a new algorithm for the unbalanced meet in the middle
play

A New Algorithm for the Unbalanced Meet-in-the-Middle Problem Ivica - PowerPoint PPT Presentation

Aug 22, 2023 •19 likes •399 views

Definitions State-of-the-art New Algorithm Conclusion A New Algorithm for the Unbalanced Meet-in-the-Middle Problem Ivica Nikoli c (joint with Yu Sasaki) NTU, Singapore Ivica Nikoli c (joint with Yu Sasaki) NTU, Singapore A New

  1. Definitions State-of-the-art New Algorithm Conclusion A New Algorithm for the Unbalanced Meet-in-the-Middle Problem Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  2. Definitions State-of-the-art New Algorithm Conclusion 1 Definitions 2 State-of-the-art 3 New Algorithm 4 Conclusion Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  3. Definitions State-of-the-art New Algorithm Conclusion Unbalanced Meet-in-the-Middle Example: From pseudo-preimage to preimage attack on SHA-256 Let the compression function be invertible in 2 64 Store 2 96 preimages for the second compression function Generate 2 160 images for the first Produce a collision in the middle H * IV SHA-256 SHA-256 compression compression Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  4. Definitions State-of-the-art New Algorithm Conclusion MITM � = meeting in the middle Diffie–Hellman introduced MITM to attack Double-DES. There, the two functions were indeed ”meeting in the middle” However, today MITM has a different, more general meaning Example, MITM attacks on AES have nothing to do with ”meeting in the middle”. Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  5. Definitions State-of-the-art New Algorithm Conclusion MITM = Collision search MITM attack is synonym for collision search So, instead of MITM we can talk about collisions between two functions f ( x ) and g ( y ) g f X Y Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  6. Definitions State-of-the-art New Algorithm Conclusion Collision types We can differentiate two types of collisions between f and g 1 f , g have range larger than domain. g f X Y 2 f , g have range not larger than domain. g f X Y Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  7. Definitions State-of-the-art New Algorithm Conclusion Our target: Unbalanced Collisions We deal only with the case 2. Furthermore, to simplify, we focus only on collision search between two n -bit functions f , g : f : { 0 , 1 } n → { 0 , 1 } n g : { 0 , 1 } n → { 0 , 1 } n Unbalanced collisions – g is R times more ”expensive” than f (in the previous example of SHA-256, R = 2 64 ) Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  8. Definitions State-of-the-art New Algorithm Conclusion 1 Definitions 2 State-of-the-art 3 New Algorithm 4 Conclusion Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  9. Definitions State-of-the-art New Algorithm Conclusion The balanced case When R = 1 ( f , g have the same cost) then use Floyd’s cycle finding algorithm √ n 2 = it requires time T = 2 N it requires negligible memory Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  10. Definitions State-of-the-art New Algorithm Conclusion The unbalanced case When R > 1, then use MITM √ � � N N Store R images of g (in time R R = RN ) √ Produce around RN images of f and check for collision √ � N Success because RN = N R √ Time: RN � N Memory: R Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  11. Definitions State-of-the-art New Algorithm Conclusion The unbalanced case - Tradeoff The standard MITM algorithm allows a tradeoff TM = N , √ where T ≥ RN . Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  12. Definitions State-of-the-art New Algorithm Conclusion Why the standard MITM algorithm can be bad Standard MITM : Huge jump of memory requirement when R goes beyond 1 Weird: the smaller the R , the larger the memory requirement Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  13. Definitions State-of-the-art New Algorithm Conclusion 1 Definitions 2 State-of-the-art 3 New Algorithm 4 Conclusion Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  14. Definitions State-of-the-art New Algorithm Conclusion Ideas New algorithm combines 2 ideas: 1 Unbalanced interleaving 2 van Oorschot-Wiener parallel collision search Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  15. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving Balanced interleaving Floyd’s algorithm used for collision search of 2 balanced functions selects the used function with equal probability. i.e. it finds a collision for H ( x ) defined as � f ( x ) if σ ( x ) = 0 H ( x ) = g ( x ) if σ ( x ) = 1 σ ( x ) outputs 0 or 1, with equal probability Collisions for H ( x ) is collision between f , g with probability 1 2 = ⇒ repeat the search 2 times Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  16. Definitions State-of-the-art New Algorithm Conclusion Balanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  17. Definitions State-of-the-art New Algorithm Conclusion Balanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  18. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving Unbalanced interleaving Define H ( x ) as � f ( x ) if σ ( x ) = 0 H ( x ) = g ( x ) if σ ( x ) = 1 σ ( x ) outputs 0 around R times more often than 1 Collisions for H ( x ) is collision between f , g with probability 1 R = ⇒ repeat the search R times Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  19. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  20. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  21. Definitions State-of-the-art New Algorithm Conclusion Unbalanced interleaving - Floyd’s cycle finding algorithm f g Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  22. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Parallel Collision Search van Oorschot-Wiener algorithm can be used to find multiple collisions faster than Floyd’s algorithm: Useful when many collisions are required It requires memory Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  23. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Algorithm: Hash Table First, construct a hash table: Take a random point v 1 and produce a chain of values n − m v i = f ( v i − 1 ) , i = 2 , . . . , 2 2 Store ( v 2 , v 1 ) in hash table L n − m 2 Repeat for 2 m different points v f f f f f v 2 n-m . . . 1 2 2 2 f f f f v . . . f v 2 n-m 1 2 . . . m m 2 2 f f f f f v . . . v 2 n-m 1 2 Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  24. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Algorithm: Collision Search 1 Pick a random value w 1 2 Produce w i = f ( w i − 1 ) 3 Check if w i is in L . If not go to 2 4 By backtracking find the colliding values v f f f f f v 2 n-m . . . 1 2 2 2 v f f f f f v 2 n-m . . . 1 2 . . . m m 2 2 f f f f f v . . . v 2 n-m 1 2 f w f 1 Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

