lab ora tory of information...
TRANSCRIPT
~i~ : +86-10-82546611
f~~ : +86-10-82546564
lll~m : [email protected]
IXXJ~6 : http:/ /www.sklois.cn
~ I5I06rzl~iE E5:-if:D6~·~·D ID•~'lZ:.:I:.eJ~.!Il •••• ~-:J!!L.:EJI!Illt.
STATE KEY LAB ORA TORY OF INFORMATION SECURITY
SKLOIS
{t 'E t \:J Jt~ + ~a ,t ~
~t~ 14 ~~) ~
%.- J)- tf ~t
r.~ ~ ~
m·t~£rr, ;~~~s== ( f'F~ : xUSJJZ~)
~~1Q:~B7f2016~Jlf..##:~~~······································································································· 1
~~1Q:~ 2o16 ~m:~ftiQ;:SZ, ~ftif~mz~i~illi~~mz~ ...................................................... 2
~~1Q:~ 2017 ~Ji.7fJJ1l:il~HEI3~~ ······························································································ 4
~SJZB~~~f~~~ ~!-H1Q:~~-!:3n-t.ITJJ;~ ~Ilffi~~, ~$·ta ) ···························································· 6
~~1Q:~ s-LAB ~~.A.~;& II ~t~if~ II iQ;:SZ~%;~llf.-#33siAiUM~~t~®!!§X ( xuf,fll, )········12
SIMON-like ~~~~;t~~fft~n-~~iE( xUIEnt) ········································································14
~.2::a:tr~~~f~~( ~7.1<~!1! ) ················································································································19
e:a;~~~m!MHI! Google r~~~m~~1.JD~1~#: ···························································· 23
:a-T-~ffL 1' ,IX±~fli.R ~9E~-~ ? f§fli I f§~~~~J' ····························································· 27
H~ffL II iti~ II ~~~~tiJ: JJ~~~~BJ3~~aJJ~~ ·························································· 3o
~ ~1Q: ~ 5K ;~ IlJJ I! ~Jf ~ ~ itt~JT 1.JD ±&: i¥i ~$I! I:*:.#~ ;]it i.JJ fOJ ························································· 31
~~1Q:~A~itt**~1JD FS E 2017~11~~1..)( ··················································································· 31
~$}.:~Jf ~ ~*~~~.5(~i.JJ fOJ ~~1Q:~ ff:f'F-##:1~ 15- ............................................................................ 32
I ~ · Jlll I 0 ---------------------------------0 I ~ · Jlll I
20171:F1Fl7 a ~1*J~t~~~~~~~~~~:¥:2o161:F!l~*~D3.~1.f~t*BH. crf4~JG-mm~::~:~~j~~tE:, 1~*'6~-I:E:, {g,i~tif~Jlff~Pt?fftE:, ~~~:¥:~*~93.~~~.:E1f~5JJ%±, ~~-~~1~, .:EH~R\5$~%±,
~~.:E1fxBYI~~%±W-+~11z~IJ!~, {Z~t±:llm'7~)(.
~...t I 1*J~tif~?tr~Pt?trtE:~*~~¥ I ~~~:¥:il'if\*ill.:E1f)D~7 2012 1:F -2016 1:F~~~:¥:I1'Fm:m I
~~~:¥:1*B~~~ff~D3., ~~~w~~ff~D3., ~$'ta~ff~D3., r'J'J!t~~j~~ff~D3., ~j¥jA~j~~ff~D3.5Stl~1HB7~~~:¥:831t
~·~PX~. ~J§ I :k~x1 2o16 1:FJl17t~i~:>Z:fD17t~If~PX~fD 2011 1:FJl~~~:¥:3TJNiJ~ittfr7i~~.
.!:3~~*~93.~~93.x1~~~:¥:ifrli1:FI1'F~~7~~ I ~93.fiJ-~i;._~ I ~~~:¥:ifrli1Fitttl:7~~* I 1.±A::t ~A1li I.f1!§7JdEL f4~ffPX~, ~O[Ii.J)J~1JrniifBf[BJ3lffi~~. I'§JB1 I .!:3~~93.~-8-~...t~~~:¥:.:E1ft~15-fDE/Mt
~·~PX~t~15-·t~/5C I ~ 2017 tj=~~~:¥:i~ii"I1'Ft~t±:l7~~~9ti~·~~9[!_ 9ti)( I #J-J._~f41JrP:J11J~, A/.t~}._{li
9ti~~1Jrnix1~~~:¥:**~mm:fr7 s~~m1.
1. ll$t21iJf~~f'FJM!~ (($}:f!:j:$_'~[PJ)Jm•ti0l'JT)) ~J'&-l5
2. 1~~.~~~li!UiiJf~~f'FJM!~ ((l&;~~i!~!3/V:Jf.t0l'JT)) ~J'&-l5
3. ~W:ll'*li!UiiJf~~f'FJM~~ «A.1:~;g!gl&;f!31lJJJ=f'» ~m~J'&-l5
4. ~~~~lilf~~f'FJM~~ «~~.&!3JBm~E3imt-'3srm> ~J'&-l5
5. ~~~liJf~~f'FJM!~ ((~*.p_j<;~iAJ;gtJ.l'IPJi.RtJU)) ~J'&-l5
~~~~ 20161+~ ~~~~,~~I~~~w~~~~~
2017 iF 1 Fl 7 E3 1 {g,~,~~~~~~~~~~:¥: ( ~:J.l'f§Jf$ II~~~:¥: ")2016 tj=Jl~*~D3.~~)(x;J 2016
1F!l17t~i~:>Z:fDif~PX~ittfr7i~~. £~*~~~~93.i1i~#1~~ I ~£~i~~t±:l17t~i~:>Z:-~~-r.f1!, 17t~i~
:sz:=~~imi.fl!, {ft~If~PX~-~~-I.fl!, {ft~If~PX~=~~imi.fl!.
I ~ · Jlll I 0 --------------------------------0 I ~ · Jlll I
ilia , ~~~~~lliR717t~PX~n!l!~~i)(, ffi~~~~=E1fil'if\:$ill~ff~D3.n!l!~, ~~~17t~PX~$i~Af~~~
~;\_t~IJ!~.
~Im $~A ~~;\PXD3. ~~{'!=~
Xueqiang Wang, Vi Chen, Following Devil' s Footprints:
{ft~iQ:>Z ~*·ta
Peng Wang, Yeonjoon Lee, Cross-Platform Analysis of Potentially
-~~ XiaoFeng Wang, ~#~, Harmful Libraries on Android and iOS
.:E~~- ~~~il!t5' ~~~~
Applying MILP Method to Searching
{ft~iQ:>Z rPJ)~$ ~~3Z)*, 'E1I~I~, til\:$111
Integral Distinguishers Based on
-~~ Division Property for 6 Lightweight -""<:t"
Block Ciphers
{ft~iQ:>Z ){Uf,\!1 18X~JT*, i~IiffifD, Makeup like a superstar: Deep
-~~ Localized Makeup Transfer Network -""<:t" .:EBl,fi~~
{ft~If~~ ti~~
±:at ~~~Bf.L ~rtl~t-~~~~~~~~~~ -~~ ~~l5t, ~~~!*:I.E 5JtJT51~
{ft~If~~ ~*·ta .:E~~- ~Iiffi~U, .:El~ $X1tt:~~~*~1t -~~ -""<:t"
{ft~If~~ *0~~ ~PXm~- ~~rn ~r GPU ~~B1~!35JtJT*~ft
-~~ -""<:t"
20171+~1-;;-,lffi,~~~~m,~~~~~
7f1i1li~~iSJ! $~6~
2017 i:F~{~)~-~~OO~~j~~~&:~lHf$:i~~:t~4~~U7 »;:$*§ ~OOffi~ ~ r,§J~~Bt f4~JftJ1~fD
~Effi*$ffi~$W~,$·-~~~¥~7~~r,§J,M~~-ffi~r~~~.~-~~-~IT.F
iiB~~!J!U I ~~&:~lHEl~i*~El~.R7Mf4Ei3~, i?1JH:&~~~.m~~lj!~-~JUH$I{'F I ~~~H~t±l 231'
$i~Ill!§ElHT~Wl. 2017 i:F~~&:~lHf$:i~~~1t~Wl1S$~Dl' :
}¥;% ~~;\PXD3. $~A $~A~11z ~~~~u
1 ~f[Zi9J~~~m5~9~-E1*ll
~~:E)~ 9J00f4~1ll'G:*:~ ii,¢.\Im§ 1~*~H~&@ffl
2 J¥;9Ul&~!3.!:3 fJ~Ell&~!3 9J ~-®
-==~F.l i¥.i~m_,_.,.,.,m_,_~*,>g ii,¢.\Im§ a~~ ;r-_:n,~:n, T-%'~iEfD:5)!
3 im~~JT~{~)-}t~$j i?B~i~t
~IT~ g:§i¥.j~'~*,>g [§]_tim§ ;&;l§t@ffl
)C~ T-
4 m:*:mlt~.I:I~J~~~mt&~!3*~1t
~~*)¥ ~ t~m_,_.,.,.,m_,_~*,>g [§]_tim§ i~t .!:3)-}fJT
;r-_:n,~:n, T-
5 :t~*t~E3fli?B~&mzmm~ tw )$_ ~[§UiP5B:*:~ [§]_tim§
IPJ~ ;ftJ $i?B~1:Ex1f8\!&~!3fDJ¥; ~~:goo [§~~rf4r~*~ 6
9Ui~t9J~@ffl [§]_tim§
7 ~f[~tliSiG~'tit~i!i!U~PJ~~iE
~ D LlJ:$:*:~ [§]_tim§ PJ1t~1.lot&t&J-i)(~i~t .!:3 mzm
8 ~:r~~~:5tt~~*~ms~
m~sJ3 J~'l'l*~ [§]_tim§ fAr~*
9 JPEG PJ~f~,i~t~#!Uff~ ~:5$ 9JLlJ:*:~ [§]_tim§
~r!Ztj(lJit~*~fJ;ftJi\;;;!=HR ~9&'±'$. 9J00f4~1~**~ [§]_tim§ 10
~~t&J-i)(~ff~ J~)
I ~ · Jlll I 0 --------------------------------0 1~4liJf·.11!1&1
)¥;% I~H3~f8\ $~A
iiDrPJ -fff~B~nJT7f~"Ei"~'-~o~tJi5 P "A 'T l ' <li =rEil ill! ~ ~ ~u 11
jG~~tiiiEBJ3t?Ji)(Ulf~
12 ~:r:~Zgfli£J,t~PJttm~mt?J~
).t ~u t?Ji)(~Jf~
~T Lloyd-Max ~l=t~~~{t~ 13 fD~{;it9i~]l~JJT~~ZVJ~~~-!:3 *~JTLlJ
t~*
~*~1~~x11fx)(jiff~~~)!iWt~ *~~ 14
*
15 ~ZVJ § ~~llJJ~D~{~fiZVJ:tJ~~T~
P":>Z~ .!:3~%U
16 ~ZVJi~~:1C~®f~w.Jif~3Z:~* x-u {t mt~*m~
7it¥1i~cpffii[P] ~fifl~:*:~ttiS$ .:Eft~¥ 17
~~~fM~P~~Jf~
18 ~r~~~:*:~tti5~~JT-f-IC1i5~~,~
Witif§'BJ3 #1:5)!~Jf~
19 ~*~~pt!;p;]~~iiEfD~~Ifi.Q.!:3 p {t :5)!Ulf~
20 iVJ~$ fflp:f.1\ljff~IEJ~1.JD~~ ~$~.IE
)!~Jf~
21 7i~tti53Z:~t¥{i~*ll~~!3t~*~Jf .:E~U~f
~
22 f.t·~~1~5Jt¥~~EJ~~tim~:&~
~/j\~ mzm
23 7iH~:f.1\~cp~tJi5t¥1i~3Z:~EI3H
~~Jf~ r {i
$~A~11z
*~t:*:~
i¥.i~{~EI I~o:*:,>g ;F. a,l!J, ~ T
~)$:*:~
cp~:f4~ill'G)~:l:JII%ill:
t~*~Jf~lll'G
sB:*:,>g =- 7'-
~t*m~~*~
i¥.i*m~~*~
mJ)I:*:~
cpLlJ:*:~~ttiS:¥4~.!:3
H~~Jl.~lll'G
)tfi)IJJ~~Ill'G
g§3i:~r:f4t~*~
Mi¥.i:*:~
~.%:*:~
~~~~u
oo_tr~H3
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
[§]_tJY:!§
~1f-'ta~Jf~D3.~ ~"' 1±~~~_t§!J\x13¥~ 'B:5ffi:I:.Will:~T~~f-IC~!3:*:~m~~~~)!iW. E±lr3¥~mzm r!J:t.WHI~ I .§J-;\
Apple Store l'$XB~f~J¥;~{fffl~fflill:~T1.JD~15RtP I ~D~~ffllt!li~JJ!UXi~)J1~ill:~T&~1l. ~ltt I r)J:I:,W_tlttm
~)~f[-~~&W9~51~PJ~)_~I.PJx1iOSSfB~~@fflB~f[~'1z~~)!iW J;\rm.@~iOSSfB~~@fflB3~~liE~~0S!Xi.
