Analysis and Design of Symmetric Cryptographic Algorithms

This doctoral thesis is dedicated to the analysis and the design of symmetric cryptographic algorithms. In the first part of the dissertation, we deal with fault-based attacks on cryptographic circuits which belong to the field of active implementation attacks and aim to retrieve secret keys stored on such chips. Our main focus lies on the cryptanalytic aspects of those attacks. In particular, we target block ciphers with a lightweight and (often) non-bijective key schedule where the derived subkeys are (almost) independent from each other. An attacker who is able to reconstruct one of the subkeys is thus not necessarily able to directly retrieve other subkeys or even the secret master key by simply reversing the key schedule. We introduce a framework based on differential fault analysis that allows to attack block ciphers with an arbitrary number of independent subkeys and which rely on a substitution-permutation network. These methods are then applied to the lightweight block ciphers LED and PRINCE and we show in both cases how to recover the secret master key requiring only a small number of fault injections. Moreover, we investigate approaches that utilize algebraic instead of differential techniques for the fault analysis and discuss advantages and drawbacks. At the end of the first part of the dissertation, we explore fault-based attacks on the block cipher Bel-T which also has a lightweight key schedule but is not based on a substitution-permutation network but instead on the so-called Lai-Massey scheme. The framework mentioned above is thus not usable against Bel-T. Nevertheless, we also present techniques for the case of Bel-T that enable full recovery of the secret key in a very efficient way using differential fault analysis. In the second part of the thesis, we focus on authenticated encryption schemes. While regular ciphers only protect privacy of processed data, authenticated encryption schemes also secure its authenticity and integrity. Many of these ciphers are additionally able to protect authenticity and integrity of so-called associated data. This type of data is transmitted unencrypted but nevertheless must be protected from being tampered with during transmission. Authenticated encryption is nowadays the standard technique to protect in-transit data. However, most of the currently deployed schemes have deficits and there are many leverage points for improvements. With NORX we introduce a novel authenticated encryption scheme supporting associated data. This algorithm was designed with high security, efficiency in both hardware and software, simplicity, and robustness against side-channel attacks in mind. Next to its specification, we present special features, security goals, implementation details, extensive performance measurements and discuss advantages over currently deployed standards. Finally, we describe our preliminary security analysis where we investigate differential and rotational properties of NORX. Noteworthy are in particular the newly developed techniques for differential cryptanalysis of NORX which exploit the power of SAT- and SMT-solvers and have the potential to be easily adaptable to other encryption schemes as well.Diese Doktorarbeit beschäftigt sich mit der Analyse und dem Entwurf von symmetrischen kryptographischen Algorithmen. Im ersten Teil der Dissertation befassen wir uns mit fehlerbasierten Angriffen auf kryptographische Schaltungen, welche dem Gebiet der aktiven Seitenkanalangriffe zugeordnet werden und auf die Rekonstruktion geheimer Schlüssel abzielen, die auf diesen Chips gespeichert sind. Unser Hauptaugenmerk liegt dabei auf den kryptoanalytischen Aspekten dieser Angriffe. Insbesondere beschäftigen wir uns dabei mit Blockchiffren, die leichtgewichtige und eine (oft) nicht-bijektive Schlüsselexpansion besitzen, bei denen die erzeugten Teilschlüssel voneinander (nahezu) unabhängig sind. Ein Angreifer, dem es gelingt einen Teilschlüssel zu rekonstruieren, ist dadurch nicht in der Lage direkt weitere Teilschlüssel oder sogar den Hauptschlüssel abzuleiten indem er einfach die Schlüsselexpansion umkehrt. Wir stellen Techniken basierend auf differenzieller Fehleranalyse vor, die es ermöglichen Blockchiffren zu analysieren, welche eine beliebige Anzahl unabhängiger Teilschlüssel einsetzen und auf Substitutions-Permutations Netzwerken basieren. Diese Methoden werden im Anschluss auf die leichtgewichtigen Blockchiffren LED und PRINCE angewandt und wir zeigen in beiden Fällen wie der komplette geheime Schlüssel mit einigen wenigen Fehlerinjektionen rekonstruiert werden kann. Darüber hinaus untersuchen wir Methoden, die algebraische statt differenzielle Techniken der Fehleranalyse einsetzen und diskutieren deren Vor- und Nachteile. Am Ende des ersten Teils der Dissertation befassen wir uns mit fehlerbasierten Angriffen auf die Blockchiffre Bel-T, welche ebenfalls eine leichtgewichtige Schlüsselexpansion besitzt jedoch nicht auf einem Substitutions-Permutations Netzwerk sondern auf dem sogenannten Lai-Massey Schema basiert. Die oben genannten Techniken können daher bei Bel-T nicht angewandt werden. Nichtsdestotrotz werden wir auch für den Fall von Bel-T Verfahren vorstellen, die in der Lage sind den vollständigen geheimen Schlüssel sehr effizient mit Hilfe von differenzieller Fehleranalyse zu rekonstruieren. Im zweiten Teil der Doktorarbeit beschäftigen wir uns mit authentifizierenden Verschlüsselungsverfahren. Während gewöhnliche Chiffren nur die Vertraulichkeit der verarbeiteten Daten sicherstellen, gewährleisten authentifizierende Verschlüsselungsverfahren auch deren Authentizität und Integrität. Viele dieser Chiffren sind darüber hinaus in der Lage auch die Authentizität und Integrität von sogenannten assoziierten Daten zu gewährleisten. Daten dieses Typs werden in nicht-verschlüsselter Form übertragen, müssen aber dennoch gegen unbefugte Veränderungen auf dem Transportweg geschützt sein. Authentifizierende Verschlüsselungsverfahren bilden heutzutage die Standardtechnologie um Daten während der Übertragung zu beschützen. Aktuell eingesetzte Verfahren weisen jedoch oftmals Defizite auf und es existieren vielfältige Ansatzpunkte für Verbesserungen. Mit NORX stellen wir ein neuartiges authentifizierendes Verschlüsselungsverfahren vor, welches assoziierte Daten unterstützt. Dieser Algorithmus wurde vor allem im Hinblick auf Einsatzgebiete mit hohen Sicherheitsanforderungen, Effizienz in Hardware und Software, Einfachheit, und Robustheit gegenüber Seitenkanalangriffen entwickelt. Neben der Spezifikation präsentieren wir besondere Eigenschaften, angestrebte Sicherheitsziele, Details zur Implementierung, umfassende Performanz-Messungen und diskutieren Vorteile gegenüber aktuellen Standards. Schließlich stellen wir Ergebnisse unserer vorläufigen Sicherheitsanalyse vor, bei der wir uns vor allem auf differenzielle Merkmale und Rotationseigenschaften von NORX konzentrieren. Erwähnenswert sind dabei vor allem die für die differenzielle Kryptoanalyse von NORX entwickelten Techniken, die auf die Effizienz von SAT- und SMT-Solvern zurückgreifen und das Potential besitzen relativ einfach auch auf andere Verschlüsselungsverfahren übertragen werden zu können

