r adio g at n a belt and mill hash function a belt and
play

, R ADIO G ATN , a belt-and-mill hash function a belt-and-mill - PowerPoint PPT Presentation

Jan 07, 2023 •307 likes •474 views

R ADIO G ATN , R ADIO G ATN , a belt-and-mill hash function a belt-and-mill hash function Guido Bertoni, Joan Daemen, Michal Peeters * and Gilles Van Assche STMicroelectronics * De Valck Consultants Second Cryptographic Hash Workshop

  1. R ADIO G ATÚN , R ADIO G ATÚN , a belt-and-mill hash function a belt-and-mill hash function Guido Bertoni, Joan Daemen, Michaël Peeters * and Gilles Van Assche STMicroelectronics * De Valck Consultants Second Cryptographic Hash Workshop

  2. Introduction Introduction • New hash function (family) • Alternative design • Not based on fixed-length comp. function (Damgård-Merkle) • Not based on reduction  Variable-length input, variable-length output • Diversity • Building upon P ANAMA • Generalizing collision-generating attack [Rijmen et al.] • Simplify and strengthen • Performance in SW and HW Second Cryptographic Hash Workshop

  3. Alternating-input construction Alternating-input construction 0 Input block • State Round • Starts from 0 Input block • Iterate with input blocks Round • Input mapping ... • State size > input block size ( l i ) Blank Round • Do blank iterations iterations • Iterate with output blocks Round • Output mapping Output block • Fixed number for hash function Round Output block ... Second Cryptographic Hash Workshop

  4. Belt-and-mill structure Belt-and-mill structure • State = ( mill , belt ) Mill Belt • Mill function Input • Non-linear function mapping • Diffusion and confusion Bell • Belt function Milt • Linear function • Long-term diffusion Mill Belt • Belt-to-mill + mill-to-belt function function • Bell + milt • Linear mappings Second Cryptographic Hash Workshop

  5. Mill Belt R ADIO G ATÚN R ADIO G Input ATÚN mapping Bell • Parameter: word size Milt • R ADIO G ATÚN [32] • R ADIO G ATÚN [64] Mill Belt function function Belt Function Input Input Block Mapping 2 1 0 Belt Mill 16 17 18 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 1 1 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 Mill Function 6 7 8 0 1 2 3 4 5 Second Cryptographic Hash Workshop

  6. Mill Belt R ADIO G ATÚN R ADIO G Input ATÚN mapping Bell Milt Mill Belt function function Belt Function Input Input Block Mapping 2 1 0 Belt Mill 16 17 18 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 1 1 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 Mill Function 6 7 8 0 1 2 3 4 5 Second Cryptographic Hash Workshop

  7. Mill Belt R ADIO G ATÚN R ADIO G Input ATÚN mapping Bell • The mill function contains: Milt • Bitwise logical operations (XOR, AND, NOT) • Cyclic shifts Mill Belt function function Belt Function Input Input Block Mapping 2 1 0 Belt Mill 16 17 18 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 1 1 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 Mill Function 6 7 8 0 1 2 3 4 5 Second Cryptographic Hash Workshop

  8. Mill Belt R ADIO G ATÚN R ADIO G Input ATÚN mapping Bell • The mill function contains: Milt • Bitwise logical operations (XOR, AND, NOT) • Cyclic shifts Mill Belt function function a 10 a 11 a 12 a 13 a 14 a 15 a 16 a 17 a 18 a 0 a 1 a 2 a 3 a 4 a 5 a 6 a 7 a 8 a 9 ° ¼ 105 120 136 153 171 55 66 78 91 10 15 21 28 36 45 0 1 3 6 µ Second Cryptographic Hash Workshop A 10 A 11 A 12 A 13 A 14 A 15 A 16 A 17 A 18 A 0 A 1 A 2 A 3 A 4 A 5 A 6 A 7 A 8 A 9

  9. Mill Belt R ADIO G ATÚN R ADIO G Input ATÚN mapping Bell Milt Mill Belt function function Belt Function Input Input Block Mapping 2 1 0 Belt Mill 16 17 18 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 1 1 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 Mill Function 6 7 8 0 1 2 3 4 5 Second Cryptographic Hash Workshop

  10. Mill Belt R ADIO G ATÚN R ADIO G Input ATÚN mapping Bell Milt Mill Belt function function Belt Function Input Input Block Mapping 2 1 0 Belt Mill 16 17 18 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 1 1 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 Mill Function 6 7 8 0 1 2 3 4 5 Second Cryptographic Hash Workshop