~~;\52:~&7-.*~U83t~*~l~~ I t~t±:l7-fl:ll«~SJZB83~~f-IC~!3B~~1~~;!im:51! I ~I.PJ7x1)~1.ff[~ ios mzma3f[
~'1zt~)!iW. *PX~B~~tt 2016 1:J={i5.~,3Z:~W~J~~B3~i)( IEEE Symposium on Security & Privacy
( CCF-A ~) _t I~~ 37 1:J=*cp~*~*~ 7 ~ I tB~~p;]§~1±*~)(_t~~B3.!:3~~f-IC~!3)!il~i~tEl*B3i.Q3Z.
~~;\;fUfflt~)!il~ Android $Xf!:J:fD iOS $Xf!:J:i'SJIEJ)J:~~f-IC~!3B3Ji!U~ I ~~ Android ~~f-IC~!3i~SfB±tBB~~1iU
iOS $Xf!:J:cpill:~T~~f-IC~!3t~)!il~. ~cpB~~1i1f~{ffflB~DB3 Android ~~f-IC~!3 I ®-tJG~~~i~Sf~~~iE I ®
i1~~~®~~~iEill:~TB~~1 I ~~ iOS SfB~f[*~~~iEB3f~J¥; I #ill:~T~T~~/J\B3~FHi;\.
1) j:~~ android J$3Zf!:J:#ill:~TfJ~
2) x1 android J$ill:~T)~1.ffB~B3t~)!il~
3) *~*android Phalib .!:3~1.± iOS cp83x1@ Lib
4) x1*~*83 Lib x1ill:~TPJ~~T~fJtJT
I;J4liJf· .11!JB;I 0 --------------------------------0 I;J4liJf · .11!1&1
~~;\x1Jlffl&~83t!!W~:k@fflr!J:I:.W 130 JJ Android @ffl$X1!:J: ( -E12i 40 JJ Google Play r!J:I:.W83@ffl ) itt
fr7 &~il I #i~H 7 --t§iVJ1tBtJTI~ LibFinder x1&~1l83@fflf~(i;ittfrBtJT I ~~I.PJ 612437 -t-E1# t~~~~f$~~$X1!:J:-E1B~7 763 -1'-~.El. I Jlfff[!'§J~.El.83-E1t~ff1±:kf9:83tl31'iiJ1"tii!?J ( {iffl Lib Finder I~x1&~1l83 app ittfr§iVJ1tBtJT ). zJ§83zv~~x1 group cr83-E1ittfr~~.
2) ®-t:IG Android)$
~~83§83~t:IGt±:IJlfff[t§*83$X1!:J:-E1 I ~®$X1!:J:-E1.!:31'§J-/j'~~cp83~{tB$X1!:J:~!j[;kg~)-}1"tii!?J. ~ltt I ~
~;\§%~)(.7--1'-~T Jaccard ~5183-E1tl3i~Jl~)! ( PSD) *)JiW~im-t-E1zi'SJ83tEli~Jl I x1)-}~cp83-E1ittfr
~~. Pso ~J!~rniittfrBtJT I ~17.1-\~It~or: :
x1r im -1'-* § /GI'iiJ @ffl 83~~-EJ, PL P2 I PSD(p11 p2) = n(p1 n p2)/n(p1 u p2) C method ~~ /method#~ )~7~I.PJ1.f15)!( method )~rnit~t~im-1'-~~-EJ, ILibFinder ~H~15)!83JL{iJ]cp{,'( ~'L,')
i§~*t~t~15)!83tl3i~Jl. /GtEl*J$fDtEl*J$zi'SJ83 PSD )-}11J·t~/5C~Dl'~Jlff~:
.2 ~
100.00%
80.00%
60.00%
40.00%
II!] unrelated libraries
f F l-------1 • libraries with different versions
..
20.00% 1-J:~il------------·i
o.OO% o;l-""--o.,...-.l~o . .,--2 - o:-,;-.3 ----,0.4,------;o..,-.s _.•-.o.6=--• oc,-.7 _.~..,..8_1.,.o_,--g __,1.0
PSD
J-;\~crPJ~).~t±:l I :~GtEl*83J$zi'SJ83tEli~i?il
~:~G~r 13% I rmtEl*83J$:>Z:1tJ:zi'SJ~:J>f[
57% 8315)! ( Methonds ) ~tEli~83 I .§;k~~
83 PSD ~{i~r 85%. !£rtEl*J$fD/f-4El*J$ 83 Pso tEl~t~* I ~~"'~~ntllii~~ 35% I 11-:r: 13%fD s7%zi'SJ J;\rm151t~ZBimfltl~ru83J$x1.
~~;\{iffl VirusTotal I~t&)JiW-'1'-J$J>t~~{l.l-\~~~)~1.f~~J$. ~~t¥1.±8313Z*a~:~G§~imi1f§J~ 83J'~:m?.J$f..t{J§_t{~iU VirusTotal ..ti!Hr~~·~t&)JiW I ~~ VirusTotal R§~x;J@fflf~(i;i!Hrt&)JiW I rmru)!x1~
~s83J$i!Hrt&)JiW. ~ltt I ~~;\J'~t±:l7~B1iER -E12i§ t~J$:>Z:1tJ:83@fflf~(i;*i!Hr~~·~t&)JiW831JJ!. ~H~§ %~~-E12iE3t~J$:>Z:1tJ:83illlfflf~(i; I f..t{J§x1~&~il I 1.± oEx :>Z:1tJ:83-*:Pu!?!crr~~t±:l*-E1?..t{J§JlJt~~~~1tE.83ru
*1-tii!?J I ~)Jttt~9t~JT83@fflf~(i;# _t{~iU VirusTotal i!HrBtiE. i~ffil*i# I 1.±1~~~-1'-@fflf~(i;#~~~*~~
~-E1832:111z~zm- I ~~;\1~t±:l8315J!"PJl).§iVJJ-;\ oEx :>Z:1tJ:83~:>Z:1tJ:cr~:Im-E183f~(i;11zm I -E1t5~1tu!?Jfo~~.
~~fltl15)!1.f VirusTotal ..tx;J ( 130 @fflf~(j;cpjlff~:I.PJ83) 763 '1'1tii!?JJ$i!Hr 1725 /J\BtiE I m~'~'~$~
6 /j' VirusTotal ~l£P •
.:E~J!t~~: x1 Android cpB~FHi;\83 Phalib ( 7~1.±~~)$) 1.± iOS SfB..t~ t:IGB~~;J.
~Im ios SJZB7~1.±83~~J$~--t~~s~ I ~~J-;\ ios mzmf~(i;x1@83=itttu:sz: {tj:cp~I.PJJ$:>Z:1!:J:~I=~0S!Xi#.§)~f[I.PJPX83&W9~51~PJ~).x1Jlff~I.PJ83J$:>Z:1!:J:ittfrf[
~'1z~&iiE. ~7m;~~-ti'6J~ I ~~;\;f1Jffl7--t*fi83~Im: itt~ ios J$t~ff1.fx1mz 83 Android J$. 19U~D I Source DNA t~15-83m 38 -1'- iOS J$cpf[ 36 ( 95%) -1'-fftE
x1@83 Android#.&*· i~ffil{g,i~t~D~~Jlff~ :
~~;\~r/Gi'iiJ83$®Aittfr~/J\iit~& ~#ic~f~(i;cp~1t831iffl~).fi®t±:l/G~~.
~ff~*)1-®~~~83f~(i;,~#~). class ~~11zittfrBtJT.
iOS libs IHas android version!
Adwhirl Y Interactive Y
AdMob Y iAd N
Flurry Y AdColony Y
Millennia! Media Y Jumptap Y Mopub Y
Analytics Y Tag M:mager Y App E\'CniS Y
lnMobi Y Localytics Y
Unity Y Cordova Y Corona Y Adobe Y
PhoncGap Y Marmalade Y
Appcclcrator Titanium Y Cr.tshlytics Y
Twiller perfonnance melrics Y Twiner Beta Y
Hockey Y New Relic Y Crittcrcism Y Bugscnsc Y
Roboguicc Y Faccbook Y WcChat Y Pintcrcsl Y
Sina Y Dropbox Y
MagicalRccord N Anmzon Y
Box Y Yandex Y
§%1.± Android fD iOS 83'§1J~~ti..tl'$X 20 /j' Lib I x1~ 20 /j' Lib cp83 class itj:~j.:f-iVJ@cx1 ( t~~~
class ~I.PJ83I)J§~) #t~~ candidate invariants x1 class x1cr83f~(i;,~itj:~jt&~ I -=FI9tlz:-*~ffl*x1i~SfB
831~~ 1>t API itJ:~j*~il. ~~;\~~iit{ffflt~~tU7~~8315It*®-1:1G-~83f~(i;,~.
I How strings are used? I Cross~pl atfonn example strings that we found I Keys for JSON or Dictionary "AppSEC". "mediaURL". "guid key"
Resources ··offerwall · flow.htmf' , ··webview bar back.png"' Developers· information ''[email protected]"
Scheme "adwo:/f'. "wgtroot:/f'. "mraid:/f', "redir:/f'
Cyphertext text/code
Program logs
Cenain Fonnat
URL re lated
Command and JS code
"DUBu6wJ27y6xs7VWmNDw67 DD" "02e3 I Oa99fl640b53e88e9e408295a94"
"Load Timeout". "FailedToReceiveAd : %@" "jAdPack j interstitial displayed"
" < /HitTable> ... " < IDocument Eiement > .. "yyyy-MM-dd'T HH:mm:ssZZZ" "&width-%d"". ··&ad_net work-··
"http://track.adwo.com: I 8088/track/i" "http://www.admarket.mobi/ftad/apiadreq··
"adc_bridge.fireAppPresenccEvent(%@, false):" "window.mogoview.fireChangeEvent(%@ );''
I;J4liJf· .11!JB;I 0 --------------------------------0 I;J4liJf · .11!1&1
~~~~iiEBJ3 , 3 ~@c-*~$ ( length>= 5 , .§*§:~GI'§Jf~(i;,~ ) ~r 8 '1'-B1 , PJ~U~im-1'- class ;t§~@c , 3f[ 3 -1'-~)._t class ~@cB1 , PJ~UlfJTim-1'- library ~@c.
~~;\~r*155!x1 14 JJ iOS @,EF.B!Hr7t~)JiW ~~~~ 46 -1'- Android SfB)~tE~~J$B~~1iU7 iOS SfBC ~ tt 17680 -tmzm), x1~®B~@c83J$i!Hr-=FI~~iiE, ~:I.~'811Jzi'SJ83B~~1*%U~~IHFH83.
~).;j;§§:@cx183 library cp83 class ( anchor) R~ library cp83-ff~BPXD3. ( member), Jlff~).$~~~83
~93.ffl~:J.BtJT iOS Lib 83fr~. E±lr iOS cp method ~5~~1.±-@83 , ~~~®-tJGt±:l Lib t~t~0S!Xi , ?ff~).~
~;\J'~t±:l-fl:ll~~BtJT~zi'SJ83~ffl*-**®-:I=)G Lib 83155!.
C1) x1r1f1iJJ~ A, 3t±:II.PJ..t~**.§~ s :~G~ti!~~B1, s .!:3 A ~)GUBrl'iiJ-~cr. m::xm83i5t.: ~o 51VJ5!~m , ~1*7J,B:Xsl FF.JJ3--t~ 1=.*~5c~cr 83x1~ , JJ!~J§:~t-tBilll*~J$83-ff~B.
(2) x1r§H~~ A , ~r~l=tl!~~ s f[_t~*.*.§1.fx1illZSJZBcrf[ A' fD B' ff1±tEll'iiJ*-* , #.§ s fD B'
f[:~G:J>r k -t~f[*~* , JJ!~ A fo s 1.fl'iiJ-J$cr • .§1.f~fi:ll't~%r: , s -tB~--t§H~~. 1ifflB~~1J$cr83 anchor :l=tm~83~19U~Dl'~Jlff~.
