Engineering Department Introduction Tandem Systems as Mixture

926 views • 17 slides
RESPITE: Tandem & multistream research Dan Ellis International Computer Science Institute,

RESPITE: Tandem & multistream research Dan Ellis International Computer Science Institute,

RESPITE: Tandem & multistream research Dan Ellis International Computer Science Institute, Berkeley CA <dpwe@icsi.berkeley.edu> Outline 1 Tandem & LVCSR 2 Mutual information for multistream design 3 Other multistream work at

251 views • 13 slides
Introduction to IBA The RBS and ERD techniques Anastasios Lagoyannis Tandem Accelerator

Introduction to IBA The RBS and ERD techniques Anastasios Lagoyannis Tandem Accelerator

Introduction to IBA The RBS and ERD techniques Anastasios Lagoyannis Tandem Accelerator Laboratory Institute of Nuclear and Particle Physics N.C.S.R. Demokritos Outline Ion Beam Analysis Theoretical background Rutherford

806 views • 46 slides
Experimental Radar Modes with TerraSAR-X and TanDEM-X U. Steinbrecher 1 , S. Baumgartner 1 , S.

Experimental Radar Modes with TerraSAR-X and TanDEM-X U. Steinbrecher 1 , S. Baumgartner 1 , S.

Experimental Radar Modes with TerraSAR-X and TanDEM-X U. Steinbrecher 1 , S. Baumgartner 1 , S. Suchandt 2 , S. Wollstadt 1 , J. Mittermayer 1 , R. Scheiber 1 , D. Schulze 1 , H. Breit 2 1 German Aerospace Center (DLR), Microwaves and Radar

387 views • 28 slides
Synthesis of New Derivatives of Monoazaphenothiazine via Tandem Catalysis Swande Peter Iorember 1

Synthesis of New Derivatives of Monoazaphenothiazine via Tandem Catalysis Swande Peter Iorember 1

Synthesis of New Derivatives of Monoazaphenothiazine via Tandem Catalysis Swande Peter Iorember 1 *, Anoh Vitalis Aondoaver 2 and Agbo Stephen Attah 2 . 1. Department of Basic Sciences, Akperan Orshi College of Agriculture, Yandev, Gboko, 2.

828 views • 9 slides
The Design of Cryptosystems: The Interplay between Proofs and Attacks French-German-Singaporean

The Design of Cryptosystems: The Interplay between Proofs and Attacks French-German-Singaporean

The Design of Cryptosystems 1 Stefan Lucks The Design of Cryptosystems: The Interplay between Proofs and Attacks French-German-Singaporean Workshop on Applied Cryptography 3rd of December, 2010 Stefan Lucks Bauhaus-Universit at Weimar,

715 views • 48 slides
User Interface Design In Windows using Blend General UI I guidelines 10 heuristics (Jakob

User Interface Design In Windows using Blend General UI I guidelines 10 heuristics (Jakob

User Interface Design In Windows using Blend General UI I guidelines 10 heuristics (Jakob Nielsen) 1. Visibility of system status 6. Recognition rather than recall 2. Match between system and the real world 7. Flexibility and efficiency of

241 views • 21 slides
The Linking Open Data Project Bootstrapping the Web of Data Tom Heath Talis Information Ltd, UK

The Linking Open Data Project Bootstrapping the Web of Data Tom Heath Talis Information Ltd, UK

The Linking Open Data Project Bootstrapping the Web of Data Tom Heath Talis Information Ltd, UK CATCH Programme and E-Culture Project Meeting on Metadata Interoperability Amsterdam, 29 February 2008 My Background studiedAt created memberOf

828 views • 38 slides
Cross-Language Explicit Semantic Analysis Nedim Lipka Maik Anderka Benno Stein Bauhaus

Cross-Language Explicit Semantic Analysis Nedim Lipka Maik Anderka Benno Stein Bauhaus

Cross-Language Explicit Semantic Analysis Nedim Lipka Maik Anderka Benno Stein Bauhaus University Weimar www.webis.de 1 Lipka@CLEF [ ] 01.10.09 Outline Retrieval Models The CL-ESA Retrieval Model CL-ESA at TEL@CLEF 2009

697 views • 20 slides
WASDeTT-3 3rd Workshop on Academic/Advanced Software Development Tools and Techniques WASDeTT-3,

WASDeTT-3 3rd Workshop on Academic/Advanced Software Development Tools and Techniques WASDeTT-3,

WASDeTT-3 3rd Workshop on Academic/Advanced Software Development Tools and Techniques WASDeTT-3, Antwerp, Belgium September 20, 2010 This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.

431 views • 19 slides
FINITE STATE MORPHOLOGY 24.05.19 Statistical Natural Language Processing 1 Morphology with FSAs

FINITE STATE MORPHOLOGY 24.05.19 Statistical Natural Language Processing 1 Morphology with FSAs

Jurafsky, D. and Martin, J. H. (2009): Speech and Language Processing. An Introduction to Natural Language Processing, Computational Linguistics and Speech Recognition . Second Edition. Pearson: New Jersey: Chapter 3 Transducers, Compact

902 views • 39 slides
Transfer Learning for Improving Model Predictions in Highly Configurable Software Pooyan

Transfer Learning for Improving Model Predictions in Highly Configurable Software Pooyan

Transfer Learning for Improving Model Predictions in Highly Configurable Software Pooyan Jamshidi, Miguel Velez , Christian Kstner, Norbert Siegmund, Prasad Kawthekar Highly Configurable Systems In Dynamic Environments [Credit to CMU

911 views • 60 slides
Publish your SKOS vocabulary with Skosmos Osma Suominen and Henri Ylikotila SWIB14, Bonn,

Publish your SKOS vocabulary with Skosmos Osma Suominen and Henri Ylikotila SWIB14, Bonn,

Publish your SKOS vocabulary with Skosmos Osma Suominen and Henri Ylikotila SWIB14, Bonn, December 3, 2014 How do you put a thesaurus * on the web? * or any KOS: classification, authority file, term list, lightweight ontology... LCSH MeSH STW

760 views • 34 slides

More recommend