448 research outputs found
A structural analysis of the A5/1 state transition graph
We describe efficient algorithms to analyze the cycle structure of the graph
induced by the state transition function of the A5/1 stream cipher used in GSM
mobile phones and report on the results of the implementation. The analysis is
performed in five steps utilizing HPC clusters, GPGPU and external memory
computation. A great reduction of this huge state transition graph of 2^64
nodes is achieved by focusing on special nodes in the first step and removing
leaf nodes that can be detected with limited effort in the second step. This
step does not break the overall structure of the graph and keeps at least one
node on every cycle. In the third step the nodes of the reduced graph are
connected by weighted edges. Since the number of nodes is still huge an
efficient bitslice approach is presented that is implemented with NVIDIA's CUDA
framework and executed on several GPUs concurrently. An external memory
algorithm based on the STXXL library and its parallel pipelining feature
further reduces the graph in the fourth step. The result is a graph containing
only cycles that can be further analyzed in internal memory to count the number
and size of the cycles. This full analysis which previously would take months
can now be completed within a few days and allows to present structural results
for the full graph for the first time. The structure of the A5/1 graph deviates
notably from the theoretical results for random mappings.Comment: In Proceedings GRAPHITE 2012, arXiv:1210.611
Revisiting LFSMs
Linear Finite State Machines (LFSMs) are particular primitives widely used in
information theory, coding theory and cryptography. Among those linear
automata, a particular case of study is Linear Feedback Shift Registers (LFSRs)
used in many cryptographic applications such as design of stream ciphers or
pseudo-random generation. LFSRs could be seen as particular LFSMs without
inputs.
In this paper, we first recall the description of LFSMs using traditional
matrices representation. Then, we introduce a new matrices representation with
polynomial fractional coefficients. This new representation leads to sparse
representations and implementations. As direct applications, we focus our work
on the Windmill LFSRs case, used for example in the E0 stream cipher and on
other general applications that use this new representation.
In a second part, a new design criterion called diffusion delay for LFSRs is
introduced and well compared with existing related notions. This criterion
represents the diffusion capacity of an LFSR. Thus, using the matrices
representation, we present a new algorithm to randomly pick LFSRs with good
properties (including the new one) and sparse descriptions dedicated to
hardware and software designs. We present some examples of LFSRs generated
using our algorithm to show the relevance of our approach.Comment: Submitted to IEEE-I
Speed reading in the dark : Accelerating functional encryption for quadratic functions with reprogrammable hardware
Functional encryption is a new paradigm for encryption where decryption does not give the entire plaintext but only some function of it. Functional encryption has great potential in privacy-enhancing technologies but suffers from excessive computational overheads. We introduce the first hardware accelerator that supports functional encryption for quadratic functions. Our accelerator is implemented on a reprogrammable system-on-chip following the hardware/software codesign methogol-ogy. We benchmark our implementation for two privacy-preserving machine learning applications: (1) classification of handwritten digits from the MNIST database and (2) classification of clothes images from the Fashion MNIST database. In both cases, classification is performed with encrypted images. We show that our implementation offers speedups of over 200 times compared to a published software implementation and permits applications which are unfeasible with software-only solutions.Peer reviewe
Cryptography for Ultra-Low Power Devices
Ubiquitous computing describes the notion that computing devices will be everywhere: clothing, walls and floors of buildings, cars, forests, deserts, etc. Ubiquitous computing is becoming a reality: RFIDs are currently being introduced into the supply chain. Wireless distributed sensor networks (WSN) are already being used to monitor wildlife and to track military targets. Many more applications are being envisioned. For most of these applications some level of security is of utmost importance. Common to WSN and RFIDs are their severely limited power resources, which classify them as ultra-low power devices. Early sensor nodes used simple 8-bit microprocessors to implement basic communication, sensing and computing services. Security was an afterthought. The main power consumer is the RF-transceiver, or radio for short. In the past years specialized hardware for low-data rate and low-power radios has been developed. The new bottleneck are security services which employ computationally intensive cryptographic operations. Customized hardware implementations hold the promise of enabling security for severely power constrained devices. Most research groups are concerned with developing secure wireless communication protocols, others with designing efficient software implementations of cryptographic algorithms. There has not been a comprehensive study on hardware implementations of cryptographic algorithms tailored for ultra-low power applications. The goal of this dissertation is to develop a suite of cryptographic functions for authentication, encryption and integrity that is specifically fashioned to the needs of ultra-low power devices. This dissertation gives an introduction to the specific problems that security engineers face when they try to solve the seemingly contradictory challenge of providing lightweight cryptographic services that can perform on ultra-low power devices and shows an overview of our current work and its future direction
