Towards a reliable evaluation framework for message authentication in web-based transactions based on an improved computational intelligence and dynamical systems methodology

Abstract

The strength of message authentication, digital signature and pseudonym generation mechanisms relies on the quality of the one-way hash functions used. In this paper, we propose two tests based on computational intelligence and evolutionary algorithms theory to assess the hash function quality, which may be used along with other known methods and thus comprise a testing methodology. Based on the known nonlinearity test, which might confirm uniformity of digests, we formulate two tests using Support Vector Machines (SVM)/ MLP neural networks as well as Genetic Algorithms (GA). Both tests attempt to confirm that the produced digests cannot be modeled and, moreover, that it is impossible to find two or more messages that lead to a given digest apart from involving brute force computations. Both tests are applied to confirm the quality of the well-known MD5 and SHA message digest algorithms. © 2009 Springer Berlin Heidelberg.