Hash Function using Chaotic Maps

A PROJECT REPORT
SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENTS FOR THE AWARD OF THE DEGREE OF

Bachelor of Technology In Computer Engineering

Under the Supervision of

Submitted by

Mr. Musheer Ahmad Associate Professor

Ainuddin Faizan(08-CSS-04) Chirag Gupta(08-CSS-16)

DEPARTMENT OF COMPUTER ENGINEERING FACULTY OF ENGINEERING AND TECHNOLOGY JAMIA MILLIA ISLAMIA, NEW DELHI 110025 (2011-2012)

CERTIFICATE
This is to certify that the project report titled ' Hash function using Chaotic Maps ' has been completed successfully by Ainuddin Faizan and Chirag Gupta. It is an authentic work carried out by them under my guidance and supervision. The matter embodied in this project work has not been submitted earlier for the award of any degree or diploma to the best of my knowledge and belief.

Mr. Musheer Ahmad

Department of Computer Engineering Faculty of Engineering & Technology Jamia Millia Islamia

ACKNOWLEDGEMENT
We are greatly indebted to our supervisor and guide Mr. Musheer Ahmad, Department of Computer Engineering for his invaluable technical guidance, great innovative ideas and overwhelming moral support during the course of the project. We are also thankful to the Department of Computer Engineering and all the faculty members especially Prof. M. N. Doja, Prof. M.M. Sufyan Beg, Dr. Bashir Alam, Mr. Tanvir Ahmad,Mr. Mumtaz Ahmad, Mr. Md. Amjad, Mr. Jawarharlal, Mr. Faiyaz Ahmad, Mr. Zeeshan Ansari and Mr. Sarfaraz Ahmad for their teaching, guidance and encouragement. We are also thankful to our classmates and friends for the valuable suggestions and their active support.

Ainuddin Faizan (08-CSS-04) Chirag Gupta (08-CSS-16) Department of Computer Engineering, Faculty of Engineering and Technology, Jamia Millia Islamia, New Delhi

Table of contents
1. Abstract 2. Introduction.... 2.1 Security Properties of Hash Functions 2.2 Chaotic Functions.. 3. Project Description 4. Our Implementation 5. Performance Analysis.. 6. Area of Application 7. Conclusion and Future Work 8. References 1 2 2 4 7 10 13 18 19 20

Abstract
Recent years have witnessed an exceptional research interest in cryptographic hash functions, especially after the popular attacks against MD5 and SHA-1 in 2005. In 2007, the U.S. National Institute of Standards and Technology (NIST) have also significantly boosted this interest by announcing a public competition to select the next hash function standard, to be named SHA-3. Not surprisingly, the hash function literature has since been rapidly growing in an extremely fast pace. In this report we have implemented a hash function algorithm designed by A. Akhshani, S. Behnia, A. Akhavan, M.A. Jafarizadeh, H. Abu Hassan, Z. Hassan in 2009. This algorithm uses the potential of the chaotic function, since chaotic functions are the mathematical representation of dynamical system, they are highly random in nature, so using this power of randomness a hash function is built. That provide a robust hash digest of any given data stream. This chaotic map based function is tested for several robustness test parameters, and this function cleared all the tests. This function is having same parameters that SHA-3, md5 and other popular Hash techniques.

Introduction
Cryptography (or cryptology; from Greek kryptos, "hidden, secret"; and graphein, "writing", or -logia, "study", respectively) is the practice of techniques used to hide information due to the presence of enemies or untrusted parties. Cryptographic hash functions have indeed proved to be the workhorses of modern cryptography. Their importance was first realized with the invention of public key cryptography (PKC) by Diffie and Hellman in 1976, where it became an integral part of PKC ever since. Unfortunately, recent advances in cryptanalysis revealed inherent weaknesses in most of the popular hash functions triggering an urgent call for further research in this area. In response, two main approaches have been adopted: either patching the existing constructions by slightly modifying them to fix a particular set of weaknesses, or designing new hash functions from scratch. Hash functions are many-to-one functions that map arbitrary length inputs to fixed length outputs and the input is usually much larger than the output. The variable length input is called message and the fixed length output generated by Hash function is called digest. And this digest looks very random in nature (there is no Thus, collisions (different messages hashing to the same value) in hash functions are unavoidable due to the pigeonhole principle.

Security Properties of Hash Functions:

The basic (classical) properties a hash function is expected to preserve are: 1. collision resistance 2. pre-image resistance 3. 2nd pre-image resistance Although these are thought to be the universal security properties that most hash functions should preserve, there may be other application-specific security properties that hash functions should additionally (or instead) preserve if they are to be used in a given application.

