Improved Attacks on Reduced-Round Camellia-128/192/256

International audienc

GÖRÜNTÜ DOSYALARININ ŞİFRELENEREK GÜVENLİ ŞEKİLDE SAKLANMASI

With the increase in internet usage and technological developments, people take hundreds of photos every day. Photos increasing day by day take up a lot of space in the phone memory. Storing these photos in flash memory, computers and phones is not very reliable due to situations such as loss and corruption. This situation has created the need for new storage areas other than the phone. Cloud storage systems are used as an alternative at this point. Cloud storage areas contain security measures against system access and attacks, but they do not directly work on the images uploaded to the system. Cloud accounts are sometimes hijacked by malicious people and photos of people can be stolen. In order to prevent this situation, a system that uses encryption algorithms on the image before storage has been proposed. Various symmetric encryption algorithms under CodeIgniter (PHP Framework) have been compared in the system and the application results are presented. Instead of using their own extensions of the image files to be encrypted, it is ensured that the images are stored with a different file extension in the Amazon Web Service environment or local environment after they are encrypted. When malicious people who want to capture images encounter a file with a different extension, they will not be able to directly determine that it is an image file. With thesystem proposed in this study, it is aimed to provide a safer storage opportunity regardless of the environment in which the images are stored

Programming the Demirci-Selçuk Meet-in-the-Middle Attack with Constraints

International audienceCryptanalysis with SAT/SMT, MILP and CP has increased in popularity among symmetric-key cryptanalysts and designers due to its high degree of automation. So far, this approach covers differential, linear, impossible differential, zero-correlation, and integral cryptanaly-sis. However, the Demirci-Selçuk meet-in-the-middle (DS-MITM) attack is one of the most sophisticated techniques that has not been automated with this approach. By an in-depth study of Derbez and Fouque's work on DS-MITM analysis with dedicated search algorithms, we identify the crux of the problem and present a method for automatic DS-MITM attack based on general constraint programming, which allows the crypt-analysts to state the problem at a high level without having to say how it should be solved. Our method is not only able to enumerate distin-guishers but can also partly automate the key-recovery process. This approach makes the DS-MITM cryptanalysis more straightforward and easier to follow, since the resolution of the problem is delegated to off-the-shelf constraint solvers and therefore decoupled from its formulation. We apply the method to SKINNY, TWINE, and LBlock, and we get the currently known best DS-MITM attacks on these ciphers. Moreover, to demonstrate the usefulness of our tool for the block cipher designers, we exhaustively evaluate the security of 8! = 40320 versions of LBlock instantiated with different words permutations in the F functions. It turns out that the permutation used in the original LBlock is one of the 64 permutations showing the strongest resistance against the DS-MITM attack. The whole process is accomplished on a PC in less than 2 hours. The same process is applied to TWINE, and similar results are obtained

Meet-in-the-Middle Attacks on Classes of Contracting and Expanding Feistel Constructions

We show generic attacks on unbalanced Feistel ciphers based on the meet-in-the-middle technique. We analyze two general classes of unbalanced Feistel structures, namely contracting Feistels and expanding Feistels. In both of the cases, we consider the practical scenario where the round functions are keyless and known to the adversary. In the case of contracting Feistels with 4 branches, we show attacks on 16 rounds when the key length k (in bits) is as large as the block length n (in bits), and up to 24 rounds when k = 2n. In the case of expanding Feistels, we consider two scenarios: one, where different nonlinear functions without particular structures are used in the round function, and a more practical one, where a single nonlinear is used but different linear functions are introduced in the state update. In the former case, we propose generic attacks on 13 rounds when k = n, and up to 21 rounds when k = 2n. In the latter case, 16 rounds can be attacked for k = n, and 24 rounds for k = 2n