Tabu search against permutation based stream ciphers

Encryption is one of the most effective methods of securing data confidentiality, whether stored on hard drives or transferred (e.g. by e-mail or phone call). In this paper a new state recovery attack with tabu search is introduced. Based on research and theoretical approximation it is shown that the internal state can be recovered after checking 252 internal states for RC4 and 2180 for VMPC

3D Visual Method of Variant Logic Construction for Random Sequence

As Internet security threats continue to evolve, in order to ensure information transmission security, various encrypt and decrypt has been used in channel coding and decoding of data communication. While cryptography requires a very high degree of apparent randomness, Random sequences play an important role in cryptography. Both CA (Cellular Automata) and RC4 contain pseudo‐random number generators and may have intrinsic properties respectively. In this paper, a 3D visualization model (3DVM) is proposed to display spatial characteristics of the random sequences from CA or RC4 keystream. Key components of this model and core mechanism are described. Every module and their I/O parameters are discussed respectively. A serial of logic function of CA are selected as examples to compare with some RC4 keystreams to show their intrinsic properties in three‐dimensional space. Visual results are briefly analyzed to explore their intrinsic properties including similarity and difference. The results provide support to explore the RC4 algorithm by using 3D dimensional visualization tools to organize its interactive properties as visual maps

Tabu search against permutation based stream ciphers

Encryption is one of the most effective methods of securing data confidentiality, whether stored on hard drives or transferred (e.g. by e-mail or phone call). In this paper a new state recovery attack with tabu search is introduced. Based on research and theoretical approximation it is shown that the internal state can be recovered after checking 2^52 internal states for RC4 and 2^180 for VMPC

Securing Telecommunication Based On Speaker Voice As The Public Key.

This paper proposes a technique to generate a public cryptographic key from user’s voice while speaking over a handheld device. Making use of the human intelligence to identify authenticate the voice of the speaker and therefore use the voice as the public key. The generated public key is used to encrypt of the transferred data over the open communication channel

A dynamic data encryption method based on addressing the data importance on the internet of things

The rapid growth of internet of things (IoT) in multiple areas brings research challenges closely linked to the nature of IoT technology. Therefore, there has been a need to secure the collected data from IoT sensors in an efficient and dynamic way taking into consideration the nature of collected data due to its importance. So, in this paper, a dynamic algorithm has been developed to distinguish the importance of data collected and apply the suitable security approach for each type of data collected. This was done by using hybrid system that combines block cipher and stream cipher systems. After data classification using machine learning classifiers the less important data are encrypted using stream cipher (SC) that use rivest cipher 4 algorithm, and more important data encrypted using block cipher (BC) that use advanced encryption standard algorithm. By applying a performance evaluation using simulation, the proposed method guarantees that it encrypts the data with less central processing unit (CPU) time with improvement in the security over the data by using the proposed hybrid system

Some Words on Cryptanalysis of Stream Ciphers

In the world of cryptography, stream ciphers are known as primitives used to ensure privacy over a communication channel. One common way to build a stream cipher is to use a keystream generator to produce a pseudo-random sequence of symbols. In such algorithms, the ciphertext is the sum of the keystream and the plaintext, resembling the one-time pad principal. Although the idea behind stream ciphers is simple, serious investigation of these primitives has started only in the late 20th century. Therefore, cryptanalysis and design of stream ciphers are important. In recent years, many designs of stream ciphers have been proposed in an effort to find a proper candidate to be chosen as a world standard for data encryption. That potential candidate should be proven good by time and by the results of cryptanalysis. Different methods of analysis, in fact, explain how a stream cipher should be constructed. Thus, techniques for cryptanalysis are also important. This thesis starts with an overview of cryptography in general, and introduces the reader to modern cryptography. Later, we focus on basic principles of design and analysis of stream ciphers. Since statistical methods are the most important cryptanalysis techniques, they will be described in detail. The practice of statistical methods reveals several bottlenecks when implementing various analysis algorithms. For example, a common property of a cipher to produce n-bit words instead of just bits makes it more natural to perform a multidimensional analysis of such a design. However, in practice, one often has to truncate the words simply because the tools needed for analysis are missing. We propose a set of algorithms and data structures for multidimensional cryptanalysis when distributions over a large probability space have to be constructed. This thesis also includes results of cryptanalysis for various cryptographic primitives, such as A5/1, Grain, SNOW 2.0, Scream, Dragon, VMPC, RC4, and RC4A. Most of these results were achieved with the help of intensive use of the proposed tools for cryptanalysis

International standards for stream ciphers: a progress report

The main objective of this paper is to review the current status of stream cipher standardisation. The hope is that, by doing so, the algorithms and techniques that are likely to be standardised at some point during the next year or so will be subjected to rigorous scrutiny by the crytopgraphic community

Wireless network security and cracking security key

Wireless technology gives us mobility easy access to the computer network without copper wires. With the increased use of wireless technology, more and more Wi-Fi hotspots, rising number of cell phones, PDAs, Tablet PC, laptops (devices with Wi-Fi module), wireless security is an ever increasing issue for many organizations. In other words wireless networks add another entry point into a network for hackers. Because this technology is relatively new there is many security vulnerabilities. In this paper, we study security on the wireless network and its vulnerability, also we give examples of how hackers can crack security key, explode vulnerabilities and attack the wireless network. We consider the weak points of these networks in order to suggest ways and methods to ensure a good protection

Attacks Only Get Better:Password Recovery Attacks Against RC4 in TLS

Despite recent high-profile attacks on the RC4 algorithm in TLS, its usage is still running at about 30 % of all TLS traffic. This is attributable to the lack of practicality of the existing attacks, the desire to support legacy implementations, and resistance to change. We provide new attacks against RC4 in TLS that are focussed on recovering user passwords, still the pre-eminent means of user authentication on the Web today. Our attacks enhance the statistical techniques used in the existing attacks and exploit specific features of the password setting to produce attacks that are much closer to being practical. We report on extensive simulations that illustrate this. We also report on two “proof of concept ” implementations of the attacks for specific application layer protocols, namely BasicAuth and IMAP. Our work validates the truism that attacks only get better with time: we obtain good success rates in recovering user passwords with around 226 encryptions, whereas the previous generation of attacks required 234 encryptions to recover a

VMPC-R Cryptographically Secure Pseudo-Random Number Generator Alternative to RC4

We present a new Cryptographically Secure Pseudo-Random Number Generator. It uses permutations as its internal state, similarly to the RC4 stream cipher. We describe a statistical test which revealed non-random patterns in a sample of $2^{16.6}$ outputs of a 3-bit RC4. Our new algorithm produced $2^{46.8}$ undistinguishable from random 3-bit outputs in the same test. We probed $2^{51}$ outputs of the algorithm in different statistical tests with different word sizes and found no way of distinguishing the keystream from a random source. The size of the algorithm\u27s internal state is $2^{3424}$ (for an 8-bit implementation). The algorithm is cryptographically secure to the extent we were able to analyse it. Its design is simple and easy to implement. We present the generator along with a key scheduling algorithm processing both keys and initialization vectors