On Circulant-Like Rhotrices over Finite Fields

Circulant matrices over finite fields are widely used in cryptographic hash functions, Lattice based cryptographic functions and Advanced Encryption Standard (AES). Maximum distance separable codes over finite field GF2 have vital a role for error control in both digital communication and storage systems whereas maximum distance separable matrices over finite field GF2 are used in block ciphers due to their properties of diffusion. Rhotrices are represented in the form of coupled matrices. In the present paper, we discuss the circulant- like rhotrices and then construct the maximum distance separable rhotrices over finite fields

Hankel Rhotrices and Constructions of Maximum Distance Separable Rhotrices over Finite Fields

Many block ciphers in cryptography use Maximum Distance Separable (MDS) matrices to strengthen the diffusion layer. Rhotrices are represented by coupled matrices. Therefore, use of rhotrices in the cryptographic ciphers doubled the security of the cryptosystem. We define Hankel rhotrix and further construct the maximum distance separable rhotrices over finite fields

Whirlwind: a new cryptographic hash function

A new cryptographic hash function Whirlwind is presented. We give the full specification and explain the design rationale. We show how the hash function can be implemented efficiently in software and give first performance numbers. A detailed analysis of the security against state-of-the-art cryptanalysis methods is also provided. In comparison to the algorithms submitted to the SHA-3 competition, Whirlwind takes recent developments in cryptanalysis into account by design. Even though software performance is not outstanding, it compares favourably with the 512-bit versions of SHA-3 candidates such as LANE or the original CubeHash proposal and is about on par with ECHO and MD6

Lightweight Diffusion Layer from the kthk^{th} root of the MDS Matrix

The Maximum Distance Separable (MDS) mapping, used in cryptography deploys complex Galois field multiplications, which consume lots of area in hardware, making it a costly primitive for lightweight cryptography. Recently in lightweight hash function: PHOTON, a matrix denoted as ‘Serial’, which required less area for multiplication, has been multiplied 4 times to achieve a lightweight MDS mapping. But no efficient method has been proposed so far to synthesize such a serial matrix or to find the required number of repetitive multiplications needed to be performed for a given MDS mapping. In this paper, first we provide an generic algorithm to find out a low-cost matrix, which can be multiplied k times to obtain a given MDS mapping. Further, we optimize the algorithm for using in cryptography and show an explicit case study on the MDS mapping of the hash function PHOTON to obtain the ‘Serial’. The work also presents quite a few results which may be interesting for lightweight implementation

Direct construction of quasi-involutory recursive-like MDS matrices from 2-cyclic codes

A good linear diffusion layer is a prerequisite in the design of block ciphers. Usually it is obtained by combining matrices with optimal diffusion property over the Sbox alphabet. These matrices are constructed either directly using some algebraic properties or by enumerating a search space, testing the optimal diffusion property for every element. For implementation purposes, two types of structures are considered: Structures where all the rows derive from the first row and recursive structures built from powers of companion matrices. In this paper, we propose a direct construction for new recursive-like MDS matrices. We show they are quasi-involutory in the sense that the matrix-vector product with the matrix or with its inverse can be implemented by clocking a same LFSR-like architecture. As a direct construction, performances do not outperform the best constructions found with exhaustive search. However, as a new type of construction, it offers alternatives for MDS matrices design

Optimizing Implementations of Lightweight Building Blocks

We study the synthesis of small functions used as building blocks in lightweight cryptographic designs in terms of hardware implementations. This phase most notably appears during the ASIC implementation of cryptographic primitives. The quality of this step directly affects the output circuit, and while general tools exist to carry out this task, most of them belong to proprietary software suites and apply heuristics to any size of functions. In this work, we focus on small functions (4- and 8-bit mappings) and look for their optimal implementations on a specific weighted instructions set which allows fine tuning of the technology. We propose a tool named LIGHTER, based on two related algorithms, that produces optimized implementations of small functions. To demonstrate the validity and usefulness of our tool, we applied it to two practical cases: first, linear permutations that define diffusion in most of SPN ciphers; second, non-linear 4-bit permutations that are used in many lightweight block ciphers. For linear permutations, we exhibit several new MDS diffusion matrices lighter than the state-of-the-art, and we also decrease the implementation cost of several already known MDS matrices. As for non-linear permutations, LIGHTER outperforms the area-optimized synthesis of the state-of-the-art academic tool ABC. Smaller circuits can also be reached when ABC and LIGHTER are used jointly