0 anchor 0 other class
~~And raid )~1.f~~J$PXJ:JJB~~1iU iOS J$#/G-~~D*~J§~PJ§~~f[~83. E±lr3¥~~83~~~*~ , -E1t51±1*f'F.*~5c~U83@fflf~(i;'$'~fD~~{5RJ'P, Android J$cp83-®)~1.f83f[~fr~PJ§~~,k;\~ iOS #.&*
cpJJJ}~~~. ~~;\83.:E~J!t~~J~(i;83fr~PJimi1 API (i;~U*1iE~ , {§ff1±831'6J~~ iOS .!:3 Android cp83 API (i;~Ut¥1±/G-3& , ~). adwo ~{9U , ~Dl'~ :
·--: .: --~------------~· -----------------: .':~up://apiconfig.adwo.com/adwo/a" ' "&brond=H : "&userid=N __________________ :\ _________________ _
:. C"On~e~ti.;;tyMO,;ogef.9ei.Activ;N;;;o,ici,;tOO--: Networkfnfo.getTypeName(}
~ --i;,;;,~~~;~~~~~;;~;ro~~~~;~r~--_ -_: -_-_ -_-_ -_-_ -_-TelephonyManager.getSimSeriofNumber(J TelephonyMonager.getLine1Number()
-::::::::::::::::.:.::::::::::::::::::
-~f>-S_a_d_\¥Q: ________________ ----------------- ______ -,
"http://apiconfig.odwo.com/odwo/i" : ·,;&brond= 'J&@" : "&userid=%@" :
··~~~~~~~~~~~~~z~:~~~~~~~~~~~~~~~~~~~~::~~~~~~~ ASidentifierManoger:advertisingldentifier :
: ii5~ii,~~~~rii~i;;i~iri~;~i!i .. ~~ie~~i;;t~~i~:,;;i;i,t~iy~:: ~ _N_s_u_R_L~~'}'}~c_r~o_n~s_c!':~~'!!nRunLC:~~:[l!_'_A!C:~t;_: _____________ J
~rltt, ~~;\83ml~15~~~~ API i!HrB~, m~B~i!Hr~~, #~~ii~~tEll'iiJ83B~i!Hrffml. 1.± Android SfBcp , ~class {fffl83if)(~&x1~i!HrB~ , B~fiim~Dl' :
https://bdsecsoicindiana_edu:8080. 1.± iOS SfBcp , ~x;J class ii§3z.83AIBtJTi!HrB~, :>Z:cp
~~API BPX 19 ~. ~~;\~J-;\ lib cr83~slz:155! c i.~J~1:BiJJ~1tB~~m~) H~ ,ittfrt~lt~«~Sf~tJT , 9tlz: invariant-API-sequence(IAC). ?,.t{J§~t~t~ lAC ( tEli~Jl:kr 80%) *~Ul'fJT Lib ttim-1'-SfBcp~~
f[;tEJI'iiJ83fr~.
r·-··--·-·-·-··-··--·--·------··-·-·-·-·-··-·--·--·-··--··--·---·-·1 j package 1 j
I I i i ~-=-~~~-=--=--:--=:-.:.-:-_ . .:-::_~-=--=--=-_:_-=-.:.-=--=--=--==--=--=--::--=-~i:-=-_:_-==:::-_:_-:::.-:-J 1 ~dro~PhaUb I I "http://apiconfig.adwo_com/adwo/a2" 4 -------------------------! 1 I TelephoneManager.getDeviceld() -- READ DEVICE INFO 4 --------:: ! ..,_,. _,_ ··-·-·-·- -·-·-.. ··-·-·-··· ~·- -·-·-·· __ , . ··- ··-·-·-·-·· ··-·-·--·_......f .. J fi·c;s-·;h~-ub"·-·-·-.. -.. -·-·-·----·-·-·--.. -·-·--·-.. -.. -·-·--·-·-·-.. -rn 1 "h // - t· d I d / -" . -1 1 ttp: ap1con 1g.a wo.com a wo 1 4--------------------------- ! _ ! ASident ifierManager:advertisi ngldent ifier -- READ DEVICE INFO • ;
1
1
\.----·-·-·--·--·----·-·--·-·-·---·-·----·-·-·-·--·· ··-·· -··
,k;\~ a PJ~:J.~t±:l , 1.fx1 13 -1'- Android @fflf~(i;~~-EJ,ittfrBtJT, ~I.PJ'8{1J~!j[7 65%~:J...t83155! ( Methods ) , ~lttPJ~).l.;\~~®;j;§i~83155!~J$:>Z:f!:J:83~%. ~~~®J$:>Z:f!:J:J-Amzfflf~(j;cpj:~:m?,t±:l* , f..t{J§_t {~iU VirusTotal ..tittfr)~tE~~·~t~)JiW. ~ b 183~7--1'- Android SfBB~FHi;\83)~1.f~~J$:>Z:f!:J:, ~ URL
(i;~U~~.~/G~83 I ,k;\;j;§*83 iOS )~1.f~~J$:>Z:f!:J:cptBPJ~).j=)GiU~fcll~,~83/G~~ ( ~ c ) I *155!/G~~f~
ig*:~GI'iiJrm~~&.
x;J~®)~tE~~J$itt-t/:75~ABtJTPJ~:J.~FHi;\~;j;§@83 API ~U/G~(i;~U I ff~B Android SfBW9~B18351 ~~~~®(i;~Uf'F~t~)JiW)~1.f~~mzm83~~HiEz- , rnlttPJttl'fJTt±:l ios SJZB;tEJ*83fr~-tB~PJ~83. ~~;\?ffi~
tt83155!x1)~1.f~~J$1.f:~GI'iiJSJZB..t83;tEJ:9:*-*fD~!j[fr~ittfr§iVlftt~)JiW. ~~i1-=FiVl~~iiE, *155!§iVlt~
)JiWiU83~~1tii!?J~U~t~~IHFH83.
I;J4liJf· .11!JB;I 0 ---------------------------------0 I;J4liJf · .11!1&1
x;J~®)~tE~~J$itt-t/:7J~)\)-}tJT"P]l:J.~FHiJ.Jt;t§@83 API ~U/G~(i;~U I ff~)-S Android SfBW9~r::HE851
~~~~®(i;~U1'F~;t&i!ilUi~1.f~~mzm83~~HiEz- , E±uttPJttl'fJTt±:l ios SJZB;tEJ*83fr~tB~PJ~83. ~~;\Jlffi~tt
831JJ!x1i~1.f~~J$1.f:~GI'iiJSJZB..t83;tEJ:9:*-*fD~!j[fr~ittfr§iVl1t;t&;!ilu. £~i1-=FiVl~&iiE , *15J!§iVJ;t&i!ilUiU
83~~1tii!?J~U~t~~IHFH83.
~ptzc.Cl" . l:t!..l ijy II\\\ •
1. ®11 Android-iOS AAJ$8~5StJT I x'l iOS B~ Lib J$itHr5StJT;
2. 1± iOS S!Zi:3'..t®-:t:JG Lib pt_m ( ®i1~Zi'SJB~**);
~~;\1.±t!!W..t§l)\.*~3t±tB~ff~7 Android fD iOS SfB)~tE83~~J$:>Z:1!:J:, ~-fl:ll~.2~~8315J~ff~ An
droid fD ios #.&*tEli~J$:>Z:1tJ:zi'SJ83*-*, 52:~&7 J-.;\ ios =itttU1tii!?!cr1:*~J$1tu!?!mFHi;\~~~f[)~1.ffB~83
t3Z*~~s~. ~r*15J!x13¥~ ios 'B1Jr!Jt.WfD 5 -t~-15$x1tJ:rtJt.wmzmtx1tJ:ittfr:k*PM~±tBBtJT, /mi115 E-t 3¥~ ios $x1tJ:*~~-;t&i!ilU , ~Im 22 -t~~1tu!?J~~ , ~tt 3ooo ~-1'-3¥~ ios SJZB~~1tu!?J c ttm§ ios ..t
rtJ~4' , ~tt::t~Im+~-t~~1tu!?J 1
[1] C. Xiao, "Novel malware xcodeghost modifies xcode, infects apple ios apps and hits app store," http://researchcenter.paloaltonetworks.com/2015/09/novel-malware-xcodeghost-modifies-xc ode-infects-a pp le-ios-a pps-a nd- hits-a pp-store/, Tech. Rep., 2015.
[2] K. Chen, P. Liu, andY. Zhang, "Achieving accuracy and scalability simultaneously in detecting application clones on android markets," in ICSE, 2014.
[3] VirusTotal, "A closer look at mac os x executables and ios apps,"
http:/!blog.virustotal.com/2014/12/a-closer-look-at-mac-os-x-executables.html, 2014.
[4] J. Pewny, B. Garmany, R. Gawlik, C. Rossow, and T. Holz, "Cross-architecture bug search in binary executables," in 2015 IEEE Symposium on Security and Privacy, SP 2015, San Jose, CA,
USA, May 17-21, 2015, 2015, pp. 709-724.
[5] K. W. Y. Au, Y. F. Zhou, Z. Huang, and D. Lie, "Pscout: analyzing the android permission specification," in Proceedings of the 2012 ACM conference on Computer and communications security. ACM, 2012, pp. 217-228.
~~~~S-LAB ~~A~~ II ~~~iff~ II i~)t
~~ )5R~ ~ 3J 51 A~U Bt ~ ~~~~tii±~ ( ~Uf,~ )
1-tt~BPX~ § m:k~a ~~;~83-ff~B , ~~~:r: JJ&83~17f~&iiL~~5c-;;;-*7 B::k~~s~. t~~o1.±~~-*~5c
cr , rui~W~8ittfr716Jfl:llrni~..t831~~, .*~5ct~illl*§~l'f1T~W~883~17f.
~ff~-fl:ll § iVJ1t~~.*~5cx1WfftMt~~J§ JJ&~iB'~&iiL~f[~~ ~.>Z. t~~D , ~ *1t~~83JJ&ti~-1"~1t8383
~~~, #~~*~~~§?.~itB~PXiUA~..t, §~U$~A~~i7f~&iiE~J!t~;tt:k~83 c Wi~..t~ru~83) iJII~fr-~:tr.s, ~:J.t~~~&iiE·~§~. ~m:~u~~£~83~mfo11iffJ>t, o.&sl~£~..t83fflPiimtt~83~~~ittfr~PX, §~itl:-t/:783!&~
~ms, MW:Jx1~&iiL~~5c83wm. 1.fs$?.~{83~~~i*~~ttiVlr:, *i~:>Z:~ff~7~~~tt~fD~PX~-f4~1'6J~.
ttx1~~~tt~fD~PXi'6J~, *:sz:t~t±:l7-fl:ll~JT83J~Jl~i1z~~~ff~~£~t~ru. x1r~~83fflP~i~§%~
~m~~~~83B1t~~BJ3~~i~; t~t±:l83~£~x1fflP~i~fott~~i~ittfrmtJT, 1~iUx1illl*-*; ?.~J§~~m~~
i~83~~~ff~iUfflP~i~ I ~cp~~~' W£~, 1§*3t~:tf.S~§83~~~~*ffl7/GI'§J83ff~15it I _§~~~ff~83),t()~
f~JtPJ~. *:sz:t~t±:l83J~Jt~i1z~~~rr~~£~§~U$1.f~Imrr~m~~~~83·t~/5Cl' , i5ROOfflP~i~83~t~.
{
{
*:sz:t~t±:l83~~~rr~-*~5c, ~f[ 5 -ti7t~83~~~~: 1) iG~831t~~rJJ§~:*:sz:~~7 -fl:llimffl83~~~, -EJJ5:
W£~, ~~~fDJ§*3. 1m1~;1~83~ ,~rt~ru83rtm·~ ,~itE.~ru83~~~tBPJ~:J.1~~~*~rr-m~Im; 2) ~~~~tu:
:~GI'iiJ83~~~*:m?.:~GI'iiJ83ff~1Jit. i9U~o : ~~~t~t~*)1%~83ff~, rml§*3t~t~*'t)~WfD§.*383ff~; 3)
~ff~1t : ?fff[83~~~t~x1illlr'8~~~83A~~Z±§X. i9U~o , 1§*3Rt±:IIm1.fDIJ§..t, rm~~~im~t±:IIm1.f~~~~mo:;
4) §?.~ : ~~~PJ~).J[;~itB~~~iU*1t~~83~..t. ~iiJt3i5t. , 1t~~83~~..t~1~§?.~ ; 5 ) ~~~s$JlPJ~ : PI
~:J.t~:tr.s$~~:Pmfl:ll~~~83i,t<)~.
I;J4liJf· .11!JB;I 0 ---------------------------------0 I;J4liJf . .11!1&1
. _________________ .:':f!: r_-~~~e_uR ___________________ _ ,
,Before-makeup After-makeup
*I 1'F1~iU7~*WI'iiJfr83~Jli¥ffliD*J1. ~ i:t;J9~~11z~~~m~1tJ:~~~~:¥:f4~ff A93Jtl:fr~*-*fDi1i~ , 'EJJ5J~:k;fiJS!JZ~lz::k~ (Australian National University) 83 Fatih Porikli ~9:1.~ ( IEEE tl) iJ~~.El , ~~ *~t:k~ (Northeastern University) 83 Raymond Fu ~9::¥:iJ~~.El, 1JD~:kJ~A:~:k~ ( Univerisity of Ottawa ) 83 Nathalie Japkowicz ~9:1~iJ~~.El~t~~~7*:>Z:I1'F#~~~~i!HrJ§~~~ff~.
~-t~*t:w.gfo~~~fg~~-~S-tE.x1*:>Z:ittfr7~~$Xfomi~, ±~1lo7*:>Z:83~oloJn , -EJJ57~Jl~SJ:ki#~, ;~
!l~SJ Bic* , ;tJL~~SJ at~~. UCAI16i2~ : Mill~ Q~
20~J1.0JQ ~·
:>Z:~~~J§, ~~~'PJ~~~~:¥:f4~ffAD3.ittfr7~~~i~, ~~~~:>Z:~i:t;J~jtij~{t. *:>Z:83i~ Demo [2J a AcM MM ~)(_ti!J:fr7m~, 1~iU7~W83r-Jz*J1.
