12 research outputs found

    A practical attack on the fixed RC4 in the wep mode

    Get PDF
    Abstract. In this paper we revisit a known but ignored weakness of the RC4 keystream generator, where secret state info leaks to the generated keystream, and show that this leakage, also known as Jenkins’ correlation or the RC4 glimpse, can be used to attack RC4 in several modes. Our main result is a practical key recovery attack on RC4 when an IV modifier is concatenated to the beginning of a secret root key to generate a session key. As opposed to the WEP attack from [FMS01] the new attack is applicable even in the case where the first 256 bytes of the keystream are thrown and its complexity grows only linearly with the length of the key. In an exemplifying parameter setting the attack recoversa16-bytekeyin2 48 steps using 2 17 short keystreams generated from different chosen IVs. A second attacked mode is when the IV succeeds the secret root key. We mount a key recovery attack that recovers the secret root key by analyzing a single word from 2 22 keystreams generated from different IVs, improving the attack from [FMS01] on this mode. A third result is an attack on RC4 that is applicable when the attacker can inject faults to the execution of RC4. The attacker derives the internal state and the secret key by analyzing 2 14 faulted keystreams generated from this key

    Tabu search against permutation based stream ciphers

    Get PDF
    Encryption is one of the most effective methods of securing data confidentiality, whether stored on hard drives or transferred (e.g. by e-mail or phone call). In this paper a new state recovery attack with tabu search is introduced. Based on research and theoretical approximation it is shown that the internal state can be recovered after checking 2^52 internal states for RC4 and 2^180 for VMPC

    Tabu search against permutation based stream ciphers

    Get PDF
    Encryption is one of the most effective methods of securing data confidentiality, whether stored on hard drives or transferred (e.g. by e-mail or phone call). In this paper a new state recovery attack with tabu search is introduced. Based on research and theoretical approximation it is shown that the internal state can be recovered after checking 252 internal states for RC4 and 2180 for VMPC

    Image Encryption using Gingerbreadman Map And RC4A Stream Cipher

    Get PDF
    Day to day increasing flow of sensitive or confidential information, such as images, audio, video, etc., over unsecured medium (like Internet) has motivated more concentration for concrete crypto algorithms. In this paper, an image encryption algorithm based on a permutation and substitution cipher has been proposed. In permutation stage, image pixels are shuffled using gingerbreadman map while in substitution stage, pixels are bit-wise XOR-ed with the keystream generated using RC4A (Rivest Cipher 4A) stream cipher algorithm. For the proposed scheme, statistical analyses, like histogram, adjacent pixels correlation coefficient, and information entropy are given. Security analyses, like key sensitivity, occlusion analysis are also given in this paper. The occlusion analysis shows that the proposed method is resistant to the occlusion attack. These statistical and security analyses support the concreteness of the proposed method

    Tabu Cryptanalysis of VMPC Stream Cipher

    Get PDF
    In the era of global informatization, transmitting and storing information in digital form it is very important to ensure an adequate level of security of ciphers used. Cryptanalysis deals with studying the level of security, thus exposing the weakness of theoretical and implemented cryptographic solutions. In this paper cryptanalysis of stream cipher VMPC using Tabu Search is shown. From estimates made on a full version of VMPC cipher we concluded that about 2157 possibilities needs to be checked in order to find the proper one, which would be the best attack known so far

    Design and Analysis of RC4-like Stream Ciphers

    Get PDF
    RC4 is one of the most widely used ciphers in practical software applications. In this thesis we examine security and design aspects of RC4. First we describe the functioning of RC4 and present previously published analyses. We then present a new cipher, Chameleon which uses a similar internal organization to RC4 but uses different methods. The remainder of the thesis uses ideas from both Chameleon and RC4 to develop design strategies for new ciphers. In particular, we develop a new cipher, RC4B, with the goal of greater security with an algorithm comparable in simplicity to RC4. We also present design strategies for ciphers and two new ciphers for 32-bit processors. Finally we present versions of Chameleon and RC4B that are implemented using playing-cards

    Design of Stream Ciphers and Cryptographic Properties of Nonlinear Functions

    Get PDF
    Block and stream ciphers are widely used to protect the privacy of digital information. A variety of attacks against block and stream ciphers exist; the most recent being the algebraic attacks. These attacks reduce the cipher to a simple algebraic system which can be solved by known algebraic techniques. These attacks have been very successful against a variety of stream ciphers and major efforts (for example eSTREAM project) are underway to design and analyze new stream ciphers. These attacks have also raised some concerns about the security of popular block ciphers. In this thesis, apart from designing new stream ciphers, we focus on analyzing popular nonlinear transformations (Boolean functions and S-boxes) used in block and stream ciphers for various cryptographic properties, in particular their resistance against algebraic attacks. The main contribution of this work is the design of two new stream ciphers and a thorough analysis of the algebraic immunity of Boolean functions and S-boxes based on power mappings. First we present WG, a family of new stream ciphers designed to obtain a keystream with guaranteed randomness properties. We show how to obtain a mathematical description of a WG stream cipher for the desired randomness properties and security level, and then how to translate this description into a practical hardware design. Next we describe the design of a new RC4-like stream cipher suitable for high speed software applications. The design is compared with original RC4 stream cipher for both security and speed. The second part of this thesis closely examines the algebraic immunity of Boolean functions and S-boxes based on power mappings. We derive meaningful upper bounds on the algebraic immunity of cryptographically significant Boolean power functions and show that for large input sizes these functions have very low algebraic immunity. To analyze the algebraic immunity of S-boxes based on power mappings, we focus on calculating the bi-affine and quadratic equations they satisfy. We present two very efficient algorithms for this purpose and give new S-box constructions that guarantee zero bi-affine and quadratic equations. We also examine these S-boxes for their resistance against linear and differential attacks and provide a list of S-boxes based on power mappings that offer high resistance against linear, differential, and algebraic attacks. Finally we investigate the algebraic structure of S-boxes used in AES and DES by deriving their equivalent algebraic descriptions

