Polytopic Cryptanalysis

Standard differential cryptanalysis uses statistical dependencies between the difference of two plaintexts and the difference of the respective two ciphertexts to attack a cipher. Here we introduce polytopic cryptanalysis which considers interdependencies between larger sets of texts as they traverse through the cipher. We prove that the methodology of standard differential cryptanalysis can unambiguously be extended and transferred to the polytopic case including impossible differentials. We show that impossible polytopic transitions have generic advantages over impossible differentials. To demonstrate the practical relevance of the generalization, we present new low-data attacks on round-reduced DES and AES using impossible polytopic transitions that are able to compete with existing attacks, partially outperforming these

Overview of attacks on AES-128: to the 15th anniversary of AES

Представлен обзор работ, опубликованных до 2016 г. и посвящённых криптоанализу алгоритма AES-128 (Advanced Encryption Standard). Перечислены основные криптографические методы, используемые при анализе AES. Приведены сложностные характеристики 88 атак на редуцированные варианты алгоритма AES-128. Указано необходимое для проведения атак количество известных пар шифрованных и открытых текстов с условиями на них. В поле зрения не попали атаки по побочным каналам и атаки с ограничением на используемые ключи

APLIKASI KEAMANAN DOCUMENT DIGITAL MENGGUNAKAN ALGORITMA STEGANOGRAFI DISCRETE COSINE TRANSFORM (DCT) PADA PERUSAHAN ALAT BERAT

Electronic documents are information that is permitted or stored in a way that is requested by a computer or other electronic device to be installed, assigned or processed. These documents consist of text, graphics or spreadsheets. For the current technological developments that improve progress, security is very important in companies that are difficult to avoid the follow-up of information by parties who are not responsible. One method that can be used to obtain digital documents is using Steganography and Cryptography technology by using Discrete Cosine Transform (DCT) technology and Advanced Desktop Encryption Standard (AES-192) algorithm based on Java Desktop. The purpose of this application is to prepare data or files to be hidden on the cover image of the file. Before inserting with the closing image file, the file is encrypted with a symmetrical key using the AES-192 algorithm. The benefits obtained in this application, the confidentiality of information or data on this heavy equipment company can be difficult with good and safe. With this application it is expected to help the confidentiality of information or data on heavy equipment companies.

Practical Attacks on Reduced-Round AES

In this paper we investigate the security of 5-round AES against two different attacks in an adaptive setting. We present a practical key-recovery attack on 5-round AES with a secret s-box that requires $2^{32}$ adaptively chosen ciphertexts, which is as far as we know a new record. In addition, we present a new and practical key-independent distinguisher for 5-round AES which requires $2^{27.2}$ adaptively chosen ciphertexts. While the data complexity of this distinguisher is in the same range as the current best 5-round distinguisher, it exploits new structural properties of 5-round AES

