Analysis of simplified variants of SHA-256

In this paper we analyse the role of some of the building blocks of SHA-256. We show that the disturbance-correction strategy is applicable to the SHA-256 architecture and we prove that functions Σ, σ are vital for the security of SHA-256 by showing that for a variant without them it is possible to find collisions with complexity 2^64 hash operations. As a step towards an analysis of the full function, we present the results of our experiments on Hamming weights of expanded messages for different variants of the message expansion and show that there exist low-weight expanded messages for XOR-linearised variants.

Cryptanalysis of FORK-256

In this paper we present a cryptanalysis of a new 256-bit hash function, FORK-256, proposed by Hong et al. at FSE 2006. This cryptanalysis is based on some unexpected differentials existing for the step transformation. We show their possible uses in different attack scenarios by giving a 1-bit (resp. 2-bit) near collision attack against the full compression function of FORK-256 running with complexity of 2^125 (resp. 2^120) and with negligible memory, and by exhibiting a 22-bit near pseudo-collision. We also show that we can find collisions for the full compression function with a small amount of memory with complexity not exceeding 2^126.6 hash evaluations. We further show how to reduce this complexity to 2^109.6 hash computations by using 273 memory words. Finally, we show that this attack can be extended with no additional cost to find collisions for the full hash function, i.e. with the predefined IV.

Extending FORK-256 attack to the full hash function

In a paper published in FSE 2007, a way of obtaining near-collisions and in theory also collisions for the FORK-256 hash function was presented [8]. The paper contained examples of near-collisions for the compression function, but in practice the attack could not be extended to the full function due to large memory requirements and computation time. In this paper we improve the attack and show that it is possible to find near-collisions in practice for any given value of IV. In particular, this means that the full hash function with the prespecified IV is vulnerable in practice, not just in theory. We exhibit an example near-collision for the complete hash function.

Improved Security Analysis of Fugue-256 (Poster)

We present some improved analytical results as part of the ongoing work on the analysis of Fugue-256 hash function, a second round candidate in the NIST’s SHA3 competition. First we improve Aumasson and Phans’ integral distinguisher on the 5.5 rounds of the final transformation of Fugue-256 to 16.5 rounds. Next we improve the designers’ meet-in-the-middle preimage attack on Fugue-256 from 2480 time and memory to 2416. Finally, we comment on possible methods to obtain free-start distinguishers and free-start collisions for Fugue-256.

Evidence in view: Matton Developments Pty Ltd v CGU Insurance Limited [2014] QSC 256

Rule 478 of the Uniform Civil Procedure Rules 1999 (Qld)(view by court) is silent as to the manner in which a court might be expected to exercise the discretion to order an inspection or demonstration under the rule and also as to the use which may be made of any inspection or demonstration ordered. The decision in Matton Developments Pty Ltd v CGU Insurance Limited [2014] QSC 256 provides guidance on both matters. This case provides some guidance on the circumstances in which a court may exercise its discretion to order a view or demonstration

A 100MHz to 1GHz, 0.35V to 1.5V supply 256 x 64 SRAM mock using symmetrized 9T SRAM cell with controlled read

In this paper, we present Dynamic Voltage and Frequency Managed 256 x 64 SRAM block in 65nm technology, for frequency ranging from 100MHz to 1GHz. The total energy is minimized for any operating frequency in the above range and leakage energy is minimized during standby mode. Since noise margin of SRAM cell deteriorates at low voltages, we propose Static Noise Margin improvement circuitry, which symmetrizes the SRAM cell by controlling the body bias of pull down NMOS transistor. We used a 9T SRAM cell that isolates Read and Hold Noise Margin and has less leakage. We have implemented an efficient technique of pushing address decoder into zigzag-super-cut-off in stand-by mode without affecting its performance in active mode of operation. The Read Bit Line (RBL) voltage drop is controlled and pre-charge of bit lines is done only when needed for reducing power wastage.

