Increasing Cryptography Security using Hash-based Message Authentication Code

Nowadays, with the fast growth of information and communication technologies (ICTs) and the vulnerabilities threatening human societies, protecting and maintaining information is critical, and much attention should be paid to it. In the cryptography using hash-based message authentication code (HMAC), one can ensure the authenticity of a message. Using a cryptography key and a hash function, HMAC creates the message authentication code and adds it to the end of the message supposed to be sent to the recipient. If the recipient of the message code is the same as message authentication code, the packet will be confirmed. The study introduced a complementary function called X-HMAC by examining HMAC structure. This function uses two cryptography keys derived from the dedicated cryptography key of each packet and the dedicated cryptography key of each packet derived from the main X-HMAC cryptography key. In two phases, it hashes message bits and HMAC using bit Swapp and rotation to left. The results show that X-HMAC function can be a strong barrier against data identification and HMAC against the attacker, so that it cannot attack it easily by identifying the blocks and using HMAC weakness.


Introduction
Nowadays, with the advancement of computers and the speed of sending data on the network, a lot of information is sent and received from a unit of time. Thus, given the necessity of information security in the network and, on the other hand, the necessity of speed in the exchange of information is one of the future needs of a two-way parallel cryptography algorithm for cryptography and decryption of bulk information. In the cryptography using HMAC, one can ensure the authenticity and reliability of a message. HMAC creates the message authentication code using a cryptography key and a hash function and adds it to the end of message to be sent to the recipient. If the message authentication code is identical to the message on the recipient's side, the packet is verified. Nowadays, HMAC is widely used in popular security protocols such as Ip-Sec, Transport Layer Security (TLS), and Secure Sockets Layer (SSL).
Given the conducted studies, some attacks have been made on HMAC in recent years, which could compromise the security of this widely used function [1,2,3,4]. However, the attacks made were mostly due to the weakness in cryptography key used. In this function, the weakness is in the hashing function used in HMAC. In recent years, some studies have been conducted securing the key or using more secure hash functions, but unfortunately, it could not show the required efficiency and provide security [5,6].
As stated, in the sent packet, the message and HMAC parts are recognizable in the packet. Using this feature, the attacker can make attacks like birthday attack and a quick attack or collision attack and can access the cryptography key. Moreover, by achieving cryptography key, manipulating the messages, and making HMAC using the available cryptography key, it sends the message towards the receiver, and the recipient does not notice the attack and confirms the message.
The advancement of cryptographyhas caused the emergence of different analysis methods, so that the encryption systems are intermittently broken. As all the experts in the field state that the security is never a hundred percent, but one can increase it in the network and other areas such as software by providing new security methods.
In this study, a complementary function called Extended HMAC (X-HMAC) is introduced by examining the structure, which uses two cryptography keys derived from the dedicated secret key of each packet and the dedicated cryptography key of each packet derived from the main X-HMAC key. In two phases of message bits and HMAC, it hashes by bit-turning and left-turning, which creates a strong barrier against the attacker in access to the well-formed structure and increases security of HMAC against these attacks.

Literature Review
Lee et al. (2017) conducted a study entitled "Analysis of coping with bit-flipping attacks on LoRaWAN Networks." The paper tries to use hashing algorithm of block-data bits to repel bit-flipping attacks. According to the results of this study, one can understand that the above method can be used to improve the security of data transmission and to cope with bit-flipping attacks [7]. Joe et al. (2015) presented a study entitled "Analysis of first-order attacks on HMAC." Given the identification of PIA and MAC blocks, the author has analyzed the possible attacks on HMAC [2]. Momeni and Taheri (2016) presented a study entitled "Time analysis attack on stream cipher algorithm." In this paper, the vulnerability of a word-based stream cipher algorithm was examined from time-attack analysis point of view. By modifying this function and fixing the number of LFSR function clocks used, this attack could somehow be prevented [8].
Mahjan and Masih (2015) conducted a study entitled "Parallel Processing of BlowFish Algorithm." In this study, the algorithm was explained and using CUDA, a part of this algorithm can be implemented in CPU and multiplied by theimplementation of speed [9]. Ayr et al. (2016) presented a hybrid model (symmetric and asymmetric) and could increase the data cryptography security using the proposed algorithm [10]. Thomas Perine and Lee Wong (2014) examined the likelihood of attacks like birthday attacks and brute-force. In both of them, attacks are doneas MAC bits and the message is specified in HMAC algorithm [11].
Dinor and Larent (2017) presented a study entitled "Improving public attacks against HMACs and HAIFA." In this study, the main reason for the weakness of these two algorithms is mainly the hash function used; the shorter the hash function length, the hash function used has more security weakness [12]. Geo and Print (2014) stated two successful attacks against HMAC and NMAC, in which the second type of attacks even the length of the key used long ago, could not affect. Then by providing a new approach, they could prevent such attacks [13]. Jeong et al. (2013) showed that the recovery of HMAC / NMAC passwords is possible. Using their proposed algorithm, which slows down HMAC/NMAC process a bit, the authors of the paper could improve the cryptography key and enhance the security in the above algorithms [3]. Concini et al. (2006) considered HMAC and NMAC security research to use the hash function and collision functions hash SHA-0 and SHA-1, and MD4 and MD5 to recover keys in HMAC and NMAC [5].
Navi and Akram (2011) given the low security of MD5-SHA1 hash algorithms and vulnerability against attacks such as birthday attack and authors, present a solution to increase HMAC using random key generation using MD6 and its use in HMAC [6]. Satiov (2012) studied the Flame virus analysis [14]. Najjar et al. (2006) did a study entitled "Dynamic HMAC Function." In this study, the researchers believe that using IV and dynamizing Outer pad (Opad) and Inner Pad (Ipad) can reduce attacks on HMAC, and the introduced algorithm can be a replacement for HMAC [15].