  11. Mill Belt R ADIO G ATÚN R ADIO G Input ATÚN mapping Bell Milt Mill Belt function function Belt Function Input Input Block Mapping 2 1 0 Belt Mill 16 17 18 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 1 1 1 1 1 1 1 1 1 0 1 2 3 4 5 6 7 8 9 Mill Function 6 7 8 0 1 2 3 4 5 Second Cryptographic Hash Workshop

  12. s 0 Differential trails Differential trails p 0 t 0 DP Round s 0 • Differential trail • State differences + input differences p 0 • Used to find an internal collision t 0 • Weight DP Round s 0 • Negative (binary) logarithm of probability ... p 0 t 0 DP Round s 0 Second Cryptographic Hash Workshop

  13. Trail backtracking Trail backtracking • Propagate difference lonesome weight round • Through each round input blocks right pairs coming out (neg. log.) • Only if right pair backtracking cost right pairs entering (neg. log.) • weight > l i : fraction thru • weight ≤ l i : pair creation • Complexity • Lonesome round • Crowded round crowded round • Backtracking cost • Also for algebraic attacks rounds Second Cryptographic Hash Workshop

  14. Analysis Analysis • R ADIO G ATÚN [1, 2, 4, …] useful for analysis • Explicit search of collisions • Differential trails with lowest complexity • Trail for R ADIO G ATÚN [1] extends to R ADIO G ATÚN [ n ] • Symmetry destroyed in the mill • Specific trails for R ADIO G ATÚN [ n ] may exist with lower cost • Other aspects • Fixed points • Algebraic attacks on R ADIO G ATÚN [1, 2, 3, 4, …, 64] • Ongoing • Prove bounds Second Cryptographic Hash Workshop

  15. Performance Performance • Extremely fast in hardware • Fast in software Dell Precision 670 with Windows (32 bits) Linux (x86_64) Intel Xeon 3GHz Visual Studio 2005 GCC 3.3.5 (in Mbyte/sec) SHA-1 90 91 SHA-256 65 80 P ANAMA 480 288 R ADIO G ATÚN [32] 120 175 R ADIO G ATÚN [64] 55 270 Second Cryptographic Hash Workshop

  16. Conclusion Conclusion • Belt-and-mill structure • Simplicity (analysis) • R ADIO G ATÚN • Performance • Existence of toy cipher (analysis) • No patent • Analysis ongoing • Do not hesitate to attack! • See security claims in R ADIO G ATÚN paper http://radiogatun.noekeon.org Second Cryptographic Hash Workshop

Recommend

Belt Tension JellyBox HowTo: Belt Tension In this video, we set up the correct belt tension on X

Belt Tension JellyBox HowTo: Belt Tension In this video, we set up the correct belt tension on X

Belt Tension JellyBox HowTo: Belt Tension In this video, we set up the correct belt tension on X and Y axes. Belt Tension? If the belts are too loose, they may skip steps or even slip off idlers. You may also observe more 'ringing' artifacts

250 views • 4 slides
One Belt One Road Three Dimensions Jan.Hoffmann@UNCTAD.org Hong Kong, May 2016 One

One Belt One Road Three Dimensions Jan.Hoffmann@UNCTAD.org Hong Kong, May 2016 One

One Belt One Road Three Dimensions Jan.Hoffmann@UNCTAD.org Hong Kong, May 2016 One Belt One Road Liner shipping connectivity The maritime supply chain Facilitating trade and transit One Belt One Road

1.34k views • 108 slides
The Green Belt Threats and Future Richard Knox-Johnston Chair London Green Belt Council April

The Green Belt Threats and Future Richard Knox-Johnston Chair London Green Belt Council April

The Green Belt Threats and Future Richard Knox-Johnston Chair London Green Belt Council April 2018 London Metropolitan Green Belt Under greater threat than ever before In Increase in in th the number of f LM LMGB sit ites under th

291 views • 26 slides
Tien Shan Gold Belt Setting Tien Shan Gold Belt Prolific belt with several giant gold deposits,

Tien Shan Gold Belt Setting Tien Shan Gold Belt Prolific belt with several giant gold deposits,

C ORPORATE P RESENTATION C AUTIONARY S TATEMENT Certain information contained in some of our press releases or presentations constitutes forward-looking information, within the meaning of Canadian legislation. Generally, these

145 views • 14 slides
Kalahari Copper Belt Project 100% interest in the Kalahari Copper Belt Project covering 15,035km 2

Kalahari Copper Belt Project 100% interest in the Kalahari Copper Belt Project covering 15,035km 2

Kalahari Copper Belt Project 100% interest in the Kalahari Copper Belt Project covering 15,035km 2 in western Botswana Interpreted to cover a strike length of more than 200km of favourable geology with the multiple targets Kalahari

376 views • 4 slides
Police Crash Reports as a Source to Examine Seat Belt Use Rate Distribution in Neighborhoods