[1] Si Liu, Xinyu Ou, Ruihe Qian, Wei Wang, Xiaochun Cao. Makeup like a superstar_Deep Localized Makeup Transfer Network. The 25th International Joint Conference on Artificial Intelligence (IJCAI-2016). New York City. USA. 9th-15th July, 2016.
[2] Xinyu Ou, Si Liu, Xiaochun Cao, Hefei Ling. Beauty eMakeup: a Deep Makeup Transfer System. MM '16 Proceedings of the 2016 ACM on Multimedia Conference (IJCAI-2016). Pages 701-702. Amsterdam, the Netherlands. 15th-19th October 2016
SIMON-like mu~~)!B~~{ft~5}~~1iE
( ~UIE~it ) Kolbl ~AtE CRYPTO 2o15 [1J _t~t±:\7 SIMON-like ~~i?il~~Bmt?¥83tt~~It, 1iffl SAT 3l<m~83
:55! , :I=JGiU7 siMON32 fD siMON4s itiU~~W83~B~~HiE , ~:J.J>t siMON64 83 16 ~~~B~~HiE. ?.~rm1tB11J
#J~1:HJGiU SIMON64, SIMON96 fD SIMON128 itiU~~W83~B~~HiE.
~{IJt~t±:\7 -fell§ iVJ1tt!~ SIMON -like .Wii!?J~)!~{ft~B~~HiE83~J! , *~J!§~U$tJGiUJlfff[#.&*83
SIMON fD SIMECK~J!itiU~~W83~17t~B~~HiE. §% ,~11J~t±:l7 SIMON-Iike~~i?il~~Bmt?¥83_tW,
:J:t_§iiEBJ37 SIMON-like ~~i?il~83~:k~Bmt?¥~m~$®A~BJ)(BJ3~~83±~1lDrm~~~fiX/J'. ~:r:~-·~~, ~
{I]~~ Matsui 83B3Z:~Wtt~~J! [2] :l=tmiU7 SIMON-like .Wii!?J~J!cr. ~SAT 3l<m~83:5J!;t§t~, ~11J83
~J!:®.JD~~j(, 1.fi¥fil SIMON-like .Wii!?J~J!ti;EtfL~BBtJT83~~·~B1:®.lD~ffl.
~_)([SIMON-like ~PllfiJ ax E F;, a, b, c E N .ff-lla, b, c ~ 0 , Jl~~ SIMON-like lf.J4t-i&4itJt5l
7-J: F(x) = ((x <<< a) A (x <<< b)) $(x <<< c),
Jt- 'fa, b, c #-7-J ,flli~;fjti 11f 4&_ .
SIMON-like .Wii!?J~j~{:fffl SIMON-like ~~i?il~83~f[
Feistel ~ t~ 83 ~ 1-t )j- ~.El .W ii!?J. SIMON fD SIMECK ~ )! ~
SIMON-like .Wii!?J83im-1'~~{9U, '811JBtlU{fffl7 ( 1, 8, 2) fD
( 0, 5, 1 ) 1'F~~~~~{lz~~. SIMON-like .Wii!?J~J!83~~i?il~~D
~ 1 Jlff~.
x . y ,
~ 1. SIMON-like ~~i?il~
~t!l.l[SIMON-Iike ~Pllfii¥J~7t~$J ~F(x) = ((x <<< a) A (x <<< b)) $(x <<< c) , Jt-t n ;u~
4it , a > b * Jl gcd( n, a - b) = 1 • a a i"' fJ ~ J/11 4l -.r- t~ A. :f"' t~ ~ .& ~ , A,
varibits = (a<<< a) v (a<<< b), doublebits =(a<<< b) A (a<<< a) A (a<<< (2a - b)) ,
v;.;r;_ r = j3 tB (a <<< c) , JJ~ ~ a j iJ fJ lf.J .& ~ J,eJJt- :J;, :
r ll+i if a = 2" - 1' wt(y ) = 0 mod 2
2-H·t(mribirs(f>doub/ebirs ) iJ 2" 1 b O l a ::j: - ' r 1\ vari its = II '
P(a H fJ) = (y ffi( y<<< (a - b))) A doublebits
= 0 II
0 else.
I;J4liJf· .11!JB;I 0 --------------------------------0 I;J4liJf · .11!1&1
E±I~W 1 "PJTJA~iU I x1rJlfff[PJ§~83$®t±:l~B f3 I ~Bmt?¥P(a ~ /3)if~tEl~o ~ltt I ~{IJPJ~:J.{fffl
Pa 1-tU P(a ~ /3) o ~r~W 1 I Beierle ~t±:\7 SIMON-like ~~i?il~~)-}mt$83--1'-..tW [3] I *..tW{)( {)( .!:3$®A~B835)(BJ3~~ f[*o
~3:12[SIMON-Iike ~mfli¥J~?Nft.$l:W-Ht F(x) = ((x <<< a) 1\ (x <<< b)) <f) (x <<< c) ,$,- 4' n Jf..
1n~M:, n ?::. 6 , a > b * Jl gcd(n, a-b)= L it a ;fzif~ F (x) !i~ AjlfJ-, JJ~ :~.u·J- -f j}_:$}'-:ltt .crc. , $.11vfr :
( 1) -j(o *- wt( a)= 1 , Jl~ z. p a ~ 2-2 ;
3 (2) -j(o*- wt(a) = 2 , JJ~Z. Pa ~ 2- ;
(3) -j(o *- wt( a)* n , Jl~ z. p a ~ 2-wt(a )
(4) -j(u*-wt(a) =n , JJ~Z. Pa ~2-n+I o
~f1Jttm7 Beierle 83~Bmt?¥..tW I ~t±:l73$®A~B a J~~ 1 ~ wt(a) < n I 2 B1--t:®.lDt~~FH
83..tWo
~~ 3 it F(x ) = ((x <<< a)A(x <<< b)) EB(x <<< c) , Jt'f n ;t11~~. a> b -Jt Jl
gcd(n, a- b)= 1 o it a k- if- F(x) ~ Ah. -5}, JJ~ z. .xt-r-h. 7}:#.t-*, -i\1n;tr :
(1) -j(o* l < wt(a) < n / 2 ' JJ~Z. ~ ~ 2-lrf(a )-l ;
(2) j(o *- n I 2 < wt(a) < n , ll~ z. Pa ~ 2-wr(a)
(3) -j(o*- wt(a) = n , JJ~Z. Pa < 2-n+l o
1.± EUROCRYPT 1994 _t I Matsui t~t±:l7-fl:ll§iVJ1-tt!~ DES ~5!~{ft~)-}~~HiEB3~5! [2]. *~5!x1
r~B~~HiEtt\,fr--1'-~IJ::it!~ I ,kj._B~DB3H~~{ft~)-}mt$B;(l::; i::; n-1) fDn~~~{lt~5Smt$BJ3ms, {j
1B~II B Try.~~ II 0
~{IJB3t!~~5!*=ffl Matsui 83t!~fl!~ ~1.ft!~i1f~cpttx1 SIMON-like -W~!?J~5!51A 7 -®{ft1-t*mg I
{:f1~~{1JB3~5!PJ~:J.~~'1z±tM!~ SIMON-like .W~!?J~5!83~{ft~)-}~~HiEo
§% I t~~~w 1 I x1r~~83$®A~B I SIMON-like ~~i?il~83~Bmt?¥.!:3PJ§~83$®t±:l~B c 1m~~PJ
§~~B) ~Nfiru*o ~ltt I att~i1f~cr I ~fiJPJ~:J.%tt~-~~a3~Bmt?¥ I ~o~~;~~tt~§ftt= I ~tt~?ff
f[PJ§~83$®t±:l~B I #i!Hrr:-~~t~~o
~!)\ x1r~~i?EJ~PJ§~B3$®t±:l~BB3tt~ ~~fiJ*ffl~tJG~B3155!o x1r n t~~~B3.!:3~- i~ii~ n = m X t ) I
~{IJPJ~:J.m'8)GU5SPX m -1'- t t~~~B3.!:3~~ I f..t{J§t~@ t t~~~.!:3~~B3~)-})-}11]~ DDTA (difference distri
bution table of AND 1 ~~~I PJ~).1~iU n t~~~.!:3~~B3PJ§~$®t±:l~Bo
ffi~N~~~~~~~~-~-ffi~~~B~-B~~¥-1'-N~~~~~~~)-S~-~M~§#~W
P,IIOX BII- l < Bff I ~{IJ~)t~$~~))(BJ3~H~83BJ3~~)-} 0
Procedure Main: Begin the prog.-am
Let B11
= 2 x B11
_ 1 and Bn = 1. Do
- -1 -Let B
11 = 2 X B
11 ;
Call Procedure Round-1 ;
while B11
-=F B11
.
Exit the program
Procedure Round-1:
For each candidate for M 1 with wt(M1) from 0 to n, do the following:
If P,nax x B11 _ 1 < B11 , then II ~uax PJ~V-m1m5E:f1I!. 3 fWit~L
Else Return to the upper procedure;
Let a = M 1 , and Pa is computed according to Theorem 1;
If Pa X B11
_ 1 ~ B11 , then
Let J.1 = a <<< a , V = a <<< b , p, = ~ , and y is computed with DDTAs;
flag= Judge-Diff ( a , y );
If flag = true , then
Let f3 = F( a) = y EB (a <<< c) , and Call Procedure Round-2;
Return to the upper procedure;
Procedure Round-2:
For each candidate for M 2 with wt(M2 ) from 0 ton, do the following:
If p 1 X P,1ax X Bn_2 < B11 , then
Return to the upper procedure;
Else
Let a = M 2 , and Pa is computed according to Theorem 1;
If PI x Pa x Bn-2 > Bn' then
Let J1 = a <<< a , V = a <<< b , p 2 = Pa , and y is computed with DDTAs;
flag= Judge-Diff ( a , y) ;
If flag = true , then
Let f3 = F( a)= y EB (a <<<c) ' and Call Procedure Round-3 ;
I;J4liJf· .11!JB;I 0 --------------------------------0 I;J4liJf · .11!1&1
Procedure Round-i ( 3 < i < n - 1 ): Let M ; = M i_2 EB F(M;_1) ;
Let a = M i , and Pa is computed according to Theorem 1;
If PI X .. ·X Pi-I xPa X Bn-i > Bn' then
Let J-1 = a <<< a , V = a <<< b , Pi = Pa , andy is computed with DDTAs;
flag= Judge-Diff( a , y );
If flag = true , then
Let fJ = F (a) = y EB (a <<< C) , and Call Procedure Round-(i + 1 );
Return to the upper procedure;
Procedure Round-n:
Let ~n =~n-2 EBF(~n-1) ;
Let a = ~ n , and Pa is computed according to Theorem 1;
If p 1 X· · · X P n- l X~ = B11 , then Bn = Bn; Return to the upper procedure;
boolJudge-Diff(a, y ) //}E!l l $~1lJ§~&?t~14- Btl !#tl®fi?EJ~ .
If a = 217 - 1 , then
Else
If wt(y) = 0 mod 2 , then
Return true;
Let varibits = (a <<< a) v (a <<< b) ;
Let doublebits =(a <<< b) A (a <<< a) 1\ (a <<< (2a - b)) ;
If y 1\ varibits =on and (y ffi (y <<<(a -b))) 1\ doublebits =on ' then
Return true; Return false;
{fffl*:>Z:t~t±:\83~5! I ~11JtJGiU7Jlfff[#.&*B3 SIMON fD SIMECK ~J!itiU~~WB3~{7t~B~~HiE. ~{I]
{ffflB3~~~SfB~-B11iffimBittJL (Intel Core™ iS-4570 CPU 3.2GHz), ~~~~~~D~ 1 Jlff~ :
~~~~~lffi~, ~{IJB3t!~~)!"PJl).~~'1z±tMJGiU SIMON-like .Wii!?J~J!itiU~~WB3~{7t~B~~HiE. ~{I]
B3~J!/G{)("P]l).ffl~IH¥fil SIMON-like .Wii!?J~J!tlUit~BBtJTB3~~~~ I rm.§tE SIMON-like .Wii!?J~)!B3i~H
cp~F~~m.
.yt ~~ &7tm* Eft fBJ ~~)(iW\
12 2 -34 - [1) SIMON32
12 2-34 40s .2js:)(
16 2 -50 - [1) SIMON48
16 2 -50 Sh .2js:)(
16 2 -54 - [1) SIMON64
19 2 -64 6d .2js:)(
- - - -SIMON96
28 2 -96 3Sd .2js:)(
- - - -SIMO 128
37 2 -128 66d .2js:)(
13 2 -32 - [4) SIMECK32
13 2 -32 2s .2js:)(
19 2 -48 - [4) SIMECK48
19 2 -48 4m .2js:)(
25 2 -64 - [4) SIMECK64
25 2 -64 2m .2js:)(
[1]. Stefan Kolbl, Gregor Leander, and Tyge Tiessen. Observations on the SIMON block cipher
family. In Advances in Cryptology- CRYPTO 2015 - 35th Annual Cryptology Conference, Santa Bar
bara, CA, USA, August 16-20, 2015, Proceedings, Part I, pages 161-185, 2015.