Proposed method
Given studies and surveys, the most significant cause of attacks to HMAC is the identification of the message packet and the HMAC. In the proposed method, we call X-HMAC, using a two-phase algorithm, whose first phase relates to bit Swapp of packet message, and the HMAC using RAM key, and in the second phase, the rotate packet is hashed using another cryptography key, can prevent the message packet and the Mac from detecting, and the attacker cannot detect and attack the message area and HMAC. At the end of the packet, the hashed message can be sent towards the receiver via one or more packets using the proposed algorithm. Using XHMAC cryptography key, the receiver is able to separate the message and the HMAC, and then, can examine the authenticity of the message using HMAC, and if the message is cryptography, after decoding the message after authentication, it decrypts the decryption key.

First cryptography key
The first cryptography key algorithm is as follows: The firstcryptography key is a key to the packet length (including HMAC and the message), using the HMAC-SHA256 approved by National Institute of Standards and Technology (NIST) organization.
In fact, this cryptography key determines which of the packet bits should be swapped. If (1) xor (key (i), key (i + _rightbyte)) Equal to one, the swapping takes place between the bits in the first phase.
*rightbyte: specifies the middle of the key (in fact, the same is KeyLength / 2).

The secondcryptography key
This key is obtained using the firstcryptography key, and includes an integer, actually determines the number of turns to the left or right of the packet bits.
The algorithm to this key is as follows:

The second cryptography key acts like this:
It calculates the correct value of the dataLength / 3 byte and obtains its residual to dataLength. Then, 8 bytes of the key is taken as that much and converted to integer; then, its remainder is calculated on the dataLength and the integer obtained determines the rotation to the right or left.

The first phase of cryptography
In the first phaseof cryptography, using the firstcryptography key explained above, it is determined whether i-bit and dataLength + I should be swapped or not.
The algorithm is as follows:

The second phase of cryptography
In this phase, rotation is done to the left equal to the number of secondcryptography key described in (secondcryptography key)the algorithm is as follows:

The first decoding phase
As this phase is almost the same as the second phase of cryptography, it is possible to integrate the second phase cryptography function and the second decoding phase function and reduce the spatial complexity of X-HMAC algorithm. Here, for a greater clarity of this phase, we have prevented this.
The second phase algorithm is as follows:

Second decoding phase
This phase is the same as the first cryptography phase and is decrypted using the first phase algorithm.

Results
It should be noted that the proposed two-phase X-HMAC algorithm is a step in increasing the security of the HMAC, and it alone cannot provide the cryptography security of information. In other words, X-HMAC algorithm is not a cryptography algorithm.

Examining the security of extended HMAC
No definitive security is possible in an algorithm, but solutions can be made to increase the security by identifying the problems and deficiencies of an algorithm. In this part, using the Cryptool software, we will implement a series of valid NIST tests and examine the results.

Birthday collision tests
For using 16-bit AES cryptography algorithm and HMAC-SHA256, 32-bit length, the length of the X-HMAC will be forty-eight bits (384 bits). The resistance and the hash needed for a successful attack to X-HMAC cryptography algorithm are calculated as shown in the following table. In fact, we have calculated this resistance for the hash function used in HMAC, but given the use of key by HMAC, one can conclude that HMAC resistance to the birthday attack is greater than the hash function used.

Frequency analysis test
In this section, the result of one of the thousands of frequency analysis tests of a 128-bit string where initially encrypted by AES cryptography algorithm and then the authenticity of the message is added by HMAC by X-HMAC algorithm, is examined.

Test of data randomness
HMAC algorithm is safe against this test, and using Poker-Tests presents the test result of one of the thousands cases here.

