Comparison of Different Lightweight(lw) Crypto-hash Functions for Iot

Published: 2021-06-22 13:45:05
essay essay

Category: Computer Science, Technology

Type of paper: Essay

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Hey! We can write a custom essay for you.

All possible types of assignments. Written by academics

Abstract—today, there are several Lightweight(LW) energy efficient Hashing techniques available. They are photon, quark, spongent, present, etc. These all are fixed length block sized and key sized LW hashing techniques. In order to improve the diffusion property of cryptographic techniques along with permutation function, transform function is also needed. The existing Lightweight hash family uses mixed column transformation or is implemented using some registers for desired diffusion. All transformation methods used today in LW hash function only support fixed block size and key size and requires high hardware requirements too. In this paper, we compare different types of LW hash families and introduce the possibility of Mersenne number based lightweight hash function.
Keywords—diffusion, lightweight hashing techniques, Mersenne number, energy efficiency.I. INTRODUCTION
The Lightweight (LW) crypto functions are designed for resource constrained devices. The main application of LW crypto functions is in less memory, computing resource and power applications. The LW cryptography is lighter as well as faster compare to cryptographic techniques such as public key cryptography, SHA etc. There are lot of LW hashing techniques are available today such as PHOTON(PH) [1], QUARK(QK) [2], SPONGENT(SPT) [3], PRESENT(PRT) [4], GLUON(GL) [5] and SPN-HASH(SPH) [6] etc. This paper compare different types of LW hash families such as PHOTON, QUARK, SPONGENT, GLUON, SPN, LLW, and LH.
Hash message is constructed by first dividing it into several blocks and then iteratively and systematically processing these blocks, this sequential method is the most widely used up to now. There are several hash construction
methods are available such as Merkle-Damgard Construction, Wide Pipe Construction, HAIFA Construction, and Sponge Construction. Most of the LW hash functions are designed and implemented by Sponge construction method (SPGM). SPGM is a class of algorithms with finite internal state which produces an arbitrary length output bit stream from an input bit stream.
The two main properties for designing cryptographic techniques includes Confusion and diffusion. These properties are also important in hash functions. These properties evaluate the security of hash function. If we want to design new hash function then we must ensure the confusion and diffusion property. Confusion property makes a relationship in the cipher text and the key used for the algorithm. Confusion property makes relationship in such a way that cipher text depends on many parts of the key. Diffusion property on the other hand makes connection between plain text and cipher text. Hence if we try to change one bit of the cipher text, then there should have approximately one half of the plaintext bits changed. These properties are implemented by substitutions and permutations operations. Substitution operation makes changes in certain bits using other bits, Permutation operation changes the order of symbols according to some algorithm. This paper compares different permutations and transformation functions used in different LW hash families and introduce new Mersenne number transformation functions for variable length block size. We can say that the successful attack happens when break one of the security properties of hash function, collision, preimage or second preimage. For example, if a hash function is claimed to be one-way, a successful attack is to find at least one case that a message can be constructed for a given digest the hash function. Attacks on hash function can be categorized into two routes: brute force attacks and cryptanalytical attacks. The New Mersenne number transform is very sensitive to any change in the input stream. So it is expected to be against different attacks.
Main challenge in designing security mechanisms in RFID and Sensor devices is its resource constrained problem. RFID security is the main challenge in today’s cryptography. There are many LW hashing techniques available today. the PH LW hash function family known to be the most light weight hash function and very close to the IOT applications [1]. The basic RID applications need about 10000 logical gates, with only between 200 and 2000 gates possible for security. The main difficulty with PH LW hash family is the dependence of the memory registers required for the computation.
In the PH LW hash family, each type defined by its hash value between 64 and 256 bits. Five different types of PH are PH-80-20-16, PH-128-16-16, PH-160-36-36, PH-224-32-32 and PH-256-32-32 will use internal permutations PRM100, PRM144, PRM196, PRM256 and PRM288 respectively.
Above figure shows the single round of permutation operation of PH. It contains four layers, Ad Constant (AC), Sub Cell (SC), Shift Rows (ShR) and Mix Columns Serial (MCS). The high power is needed for the serialized as well as parallelized implementation of Photon. If we consider the performance of various classes of PH we can see that for the PH hash function of small message has slight reduce in the throughput as compared to large messages.
B. Quark(QK)
QK uses sponge construction method (SPGM). SPGM processes a text in three steps: First step is Initialization Step. Here the text is padded by appending one ‘1’ bit followed by many ‘0’s. The second step is Absorbtion Step. In this step the Xor operation is performed between r-bit message blocks and the last r bits of the state which is interleaved with the permutation PER. Third one is Squeezing Step. Here the hashed output is obtained by the last r bits of the state and interleaved with applications of the permutation PER, until desired output size returned.
