Fast Algebraic Attacks and Decomposition of Symmetric Boolean Functions

Algebraic and fast algebraic attacks are power tools to analyze stream ciphers. A class of symmetric Boolean functions with maximum algebraic immunity were found vulnerable to fast algebraic attacks at EUROCRYPT'06. Recently, the notion of AAR (algebraic attack resistant) functions was introduced as a unified measure of protection against both classical algebraic and fast algebraic attacks. In this correspondence, we first give a decomposition of symmetric Boolean functions, then we show that almost all symmetric Boolean functions, including these functions with good algebraic immunity, behave badly against fast algebraic attacks, and we also prove that no symmetric Boolean functions are AAR functions. Besides, we improve the relations between algebraic degree and algebraic immunity of symmetric Boolean functions.Comment: 13 pages, submitted to IEEE Transactions on Information Theor

On improving security of GPT cryptosystems

The public key cryptosystem based on rank error correcting codes (the GPT cryptosystem) was proposed in 1991. Use of rank codes in cryptographic applications is advantageous since it is practically impossible to utilize combinatoric decoding. This enabled using public keys of a smaller size. Several attacks against this system were published, including Gibson's attacks and more recently Overbeck's attacks. A few modifications were proposed withstanding Gibson's attack but at least one of them was broken by the stronger attacks by Overbeck. A tool to prevent Overbeck's attack is presented in [12]. In this paper, we apply this approach to other variants of the GPT cryptosystem.Comment: 5 pages. submitted ISIT 2009.Processed on IEEE ISIT201

Algebraic analysis of Trivium-like ciphers

Trivium is a bit-based stream cipher in the final portfolio of the eSTREAM project. In this paper, we apply the approach of Berbain et al. to Trivium-like ciphers and perform new algebraic analyses on them, namely Trivium and its reduced versions: Trivium-N, Bivium-A and Bivium-B. In doing so, we answer an open question in the literature. We demonstrate a new algebraic attack on Bivium-A. This attack requires less time and memory than previous techniques which use the F4 algorithm to recover Bivium-A's initial state. Though our attacks on Bivium-B, Trivium and Trivium-N are worse than exhaustive keysearch, the systems of equations which are constructed are smaller and less complex compared to previous algebraic analysis. Factors which can affect the complexity of our attack on Trivium-like ciphers are discussed in detail

A network approach for power grid robustness against cascading failures

Cascading failures are one of the main reasons for blackouts in electrical power grids. Stable power supply requires a robust design of the power grid topology. Currently, the impact of the grid structure on the grid robustness is mainly assessed by purely topological metrics, that fail to capture the fundamental properties of the electrical power grids such as power flow allocation according to Kirchhoff's laws. This paper deploys the effective graph resistance as a metric to relate the topology of a grid to its robustness against cascading failures. Specifically, the effective graph resistance is deployed as a metric for network expansions (by means of transmission line additions) of an existing power grid. Four strategies based on network properties are investigated to optimize the effective graph resistance, accordingly to improve the robustness, of a given power grid at a low computational complexity. Experimental results suggest the existence of Braess's paradox in power grids: bringing an additional line into the system occasionally results in decrease of the grid robustness. This paper further investigates the impact of the topology on the Braess's paradox, and identifies specific sub-structures whose existence results in Braess's paradox. Careful assessment of the design and expansion choices of grid topologies incorporating the insights provided by this paper optimizes the robustness of a power grid, while avoiding the Braess's paradox in the system.Comment: 7 pages, 13 figures conferenc

Assessing security of some group based cryptosystems

One of the possible generalizations of the discrete logarithm problem to arbitrary groups is the so-called conjugacy search problem (sometimes erroneously called just the conjugacy problem): given two elements a, b of a group G and the information that a^x=b for some x \in G, find at least one particular element x like that. Here a^x stands for xax^{-1}. The computational difficulty of this problem in some particular groups has been used in several group based cryptosystems. Recently, a few preprints have been in circulation that suggested various "neighbourhood search" type heuristic attacks on the conjugacy search problem. The goal of the present survey is to stress a (probably well known) fact that these heuristic attacks alone are not a threat to the security of a cryptosystem, and, more importantly, to suggest a more credible approach to assessing security of group based cryptosystems. Such an approach should be necessarily based on the concept of the average case complexity (or expected running time) of an algorithm. These arguments support the following conclusion: although it is generally feasible to base the security of a cryptosystem on the difficulty of the conjugacy search problem, the group G itself (the "platform") has to be chosen very carefully. In particular, experimental as well as theoretical evidence collected so far makes it appear likely that braid groups are not a good choice for the platform. We also reflect on possible replacements.Comment: 10 page