The role of lysine-256 in the structure and function of sheep liver recombinant serine hydroxymethyltransferase

The active site lysine residue, K256, involved in Schiffs base linkage with pyridoxal-5'-phosphate (PEP) in sheep liver recombinant serine hydroxymethyltransferase (rSHMT) was changed to glutamine or arginine by site-directed mutagenesis. The purified K256Q and K256R SHMTs had less than 0.1% of catalytic activity with serine and H(4)folate as substrates compared to rSHMT. The mutant enzymes also failed to exhibit the characteristic visible absorbance spectrum (lambda(max) 425 nm) and did not produce the quinonoid intermediate (lambda(max) 495 nm) upon the addition of glycine and H(4)folate. The mutant enzymes were unable to catalyze aldol cleavage of beta-phenylserine and transamination of D-alanine. These results suggested that the mutation of the lysine had resulted in the inability of the enzyme to bind to the cofactor. Therefore, the K256Q SHMT was isolated as a dimer and the K256R SHMT as a mixture of dimers and tetramers which were converted to dimers slowly. On the other hand, rSHMT was stable as a tetramer for several months, further confirming the role of PLP in maintenance of oligomeric structure. The mutant enzymes also failed to exhibit the increased thermal stability upon the addition of serine, normally observed with rSHMT. The enhanced thermal stability has been attributed to a change in conformation of the enzyme from open to closed form leading to reaction specificity. The mutant enzymes were unable to undergo this conformational change probably because of the absence of bound cofactor.

A 100MHz to 1GHz, 0.35V to 1.5V Supply 256 x 64 SRAM Block Using Symmetrized 9T SRAM Cell with Controlled Read

In this paper, we present dynamic voltage and frequency Managed 256 x 64 SRAM block in 65 nm technology, for frequency ranging from 100 MHz to 1 GHz. The total energy is minimized for any operating frequency in the above range and leakage energy is minimized during standby mode. Since noise margin of SRAM cell deteriorates at low voltages, we propose static noise margin improvement circuitry, which symmetrizes the SRAM cell by controlling the body bias of pull down NMOS transistor. We used a 9T SRAM cell that isolates Read and hold noise margin and has less leakage. We have implemented an efficient technique of pushing address decoder into zigzag- super-cut-off in stand-by mode without affecting its performance in active mode of operation. The read bit line (RBL) voltage drop is controlled and pre-charge of bit lines is done only when needed for reducing power wastage.

Cryogenic on-chip multiplexer for the study of quantum transport in 256 split-gate devices

We present a multiplexing scheme for the measurement of large numbers of mesoscopic devices in cryogenic systems. The multiplexer is used to contact an array of 256 split gates on a GaAs/AlGaAs heterostructure, in which each split gate can be measured individually. The low-temperature conductance of split-gate devices is governed by quantum mechanics, leading to the appearance of conductance plateaux at intervals of 2e^2/h. A fabrication-limited yield of 94% is achieved for the array, and a "quantum yield" is also defined, to account for disorder affecting the quantum behaviour of the devices. The quantum yield rose from 55% to 86% after illuminating the sample, explained by the corresponding increase in carrier density and mobility of the two-dimensional electron gas. The multiplexer is a scalable architecture, and can be extended to other forms of mesoscopic devices. It overcomes previous limits on the number of devices that can be fabricated on a single chip due to the number of electrical contacts available, without the need to alter existing experimental set ups.

2×56-Gb/s mode-division multiplexed transmission over 2km of OM2 multimode fibre without MIMO equalization

A Spatial Light Modulator is used to optically demultiplex modal channels on the basis of degenerate propagation constants using a shared phase mask for all channels. This allows groups of modes to be routed to common output fibres eliminating the need for MIMO equalization to transmit 2×56Gb/s QPSK over 2km of OM2 grade 50μm core MMF. © 2012 Optical Society of America.

对低轮AES-256的相关密钥-不可能差分密码分析

研究AES-256抵抗相关密钥-不可能差分密码分析的能力.首先给出相关密钥的差分,该差分可以扩展到8轮(甚至更多轮)子密钥差分;然后构造出一个5.5轮的相关密钥不可能差分特征.最后,给出一个对7轮AES-256的攻击和4个对8轮AES-256的攻击.