The permutation PER implemented by non-linear Boolean functions and a linear Boolean function PER. The three classification of QK hash family are uQuark(U-QK), dQuark(D-QK), and tQuark(T-QK). Permutation of QK is shown below. This uses two NFSRegisters (nonlinear feedback shift register), one LFSRegisters (linear feedback shift register) and three Boolean functions f, g, h. In addition to feedback registers. There has a dedicated controller module to handle the SPNG process.
U-Q provides 128 bit preimage resistance and 64 bit collision resistance. D-Q provides 160 bit preimage resistance and 80 bit collision resistance. And T-Q provides 224 bit preimage resistance and 112 bit collision resistance [2].
The power required for U-Q, D-Q, and T-Q, are 2.96, 3.95 and 5.53μW respectively.
AES is most preferred by every block cipher cryptosystems. But AES is not work well for resource constrained devices in IOT. In these types of devices both security as well as hardware efficiency is important. So LW security mechanism is more essential for these kinds of devices. The main objective when designing Present was simplicity. PRT is implemented by SP-network. It consists of 31 rounds. The block length is 64 bit and it support two key length 80 and 128. For more constrained devices 80 bits key length is preferred. In each 31 rounds consists of an XOR operation. The K32 is used to improve the security. The nonlinear layer uses a 4-bit Substitution box(S-Box) S and it is applied 16 times in each round in parallel.
Present LW block cipher is applicable to resource constrained devices. AES is considered to be require 1032 cycles per block and 3400 GE. Whereas Present require only 32 cycles per block and 1570 GE [4].
SPT is LW hash family which uses PRESENT(PRT) permutation. 13 types of SPT are available with different collision resistance, and preimage resistance with various implementation constraints. In some of the variants of SPT has reduced the second preimage resistance, while maintaining the collision resistance.
SPT uses PRT-permutation based SPGM. Figure below shows SPGM based on a b-bit PRT permutation πb with capacity and rate bits c and r bits. mi are r-bit input blocks. hi are ith parts of the output.
The SPGM construction performed in three steps: First step is Initialization step. In this step padding the message using one bit ‘1’ and then a required number of 0 bits which must be multiple of r bits. Then padded input cut into blocks of r bits. Second one is Absorbing step. Here the xor operation is performed between r-bit input message and r bits of the state, and permutation operation πb is interleaved. Next one is Squeezing step. In this step the r bits of the state are obtained as output, and perform interleaving with permutation PER πb, until desired output length level returned.
The PER πb: F2b F2b is the round transform of the b bits of state (st).
while i = 1 to R do
st ← RlCounterb(i) st lCounterb(i)
st ← SBoxLayerb (st)
st ← PLayerb (st)
end while
Here SBoxLayerb and PLayerb describe about state(st) formation. Xor operation is performed between RlCounterb(i), st and lCounterb(i) in I th roiund. This state st is used in the Substitution box and obtained new state value. After that this state st is used in the permutation layer and generate new state value. The details of PRESENT is explained in [3].
Gluon (GL) is a family of LW hash function which is implemented by SPGM. This family of Hash function uses Feedback with Carry Shift Register (FeCS). The hardware implementation is comparatively heavier than that of basic methods used in Quark and PH. FeCS registers are the alternative to Linear Feedback Shift Registers (LFS). The FeCS register has binary register and of carry register but different from LFSRegister. LFSRegister perform XOR but in the case of FeCS register which perform addition with carry operation. FeCS register can help to solve the problems with LFS register. In LFS register based system requires filtering operation or Boolean function in order to break the linearity of LFSRegister. FeCS register based stream ciphers, this linearity problems solved by using the non-linearity property of the FeCS register. The transition function of an LFSRegister is linear at the same time quadratic that means nonlinear for an FeCS register. These are the main problems of LFSRegister based systems. However the implementation cost of an FeCS register costs more than the one of an LFS register. Like LFS register, FeCS register also not suitable to use directly for cryptography. It requires some filters to modify.
Three various form of GL hash function is available. GL-128-8, GL-160-16 and GL-224-32. In GL family transformation function is used instead of permutation in absorbing and squeezing parts of sponge construction. The transformation function f has good statistical property due to the 2-adic properties[5]
SPNH is a new family of hash function which gives variable hash length of 128, 256 and 512 bits. It is constructed as resistance to collision as well as common attacks. The internal permutation is implemented as substitution- permutation network (SPN). SPNH uses Advanced encryption standard (AES) based permutations which only support fixed size key.
One single processing of an SPN structure consists of three layer parts. Key addition, substitution, and linear transformation (LT). The substitution part is made up of S boxes implemented in parallel. SPNH family has very effective confusion and diffusion properties. SPNH family uses JH mode operation which is the variant of SPNG. [6].