  25. Definitions State-of-the-art New Algorithm Conclusion van Oorschot-Wiener Algorithm: Collision Search n + m During construction of L passed 2 values 2 n + m n − m If chain of w i ’s is of length around 2 n / 2 = 2 a collision 2 2 will occur n − m Time complexity of one collision: 2 2 v f f f . . . f f v 2 n-m 1 2 2 2 v f f f . . . f f v 2 n-m 1 2 . . . m m 2 2 v f f f f f v 2 n-m . . . 1 2 f w f 1 Ivica Nikoli´ c (joint with Yu Sasaki) NTU, Singapore A New Algorithm for the Unbalanced Meet-in-the-Middle Problem

Recommend

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France

Match Box Meet-in-the-Middle Attack against KATAN Thomas Fuhr and Brice Minaud ANSSI, France FSE, March 3-5 2014 Plan 1 Match Box Meet-in-the-Middle Attacks Sieve-in-the-Middle Framework Match Box Cryptanalysis of KATAN 2 Description

1.61k views • 37 slides
Balanced and Unbalanced Collections Louis J. Billera Cornell University TLC Wake Forest,

Balanced and Unbalanced Collections Louis J. Billera Cornell University TLC Wake Forest,

Balanced and Unbalanced Collections Louis J. Billera Cornell University TLC Wake Forest, February 9, 2013 1 Balanced and Unbalanced Collections Balanced Collections Economic Equilibria Unbalanced Collections - Quantum Field Theory Poset

1.25k views • 124 slides
Desert Sky Middle School Virtual Meet the Teacher Hill/Willard/Crabtree/Chen Meet Your Teams

Desert Sky Middle School Virtual Meet the Teacher Hill/Willard/Crabtree/Chen Meet Your Teams

Desert Sky Middle School Virtual Meet the Teacher Hill/Willard/Crabtree/Chen Meet Your Teams Teachers: Ming Chen Meagan Willard Kristi Hill Lisa Crabtree Mandarin Math & SS Language Arts Science & SS & SS & SS Meet

551 views • 11 slides
Desert Sky Middle School Virtual Meet the Teacher Team C Team Introductions Tina Murray -

Desert Sky Middle School Virtual Meet the Teacher Team C Team Introductions Tina Murray -

Desert Sky Middle School Virtual Meet the Teacher Team C Team Introductions Tina Murray - Science Joe Isaac - Language Arts Lisa Nussmeier - Social Studies Melissa Little - Math Meet Our Specialists Sal Rodriguez - Physical Education (PE)

510 views • 12 slides
WELCOME TO GLEN HILLS MIDDLE SCHOOL OPEN HOUSE 2019-20 Meet the 8th Grade Team! Mike

WELCOME TO GLEN HILLS MIDDLE SCHOOL OPEN HOUSE 2019-20 Meet the 8th Grade Team! Mike

