15 research outputs found
STATISTICAL PROPERTIES OF PSEUDORANDOM SEQUENCES
Random numbers (in one sense or another) have applications in computer simulation, Monte Carlo integration, cryptography, randomized computation, radar ranging, and other areas. It is impractical to generate random numbers in real life, instead sequences of numbers (or of bits) that appear to be ``random yet repeatable are used in real life applications. These sequences are called pseudorandom sequences. To determine the suitability of pseudorandom sequences for applications, we need to study their properties, in particular, their statistical properties. The simplest property is the minimal period of the sequence. That is, the shortest number of steps until the sequence repeats. One important type of pseudorandom sequences is the sequences generated by feedback with carry shift registers (FCSRs). In this dissertation, we study statistical properties of N-ary FCSR sequences with odd prime connection integer q and least period (q-1)/2. These are called half-â„“-sequences. More precisely, our work includes: The number of occurrences of one symbol within one period of a half-â„“-sequence; The number of pairs of symbols with a fixed distance between them within one period of a half-â„“-sequence; The number of triples of consecutive symbols within one period of a half-â„“-sequence.
In particular we give a bound on the number of occurrences of one symbol within one period of a binary half-â„“-sequence and also the autocorrelation value in binary case. The results show that the distributions of half-â„“-sequences are fairly flat. However, these sequences in the binary case also have some undesirable features as high autocorrelation values. We give bounds on the number of occurrences of two symbols with a fixed distance between them in an â„“-sequence, whose period reaches the maximum and obtain conditions on the connection integer that guarantee the distribution is highly uniform.
In another study of a cryptographically important statistical property, we study a generalization of correlation immunity (CI). CI is a measure of resistance to Siegenthaler\u27s divide and conquer attack on nonlinear combiners. In this dissertation, we present results on correlation immune functions with regard to the q-transform, a generalization of the Walsh-Hadamard transform, to measure the proximity of two functions. We give two definitions of q-correlation immune functions and the relationship between them. Certain properties and constructions for q-correlation immune functions are discussed. We examine the connection between correlation immune functions and q-correlation immune functions
On Some Symmetric Lightweight Cryptographic Designs
This dissertation presents cryptanalysis of several symmetric lightweight primitives, both stream ciphers and block ciphers. Further, some aspects of authentication in combination with a keystream generator is investigated, and a new member of the Grain family of stream ciphers, Grain-128a, with built-in support for authentication is presented. The first contribution is an investigation of how authentication can be provided at a low additional cost, assuming a synchronous stream cipher is already implemented and used for encryption. These findings are then used when presenting the latest addition to the Grain family of stream ciphers, Grain-128a. It uses a 128-bit key and a 96-bit initialization vector to generate keystream, and to possibly also authenticate the plaintext. Next, the stream cipher BEAN, superficially similar to Grain, but notably using a weak output function and two feedback with carry shift registers (FCSRs) rather than linear and (non-FCSR) nonlinear feedback shift registers, is cryptanalyzed. An efficient distinguisher and a state-recovery attack is given. It is shown how knowledge of the state can be used to recover the key in a straightforward way. The remainder of this dissertation then focuses on block ciphers. First, a related-key attack on KTANTAN is presented. The attack notably uses only a few related keys, runs in less than half a minute on a current computer, and directly contradicts the designers' claims. It is discussed why this is, and what can be learned from this. Next, PRINTcipher is subjected to linear cryptanalysis. Several weak key classes are identified and it is shown how several observations of the same statistical property can be made for each plaintext--ciphertext pair. Finally, the invariant subspace property, first observed for certain key classes in PRINTcipher, is investigated. In particular, its connection to large linear biases is studied through an eigenvector which arises inside the cipher and leads to trail clustering in the linear hull which, under reasonable assumptions, causes a significant number of large linear biases. Simulations on several versions of PRINTcipher are compared to the theoretical findings
N-adic Summation-Shrinking Generator. Basic properties and empirical evidences.
The need of software-flexible stream ciphers has led to several alternative proposals in the last few years. One of them is a new Pseudo Random Number Generator (PRNG), named N-adic Summation-Shrinking (NSumSG), which architecture is described in this paper. It uses N-1 parallel working slave summation generators and one N-adic summation generator, controlling the nonlinearity in the generator. The implementation, some properties and statistical tests of NSumSG are given.
The results from statistical analysis show that the sequence generated by NSumSG is uniform, scalable, uncompressible, whit large period; consistent and unpredictable. This gives the reason consider the NSumSG as suitable for a particular cryptographic application
New Family of Stream Ciphers as Physically Clone-Resistant VLSI-Structures
A new large class of possible stream ciphers as keystream
generators KSGs, is presented. The sample cipher-structure-concept is based on
randomly selecting a set of 16 maximum-period Nonlinear Feedback Shift
Registers (NLFSRs). A non-linear combining function is merging the 16 selected
sequences. All resulting stream ciphers with a total state-size of 223 bits are
designed to result with the same security level and have a linear complexity
exceeding and a period exceeding . A Secret Unknown Cipher
(SUC) is created randomly by selecting one cipher from that class of
ciphers. SUC concept was presented recently as a physical security anchor to
overcome the drawbacks of the traditional analog Physically Unclonable
Functions (PUFs). Such unknown ciphers may be permanently self-created within
System-on-Chip SoC non-volatile FPGA devices to serve as a digital
clone-resistant structure. Moreover, a lightweight identification protocol is
presented in open networks for physically identifying such SUC structures in
FPGA-devices. The proposed new family may serve for lightweight realization of
clone-resistant identities in future self-reconfiguring SoC non-volatile FPGAs.