SPNH construction is based on fixed length un keyed permutation PF. The internal state of PF is denoted by a matrix of order x×y, where x is the number of bytes contained in a bundle, and y is the number of bundles itself. Thus, PF works on a width of b = 8xy bits, the rate and capacity are 4xy-bit, and the output is a 4xy-bit hash value. In the first step padding operation is performed on the input text m of length N bits and divided into blocks of r = 4xy bits each. Then initialize the initialization variable (InV). For each padded message block, the JH mode of operation iteratively XORs the incoming 4xy-bit input message block Mi into the left half of the state, applies the permutation PF : GFe(2)8xy → GFe(2)8xy to the internal state and XORs Mi into its right half.
SPNH-128: y = 4, x = 8
SPNH-256: y = 8, x = 8
SPNH-512: y = 8, x = 16
The 8xy-bit permutation PF iterates over 10 rounds. Its internal state is given by an x×y matrix. In Maximum distance separable (MDS) matrix, mix column is used for diffusion. The columns of the state are considered as a polynomial over GFe(28) and a mix columns operation is undertaken by multiplying the columns modulo a polynomial (x4+2) with a fixed polynomial c(x). v is the output. Fig 6 explain the round function in SPNH. After dividing padded input stream into blocks then substitution operation is performed then for the diffusion property Maximum distance separable transform is performed again this process continue.
These transformations are powerful in diffusing data. However, one drawback is that their length are fixed. So in order to meet the security requirements the key length and block size should become sufficient.
G. Lesamnta-LW(LLW).
LLW-256 is a LW hash function. For the resource constrained devices like RFID, Sensors requires security mechanisms under restricted resource condition. LLW uses Advanced encryption standard based block cipher with 256-bit plaintext and a key size of 128-bit. In Padding step of LLW, the last block contain the length of the message input. It does not contain any part of the message. This property guarantees preimage resistance of LLW [7].
LLW uses a 64-round block cipher E. It takes 128 bit key and 256-bit plaintext as input. The block cipher consists of two phases. The first one key scheduling function mapping the key to the round keys and the second one mixing function taking as input a plaintext and the round keys to produce a cipher text.
The mix function consists of XORs, a word wise permutation, and a nonlinear function Gf.
PQ = MixColumns(MXC) ◦ SubBytes(SB).
The sub byte is a nonlinear substitution. In this substitution the input is taken as four bytes (s0, s1, s2 and s3) and then Advanced Encryption Standard substitution box applied. S’i=S-Box(Si). The MXC step is given by the AES maximum distance separable matrix multiplication defined over GFe (28) as follows.
The main problem with the maximum distance separable matrix is that it is fixed in length. Both h/w and s/w implementation of LLW is effective.
H. LHash(LH)
LH is a LW hash family. This LW hash family support 3 hash size output: 80, 96, and 128 bits. LH has good preimage and collision resistance..
The implementation of LH uses a Feistel-PG (FPG) structure as the permutation. Feistel-PG (FPG) has comparable diffusion property. The Sub-box and maximum distance separable layer are hardware-friendly. The transformation is similar to and more compact than that of PH [8],
The internal permutations FP96 and FP128 are constructed using an 18-round FPG. In the permutation operation, First divide the input text into two parts X1//X0. Then for i = 2, 3… 19, calculate Xi = Gb (FP(Xi−1 ⊕ Ci−1)) ⊕ Xi−2 At last, X19//X18 is the output of the permutation. Gb is the concatenation operation, FP is the permutation operation.
weight hash functions Properties of different light weight hash functions
Techniques used and Contributions Drawbacks
PH Both s/w and h/w implementation is possible Uses mix column transform for diffusion property. These transformations are powerful in diffusion but they support only fixed block length. So in order to hash large amount of data it takes long time.
QK Good preimage and collision resistance In QK, permutation is constructed by using two NFS Register and one LFSRegister. The transformation function of LFSRegister is linear. So for breaking the linearity in LFSRegister, filters or Boolean functions are needed. This incurs extra cost and Quark is only optimized for hardware
SPT It uses PRESENT permutation. The PRESENT block cipher uses bit permutation for the linear diffusion layer. It also uses LFSRegister for the diffusion layer. However, the performance is somewhat similar to QK LW hash family and the same drawbacks persist
GL This new family is based on particular FeCSRegister. Even if the software and hardware performances of GL are less than that of PH, they are comparable when considering parallel hardware versions of Quark. The hardware size of such implementation is quite heavier than that of Quark and PH.
SPN The internal permutation is implemented as substitution-permutation network (SPN). It uses AES- based internal permutations with fixed key size. SPN hash function uses MDS transform in its permutation layer MDS transforms are powerful in diffusing data. But the main problem is that their lengths are fixed
LLW This LW hash function uses AES-based block cipher with plaintext 256 and a 128 bit key size. It uses mix column transformation. The main problem with the MDS matrix is that it is fixed.

Warning! This essay is not original. Get 100% unique essay within 45 seconds!


We can write your paper just for 11.99$

i want to copy...

This essay has been submitted by a student and contain not unique content

People also read