Основные принципы проектирования, оценка стойкости и перспективы использования в Украине алгоритма шифрования AES

Представлені основні принципи проектування алгоритму шифрування AES, оцінка їх обгрунтованості та прозорості. Зроблений огляд найбільш ефективних методів криптоаналізу FIPS-197. Розглянуті проблемні питання безпеки, котрі у перспективі можуть бути використані для реалізації ефективної аналітичної атаки на шифр. Наведені дані про продуктивність програмних і апаратних реалізацій AES.Designing principles of AES, their validity and clearness are given. The review of the most effective cryptanalytical attacks of Rijndael is given. Potential weaknesses in security of FIPS-197 leading to possible implementation of effective analytical attacks on the cipher in the future are considered. Performance of software and hardware implementation of FIPS-197 is given

Performance evaluation of eXtended sparse linearization in GF(2) and GF(28)

XSL (eXtended Sparse Linearization) is a recent algebraic attack aimed at the Advanced Encryption Standard. In order to shed some light into the behavior of the algorithm, which is largely unknown, we have studied XSL on equation systems with variables interpreted either as bits or bytes. The algorithm solves byte-systems much faster than it does bit-systems, which promts us to suggest that if a more compact representation of equation systems can be found, such as one where the variables are 8-byte blocks, or even a more generalized form of 8n-byte blocks, it may be possible to increase the speed of XSL dramatically

Locating Encrypted Data Hidden Among Non-Encrypted Data using Statistical Tools

This research tests the security of software protection techniques that use encryption to protect code segments containing critical algorithm implementation to prevent reverse engineering. Using the National Institute of Standards and Technology (NIST) Tests for Randomness encrypted regions hidden among non-encrypted bits of a binary executable file are located. The location of ciphertext from four encryption algorithms (AES, DES, RSA, and TEA) and three block sizes (10, 100, and 500 32-bit words) were tested during the development of the techniques described in this research. The test files were generated from the Win32 binary executable file of Adobe\u27s Acrobat Reader version 7.0.9. The culmination of this effort developed a technique capable of locating 100% of the encryption regions with no false negative error and minimal false positive error with a 95% confidence. The encrypted region must be encrypted with a strong encryption algorithm whose ciphertext appears statistically random to the NIST Tests for Randomness, and the size of the encrypted region must be at least 100 32-bit words (3,200 bits)

A Quantitative Study of Advanced Encryption Standard Performance as it Relates to Cryptographic Attack Feasibility

The advanced encryption standard (AES) is the premier symmetric key cryptosystem in use today. Given its prevalence, the security provided by AES is of utmost importance. Technology is advancing at an incredible rate, in both capability and popularity, much faster than its rate of advancement in the late 1990s when AES was selected as the replacement standard for DES. Although the literature surrounding AES is robust, most studies fall into either theoretical or practical yet infeasible. This research takes the unique approach drawn from the performance field and dual nature of AES performance. It uses benchmarks to assess the performance potential of computer systems for both general purpose and AES. Since general performance information is readily available, the ratio may be used as a predictor for AES performance and consequently attack potential. The design involved distributing USB drives to facilitators containing a bootable Linux operating system and the benchmark instruments. Upon boot, these devices conducted the benchmarks, gathered system specifications, and submitted them to a server for regression analysis. Although it is likely to be many years in the future, the results of this study may help better predict when attacks against AES key lengths will become feasible

Cyber Security- A New Secured Password Generation Algorithm with Graphical Authentication and Alphanumeric Passwords Along With Encryption

