Enhancing efficiency and robustness against collision attack using mersenne number transform for hash function
Loading...
Date
2022
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Universiti Teknologi Malaysia
Abstract
The most popular hash algorithms functions are Message Digest 5 (MD5), Secure Hash Function1 (SHA-1) and Secure Hash Function 2 (SHA-2). These algorithms utilise the Merkle-Damgard structure. The structure's weaknesses have been discovered, especially against a collision attacks. In this attack, a colluder tries to find two different input messages that produce the same hash result with an effort of less than 2n/2 (where n = length of hash value). That required at most 239 MD5 operations to find a collision, much lower than the intended 264. For SHA-1 with n=160, the collision can be found with effort less than 269, much lower than the intended 280. The fact that collisions are now easily generated, means that these algorithms can no longer be reliably used. Therefore, this study proposed a hash function that is more efficient and robust against collision attacks using the New Mersenne Number Transform (NMNT) and a secret key to achieve the required robustness and maintain efficiency. NMNT is utilised due to its characteristics that are analogous to cryptographic requirements, such as sensitivity, diffusion, and parameterisation, while the secret key is used to increase the scheme’s security. The proposed hash scheme in this study is called Hash Mersenne Transform (HMT). It takes an arbitrary length as input to generate a hash value with variable lengths (128, 256 and 512-bits). HMT consisted of four main stages, namely: Pre-Processing, applying new Mersenne number transform, generating a secret key, and Hash value. Security and performance analyses are conducted to validate the robustness and efficiency of the proposed scheme HMT. To investigate the collision resistance capability of the HMT, collision tests are performed which focus on the possibility of collision between every two hash pairs. From the results, it found that the number of hits of HMT does not exceed 1 for 128-bits hash values, 2 for 256-bits hash values and 3 for 512- bit hash values. This indicates that the HMT has good collision resistance which provides high robustness against collision attacks. In terms of efficiency analysis, the proposed scheme HMT is considered more efficient than existing schemes due to its reduction in execution time. In particular, for long messages with a length equal to 10 MB, the time cost of the HMT is two times less than for SHA-2. In addition, statistical analyses are also employed, which involved the hash value distribution, confusion and diffusion, and sensitivity of hash value to message, secret key and image. Statistics related to mean changed bit number, mean changed probability and their standard deviations are considered the diffusion and confusion quality of the proposed scheme HMT. The results show that the standard deviations are very small for the proposed scheme HMT, the mean changed probability is very close to 50%, and the mean changed bit number is likewise close to half of the hash value lengths. This suggests that the proposed scheme HMT has a stable diffusion and confusion capability. Text messages and images are used to measure the sensitivity of the HMT. The results demonstrates that even a small alteration in the input message or image, such as 1-bit, can cause a significant change in the final hash value. These findings prove that HMT has high hash sensitivity. Comparing the security and performance analysis to other hash functions, it can be concluded that the proposed scheme HMT is suitable for data integrity, message authentication, and blockchain applications.
Description
Thesis (Doctor of Philosophy)
Keywords
Hashing (Computer science), File organization (Computer science), Electronic data processing