Tag Archive for: algorithm

What is the Blake256r14 Algorithm? Blake256r14 Coin List

/in


Cryptographic hash functions are vital security components of current computers. They form a key part of digital signatures, message authentication codes, and other security protocols.

So far, there are four series of cryptographic hash functions generally known as Secure Hash Algorithms (SHA). These are SHA-0 (published in 1993), SHA-1 (published in 1996), SHA-2 (published in 2001), and SHA-3 (published in 2015). 

In 2007, the National Institute of Standards and Technology (NIST) opened a public competition to develop new hash functions that would replace SHA-2.

The competition accounted for 51 participants. BLAKE was announced as one of the five finalists in 2010, but lost to Keccak in 2012, which was selected for the SHA-3 algorithm.

Blake256 or Blake256r14?

Blake256 and Blake256r14 are virtually the same, the only difference being their rounds of hashing. The first Blake256 had only 10 rounds of hashing, but this was less secure. Therefore, the rounds of hashing were increased to 14 to improve the security. This birthed Blake256r14 or Blake 14r.

What is Blake256r14?

Blake256r14 was constructed based on the Hash Iterative Framework (HAIFA). This framework fixes the security flaws and complexities associated with the Merkle and Damgård hash function. Because it is built on HAIFA, Blake256r14 is easy to analyze. It also increases the security of iterative hash functions. Its 14 rounds of hashing not only improve its security, but its speed.

Being a SHA-3 finalist means that it was reviewed carefully and also brutally attacked by renowned crypto analysts in order to identify its security flaws. Blake256r14 allows efficient hardware implementation leading to stronger proofs necessary for network security.

Blake256r14 and Crypto

Blake256r14 is not used widely as a hashing algorithm in crypto. Only one coin uses this algorithm: Decred.

Decred (DCR)

Currently ranked 83rd by market capitalization, Decred was created in 2016 to foster open governance, community engagements and sustainable funding policies. The project was designed so that the community validates every transaction and modification made to the…

Source…

Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm

/in


Hive Ransomware Master Key

Researchers have detailed what they call the “first successful attempt” at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content.

“We were able to recover the master key for generating the file encryption key without the attacker’s private key, by using a cryptographic vulnerability identified through analysis,” a group of academics from South Korea’s Kookmin University said in a new paper analyzing its encryption process.

Hive, like other cybercriminals groups, operates a ransomware-as-a-service that uses different mechanisms to compromise business networks, exfiltrate data, and encrypt data on the networks, and attempt to collect a ransom in exchange for access to the decryption software.

Automatic GitHub Backups

It was first observed in June 2021, when it struck a company called Altus Group. Hive leverages a variety of initial compromise methods, including vulnerable RDP servers, compromised VPN credentials, as well as phishing emails with malicious attachments.

The group also practices the increasingly lucrative scheme of double extortion, wherein the actors go beyond just encryption by also exfiltrating sensitive victim data and threatening to leak the information on their Tor site, “HiveLeaks.”

Hive Ransomware Master Key

As of October 16, 2021, the Hive RaaS program has victimized at least 355 companies, with the group securing the eighth spot among the top 10 ransomware strains by revenue in 2021, according to blockchain analytics company Chainalysis.

The malicious activities associated with the group have also prompted the U.S. Federal Bureau of Investigation (FBI) to release a Flash report detailing the attacks’ modus operandi, noting how the ransomware terminates processes related to backups, anti-virus, and file copying to facilitate encryption.

The cryptographic vulnerability identified by the researchers concerns the mechanism by which the master keys are generated and stored, with the ransomware strain only encrypting select portions of the file as opposed to the entire contents using two keystreams derived from the master key.

Prevent Data Breaches

“For each file encryption process, two keystreams from the master key are needed,” the researchers explained. “Two keystreams…

Source…

GBT is Evaluating an Implementation of Advanced NLP Algorithm, To Provide Powerful NLP Features for Its AI Healthcare Advisory System

/in


News and research before you hear about it on CNBC and others. Claim your 1-week free trial to StreetInsider Premium here.

The Advanced NLP (Natural Language Processing) capabilities to enhance the human-to-computer interaction experience, capable of making it significantly more user friendly, mainly intuitive.

SAN DIEGO, Jan. 27, 2022 (GLOBE NEWSWIRE) — GBT Technologies Inc. (OTC PINK: GTCH) (“GBT”, or the “Company”), is evaluating the use of advanced NLP algorithm model to enhance its AI based healthcare advisory system human interaction experience. The Text-To-Text Transfer Transformer (T5) model introduces an efficient technology to perform a wide variety of supervised Natural Language Processing (NLP) tasks such as classification, Q&A and summarization. Typically, most of the new deep learning NLP models are very large and include vast number of parameters. Normally the larger the NLP model, the more learning capacity it has, yet one of the main disadvantages is the huge dataset which may reduce the overall performance. The advanced NLP algorithm model is considered one of the most advanced, high performance NLP algorithms that includes a vast number of parameters, using significantly less memory, and provides high accuracy. GBT will be evaluating the T5, pre-trained model with the goal of using it in its Hippocrates healthcare advisory system, handling Q/A, text, summarization and compositional commonsense knowledge. The model allows more parallel processing than methods like Recurrent Neural Network (RNN) and Convolutional Neural Network (CNN) which significantly increases data understanding and reasoning capabilities. For example, T5 model is capable of processing words together rather than on a word-by-word of a given text. As global data realm is estimated to reach zettabytes range in the near future, our deep learning computing will need powerful processing capabilities, comprehending and scrutinizing data, particularly in the huge, unstructured NLP domain. The system is designed to perform as a general health Q/A advisory system, providing first-line of health-related advice. We plan to further develop the system to include intelligent…

Source…

Purdue researchers create ‘self-aware’ algorithm to ward off hacking attempts

/in


WEST LAFAYETTE, Ind. — It sounds like a scene from a spy thriller. An attacker gets through the IT defenses of a nuclear power plant and feeds it fake, realistic data, tricking its computer systems and personnel into thinking operations are normal. The attacker then disrupts the function of key plant machinery, causing it to misperform or break down. By the time system operators realize they’ve been duped, it’s too late, with catastrophic results.

The scenario isn’t fictional; it happened in 2010, when the Stuxnet virus was used to damage nuclear centrifuges in Iran. And as ransomware and other cyberattacks around the world increase, system operators worry more about these sophisticated “false data injection” strikes. In the wrong hands, the computer models and data analytics – based on artificial intelligence – that ensure smooth operation of today’s electric grids, manufacturing facilities, and power plants could be turned against themselves.

abdel-kahlik-groupPurdue researchers have developed a novel self-cognizant and healing technology for industrial control systems against both internal and external threats. The project is led by Hany Abdel-Khalik (center) with Yeni Li, a nuclear engineering postdoctoral associate (right) leading the anomaly detection work and third-year nuclear engineering Ph.D. student, Arvind Sundaram, the covert cognizance algorithms implementation. (Purdue University photo/Vincent Walter)
Download image

Purdue University’s Hany Abdel-Khalik has come up with a powerful response: to make the computer models that run these cyberphysical systems both self-aware and self-healing. Using the background noise within these systems’ data streams, Abdel-Khalik and his students embed invisible, ever-changing, one-time-use signals that turn passive components into active watchers. Even if an attacker is armed with a perfect duplicate of a system’s model, any attempt to introduce falsified data will be immediately detected and rejected by the system itself, requiring no human response.

“We call it covert cognizance,” said Abdel-Khalik, an associate professor…

Source…