Collision-Resistance (CR):

A hash collision occurs when two (arbitrary) different messages hash to the same value. That is, for a collision resistant hash function H, it should be computationally infeasible to find any two messages M and M0 such that H(M) = H(M0) while M = M0. For a secure hash function, the best attack to find a collision should not be better than the birthday attack (i.e. not better than work complexity of 2n=2 for a hash function outputting nbit hash values). Collision resistance was first formally defined by Damgard and is sometimes called Strong Collision Resistance.

Pre-image Resistance (Pre):

For all practical purposes, hash functions should be computationally non-invertible. When a message is hashed, it should be (computationally) infeasible to retrieve the original message from which the hash value was obtained. That is, for a pre-image resistant hash function H, given a hash value H(M) of a particular message M, it should be computationally infeasible to retrieve the original message M, or indeed generate any message M0= M such that H(M0) = H(M). For a hash function to be pre-image resistant, the best attack against the hash function should be the brute force attack (i.e.

work complexity of 2n operations for a hash function with output size. Pre-image resistance is also sometimes called Onewayness.

2nd Pre-image Resistance (Sec):

Given a 2nd pre-image resistant hash function H, and a message M, it should be computationally infeasible for an adversary A to find a different message M0 such that M = M0 and both M and M0 hash to the same value, H(M) = H(M0). For H to be considered 2nd pre-image resistant, the best attack against H should be the brute force attack (i.e. work complexity of 2n for a hash function with output size n). 2nd pre-image resistance is also sometimes called Weak Collision Resistance.

In this project, we use chaos theory a field which studies the behavior of dynamical systems that are highly sensitive to initial conditions, an effect which is popularly referred to as the butterfly effect. Very small changes in the initial conditions yield largely changing outputs which results in rendering longterm prediction impossible. Chaotic maps which are maps that portray chaotic behavior are used to generate a hash function.

Chaotic Function: Chaotic function is a mathematical representation of highly random dynamical systems. These functions are very sensitive to the inputs, if the value of input changed by a slight amount, result will change drastically, that will provide randomness to the function. Every function may be chaotic but for a specific range of its input parameters, if in a particular region of this map it shows a random behavior, the function should be called chaotic in that range. Some examples of chaotic maps are as follows: Sin (1/x)

Lorenz Attractors:

dx/dt = delta * (y - x). dy/dt = r * x - y - x * z. dz/dt = x * y - b * z.

Logistic Map:

r 0,4, x 0 0,1 x n 1 rx n 1 x n

Tent Map:

Project description
Definition of hierarchy of 2D piecewise nonlinear chaotic maps We have generalised the most popular discrete time map used in cryptography the Logistic map. It has been generalised to a hierarchy of one parameter family of logistic maps with ergodic behaviour in the interval [0, 1]. The hierarchy can be defined as this:

Now using the pieces of these one-dimensional maps, we construct a new hierarchy of ergodic two-dimensional piecewise nonlinear chaotic maps NN1,N2...NN (x1 1 y1 b1 b2 bN) that can be defined as:

In these maps the values of the two variables xn and yn at timestep n into xn+1 and yn+1 at time-step n+1, where the points xi1 i=1, 2,...N are the maximum or minimum points in the plot of xn+1vs. xn.

Proposed Algorithm:
1. The message (1024 characters in length) is transformed into an n x 1 matrix M. 2. The input (can be called the secret keys) a, b, x0, y0 are entered. 3. The map is iterated 1000 times to remove the transient effect. 4. A block of 8 characters is taken at each iteration (functionality based on the Merkle-Damgard construction) and serves as the data for the map at that iteration. 5. Calculate X= floor(x * 10^14) mod 2^31, Y=floor(y * 10^14) mod 2^31 6. N1 and N2 are generated by passing the values of Mixl till Mi+3xl for N1and from Mi+4xl till Mi+7xl for N2 to the function f which takes 8 bit integers and returns 32 bit integers. The result if xor-ed with X for N1and with Y for N2. 7. a and b are generated by passing N 1 ,N2,X and Y to the function g along with a for generating a and b for generating b. 8. The new x, y and 64-bits of the message are used to generate

new control parameters a, b and initial conditions x0 , y0. 9. Steps 4 to 8 are repeated till the message is exhausted. 10. The final values of a, b, x and yare used to generate the hash value.

