Digital Image Exchange using a No-key(s) Protocol with Phase-only Encryption,

This paper considers an algorithm for transferring a digital image over an open network using a No-key(s) Protocol or Three-Way Pass and phase-only encryption/decryption. After providing a short study on the theoretical background to the method, an algorithm is presented on a step-by-step basis. Cryptanalysis is undertaken for the three intercept and single intercept cases, when it is assumed that the encrypted data is intercepted in its entirety for each pass or for any single pass, respectively. The algorithm focuses on the exchange of a JPEG image although in principle, the approach is independent of the format of the image file that is used. Prototype MATLAB functions are provided for the validation of the approach and for further development by interested readers

Phase-only Digital Encryption using a Three-pass Protocol

Abstract—This paper considers an application of phase-only digital encryption to the three-pass protocol leading to a new ‘nokey- exchange algorithm’. After providing a study on the theoretical background to the method, an algorithm is presented on a step-by-step basis together with three examples of cryptanalysis. A prototype MATLAB function is provided for validation of the approach and for further development by interested readers

Cryptanalysis and Design of Symmetric Primitives

Der Schwerpunkt dieser Dissertation liegt in der Analyse und dem Design von Block- chiffren und Hashfunktionen. Die Arbeit beginnt mit einer Einführung in Techniken zur Kryptoanalyse von Blockchiffren. Wir beschreiben diese Methoden und zeigen wie man daraus neue Techniken entwickeln kann, welche zu staerkeren Angriffen fuehren. Im zweiten Teil der Arbeit stellen wir eine Reihe von Angriffen auf eine Vielzahl von Blockchiffren dar. Wir haben dabei Angriffe auf reduzierte Versionen von ARIA und dem AES entwickelt. Darueber hinaus praesentieren wir im dritten Teil Angriffe auf interne Blockchiffren von Hashfunktionen. Wir entwickeln Angriffe, welche die inter- nen Blockchiffren von Tiger und HAS-160 auf volle Rundenanzahl brechen. Die hier vorgestellten Angriffe sind die ersten dieser Art. Ein Angriff auf eine reduzierte Ver- sion von SHACAL-2 welcher fast keinen Speicherbedarf hat, wird ebenfalls vorgestellt. Der vierte Teil der Arbeit befasst sich mit den Design und der Analyse von kryp- tographischen Hashfunktionen. Wir habe einen Slide Angriff, eine Technik welche aus der Analyse von Blockchiffren bekannt ist, im Kontext von Hashfunktionen zur Anwendung gebracht. Dabei praesentieren wir verschiedene Angriffe auf GRINDAHL und RADIOGATUN. Aufbauend auf den Angriffen des zweiten und dritten Teils dieser Arbeit stellen wir eine neue Hashfunktion vor, welche wir TWISTER nennen. TWISTER wurde fuer den SHA-3 Wettbewerb entwickelt und ist bereits zur ersten Runde angenommen.This thesis focuses on the cryptanalysis and the design of block ciphers and hash func- tions. The thesis starts with an overview of methods for cryptanalysis of block ciphers which are based on differential cryptanalysis. We explain these concepts and also sev- eral combinations of these attacks. We propose new attacks on reduced versions of ARIA and AES. Furthermore, we analyze the strength of the internal block ciphers of hash functions. We propose the first attacks that break the internal block ciphers of Tiger, HAS-160, and a reduced round version of SHACAL-2. The last part of the thesis is concerned with the analysis and the design of cryptographic hash functions. We adopt a block cipher attack called slide attack into the scenario of hash function cryptanalysis. We then use this new method to attack different variants of GRINDAHL and RADIOGATUN. Finally, we propose a new hash function called TWISTER which was designed and pro- posed for the SHA-3 competition. TWISTER was accepted for round one of this com- petition. Our approach follows a new strategy to design a cryptographic hash function. We also describe several attacks on TWISTER and discuss the security issues concern- ing these attack on TWISTER

