707 research outputs found
Обчислення верхніх меж диференціальних імовірностей для деяких класів блочних шифрів
Пропонується метод обчислення верхніх меж диференціальних імовірностей для класу немарковських схем Фейстеля, що дозволяє встановити теоретичну стійкість шифрів даного класу до диференціального криптоаналізу.We propose a new technique for estimating upper bounds of differential probabilities for class of non-Markov Feistel networks. These results allow to claim provable security against differential cryptanalysis for ciphers from this class
Cryptanalysis of Block Ciphers with New Design Strategies
Block ciphers are among the mostly widely used symmetric-key cryptographic primitives, which are fundamental building blocks in cryptographic/security systems. Most of the public-key primitives are based on hard mathematical problems such as the integer factorization in the RSA algorithm and discrete logarithm problem in the DiffieHellman. Therefore, their security are mathematically proven. In contrast, symmetric-key primitives are usually not
constructed based on well-defined hard mathematical problems. Hence, in order to get some assurance in their claimed security properties, they must be studied against different types of
cryptanalytic techniques. Our research is dedicated to the cryptanalysis of block ciphers. In particular, throughout this thesis, we investigate the security of some block ciphers constructed
with new design strategies. These new strategies include (i) employing simple round function, and modest key schedule, (ii) using another input called tweak rather than the usual two
inputs of the block ciphers, the plaintext and the key, to instantiate different permutations for the same key. This type of block ciphers is called a tweakable block cipher, (iii) employing linear and non-linear components that are energy efficient to provide low energy consumption block ciphers, (iv) employing optimal diffusion linear transformation layer while following the AES-based construction to provide faster diffusion rate, and (v) using rather weak but larger
S-boxes in addition to simple linear transformation layers to provide provable security of ARX-based block ciphers against single characteristic differential and linear cryptanalysis.
The results presented in this thesis can be summarized as follows:
Initially, we analyze the security of two lightweight block ciphers, namely, Khudra and Piccolo against Meet-in-the-Middle (MitM) attack based on the Demirci and Selcuk approach exploiting the simple design of the key schedule and round function.
Next, we investigate the security of two tweakable block ciphers, namely, Kiasu-BC and SKINNY. According to the designers, the best attack on Kiasu-BC covers 7 rounds. However, we exploited the tweak to present 8-round attack using MitM with efficient enumeration cryptanalysis.
Then, we improve the previous results of the impossible differential
cryptanalysis on SKINNY exploiting the tweakey schedule and linear transformation layer.
Afterwards, we study the security of new low energy consumption block cipher, namely, Midori128 where we present the longest impossible differential distinguishers that cover complete 7 rounds. Then, we utilized 4 of these distinguishers to launch key recovery attack against 11 rounds of Midori128 to improve the previous results on this cipher using the impossible
differential cryptanalysis.
Then, using the truncated differential cryptanalysis, we are able to attack 13 rounds of Midori128 utilizing a 10-round differential distinguisher.
We also analyze Kuznyechik, the standard Russian federation block cipher, against MitM with efficient enumeration cryptanalysis where we improve the previous results on Kuznyechik, using MitM attack with efficient enumeration, by presenting 6-round attack.
Unlike the previous attack, our attack exploits the exact values of the coefficients of the MDS transformation that is used in the cipher.
Finally, we present key recovery attacks using the multidimensional zero-correlation cryptanalysis against SPARX-128, which follows the long trail design strategy, to provide provable security of ARX-based block ciphers against single characteristic differential and
linear cryptanalysis
Decorrelation: A Theory for Block Cipher Security
Pseudorandomness is a classical model for the security of block ciphers. In this paper we propose convenient tools in order to study it in connection with the Shannon Theory, the Carter-Wegman universal hash functions paradigm, and the Luby-Rackoff approach. This enables the construction of new ciphers with security proofs under specific models. We show how to ensure security against basic differential and linear cryptanalysis and even more general attacks. We propose practical construction scheme
Notions and relations for RKA-secure permutation and function families
The theory of designing block ciphers is mature, having seen signi¯cant
progress since the early 1990s for over two decades, especially during the AES devel-
opment e®ort. Nevertheless, interesting directions exist, in particular in the study of
the provable security of block ciphers along similar veins as public-key primitives, i.e.
