哈希函数的迭代结构与压缩函数研究
发布时间:2018-12-22 07:55
【摘要】:哈希函数在密码学安全领域及网络应用等方面扮演着极为重要的角色,其在数字签名、密码保存等许多领域都有着比较广泛的应用。但是随着密码分析者已经能在较短的时间内有效地找到MD5、SHA0、SHA1等的碰撞,则表明传统的哈希函数已经遭受了很严重的安全问题。因此,近些年针对哈希函数出现的各种安全和效率问题,研究者们主要从两个方面提出了不同的函数设计方案,一个是针对迭代结构的改进,另一个则是针对压缩函数的改进。前者重在提高函数的运行效率,后者旨在提高函数的安全性。并行结构具有很高的运行效率引起了越来越多的研究者的注意,混沌映射对系统参数具有很高灵敏性,成为设计哈希函数的一种新的思路。本文针对哈希函数运行效率不高、不具备可证明抗碰撞性等特点,引入了并行结构、混沌映射、基于格上的转换等设计方法,对哈希函数的迭代结构和压缩函数分别进行了改进。本文主要工作内容安排如下:1)针对SHA256运行效率不高的问题,本文设计了基于并行结构的SHA256改进算法。原来算法的消息计算是采用串行计算的方式,需要把上一个消息分组计算得出的值作为下一个消息块的输入值,因此若要计算出后一个消息分组的值只有先计算出上一个消息分组的值。当参与运算的消息足够大时,则会造成计算效率很低。对于出现的这一问题,我们设计了并行结构的哈希算法。当消息进行分组之后,先计算出各个消息块的值,然后在接下来的一轮计算中再把每两个消息块进行结合运算。当该轮计算中消息块的个数是奇数时,再添加一个消息块的值,因此经过一轮运算消息块的个数将会减少近一半。依次进行类似的运算,直到最终剩余一个消息块的值,将该值作为最终的哈希值。在奇数轮和偶数轮的运算中,消息块分组采用了不同的结合方式进行计算。最后通过理论分析和实验仿真对所提的方案进行了分析,表明所提方案是可行的和先进的。2)SHA1在运行效率上明显优于SHA256,但是其却面临着重要的安全问题,目前已经找到了SHA1的部分碰撞。本文主要对SHA1的压缩函数进行了改进,在设计压缩函数的过程中引入了混沌映射,利用多混沌映射之间的切换,将混沌映射与压缩函数相结合,通过多次混合迭代来控制其中间链接变量值,以增强函数的雪崩性。在对最后一个消息块进行处理时引入了格的思想,设计了基于格上的可证明抗碰撞性的哈希函数。将经过格变换之后的值作为最终输出的哈希值,在安全性证明中将哈希函数的抗碰撞性规约到格上难题并证明该问题的困难性。最后对所提的方案进行了理论分析和实验仿真。
[Abstract]:Hash function plays an important role in cryptography security and network applications. It has been widely used in many fields such as digital signature, cryptographic preservation and so on. However, since the cryptographer has been able to find the collision of MD5,SHA0,SHA1 and so on effectively in a short time, it shows that the traditional hash function has suffered a serious security problem. Therefore, in recent years, for various security and efficiency problems of hash functions, researchers have mainly proposed two different function design schemes, one is for the improvement of iterative structure, the other is for the improvement of compression function. The former focuses on improving the efficiency of the function, while the latter aims to improve the security of the function. The high efficiency of parallel structure has attracted more and more researchers' attention. Chaotic mapping is highly sensitive to system parameters and has become a new way to design hash functions. In this paper, we introduce parallel structure, chaotic mapping, transformation based on lattice and other design methods, aiming at the features that hash function is not efficient and can be proved to resist collision. The iterative structure and the compression function of the hash function are improved respectively. The main work of this paper is as follows: 1) aiming at the low efficiency of SHA256, an improved SHA256 algorithm based on parallel architecture is designed in this paper. The original algorithm of message calculation is a serial calculation method, it is necessary to take the value calculated from the previous message packet as the input value of the next message block. Therefore, to calculate the value of the latter message packet, only the value of the previous message packet is calculated. When the message involved in the operation is large enough, the computation efficiency is very low. For this problem, we design a parallel hash algorithm. When the messages are grouped, the values of each message block are calculated first, and then each two message blocks are combined in the next round of calculations. When the number of message blocks in this round is odd, the value of a message block is added, so the number of message blocks will be reduced by nearly half after a round operation. A similar operation is performed until the final value of a message block is used as the final hash value. In the operations of odd and even rounds, message block grouping is calculated in different combinations. Finally, through theoretical analysis and experimental simulation, the proposed scheme is analyzed, which shows that the proposed scheme is feasible and advanced. 2) SHA1 is obviously superior to SHA256, in operation efficiency, but it is faced with important security problems. A partial collision of SHA1 has been found. In this paper, the compression function of SHA1 is improved. Chaotic mapping is introduced in the process of designing the compression function. The chaotic mapping is combined with the compression function by switching between multiple chaotic maps. In order to enhance the avalanche of the function, the interlinked variable value is controlled by multiple mixed iterations. The idea of lattice is introduced when the last message block is processed, and a hashing function based on lattice is designed to prove collision resistance. The value after lattice transformation is taken as the final output hash value. In the security proof, the collision resistance of the hash function is reduced to the problem on the lattice and the difficulty of the problem is proved. Finally, the theoretical analysis and experimental simulation of the proposed scheme are carried out.