Speed reading in the dark : Accelerating functional encryption for quadratic functions with reprogrammable hardware
Functional encryption is a new paradigm for encryption where decryption does not give the entire plaintext but only some function of it. Functional encryption has great potential in privacy-enhancing technologies but suffers from excessive computational overheads. We introduce the first hardware accelerator that supports functional encryption for quadratic functions. Our accelerator is implemented on a reprogrammable system-on-chip following the hardware/software codesign methogol-ogy. We benchmark our implementation for two privacy-preserving machine learning applications: (1) classification of handwritten digits from the MNIST database and (2) classification of clothes images from the Fashion MNIST database. In both cases, classification is performed with encrypted images. We show that our implementation offers speedups of over 200 times compared to a published software implementation and permits applications which are unfeasible with software-only solutions.Peer reviewe
Lightweight Cryptography Meets Threshold Implementation: A Case Study for SIMON
Securing data transmission has always been a challenge. While many cryptographic algorithms are available to solve the problem, many applications have tough area constraints while requiring high-level security. Lightweight cryptography aims at achieving high-level security with the benefit of being low cost. Since the late nineties and with the discovery of side channel attacks the approach towards cryptography has changed quite significantly. An attacker who can get close to a device can extract sensitive data by monitoring side channels such as power consumption, sound, or electromagnetic emanation. This means that embedded implementations of cryptographic schemes require protection against such attacks to achieve the desired level of security. In this work we combine a low-cost embedded cipher, Simon, with a stateof-the-art side channel countermeasure called Threshold Implementation (TI). We show that TI is a great match for lightweight cryptographic ciphers, especially for hardware implementation. Our implementation is the smallest TI of a block-cipher on an FPGA. This implementation utilizes 96 slices of a low-cost Spartan-3 FPGA and 55 slices a modern Kintex-7 FPGA. Moreover, we present a higher order TI which is resistant against second order attacks. This implementation utilizes 163 slices of a Spartan-3 FPGA and 95 slices of a Kintex-7 FPGA. We also present a state of the art leakage analysis and, by applying it to the designs, show that the implementations achieve the expected security. The implementations even feature a significant robustness to higher order attacks, where several million observations are needed to detect leakage
CBEAM: Efficient Authenticated Encryption from Feebly One-Way Functions
We show how efficient and secure cryptographic mixing functions can be constructed from low-degree rotation-invariant functions rather than conventional S-Boxes. These novel functions have surprising properties; many exhibit inherent feeble (Boolean circuit) one-wayness and offer speed/area tradeoffs unobtainable with traditional constructs. Recent theoretical results indicate that even if the inverse is not explicitly computed in an implementation, its degree plays a fundamental role to the security of the iterated composition. To illustrate these properties, we present CBEAM, a Cryptographic Sponge Permutation based on a single -bit Boolean function. This simple nonlinear function is used to construct a 16-bit rotation-invariant function of Degree 4 (but with a very complex Degree 11 inverse), which in turn is expanded into an efficient 256-bit mixing function. In addition to flexible tradeoffs in hardware we show that efficient implementation strategies exist for software platforms ranging from low-end microcontrollers to the very latest x86-64 AVX2 instruction set. A rotational bit-sliced software implementation offers not only comparable speeds to AES but also increased security against cache side channel attacks. Our construction supports Sponge-based Authenticated Encryption, Hashing, and PRF/PRNG modes and is highly useful as a compact ``all-in-one\u27\u27 primitive for pervasive security
Preventing DoS Attacks in IoT Using AES
The Internet of Things (IoT) is significant in today’s development of mobile networks enabling to obtain information from the environment, devices, and appliances. A number of applications have been implemented in various kinds of technologies. IoT has high exposure to security attacks and threats. There are several requirements in terms of security. Confidentiality is one of the major concerns in the wireless network. Integrity and availability are key issues along with the confidentiality. This research focuses on identifying the attacks that can occur in IoT. Packet filtering and patches method were used to secure the network and mitigate mentioned attacks but these techniques are not capable of achieving security in IoT. This paper uses Advanced Encryption Standard (AES) to address these mentioned security issues. Official AES version uses the standard for secret key encryption. However, several problems and attacks still occur with the implementation of this original AES. We modified AES by adding white box and the doubling of the AES encryption. We also replaced the Substitute-Byte (S-Box) in the conventional AES with the white box. The significance of a white box is where the whole AES cipher decomposed into round functions. While doubling the process of AES gives difficulty to the attacker or malware to interrupt the network or system. From the algorithms, our proposed solutions can control DoS attack on IoT and any other miniature devices
- …