the notion of pseudorandomness (PRP) and indistinguishability (IND). Furthermore,
recent cryptanalytic progress has shown that block ciphers well designed against known
cryptanalysis techniques including related-key attacks (RKA) may turn out to be less
secure against related-key attacks than expected. The notion of provable security of
block ciphers against related-key attacks was initiated by Bellare and Kohno, and sub-
sequently treated by Lucks. Concrete block cipher constructions were proposed therein
with provable security guarantees. In this paper, we are interested in the security no-
tions for RKA-secure block ciphers
KLEIN: A New Family of Lightweight Block Ciphers
Resource-efficient cryptographic primitives become fundamental for realizing both security and efficiency in embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a major role as a building block for security protocols. In this paper, we describe a new family of lightweight block ciphers named KLEIN, which is designed for resource-constrained devices such as wireless sensors and RFID tags. Compared to the related proposals, KLEIN has advantage in the software performance on legacy sensor platforms, while in the same time its hardware implementation can also be compact
Security analysis of NIST-LWC contest finalists
Dissertação de mestrado integrado em Informatics EngineeringTraditional cryptographic standards are designed with a desktop and server environment in mind, so, with the
relatively recent proliferation of small, resource constrained devices in the Internet of Things, sensor networks,
embedded systems, and more, there has been a call for lightweight cryptographic standards with security,
performance and resource requirements tailored for the highly-constrained environments these devices find
themselves in.
In 2015 the National Institute of Standards and Technology began a Standardization Process in order to select
one or more Lightweight Cryptographic algorithms. Out of the original 57 submissions ten finalists remain, with
ASCON and Romulus being among the most scrutinized out of them.
In this dissertation I will introduce some concepts required for easy understanding of the body of work, do
an up-to-date revision on the current situation on the standardization process from a security and performance
standpoint, a description of ASCON and Romulus, and new best known analysis, and a comparison of the two,
with their advantages, drawbacks, and unique traits.Os padrões criptográficos tradicionais foram elaborados com um ambiente de computador e servidor em mente.
Com a proliferação de dispositivos de pequenas dimensões tanto na Internet of Things, redes de sensores e
sistemas embutidos, apareceu uma necessidade para se definir padrões para algoritmos de criptografia leve, com
prioridades de segurança, performance e gasto de recursos equilibrados para os ambientes altamente limitados
em que estes dispositivos operam.
Em 2015 o National Institute of Standards and Technology lançou um processo de estandardização com o
objectivo de escolher um ou mais algoritmos de criptografia leve. Das cinquenta e sete candidaturas originais
sobram apenas dez finalistas, sendo ASCON e Romulus dois desses finalistas mais examinados.
Nesta dissertação irei introduzir alguns conceitos necessários para uma fácil compreensão do corpo deste
trabalho, assim como uma revisão atualizada da situação atual do processo de estandardização de um ponto
de vista tanto de segurança como de performance, uma descrição do ASCON e do Romulus assim como as
suas melhores análises recentes e uma comparação entre os dois, frisando as suas vantagens, desvantagens e
aspectos únicos
Doubly Perfect Nonlinear Boolean Permutations
Due to implementation constraints the XOR operation is widely used in order
to combine plaintext and key bit-strings in secret-key block ciphers. This
choice directly induces the classical version of the differential attack by the
use of XOR-kind differences. While very natural, there are many alternatives to
the XOR. Each of them inducing a new form for its corresponding differential
attack (using the appropriate notion of difference) and therefore block-ciphers
need to use S-boxes that are resistant against these nonstandard differential
cryptanalysis. In this contribution we study the functions that offer the best
resistance against a differential attack based on a finite field
multiplication. We also show that in some particular cases, there are robust
permutations which offers the best resistant against both multiplication and
exponentiation base differential attacks. We call them doubly perfect nonlinear
permutations
Automatic Search for the Best Trails in ARX: Application to Block Cipher Speck
We propose the first adaptation of Matsui's algorithm for finding the best differential and linear trails to the class of ARX ciphers. It is based on a branch-and-bound search strategy, does not use any heuristics and returns optimal results. The practical application of the new algorithm is demonstrated on reduced round variants of block ciphers from the Speck family. More specifically, we report the probabilities of the best differential trails for up to 10, 9, 8, 7, and 7 rounds of Speck32, Speck48, Speck64, Speck96 and Speck128 respectively, together with the exact number of differential trails that have the best probability. The new results are used to compute bounds, under the Markov assumption, on the security of Speck against single-trail differential cryptanalysis. Finally, we propose two new ARX primitives with provable bounds against single-trail differential and linear cryptanalysis -- a long standing open problem in the area of ARX design
- …