On MILP-Based Automatic Search for Differential Trails Through Modular Additions with Application to Bel-T

Using modular addition as a source of nonlinearity is frequently used in many symmetric-key structures such as ARX and Lai--Massey schemes. At FSE\u2716, Fu \etal proposed a Mixed Integer Linear Programming (MILP)-based method to handle the propagation of differential trails through modular additions assuming that the two inputs to the modular addition and the consecutive rounds are independent. However, this assumption does not necessarily hold. In this paper, we study the propagation of the XOR difference through the modular addition at the bit level and show the effect of the carry bit. Then, we propose a more accurate MILP model to describe the differential propagation through the modular addition taking into account the dependency between the consecutive modular additions. The proposed MILP model is utilized to launch a differential attack against Bel-T-256, which is a member of the Bel-T block cipher family that has been adopted recently as a national standard of the Republic of Belarus. In particular, we employ the concept of partial Differential Distribution Table to model the 8-bit S-Box of Bel-T using a MILP approach in order to automate finding a differential characteristic of the cipher. Then, we present a $4\frac{1}{7}$-round (out of 8) differential attack which utilizes a $3$-round differential characteristic that holds with probability $2^{-111}$. The data, time and memory complexities of the attack are $2^{114}$ chosen plaintexts, $2^{237.14}$ $4\frac{1}{7}$-round encryptions, and $2^{224}$ 128-bit blocks, respectively