[2]. Mitsuru Matsui. On correlation between the order of s-boxes and the strength of DES. In
Advances in Cryptology- EUROCRYPT' 94, Workshop on the Theory and Application of Crypto
graphic Techniques, Perugia, Italy, May 9-12, 1994, Proceedings, pages 366-375, 1994.
[3]. Christof Beierle. Pen and paper arguments for SIMON and simon-like designs. In Security
and Cryptography for Networks - lOth International Conference, SCN 2016, Amalfi, Italy, August 31 -
September 2, 2016, Proceedings, pages 431-446, 2016.
[4]. Stefan Kolbl and Arnab Roy. A brief comparison of Simon and Simeck. IACR Cryptology
ePrint Archive, 2015:706, 2015.
I;J4*· l29:.t.ttl 0 --------------------------------0 I;J4*·l29:.t.~
*~.m1r~~e~t~@
( **~j ) x1W\*ii~1.fx1:k:tt~B:ti1lD*83JmJF.lcp:t7JJ~~?¥JE~~831'Ffflo " i~J~ " fD " tt~ " ~~~t~t±:l83x1W'~
7!i~H83im-t~*'tJJWo s ~fDtt~~BtlU~~7!t~;!:l;7 "i~J~" fo "tt~" 831'Fm I J-J.Jm~x1fB\.Wu~~7!83
im-t~~*ff~1tJ:o ff~1tJ:83~:m?./G1§~ofliJ7x1fB\.Wu~~7!83~~·~ I l'iiJB1tE.~ofliJ7B~.El..Wu~83$X1i11tJ:~I.PJ~'1z?¥o
tt~~ij~~-/j'~~~~ I iim1± s ~~ZJ§o ~lttPJ~~ (GF(2)111)
11 ..t83~~~~ I ~cps~~ m
t~~~83'@~ 1 n ~tt~~1'Fffl83 S ~83-1'-~o ~ltt I {f~--1'-tt~~PJ~).ffi-/j'- nxn ~8~$~~ I ~jC~~ GF
GF(2)111 33~~~~ I l'l.P GF(2) ..t83 m x m ~8~$0
tt~~83~I.P;lim~E8)-}3Z:~*~U~o --1'-~8~$ L 83)-}~~)(.~~Jlfff[~I=~$®AfDtElillZ$®t±:l~tiD83~1j\
1io --t n ~fr~8~$ I ~5S3i~~~~ n+l. itiUltt..tW83~8~$PX~t.&:kft8~PJ)-} (MDS) ~8~$0 E±lr~f[~1i 83tt~§~)J I M DS ~8~$~~J!cp£~~{fffl83-fl:ll~·~~~o
x1r~~~~ I ~~I.PJ1t1fl'E±Ix1$®ArP:J~OOie1i?ff$83~B.IG~*~i~o x1r--t~8~$ I ~ofli.J~~I.PJ1t1fl'83.:E
~~~-EJJ5~8~$83~, ~8~$*~83~t~~:J.ID8~$7C~~15rni~~83~ofli.Jo
§%I 1±~o sP ~t~83~7!cr I ~m.w~J!$~1iffltt~~83~o £~-ano.w~J!fom.w~;* I tt~~83~ 831t11l'tB$~~~0 x1'€1~8~$83~~r~8~**~ I ~ltt--tx1-a MDs ~8~$PJI'iiJB1fflrtJo.Wfom.w~~cr I ,~-;._
rm~~1m7!83~1*1t1fl' 0 ltt9~ I IE~~8~*~~~~~8~$tE. PI m:r:~~1IL~~~~1*83~Im1t1fl' 0
~!)\I ~f[~~~~t~83~8~$f[W:JrifiX:J>~I.PJ831t1fl'o ~~~~8~$fD Hadamard ~8~$~~PJ~:J.E8~-fr837C~
pff~.>Z I ~ltt£~~{fffl1±~7!83i~ttcp 0
~o..t~tr:?tr~8~H~~~8~$ I m-fr~..trni-fr ~~--t11zao ~ltt~1.Bi"J1tJ:~I.PJB1PJ ~:J.R~Im~ -fr83~
~ I 1.±$x1tJ:~I.PJB1PJ~:J.Rt¥ii~~-fr83:k~o x1r~~fr83$®t±:l1i I PJ~:J.~x1$®Ai!Hr~~~~11z I ~um~
-fr83~~BJG~~*1~iU o J-J.-imPJ~:J.~~{~~I.PJB.!Gt¥ii~831t1fl' o
~~7 ..t~imfl:ll~~~~8~$ I ~f[1~~;fljffl~'8~~~~8~$t~@ MDS ~8~$83~ff~o ~D:>Z: [1] ;fljffl Toeplitz ~8~$
t~@ MDS ~8~$ I :>Z: [2] ttr-7~~~~8~$83mt$ I #~t±:l7r-.>Z~~~~~ MDS ~8~$83t~@o
~}§ I ~8~$837C~tB~~O[IiJ~/j'~8~$83~I.PJ1t1fl' I ~cp·EJJ57e~*~83~I.PJ1t1fl'~:J.J>H8~$Jlff{fffl83/GI'§J83
J=C~ffio ~ltt1.ft~@cr I i~tt AD3.im~~H*r~:m?.~Im1t1fl'1~83J=C~*t~@ Mos ~8~$0 §m I ffl*t~@
M DS ~8~$83J=C~f[imfcll.:E~8315ito
~-I ~~:m?.f[~&±§X..t83J=C~o ~tE.~§m.:E~83157!o ~!*~~~~ Mos ~8~*~~~*§r Mos u~o ~D~ L ~ n ~fr M DS ~8~$ I ~~~~). [II L] ~~PX~$83ii~-*~~~~ [2 nl nl n + 1] 83 M DS ii~o ~ltt I t~@ M DS ~8~$83~~ffl83157!~;fljfflf[~&±§X..t83~ii~Wi~o PJ~).,kj._Bf[83 MDS ii~, RS ii~t~:m?. MDS ~8~$ I BJG~;fljffl
BCH ii~, Gappa ii~i~tt MDS ~8~$0
x1rf[~&±§X..t83 M os ~8~$ I ~~I.PJ83§~1'6J~~Jt~f[~&±§X;:c~*7!83~Imo f[~&±§X..tJ=C~83*7!~I.PJ1t
1fl'.:E~~im-1'~~83~0[IiJ I -~f[~&±§X_tjC~*~83))(BJ3~~ I =~:IGPJ~{J~Jfl!It83~:m?.o ~lttf[~&±§X..t83
M DS ~8~$ I ij~;fljffl~~~~8~$ I ~E[)?,))(BJ3~~{~83J=C~*t~@o AES 83tt~~~f[~&±§X_t M DS ~8~$83--t ~ru19Ur I '8~ GF(28
) ..t83 4x4 ~~~~8~$0 :sz: [3] £~'€1/GPJ~{J~II1!it83~:m?. I ~t±:l71~~f[~&±§X..t83~~
M DS ~8~$83t~@o
~=fl:ll157!~:§!m;fUffl GF(2) ..t83~~~~0 x1rf[~&±§X..t83--t~~J=C~a I *1*~~ax R~--1'- GF
(2) _t~~~83~·~~~0 ~ltt ~~7~~{~jC~*~83~I.PJ1t1fl' IPJmm~~ G F(2) ..t83 m ~~~~~~0 ~-~83 I
~~PJ~:J./Gi~ii~Jlff~:m?.83ffl*t~@ M DS ~8~$83~~~~~~ltt~~~83 o
I;J4*· l29:.t.ttl 0 --------------------------------0 I;J4*·l29:.t.~
~&tUJ:c~PJ~~83i~ii~f[;fiJr~u~~8~$83 MDs ·~~, 1§1'iiJB1tE.~&tU7J:c~83PJ~ffill, #f[PJ§~~~
®]!~J~,f[~~~mzm~.>Z83t~@. 19U~o , ~~~x1-a MDs ~8~$, l'l.Pf[151t83~Im, 3Z.PJI'iiJB1m:r:no.wm.w~~.
{§f[~&±§X..t83~1~x1'€1 MDS ~8~$*~~iEBJ3/GfftE. i~:>Z: [4] ;f1Jffl~l=~~83~~~~~t±HI~x1'€1 MDS ~8~$83
t~@, #.§~t±:\71'Fffltt 4 t~~~fD 8 t~~~ S ~..t83 4 ~M~~ MDS ~8~$~).J>t 4 ~fr Hadamard MDS ~8~$83~
Im1tifl'83r:w, ~:J.MiUl'W83 MDs ~8~$8319Ur. 1§~, ~!~J:c~PJ~~83~&tu, ~~~PJ~:J.~~i~~~~tt
*~~/j'~~~i'SJ I {§~,~~ MDS 83~U~i1T~~ I ~ltt/G~'€1:k~fr~ MDS ~8~$83t~@.
~~-W~!?!~J!83 MDs ~8~*, ~f[-fl:ll~:J.B1i'SJ~~i'SJ83~Im1JJ!-~1t831JJ!. §%t~@-'1'-~~~Im
83~8~$ , ?.~€*~8~$~-a;g::r:IJ\ c im~:kr~r~8~$83~fr~ ) 1~iU M Ds ~8~$. ~ru831t~~;fUffl~~&tm~
11t~~83t~@.
• • •
~o..t~?ff~, ~~$®A1'F~~~&tm~11zm~83@:~~~, ~fr-~~~~zJ§x1@83~~1'F~~~~83$®
t±:l. ~~:m?.'€1~83 LI,b, ... ,Ln , PJ1f1~;t§@83~~~~~ MDS ~8~$. *15J!§%fflr Photon fD LED, ~m
J§si/EQ71Jz*J1. ~mJ§, ;fiJffl..t~~~Jmm~f[t~:.~>~:eX1*1'F83~~~~U~f[~&±§X..t83*5*, :sz: [5J t~@
t±:l7-®~f[t.&1~~Im1tifl'83 MDS ~8~$. 3Z: [6] i.1i~7~f[~1t·~~83x1'€1 MDS ~8~$83t~@. ~~~1-t
M Ds ~8~$~f[1~831i11!:J:~Im1t1fl' , {§~E±Ir$~~~J\~-a , ~ltt®~7;tEJx1t~~83~~.
1.±1niBrP:Jr$x1!:J:~Im83:t.W~cr , PJ~rf§J~83~11zfo~B:Xt~@~~'1z83 MDs ~8~$. ~rf§J~~11zfo~B:Xt~@
83tt~~~~ 7$X1i11!:J:~Im~'1z*~ , l'iiJ B1§~U$±~s$-W~!?!~J!!~tfLB1i'SJ, §~~~-W~!?!BtJT83§~n. ~o~~ru~~±§X
~~~cp{:fffl83.W~!?J~)! SM4, 3GPP LTE ~~~1JD.Wt~/i ZUC ~)!Jlff{:fffl83~)t~~fl:ll~ru83~17ttt~~.
~J§$~t~t±:l83~ I MDS ~8~$#/G~~J!~·~~83~-~t~. f[835S~.El..W~!?J~J!i~ttcptBPJ~).*ffl~:k
B3Z:~83 0-1 ~8~$, l'l.P MDBL (Maximum Distance Binary Linear) ~8~$1'F~tt~~{iffl. '8{1Jt13X1r
MDS~8~**i5t.~f[t~~83~Im~'1z*, ~Imi1f~R$~~B:X1*1'F, i§~rn:r: MDBL~8~$83B~, tt~·~~1~
T MDS ~8~$ I Jlff~).{fffl'8{1J83-W~!?J~)!$~~1t~~83~~~*{5R~iE~J!83~~·~. :>Z: [7] i1i~71)\{fttt~~
83t~@. ~~7*ffl MDS, MDBL ~8~$t~@tt~~9~ I ~PJ~).*ffl~~'H83t~~~m'[email protected]~!?J~J!83tt~~ I ~D
PRESENT, LBiock ~.
[1] Sumanta Sarkar, Habeeb Syed. Lightweight Diffusion Layer: Importance of Toeplitz Matrices. FSE 2017.
[2] Meicheng Liu, Siang Meng Sim: Lightweight MDS Generalized Circulant Matrices. FSE 2016.
[3] Siang Meng Sim, Khoongming Khoo, Frederique E. Oggier, Thomas Peyrin: Lightweight MDS Involution Matrices. FSE 2015.
[4] Yongqiang Li, Mingsheng Wang: On the Construction of Lightweight Circulant Involutory M DS Matrices. FSE 2016.
[5] Shengbao Wu, Mingsheng Wang, Wenling Wu: Recursive Diffusion Layers for (Lightweight) Block Ciphers and Hash Functions. SAC 2012.
