New results on the genetic cryptanalysis of TEA and reduced-round versions of XTEA

Congress on Evolutionary Computation. Portland, USA, 19-23 June 2004Recently, a simple way of creating very efficient distinguishers for cryptographic primitives such as block ciphers or hash functions, was presented by the authors. Here, this cryptanalysis attack is shown to be successful when applied over reduced round versions of the block cipher XTEA. Additionally, a variant of this genetic attack is introduced and its results over TEA shown to be the most powerful published to date

Finding Efficient Distinguishers for Cryptographic Mappings, with an Application to the Block Cipher TEA

A simple way of creating new and very efficient distinguishers for cryptographic primitives, such as block ciphers or hash functions, is introduced. This technique is then successfully applied over reduced round versions of the block cipher TEA, which is proven to be weak with less than five cycles.This researchwas supported by project TIC2002-04498- C05-4 of the Spanish Ministerio de Ciencia y Tecnologia.Publicad

An evolutionary computation attack on one-round TEA

AbstractIn this work, one-round Tiny Encryption Algorithm (TEA) is attacked with an Evolutionary Computation method inspired by a combination of Genetic Algorithm (GA) and Harmony Search (HS). The system presented evaluates and evolves a population of candidate keys and compares paintext-ciphertext pairs of the known key against said population. We verify that randomly generated keys are the hardest to derive. Keys composed of words containing all on-bits are more difficult to break than keys composed of words containing all off-bits. Keys which have repeated words are easiest to derive. Finally, the present EC strategy is capable of deriving degenerate keys; this is most evident when keys are front loaded so that the first byte of each word has the highest density of on-bits

Reversible Multiple Image Secret Sharing Using Discrete Haar Wavelet Transform

Multiple Secret Image Sharing scheme is a protected approach to transmit more than one secret image over a communication channel. Conventionally, only single secret image is shared over a channel at a time. But as technology grew up, there is a need to share more than one secret image. A fast (r, n) multiple secret image sharing scheme based on discrete haar wavelet transform has been proposed to encrypt m secret images into n noisy images that are stored over different servers. To recover m secret images r noise images are required. Haar Discrete Wavelet Transform (DWT) is employed as reduction process of each secret image to its quarter size (i.e., LL subband). The LL subbands for all secrets have been combined in one secret that will be split later into r subblocks randomly using proposed high pseudo random generator. Finally, a developed (r, n) threshold multiple image secret sharing based one linear system has been used to generate unrelated shares. The experimental results showed that the generated shares are more secure and unrelated. The size reductions of generated shares were 1:4r of the size of each of original image. Also, the randomness test shows a good degree of randomness and security

State of the Art in Lightweight Symmetric Cryptography

Lightweight cryptography has been one of the ``hot topics'' in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products. In this paper, we discuss the different implementation constraints that a ``lightweight'' algorithm is usually designed to satisfy. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (\nist{}...) and international (\textsc{iso/iec}...) standards are listed. We then discuss some trends we identified in the design of lightweight algorithms, namely the designers' preference for \arx{}-based and bitsliced-S-Box-based designs and simple key schedules. Finally, we argue that lightweight cryptography is too large a field and that it should be split into two related but distinct areas: \emph{ultra-lightweight} and \emph{IoT} cryptography. The former deals only with the smallest of devices for which a lower security level may be justified by the very harsh design constraints. The latter corresponds to low-power embedded processors for which the \aes{} and modern hash function are costly but which have to provide a high level security due to their greater connectivity

Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms

In this thesis, I present the research I did with my co-authors on several aspects of symmetric cryptography from May 2013 to December 2016, that is, when I was a PhD student at the university of Luxembourg under the supervision of Alex Biryukov. My research has spanned three different areas of symmetric cryptography. In Part I of this thesis, I present my work on lightweight cryptography. This field of study investigates the cryptographic algorithms that are suitable for very constrained devices with little computing power such as RFID tags and small embedded processors such as those used in sensor networks. Many such algorithms have been proposed recently, as evidenced by the survey I co-authored on this topic. I present this survey along with attacks against three of those algorithms, namely GLUON, PRINCE and TWINE. I also introduce a new lightweight block cipher called SPARX which was designed using a new method to justify its security: the Long Trail Strategy. Part II is devoted to S-Box reverse-engineering, a field of study investigating the methods recovering the hidden structure or the design criteria used to build an S-Box. I co-invented several such methods: a statistical analysis of the differential and linear properties which was applied successfully to the S-Box of the NSA block cipher Skipjack, a structural attack against Feistel networks called the yoyo game and the TU-decomposition. This last technique allowed us to decompose the S-Box of the last Russian standard block cipher and hash function as well as the only known solution to the APN problem, a long-standing open question in mathematics. Finally, Part III presents a unifying view of several fields of symmetric cryptography by interpreting them as purposefully hard. Indeed, several cryptographic algorithms are designed so as to maximize the code size, RAM consumption or time taken by their implementations. By providing a unique framework describing all such design goals, we could design modes of operations for building any symmetric primitive with any form of hardness by combining secure cryptographic building blocks with simple functions with the desired form of hardness called plugs. Alex Biryukov and I also showed that it is possible to build plugs with an asymmetric hardness whereby the knowledge of a secret key allows the privileged user to bypass the hardness of the primitive

Security in Distributed, Grid, Mobile, and Pervasive Computing

This book addresses the increasing demand to guarantee privacy, integrity, and availability of resources in networks and distributed systems. It first reviews security issues and challenges in content distribution networks, describes key agreement protocols based on the Diffie-Hellman key exchange and key management protocols for complex distributed systems like the Internet, and discusses securing design patterns for distributed systems. The next section focuses on security in mobile computing and wireless networks. After a section on grid computing security, the book presents an overview of security solutions for pervasive healthcare systems and surveys wireless sensor network security

Memory as Concept and Design in Digital Recording Devices

This thesis focuses on scientists and technologies brought together around the desire to improve fallible human memory. Based on extended ethnographic fieldwork, it considers interdisciplinary collaborations among experts who design recording and archiving technologies that seek to maintain, extend, and commemorate life. How are everyday experiences translated as information, and for what purpose? How are our habits of drinking tea, talking on the phone, driving to work, and reminiscing with old photographs, turned into something that can be stored, analyzed and acted upon? How might information be used in real time to supplement the living in a recursive feedback loop? By addressing these questions, I reveal how these memory banks are inherently tied to logics of capital, of stock and storage, and to logics of the technological where, when it comes to memory, more is more. The first sections that make up this dissertation shift in scale from the micro to the macro: from historical national endeavors that turned ordinary citizens into a sensors and collectors of the mundane, to contemporary computational projects designed to store, organize and retrieve vast amounts of information. The second half of this dissertation focuses on two extreme cases of lifelogging that make use of prototypical recording technologies: Gordon Bell, who is on a quest to record his life for the sake of increased objectivity, productivity, and digital posterity, and Mrs. B, a woman who suffers from amnesia and records her life in the hopes of leading a normal life in which she can share the past with loved ones. Through these case studies, I show how new recording technologies are both a symptom of, and a cure for, anxieties about time. By focusing on the design of new objects and by addressing contemporary debates on the intentions that govern the making of recording machines, I examine how technologies take shape, and how they inform understandings of memory and the self as well as notions of human disability and enhancement. In short, I show that the past, as well as the present and the future, are always discursively, practically, and technologically informed

Social work with airports passengers

Social work at the airport is in to offer to passengers social services. The main methodological position is that people are under stress, which characterized by a particular set of characteristics in appearance and behavior. In such circumstances passenger attracts in his actions some attention. Only person whom he trusts can help him with the documents or psychologically

Genetic cryptoanalysis of two rounds TEA

Proceeding of: International Conference on Computer Science: ICCS 2002. Amsterdam, The Netherlands, April 21–24, 2002Distinguishing the output of a cryptographic primitive such as a block cipher or a hash function from the output of a random mapping seriously affects the credibility of the primitive security, and defeats it for many cryptographic applications. However, this is usually a quite difficult task. In a previous work [1], a new cryptoanalytic technique was presented and proved useful in distinguishing a block cipher from a random permutation in a completely automatic way. This technique is based in the selection of the worst input patterns for the block cipher with the aid of genetic algorithms. The objective is to find which input patters generate a significant deviation of the observed output from the output we would expect from a random permutation. In [1], this technique was applied to the case of the block cipher TEA with 1 round. The much harder problem of breaking TEA with 2 rounds is successfully solved in this paper, where an efficient distinguisher is also presented