Vous êtes sur la page 1sur 8

ENHANCED HMAC BASED UPON

D ROSSLER SYSTEM-3

Prof. Dr. Salim Idris Asst. Prof. Dr. Haythem Zorkta


Aleppo University Aleppo University

Dr. Souheil Khawatmi Eng. Walid Aiyash


Aleppo University Aleppo University

ABSTRACT
2. Rossler System
An enhanced keyed message authentication
code EHMAC is presented in this paper. 3-D
Rossler's system is probably the simplest 3-D ordinary
differential equations (ODEs) that have quadratic chaotic Rossler System is used to generate the initial
MASK, which is some kind of aliases used to achieve
nonlinearity and exhibits chaotic behavior [4,5]. Formally
they are given by the following set of three first order anonymity for the real sub-messages.
Analysis study proved that EHMAC is free of collision
coupled nonlinear ordinary differential equations:
hash MAC, and has high sensitivity to key-ciphertext,
plaintext-ciphertext, error propagation effects, and more
dx/dt = (y + z)- secure in comparison with its previous version.
dy/dt = x + ay
dz/dt = (b + z(x - c
KEYWORDS
Hash functions, Cryptography, Integrity, Digital
where a, b, and c are system parameters and x, y, z are the Signature.
state space variables of the Rossler system. Before these
system parameters are set to some specific values, we try
to locate the fixed points as a function of the system 1. Introduction
parameter. From the above set of equations, it follows that
In cryptography, a keyed-Hash Message
the location of the fixed points are given by z = -y = x/a
Authentication Code (HMAC or KHMAC), is a
and x is determined by solving the quadratic equation
type of message authentication code (MAC)
x2 - c*x + a*b = 0. Thus, x = (c ± sqrt(c*c - 4*a*b))/2 calculated using a specific algorithm involving a
and the solution exists if c>2*sqrt(a*b) and a is not equal cryptographic hash function in combination with
to zero. a secret key. As with any MAC, it may be used to
simultaneously verify both the data integrity and
In fig (1) the output from the simulation of Rossler the authenticity of a message [1]. The
system with a=0.2 b=0.2 and c=5.7 is provided. The cryptographic strength of the HMAC depends
series does not form limit cycles nor does it ever reach a upon the cryptographic strength of the
steady state. Instead it is an example of deterministic underlying hash function, on the size and quality
chaos. As with other chaotic systems the Rossler system of the key and the size of the hash output length
is sensitive to the initial conditions, two initial states no in bits [2].
matter how close will diverge, usually sooner rather than
later [6,7]. New proposal for 160 bits hash function
controlled by a key is introduced through this
article. Actually it is an enhancement for its
previous HMAC [3], Mask, Encryptor, and
compression parts of this new MAC are based on
the most famous 3-D Rossler System.
N bit plaintex t message

Padding N1 % Y = 0

Divide N1 into (n1,n2,…nk )

For I = 1 to N1/Y

Ni ⊕ MASK = Xoi Y 0i Z 0i

Fig 3
(Fig.(1) Rossler System (a=0.2, b=0.2, c=5.7
Co1,C o2,…….,C ok
The chaotic behavior is further revealed by plotting the
bifurcation diagram at the Poincaré section (taken when
the phase variable x goes through a maxima) as a
.(function of c [8] (see fig 2

MAC (with Y bits length)

Fig.(3) HMAC Generation Process

Fig. (2) Bifurcation Diagram for Rossler System, X


(Poincare ) vs. C

Fig.(4) Initial MASK Generation Process


3. Proposed Chaotic HMAC
3.1. Initial MASK generating process
It is essential that users of networks, particularly
those dealing with governmental, commercial and
MASK is some kind of aliases, which used to financial transactions, have a means of confirming that
achieve anonymity for the real sub-messages. This can be those messages have not been subject to accidental or
achieved by masking each sub-message (XORing it with malicious corruption. The preferred method of guarding
the initial MASK) before generating the sub-MACs, against undetected corruption is the development of
which eventually XORed together to generate the a keyed message authentication code (HMAC).
message authentication code.
User can employ his secret initial points X0, Y0,
Z0 and N in the Rossler map equation to calculate the The proposed procedure to generate HMAC for
initial MASK as follows (see Fig(3)): the purposes of authentication is illustrated in Figs.(2-3).