Enhanced Hardware Security Using Charge-Based Emerging Device Technology

The emergence of hardware Trojans has largely reshaped the traditional view that the hardware layer can be blindly trusted. Hardware Trojans, which are often in the form of maliciously inserted circuitry, may impact the original design by data leakage or circuit malfunction. Hardware counterfeiting and IP piracy are another two serious issues costing the US economy more than $200 billion annually. A large amount of research and experimentation has been carried out on the design of these primitives based on the currently prevailing CMOS technology. However, the security provided by these primitives comes at the cost of large overheads mostly in terms of area and power consumption. The development of emerging technologies provides hardware security researchers with opportunities to utilize some of the otherwise unusable properties of emerging technologies in security applications. In this dissertation, we will include the security consideration in the overall performance measurements to fully compare the emerging devices with CMOS technology. The first approach is to leverage two emerging devices (Silicon NanoWire and Graphene SymFET) for hardware security applications. Experimental results indicate that emerging device based solutions can provide high level circuit protection with relatively lower performance overhead compared to conventional CMOS counterpart. The second topic is to construct an energy-efficient DPA-resilient block cipher with ultra low-power Tunnel FET. Current-mode logic is adopted as a circuit-level solution to countermeasure differential power analysis attack, which is mostly used in the cryptographic system. The third investigation targets on potential security vulnerability of foundry insider\u27s attack. Split manufacturing is adopted for the protection on radio-frequency (RF) circuit design

MILP-aided Cryptanalysis of Some Block Ciphers

Symmetric-key cryptographic primitives, such as block ciphers, play a pivotal role in achieving confidentiality, integrity, and authentication – which are the core services of information security. Since symmetric-key primitives do not rely on well-defined hard mathematical problems, unlike public-key primitives, there are no formal mathematical proofs for the security of symmetric-key primitives. Consequently, their security is guaranteed only by measuring their immunity against a set of predefined cryptanalysis techniques, e.g., differential, linear, impossible differential, and integral cryptanalysis. The attacks based on cryptanalysis techniques usually include searching in an exponential space of patterns, and for a long time, cryptanalysts have performed this task manually. As a result, it has been hard, time-consuming, and an error-prone task. Indeed, the need for automatic tools becomes more pressing. This thesis is dedicated to investigating the security of symmetric-key cryptographic primitives, precisely block ciphers. One of our main goals is to utilize Mixed Integer Linear Programming (MILP) to automate the evaluation and the validation of block cipher security against a wide range of cryptanalysis techniques. Our contributions can be summarized as follows. First, we investigate the security of two recently proposed block ciphers, CRAFT and SPARX-128/256 against two variants of differential cryptanalysis. We utilize the simple key schedule of CRAFT to construct several repeatable 2-round related-key differential characteristics with the maximum differential probability. Consequently, we are able to mount a practical key recovery attack on full-round CRAFT in the related-key setting. In addition, we use impossible differential cryptanalysis to assess SPARX-128/256 that is provable secure against single-trail differential and linear cryptanalysis. As a result, we can attack 24 rounds similar to the internal attack presented by the designers. However, our attack is better than the integral attack regarding the time and memory complexities. Next, we tackle the limitation of the current Mixed Integer Linear Programming (MILP) model to automate the search for differential distinguishers through modular additions. The current model assumes that the inputs to the modular addition and the consecutive rounds are independent. However, we show that this assumption does not necessarily hold and the current model might lead to invalid attacks. Accordingly, we propose a more accurate MILP model that takes into account the dependency between consecutive modular additions. As a proof of the validity and efficiency of our model, we use it to analyze the security of Bel-T cipher—the standard of the Republic of Belarus. Afterwards, we shift focus to another equally important cryptanalysis technique, i.e., integral cryptanalysis using the bit-based division property (BDP). We present MILP models to automate the search for the BDP through modular additions with a constant and modular subtractions. Consequently, we assess the security of Bel-T block cipher against the integral attacks. Next, we analyze the security of the tweakable block cipher T-TWINE. We present key recovery attacks on 27 and 28 rounds of T-TWINE-80 and T-TWINE-128, respectively. Finally, we address the limitation of the current MILP model for the propagation of the bit-based division property through large non-bit-permutation linear layers. The current models are either inaccurate, which might lead to missing some balanced bits, or inefficient in terms of the number of constraints. As a proof of the effectiveness of our approach, we improve the previous 3- and 4-round integral distinguishers of the Russian encryption standard—Kuznyechik, and the 4-round one of PHOTON’s internal permutation (P288). We also report a 4-round integral distinguisher for the Ukrainian standard Kalyna and a 5-round integral distinguisher for PHOTON’s internal permutation (P288)