Collision test
In X-HMAC algorithm, as the output length depends on the length of HMAC and DATA, we will have: (2) One can conclude that the proposed algorithm can increase the security against a collision attack, and this increase is more than HMAC security against collision, as HMAC-SHA256 algorithm is ultimately 256 bits long. However, using the same HMAC for example X-HMAC, we will have 128-bit data:

Brute-force test
The number of brute-force attacks, if all output fields are exclusive to the hash function, it is calculated by the following formula: In the previous form, *n is the number of output bits of a hash algorithm.
Number of search states to attack the hash algorithm HMAC-SHA512 (data length: 128 bits): Number of search states to attack hash algorithm X-HMAC-SHA512 (data length: 128 bit): X-HMAC algorithm for a 128-bit string can increase security by 2 640 times.

Test of avalanche effect
An avalanche test for a string is calculated using the Hamiltonian distance from the following equation.
Avalanche (i) =Hamming Distance (Hi ,Hj)(7) Average Avalanche Avalanche i (8) The results of the avalanche test are summarized in the following table with the implementation of C-Sharp environment. The higher the percentage of the avalanche test, the safer the algorithm will be. For instance, in the first row of this test, it is shown that on average for a 1000 range, with IV constant and input text, 92.20% of the input string has changed and this is very suitable for a cryptography algorithm. If this result is less than 80%, the algorithm is obsolete and unusable and over 90% shows an appropriate algorithm for the avalanche test.

Security of key cryptography
In our X-HMAC algorithm, we obtained a dedicated key with a length of 512 bits using the HMAC algorithm and the inclusion of the IV and the main X-HMAC key. The keys 1 and 2, used in the algorithm to determine Swapp and rotation of the bits, are derived from the dedicated key. It is obvious that if the keys derived or dedicated key of X-HMAC algorithm is disclosed using attacks like knowing the non-cryptographytext, the attacker cannot access the original key and cannot attack other data blocks through the dedicated key and break the X-HMAC of other blocks.

Comparison of the speed of using and not using the proposed algorithm
Using a system, we set up a constant string with a key and variable IV, during 1000 times of cryptographycomputing implementation and adding hmac, and calculated the time of this process. Then, we computed the average run-time average of each run. Then we calculated the runtime of this process by adding x-hmac and the average of each run. As expected, the run-time due to the addition of the x-hmac function to the cryptography process has increased, but it is very low.

Overall comparison of the use and non-use of the proposed algorithm
Here, according to some of the tests done on the experimental data input, we gather the result in the table below.  In addition to the security of the HMAC algorithm against the frequency analysis attack, the security of X-HMAC algorithm also increases the overall security of the X-HMAC. Using Initialize Vector (IV) to prevent a key attack and revealing the HMAC key to all blocks  Unfortunately, HMAC function does not allow the use of IV in the hmac function, and if an attacker accesses the key of one of the blocks, he will be able to attack all other blocks that use that key.
 By adding IV in the cryptography steps, if an X-HMAC key is released, a block is released, with the use of IV, the x-hmac key is reserved for other blocks, which increases the security of cryptography.
Hash resistance used against birthday collision attack (assumption: no collision in output hashes)  The hash resistance of the hmac algorithm against the birthday collision attack is 2 /  In addition to maintaining the hash hysteresis of the hmac algorithm against birthday attack, this value has increased by the following x-hmac algorithm. Hash resistance against brute-force attack (assuming no collision in output hashes)  The hash resistance of the hmac algorithm will be against the bruteforce attack: 2  Using x-hmac, not only no failure occurs in hmac hash, but this resistance increases to the following value: 2 Comparison of speed (This comparison is from the average run of 1000 rounds of cryptography then adding hmac) 0.060 seconds per data block 0.067 seconds per data block

Conclusion
The study dealt with using the studies done, the efficiency and widespread use of HMAC function in the famous protocols such as Ipsec, SSL, and using it to identify authenticity of the message. With the prevalence of using HMAC, the security of this algorithm is important and can greatly assist the cryptography community. It is proven that the security of the HMAC algorithm is greatly a function of the used hashing algorithm and its cryptography key, and the non-use of IV in this algorithm can affect the security of other blocks if the HMACcryptography key of one block is disclosed.
By studying previous studies to increase the length of the HMAC key to increase the security of this function, or to use safe hash functions or use of asymmetric algorithms instead of the abstract function, it has not been able to help HMAC security or reduce the critical speed and using asymmetric double-sided algorithms to encrypt bulky data is not cost-effective.
The study presented the message and HMAC bits prior to sending the proposed algorithm called X-HMAC. Using HMAC algorithm and IV and two dedicated keys derived from the original Brute-Force Attack key were hashed prior to sending (using the bit swapping and turning to the left of the bits) and then the data block was sent to the receiver.
If the attacker reaches the data block, he must first break and X-HMAC algorithm and decrypts it to obtain the correct layout of the block bit with the message and the HMAC, and then find a way to break HMAC. Clearly, the proposed X-HMAC algorithm can be a barrier against an attacker.
In the end, we state that the X-HMAC proposed function is written for bit hashing of HMAC in terms of the internal structure of the algorithm and cannot replace a cryptographic algorithm. However, its use as a complementary HMAC or using it in HMAC structure (to save memory and speed) can be suitable in improving HMAC security.