Phase-Only Digital Encryption

Abstract—We study then-dimensional deconvolution prob-lem associated with an impulse response function and an(additive) noise function that are both characterised by thesame phase-only stochastic spectrum. In this case, it is shownthat the deconvolution problem becomes well-posed and has ageneral solution that is both exact and unique, subject to are-normalisation condition relating to the scale of the solution.While the phase-only spectral model considered is of limitedvalue in general (in particular, problems arising in the fieldsof digital signal processing and communications engineering,specifically with regard to the retrieval of information fromnoise), its application to digital cryptography has potential.One of the reasons for this (as discussed in this paper),is that it provides a method of encrypting data where thediffused plaintext can be effectively embedded in a (phase-only)cipher (subject to the floating point precision used for dataprocessing), thereby fully dissipating the statistical signatureof the plaintext in the distribution of the cipher. Further,a decrypt can be generated that is computationally efficientsubject to the usual cases of sender and receiver havingaccess to identical algorithm(s) and key(s), deconvolution beingequivalent to decryption in the context of the (phase-only)encryption model that is considered. For the two-dimensionalcase, this approach has a potential weakness in terms of a‘correlation attack’ using phase retrieval algorithms and asolution to this problem is provided by introducing a (stochastic)amplitude weighting function. Prototype MATLAB functionsare provided in the Appendices that accompany this paper togive readers the opportunity to repeat the computational resultspresented and extend them further. The functions constitute asymmetric algorithm for encrypting and decrypting full colourimages in which the key(s) have been exchangeda priori. In thiscontext, the final part of the paper considers the applicationof phase-only encryption for key exchange using a Three-way Pass Protocol for which a further prototype MATLABfunction is provided for validation and further development ofthe approach by interested readers

Analysis Design & Applications of Cryptographic Building Blocks

This thesis deals with the basic design and rigorous analysis of cryptographic schemes and primitives, especially of authenticated encryption schemes, hash functions, and password-hashing schemes. In the last decade, security issues such as the PS3 jailbreak demonstrate that common security notions are rather restrictive, and it seems that they do not model the real world adequately. As a result, in the first part of this work, we introduce a less restrictive security model that is closer to reality. In this model it turned out that existing (on-line) authenticated encryption schemes cannot longer beconsidered secure, i.e. they can guarantee neither data privacy nor data integrity. Therefore, we present two novel authenticated encryption scheme, namely COFFE and McOE, which are not only secure in the standard model but also reasonably secure in our generalized security model, i.e. both preserve full data inegrity. In addition, McOE preserves a resonable level of data privacy. The second part of this thesis starts with proposing the hash function Twister-Pi, a revised version of the accepted SHA-3 candidate Twister. We not only fixed all known security issues of Twister, but also increased the overall soundness of our hash-function design. Furthermore, we present some fundamental groundwork in the area of password-hashing schemes. This research was mainly inspired by the medial omnipresence of password-leakage incidences. We show that the password-hashing scheme scrypt is vulnerable against cache-timing attacks due to the existence of a password-dependent memory-access pattern. Finally, we introduce Catena the first password-hashing scheme that is both memory-consuming and resistant against cache-timing attacks

Pitfalls in Ultralightweight RFID Authentication Protocol

Radio frequency identification (RFID) is one of the most promising identification schemes in the field of pervasive systems. Non-line of sight capability makes RFID systems more protuberant than its contended systems. Since the RFID systems incorporate wireless medium, so there are some allied security threats and apprehensions from malicious adversaries. In order to make the system reliable and secure, numerous researchers have proposed ultralightweight mutual authentication protocols; which involve only simple bitwise logical operations (AND, XOR & OR etc.) to provide security. In this paper, we have analyzed the security vulnerabilities of state of the art ultralightweight RFID authentication protocol: RAPP. We have proposed three attacks (two DoS and one Desynchronization) in RAPP protocol and challenged its security claims.  Moreover, we have also highlighted some common pitfalls in ultralightweight authentication protocol designs. This will help as a sanity check, improve and longevity of ultralightweight authentication protocol designs