Police Crash Reports as a Source to Examine Seat Belt Use Rate Distribution in Neighborhoods

Police Crash Reports as a Source to Examine Seat Belt Use Rate Distribution in Neighborhoods Amin Mohamadi Hezaveh Christopher R. Cherry IN THIS PRESENTATION Seat belt in TN Background Current Methods for Measuring Seat Belt

502 views • 32 slides
One Belt, One Road Discovering the New Silk Road Chengdu and Shanghai June 2016 ONE BELT ONE

One Belt, One Road Discovering the New Silk Road Chengdu and Shanghai June 2016 ONE BELT ONE

Study Tour to China One Belt, One Road Discovering the New Silk Road Chengdu and Shanghai June 2016 ONE BELT ONE ROAD, DISCOVERING THE NEW SILK ROAD A discovery trip to experience first-hand the latest developments in the worlds

381 views • 20 slides
Le Lever eraging ging the Belt the Belt and R and Road oad Initia Initiativ tive e to Dr

Le Lever eraging ging the Belt the Belt and R and Road oad Initia Initiativ tive e to Dr

The New he New Silk R Silk Road oad Le Lever eraging ging the Belt the Belt and R and Road oad Initia Initiativ tive e to Dr to Driv ive e a a New Er New Era a of of Sustaina Sustainable ble Trade ade Speakers Ms Yan

416 views • 6 slides
Reinventing Golden Belt A Redevelopment Workshop November 4, 2005 Presented by DURHAM AREA

Reinventing Golden Belt A Redevelopment Workshop November 4, 2005 Presented by DURHAM AREA

Reinventing Golden Belt A Redevelopment Workshop November 4, 2005 Presented by DURHAM AREA DESIGNERS GOLDEN BELT REDEVELOPMENT WORKSHOP Background 1997: Brown & Williamson Tobacco Company donated the Golden Belt Manufacturing

801 views • 64 slides
POLITICAL RISK INSURANCE: PROTECTING BUSINESS INVESTMENTS ALONG THE BELT & ROAD JARDINE

POLITICAL RISK INSURANCE: PROTECTING BUSINESS INVESTMENTS ALONG THE BELT & ROAD JARDINE

POLITICAL RISK INSURANCE: PROTECTING BUSINESS INVESTMENTS ALONG THE BELT & ROAD JARDINE LLOYD THOMPSON LIMITED 5 June 2018 AGENDA PROTECTING BUSINESS INVESTMENTS ALONG THE BELT & ROAD About JLT Belt & Road Initiative

488 views • 21 slides
Hash Functions Hash Functions 1 Cryptographic Hash Function Crypto hash function h(x) must

Hash Functions Hash Functions 1 Cryptographic Hash Function Crypto hash function h(x) must

Hash Functions Hash Functions 1 Cryptographic Hash Function Crypto hash function h(x) must provide o Compression output length is small o Efficiency h(x) easy to compute for any x o One-way given a value y it is infeasible to find

465 views • 42 slides
Explorer Belt 2021 Romania South West Region AGENDA 1. Who's Who 2. Where and When 3. What is

Explorer Belt 2021 Romania South West Region AGENDA 1. Who's Who 2. Where and When 3. What is

Explorer Belt 2021 Romania South West Region AGENDA 1. Who's Who 2. Where and When 3. What is an Explorer Belt and Requirements 4. Training 5. Assessment 6. Costs 7. Feed Back from Last Year 8. Q&A Who's Who? James Cumming

397 views • 21 slides
WooCommerce WooCommerce Online Marketing Online Marketing Black Belt Ninja Style Black Belt

WooCommerce WooCommerce Online Marketing Online Marketing Black Belt Ninja Style Black Belt

WooCommerce WooCommerce Online Marketing Online Marketing Black Belt Ninja Style Black Belt Ninja Style Online Marketing White Hat Tips & Tricks Every Woo Store Owner Must Know To Run Successful & Profitable Retail Shops. By Emanuel

838 views • 20 slides
William W. Hay Railroad Engineering Seminar Implementation of Positive Train Control at the Belt

William W. Hay Railroad Engineering Seminar Implementation of Positive Train Control at the Belt

William W. Hay Railroad Engineering Seminar Implementation of Positive Train Control at the Belt Railway of Chicago and other non-Class I Railroads: Challenges and Solutions Nick Chodorow Aneet Shourie Chris Murphy Belt Railway Chief

