• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

Security Analysis of the Whirlpool Hash Function in the Cloud of Things

Vol. 11, No. 1, January 29, 2017
10.3837/tiis.2017.01.028, Download Paper (Free):

Abstract

With the advancement and deployment of leading-edge telecommunication technologies for sensing and collecting, computing related information, Cloud of Things (CoTs) has emerged as a typical application platform that is envisioned to revolutionize the daily activities of human society, such as intelligent transportation, modern logistics, food safety, environmental monitoring, etc. To avoid any possible malicious attack and resource abuse, employing hash functions is widely recognized as one of the most effective approaches for CoTs to achieve message integrity and data authentication. The Whirlpool hash function has served as part of the joint ISO/IEC 10118-3 International Standard by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). In this paper, we propose an effective differential fault analysis on Whirlpool in the byte-oriented random fault model. The mathematical analysis and experimental results show that 8 random faults on average are required to obtain the current 512-bit message input of whirlpool and the secret key of HMAC-Whirlpool. Our work demonstrates that Whirlpool and HMAC-Whirlpool are both vulnerable to the single byte differential fault analysis. It provides a new reference for the security analysis of the same structure of the hash functions in the CoTs.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
W. Li, Z. Gao, D. Gu, C. Ge, L. Liao, Z. Zhou, Y. Liu, Z. Liu, "Security Analysis of the Whirlpool Hash Function in the Cloud of Things," KSII Transactions on Internet and Information Systems, vol. 11, no. 1, pp. 536-551, 2017. DOI: 10.3837/tiis.2017.01.028.

[ACM Style]
Wei Li, Zhiyong Gao, Dawu Gu, Chenyu Ge, Linfeng Liao, Zhihong Zhou, Ya Liu, and Zhiqiang Liu. 2017. Security Analysis of the Whirlpool Hash Function in the Cloud of Things. KSII Transactions on Internet and Information Systems, 11, 1, (2017), 536-551. DOI: 10.3837/tiis.2017.01.028.

[BibTeX Style]
@article{tiis:21344, title="Security Analysis of the Whirlpool Hash Function in the Cloud of Things", author="Wei Li and Zhiyong Gao and Dawu Gu and Chenyu Ge and Linfeng Liao and Zhihong Zhou and Ya Liu and Zhiqiang Liu and ", journal="KSII Transactions on Internet and Information Systems", DOI={10.3837/tiis.2017.01.028}, volume={11}, number={1}, year="2017", month={January}, pages={536-551}}