New Results in the Linear Cryptanalysis of DES

Two open problems on using Matsui\u27s Algorithm 2 with multiple linear approximations posed earlier by Biryukov, De Canni$\grave{\hbox{e}}$re and M. Quisquater at Crypto\u2704 are solved in the present paper. That improves the linear cryptanalysis of 16-round DES reported by Matsui at Crypto\u2794

A Study on the Linear Cryptanalysis of AES Cipher

We have investigated the linear cryptanalysis of AES cipher in this article. As the previous encryption standard DES could be broken by the linear cryptanalysis, NIST decided a new encryption standard AES in 2000. We try to analyze one and two rounds AES cipher by the method of the linear cryptanalysis and learn the limits of this mehtod. AES cipher provides a conspicuous difficulty in breaking its keys because of small bias of its S-box. We report the experimental results of success rate and are led to conclusion that this method would not work well on more than 3 rounds to break keys

Linear cryptanalysis of pseudorandom functions

Relatório de projeto de pesquisa.In this paper, we study linear relations propagating across block ciphers from the key input to the ciphertext (for a fixed plaintext block). This is a usual setting of a one-way function, used for instance in modes of operation such as KFB (key feedback). We instantiate the block cipher with the full 16-round DES and $s^2$-DES, 10-round LOKI91 and 24-round Khufu, for which linear relations with high bias are well known. Other interesting targets include the full 8.5-round IDEA and PES ciphers for which high bias linear relations exist under the assumption of weak keys. Consequences of these findings impact the security of modes of operation such as KFB and of pseudorandom number/bit generators. These analyses were possible due to the linear structure and the poor diffusion of the key schedule algorithms. These findings shall motivate carefull (re)design of current and future key schedule algorithms

Enhancement of Secrecy of Block Ciphered Systems by Deliberate Noise

This paper considers the problem of end-end security enhancement by resorting to deliberate noise injected in ciphertexts. The main goal is to generate a degraded wiretap channel in application layer over which Wyner-type secrecy encoding is invoked to deliver additional secure information. More specifically, we study secrecy enhancement of DES block cipher working in cipher feedback model (CFB) when adjustable and intentional noise is introduced into encrypted data in application layer. A verification strategy in exhaustive search step of linear attack is designed to allow Eve to mount a successful attack in the noisy environment. Thus, a controllable wiretap channel is created over multiple frames by taking advantage of errors in Eve's cryptanalysis, whose secrecy capacity is found for the case of known channel states at receivers. As a result, additional secure information can be delivered by performing Wyner type secrecy encoding over super-frames ahead of encryption, namely, our proposed secrecy encoding-then-encryption scheme. These secrecy bits could be taken as symmetric keys for upcoming frames. Numerical results indicate that a sufficiently large secrecy rate can be achieved by selective noise addition.Comment: 11 pages, 8 figures, journa

Survey and Benchmark of Block Ciphers for Wireless Sensor Networks

Cryptographic algorithms play an important role in the security architecture of wireless sensor networks (WSNs). Choosing the most storage- and energy-efficient block cipher is essential, due to the facts that these networks are meant to operate without human intervention for a long period of time with little energy supply, and that available storage is scarce on these sensor nodes. However, to our knowledge, no systematic work has been done in this area so far.We construct an evaluation framework in which we first identify the candidates of block ciphers suitable for WSNs, based on existing literature and authoritative recommendations. For evaluating and assessing these candidates, we not only consider the security properties but also the storage- and energy-efficiency of the candidates. Finally, based on the evaluation results, we select the most suitable ciphers for WSNs, namely Skipjack, MISTY1, and Rijndael, depending on the combination of available memory and required security (energy efficiency being implicit). In terms of operation mode, we recommend Output Feedback Mode for pairwise links but Cipher Block Chaining for group communications