WELCOME TO GLEN HILLS MIDDLE SCHOOL OPEN HOUSE 2019-20 Meet the 8th Grade Team! Mike Birmingham Jaclyn Orozco Natalie Block Shana Lucas Spanish Math Special Education AVID Coordinator AVID Elective Meet the 8th Grade Team! Jen Clark

190 views • 18 slides
s e i t i v i t c A r a l u c i r r u c a r t x E Elm Middle School Why

s e i t i v i t c A r a l u c i r r u c a r t x E Elm Middle School Why

s e i t i v i t c A r a l u c i r r u c a r t x E Elm Middle School Why be involved? Fun Develop skills such as time management, Explore career prioritization, and interests organization, Meet people and

540 views • 15 slides
Welcome to Grapevine Middle School Meet the Counselors Mrs. Johnson- Counselor Traditional A-Z

Welcome to Grapevine Middle School Meet the Counselors Mrs. Johnson- Counselor Traditional A-Z

Welcome to Grapevine Middle School Meet the Counselors Mrs. Johnson- Counselor Traditional A-Z Mrs. Gardner- Counselor Specializing in STEM and Dual Language Mrs. Lemke Student Advocate GMS Administration Principal Dr. Koehler

710 views • 14 slides
Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei Sun 1 Patrick Derbez 2 Yosuke Todo 3 Bing Sun 4 Lei Hu 1 1 Institute of Information Engineering, Chinese Academy of Sciences, China 2 Univ Rennes,

1.17k views • 87 slides
Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei

Programming the Demirci-Selc uk Meet-in-the-Middle Attack with Constraints Danping Shi 1 Siwei Sun 1 Patrick Derbez 2 Yosuke Todo 3 Bing Sun 4 Lei Hu 1 1 Institute of Information Engineering, Chinese Academy of Sciences, China 2 Universit

726 views • 60 slides
Road to Blended Learning How to use TCI Strategies in a Middle School Classroom Meet the

Road to Blended Learning How to use TCI Strategies in a Middle School Classroom Meet the

Road to Blended Learning How to use TCI Strategies in a Middle School Classroom Meet the Speakers! Dawn Smith Tom McClellan National Account Manager Customer Success Manager What Well Be Covering The Cooperative, Tolerant yet

347 views • 24 slides
Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez

Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez

Introduction Demirci and Sel cuk Attack Differential Enumeration Technique Conclusion Exhausting Demirci-Sel cuk Meet-in-the-Middle Attacks against Reduced-Round AES Patrick Derbez 1 Pierre-Alain Fouque 1 , 2 Ecole Normale Sup

1.25k views • 60 slides
Notes to Slides Slide 2: The Middle East sits where Africa, Asia and Europe meet. The Greater

Notes to Slides Slide 2: The Middle East sits where Africa, Asia and Europe meet. The Greater

Notes to Slides Slide 2: The Middle East sits where Africa, Asia and Europe meet. The Greater Middle East includes all countries on the map to the left including Afghanistan and Pakistan, and all the other "stans," but it also includes

138 views • 3 slides
Welcome to Middle School Information Night Join the Conversation on Twitter Using #MSInfoNight

Welcome to Middle School Information Night Join the Conversation on Twitter Using #MSInfoNight

Welcome to Middle School Information Night Join the Conversation on Twitter Using #MSInfoNight Meet Your Principals Dr. Lori Wiggins Dr. Casey Robinson Keisha Boggan Gunston H-B Woodlawn Jefferson 2 Meet Your Principals David McBride

359 views • 20 slides
Meet in the Middle - STP March 20, 2019 1 / 17 Last weeks exercise Solution on whiteboard.

Meet in the Middle - STP March 20, 2019 1 / 17 Last weeks exercise Solution on whiteboard.

Meet in the Middle - STP March 20, 2019 1 / 17 Last weeks exercise Solution on whiteboard. 2 / 17 Recap of MitM attack Whiteboard 3 / 17 Searching for attacks By hand - Last week(s) Using the computer - This week 4 / 17

689 views • 23 slides
Blended Learning Teaching Strategies Middle School Science Meet the Speakers! Nathan Marsha

Blended Learning Teaching Strategies Middle School Science Meet the Speakers! Nathan Marsha

Blended Learning Teaching Strategies Middle School Science Meet the Speakers! Nathan Marsha Curriculum Developer Director, Product Experience Icebreaker 1. Get two sticky notes (or tear a sheet of paper in half). 2. Think about your

538 views • 39 slides
Good Nutrition Malnutrition: under, over or unbalanced consumption of nutrients leads to