535 views • 38 slides
KINCORA COPPER NEW CORNERSTONE INVESTOR PRESENTATION WORLD CLASS COPPER BELT , DOMINANT

KINCORA COPPER NEW CORNERSTONE INVESTOR PRESENTATION WORLD CLASS COPPER BELT , DOMINANT

KINCORA COPPER NEW CORNERSTONE INVESTOR PRESENTATION WORLD CLASS COPPER BELT , DOMINANT POSITION, LEADING TEAM & TARGETS SOUTHERN GOBI COPPER-GOLD BELT, MONGOLIA June 2018 KCC.TSXV Cautionary Statement on Forward-Looking

706 views • 23 slides
Green Belt Matters (It really does) A presentation by Duncan Hughes, Buckham Thorns Road WHY AM I

Green Belt Matters (It really does) A presentation by Duncan Hughes, Buckham Thorns Road WHY AM I

Green Belt Matters (It really does) A presentation by Duncan Hughes, Buckham Thorns Road WHY AM I STANDING HERE IN FRONT OF YOU THIS EVENING? I made several comments at the second drop-in meeting about the need to protect the Green Belt I

622 views • 17 slides
Implementation of The Belt and Road Initiative - Promote China-Nepal Power Interconnection

Implementation of The Belt and Road Initiative - Promote China-Nepal Power Interconnection

Implementation of The Belt and Road Initiative - Promote China-Nepal Power Interconnection March 2017 2 3 2 Global Energy Interconnection (GEI) In September, 2013, the Chinese Government proposed the Belt and Road Initiative

348 views • 13 slides
HASH FUNCTIONS 1 / 62 What is a hash function? By a hash function we usually mean a map h : D

HASH FUNCTIONS 1 / 62 What is a hash function? By a hash function we usually mean a map h : D

HASH FUNCTIONS 1 / 62 What is a hash function? By a hash function we usually mean a map h : D { 0 , 1 } n that is compressing, meaning | D | > 2 n . E.g. D = { 0 , 1 } 2 64 is the set of all strings of length at most 2 64 . h n MD4

1.13k views • 78 slides
Green Belt Forum 26 June 2008 Place Shaping and Enterprise Presentation by Roy Gregory

Green Belt Forum 26 June 2008 Place Shaping and Enterprise Presentation by Roy Gregory

Green Belt Forum 26 June 2008 Place Shaping and Enterprise Presentation by Roy Gregory Assistant Director (Property) 2 The Green Belt Forum requested a powerpoint presentation to give background and a more detailed discussion of the

742 views • 34 slides
PLAIN PEOPLE belt may be attributed to the surprise settlers persuaded to enter this north aroused

PLAIN PEOPLE belt may be attributed to the surprise settlers persuaded to enter this north aroused

__ L January 1975 Canadian og raph ical Jou rnal A farm lad exhibits the bounty of the northern Ontario farmland. Ontarios Great Clay Belt hoax Donald E. Pugh More than 300 miles 480 km north between 1921 labour, heartache, and bankruptcy.

368 views • 7 slides
LSCM Logistics Summit 2016 IoT, eCommerce and Smart Citys Opportunities in the Belt-and-Road

LSCM Logistics Summit 2016 IoT, eCommerce and Smart Citys Opportunities in the Belt-and-Road

LSCM Logistics Summit 2016 IoT, eCommerce and Smart Citys Opportunities in the Belt-and-Road Region What should we do to keep Hong Kong as an international and regional logistics and transportation hub in the Belt-and-Road

450 views • 16 slides
An Urban Agenda for the Sun Belt Bill Fulton Director, Kinder Institute for Urban Research June

An Urban Agenda for the Sun Belt Bill Fulton Director, Kinder Institute for Urban Research June

An Urban Agenda for the Sun Belt Bill Fulton Director, Kinder Institute for Urban Research June 11, 2020 Our Role Urban research institute studying Houston and, increasingly, Texas- and Sun Belt-wide issues Focused on education,

554 views • 17 slides
Safety-Belt Reminders Proposal by France, Japan and UK GRSP 12-15 December , 2006 Purpose

Safety-Belt Reminders Proposal by France, Japan and UK GRSP 12-15 December , 2006 Purpose

Safety-Belt Reminders Proposal by France, Japan and UK GRSP 12-15 December , 2006 Purpose and justification Purpose Mandate a system to remind an occupant to wear its safety belt if it is not buckled The system shall provide

329 views • 7 slides
ESA IAP Blue Belt demonstration project: supporting the European Maritime Safety Agency (EMSA)

ESA IAP Blue Belt demonstration project: supporting the European Maritime Safety Agency (EMSA)

Page 1 ESA IAP Blue Belt demonstration project: supporting the European Maritime Safety Agency (EMSA) Blue Belt Project, by providing a service based on satellite based AIS data complementing the terrestrial AIS data 19/20 April 2012

165 views • 12 slides

More recommend