Primitive Specification for SOBER-128

SOBER-128 joins the SOBER family of stream ciphers, with the added functionality of incorporating a Message Authentication Code generator if required. SOBER-128 draws on the research into the previous SOBER ciphers: the design does not differ significantly from its predecessor SOBER-t32. The biggest change is the replacement of the stuttering with a strengthened non-linear function. SOBER-128 is faster and more secure than SOBER-t32

Comparative Analysis of Structures And Attacks on Various Stream Ciphers

ABSTRCAT INTRODUCTION Does increased security provide comfort to paranoid people? Or does security provide some very basic protections that we are naive to believe that we don't need? Today when tens of millions of people rely on Internet for essential communication and trade & commerce between them, a secure system becomes a very important issue to deal with. Cryptography under such circumstances forms an essential aspect for secure communications. Cryptography deals with four major goals viz Confidentiality, Data integrity, Authentication and Nonrepudiation and thus is widely used to secure telephonic messages, e-mails, credit card information, and corporate data[1] but with all these applications under its sleeve, one must keep in mind that cryptography on its own does not suffice all the requirements of security. Cryptography systems can be broadly classified into symmetric-key systems (AES,RC4,DES) that use a single key that both the sender and recipient have, and public-key or asymmetric systems (ElGamal, McEliece, RSA) that use two keys, a public key known to everyone and a private key that only the recipient of messages uses t = O(S t , K c C ) t = E(P t , Z t S ) t+1 = U (P, S t , K c Where the encryption function E is such that it is easy to construct a decryption function D, the decryption process can be described as follows: ), Z t = O(S t ,K c P ) t = D(C t , Z t S ) t+1 = U(P t , S t As stated in , Kc) . Stream ciphers are generally much faster than block ciphers No or limited error propagation Low hardware complexity The keystream can be sometimes generated prior to encryption/decryption.(in the synchronous case) Further on, Stream ciphers can be classified based on internal state as being either synchronous or self synchronizing. If the change in state occurs independent of the plaintext or cipher text messages the cipher is categorized as a synchronous stream cipher. In contrast, self-synchronizing stream ciphers update their state based on previous cipher text digits. In case of synchronous ciphers, the keystream generated is dependent only on the key and the position i while as in case of selfsynchronous the keystream depends only on the key and a fixed amount of previous ciphertext. Synchronous ciphers are described as having no error propagation while error propagation is limited in self-synchronous With synchronous ciphers, synchronization is achieved with 'marker positions' in the transmission, in contrast self-synchronizing ciphers have the facility to resume correct decryption if the keystream falls out of synchronization. Though desirable properties are found in both the variations, various implications are found in both of these. During decryption, the synchronous cipher limits the opportunity of detecting an error and a more serious limitation is that the attacker is able to make controlled changes to parts of ciphertext knowing very well the effect being induced on the corresponding plaintext. Rueppe

Some Results on Distinguishing Attacks on Stream Ciphers

Stream ciphers are cryptographic primitives that are used to ensure the privacy of a message that is sent over a digital communication channel. In this thesis we will present new cryptanalytic results for several stream ciphers. The thesis provides a general introduction to cryptology, explains the basic concepts, gives an overview of various cryptographic primitives and discusses a number of different attack models. The first new attack given is a linear correlation attack in the form of a distinguishing attack. In this attack a specific class of weak feedback polynomials for LFSRs is identified. If the feedback polynomial is of a particular form the attack will be efficient. Two new distinguishing attacks are given on classical stream cipher constructions, namely the filter generator and the irregularly clocked filter generator. It is also demonstrated how these attacks can be applied to modern constructions. A key recovery attack is described for LILI-128 and a distinguishing attack for LILI-II is given. The European network of excellence, called eSTREAM, is an effort to find new efficient and secure stream ciphers. We analyze a number of the eSTREAM candidates. Firstly, distinguishing attacks are described for the candidate Dragon and a family of candidates called Pomaranch. Secondly, we describe resynchronization attacks on eSTREAM candidates. A general square root resynchronization attack which can be used to recover parts of a message is given. The attack is demonstrated on the candidates LEX and Pomaranch. A chosen IV distinguishing attack is then presented which can be used to evaluate the initialization procedure of stream ciphers. The technique is demonstrated on four candidates: Grain, Trivium, Decim and LEX