Good Nutrition Malnutrition: under, over or unbalanced consumption of nutrients leads to

1/12/18 W.I.T.S. Personal Trainer Certification Lecture Three: Test Title Nutrition; Exercise Prescription for Weight Management; Exercise Prescription for Cardiovascular Fitness Good Nutrition Malnutrition: under, over or unbalanced

615 views • 26 slides
Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT

Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT

Meet in the Middle Attack Using Output Truncation in 3 Pass HAVAL Yu Sasaki NTT Corporation 07/Sep/2009 ISC2009@Pisa 1/22 Yu Sasaki, MitM using output truncation of 3 Haval Summary HAVAL is a hash function that can produce

507 views • 23 slides
Equal-Subset-Sum faster than the Meet-in-the-Middle Marcin Mucha, Jesper Nederlof, Jakub Pawlewicz,

Equal-Subset-Sum faster than the Meet-in-the-Middle Marcin Mucha, Jesper Nederlof, Jakub Pawlewicz,

Equal-Subset-Sum faster than the Meet-in-the-Middle Marcin Mucha, Jesper Nederlof, Jakub Pawlewicz, Karol Wgrzycki University of Warsaw, TU/e ESA 2019 Definitions Subset Sum : Given set S of integers, and integer t . Find A S , such that

1.05k views • 102 slides
Stowe Middle High School 8/11/20 -- Family Session with Mr. Morrison and Mrs. Muller PLEASE TURN

Stowe Middle High School 8/11/20 -- Family Session with Mr. Morrison and Mrs. Muller PLEASE TURN

Stowe Middle High School 8/11/20 -- Family Session with Mr. Morrison and Mrs. Muller PLEASE TURN YOUR MICROPHONE OFF Today Teacher Inservice Next Week 8:15 AM - 8:45 AM Family Meet TBD Google Meet Immediately, MUTE your Microphone. Content

289 views • 25 slides
Quasi-Optimal Multiplication of Linear Differential Operators Alexandre Benoit 1 , Alin Bostan 2

Quasi-Optimal Multiplication of Linear Differential Operators Alexandre Benoit 1 , Alin Bostan 2

Introduction The van der Hoeven Algorithm New Algorithm for the Unbalanced Product ( r > d ) Reflexion for the Case when d > r Conclusion Quasi-Optimal Multiplication of Linear Differential Operators Alexandre Benoit 1 , Alin Bostan 2 and

619 views • 51 slides
A Meet-in-the-Middle Attack on 8-Round AES H useyin Demirci Ali Aydn Sel cuk presented

A Meet-in-the-Middle Attack on 8-Round AES H useyin Demirci Ali Aydn Sel cuk presented

A Meet-in-the-Middle Attack on 8-Round AES H useyin Demirci Ali Aydn Sel cuk presented by Orhun Kara 1 Outline The AES A 5-round distinguisher Attack on 7-round AES-192, AES-256 and 8-round AES-256 Some optimizations

504 views • 19 slides
UNBALANCED OPTIMAL TRANSPORT L ena c Chizat joint work with F-X. Vialard, G. Peyr e

UNBALANCED OPTIMAL TRANSPORT L ena c Chizat joint work with F-X. Vialard, G. Peyr e

UNBALANCED OPTIMAL TRANSPORT L ena c Chizat joint work with F-X. Vialard, G. Peyr e & B. Schmitzer CEREMADE Universit e Paris Dauphine Mokalien 2015 Introduction Static Dynamic Examples & Numerics Conclusion

995 views • 61 slides
consequences on microbiota composition and metabolic health of adult pigs consuming an unbalanced

consequences on microbiota composition and metabolic health of adult pigs consuming an unbalanced

Early prebiotic supplementation induces long-lasting consequences on microbiota composition and metabolic health of adult pigs consuming an unbalanced diet. C. Le Bourgot 1 *, B. Taminiau 2 , S. Ferret-Bernard 3 , A. Cahu 3 , L. Le Normand 3 , F.

525 views • 17 slides
From unbalanced optimal transport to the Camassa-Holm equation Fran cois-Xavier Vialard

From unbalanced optimal transport to the Camassa-Holm equation Fran cois-Xavier Vialard

From unbalanced optimal transport to the Camassa-Holm equation Fran cois-Xavier Vialard From unbalanced optimal transport to the Camassa-Holm equation Fran cois-Xavier Vialard Ceremade, Universit e Paris-Dauphine INRIA team

1.4k views • 112 slides

More recommend