Extending AES with DH Key-Exchange to Enhance VoIP Encryption in Mobile Networks

Recently,the evolution and progress have become significant in the field of information technology and mobile technology, especially inSmartphone applications that are currently widely spreading. Due to the huge developments in mobile and smartphone technologies in recent years, more attention is given to voice data transmission such as VoIP (Voice overIP) technologies– e.g. (WhatsApp, Skype, and Face Book Messenger). When using VoIP services over smartphones, there are always security and privacy concerns like the eavesdropping of calls between the communicating parties. Therefore, there is a pressing need to address these risks by enhancing the security level and encryption methods. In this work, we use scheme to encrypt VoIP channels using (128, 192 & 256-bit) enhanced encryption based on the Advanced Encryption Standard (AES) algorithm, by extending it with the well-known Diffie-Hellman (DH) key exchange method. We have performed a series of real tests on the enhanced (AES-DH) algorithm and compared its performance with the generic AES algorithm. The results have shown that we can get a significant increase in the encryption strength at a very small overhead between 4% and 7% of execution timebetween AES and AEScombine withDH for all scenario which was incurred by added time of encryption and decryption. Our approach uses high security and speed and reduces the voice delay.In dealing with sound transfer process via the internet, we use the SIP server to authenticate the communication process between the two parties. The implementation is done on a mobile device (Which is operated by (Android) system) because it has recently been widely used among different people around the world.اصبحت الثورة والتطور كبيرة حديثاً في حقول تكنولوجيا االتصاالت واليواتف النقالة، وخصوصا في تطبيقات اليواتف الذكية التي تنتشر حاليا بشكل واسع. وتم اعطاء المزيد من االىتمام لنقل البيانات الصوتية مثل تكنولوجيا االتصال عبر بروتكول االنترنت، عمى سبيل المثال: )الواتساب، السكايب، الفيس بوك، والماسنجر(. ويعزى ذلك لمتطور الكبير في تكنولوجيا اليواتف النقالة والذكية في السنوات االخيرة. عند استخدام خدمات االتصال عبر بروتكول االنترنت VoIP ،ىناك مخاوف دائمة حول الحماية والخصوصية كالتجسس عمى المكالمات بين جيات االتصال. ولذلك ىنالك حاجة ماسة لمعالجة ىذه المخاطر عن طريق تحسين مستوى الحماية وطرق التشفير. في ىذا العمل، نستخدم/ نجمع بين اثنتين من الخوارزميات لتشفير قنوات االتصال عبر بروتوكول االنترنت )128 ، 192 ،و 256 بت( عبر خوارزمية AESوتمديدىا عبر طريقة تبادل ديفي ىيممان الرئيسية المعروفة. وقمنا باداء العديد من التجارب الحقيقية عمى DH-AES ، وقمنا بمقارنة ادائيا مع اداء خوارزمية معيار التشفير المتقدم العامة. اظيرت النتائج انو بامكاننا الحصول عمى زيادة كبيرة في قوة التشفير بنسبة صغيرة جدا بين 4 %و7 %من وقت التنفيذ بين AESو DH/AES لجميع السيناريو والتي تم تكبدىا من قبل الوقت المضاف لمتشفير وفك التشفير. يستخدم نيجنا درجة عالية من الحماية والسرعة ويقمل من تأخير الصوت، ونستخدم في التعامل مع عممية نقل الصوت عبر االنترنت Server SIPلتوثيق عممية االتصال بين الجيتين. وتم التنفيذ عمى ىاتف نقال يعمل عمى نظام اندرويد؛ النو استخدم بشكل واسع مؤخرا بين مختمف الناس حول العالم

Security Evaluation of GOST 28147-89 In View Of International Standardisation

GOST 28147-89 is is a well-known 256-bit block cipher which is a plausible alternative for AES-256 and triple DES, which however has a much lower implementation cost. GOST is implemented in standard crypto libraries such as OpenSSL and Crypto++ and is increasingly popular and used also outside its country of origin and on the Internet. In 2010 GOST was submitted to ISO, to become a worldwide industrial encryption standard. Until 2011 researchers unanimously agreed that GOST could or should be very secure, which was summarized in 2010 in these words: despite considerable cryptanalytic efforts spent in the past 20 years, GOST is still not broken . Unhappily, it was recently discovered that GOST can be broken and is a deeply flawed cipher. There is a very considerable amount of recent not yet published work on cryptanalysis of GOST known to us. One simple attack was already presented in February at FSE 2011. In this short paper we describe another attack, to illustrate the fact that there is now plethora of attacks on GOST, which require much less memory, and don\u27t even require the reflection property to hold, without which the recent attack from FSE 2011 wouldn\u27t work. We are also aware of many substantially faster attacks and of numerous special even weaker cases. These will be published in appropriate peer-reviewed cryptography conferences but we must warn the ISO committees right now. More generally, our ambition is to do more than just to point out that a major encryption standard is flawed. We would like to present and suggest a new general paradigm for effective symmetric cryptanalysis of so called Algebraic Complexity Reduction which in our opinion is going to structure and stimulate substantial amounts of academic research on symmetric cryptanalysis for many years to come. In this paper we will explain the main ideas behind it and explain also the precise concept of Black-box Algebraic Complexity Reduction . This new paradigm builds on many already known attacks on symmetric ciphers, such as fixed point, slide, involution, cycling, reflection and other self-similarity attacks but the exact attacks we obtain, could never be developed previously, because only in the recent 5 years it became possible to show the existence of an appropriate last step for many such attacks, which is a low data complexity software algebraic attack. This methodology leads to a large number of new attacks on GOST, way more complex, better and more efficient than at FSE 2011. One example of such an attack is given in the present paper