On the Design and Analysis of Stream Ciphers

This thesis presents new cryptanalysis results for several different stream cipher constructions. In addition, it also presents two new stream ciphers, both based on the same design principle. The first attack is a general attack targeting a nonlinear combiner. A new class of weak feedback polynomials for linear feedback shift registers is identified. By taking samples corresponding to the linear recurrence relation, it is shown that if the feedback polynomial has taps close together an adversary to take advantage of this by considering the samples in a vector form. Next, the self-shrinking generator and the bit-search generator are analyzed. Both designs are based on irregular decimation. For the self-shrinking generator, it is shown how to recover the internal state knowing only a few keystream bits. The complexity of the attack is similar to the previously best known but uses a negligible amount of memory. An attack requiring a large keystream segment is also presented. It is shown to be asymptotically better than all previously known attacks. For the bit-search generator, an algorithm that recovers the internal state is given as well as a distinguishing attack that can be very efficient if the feedback polynomial is not carefully chosen. Following this, two recently proposed stream cipher designs, Pomaranch and Achterbahn, are analyzed. Both stream ciphers are designed with small hardware complexity in mind. For Pomaranch Version 2, based on an improvement of previous analysis of the design idea, a key recovery attack is given. Also, for all three versions of Pomaranch, a distinguishing attack is given. For Achterbahn, it is shown how to recover the key of the latest version, known as Achterbahn-128/80. The last part of the thesis introduces two new stream cipher designs, namely Grain and Grain-128. The ciphers are designed to be very small in hardware. They also have the distinguishing feature of allowing users to increase the speed of the ciphers by adding extra hardware

Some Words on Cryptanalysis of Stream Ciphers

In the world of cryptography, stream ciphers are known as primitives used to ensure privacy over a communication channel. One common way to build a stream cipher is to use a keystream generator to produce a pseudo-random sequence of symbols. In such algorithms, the ciphertext is the sum of the keystream and the plaintext, resembling the one-time pad principal. Although the idea behind stream ciphers is simple, serious investigation of these primitives has started only in the late 20th century. Therefore, cryptanalysis and design of stream ciphers are important. In recent years, many designs of stream ciphers have been proposed in an effort to find a proper candidate to be chosen as a world standard for data encryption. That potential candidate should be proven good by time and by the results of cryptanalysis. Different methods of analysis, in fact, explain how a stream cipher should be constructed. Thus, techniques for cryptanalysis are also important. This thesis starts with an overview of cryptography in general, and introduces the reader to modern cryptography. Later, we focus on basic principles of design and analysis of stream ciphers. Since statistical methods are the most important cryptanalysis techniques, they will be described in detail. The practice of statistical methods reveals several bottlenecks when implementing various analysis algorithms. For example, a common property of a cipher to produce n-bit words instead of just bits makes it more natural to perform a multidimensional analysis of such a design. However, in practice, one often has to truncate the words simply because the tools needed for analysis are missing. We propose a set of algorithms and data structures for multidimensional cryptanalysis when distributions over a large probability space have to be constructed. This thesis also includes results of cryptanalysis for various cryptographic primitives, such as A5/1, Grain, SNOW 2.0, Scream, Dragon, VMPC, RC4, and RC4A. Most of these results were achieved with the help of intensive use of the proposed tools for cryptanalysis

