Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

Effects of Architecture on Information Leakage of a Hardware Advanced Encryption Standard Implementation

Side-channel analysis (SCA) is a threat to many modern cryptosystems. Many countermeasures exist, but are costly to implement and still do not provide complete protection against SCA. A plausible alternative is to design the cryptosystem using architectures that are known to leak little information about the cryptosystem\u27s operations. This research uses several common primitive architectures for the Advanced Encryption Standard (AES) and assesses the susceptibility of the full AES system to side-channel attack for various primitive configurations. A combined encryption/decryption core is also evaluated to determine if variation of high-level architectures affects leakage characteristics. These different configurations are evaluated under multiple measurement types and leakage models. The results show that different hardware configurations do impact the amount of information leaked by a device, but none of the tested configurations are able to prevent exploitation

A dynamical systems approach to the discrimination of the modes of operation of cryptographic systems

Evidence of signatures associated with cryptographic modes of operation is established. Motivated by some analogies between cryptographic and dynamical systems, in particular with chaos theory, we propose an algorithm based on Lyapunov exponents of discrete dynamical systems to estimate the divergence among ciphertexts as the encryption algorithm is applied iteratively. The results allow to distinguish among six modes of operation, namely ECB, CBC, OFB, CFB, CTR and PCBC using DES, IDEA, TEA and XTEA block ciphers of 64 bits, as well as AES, RC6, Twofish, Seed, Serpent and Camellia block ciphers of 128 bits. Furthermore, the proposed methodology enables a classification of modes of operation of cryptographic systems according to their strength.Comment: 14 pages, 10 figure

Memorization for Good: Encryption with Autoregressive Language Models

Over-parameterized neural language models (LMs) can memorize and recite long sequences of training data. While such memorization is normally associated with undesired properties such as overfitting and information leaking, our work casts memorization as an unexplored capability of LMs. We propose the first symmetric encryption algorithm with autoregressive language models (SELM). We show that autoregressive LMs can encode arbitrary data into a compact real-valued vector (i.e., encryption) and then losslessly decode the vector to the original message (i.e., decryption) via random subspace optimization and greedy decoding. While SELM is not amenable to conventional cryptanalysis, we investigate its security through a novel empirical variant of the classic IND-CPA (indistinguishability under chosen-plaintext attack) game and show promising results on security. Our code and datasets are available at https://github.com/OSU-NLP-Group/SELM.Comment: Main text: 9 pages, 4 figures, 1 table. Work-in-progress. Project website at https://samuelstevens.me/research/encryption