Low Data Complexity Biclique Cryptanalysis of Block Ciphers with Application to Piccolo and HIGHT

In this paper, we present a framework for biclique cryptanalysis of block ciphers with an extremely low data complexity. To that end, we enjoy a new representation of biclique attack. Then an algorithm for choosing two dierential characteristics is also presented to simultaneously minimize the data complexity and control the computational complexity. Then we characterize those block ciphers that are vulnerable to this technique and among them, we apply this attack on lightweight block ciphers Piccolo-80, Piccolo-128 and HIGHT. The data complexities of these attacks are considerably less than the existing results. For full-round Piccolo-80 and 128, the data complexity of the attacks are only 16 plaintext-ciphertext pairs and for full-round HIGHT our attack requires 256 pairs. In all attacks the computational complexity remains the same as the previous ones or even it is slightly improved

The Exchange Attack: How to Distinguish Six Rounds of AES with 288.22^{88.2} chosen plaintexts

In this paper we present exchange-equivalence attacks which is a new cryptanalytic attack technique suitable for SPN-like block cipher designs. Our new technique results in the first secret-key chosen plaintext distinguisher for 6-round AES. The complexity of the distinguisher is about $2^{88.2}$ in terms of data, memory and computational complexity. The distinguishing attack for AES reduced to six rounds is a straight-forward extension of an exchange attack for 5-round AES that requires $2^{30}$ in terms of chosen plaintexts and computation. This is also a new record for AES reduced to five rounds. The main result of this paper is that AES up to at least six rounds is biased when restricted to exchange-invariant sets of plaintexts

Practical Low Data-Complexity Subspace-Trail Cryptanalysis of Round-Reduced PRINCE

Subspace trail cryptanalysis is a very recent new cryptanalysis technique, and includes differential, truncated differential, impossible differential, and integral attacks as special cases. In this paper, we consider PRINCE, a widely analyzed block cipher proposed in 2012. After the identification of a 2.5 rounds subspace trail of PRINCE, we present several (truncated differential) attacks up to 6 rounds of PRINCE. This includes a very practical attack with the lowest data complexity of only 8 plaintexts for 4 rounds, which co-won the final round of the PRINCE challenge in the 4-round chosen-plaintext category. The attacks have been verified using a C implementation. Of independent interest, we consider a variant of PRINCE in which ShiftRows and MixLayer operations are exchanged in position. In particular, our result shows that the position of ShiftRows and MixLayer operations influences the security of PRINCE. The same analysis applies to follow-up designs inspired by PRINCE