Stream ciphers for secure display

In any situation where private, proprietary or highly confidential material is being dealt with, the need to consider aspects of data security has grown ever more important. It is usual to secure such data from its source, over networks and on to the intended recipient. However, data security considerations typically stop at the recipient's processor, leaving connections to a display transmitting raw data which is increasingly in a digital format and of value to an adversary. With a progression to wireless display technologies the prominence of this vulnerability is set to rise, making the implementation of 'secure display' increasingly desirable. Secure display takes aspects of data security right to the display panel itself, potentially minimising the cost, component count and thickness of the final product. Recent developments in display technologies should help make this integration possible. However, the processing of large quantities of time-sensitive data presents a significant challenge in such resource constrained environments. Efficient high- throughput decryption is a crucial aspect of the implementation of secure display and one for which the widely used and well understood block cipher may not be best suited. Stream ciphers present a promising alternative and a number of strong candidate algorithms potentially offer the hardware speed and efficiency required. In the past, similar stream ciphers have suffered from algorithmic vulnerabilities. Although these new-generation designs have done much to respond to this concern, the relatively short 80-bit key lengths of some proposed hardware candidates, when combined with ever-advancing computational power, leads to the thesis identifying exhaustive search of key space as a potential attack vector. To determine the value of protection afforded by such short key lengths a unique hardware key search engine for stream ciphers is developed that makes use of an appropriate data element to improve search efficiency. The simulations from this system indicate that the proposed key lengths may be insufficient for applications where data is of long-term or high value. It is suggested that for the concept of secure display to be accepted, a longer key length should be used

Parent emotion socialization and emotion regulation in substance abusing families

The current study examined emotion socialization behaviors among mothers in addiction treatment and explored risk mechanisms that may explain emotion regulation deficits in young children of substance-abusing mothers. Variability within the sample was explored in order to evaluate who is at risk (i.e., those with greater severity of drug use) and when they are at risk (i.e., while using) for engaging in less effective emotion socialization behaviors. On average, mothers reported engaging in emotion coaching styles of socialization involving more consistent and supportive reactions and fewer non-supportive reactions to children's emotions, consistent with general population studies. However, the context of drug use negatively impacted how well mothers balanced these types of reactions: mothers engaged in significantly higher levels of non-supportive and inconsistent reactions during periods of problematic drug use compared to periods of sobriety. Findings support a mediated risk mechanism such that more severe impairment related to maternal substance use predicted higher levels of non-supportive reactions to children's negative emotions which, in turn, predicted poorer child emotion regulation. Implications for prevention and treatment suggest that non-supportive emotion socialization behaviors may be an appropriate target for supporting emotion regulation within contexts of maternal drug use.Doctor of Philosoph

Dealing with alcohol-related harm and the night-time economy

Alcohol-related problems are a major cause of social disorder and illness in Australia. In particular, problems associated with the night-time economies of urban and regional centres cause substantial community concern and are a considerable drain on police, community and health resources. The estimated cost of alcohol to the community is $15.3 billion, including costs associated with crime, violence, patient treatment, loss of productivity and premature deaths in 2004&ndash;05 (Collins 2008). Alcohol has also been identified as a factor in around three quarters of assaults and incidents of offensive behaviour on the street (Buss 1995). Previous research has identified several issues that contribute to the levels of short-term harm associated with risky drinking. These include: excessive consumption at licensed premises, consumption in public areas and lack of transport and security in entertainment precincts (Homel et al. 1992; Graham &amp; Homel 2008).Drinking in licensed venues is another predictor of harm and public disorder. More than half of offences occurring on the street have been associated with licensed premises in Australia (Buss 1995). A complex range of factors increase risky drinking and associated harms on licensed premises including: aspects of patron mix; levels of comfort, boredom, and intoxication; promotions that cause mass intoxication; and the behaviour of security/bouncers (Homel et al. 1992). Violence has also been shown to be perpetuated by poor venue management, lax police surveillance, lack of transport options for patrons, and inappropriate bureaucratic controls and legislation (Homel et al. 1992). This project aims to provide evidence-based knowledge regarding the implementation and impact of innovative local initiatives directed at alcohol-related harms.<br /