[6] Victor Cauchois, Pierre Loidreau, Nabil Merkiche. Direct construction of quasi-involutory recursive-like MDS matrices from 2-cyclic codes. FSE 2017.
[7] Chaoyun Li, Qingju Wang. Design of Lightweight Linear Diffusion Layers from Near-MDS Matrices. FSE 2017.
1'1=~: t.t$111
tEl~~-Fl I g§LlJ~/tiJT;
~~~/f=P2AfT , t.R9~~x~~ ;
1-t'T~· ~ittl 0 --------------------------------------- 0 1-t'T~. ~i~
e.m)~~~Im~~m ! Google r)(~~~m~B~JJom:t~#
( )t~ * 71* : ~lit~ 2 0 17- 0 2 -2 3 )
~~~83*fi~ff~~~*§1m'== CWI ~ff~tJl¥~83~52: · ltffm:>Z:ltff (Marc Stevens) I {tBtErta"~~J!1Jrni~11J
i1:k__;,fft~83~ff~PX~. t-;_ 2o13 1:F7f~if~Wmimt±:lr)(52: sHA-1 ~5!83/~'L,' I z€~m~~~11J7-.*9U~JTPX
~fDi&itt15J!. ~fD Google ittfr-8"1'1= I {tB~1~7~I.PJ*/J\I)(~83*fi?&:1J:: 5$:k83H~§~)J.
SHA-1 ~ft~?
SHA-1 ( ~f$ Secure Hash Algorithm-1) ~-fl:ll~~1JD-W~J! I ~.:E~83ffl~~~*~~.
?¥-t19Ur : f~~~if~~®_t l'$Xi1$xf!:J:o~ ? ~~ic1~ I :>Z:f!:J:83_tf~~~t~~f~ I 1±l'$XJ§~~~~:>Z:f!:J: ?
f[)~f[9Ji1~i~""f~cp83:>Z:-* ?
Format Factory l'Uffl.~
l!§r1.J~M : www.formatoz.com
~&S'fi!3 : www.portablesofl.org
tt.~§MD5 : E2C75EEC7E129246051AD732354DA2F7 .,_ __ _
~~~~I {iffl SHA-L MDS ~t~83rta"~~J! I x1:>Z:*:>Z:t~L ~~' ~* mp3, PDF, PJ#Lfr:>Z:f!:J:BJG~
1tB1f10J:>Z:f!:J:~i!Hrtt~ I t~~1~t±H~ct~cp~t~83~l9: c rra-~1m 1 1±i1~R~:>Z:f!:J:/GI'§J I x1@83rta"~iit~~x1
/G-t~ I ~Jt1~~~m-t :>Z:f!:J:t~1Jo_t 7~-*83~~.
1E2FF30CSFD327C438F76C3ACBE97AAFB9AEDF7E
x1rl'$X~*i5t. ~@::>Z:f!:J:83rta"~ii1~~: 31~l'$X7 --t$xf!:J: ~ffl:>Z:f!:J:~~~I~ ~~'883 sHA-1/M o s 1m I
~o~Jo@::>Z:f!:J:83/G-t~ I f~~Jt1~!J,,t)7 I ~~:>Z:f!:J:lffi?.~*~i,~i&i17 I rm~rniPJ§~-EJ:2i7W9~BJG~itB~~1tii!?J.
~1.8.5.0·-
J<:l4 ' E,\ desktop\ 1'~!19J<:f4.1SO ;I;:•J'' 10,730,768 :!J:p !Ji:Stii'Jf!J ' 2013-04-09 QS,Q6,48 M05' C18BEBB2AEB9A9547812244587CBACOC SHA1 ' AOF12E06E48110726264FCOF005A7A78849C0733
SHA-1 fD MDS ~t!!W_t~~~ffl83:>Z:f!:J:~~~1JD-W~J! I i1~-]!H~iA~~t~t~~~fDPJ~83~J!-
:§!iU4'~.
Google fD CWI -@~ff~t±:l7-fcll15J! I §~U$i1im-1'/GI'§J83:>Z:f!:J:*=ffl SHA-1 J~~ZJ§ I ~I.PJt±:liG~-~
83rta"~ii.
-£1+ Q
0 Sha-1
42C1 .. 21
-£1+ Q
0 Sha-1
3E2A .. AE
1-t'T~· ~ittl 0 ---------------------------------------0 1-t'T~. ~i~
~/)\I)Hi&:*~&:l~~ SHAttered attack. ~ff~~j:~{;!:l;7ims*!:t;J~~?..t{/GI'§J I 1.f~§,_tff:{±BJ3lffi~~ I {.§
SHA-1 r!S~1i!PiG~EJ§I'iiJ83 PDF :>Z:1tJ:ft=~iiEBJ3 :
SHAttered The f1rst concrete colhsaon attack aga•nst SHA· 1
hllpsl/shalle<ed lo .... Marc Stevens
Plefre Karpman
Go gle Elie Btxszte•n Ange AlberMI Yank Markov
SHAttered The f1rst concrete colhs10n attack agamst SHA 1
'", I"•'' .... Marc Stevens
Pie«eKarpman
Go gle Elie Bursztean Ange Alberunl Yar•k Markov
8762cf7f55934b34d179ae6a4c80cadccbb7f0a 1 .pdf 8762cf7f55934b34d179ae6a4c80cadccbb7f0a 2.pdf
[ bb787a73e37352f92383abe7e2902936d1059ad9f1ba6daaa9c1e58ee6970d0 1 .pdf 4488775d29bdef7993367d541064dbdda50d383f89f0aa13a6ff2e0894ba5ff 2. df
rta"~ME:ti( hash collision ~l'l.Pim-1'-/GI'iiJ:>Z:{tj:rJS~{j-~ ~tBf[ilf!=rta"~/$~ )**:~Gilll*~~. {§~~~_t I
3r~S~~J!t¥1±7~711:!1B1 I --tf[JEU$~JJ83r)(m~§~U$tU@t±:IME:ti. m:rm I r)(m~"PJl).FF.J~r)(m~~®f*~rra
~1i*~~~:>Z:ftJ:83~~3t I ti/.J~H~83:>Z:ftJ:@PX~~. *Jj'-{9~~ I im{7J%:~~iG1E:/GI'§J8315R~.
*!)\ Google x1~ittfri)(~;m~7§~83~JJ: ,~,tf 912231 3721036185417751808-/mi19x10A18
~mB~im-t~frf9: I BtlU$~--t cPu ittfr 65oo tJ= I fo--t GPu ittfr no tJ=83tt~::t"PJl).iGPX. ~
~~~~ff~~*ffl7Elfr~ff~83 Shattered ~m15J! I [email protected]{iffl~JJ~m. rm.§ Google ZiSfBt~
{;!:!;83~9Jt~H~t3Z* I lffi~lfiX~7~J§.
OMDS 1 smartphone 30 sec P SHA-1 Shattered
110 GPU 1 year
SHA-1 Bruteforce 1200000000 GPU 1 year
2012 tj=~~t3Z*~~11J~:ltff 0 MB~$~£~1iltt I iGPX-IJ\ SHA-1 ME:titt 2012 tj=$~l5~ 277 lj~JT, I
i~ 2015 tJ=JJ!U~~i~ 70 lj~JT, I 2021 iFR$~ 403 lj~JT,. {tB~Bg~ I i~ 2018 tj=~)t~f[~8W~~~~1~@
SHA-1 ~~iiE.:f-;83§~JJ.
f§~:J>§m I A11J#:~G$~;~m. m%~k$1tJ:*
~rm* I 11iffim~i5z::~G$~f§,t)f[A~ffl'81t~til\$ I ~
~ Google 7~ 711:!1 1&: R iE~ * ~YJ ~I *!)\SHAttered
attack 83~ff~~$~~~~ 90 ~/.t§~~11J@:~{"tii!?J.
~)t~~1i71"tii!?J I ~:!>tB~~f[ Google ~fl:ll7..kSf83:k ±m±"''"'tm"'~+> Ji.!lt\'1~"]; .,...,..I':I~.I.Joooooo
J39~ I ~ff~~ ..t~7 -/j'~~t; shatteredoio I ~
i5z:"P]l)...t~7fftH!~~t3Z*ffil:P I ~"P]l)...t{~§ i383:>Z:
{tj: I )JiWtit§ i3833Z:{tj:~~~~.
1'!=~-fl:ll~IE383rta"~~)! I SHA-1 IEtt*~~J§*
~ I t~~D SHA-2 fD SHA-3 ~JT~)!~).J>t'811J83~fl:ll~
1*Jlff:m?.{t. -:k)J~~~ Chrome, ~~~$X Edge/IE fD)l(
WiJ~~mf~l~~~ffl SHA-1.
Google ~1.± 2014 tj=~Jt*ffi~~ I '§11]7~)$JT
m_ ~ SHA-1 83 ;~ ~. ~ iF 3T ~I Google 83
Chrome )J~~~B£~/G:jij3ZJ~ SHA-1 iiE.:f-; I ~~~~
t~ic~:~G~~. 3iiE.:f-;i1:lt~zJ§ I iJ~~~~~ruJ!iJJI'PJ
~ ® ~ ~ti. Google 15 rni tB ti ~IT A ± * ffl
SHA-256 ~~~~83~)!. Jlff~).4'~83~~~~~'§
11] I tB~~~ SHA-1 t<~..t~*83-JJ7000000
~~~$x Edge iJ~~~~~)dttm1.f~t:w.gcr~~ I~~
r 2017 1:J=cp7f~~ffl SHA-1. {§~ ((~~11J:ltff)) ~£~
#.&1~@: I J3-{1z~~~~~Jl,:SZ: 0 .[J:l$~~~JJ!Utt Twitter
_tj:~t±:l I ~ffl SHA-1 83 Windows ~~~~JT*illl*
1.± 2 FJ ~®B\fil~fi~ I 1§1JJ~r~:lt~~11J83~~.
Kevin Beaumont 0 @GossiTheDog
[ 'fl Follow J
Fun fact- SHA-1 deprecation patches for Windows were due earl ier this month, but held back for quality reasons. 5:37AM - 23 Feb 2017
~ t."l 16 • 24
~iF 10 Fl I )l(W)J~~~837f~jtij Mozilla tB '§11]
71'iiJt~83/~~.
Mozilla Security Blog
OCT
I 18 I 2016
Phasing Out SHA-1 on the Public Web
j.C.jones
~ }§ :jij ~ _t : - 5* ~ ~ 'ti SHAttered attack
( Google '§1JtU1'F)
SHAttered The frrst concrete collrsron attack agamst SHA 1
https //shattered 10
A coJI1Sion 1s when twod1fferent documents have the same hash fmgerpritH
il+ ~
il+ II
0 II
0 ,.,. Docl 42CI 21 bad doc 1 371342
-£]+ ~
il+ II
0 II
0 Doc2 3f1A Af ""'""'' 371342
Normalh«<avior ·diHerent hliShes tollisK>n· samehashes
Potentially Impacted Systems
llttps r. p 0 • ® "nPS , ..... 8ockup
sic)!>ature certlrocate con\roi(IJ~) Systffl!
Attack complex1ty
9,223,372,036,854,775,808 SHA-1 compressions performed
Shattered compared to other collrsron attacks
D MO> ~ SHA-1 Shatl.-1 ~SMA· I B<uttforct 1smartpbone =0 110GPIJ =0 12.000.000GPIJ 30sec 1yea1 1yeal
Defense
-£J•
" G )( Q UseSiiA·256 U$e shaneredoo
Googleprodl>CIS US<' collision orSHA-3as
totestyourPDF are already deteetooneode leplacernerlt protected
Team
e•• Marc Stevens
Pierre Karpman
Google ElieBursztein Ange Albertini YarikMarkov
------------------learn more at https //shattered 10
1-t'T~· ~ittl 0 -------------------------------------- 0 1-t'T~. ~i~
m -r-m;~JLl' ,IX±Jctii.R ~9E~-~ ?
~§tii 1 ~§mu~~7
«§?.~» ~It~ifr~:>Z:1~t±:l I ~m~f413ZB:~, r~~~~~:~lHo~u~J:£~83f.Rt.bH~A I ~~~~m83~-r-tt~;tJL
~~PJ§~1.± 2011 1:Fitl:A~~~83rll~lkmffl I 1~~5c83-W~!?!~~:J.J>t~r-W~!?J~-.*9U~~±§Xt~~~*~~ii!11 I ~~tlu~no.w~
ffifo ~Z±.kfii~~±§XB:XrnillffiY<r~zSk:. tit~~i~i~D cr*~~~83-Wffl*~~ -r-tt~;tJL~m I ~Jt~o*~~+1z~~:~G~rm-c I
t~~~ffi83~~~~~~~~~~~.
