Search

KR-20260062235-A - System for hash function security analysis based on deep learning and method thereof

KR20260062235AKR 20260062235 AKR20260062235 AKR 20260062235AKR-20260062235-A

Abstract

The present invention relates to a deep learning-based hash function security analysis system and a method thereof. According to the present invention, a deep learning-based hash function security analysis system may include: a data generation unit that derives first to N hash values while increasing the number of operations of a hash function to be analyzed for at least one message; a first attack unit that derives first' to N' hash values using a first analysis model learned on the at least one message; a second attack unit that derives first to N output messages by applying a second analysis model learned on the first to N hash values; and an analysis unit that analyzes the performance of a hash function using the derived first' to N' hash values and the derived output messages. As such, according to the present invention, the security of a hash function can be automatically analyzed and evaluated. In addition, the safety analysis and evaluation of the hash function can be performed based on the number of operations repeated internally.

Inventors

  • 문인규
  • 엘 자하르 로아 모하메드 살라 압델모네임
  • 정온지

Assignees

  • 재단법인대구경북과학기술원

Dates

Publication Date
20260507
Application Date
20241028

Claims (10)

  1. A data generation unit that derives the first to N hash values while increasing the number of operations of a hash function to be analyzed for at least one message; A first attack unit that derives first to N' hash values using a first analysis model learned on at least one message; A second attack unit that derives first to N output messages by applying a second analysis model learned to the first to N hash values; and A deep learning-based hash function security analysis system comprising an analysis unit that analyzes the performance of a hash function using the derived first to Nth hash values and the derived output message.
  2. In paragraph 1, The above-mentioned first attack unit is, A deep learning-based hash function security analysis system that performs a ciphertext generation attack using a first analysis model trained on at least one bit format message.
  3. In paragraph 1, The above-mentioned first attack unit is, A deep learning-based hash function security analysis system that derives the 1st to Nth hash values, respectively, by increasing the number of operations one by one from 1 within the hash function of a ciphertext generation attack through the first analysis model learned from the above message.
  4. In paragraph 1, The above second attack unit is, A deep learning-based hash function security analysis system that performs a plaintext restoration attack by applying a second analysis model learned to the first to N hash values.
  5. In paragraph 1, The above analysis unit is, The performance of the hash function is analyzed by comparing the derived 1' to N' hash values with the 1 to N hash values, respectively, and A deep learning-based hash function security analysis system that analyzes the performance of a hash function based on the number of bits matching the derived output message and the bit array of the message.
  6. A step in which a data generation unit derives the first to Nth hash values while increasing the number of operations of a hash function to be analyzed for at least one message; A first attack unit deriving first to Nth hash values using a first analysis model learned on at least one message; A second attack unit applying a second analysis model learned to the first to N hash values to derive first to N output messages; and A deep learning-based hash function security analysis method comprising the step of analyzing the performance of a hash function using the derived first to Nth hash values and the derived output message.
  7. In paragraph 6, The step of deriving the above hash value is, A deep learning-based hash function security analysis method that performs a ciphertext generation attack using a first analysis model trained on at least one bit format message.
  8. In Paragraph 7, The step of deriving the above hash value is, A deep learning-based hash function security analysis method that derives the 1st to Nth hash values by increasing the number of operations one by one from 1 within the hash function of a ciphertext generation attack through the first analysis model learned from the above message.
  9. In paragraph 6, The step of deriving the above output message is, A deep learning-based hash function security analysis method that performs a plaintext restoration attack by applying a second analysis model learned to the first to N hash values.
  10. In paragraph 6, The above-mentioned analysis step is, The performance of the hash function is analyzed by comparing the derived 1' to N' hash values with the 1 to N hash values, respectively, and A deep learning-based hash function security analysis method that analyzes the performance of a hash function based on the number of bits matching the derived output message and the bit array of the message.

Description

System for hash function security analysis based on deep learning and method thereof The present invention relates to a deep learning-based hash function security analysis system and method, and more specifically, to a deep learning-based hash function security analysis system and method that automatically analyzes and evaluates the security of a cryptographic hash function by performing a plurality of deep learning-based attacks on a hash function. Hash functions are used in various security systems to verify the integrity and authenticity of data and to protect personal information contained in encrypted data. To this end, it is important to perform cryptographic analysis on hash functions and improve them based on vulnerabilities discovered during the analysis to ensure their security. Conventionally, the security of classical cryptographic systems was analyzed and evaluated using an attention mechanism on two text datasets, or by using a single model constructed with a Generative Adversarial Network (GAN) built through unsupervised learning on multiple classical cryptographic systems. However, methods for analyzing and evaluating the security of hash functions based on mathematical principles and techniques, such as performing birthday attacks, Man-in-the-middle (MiM) attacks, and brute-force attacks, have limitations in that computing complex mathematical equations is time-consuming and load-intensive. The technology forming the background of the present invention is described in Korean Published Patent No. 10-2021-0065597 (published June 4, 2021). FIG. 1 is a configuration diagram of a deep learning-based hash function analysis system according to one embodiment of the present invention. FIG. 2 is a flowchart of a deep learning-based hash function analysis method according to another embodiment of the present invention. FIG. 3 is a drawing illustrating the structure of the first and second analysis models according to the first embodiment of the present invention. FIG. 4 is a drawing illustrating the structure of the first and second analysis models according to the second embodiment of the present invention. Preferred embodiments according to the present invention will be described in detail below with reference to the attached drawings. In this process, the thickness of lines or the size of components shown in the drawings may be exaggerated for clarity and convenience of explanation. Furthermore, the terms described below are defined in consideration of their functions within the present invention, and these may vary depending on the intent or practice of the user or operator. Therefore, the definitions of these terms should be based on the content throughout this specification. FIG. 1 is a configuration diagram of a deep learning-based hash function analysis system according to one embodiment of the present invention. As illustrated in FIG. 1, a deep learning-based hash function safety analysis system (100) may include a data generation unit (110), a first attack unit (120), a second attack unit (130), and an analysis unit (140). First, the data generation unit (110) can derive a hash value while increasing the number of operations of the hash function to be analyzed for at least one message. Specifically, the data generation unit (110) can derive first to N hash values by applying a hash function with 1 to N operations to at least one message in a bit format with a preset length (e.g., 128 bits), and generate a dataset that matches the message with the number of operations of the hash function and the first to N hash values. Next, the first attack unit (120) can perform an encryption emulation attack (EEA) using a first analysis model trained on at least one message in the generated dataset and derive the first' to N' hash values (Digest). At this time, the first analysis model is a model trained to use bit-format messages and hash values as training data and to output a hash value when a bit-format message is input. Specifically, the first attack unit (120) can derive the first to Nth hash values by increasing the number of operations one by one from 1 within the hash function of the ciphertext generation attack through the first analysis model learned on the message of the generated dataset. Next, the second attack unit (130) can perform a plaintext recovery attack (PRA) by applying a second analysis model learned on the first to N hash values in the generated dataset and derive the first to N output messages in bit format. At this time, the second analysis model is a model trained to output a bit-format output message when any one of the first to N hash values is input, using hash values and bit-format messages as training data. Specifically, the second attack unit (130) can perform a plaintext recovery attack by dividing the sequence of hash values according to the unit in which the data generation unit (110) processes at least one message and inputting them into each cell of the second analy