Our implementation
1. Initialize the values of the control parameters a and b and also the values of x and y according to the maps specifications. 2. Take a message of length 1024 characters and store it in a matrix M of size n x 1. 3. H is a matrix which will store the hash is initialized to all 0s. 4. The map is iterated a thousand times to remove the transient effect. 5. 8 characters are taken at each iteration to be worked on by the map. 6. X= floor(x * 10^14) mod 2^32,Y= floor(y * 10^14) mod 2^32 7. Here the function f is taken as a simple multiplication of the 4 characters passed and hence the value of N1 and N2 is calculated by: N1 = (M(i)*M(i+1)*M(i+2)*M(i+3) xor X N2 = (M(i+4)*M(i+5)*M(i+6)*M(i+7) xor Y 8. a = (N1/N2)*(Y/X)*a b= (N2/N1)*(X/Y)*b 9. Steps 5 to 8 are repeated until the message is exhausted. 10. If message cannot be divided into integer no. of 8 byte blocks, last block will be having less than 8 bits. That is treated with a combination of M(i)to M(n) in order to generate a 32 bit integer no.

11. The final values of a, b, x and y are used to calculate the hash. We iterate the same map in a loop with the desired length, since it is a extensible algorithm we can generate any bit sized digest(multiple of 8) of a message. 12. Connecting the matlab code with the GUI designed GUI designer for matlab (GUIDE).

13. This GUI contains two fields: Text & Image. For hash digest generation for image, Image will be converted into a stream of bits with each bit is having gray scale bit of image pixel, then, this stream of bits in treated as text bits and algorithm is applied as above.

Performance analysis
1. Statistical analysis of diffusion and confusion: For this test, a message is selected and its hash value is generated. Then one of its bits is changed at random and its hash is generated again. The two hash values are compared and the following parameters are checked (this test is repeated N times): Minimum changed bit number Bmin= min (Bi)Ni

Maximum changed bit number:

Bmax= max(Bi)Ni

Mean changed bit number

i =

Mean changed probability

P = /160 * 100%

Standard variance of the changed bit number:

B =

Standard variance:
P = * 100%

Through the tests with N = 256, 512, 1024, 2048, 10,000 respectively, the corresponding data are listed in the Table.

Analysis of collision resistance and birthday attacks resistance: In order to test the collision resistance, a message is randomly chosen and the hash value is generated for it and stored in ASCII format. Then a bit from a random position in the message is chosen and its value is changed and a new hash value is generated for the new changed message and is stored in ASCII format. Two hash values are compared and the number of ASCII characters with the same value at the same location in the hash value is counted as follows: ( ) where f ={

Where and are the ith entry of the original and the new hash value, respectively, and function t( ) converts the entries to their equivalent decimal value. Moreover the absolute difference of two hash values is calculated using the following formula: | ( )|

It is clear that smaller orbigger characterizes the stronger collision resistance of hash function.

Area of Application
Cryptographic hash functions have many information security applications, notably in digital signatures, message authentication codes (MACs), and other forms of authentication. They can also be used as ordinary hash functions, to index data in hash tables, for fingerprinting, to detect duplicate data or uniquely identify files, and as checksums to detect accidental data corruption. Indeed, in information security contexts, cryptographic hash values are sometimes called (digital) fingerprints, checksums, or just hash values, even though all these terms stand for functions with rather different properties and purposes.

Conclusion and Future Work

In this project a hierarchy of two-dimensional piecewise nonlinear chaotic map with an invariant measure is implemented. These maps have interesting features such as invariant measure, ergodicity and the possibility of KS-entropy calculation. Then by using significant properties of chaos such as one-way computation, and random-like behavior, which is favorable to hash functions, a novel hash function based on these chaotic map, is suggested. The nonlinearity and complexity of 2D piecewise nonlinear map yields strong bit confusion and diffusion with the low expense of floating point computations. Statistical analysis performed on the proposed scheme, demonstrates its superior confusion and diffusion properties which strongly resist statistical attacks. This scheme is designed for unkeyed hash function, but if considered as a keyed hash function, all control parameters and initial conditions of the chaotic map can be chosen as the secret keys. In the continuation of this project, we are looking in direction of using other chaotic maps that provides better robustness with a suitable randomness (e.g. Chen map). Since these maps are in differential equation format, they take a long time to calculate, so we are looking to find solutions which are at optimal trade-off between computation time cost and robustness.

References
1. A.Akhshani, S.Behnia, A.Akhavan, A. Jafarizadeh, H.Abu Hassan, Z. Hassan, Hash Algorithm based on hierarchy of 2D piecewise nonlinear chaotic maps Chaos, Solitons and Fractals (Elsevier) vol. 42 issue 4, pp. 2405-2412, 2009. 2. Saif Al-Kuwari1 James H. Davenport2 Russell J. Bradford Cryptographic Hash Functions: Recent Design Trends and Security Notions, Department of Computer Science, University of Bath. (opus.bath.ac.uk/20815)