Differential cryptanalysis of new Qamal encryption algorithm

Currently, the Republic of Kazakhstan is developing a new standard for symmetric data encryption. One of the candidates for the role of the standard is the Qamal encryption algorithm developed by the Institute of Information and Computer Technologies (Almaty, Republic of Kazakhstan). The article describes the algorithm. Differential properties of the main operations that make up the Qamal cypher are considered in the questions of stability. We have shown that for a version with a 128-bit data block and the same secret key size for three rounds of encryption it is difficult to find the right pairs of texts with a probability of 2–120, which makes differential cryptanalysis not applicable to the Qamal cyphe

On Some Symmetric Lightweight Cryptographic Designs

This dissertation presents cryptanalysis of several symmetric lightweight primitives, both stream ciphers and block ciphers. Further, some aspects of authentication in combination with a keystream generator is investigated, and a new member of the Grain family of stream ciphers, Grain-128a, with built-in support for authentication is presented. The first contribution is an investigation of how authentication can be provided at a low additional cost, assuming a synchronous stream cipher is already implemented and used for encryption. These findings are then used when presenting the latest addition to the Grain family of stream ciphers, Grain-128a. It uses a 128-bit key and a 96-bit initialization vector to generate keystream, and to possibly also authenticate the plaintext. Next, the stream cipher BEAN, superficially similar to Grain, but notably using a weak output function and two feedback with carry shift registers (FCSRs) rather than linear and (non-FCSR) nonlinear feedback shift registers, is cryptanalyzed. An efficient distinguisher and a state-recovery attack is given. It is shown how knowledge of the state can be used to recover the key in a straightforward way. The remainder of this dissertation then focuses on block ciphers. First, a related-key attack on KTANTAN is presented. The attack notably uses only a few related keys, runs in less than half a minute on a current computer, and directly contradicts the designers' claims. It is discussed why this is, and what can be learned from this. Next, PRINTcipher is subjected to linear cryptanalysis. Several weak key classes are identified and it is shown how several observations of the same statistical property can be made for each plaintext--ciphertext pair. Finally, the invariant subspace property, first observed for certain key classes in PRINTcipher, is investigated. In particular, its connection to large linear biases is studied through an eigenvector which arises inside the cipher and leads to trail clustering in the linear hull which, under reasonable assumptions, causes a significant number of large linear biases. Simulations on several versions of PRINTcipher are compared to the theoretical findings

Cryptanalysis of GlobalPlatform Secure Channel Protocols

GlobalPlatform (GP) card specifications are the de facto standards for the industry of smart cards. Being highly sensitive, GP specifications were defined regarding stringent security requirements. In this paper, we analyze the cryptographic core of these requirements; i.e. the family of Secure Channel Protocols (SCP). Our main results are twofold. First, we demonstrate a theoretical attack against SCP02, which is the most popular protocol in the SCP family. We discuss the scope of our attack by presenting an actual scenario in which a malicious entity can exploit it in order to recover encrypted messages. Second, we investigate the security of SCP03 that was introduced as an amendment in 2009. We find that it provably satisfies strong notions of security. Of particular interest, we prove that SCP03 withstands algorithm substitution attacks (ASAs) defined by Bellare et al. that may lead to secret mass surveillance. Our findings highlight the great value of the paradigm of provable security for standards and certification, since unlike extensive evaluation, it formally guarantees the absence of security flaws