~-r-tt~;tJLz?tr~:J.t~1~~5c~-r-tt~;tJL~f[Jms$83*~~ I .:E~~~~'81:fffl83~PJ~1lo83~-r-~11zt~~~l'l.P~
-r-11z I 1.f~Im:~B1~r11zPJ~:J.I'iiJB1~r o fD 1 im-t~~ I ~~E±I~r~1lo~~·~~~~83 •. !3Jt;tEJx1t~ I 1~~5ctt
~;tJLcr83~17.1-\~-~J\R§~~:r: o :eX 1 83~~ I R§~l~B1i'SJJIIDi(i;*~Im:~ I rm~-r-tt~;tJL§~1t~iUim#fr~~.
f§J~83i5t. I N IJ\~-r-~~tEl3riGPX7 2 83 N IJ\1Jffi~83#fr~w. ~ltt I ~o~~itt~:r;ij~~~ I ~-r-tt
~;tJL~Jtf[7 ru.!:31Qt~8317t~.
IYJ~:rt~~~ ffi, ~:J.A:±JJ~1lo.W~ffifD ~Z±.kfii13Z*83-W~!?J.*~5c~rtllt~ Htl~~ ~x1~830SJxt·~ I 11iffimtt~;tJL~
m--ttllt~Htl~~~x1~fMflPJ§~~~~:rJLaiF~~=fiF::tPJ§~~m I rm-B 1oo -t~-r-t~~~83~-r-tt~ ;tJLPJ§~R$JLBi~. 1.±1fm~~·~1Jrni I ~Z±.kfii13Z*-*~~J~~Jt~:~GPJ~, :~GPJ1~@ I 1§mt~.Wffl~~~83.
.Wffl~fflP~PX#15R~83 I ;~f[~-15~.!:3 • .Wffl-a*~~mrm~~ I 1.~ruJ!x1~J£P83?&:r-1t~1:BiJJ1~M'F.
ili4-~.Lt I f4~~11JB£~~fftUt±:l7§~iG~~f~83 s -t~-r-t~~~83tt~;tJL I ~:J.~:EJJ5 10 iU 20 -t~-r-t~~~ 83)JiWtit.*~5c. *§i:t~fo IBM 83~ff~~~"'~~ I 1tB11JIE1.f/$m9t@ so -t~-r-t~~~83.*~5c I ~~1.f-1:Fp:;]~J@
t±:l*. t~~ «~~%lHil~1~» 1~@: I ~~~~g~ NSA B£~F-F:?&: sooo JJ~;:cm:r:t~9t~nm:r:.W~!?!~1l83~-rtt~;tJL.
~~~-r-tt~;tJLx11~~5c~r~~x1~83-W~!?J.*~5c@PX~ii!11'~83~ofliJ I i§~f[JLf$~rtt~l'bJ:~G§~~iH&83-W
~!?!17.1-\tU I t~~D~/Gl'f1T±~1JD.W~!?J-t:E:Jl*±~1JD~mxt!l83~r Hash 83-W~!?J, ~r~~!?J C ~~ft!l~!?J) 83-W~!?J~ I 1§ ~®1JJ!1±~~~~~YJ~{], ~m·~1Jrnit¥1.f-®~~E3; §m I :~G§~*~~-r-tt~;tJL?trmtJT83~-W~!?J*~i;\~~J§~-r
B11t-W~!?!13Z*83.:Ei~m,~15~ I tE.~no.W~ffifo ~Z±.kfii~~±§X83.:E~mt15~.
II ~-W~!?!~J§~rB11t1lo.W~ffifDIZ±.kfii~~±§X~H83&ft15~ 1
11
~~p:;J~.tmzm~-W~!?!?&:J~~~1HB 1
11 1.± ~.W~!?J~~±§X I ~~tlU~.W~!?J~ffifD !Zi.kfiiJlff~,$83~-W~!?J~~±§X I ~~~..t:k~~83~ffl~.W~!?!t3Z*if~ff1±~~~83
~m.Rr-if)(15iU? I #~1=11iffimjtijillff§~m9l.J>t. ~7t~ft-~~**1±€~-r-no.W~ffifo~Z±.kfii~~±§X83t31gif)(fDsl~~±tB
11z I ~m~f[§.:E~oi.Rr-tm:~§~~~17t~83~-W~!?!13Z*t&~~~. §m I ~11J1.±~-W~!?!13Z*~~±§X?¥%1t~t±:l7
.*~5c·~~U~JT I pff7f ~83~f[ § .:E~Di.Rr-if)(83~~~ffl.W~!?!t3Z*t~~ p:;j 9~B~D83~~-W~!?!t3Z*tt'~§~_tj:~ft-ifr
{g I ~f[Ef83~fM5RtP'~§~:J:t_§;j;§*~.W~!?J83·~§~Bifrt&3&. II
~.W~!?!13Z*x1r1lD.W~ffifDIZ±.kfii83~*~~·~1.f.W~!?!~W~BitPX~i.R I ~Ht~rufF!ffLJ:@:13Z*r~t$li:83
~~·~. ~ffm~D ~1.ft$li:~9t1~~~±§Xcp~~t$li:±!ff$t!!W~i2E ~~cp~~~ jtB1~PJit 605 ~~ ~im~~~~~$, H~$~~ 160~~1~HB1~83*fi~Jt1.fr~@:f[f[fF!ffLJ:@:t$li:~~£~ ~~9trufF!ffLJ:@:~t$li:~. ili4-~l.t J~~~ffi,
1-t'T~· ~ittl 0 -------------------------------------- 0 1-t'T~. ~i~
~)./,\JJJ~.Wffl17.1-\%UL3f~ff~~:r:~~x1~a , ~ :r-tB;tJL r:~-tU~Zrnillffi83a#:~G~~*x1iiB JZ.ft-~
-*~5c§~UJ$m;~83, rm~l'iiJ " 1:H''F$JLJ:@: " -;t~ili:Sfrum, Rf[~~9t~JT83~-Wu!?!~Z±.kfii~~~::t§~15iUiE** 3o
iU so 1F~rB11t83~-$?&:i~~.
I'§Jffi 5)2_tjlfff[8~.Wii!?J~-t~ I ~.Wii!?Jf'F~-/j'~JT8~frti)fi.Wii!?J~t~71\ I ~~' ~MfD cp ~t~1±1JD'~9tlz:~.W ii!?J~ij;~/t1-t83t/:71:.\G. If ~%itt83~.Wii!?!t3Z71\~Jtifcp~ I ~~83r!J:I:.WtB1.fcp~ I 4'~~11J/G$~{~~~$li:-;t~~~
t-;_ 1tB~~~13Z71\ , ~1IJ$~83~lz:l'l.PfriVl--ttiVlcr ~ § .:E~Di.Rr-if)(fD~iitlj~U~JT83~-Wii!?J1lo.W~ffit.X1lz:~~~*~ ;t, W:Jn~~ "--;;;--~" s~mg, PX~cr~if€~rB11t1lo.W~ffi83J3-s*~~ ". *?&:J~~~~e, 1tBIE-;;;@!§ a83 " ~fii" ~~;_~u9t~~m-t~r~.Wii!?!83~·~§~fii , ~f[1fL~r~~, Er83~fM5R1?·~§~, ~U~JT83
*H.RfDi~llihtJL~J~·~§~ I ililt~~~iGPX~J§-$~~~)JiWiit.
it~~JL IIi£~ II ~~~~~ • JJ;i~~B~~~aJJ~J"C
3±1:BB1i'SJ 4 FJ 4 E3 , ~~H~tJLt1.J'~ (Association for Computing Machinery, f§Jf$ ACM ) '§11] , JJ
~~~~BJ3~m~ ·fB~~ltff- *(Tim Berners-Lee) ~1~ 2016 iF ACM" ~~~ ".
~~~ (A.M. Turing Award), EB~~tt~;J;JLt1.J,~r 1966 iFi~lz:, )Z.Q~ "A.M.~~~ " , ~i'l~lliM~
®x1H~tJL$.illd'Ft±:l~~iQi¥iA83-t A. ~~fB'J:[.lU3H~tJLf4~83%31R, ~~f4~~x1Q · ~Jt~ · ~~ C Alan M. Turing 1 ~~~x1~~~83~3l<t.&~ , i~~f~(i;;t.&;m , -~Bjtj=R~llih-~H~tJLf4~~ , Rf[;t.&~~tj= Jlf[im~1.f!'§J-1J[P]_t{t~t±:liQi¥iA83f4~~1'iiJB1~~. ~llt'8tPJ~f$~~H~tJLW83 "i:GlJ:l$~ ". ~~~mlt~ ~~~ 20 JJ~JT, ,1989 iF@±~iU 25 JJ~JT, ~~~im~E±IH~tJLW83-®:kJ1.illd'~tlC ~.!:3 ACM ~l.Jt1.J,i)( ). §frtj~~~EB Google ~Pj~W:J , ~~~ 100 JJ~JT,.
ACM if'§~~t±:lm~ ·fB~~ltff- *83~~WEB~ , ~~BJ37JJ~~~ (World Wide Web ) , t!!W~--1'-~ J.ijiJU~~ , ~).J>t~BJ37 7ttlf~J.ij1tm83~*t1.l,i)(fo~J!.
19ss 1:F 6 FJ 8 a , 1a~~ltff - *t±:l~r~~==1Q~[§~ff~. 1tB83~mt~~-!:37t!!W_t~-Brll~l~~~® , ~ tJJ!tM~ 1 ru (Manchester Mark I) 839t@. 1973 iF I {B~~ltff -*cp~*~ I itj:}.Ji=·Jt:k~::EJ§~~%5~@ I ~
J§~).-~~~1~w.JW~±~{lz. 2003 iF I ~~ft::E1~~{ili3~±f$-13-. §frtj I {tB~af~WI~~%~9:1~ I tB~
~af~WI~~%H~tJLf4~J>tAI~§~~3~:¥:~UVJ-.:EJm'J>t~~~ff~D3..
1989 1:F, 1.fi&X7HI~r~ff~~ru.R (CERN) If'Flt~i'SJ , fa~~ltff- *PX~ Web ~ff~83%f!. {tB~~ Web §~PX ~~~f4~~)-}!j[{g,l~t831Jit. {tB83PX~'E1t5~U9t~J.ij$~15)~ URI ),ij{gt1.J,i)(( HTTP )fD~J.ijig*( HTML ).
ltt9~ I {tBffl7f)J:1tii!?J~.!:37~-/j'JJU~~. ~{f1~~lt~83~J.ij;JU~~§~ttr-iU~71\W~).9~.
II ~--1'-JJ~~~~~tiif 1991 tj=_t~. ~11J1~x1H~~1.ffa~~ltff- *%83~BJ3zm83t!!W~1t~;t~83. 1.±1~
~:Brni , JJ~t~83B::k~ofli.l~lffirm~m83. tlf~ APJ§~:~G~iG~wmi1~~~PX~~iitlj13Z71\83iQi¥iA. 1a~~ltff - * 831'Fffl~/G{)(7f~7*fi~.EW:J:, {9U~D URI fD Web JJU~~, {f~{IJ§~U${:fffl Web, H~83~{tBJ'~;!:l;7--t -~83~~ : l'l.P~®~/j'JT,~f'F~~{l.l-\83-ff~)-} , *~D16Jt1.J,I'§JI{'F. II ACM t1.J~~.:E!t Vicki L. Hanson tEF"BJ3 cpi5t
II ~~iU~¥§~l&iU~-t~).tt~;tJL%fi-®-~83~r.f1!. x1rf~(i;D3.*i5t., §~mtt~;tJL*1t~1t~, R§~~iU§
a83~&~J. II fa~~ltff- *iSt..
l5t~~·~1~1() ----------------------------------------------------------------------------------- ()l5t~~·~1~
~~~~*/~WJ!!~Jf~~ tt *Jr JJD :t~ i¥i )$!!I 1::. ~ ~ )Jft iJJ fPJ
2016 iF 2 Fl~ 2017 iF 2 Fl I ~~~:¥:7R~W:JW~ff~D3.@~JT1JD!&:
i¥.iJ~WI:k~~~9t~~fPili~jft i¥.iJ~WI:k~i!Hr~)JftiJ]f6J. 7R~WJ
W~ff~D3.83~ff~:5rP:J~x1fB\.Wu!?!BtJT. 1.f~:lt~-1:F83~;mi1~~cr , 7R~W:llf~ff~D3..!:3·€d'F:5~)t SHA-3 I>.. Keccak ~~~i?il~~~·~)-}i}JT m7Hff~ I #iGPX7 Keccak 3m~H83u~fii)(mfDmH~I)($ I g~
)-}~~~~{± EUROCRYPT 2017 fD ASIACRYPT 2016.
i¥.iJ-¥WI:k~~~JT1lo:t&:-?tr~~ 83~H~ru*~ , 1.±S!JZJHI!j[f[ ~ ~. ¥~9t~~iP~*~Wf4~~~% Temasek ~~~:¥:83~~~ff~D3., J-J._$x1fB\.Wu!?!BtmDi~tt+~1F. ¥~9t~~iP.!:3{g,~&,~~~~~~~~
~~:¥:1~1~~~H83~*~ifTE*-*, ~~'J\*~~~:¥:1'1=1~15-, :rtm7 ;*~~;m~~, ±g~tw±~ff~~, 1:F~~ff~~tJJ"i'6J, -a1'F~H~~~
fcll%it83~)Jft.