• Xn=X0, Yn=Y0, Zn=Z0


• For i = 1 to R Do
Key-ciphertext avalanche effect is concerned • Xn+1 = Xn + h* (-Yn-Zn);
with changing the key value and observing the effect • Yn+1 = Yn + h* (Xn+a*Yn);
of this change on ciphertext. EHMAC Key is • Zn+1 = Zn + h* (b+Zn*(Xn-c));
composed of three distinct Rossler initial points
• Change Xn,Yn and Zn to binary strings.
x0,y0,z0
• Concatenate Xn,Yn,Zn binary strings into Y
Tables (1,2,3) illustrate the results of the key- binary characters string, held in Buffer.
ciphertext avalanche effect with varying xo,y0,z0 .Through • Change the Buffer into Y bits initial MASK
this analysis one fixed message “hash function is one
way cryptographic algorithm”, control parameters Where
a=b=0.2, c=5.7, and number of iterations N=250, were a,b,c are control parameters (a=0.2, b=0.2, c=5.7)
used. N is the number of the iterations of Rossler map.
Y is the MAC lengths (160bits).
One obvious result from these tables is that, EHMAC has Buffer is one-dimensional array with Y bits lengths.
16 sensitivity degrees, i.e. After 16 digits for all the initial
key parts X0 ,Y0, Z0 , EHMAC is stands unchanged.
3.2. HMAC generating process

4.2. Plaintext-ciphertext avalanche effect The HMAC generating process (see Fig.(2)) can be done
Plaintext-ciphertext avalanche effect is concerned as follows:
with changing the plaintext and observing the effect of • N1 bits message is produced, after padding
this change on ciphertext. Table (4) illustrates the results process on the N bits plaintext message,
of plaintext-ciphertext avalanche effect with different • N1 bits message is divided into nK sub-message,
varying message lengths. each with Y bits length where
Through this analysis, the following initial values are Y = 160 bits
used: K = N1/Y
X0= 0.1111111111111111 Z0=0.9111111111111111 • For I = 1 to K Do
Y0= 0.2222222222222222 N=250 • Each sub-message ni is masked by XORing it
with the initial MASK.
EHMAC is very sensitive to any change in the message. • By using the same steps as in Fig.(3) we can
find the sub-MACs Coi
Table (4) explains this result through some examples for:
• Finally MAC = Co1 ⊕ Co2 ⊕ … ⊕ CoK
• 1 character change (first, last)
• 2, 3,4, 5 characters change (last) Generation of the MAC can be done in parallel with
• Case sensitive encryption process, and after that, MAC bits are added to
• Different message lengths the end of the ciphertext and sent to the receiver as a
whole encrypted message. On receiving, Y bits MAC is
4.3. Error propagation test taken, and the ciphertext is decrypted to obtain the
plaintext message. MAC is computed again and compared
with the received one. On equality, the receiver is
Error propagation is concerned with possibilities
confirmed that the received message has not been subject
of the propagation of errors from input (plaintext) to
to accidental or malicious corruption.
output (ciphertext) and about the effect of this error on the
ciphertext.

Table (5) explains some cases for error in the plaintext: 4. EHMAC Analysis
1) One character is changed in the first, middle,
and end of the message. Three types of analysis were done on the generated MAC:
2) More than one character is changed in 1- Key-ciphertext avalanche effect.
different places through the message. 2- Plaintext-ciphertext avalanche effect.
3- Error propagation effect.
From table (4), one can see that any change in the
plaintext (one character or more) will change the MAC,
which gives clear evidence about propagation of the 4.1. Key-ciphertext avalanche effect
errors.
5. EHMAC Time and Strength
Analysis

Time and strength analysis are performed for EHMAC.


All these experiments used 2.4GHz PC with 1 GB RAMs

5.1 Strength Analysis


The secrecy of EHMAC is depend on three unequal
initial points X0 ,Y0, Z0. According to the used (built-in
REAL) data type and the selected precision, there are 264
x 264 x 264 possible combinations for X0 ,Y0 and Z0. This is
equal to key length 192 bits. Taking into consideration
that the variable h in the Rossler system is a double value
selected randomly then the key length will increased up to
256 bits. So, if we assume that there are computers works
with computation power from order of 1020 operation per
second, it will need Tbreak≈ 3.17 *1052 year to predict the
secret key. Thus, Exhaustive attack seems impractical.

N is related directly to X0 ,Y0, Z0 and domain M, and


leaving N to be chosen randomly from this domain will
make EHMAC more secure, e.g. m=1000 will add 10 bits
Fig (6) Hashing time vs. number of iterations to length of the key.
(file size= 292 Kbyte )
5.2 Time Analysis
6. Comparative study Hashing time vs. file size and number of iterations
are handled in this study (see figs(5-6)).
A comparative study between EHMAC Time analysis shows that hashing time is increased
and its previous version HMAC[2] shows that proportionally with number of iterations and file size
EHMAC is more secure, since it uses key under assumption of x0 ≠ y0 ≠ z0
length at least 192 bits and produces
message digest 160 bits, and more sensitive
to its initial key parts (see Table 7).

