Now the common method is encrypting data by hash function. Hash function can
changes the input message string of arbitrary length into the fixed-length output
string. Output string is called hash value (Mironov, 2005)
of input message. It generally is used to generate message digest and Key encryption.
The existing hash function divides into password and the no password. Now the
study is the following two:
Modification Detection Codes (MDCs): MDCs is discussed more than other
no-password encryption. The common MDCs are: One-way Hash Functions (OWHFs)
(Benson et al., 1994; Katz and
Koo, 2008; Barak, 2008) and Collision Resistant Hash
Functions (CRHFs) (Simon, 1998).
Message Authentication Codes (MACs) (Black, 2000):
MACs is discussed more than other password encryption. For the last decades,
with the rapid development of network, Many signature algorithm appeared. There
are the following:
RSA: RSA algorithm is currently the best known and most widely used
digital signature (Rabah, 2006).
The Digital Signature Algorithm (DSA): DSA can only be used for signature
and can not be used for encryption (Hwang et al.,
Elliptic Curve Cryptogram (ECC): Based on Elliptic Curve Digital Signature
system (Toorani and Beheshti Shirazi, 2009). ECC were
more research, including the algorithm optimization (Rabah,
2005a), secure application (Rabah, 2005b; Khalique
et al., 2010), Protocol (Nikooghadam et al.,
2008) and process optimization (Hwang and Yangz, 2002;
Shen et al., 2006). Based on Elliptic Curve Digital
Signature with the key short, fast and safe operation, etc., so In cryptography,
it occupies a very important position, applications continue to expand. Another
problem is that people are concerned about the security of digital signature
verification (Rabah, 2005c) and application problems.
In addition wavel algorithm (Chen et al., 2003)
and digital signature agent (Khan et al., 2008)
is relatively popular research.
When the learn and speak platform based on the campus network is developed, we need encrypt and validate the data as related to single sign-on and message digest. In the process of development, the above two Hash function cant meet the requirements of system development.
According to the research of hash function, a secure hash function should meet
the following conditions at least (Rivest, 2005):
Input string may is any length
The length of input string is fixed. It take 128 bits at least according
to the current computer technology in order to resist attacks from the
It is very easy that calculating hash value of the output for each
Dont find that any two different input messages can hash to the
Hash function is mainly used for integrity check and improving the validity
of digital signatures. The process of hash function is generally shown in Fig.
1(Meneze et al., 1997).
model for an iterated hash function
In this iterative process the arbitrary finite-length input message X is divided
into many blocks of fixed length. The preprocessing which is typically known
as padding involves appending extra bits as necessary to attain an overall bit-length
which is a multiple of the block length. The length of the original message
before padding is also included in the last block of the padded input for security
reasons. The iterative processing starts with a predefined initial value; using
hash function f turn to the message digest; at the final, an optional output
transformation g is often used to harden the message digest further.
Based on the existing methods and after the project team to find the information again, the based on a high diophantine equation one-way hash encryption algorithm is proposed. It will be named RSH (Round Sheep Hash) hash algorithm. Repeated practice by more than one year, RSH function be realized and has been verified in our developed system. It is used to meet the system's single sign-on password encryption and meet the request of the digital signature and verifying the file transfer process integrity when users use system.
ENCRYPTION PROCESS OF RSH HASH ALGORITHM
A designed algorithm should have the function of encrypting arbitrary length
string. This algorithm can be used for integrity check of data or digital signature.
Furthermore, the speed of encryption algorithm is faster. This study presents
a one-way hash encryption algorithm based on high diophantine equation.
source string is transformed into the string
The length of encrypted password is 128 bits. In the process of encrypted algorithm,
we will select 6 iterations as an optional mid-point. The following paper will
introduce the encryption algorithm in details.
Step 1: Generate a 128 bits decimal digit from the source string. At first, the source string is transformed into ASCII decimal digit. If the encrypted source string is a12, the converted string is 974950. Figure 2 shows the general procedure.
When the lengths of number string is less than 128 bits, copy and connect the
source string to the string end until the string length is greater than or equal
to 128 bits, that is:
The above is the case that the length of the number string is less than 128 bits. But if the length of number string is greater than or equal to 128 bits, the number string is divided into the group of 16 bits. If the last group is less than 16 bits, 0 is filled until to 16 bits.
Then retain 16 bits after each two group is added (the highest 16 bits or the
lowest 16 bits, or make by turns). By this time the group numbers are reduced
by half, Fig. 3 shows the general procedure.
two group of 16-bit folded into a group of 16-bit
position 0 of the source string with the fixed series
8 groups data of 16 bits cross multiply and retain the highest(lowest)
and intercept the higher powers
If the total length is greater than or equal to 256, repeat these operations
until the string length is less than 256.
A string that length is between 128 and 256 is left by extending or folding
the string. If the string length is still greater than 128, the string is refolded.