Division of Mathematical Sciences
1'
2011 iF 3 FJ 4 a~ 3 FJ 9 a , ~~~:¥:*7l<s$jiJ~ff~D3., JiJI,~,~~jiJ~ff~D3.fo>zuiH~tttw±~~a***~1lo 7~=+JZ:9Fs3~~~~~~$X{tJ:1JD.W~)( (International Conference on Fast Software Encryption, FSE
2017). FSE ~~~~.Wu!?!~~c IACR) 83nmm~*~S(z- ,~ir~~x1fB\.Wu!?!~J!:5rP:J83~7..kSJZ~ff~i~:>Z:,
cp~tf~i}Jl,~~ ( CCF) ~~~~U~~~:5rP:l83 B ~~)(. ~~~:¥:f[im~i~:>Z:*~ml&#f'F7:k~1~15-.
){UIHtt1'F7 "Optimal Differential Trails in SIMON-like Ciphers" i~:>Z: ( 1'1=~: ){UJHitt *71<5$, ::EBJ3
~) 83:*:~1~15-. i~:>Z:~t±:\7 SIMON-like .Wii!?J~J!~~i?il~83~Bmt?¥83..tW, *..tW~m~$®A~BJ3ZBJ3~~ 83±~1JD~~/fiX!J\. ~T*'~~ I ~~ Matsui ~J!ttmiU1!~ SIMON-like .Wii!?J~J!83~17t~)-}~~HiE I m;~7:k
~~ ( {9U~D 96 fD 128 t~~~) SIMON-like .Wii!?J~)!~{ft~)-}~~~iE831!~ , #~-/)\~t±:\7 96 fD 128 t~~~)-} ~.El:I:E:Jl83 SIMON~)! SIMON96 fD SIMON128 83~{ft~)-}~~~iE.
JiJ1,~,~~1'F7 "Analysis of AES, SKINNY, and Others with Constraint Programming "i~:>Z: ( 1'1=~ : J1j1
.~,~~, David Gerault, Pascal Lafourcade, ifw{~{~t Yosuke Todo, ~PJ!iX, i!i)3~) 83:*:~1~15-. i~:>Z:.:E
~1HB7;fUffl~{J*~YJ:!GU13Z*§iVlf-t1t~ifEl*.Wffl~B~~~iE, ~.RBIZB~, :IGPJ§~~B~~~iEfD~El*~~~iiT83
:55!.
2017 iF 1 Fl12 E3 ,@{g,i~t~~~~~J~~~~:¥:Jii~ A~~$X~ff~~%83*~*~9J~*iJJ~~~:¥: ,#1'1=7~~ "±fiX r!Jtt~ - ffl~tf.S~[RiVJ±,OXr!J~§~ " 831~15- 0
*~*~9:1~1±1~15-cpmt~7±fiXr!JH~83~.>ZfDfi!~ I ~).J};__cp~§/j'±,OXr!J~tf.SSfB I 1HB7±,0Xr!J~~D, ±,OXr!J ~tf.S~IffD±fiXr!J~tr.s83)-}i}JT' i21ij~~-t~rni83~~S~D~ru@ffl~{9U I ~~~i1i~ 7B1~~tf.Scpi~±§X~tf.S83~~
"8-fDt1.l'I'~Jtt~13Z*· ~{7.1.\~{9U'PJ.i5~r~tf.S83~~~:®-ftJTfD:f~)JilL 3t~tJ±~±.tt ~rJ~Jl~SJ83±fiXr!JA)JfE
]~)JilL ±,0Xr!J)ffilHD)~$ffi~t~FJNi¥fil I ~).Jj;__±fiXr!J11.@1fl'{j)-}~fDi¥fil~. ~ifEl*13Z*~~ft KDD ~J~SJC~~~ ~)(fD:lt~fU..t I #tE~~~.*~ftcpff~~@ffl.
*~*~9:1~1.±1~15-J§.!:3~~~:¥:~iP~ittfr71~?m83i.1i~fD~)JfE. :k~~Jt~D1iJJ~~f4~~ff~$~1-tiU~~~@fflcp, ~D
1iJJ~-8-~tf.S~ff~.Wii!?J~~:5rnirP:l*~~9:1~i~~9:. *'J\~)Jftf[;fiJr{JEitt~~~:¥:~~.Wii!?J~83Wi~~ff~$~1-tiU~~~mz
mer~.
N
0 -.....J -* ~ ~
,---
.
~[):
~
-.....J ~
N
0 .......
-.....J -* ~ ~
,---
.
~[):
~
-.....J ~
'--"
IIIl
'f.J
*E
H
~~
=rit
' ~
-E-*
~~
::W.It
n ::W
.c.....J
ffiBH~
~Dr
-> ~
ffiBH
IIIlm
l *E
>§
~~
:m @
'Ito
~i=H
ffiB
Hll
ill
~Dr
~}
)3\I
m
IIIl
:~
4~ ~
ffiBH ~
ml*
E
)31
~~
IIIJ' ~m
Bllt
~Df
>-~
-'f.J
~*E
4i+ ~~
$
'
~llill
c....,J
~}
~
~Df
-> }d
t
~*
~$
4* ~}
~t
5a
f, ®
mil
ffiB
H+
ml~
mff
iBH
dE
~D
r )3
1
~HW-m~
m ~
iiD~
~ ~*~~y> ~
iJiii:
Bn
=
, m
l ~!i
ll ~p
1
-'
,Vl
$ ~*~~
..... ~}
'fJ
~ Bn
>=H
~
®
m~:::m~
~
lj;ijl
)<l
:J<\
-I
'-1
.' ?"
~
r*
-OJ
~
~
s-11
>Cl
:::::J
1fgo
'fJ~ ~
Lr1
Y'
=rit
~
--ti
-.l:
:-1
(/) ~
71
' =
F-
H m
n'
' 5t
-IE
-} ::-
--' ~
;gr
:rot ~t
n
}1:1-}
~>-~~~
-ffi
0 ,\
£1-
ll't
'
0 rnt
t ~ ~ ~
m u»t
t m1
~
~Ill:
=rit
llill
}S
!llil~§TIQ!
,HI}
...... w~
}<
I+
'()-
1-'
~0
*
-"
H ~
-'*I
W>=H~o
~
-)I
I¢
Nl
~
'-1-1
-;:
m ~-
t-.::-1
liD
-±
:! +
~i=H=~IIDl
F::~ ~ ~ }
1:1-}
>t-)
3\.>
Jll~
'fJ
~ .....
~
0
~ ~ ~ r
ntt
iiD~
llill
w
F+t
4*
=
0 ...
.. ~
s-11 ~ ~
g~~m
~-
*~
Bn -B
~>a
llil
llli
ll
~Df
~}
~~
;§])
#
}1:1-}
JD
I!t 5H
!5H!
~}
*~
~51'
Bn
uujg
N
0 1-'
(J
") *~
-B
Bl
l ~
~p
::w.
*~
JDI!t
Bn
5m
0 *~
Bn
-B
llill ~
E~} s:
~p
~
~ ~ ~
*~
Bn
~p iJiii
: ~!i
ll }1:
1-}
~
llill
~}
ffiBH
-ffi
~Dr
)!!!}
1-'
'"""
::m
I<~
~Jtl} ;;r
J>>
~Jtl}
}J~ ~
ill}
iJiiF ~
)(j-}
~
lliHl
~}
mBH
~Dr
~}
UJ;
:J
~C> Hm
~
~)} BD
4i
H ffi
4lll :a 0
Di* ~
~Df ~
~ ~f
S3f
\ tJ
) ~::w.
llD~
~ HH
IIID
®;j
jj
-1ft]
~ill
>-~
~~
'Lz¥
~ III
J>
~~
0 +
)!!
!} ~
'"""
<
=
I<~ ~
~Jtl}
N
9ft
s (!®
'. N
$-f
fi
~}
liD
Bn ~
rntt
-1
* mr
r ~F+t
~s"tl
~f ~
tJ) ~
::w.
~ IllJ
j: ~II
ll ffii
l op
~
~~
IID>
;jjj~
~ill
Di* ~
~~
~~
>-HH
l ~
~J?
0 -'
*I
D
$f~f
~ ~ ~
llD~
mil
H:Hl
~ ~&
~
-B
~~llill
~
)!!!} ~
5af,
l$
'fJ~
mil-
::w.
iii~
1$ ~
~
I ~f
~ ~~
tJ
) ~g-::w.
~
tml
~ >-
Cftl
m
~~;jjj
0 ~
~ill
-B-
mg
JDI!t -ffi
~ ~II
ll ~
op
>-~~ ~
>-~
~~
ffi:~
Di*~
~
~ID
-'Lz
¥ ~
*51
~7
~$
~I$
Ftt-
B
H ~
=rit::
W.
-B-
~
~-*+
EE~
\1_\
l __
,_,
fi1
I '-I
I EE~
~
~ ~I*
+
' ~
\hm
~
tiJW
D
Jht
~ m
+
tmJ
111
~~
,...,.
<;II}
op
5a
V
-7i
lim
~
>+ )!!
!} ~}
:31
a;
;m
(lt ~
~ ~
~
:rot
~
~ll}
"CJ
itt! ~
- .......
!E:j:
H~ • ~ =- La
~Dr
-'*I
D
~
- .......
'-:1<1 Jrr]
H=t ~
=- La
II- J.rr
M
- F+t
)!!!} '"""
I<~
~Jtl}
~
$ ' 'fJ~
Q:J
=- La
~
(§16
Jht
~
ill
-B
llill ~
'fJ~ ::w.
.u...
C
"""
~f
tJ) ::w.
J>>
tit
c....,J fAA
Il
l ffii
l - liD
;jjj
~ill
~
~
> ~
~
-Jm
)!!!} '"""
I<~
~Jtl} Bm ~
liD
$ ~}
Bn ~ ~
)In!
-B-
5S
0 ~
:rot
iiD~
5af,
I>H(
El3
-
"""""' * ~~ Vl
A"
0 -o
Vl
@
-o
-o
(!)
!ll
()
()
::::l - El3
-
"""""' * ~ ~~
iiD~ Ht
;jjj ~
)!!!} '"""
I<~
~Jtl}
laH<J ~ ~
:rot
~
0 # ~
:rot
liD • ~1 -ffi
m:
HmiiD
:::
:0-i
~
~~)}
~ B
D ffim
*U
... ~.
J.
~ >
f,t
?f,-B
-:i
}H~
~~
*U~
Dl~ tJ
) ~~}
tJ1D
C11 )<
:} J.rr
J~
op
~,
:rot
4~
=rit
l=rl
* Ifi
j '
:rot
ml
>It
11-l*
;B
* :rot
~~~
~}
iJiii:
_,._
~~
-fF-
)<:}
" ~!i
ll ~
_.,._
J.rr
• ~ ~
)!!!}
)!!!}
H=t
'"""
0 _
,
I<~
' ;
~Jtl}
~
~D~
'----'
rnilt
-0
~~
-0
\=r-
""*
~
C""
" II
Il
~
>It
)<:}
-~
4*
~-'
iat
:::n
mil
~
\-H
__,
_, ~
-0
'il
)!!!}
I ~
'"""
~
-I<~
59=
~Jtl}
~
~
..I:II
l
im
; )D
~ ~
r4
1-'
ID~
'fJ~
0 )<
:} H=
t 0 0
'~ ~
'fJ}
~~ ~
0
* R=
$
g ~}
)!!
!} ~'""" I<~
1l:l
ll ~Jtl
} ~
ml
~
o\lll'
~ ~
$ ~
~}
$ ~
1$
Dlt
mil
' '
~'i]:
)¢~
1*
~£?
~
Dl~
0
'fJ~
-7i
-> H=
J: A
mi
l ~
iJiii:
Sil
'Lz¥
:rot
~!ill
rm
lfil:
::::::=:
:::::::
\ ~} ~
1$
! ~ ~
)!!!}
......:...
...
~
llill
+t ~
Dll~
~~~
~ ~}
~
~Jtl}
~lilt
~
ffiBH
~m ~
;
D
~Dr
IJ~
$ }C
t} -7i
~}
-
H
HP
0 0 ~
F+t
=rit
~Jtl! ~
llD)
llill
~
~Jtl}
@'~
~
.<J';
:> ~
~}
~
>=H
~
41.11 ~
=-ffiD
H N
m
-L
a
0 ~
'fJ~
1-'
ill
(.\"
Lr1
41.11 *
§Dr
-ffi ~
~~
1-'
>+
ffiH
}¥!}
1-'
~
-::m
}<}
+ g-
I.!J;
:.I
~
.......
tml
I<C>
.\it,
4~
)!!!}
~
-7i ~
~}
>+ m
~Jtl} ~}
~
)<:}
~
2-3 *
~ §
~
rnilt
~
L..,j
.-D
~~
o H
_
~
0 ~
',
'Lz¥
~~
)!!!}
'fJ~
-r ~ ~
>+ ~
~
~Jtl}
:e ~
§ ;o
H
rm
~
~
~ ~
~~
-*
op
H=t
au,
..I:II
l ~
Mill
)D ~
$:
-~
J.rr
I