Block Ciphers: Analysis, Design and Applications

In this thesis we study cryptanalysis, applications and design of secret key block ciphers. In particular, the important class of Feistel ciphers is studied, which has a number of rounds, where in each round one applies a cryptographically weak function

A hybrid modified lightweight algorithm for achieving data integrity and confidentiality

Encryption algorithms aim to make data secure enough to be decrypted by an attacker. This paper combines the Speck and the Salsa20 to make it difficult for an attacker to exploit any weaknesses in these two algorithms and create a new lightweight hybrid algorithm called Speck-Salsa20 algorithm for data integrity and confidentiality (SSDIC). SSDIC uses less energy and has an efficient throughput. It works well in both hardware and software and can handle a variety of explicit plaintext and key sizes. SSDIC solves the difficulties of the Speck algorithm. The sequence generated by Speck is not random and fails to meet an acceptable success rate when tested in statistical tests. It is processed by generating a random key using the Salsa20 algorithm. Salsa20 is a high-speed secure algorithm that is faster than advanced encryption standard (AES) and can be used on devices with low resources. It uses a 256-bit key hash function. The recovery of the right half of the original key of the Speck algorithm is also handled by modifying the Speck round function and the key schedule. Simulation results show, according to a National Institute of Standards and Technology (NIST) test, the performance achieved by the SSDIC is increased by nearly 66% more than that achieved from the Speck in terms of data integrity and confidentiality

A General Framework for the Related-key Linear Attack against Block Ciphers with Linear Key Schedules

We present a general framework for the related-key linear attack that can be applied to iterative block ciphers with linear key schedules. The attack utilizes a newly introduced related-key linear approximation that is obtained directly from a linear trail. The attack makes use of a known related-key data consisting of triplets of a plaintext, a ciphertext, and a key difference such that the ciphertext is the encrypted value of the plaintext under the key that is the xor of the key to be recovered and the specified key difference. If such a block cipher has a linear trail with linear correlation \epsilon, it admits attacks with related-key data of size \epsilon^{-2} just as in the case of classical Matsui\u27s Algorithms. But since the attack makes use of a related-key data, the attacker can use a linear trail with the squared correlation less than 2^{-n}, n being the block size, in case the key size is larger than n. Moreover, the standard key hypotheses seem to be appropriate even when the trail is not dominant as validated by experiments. The attack can be applied in two ways. First, using a linear trail with squared correlation smaller than 2^{-n}, one can get an effective attack covering more rounds than existing attacks against some ciphers, such as Simon48/96, Simon64/128 and Simon128/256. Secondly, using a trail with large squared correlation, one can use related-key data for key recovery even when the data is not suitable for existing linear attacks

The QARMAv2 Family of Tweakable Block Ciphers

We introduce the QARMAv2 family of tweakable block ciphers. It is a redesign of QARMA (from FSE 2017) to improve its security bounds and allow for longer tweaks, while keeping similar latency and area. The wider tweak input caters to both specific use cases and the design of modes of operation with higher security bounds. This is achieved through new key and tweak schedules, revised S-Box and linear layer choices, and a more comprehensive security analysis. QARMAv2 offers competitive latency and area in fully unrolled hardware implementations. Some of our results may be of independent interest. These include: new MILP models of certain classes of diffusion matrices; the comparative analysis of a full reflection cipher against an iterative half-cipher; our boomerang attack framework; and an improved approach to doubling the width of a block cipher

Key schedule based on a modified additive generator

A method of round key generation for iterated block ciphers based on a modified additive generator (MAG), and, in addition, on MAG and a linear congruent generator in a series circuit is proposed. The bijectivity of the generating transformation is demonstrated. Using the matrix-graph approach the number of iterations necessary for achieving enhanced cryptographic properties is experimentally evaluated. This number depends on the generator characteristics