Nutzung kryptographischer Funktionen zur Verbesserung der Systemzuverlässigkeit

Cryptographic techniques deal with securing information against unwanted usage, while coding techniques deals with keeping data error-free and retrieving them reliably. However, both techniques share many tools, bounds and limitations. In this thesis, several novel approaches towards improving system reliability by combining cryptographic and coding techniques in several constellations are presented. The first constellation is deploying pure cryptographic functions to improve reliability issues overshadowed in systems that previously had no reliability-supporting coding mechanisms. Such systems could have just authenticity, secrecy and/or integrity mechanisms for security services. The second constellation deploys a mixture of both cryptographic functions and error correction codes to improve the overall system reliability. The first contribution in this thesis, presents a new practical approach for detection and correction of execution errors for AES cipher. The source of such errors could be natural or as a result of fault injection attacks. The proposed approach is making use of the two linear mappings in the AES round structure for error control. The second contribution is investigating the possibility and ability of deploying pure cryptographic hash functions to detect and correct a class of errors. The error correction is achieved by deploying a part of the hash bits to correct a class of selected unidirectional error class with high probability. The error correction process would degrade the authentication level in a non-significant fashion. In the third and fourth contributions, we propose algorithms to improve system correctability beyond classical limits by combining coding and cryptographic functions. The new algorithms are based mainly on the fundamentals investigated in the second contribution as mechanisms to detect and correct errors. The new algorithms are investigated in terms of collision and attacking complexity, as error correction via hash matching is similar to a successful authentication attack. The resulting performance showed achievable good error correctability, authenticity, and integrity figures.Kryptografische Methoden zielen der Sicherung von Information gegen unerwünschte Nutzung, wobei Codierungstechnik behandelt die Korrektur der Fehler in den Daten und deren zuverlässigen Rückgewinnung. Beide Techniken bedienen sich ähnlich Instrumente und besitzen ähnliche grenzen und Grenzwerte. In diese Dissertation, werden mehrere neue Verfahren zur Verbesserung der Systemzuverlässigkeit durch verschiedene Konstellationen zur Kombination der beiden Fehlerkontrollcodierung und Kryptografische Verfahren. In der ersten Konstellation werden reine kryptologische Funktionen verwendet, die zur Verbesserung der Zuverlässigkeitsaspekte in den Systemen die keine Zuverlässigkeitsfördernde Codierungs-Maßnahme enthalten dienen. Solche Systeme besitzen z. B. nur Authentifikation, Geheimhaltung oder Integritäts-Mechanismen in den Sicherheitsdiensten. Die zweite Konstellation verwendet eine Kombination von Fehlerkorrigierende Codes und Krypto-Mechanismen für die Verbesserung der Zuverlässigkeit des Systems. Der erste Beitrag in diese Arbeit präsentiert ein neues praktisches Verfahren zur Erkennung und Korrektur von Verarbeitungsfehler in AES Chiffre. Die Ursachen solche Fehler konnten natürlich oder als Resultat eines beabsichtigten „Fault Injection“ Angriff sein. Das Verfahren nutzt die linearen Abbildungen im AES Runden-Funktion für Fehlerkontrolle. Der zweite Beitrag untersucht die Möglichkeit und Fähigkeit zur Einsatz von Hashfunktionen zur Erkennung und Korrektur vom Fehler. Die Fehlerkorrektur ist erreicht durch die Nutzung eines Anteil des Hash Bits um eine Klasse von ausgewähltem Unidirektionalen-Fehler mit höhe Wahrscheinlichkeit zu korrigieren. Dabei wird der Fehlerkorrekturprozess die Authentifikationsgrad des Hashfunktion nicht signifikant reduzieren. In den dritten und vierten Beitrag werden Algorithmen vorgeschlagen um die Zuverlässigkeit des System über die klassischen grenzen verbessert. Das wird durch Kombination von Kryptologischen und Codierung Funktionen erreicht. Die neuen Algorithmen sind auf die fundamentale Untersuchungen des zweiten Beitrag als Mechanismen für Fehlererkennung und Fehlerkorrektur basiert. Die neuen Algorithmen sind auf deren Kollision und Angriffskomplexität Verhalten untersucht worden, da Fehlerkorrektur durch Hashwert-Anpassung eines erfolgreichen Authentifikationsangriff ähnlich ist. Die resultierenden Verhalten zeigen gute Werte für erreichbare Fehlerkorrekturfähigkeit, Authentifikations-Grad und Integrität

Feistel Like Construction of Involutory Binary Matrices With High Branch Number

In this paper, we propose a generic method to construct involutory binary matrices from a three round Feistel scheme with a linear round function. We prove bounds on the maximum achievable branch number (BN) and the number of fixed points of our construction. We also define two families of efficiently implementable round functions to be used in our method. The usage of these families in the proposed method produces matrices achieving the proven bounds on branch numbers and fixed points. Moreover, we show that BN of the transpose matrix is the same with the original matrix for the function families we defined. Some of the generated matrices are \emph{Maximum Distance Binary Linear} (MDBL), i.e. matrices with the highest achievable BN. The number of fixed points of the generated matrices are close to the expected value for a random involution. Generated matrices are especially suitable for utilising in bitslice block ciphers and hash functions. They can be implemented efficiently in many platforms, from low cost CPUs to dedicated hardware