7. Conclusions

An enhanced keyed message authentication


code EHMAC is presented in this paper.

EHMAC has the following characteristics:

1- Secure, it has key length in order of 256


bits and message digest equal to 160 bits
2- Sensitive, it has 16 sensitivity degrees.

References
Fig (5) Hashing time vs. file size (N=250)
[1] http://en.wikipedia.org/wiki/HMAC
[2] J.Kim, A. Biryukov, B. Preneel, and S. Hong, On the
Security of HMAC and NMAC Based on HAVAL, MD4,
MD5, SHA-0, SHA-1, 2006.
[3] S. Idris, H. Zorkta, S. Khawatmi, and W. Aiyash, A
128 bits HMAC Based Upon Logistic Map, IASTED
MTN 2008.
[4] R. Gilmore&M.Lefrance, The topology of chaos,
Wiley, 2002.
[5] C. Letellier, E. Roulin & O. E. Rössler, Inequivalent
topologies of chaos in simple equations, Chaos, Solitons
& Fractals, 28, 337-360, 2006.
[6] http://www.scholarpedia.org/article/Rossler_attractor
[7] http://en.wikipedia.org/wiki/Rossler_map
[8] Nagata, K. Wayne. Nonlinear Dynamics and Chaos:
(Mathematics 345 Lecture Notes. Vancouver: University
of B.C., 2006).
Table(1) Key (X0)-ciphertext avalanche effect (where Y0=0.1,Z0=0.1,N=250)
X0 MAC in Hex. MASK in Hex.
0.1 0B634BE010D0B52483FF7787299ACA368A8D01A0 9FB1B9F9EE362A93C538DFC25C5A721F4D1E744B
0.11 BC1A024CDA3E3CF87284FE6F52FFC239598CBC68 5F7719E5F746BC0DF50980541BB1AB4D9252DDA0
0.111 402AB21C5935A0E4E555F1264728DA396AC5D8B9 B9F19B9E90EFB00A1725B1273E2D976B5D9728F1
0.1111 5B5E6E2A94C169CF8A523BE548209EC9F03A241C 581B19B581847866F58FFEFAC22D2F07F0D8338E
0.11111 C4ADFEEE766044E534496CC27BF4F30B713A06AF A04E4F5EE8139D20B59137FC6AAD24979928C532
0.111111 76DFF446059E39F892C17D56A6F4345C10F3B68A 246FE02246DD23BEB6B22AE92C3C838E0951AE07
0.1111111 B9C6A8A098C49F2F9E4B4CF166C3F3D1715D1026 449F01122BA2B11135915A6AADED2371A3FE66C3
0.11111111 0C8F0E22763190292509CF5D0B30BE28A2BBC678 504719B504403475B5915ABACEED236EF7DFC2D9
0.111111111 AA45C4501BC1A69199FC12A6BA684A9AF5624424 B5319B5043D5188A17AD8B9C36ED236EB3764C7E
0.1111111111 EEF2BEDDEEB24B46DBFAB712F8A604D0E279B37F DA5CE9EBDCDA5CE546B22B5873EC838B1143186B
0.11111111111 8F0EFE8831A6229D89815175CD79723FFB23BFD7 449F01122A620286B5915AC3B3ED236EABEFD1CB
0.111111111111 521E149377D8A29CDF03F855DB5074A6A49D5B41 B5319B5043CFF83617AD8BA51BED236EABDE4DB9
0.1111111111111 1BCED9F40510BBFF8529FADC73CBD359B0750FBD 449F01122A61FA6175915AC3B62D236EABDC8D9C
0.11111111111111 C38C2FE01D35BCB8F64C30645B74EE2C34D8BB79 05F01122A61FA50217AD8BA51E2D236EABDC6065
0.111111111111111 C3339E7063AA6098A5B0853BCC1B8E80ADAE9F35 B5319B5043CFF6E617AD8BA51E2D236EABDC5C89
0.1111111111111111 AD602D6329375A5A7B170F08EFA459D4AAA64548 821E6336A0879FEDCEB22B5876C4838B112FA2C0
0.11111111111111111 AD602D6329375A5A7B170F08EFA459D4AAA64548 821E6336A0879FEDCEB22B5876C4838B112FA2C0

