Development of kleptographic mechanisms into hash functions

Authors

  • Антон Михайлович Кудін National Technical Institute of Ukraine "KPI"
  • Богдан Анатолійович Коваленко Globallogic Ukraine LLC

DOI:

https://doi.org/10.18372/2410-7840.21.13770

Keywords:

hash function, kleptography, subliminal channel, Merkle-Damgard scheme, discrete logarithm problem

Abstract

This research belongs to kleptographic problems of hash functions. Relevance of the research follows from importance of hash functions in hybrid cryptosystem and also from existence of kleptographic attack vectors on such systems. Currently, there are numerous results at kleptography in symmetric ciphers and asymmetric crypto protocols which demonstrate different aspects of kleptographic trapdoor implementation, however, a few of them highlight kleptographic problems of hash functions. Insufficiency of researches in hash kleptography problems leads to kleptography related risks in hash function at designing and standardization stage. In this article, we analyse ways to develop hash functions with kleptographic trapdoor. One of informal requirements for such functions is ''proximity'' to famous and common used constructions, i.e. it must be based on common schemes, that are used for development of well known hash functions. In current paper, it's suggested to build trapdoored hash function based on Merkle-Damgard scheme, which is the base of numerous of wide spread hash function. As compression function we choose one of the well known compression function schemes which are based on block ciphers and are proved to be collision resistant (like as Davice-Mayer or Miyaguchi-Preneel constructions). Instead of block ciphers in compression function we use special transformation based of Discrete Logarithm Problem and prove collision resistance preserving. The final result of the research is hash function with kleptographic trapdoor which allows developer effectively recover part of message (till 50\%) using knowledge of hash digest and secret in the kleptographi trapdoor design. In the same time, this function is still secure for other users who don't own design's secret

Author Biographies

Антон Михайлович Кудін, National Technical Institute of Ukraine "KPI"

Dr. Eng (Information security), Senior Researcher, professor at Mathematical Methods of Information Security department, National Technical Institute of Ukraine "KPI"

Богдан Анатолійович Коваленко, Globallogic Ukraine LLC

Globallogic Ukraine LLC, information security engineer

References

E. Barker, J. Kelsey, "Sp 800-90a. recommendation for random number generation using deterministic random bit generators", Technical report, Gaithersburg, MD, United States, 2012.

J. Black, P. Rogaway, T. Shrimpton, "Black-box analysis of the block-cipher-based hash-function constructions from pgv", Advances in Cryptology - CRYPTO 2002, 22nd Annual International Cryptology Conference, Santa Barbara, California, USA, August 18-22, 2002, Proceedings, vol. 2442, Lecture Notes in Computer Science, pp. 320-335, 2002.

J. Black, P. Rogaway, T. Shrimpton, "Black-box analysis of the block-cipher-based hash-function constructions from pgv", Moti Yung, editor, Advances in Cryptology – CRYPTO 2002, pages 320–335, Berlin, Heidelberg, 2002.

R. Daniel, L. Brown, G. Kristian, "A security analysis of the nist sp 800-90 elliptic curve random number generator", Alfred Menezes, editor, Advances in Cryptology - CRYPTO 2007, volume 4622 of Lecture Notes in Computer Science, pp. 466-481, 2007.

J. Turner, C. Gutierrez, The Keyed-Hash Message Authentication Code (HMAC), National Institute of Standards and Technology, Dec 2010.

W. Burr Meltem Turan, E. Barker, Recommendation for Password-Based Key Derivation, National Institute of Standards and Technology, July 2008.

R. Charles Merkle, Secrecy, Authentication, and Public Key Systems, PhD thesis, Stanford, CA, USA, 1979. AAI8001972.

A. Degtyarev V. Dolmatov, GOST R 34.11-2012: Hash Function, RFC 6986 (Informational), August 2013.

A. Young, M. Yung, The Dark Side of “Black-Box” Cryptography or: Should We Trust Capstone, pp. 89-103, 1996.

A. Young, M. Yung, Kleptography: Using Cryptography Against Cryptography, pp. 62–74, 1997.

F. Zhang, I. Eyal, R. Escriva, A. Juels, R. Renesse, "Resource-efficient mining for blockchains" Cryptology ePrint Archive, Report 2017/179, 2017. http://eprint. iacr.org/2017/179.

Б. Коваленко, А. Кудiн, "Диференцiйний аналiз функцiй хешування та блокових шифрiв: узагальнений пiдхiд", Безпека iнформацiї, № 21(2). С. 159-164, 2015.

Б. Коваленко, А. Кудiн. "Алгоритмiчнi аспекти пошуку прообразiв геш-функцiй на прикладi md5", Захист iнформацiї, № 17(3). С. 205-210, 2015.

Downloads

Published

2019-06-27

Issue

Vol. 21 No. 2 (2019)

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

  2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

  3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).