Cryptographic hash functions are security-critical algorithms with many practical applications, notably in digital signatures. Developing an approach to test them can be particularly difficult, and bugs can remain unnoticed for many years. We revisit the NIST hash function competition, which was used to develop the SHA-3 standard, and apply a new testing strategy to all available reference implementations. Motivated by the cryptographic properties that a hash function should satisfy, we develop four tests. The Bit-Contribution Test checks if changes in the message affect the hash value, and the Bit-Exclusion Test checks that changes beyond the last message bit leave the hash value unchanged. We develop the Update Test to verify that messages are processed correctly in chunks, and then use combinatorial testing methods to reduce the test set size by several orders of magnitude while retaining the same fault-detection capability. Our tests detect bugs in 41 of the 86 reference implementations submitted to the SHA-3 competition, including the rediscovery of a bug in all submitted implementations of the SHA-3 finalist BLAKE. This bug remained undiscovered for seven years, and is particularly serious because it provides a simple strategy to modify the message without changing the hash value returned by the implementation. We detect these bugs using a fully-automated testing approach.
Download full-text PDF |
Source |
|---|---|
| http://www.ncbi.nlm.nih.gov/pmc/articles/PMC6512998 | PMC |
| http://dx.doi.org/10.1109/TR.2018.2847247 | DOI Listing |
Publication Analysis
Top Keywords
Similar Publications
The digestible indispensable amino acid score (DIAAS) in eggs and egg-containing breakfast meals is greater than in toast breads or hash browns served without eggs.
J Nutr Sci
December 2024
Division of Nutritional Sciences, University of Illinois, Urbana, IL, USA.
The objectives of this experiment were to determine the digestible indispensable amino acid score (DIAAS) for eggs cooked in different forms and in traditional egg-bread or egg-hash brown combinations, and to test the hypothesis that DIAAS in eggs is greater than in breads or potatoes. Nine ileal cannulated gilts (average initial body weight: 51.1 ± 6.
View Article and Find Full Text PDFImproving dependability with low power fault detection model for skinny-hash.
PLoS One
December 2024
School of Electronics Engineering, Vellore Institute of Technology, Vellore, Tamil Nadu, India.
The increasing popularity and prevalence of Internet of Things (IoT) applications have led to the widespread use of IoT devices. These devices gather information from their environment and send it across a network. IoT devices are unreliable due to their susceptibility to defect that arise intentionally or spontaneously.
View Article and Find Full Text PDFA Lightweight and High Yield Complementary Metal-Oxide Semiconductor True Random Number Generator with Lightweight Photon Post-Processing.
Sensors (Basel)
November 2024
School of Electrical Engineering, Chungbuk National University, Cheongju 28644, Republic of Korea.
This paper introduces a novel TRNG architecture that employs a wave converter to generate random outputs from the jitter noise in a customized ring oscillator (RO). Using a current-starved inverter, the proposed RO offers the option of operating three different oscillation frequencies from a single oscillator. To assess its performance, the core TRNG proposed in this work was designed with multiple samples, employing various transistor sizes for 28 nm CMOS processes.
View Article and Find Full Text PDFEfficient phrase search with reliable verification over encrypted cloud-IoT data.
PeerJ Comput Sci
November 2024
Faculty of Computing and Information Technology, Department of Information Technology, University of Sialkot, Sialkot, Pakistan.
Phrase search encryption enables users to retrieve encrypted data containing a sequence of consecutive keywords without decrypting, which plays an important role in cloud Internet of Things (IoT) systems. However, due to the sequential relationship between keywords in the phrase, phrase search and verification are more difficult than multi-keyword search. Furthermore, verification evidence is generated by the server in existing schemes, and cloud servers are generally considered untrustworthy, so the verification is unreliable.
View Article and Find Full Text PDFThiol-linked hyaluronic acid-mediated encapsulation of RCR-stabilized gold nanoclusters for hyaluronidase sensing and cellular imaging.
Carbohydr Polym
February 2025
Department of Chemistry, National Sun Yat-Sen University, No. 70 Lienhai Rd., Kaohsiung 80424, Taiwan; School of Pharmacy, College of Pharmacy, Kaohsiung Medical University, No.100, Shiquan 1st Rd., 80708 Kaohsiung, Taiwan. Electronic address:
Encapsulating peptide-stabilized gold nanoclusters (AuNCs) with thiolated hyaluronic acid (HA-SH) and selectively adding cysteine to the peptide sequence increased their photoluminescence. We found that peptide compositions with cysteine in the middle emitted the most. RCR-stabilized AuNCs can be purified using size-exclusion chromatography to characterize their optical characteristics, chemical composition, and possible structure.
View Article and Find Full Text PDFWant AI Summaries of new PubMed Abstracts delivered to your In-box?
Enter search terms and have AI summaries delivered each week - change queries or unsubscribe any time!