Graphical passwords are always considered as an alternative of alphanumeric passwords for their better memorability and usability [1]. Alphanumeric passwords provide an adequate amount of satisfaction, but they do not offer better memorability compared to graphical passwords [1]. On the other hand, graphical passwords are considered less secured and provide better memorability [1]. Therefore many researchers have researched on graphical passwords to overcome the vulnerability. One of the most significant weaknesses of the graphical passwords is Shoulder Surfing Attack, which means, sneaking into a victim\u27s computer to learn the whole password or part of password or some confidential information. Such kind of attacks is called as Shoulder Surfing Attack. Many researchers have presented various ideas to curb the shoulder surfing attack. However, graphical passwords are still vulnerable to this attack. Therefore, in the present thesis, the solution for shoulder surfing attack is analyzed and a new algorithm is developed to provide better algorithm with memorability as well as very strong password using the encryption. For alphanumeric passwords, dictionary attack, and brute force attack are critical potential threats to be taken care off. Dictionary attacks mean, attacking every word from the dictionary to crack the password, whereas, brute force attack means, applying all different kind of combinations to crack the password. Thus, both protection methods have their pros and cons and, therefore in this thesis, the possible solution has been researched to provide more secure technique. Encryption is another essential technique in the field of cybersecurity. The history of encryption dates back to World War 2, where German forces used its encryption technique for the first time, and this encryption has been developed a lot with the consistent contribution of many researchers. Starting from the German encryption technique, the present encryption field has evolved a lot and compared to its primitive form; the current encryption techniques are more secured. In the encryption, various cryptosystems have been developed, and due to consistently developed computational power, attackers have compromised various cryptosystem. One of the essential cryptosystems is the MD family cryptosystem. In the MD family, a few members have been compromised whereas members such as MD5, had inbuilt algorithm flow and therefore they became vulnerable for different reasons. In this thesis, the research has been done with Whirlpool encryption, which is never compromised as of now. However, before using the Whirlpool encryption, the string has been processed with multiple steps, such as, perception, shifting of characters, splitting the string into chunks, and then each piece has been encrypted to populate 128 characters long password for each fragment and thus, the algorithm to generate 1280 characters long passwords is proposed which are immune to linear attacks, dictionary attacks, brute force attacks, and shoulder surfing attack. After the research, the computational time is also calculated for the modern computer (8 core, 2.8 GHz) as well as the present Supercomputers which are 100000 times faster than a modern computer. After all the research, the conclusion and future work are also mentioned for future research

Evaluation of the Single Keybit Template Attack

Side Channel leakage is a serious threat to secure devices. Cryptographic information extraction is possible after examining any one of the various side channels, including electromagnetic. This work contributes a new method to achieve such a purpose. The Single Keybit Template Attack (SKTA) is introduced as a means to extract encryption keys from embedded processors and other integrated circuit devices performing DES encryptions by passively monitoring and exploiting unintentional RF emissions. Key extraction is accomplished by creating two templates for each bit value of the key based on instantaneous amplitude responses as a device executes DES operations. The resultant templates are input to a Maximum Likelihood processor for subsequent template discrimination with RF emissions captured from a target device. Plaintext and ciphertext are not necessary for SKTA to function. Using 8-bit microcontroller devices and experimentally collected side channel signals, key extraction is possible after examination of approximately 300 RF emission traces. After consideration of SKTA\u27s capabilities, embedded processors using DES to process sensitive data warrants reconsideration

A dynamical systems approach to the discrimination of the modes of operation of cryptographic systems

Evidence of signatures associated with cryptographic modes of operation is established. Motivated by some analogies between cryptographic and dynamical systems, in particular with chaos theory, we propose an algorithm based on Lyapunov exponents of discrete dynamical systems to estimate the divergence among ciphertexts as the encryption algorithm is applied iteratively. The results allow to distinguish among six modes of operation, namely ECB, CBC, OFB, CFB, CTR and PCBC using DES, IDEA, TEA and XTEA block ciphers of 64 bits, as well as AES, RC6, Twofish, Seed, Serpent and Camellia block ciphers of 128 bits. Furthermore, the proposed methodology enables a classification of modes of operation of cryptographic systems according to their strength.Comment: 14 pages, 10 figure

Too Much Crypto

We show that many symmetric cryptography primitives would not be less safe with significantly fewer rounds. To support this claim, we review the cryptanalysis progress in the last 20 years, examine the reasons behind the current number of rounds, and analyze the risk of doing fewer rounds. Advocating a rational and scientific approach to round numbers selection, we propose revised number of rounds for AES, BLAKE2, ChaCha, and SHA-3, which offer more consistent security margins across primitives and make them much faster, without increasing the security risk