Algorithmes quantiques pour la cryptanalyse et cryptographie symétrique post-quantique

Modern cryptography relies on the notion of computational security. The level of security given by a cryptosystem is expressed as an amount of computational resources required to break it. The goal of cryptanalysis is to find attacks, that is, algorithms with lower complexities than the conjectural bounds.With the advent of quantum computing devices, these levels of security have to be updated to take a whole new notion of algorithms into account. At the same time, cryptography is becoming widely used in small devices (smart cards, sensors), with new cost constraints.In this thesis, we study the security of secret-key cryptosystems against quantum adversaries.We first build new quantum algorithms for k-list (k-XOR or k-SUM) problems, by composing exhaustive search procedures. Next, we present dedicated cryptanalysis results, starting with a new quantum cryptanalysis tool, the offline Simon's algorithm. We describe new attacks against the lightweight algorithms Spook and Gimli and we perform the first quantum security analysis of the standard cipher AES.Finally, we specify Saturnin, a family of lightweight cryptosystems oriented towards post-quantum security. Thanks to a very similar structure, its security relies largely on the analysis of AES.La cryptographie moderne est fondée sur la notion de sécurité computationnelle. Les niveaux de sécurité attendus des cryptosystèmes sont exprimés en nombre d'opérations ; une attaque est un algorithme d'une complexité inférieure à la borne attendue. Mais ces niveaux de sécurité doivent aujourd'hui prendre en compte une nouvelle notion d'algorithme : le paradigme du calcul quantique. Dans le même temps,la délégation grandissante du chiffrement à des puces RFID, objets connectés ou matériels embarqués pose de nouvelles contraintes de coût.Dans cette thèse, nous étudions la sécurité des cryptosystèmes à clé secrète face à un adversaire quantique.Nous introduisons tout d'abord de nouveaux algorithmes quantiques pour les problèmes génériques de k-listes (k-XOR ou k-SUM), construits en composant des procédures de recherche exhaustive.Nous présentons ensuite des résultats de cryptanalyse dédiée, en commençant par un nouvel outil de cryptanalyse quantique, l'algorithme de Simon hors-ligne. Nous décrivons de nouvelles attaques contre les algorithmes Spook et Gimli et nous effectuons la première étude de sécurité quantique du chiffrement AES. Dans un troisième temps, nous spécifions Saturnin, une famille de cryptosystèmes à bas coût orientés vers la sécurité post-quantique. La structure de Saturnin est proche de celle de l'AES et sa sécurité en tire largement parti

Secure CAN logging and data analysis

2020 Fall.Includes bibliographical references.Controller Area Network (CAN) communications are an essential element of modern vehicles, particularly heavy trucks. However, CAN protocols are vulnerable from a cybersecurity perspective in that they have no mechanism for authentication or authorization. Attacks on vehicle CAN systems present a risk to driver privacy and possibly driver safety. Therefore, developing new tools and techniques to detect cybersecurity threats within CAN networks is a critical research topic. A key component of this research is compiling a large database of representative CAN data from operational vehicles on the road. This database will be used to develop methods for detecting intrusions or other potential threats. In this paper, an open-source CAN logger was developed that used hardware and software following the industry security standards to securely log and transmit heavy vehicle CAN data. A hardware prototype demonstrated the ability to encrypt data at over 6 Megabits per second (Mbps) and successfully log all data at 100% bus load on a 1 Mbps baud CAN network in a laboratory setting. An AES-128 Cipher Block Chaining (CBC) encryption mode was chosen. A Hardware Security Module (HSM) was used to generate and securely store asymmetric key pairs for cryptographic communication with a third-party cloud database. It also implemented Elliptic-Curve Cryptography (ECC) algorithms to perform key exchange and sign the data for integrity verification. This solution ensures secure data collection and transmission because only encrypted data is ever stored or transmitted, and communication with the third-party cloud server uses shared, asymmetric secret keys as well as Transport Layer Security (TLS)