Table(2) Key (Y0)-ciphertext avalanche effect (where X0=0.1111111111111111,Z0=0.1,N=250)


Y0 MAC in Hex. MASK in Hex.
0.2 AFC4923E2AF2A5D325ED89D4535E75F0D8B92005 388C8738867A21C78B22A910D061AA0AD567B323
0.22 EB0423B19BCECBA733A2E00A79E92E10BC4CC7C0 2B3DFB132B3DBB225DD44C5F4677F7C90A530B88
0.222 D8202D736571FAE7575BBF6AC5BED9D9DE5718F2 220DF64088364EEADBD9BC12A4948D0EC84D1F01
0.2222 84B956B958B52DB6F8A598EE9413CF53659193A9 C9B9F64326E5A82763DEA602897C9BFC2A56D657
0.22222 6A85E661E2CD07DA53743CDFF4022F2DE89C08AA F0FF239F0FF25D8BE6B766095F7C9D7A4DC3F12E
0.222222 CF8CF3E29FCE02B546A2E07E6DCB879C1E5BDAEC DC2BF64370AC76A1BFDF30620EB49DA084821C3E
0.2222222 6E1C4B4D2F23F1B3B66AA8F3754389DF1F4D8B16 C560BF643715829749BDF31A416E762A08ADA1FB
0.22222222 86660B0BEC95267E1435D85EBDE181AA43D20EDD E2D2BEC86E2D2A9E05631E93A1149DA4B89C263A
0.222222222 250721BA4614D8381C127155691471D52F4C6657 F1BF239F1BDE7A60E6B7F1CB21349DA4C264881B
0.2222222222 6FBB2D1532914F9E8824CE5A5F386DB82A20CCC3 F1BF239F1BDEC0B4A6B7F1CE599C9DA4C35EF852
0.22222222222 4994BA76C14E6B6935D47E1463FC4195C30E6FD0 BDEC7B239F1BDEC7BCFDF31C7DE0762A138C005A
0.222222222222 714146B944E7AE806B07652958A21C6137D4BDF6 F1BF239F1BDEC87126B7F1CEB4449DA4C37A848B
0.2222222222222 FFA6532C80B0330E803A8F7DB1B7DAA84142CB6A 1BDEF239F1BDEC8833DF31C7DEEC9DA4C37AC4A9
0.22222222222222 F6C0EFA8F7BEDCEB6451B5183463936DB22D54BA F1BF239F1BDEC884E6B7F1CEB5349DA4C37ACB11
0.222222222222222 9AFD94CD8788A05FCE0EF2F32D65770721F31CAE F1BF239F1BDEC88526B7F1CEB5349DA4C37ACBB6
0.2222222222222222 517EABF2345ABE60687FD788F893983BB3F1ADC9 F1BF239F1BDEC88526B7F1CEB5349DA4C37ACBDE
0.22222222222222222 517EABF2345ABE60687FD788F893983BB3F1ADC9 F1BF239F1BDEC88526B7F1CEB5349DA4C37ACBDE

Table(3) Key (Z0)-ciphertext avalanche effect (where X0=0.1111111111111111,Y0=0.2222222222222222, N=250)