    Fast and Accurate Machine Learning-based Malware Detection via RC4 Ciphertext Analysis

    Get PDF
    Malware is dramatically increasing its viability while hiding its malicious intent and/or behavior by employing ciphers. So far, many efforts have been made to detect malware and prevent it from damaging users by monitoring network packets. However, conventional detection schemes analyzing network packets directly are hardly applicable to detect the advanced malware that encrypts the communication. Cryptoanalysis of each packet flowing over a network might be one feasible solution for the problem. However, the approach is computationally expensive and lacks accuracy, which is consequently not a practical solution. To tackle these problems, in this paper, we propose novel schemes that can accurately detect malware packets encrypted by RC4 without decryption in a timely manner. First, we discovered that a fixed encryption key generates unique statistical patterns on RC4 ciphertexts. Then, we detect malware packets of RC4 ciphertexts efficiently and accurately by utilizing the discovered statistical patterns of RC4 ciphertext given encryption key. Our proposed schemes directly analyze network packets without decrypting ciphertexts. Moreover, our analysis can be effectively executed with only a very small subset of the network packet. To the best of our knowledge, the unique signature has never been discussed in any previous research. Our intensive experimental results with both simulation data and actual malware show that our proposed schemes are extremely fast (23.06±1.52 milliseconds) and highly accurate (100%) on detecting a DarkComet malware with only a network packet of 36 bytes

    Algorytmy metaheurystyczne w kryptoanalizie szyfrów strumieniowych

    Get PDF
    Metaheuristic algorithms are general algorithms allowing to solve various types of computational problems, usually optimization ones. In the dissertation, new versions of selected metaheuristic algorithms were developed: Tabu Search and Ant Colony Optimization algorithms. They have been adapted to solve the problem of cryptanalysis of stream ciphers, which are an important element of data protection processed and stored in information systems. Attempts to hide information from unauthorized persons have a long history. As early as the 5th century BC there was a simple Atbash substitution cipher among the Hebrew scholars. Although a lot has changed since then, and the art of encrypting information has undergone a significant transformation, the issue of confidentiality of communication is still important. Encryption is used wherever protection of transmitted or stored data, especially in information systems, is of key importance. Encryption is used when talking on the phone or logging in via the Internet to a bank account. It is also of great importance in the military. Encryption is an issue with a long history, still important and topical. The proposed Tabu Search and Ant Colony Optimization algorithms adapted to cryptanalysis were tested using three stream ciphers: RC4, VMPC and RC4+. This enabled the development of an attack independent of the design of the cipher itself, assuming that the internal state of the cipher can be represented as a permutation of numbers from a given range. For all proposed metaheuristic algorithms, four types of fitness functions have been tested, three of which are original ones. The original fitness functions enabled achieving better results for all three analysed metaheuristic algorithms compared to a function known from the literature. Each of the proposed algorithms were tested in terms of the impact of parameters values on the results they achieved. Also the results achieved by all three metaheuristic algorithms were compared to one another. The results obtained during cryptanalysis of smaller and full versions of the analysed ciphers with the use of Tabu Search were compared with the results obtained by other metaheuristic algorithms, showing that Tabu Search leads to better results than other metaheuristics. The results obtained using the Tabu Search algorithm were also compared to attacks known from the literature on selected stream ciphers. The results of the experiments indicate that for the VMPC and RC4+ ciphers, the proposed cryptanalysis algorithm using Tabu Search may be better than the cryptanalysis algorithms known so far. The results achieved by other metaheuristic algorithms considered were not as good as for Tabu Search, although it cannot be ruled out that further enhancement of these algorithms could improve the results

    PRISEC: Comparison of Symmetric Key Algorithms for IoT Devices

    Get PDF
    With the growing number of heterogeneous resource-constrained devices connected to the Internet, it becomes increasingly challenging to secure the privacy and protection of data. Strong but efficient cryptography solutions must be employed to deal with this problem, along with methods to standardize secure communications between these devices. The PRISEC module of the UbiPri middleware has this goal. In this work, we present the performance of the AES (Advanced Encryption Standard), RC6 (Rivest Cipher 6), Twofish, SPECK128, LEA, and ChaCha20-Poly1305 algorithms in Internet of Things (IoT) devices, measuring their execution times, throughput, and power consumption, with the main goal of determining which symmetric key ciphers are best to be applied in PRISEC. We verify that ChaCha20-Poly1305 is a very good option for resource constrained devices, along with the lightweight block ciphers SPECK128 and LEA.info:eu-repo/semantics/publishedVersio
    corecore