Modelos de compressão e ferramentas para dados ómicos

The ever-increasing growth of the development of high-throughput sequencing technologies and as a consequence, generation of a huge volume of data, has revolutionized biological research and discovery. Motivated by that, we investigate in this thesis the methods which are capable of providing an efficient representation of omics data in compressed or encrypted manner, and then, we employ them to analyze omics data. First and foremost, we describe a number of measures for the purpose of quantifying information in and between omics sequences. Then, we present finite-context models (FCMs), substitution-tolerant Markov models (STMMs) and a combination of the two, which are specialized in modeling biological data, in order for data compression and analysis. To ease the storage of the aforementioned data deluge, we design two lossless data compressors for genomic and one for proteomic data. The methods work on the basis of (a) a combination of FCMs and STMMs or (b) the mentioned combination along with repeat models and a competitive prediction model. Tested on various synthetic and real data showed their outperformance over the previously proposed methods in terms of compression ratio. Privacy of genomic data is a topic that has been recently focused by developments in the field of personalized medicine. We propose a tool that is able to represent genomic data in a securely encrypted fashion, and at the same time, is able to compact FASTA and FASTQ sequences by a factor of three. It employs AES encryption accompanied by a shuffling mechanism for improving the data security. The results show it is faster than general-purpose and special-purpose algorithms. Compression techniques can be employed for analysis of omics data. Having this in mind, we investigate the identification of unique regions in a species with respect to close species, that can give us an insight into evolutionary traits. For this purpose, we design two alignment-free tools that can accurately find and visualize distinct regions among two collections of DNA or protein sequences. Tested on modern humans with respect to Neanderthals, we found a number of absent regions in Neanderthals that may express new functionalities associated with evolution of modern humans. Finally, we investigate the identification of genomic rearrangements, that have important roles in genetic disorders and cancer, by employing a compression technique. For this purpose, we design a tool that is able to accurately localize and visualize small- and large-scale rearrangements between two genomic sequences. The results of applying the proposed tool on several synthetic and real data conformed to the results partially reported by wet laboratory approaches, e.g., FISH analysis.O crescente crescimento do desenvolvimento de tecnologias de sequenciamento de alto rendimento e, como consequência, a geração de um enorme volume de dados, revolucionou a pesquisa e descoberta biológica. Motivados por isso, nesta tese investigamos os métodos que fornecem uma representação eficiente de dados ómicros de maneira compactada ou criptografada e, posteriormente, os usamos para análise. Em primeiro lugar, descrevemos uma série de medidas com o objetivo de quantificar informação em e entre sequencias ómicas. Em seguida, apresentamos modelos de contexto finito (FCMs), modelos de Markov tolerantes a substituição (STMMs) e uma combinação dos dois, especializados na modelagem de dados biológicos, para compactação e análise de dados. Para facilitar o armazenamento do dilúvio de dados acima mencionado, desenvolvemos dois compressores de dados sem perda para dados genómicos e um para dados proteómicos. Os métodos funcionam com base em (a) uma combinação de FCMs e STMMs ou (b) na combinação mencionada, juntamente com modelos de repetição e um modelo de previsão competitiva. Testados em vários dados sintéticos e reais mostraram a sua eficiência sobre os métodos do estado-de-arte em termos de taxa de compressão. A privacidade dos dados genómicos é um tópico recentemente focado nos desenvolvimentos do campo da medicina personalizada. Propomos uma ferramenta capaz de representar dados genómicos de maneira criptografada com segurança e, ao mesmo tempo, compactando as sequencias FASTA e FASTQ para um fator de três. Emprega criptografia AES acompanhada de um mecanismo de embaralhamento para melhorar a segurança dos dados. Os resultados mostram que ´e mais rápido que os algoritmos de uso geral e específico. As técnicas de compressão podem ser exploradas para análise de dados ómicos. Tendo isso em mente, investigamos a identificação de regiões únicas em uma espécie em relação a espécies próximas, que nos podem dar uma visão das características evolutivas. Para esse fim, desenvolvemos duas ferramentas livres de alinhamento que podem encontrar e visualizar com precisão regiões distintas entre duas coleções de sequências de DNA ou proteínas. Testados em humanos modernos em relação a neandertais, encontrámos várias regiões ausentes nos neandertais que podem expressar novas funcionalidades associadas à evolução dos humanos modernos. Por último, investigamos a identificação de rearranjos genómicos, que têm papéis importantes em desordens genéticas e cancro, empregando uma técnica de compressão. Para esse fim, desenvolvemos uma ferramenta capaz de localizar e visualizar com precisão os rearranjos em pequena e grande escala entre duas sequências genómicas. Os resultados da aplicação da ferramenta proposta, em vários dados sintéticos e reais, estão em conformidade com os resultados parcialmente relatados por abordagens laboratoriais, por exemplo, análise FISH.Programa Doutoral em Engenharia Informátic