Mundja is a MAC generation algorithm that has been designed for use together with a stream cipher. Mundja accumulates the message onto two independent registers: the first is a Cyclic Redundancy Checksum (CRC) that uses linear feedback; the second is a strengthened version of the SHA-256 register [5] that uses nonlinear feedback. Mundja is fast (asymptotically about 4 times the speed of HMAC-SH...

ESSENCE is a hash function submitted to the NIST Hash Competition that stands out as a hardware-friendly and highly parallelizable design. Previous analysis showed some non-randomness in the compression function which could not be extended to an attack on the hash function and ESSENCE remained unbroken. Preliminary analysis in its documentation argues that it resists standard differential crypt...

Recently, several strong designated verifier signature schemes have been proposed in the literature. In this paper, we first point out that such so-called strong designated verifier signature scheme is just message authentication code HMAC. Without the key property, unforgeability, for signatures, these schemes cannot enable signers to have complete controls over their signatures as demanded by...

The SHA-3 competition has been organized by NIST to select a new hashing standard. Edon-R was one of the fastest candidates in the first round of the competition. In this paper we study the security of Edon-R, and we show that using Edon-R as a MAC with the secretIV or secret-prefix construction is unsafe. We present a practical attack in the case of Edon-R256, which requires 32 queries, 2 comp...

The failure of the 802.11 WEP security specification to provide any reasonable level of security has come under sharp criticism recently. In this paper we propose a novel scheme for providing security in both a basestation based, as well as an ad hoc network environment. Our proposed scheme uses data exchanged between communicating peers to evolve per packet keys. In addition to the concept of ...

Hash-based message authentication codes are an extremely simple yet hugely effective construction for producing keyed message digests using shared secrets. HMACs have seen widespread use as ad-hoc digital signatures in many Internet applications. While messages signed with an HMAC are secure against sender impersonation and tampering in transit, if used alone they are susceptible to replay atta...

An effective countermeasure against side-channel attacks is to mask all sensitive intermediate variables with one (or more) random value(s). When a cryptographic algorithm involves both arithmetic and Boolean operations, it is necessary to convert from arithmetic masking to Boolean masking and vice versa. At CHES 2001, Goubin introduced two algorithms for secure conversion between arithmetic an...

Designing secure data aggregation schemes, which are critical to many sensor network applications, imposes interesting and formidable challenges. In this paper, we propose a succinct and practical secure aggregation protocol by combining HMAC (associated with a cryptographic hash function) with Bloom filter, which then is defined as secure Bloom filter. Unlike most previous approaches, which ar...

WinZip is a popular compression utility for Microsoft Windows computers, the latest version of which is advertised as having “easy-to-use AES encryption to protect your sensitive data.” We exhibit several attacks against WinZip’s new encryption method, dubbed “AE-2” or “Advanced Encryption, version two.” We then discuss secure alternatives. Since at a high level the underlying WinZip encryption...

As Internet freedoms are increasingly threatened both at home and abroad, marginalized groups, such as journalists, activists, and government watchdogs require new tools to retain free and open discourse on-line. In this paper, we introduce SecurePost a tool for verified group anonymity on social media. SecurePost gives social media posters anonymity while safeguarding group credibility through...