Using MILP in Analysis of Feistel Structures and Improving Type II GFS by Switching Mechanism

Some features of Feistel structures have caused them to be considered as an efficient structure for design of block ciphers. Although several structures are proposed relied on Feistel structure, the type-II generalized Feistel structures (GFS) based on SP-functions are more prominent. Because of difference cancellation, which occurs in Feistel structures, their resistance against differential and linear attack is not as expected. Hitherto, to improve the immunity of Feistel structures against differential and linear attack, two methods are proposed. One of them is using multiple MDS matrices, and the other is using changing permutations of sub-blocks. In this paper by using MILP and summation representation method, a technique to count the active S-boxes is proposed. Moreover in some cases, the results proposed by Shibutani at SAC 2010 are improved. Also multiple MDS matrices are applied to GFS, and by relying on a new proposed approach, the new inequalities related to using multiple MDS matrices are extracted, and results of using the multiple MDS matrices in type II GFS are evaluated. Finally results related to linear cryptanalysis are presented. Our results show that using multiple MDS matrices leads to 22% and 19% improvement in differential cryptanalysis of standard and improved 8 sub-blocks structures, respectively, after 18 rounds

Large substitution boxes with efficient combinational implementations

At a fundamental level, the security of symmetric key cryptosystems ties back to Claude Shannon\u27s properties of confusion and diffusion. Confusion can be defined as the complexity of the relationship between the secret key and ciphertext, and diffusion can be defined as the degree to which the influence of a single input plaintext bit is spread throughout the resulting ciphertext. In constructions of symmetric key cryptographic primitives, confusion and diffusion are commonly realized with the application of nonlinear and linear operations, respectively. The Substitution-Permutation Network design is one such popular construction adopted by the Advanced Encryption Standard, among other block ciphers, which employs substitution boxes, or S-boxes, for nonlinear behavior. As a result, much research has been devoted to improving the cryptographic strength and implementation efficiency of S-boxes so as to prohibit cryptanalysis attacks that exploit weak constructions and enable fast and area-efficient hardware implementations on a variety of platforms. To date, most published and standardized S-boxes are bijective functions on elements of 4 or 8 bits. In this work, we explore the cryptographic properties and implementations of 8 and 16 bit S-boxes. We study the strength of these S-boxes in the context of Boolean functions and investigate area-optimized combinational hardware implementations. We then present a variety of new 8 and 16 bit S-boxes that have ideal cryptographic properties and enable low-area combinational implementations

Advanced cryptographic system : design, architecture and FPGA implementation

PhD ThesisThe field programmable gate array (FPGA) is a powerful technology, and since its introduction broad prospects have opened up for engineers to creatively design and implement complete systems in various fields. One such area that has a long history in information and network security is cryptography, which is considered in this thesis. The challenge for engineers is to design secure cryptographic systems, which should work efficiently on different platforms with the levels of security required. In addition, cryptographic functionalities have to be implemented with acceptable degrees of complexity while demanding lower power consumption. The present work is devoted to the design of an efficient block cipher that meets contemporary security requirements, and to implement the proposed design in a configurable hardware platform. The cipher has been designed according to Shannon’s principles and modern cryptographic theorems. It is an iterated symmetric-key block cipher based on the substitution permutation network and number theoretic transform with variable key length, block size and word length. These parameters can be undisclosed when determined by the system, making cryptanalysis almost impossible. The aim is to design a more secure, reliable and flexible system that can run as a ratified standard, with reasonable computational complexity for a sufficient service time. Analyses are carried out on the transforms concerned, which belong to the number theoretic transforms family, to evaluate their diffusion power, and the results confirm good performance in this respect mostly of a minimum of 50%. The new Mersenne number transform and Fermat number transform were included in the design because their characteristics meet the basic requirements of modern cryptographic systems. A new 7×7 substitution box (S-box) is designed and its non-linear properties are evaluated, resulting in values of 2-6 for maximum difference propagation probability and 2-2.678 for maximum input-output correlation. In addition, these parameters are calculated for all S-boxes belonging to the previous and current standard algorithms. Moreover, three extra S-boxes are derived from the new S-box and another three from the current standard, preserving the same non-linear properties by reordering the output elements. The robustness of the proposed cipher in terms of differential and linear cryptanalysis is then considered, and it is proven that the algorithm is secure against such well-known attacks from round three onwards regardless of block or key length. A number of test vectors are run to verify the correctness of the algorithm’s implementation in terms of any possible error, and all results were promising. Tests included the known answer test, the multi-block message test, and the Monte Carlo test. Finally, efficient hardware architectures for the proposed cipher have been designed and implemented using the FPGA system generator platform. The implementations are run on the target device, Xilinx Virtex 6 (XC6VLX130T-2FF484). Using parallel loop-unrolling architecture, a high throughput of 44.9 Gbits/sec is achieved with a power consumption of 1.83W and 8030 slices for implementing the encryption module with key and block lengths of 16×7 bits. There are a variety of outcomes when the cipher is implemented on different FPGA devices as well as for different block and key lengths.Ministry of Higher Education and Scientific Research in Ira

