Abstract
The strength of message authentication, digital signature and pseudonym generation mechanisms relies on the quality of the one-way hash functions used. In this paper, we propose two tests based on computational intelligence and evolutionary algorithms theory to assess the hash function quality, which may be used along with other known methods and thus comprise a testing methodology. Based on the known nonlinearity test, which might confirm uniformity of digests, we formulate two tests using Support Vector Machines (SVM)/ MLP neural networks as well as Genetic Algorithms (GA). Both tests attempt to confirm that the produced digests cannot be modeled and, moreover, that it is impossible to find two or more messages that lead to a given digest apart from involving brute force computations. Both tests are applied to confirm the quality of the well-known MD5 and SHA message digest algorithms.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Damgard, I.B.: Collision Free Hash Functions and Public Key Signature Schemes. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 203–216. Springer, Heidelberg (1987)
Damgård, I.B.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416–427. Springer, Heidelberg (1990)
Haykin, S.: Artificial Neural Networks. A comprehensive foundaiton, 2nd edn. Prentice Hall, Englewood Cliffs (1999)
Karras, D.A., Zorkadis, V.: A Novel Suite of Tests for Evaluating One-Way Hash Functions for E-Commerce Applications. In: Proc. of IEEE Euro-micro Conference, pp. 464–468 (2000)
Menezes, A.J., Bvan Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
NIST (National Institute of Standards and Technology), Announcing the Development of New Hash Algorithm(s) for the Revision of Federal Information Processing Standard (FIPS) 180-2, Secure Hash Standard (2007)
Peyravian, M., Roginsky, A., Kshemkalyani, A.: On Probabilities of Hash Value Matches. J. Computers & Security 17(2), 171–176 (1998)
Pfleeger, C.P.: Security in Computing. Prentice-Hall, Englewood Cliffs (1997)
Preenel, B.: Cryptographic Hash Functions. Transactions on Telecommunications 5, 431–448 (1994)
Schneier, B.: Applied Cryptography. John Wiley and Sons, Chichester (1996)
Simmons, G.J. (ed.): Contemporary Cryptology, The Science of Information Integrity. IEEE Press, Los Alamitos (1992)
Stinson, D.: Combinatorial Techniques for Universal Hashing. J. of Computer and System Sciences 48, 337–346 (1994)
Wegman, M.N., Carter, J.L.: New Hash Functions and Their Use in Authentication and Set Quality. J. of Computer and System Sciences 22, 265–279 (1981)
Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005a)
Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19–35. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Karras, D.A., Zorkadis, V.C. (2009). Towards a Reliable Evaluation Framework for Message Authentication in Web-Based Transactions Based on an Improved Computational Intelligence and Dynamical Systems Methodology. In: Köppen, M., Kasabov, N., Coghill, G. (eds) Advances in Neuro-Information Processing. ICONIP 2008. Lecture Notes in Computer Science, vol 5506. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-02490-0_73
Download citation
DOI: https://doi.org/10.1007/978-3-642-02490-0_73
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-02489-4
Online ISBN: 978-3-642-02490-0
eBook Packages: Computer ScienceComputer Science (R0)