Z0 MAC in Hex. MASK in Hex.
0.9 47CB75EA58CB53ADCF30C5B549929CEC3AD694AA BD81BDD9E7CFAB79CF89F715EA7F7CF527F2A829
0.91 B4BF2BC97001F4A31A23A03AD76B7C61604BE694 2E2072E061B0B4C628EA2E59A5604236E2C87A24
0.911 C5A54BE562919120BD8936BDE81AB80C58BC339D E70399BE62C06FA1988E023B066055EFD5D75D71
0.9111 B2168C1BCA0179A0A333F1CA4F8AFADF2FDA4DB1 408A073408A46B23DA8D97B9CE9B3BFDAC157D73
0.91111 56AD43B79DE2A0FB3C1FE31320BA8F3C2EDE3ADD 416A073416A11EE78E8D954C08033C02B8978180
0.911111 B7AA882E8F05061AD8C73901A2E2AE892CA6C564 C00BB3EB9C00B817428D950DDA8B3C0339D7B3BE
0.9111111 8A0CF5CDC1F6B9F56A3564E8F51CA78EBAF782CB CE851D312933A1466E8D9507A2CF3C0346C4858B
0.91111111 05244F6DFF31B1BD266CBEC5F8A86F5F1AE2CB91 9C073EB9C04A86ABA8D950703A205820D09A092E
0.911111111 9CB067F48F4562154E1562D40A9AC1C672BB1675 41820734182EEFD5D68D9506F3B73C0348307DE7
0.9111111111 FBCD5F8FF41430124174E490B3255851F2A37178 38099F5CE02594007987D245752B3C034833CCF5
0.91111111111 0BCFEF40CE0223A441663CEE555036523C94CC2A 41820734182EF9EB1A8D9506F1F73C03483421AB
0.911111111111 2196C5647C1B8FF1888EF84ED26D2181F77F4025 9C073EB9C04B299DA8D9506F1F205820D209A563
0.9111111111111 EA4C1BA277AA9F019B2687C4CAAE4142A17E7DD4 C04B33EB9C04B29A168D9506F1F33C0348342AFB
0.91111111111111 67EB86E28681047DECBC75585CC5D19D9617475C A0C40E68305DF40A0415BB3E4FE05820D209AEA6
0.911111111111111 A39810D008729E00126DFB3B3BA38682D7B9DDCA 41820734182EFA05028D9506F1F33C0348342B14
0.9111111111111111 FB7BDBD02F2BB174044D079195B1EE9EDCE1FF26 E7039A0C177D0281987D245736605820D209AEC1
0.91111111111111111 FB7BDBD02F2BB174044D079195B1EE9EDCE1FF26 E7039A0C177D0281987D245736605820D209AEC1
Table (4) Plaintext-ciphertext avalanche effect
Message Length MAC in hex.
hash function is one way cryptographic algorithm 48 FB7BDBD02F2BB174044D079195B1EE9EDCE1FF26
hash function is one way cryptographic algorithm: 49 FBFFC92A0AE81471B40A256B79B49D2F33DA213E
iash function is one way cryptographic algorithm: 49 D741A85E1DB56C9AD6113631EE9AAAA974AD1EBF
iash function is one way cryptographic algorithn* 49 E7FB97FE1AC4D48039F244E2CC0A7AA6838A04FF
#iash function is one way cryptographic algoritio 49 2CF6DAE3D31AE910C31342094F7B3469962E2D7D
iash function is one way cryptographic algorirjn@ 49 05E1F8995CA8BAF8286077C37E345A80568C6115
iash function is one way cryptographic algorjsko! 49 E051186BD8DE2BDB66F149712F74499AF422A717
MD5 HASH FUNCTION IS SECURE ONE 31 C65F3C753402E161D6BF7A14B531275E7D88E0B0
md5 hash function is secure one 31 BC8F41D179E664D547D22571C3CC96D984946F1F
MD5 Hash Function Is Secure One 31 02DA4CB1CA4BF559542AD58598849F316715F649
Data security is very important field. 38 6E82A84B0B4058605C3DC3286A789B83E41A9277
Data security is very important 31 600437CFD2554BC2A0A03F5AFB407BE33069D295
Data security is very 21 C8E36FBC068B3E75B07EE233B4F9EA3C25367D73
Data security is 16 1339056BB506E205D3A12D297DFE9D624BDCF87D
Data security 13 5A909E115BB76725A3A39EC97BFAD6F88B30F153
Table (5) Error propagation test
Message MAC in hex.
Mass. Institute of Technology (MIT)-Boston-USA. F715F929B0934200E119451244500F8CB7C41DFD
Mass. Institute of Technology (MIT)-Boston-USA 963A69565412E5B3DD7AFEA48112A0ECA00003F5
Mass. Institute of Technology (MIT)-Boston-USA* 1BF3F015A88DEA25AB4EBC790F415E6905CE3D43
mass. Institute of Technology (MIT)-Boston-USA. 17AA15BEA38101879F54EB7BA870046BAEDF8418
Mass. Institute oF Technology (MIT)-Boston-USA. E6946DFCB80B9DBE4B9289B38295A32348807B4A
Klas. Institute of Technology (MIT)-Boston-USA. A8CD210EA663163DA46F14489E3A95AA12D5794E
Mass. Institute of Mathematic (MIT)-Boston-USA. E280B54858D0CC3D2AFF6D0BFCF1F11F1FEB4E45
Mass. Institute of Technology (MIT)-Calfor-USA. 223B180E6F959D9DAB17D2C09A08A8A5D40CBDA1
Table (6) Comparative Study
Hash algorithm HMAC EHMAC
Message Digest Length 128 bits 160 bits
Chaos Map Logistic Map Rossler Map
Key Length 70 bits 192 – 256bits
Sensitivity 7 digit 16 digit

Vous aimerez peut-être aussi