【学位授予单位】:深圳大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TN918.1
本文编号:2389512
[Abstract]:Hash function plays an important role in cryptography security and network applications. It has been widely used in many fields such as digital signature, cryptographic preservation and so on. However, since the cryptographer has been able to find the collision of MD5,SHA0,SHA1 and so on effectively in a short time, it shows that the traditional hash function has suffered a serious security problem. Therefore, in recent years, for various security and efficiency problems of hash functions, researchers have mainly proposed two different function design schemes, one is for the improvement of iterative structure, the other is for the improvement of compression function. The former focuses on improving the efficiency of the function, while the latter aims to improve the security of the function. The high efficiency of parallel structure has attracted more and more researchers' attention. Chaotic mapping is highly sensitive to system parameters and has become a new way to design hash functions. In this paper, we introduce parallel structure, chaotic mapping, transformation based on lattice and other design methods, aiming at the features that hash function is not efficient and can be proved to resist collision. The iterative structure and the compression function of the hash function are improved respectively. The main work of this paper is as follows: 1) aiming at the low efficiency of SHA256, an improved SHA256 algorithm based on parallel architecture is designed in this paper. The original algorithm of message calculation is a serial calculation method, it is necessary to take the value calculated from the previous message packet as the input value of the next message block. Therefore, to calculate the value of the latter message packet, only the value of the previous message packet is calculated. When the message involved in the operation is large enough, the computation efficiency is very low. For this problem, we design a parallel hash algorithm. When the messages are grouped, the values of each message block are calculated first, and then each two message blocks are combined in the next round of calculations. When the number of message blocks in this round is odd, the value of a message block is added, so the number of message blocks will be reduced by nearly half after a round operation. A similar operation is performed until the final value of a message block is used as the final hash value. In the operations of odd and even rounds, message block grouping is calculated in different combinations. Finally, through theoretical analysis and experimental simulation, the proposed scheme is analyzed, which shows that the proposed scheme is feasible and advanced. 2) SHA1 is obviously superior to SHA256, in operation efficiency, but it is faced with important security problems. A partial collision of SHA1 has been found. In this paper, the compression function of SHA1 is improved. Chaotic mapping is introduced in the process of designing the compression function. The chaotic mapping is combined with the compression function by switching between multiple chaotic maps. In order to enhance the avalanche of the function, the interlinked variable value is controlled by multiple mixed iterations. The idea of lattice is introduced when the last message block is processed, and a hashing function based on lattice is designed to prove collision resistance. The value after lattice transformation is taken as the final output hash value. In the security proof, the collision resistance of the hash function is reduced to the problem on the lattice and the difficulty of the problem is proved. Finally, the theoretical analysis and experimental simulation of the proposed scheme are carried out.
【学位授予单位】:深圳大学
【学位级别】:硕士
【学位授予年份】:2017
【分类号】:TN918.1
【参考文献】
相关期刊论文 前7条
1 ZHEN Ping;ZHAO Geng;MIN Lequan;LI Xiaodong;;Novel Hash Function Based on Coupled Chaotic Map Lattices[J];Chinese Journal of Electronics;2014年04期
2 王尚平;任姣霞;张亚玲;韩照国;;改进M-D结构的二次多变量Hash算法[J];哈尔滨工程大学学报;2011年04期
3 郭伟;王小敏;刘景;何大可;;基于混沌消息扩展的单向Hash函数[J];西南交通大学学报;2010年05期
4 刘建东;余有明;江慧娜;;单向Hash函数SHA-1的统计分析与算法改进[J];计算机科学;2009年10期
5 赵耿;袁阳;王冰;;基于交叉耦合映象格子的单向Hash函数构造[J];东南大学学报(自然科学版);2009年04期
6 肖皇培;张国基;;基于Hash函数的报文鉴别方法[J];计算机工程;2007年06期
7 张瀚,王秀峰,李朝晖,刘大海;基于时空混沌系统的单向Hash函数构造[J];物理学报;2005年09期
,本文编号:2389512
本文链接:https://www.wllwen.com/kejilunwen/xinxigongchenglunwen/2389512.html
