Author:

Abstract:

In our modern society, information and communication technology (ICT) is thebasis for our daily lives. ICT covers anything that stores, retrieves, transmitor receive information electronically in a digital form. The Internet, GlobalSystem of Mobile (GSM) telecommunication, fiber-optic cables, wireless networks,supercomputers, and PCs are influential forms of ICT. The power of computersand communications has allowed systems using ICT to become important. In orderfor ICT systems to be reliable, security is a very relevant area for management toget right. To solve the security concerns, cryptographic applications can be used.Another important look at our society is that ubiquitous networking andcomputing have become reality in the course of just ten years. Lightweight devicessuch as mobile phones, IC cards, and RFID tags are being used at a large scale.Many things that one carries can even support a computation and communicationfunction. However, these lightweight devices have to cope with security problems.These problems in such devices have recently opened up an active research areacalled lightweight cryptography. The main challenge in this area is to designcryptographic primitives or protocols that should be implemented under restrictedresources.Cryptographic hash functions play a very important role in the security of awide variety of cryptographic applications. A cryptographic hash function is analgorithm that takes as input strings of arbitrary (typically very large) length andmaps them to short output strings of fixed length. Since 2005, there has beensubstantial progress in cryptanalysis of widely-used hash functions such as MD5and SHA-1. The SHA-2 hash function family was standardized by NIST in 2002.However, the SHA-2 design shares the same design principle of SHA-1, which mightbe considered a security concern. In response to the cryptanalysis of SHA-1, NISTstarted the SHA-3 competition in 2007. NIST selected 51 candidates to advanceto the first round in 2008, and five SHA-3 finalists to advance to the final roundin 2010. NIST finally selected Keccak as the winning algorithm in October 2012.The research presented in this dissertation is closely related to the SHA-3competition and to lightweight cryptography. Our first contribution is the designof two block cipher-based hash functions: the general purpose hash functionLesamnta and the lightweight hash function Lesamnta-LW. In the design ofLesamnta, the main question is whether we can design a new hash function thathas advantages over SHA-2. We have tried to answer this question by designingLesamnta that aims to offer clear arguments for a high security level and to achievea high implementation flexibility on a broad range of platforms. Lesamnta wasone of the first round candidates in the SHA-3 competition but it did not advanceto the second round. In the design of Lesamnta-LW, we have tried to createa unique advantage over the previous lightweight primitives. As a result, it issoftware-oriented and mainly targeted to 8-bit processors while previous proposalsare hardware-oriented.Our second contribution is a security analysis of hash functions. We havecontributed actively to the security analysis of block-cipher based hash functionssuch as HAVAL, MAME, SHA-256, and Tiger. On the other hand, we haveinvestigated the security of the second-round SHA-3 candidate Luffa. The mainquestions were how strong the diffusion layer is and how we can exploit the factthat no secret information is involved in the computation of a hash function.We have tried to answer to them by applying differential cryptanalysis withadvanced optimization techniques to reduce the attack complexity. Our analysishas produced results which can be viewed as evidence for the security margin ofthese hash functions.