Add the front 128 bits to the back data that greater than 128 bits. The result
reserve 128 bits.
Step 2: Filled the position 0 in the 128 bits with the fixed series, get a non-zero number string of 128 bits by filling. Such as: Source string is 92371904561020598
, fill position 0 of the source string with the sequence of numeric string (such as: 987654321987654321
), get a new string is 92371994561827598
. Fig. 4 shows the general procedure.
Step 3: Divided the string of 128 bits into 8 groups data of 16 bits (a1,a2,a3,a4,a5,a6,a7,a8). The adjacent two groups data is multiplied and retain the highest 16 bits (or retain the lowest 16 bits). The result after multiplying may overflow. Take the absolute value if the result is negative. The method of multiplication is shown in Fig. 5.
the highest 16 bits from the result of a1xa2 into
a1 and get new a1
the highest 16 bits from the result of a2xa3 into
a2 and get new a2
the highest 16 bits from the result of A8xa1 into
a8 and get new a8
Setp 4: There is still a group of 16 bits (is separately a1, a2, a3, a4, a5, a6, a7, a8 ). Calculate the higher powers. Abnegate the highest array component in the results after calculating (bit size is between 1 and 16). Retain 8 array components that are from 2 to 9, namely 16*8=128 bits.
If the power of the first iteration is the fixed 8 prime numbers (97, 103, 89, 101, 87, 107, 91, 113) start from the second iteration, the selected power is take the second, the fourth, the sixth, the eighth, the tenth from the group number a1, a2, a3, a4, a5, a6, a7, a8. Figure 6 shows the general procedure. This method cannot determine the power of algorithm operation. So it can increase the security of the algorithm.
Setp 5: Repeat iteration until finish six iterations.
The final cipher-text is a number string of 128 bits after computing. Namely 16128 address spaces. Conflict rate is very low.
THE PERFORMANCE TEST OF RSH ALGORITHM
Security: We can see the step 4 is the key step from the above encryption process. The calculate need 20 msec by an Inter dual-core 1.6 GHz CPU. Because there have 6 iterations, the time of violence declassification is:
We can see the declassification is unrealistic from formula (1). If we known
that the text is the mixed 5 bits string of lowercase letters and numbers, the
time of violence declassification is:
It may reduce the computing time if we use fast exponentiation and strassen matrix multiplication. Now the step 4 needs to change into this algorithm, the numbers of iteration*20 ms ec/fast algorithm time (or add power). Then the time of declassification is still invariability. So the strength of this algorithm is still relatively high.
Complexity: The encryption time is about 100 msec that include the time of read encrypted string by test. Speed and encryption strength is a contradiction certainly. Algorithm selects 6 iterations as an optional mid-point after repeated test.
The complexity of algorithm: Set the source number string length len=2n (Source number string length is about 2 times for the source string length, because it is 0~255 that a byte is converted to decimal digit).There remains the string of 2 (n¯1) lengths after an iteration. Therefore the total addition number is approximately:
Namely it is the same magnitude to the log of the source string length. The speed is very fast. At the same time it also guarantees that the final result is related to each bit of the source string (even).
The security of the most hash function used commonly is seriously threatened
as the researchers is more? On the base of studying fully the characteristics
of hash function, this paper presents a fixed 128-bit output variable hash algorithm
by increasing the computational complexity of iterative with high-indefinite
equation and using parallel iterative structure. The realization of RSH algorithm
is very simple. It has a higher complexity and more advantage of execution efficiency
and wider application compared with the traditional Hash function. This algorithm
can be applied to the following by the validation of actual system development:
The verification of File transfer (Bakhtiari et al.,
1995). Calculate the RSH value of the target file and compare with the RSH
value of Source file. If the two RSH value is consistency, we can assure that
this two files is complete same statistically. So this algorithm can not only
test whether produce error but also ensure the file is not been tampered maliciously
in the process of file transfer.
The digital signature (Stallings, 2003; Sun
and Sun, 2010). Signer first calculates RSH hash value of this data file
and makes the digital signature by asymmetric algorithms. When other sides verify
the signature, he first calculates RSH hash value of this data file and makes
the digital signature by asymmetric algorithms too.
Password Encryption. Calculate the RSH value of password and store in the database. When user use password, he first calculate the RSH value of password. Then compare with the RSH value stored in the database. If the value is same, the password is correct. Otherwise incorrect. This method can also be used for authentication protocols
Make 6 iterations for RSH algorithm; we can further improve the security of the algorithm by increasing the number of iterations in practice. We can also improve the fixed prime power of iteration, the power of iteration extracts from 128 bits string before iteration. This method can ensure the randomness and unpredictability of iterative power. Hash arbitrarily long message into a fixed 128-bit hash value; change the message hash value or any length message hash value that can be set to 128, 160, 192, 224 or 256-bit.
This Study was supported by Hunan Provincial Education Department of China (XingJiaoTong (2009) Document No. 320).