Such self-reconfiguring FPGAs are expected to be emerging in the near future
smart VLSI systems. The security analysis and hardware complexities of the
resulting clone-resistant structures are evaluated and shown to exhibit
scalable security levels even for post-quantum cryptography.Comment: 24 pages, 7 Figures, 3 Table
Stream ciphers for secure display
In any situation where private, proprietary or highly confidential material is being dealt with, the need to consider aspects of data security has grown ever more important. It is usual to secure such data from its source, over networks and on to the intended recipient. However, data security considerations typically stop at the recipient's processor, leaving connections to a display transmitting raw data which is increasingly in a digital format and of value to an adversary. With a progression to wireless display technologies the prominence of this vulnerability is set to rise, making the implementation of 'secure display' increasingly desirable. Secure display takes aspects of data security right to the display panel itself, potentially minimising the cost, component count and thickness of the final product. Recent developments in display technologies should help make this integration possible. However, the processing of large quantities of time-sensitive data presents a significant challenge in such resource constrained environments. Efficient high- throughput decryption is a crucial aspect of the implementation of secure display and one for which the widely used and well understood block cipher may not be best suited. Stream ciphers present a promising alternative and a number of strong candidate algorithms potentially offer the hardware speed and efficiency required. In the past, similar stream ciphers have suffered from algorithmic vulnerabilities. Although these new-generation designs have done much to respond to this concern, the relatively short 80-bit key lengths of some proposed hardware candidates, when combined with ever-advancing computational power, leads to the thesis identifying exhaustive search of key space as a potential attack vector. To determine the value of protection afforded by such short key lengths a unique hardware key search engine for stream ciphers is developed that makes use of an appropriate data element to improve search efficiency. The simulations from this system indicate that the proposed key lengths may be insufficient for applications where data is of long-term or high value. It is suggested that for the concept of secure display to be accepted, a longer key length should be used
Role of Cryptographic Welch-Gong (WG-5) Stream Cipher in RFID Security
The purpose of this thesis is to design a secure and optimized cryptographic stream cipher for passive type Radio Frequency Identification (RFID) tags.
RFID technology is a wireless automatic tracking and identification device. It has become an integral part of our daily life and it is used in many applications such as electronic passports, contactless payment systems, supply chain management and so on. But the information carried on RFID tags are vulnerable to unauthorized access (or various threats) which raises the security
and privacy concern over RFID devices. One of the possible solutions to protect the confidentiality, integrity and to provide authentication is, to use a cryptographic stream cipher which encrypts the original information with a pseudo-random bit sequence. Besides that RFID tags
require a resource constrained environment such as efficient area, power and high performance cryptographic systems with large security margins. Therefore, the architecture of stream cipher
provides the best trade-off between the cryptographic security and the hardware efficiency.
In this thesis, we first described the RFID technology and explain the design requirements for passive type RFID tags. The hardware design for passive tags is more challenging due to its stringent requirements like power consumption and the silicon area. We presented different design measures and some of the optimization techniques required to achieve low-resource
cryptographic hardware implementation for passive tags.
Secondly, we propose and implement a lightweight WG-5 stream cipher, which has good proven cryptographic mathematical properties. Based on these properties we measured the security analysis of WG-5 and showed that the WG-5 is immune to different types of attacks such as algebraic attack, correlation attack, cube attack, differential attack, Discrete Fourier Transform attack (DFT), Time-Memory-Data trade-off attack. The implementation of WG-5 was carried out using 65 nm and 130 nm CMOS technologies. We achieved promising results of WG-5 implementation in terms of area, power, speed and optimality. Our results outperforms most of the other stream ciphers which are selected in eSTREAM project.
Finally, we proposed RFID mutual authentication protocol based on WG-5. The security and privacy analysis of the proposed protocol showed that it is resistant to various RFID attacks such
as replay attacks, Denial-of-service (DoS) attack, ensures forward privacy and impersonation attack
On the Design and Analysis of Stream Ciphers
This thesis presents new cryptanalysis results for several different stream cipher constructions. In addition, it also presents two new stream ciphers, both based on the same design principle. The first attack is a general attack targeting a nonlinear combiner. A new class of weak feedback polynomials for linear feedback shift registers is identified. By taking samples corresponding to the linear recurrence relation, it is shown that if the feedback polynomial has taps close together an adversary to take advantage of this by considering the samples in a vector form. Next, the self-shrinking generator and the bit-search generator are analyzed. Both designs are based on irregular decimation. For the self-shrinking generator, it is shown how to recover the internal state knowing only a few keystream bits. The complexity of the attack is similar to the previously best known but uses a negligible amount of memory. An attack requiring a large keystream segment is also presented. It is shown to be asymptotically better than all previously known attacks. For the bit-search generator, an algorithm that recovers the internal state is given as well as a distinguishing attack that can be very efficient if the feedback polynomial is not carefully chosen. Following this, two recently proposed stream cipher designs, Pomaranch and Achterbahn, are analyzed. Both stream ciphers are designed with small hardware complexity in mind. For Pomaranch Version 2, based on an improvement of previous analysis of the design idea, a key recovery attack is given. Also, for all three versions of Pomaranch, a distinguishing attack is given. For Achterbahn, it is shown how to recover the key of the latest version, known as Achterbahn-128/80. The last part of the thesis introduces two new stream cipher designs, namely Grain and Grain-128. The ciphers are designed to be very small in hardware. They also have the distinguishing feature of allowing users to increase the speed of the ciphers by adding extra hardware