Data Acquisition Applications

Data acquisition systems have numerous applications. This book has a total of 13 chapters and is divided into three sections: Industrial applications, Medical applications and Scientific experiments. The chapters are written by experts from around the world, while the targeted audience for this book includes professionals who are designers or researchers in the field of data acquisition systems. Faculty members and graduate students could also benefit from the book

Statistical cryptanalysis of block ciphers

Since the development of cryptology in the industrial and academic worlds in the seventies, public knowledge and expertise have grown in a tremendous way, notably because of the increasing, nowadays almost ubiquitous, presence of electronic communication means in our lives. Block ciphers are inevitable building blocks of the security of various electronic systems. Recently, many advances have been published in the field of public-key cryptography, being in the understanding of involved security models or in the mathematical security proofs applied to precise cryptosystems. Unfortunately, this is still not the case in the world of symmetric-key cryptography and the current state of knowledge is far from reaching such a goal. However, block and stream ciphers tend to counterbalance this lack of "provable security" by other advantages, like high data throughput and ease of implementation. In the first part of this thesis, we would like to add a (small) stone to the wall of provable security of block ciphers with the (theoretical and experimental) statistical analysis of the mechanisms behind Matsui's linear cryptanalysis as well as more abstract models of attacks. For this purpose, we consider the underlying problem as a statistical hypothesis testing problem and we make a heavy use of the Neyman-Pearson paradigm. Then, we generalize the concept of linear distinguisher and we discuss the power of such a generalization. Furthermore, we introduce the concept of sequential distinguisher, based on sequential sampling, and of aggregate distinguishers, which allows to build sub-optimal but efficient distinguishers. Finally, we propose new attacks against reduced-round version of the block cipher IDEA. In the second part, we propose the design of a new family of block ciphers named FOX. First, we study the efficiency of optimal diffusive components when implemented on low-cost architectures, and we present several new constructions of MDS matrices; then, we precisely describe FOX and we discuss its security regarding linear and differential cryptanalysis, integral attacks, and algebraic attacks. Finally, various implementation issues are considered

A new counting method to bound the number of active S-boxes in Rijndael and 3D

© 2016, Springer Science+Business Media New York. Security against differential and linear cryptanalysis is an essential requirement for modern block ciphers. This measure is usually evaluated by finding a lower bound for the minimum number of active S-boxes. The 128-bit block cipher AES which was adopted by National Institute of Standards and Technology (NIST) as a symmetric encryption standard in 2001 is a member of Rijndael family of block ciphers. For Rijndael, the block length and the key length can be independently specified to 128, 192 or 256 bits. It has been proved that for all variants of Rijndael the lower bound of the number of active S-boxes for any 4-round differential or linear trail is 25, and for 4r (r≥ 1) rounds 25r active S-boxes is a tight bound only for Rijndael with block length 128. In this paper, a new counting method is introduced to find tighter lower bounds for the minimum number of active S-boxes for several consecutive rounds of Rijndael with larger block lengths. The new method shows that 12 and 14 rounds of Rijndael with 192-bit block length have at least 87 and 103 active S-boxes, respectively. Also the corresponding bounds for Rijndael with 256-bit block are 105 and 120, respectively. Additionally, a modified version of Rijndael-192 is proposed for which the minimum number of active S-boxes is more than that of Rijndael-192. Moreover, we extend the method to obtain a better lower bound for the number of active S-boxes for the block cipher 3D. Our counting method shows that, for example, 20 and 22 rounds of 3D have at least 185 and 205 active S-boxes, respectively.status: publishe