458 research outputs found
Group theory in cryptography
This paper is a guide for the pure mathematician who would like to know more
about cryptography based on group theory. The paper gives a brief overview of
the subject, and provides pointers to good textbooks, key research papers and
recent survey papers in the area.Comment: 25 pages References updated, and a few extra references added. Minor
typographical changes. To appear in Proceedings of Groups St Andrews 2009 in
Bath, U
Wave-Shaped Round Functions and Primitive Groups
Round functions used as building blocks for iterated block ciphers, both in
the case of Substitution-Permutation Networks and Feistel Networks, are often
obtained as the composition of different layers which provide confusion and
diffusion, and key additions. The bijectivity of any encryption function,
crucial in order to make the decryption possible, is guaranteed by the use of
invertible layers or by the Feistel structure. In this work a new family of
ciphers, called wave ciphers, is introduced. In wave ciphers, round functions
feature wave functions, which are vectorial Boolean functions obtained as the
composition of non-invertible layers, where the confusion layer enlarges the
message which returns to its original size after the diffusion layer is
applied. This is motivated by the fact that relaxing the requirement that all
the layers are invertible allows to consider more functions which are optimal
with regard to non-linearity. In particular it allows to consider injective APN
S-boxes. In order to guarantee efficient decryption we propose to use wave
functions in Feistel Networks. With regard to security, the immunity from some
group-theoretical attacks is investigated. In particular, it is shown how to
avoid that the group generated by the round functions acts imprimitively, which
represent a serious flaw for the cipher
Stream cipher based on quasigroup string transformations in
In this paper we design a stream cipher that uses the algebraic structure of
the multiplicative group \bbbz_p^* (where p is a big prime number used in
ElGamal algorithm), by defining a quasigroup of order and by doing
quasigroup string transformations. The cryptographical strength of the proposed
stream cipher is based on the fact that breaking it would be at least as hard
as solving systems of multivariate polynomial equations modulo big prime number
which is NP-hard problem and there are no known fast randomized or
deterministic algorithms for solving it. Unlikely the speed of known ciphers
that work in \bbbz_p^* for big prime numbers , the speed of this stream
cipher both in encryption and decryption phase is comparable with the fastest
symmetric-key stream ciphers.Comment: Small revisions and added reference
Partition-Based Trapdoor Ciphers
Trapdoors are a two-face key concept in modern cryptography. They are primarily related to the concept of trapdoor function used in asymmetric cryptography. A trapdoor function is a one-to-one mapping that is easy to compute, but for which its inverse function is difficult to compute without special information, called the trapdoor. It is a necessary condition to get reversibility between the sender and the receiver for encryption or between the signer and the verifier for digital signature. The trapdoor mechanism is always fully public and detailed. The second concept of trapdoor relates to the more subtle and perverse concept of mathematical backdoor, which is a key issue in symmetric cryptography. In this case, the aim is to insert hidden mathematical weaknesses, which enable one who knows them to break the cipher. Therefore, the existence of a backdoor is a strongly undesirable property. This book deals with this second concept and is focused on block ciphers or, more specifically, on substitution-permutation networks (SPN). Inserting a backdoor in an encryption algorithm gives an effective cryptanalysis of the cipher to the designer
MiMC:Efficient Encryption and Cryptographic Hashing with Minimal Multiplicative Complexity
We explore cryptographic primitives with low multiplicative complexity. This is motivated by recent progress in practical applications of secure multi-party computation (MPC), fully homomorphic encryption (FHE), and zero-knowledge proofs (ZK) where primitives from symmetric cryptography are needed and where linear computations are, compared to non-linear operations, essentially ``free\u27\u27. Starting with the cipher design strategy ``LowMC\u27\u27 from Eurocrypt 2015, a number of bit-oriented proposals have been put forward, focusing on applications where the multiplicative depth of the circuit describing the cipher is the most important optimization goal.
Surprisingly, albeit many MPC/FHE/ZK-protocols natively support operations in \GF{p} for large , very few primitives, even considering all of symmetric cryptography, natively work in such fields. To that end, our proposal for both block ciphers and cryptographic hash functions is to reconsider and simplify the round function of the Knudsen-Nyberg cipher from 1995. The mapping is used as the main component there and is also the main component of our family of proposals called ``MiMC\u27\u27. We study various attack vectors for this construction and give a new attack vector that outperforms others in relevant settings.
Due to its very low number of multiplications, the design lends itself
well to a large class of new applications, especially when the depth does not matter but the total number of multiplications in the circuit
dominates all aspects of the implementation. With a number of rounds which we deem secure based on our security analysis, we report on significant performance improvements in a representative use-case involving SNARKs
Shannon Perfect Secrecy in a Discrete Hilbert Space
The One-time-pad (OTP) was mathematically proven to be perfectly secure by
Shannon in 1949. We propose to extend the classical OTP from an n-bit finite
field to the entire symmetric group over the finite field. Within this context
the symmetric group can be represented by a discrete Hilbert sphere (DHS) over
an n-bit computational basis. Unlike the continuous Hilbert space defined over
a complex field in quantum computing, a DHS is defined over the finite field
GF(2). Within this DHS, the entire symmetric group can be completely described
by the complete set of n-bit binary permutation matrices. Encoding of a
plaintext can be done by randomly selecting a permutation matrix from the
symmetric group to multiply with the computational basis vector associated with
the state corresponding to the data to be encoded. Then, the resulting vector
is converted to an output state as the ciphertext. The decoding is the same
procedure but with the transpose of the pre-shared permutation matrix. We
demonstrate that under this extension, the 1-to-1 mapping in the classical OTP
is equally likely decoupled in Discrete Hilbert Space. The uncertainty
relationship between permutation matrices protects the selected pad, consisting
of M permutation matrices (also called Quantum permutation pad, or QPP). QPP
not only maintains the perfect secrecy feature of the classical formulation but
is also reusable without invalidating the perfect secrecy property. The
extended Shannon perfect secrecy is then stated such that the ciphertext C
gives absolutely no information about the plaintext P and the pad.Comment: 7 pages, 1 figure, presented and published by QCE202
Large substitution boxes with efficient combinational implementations
At a fundamental level, the security of symmetric key cryptosystems ties back to Claude Shannon\u27s properties of confusion and diffusion. Confusion can be defined as the complexity of the relationship between the secret key and ciphertext, and diffusion can be defined as the degree to which the influence of a single input plaintext bit is spread throughout the resulting ciphertext. In constructions of symmetric key cryptographic primitives, confusion and diffusion are commonly realized with the application of nonlinear and linear operations, respectively. The Substitution-Permutation Network design is one such popular construction adopted by the Advanced Encryption Standard, among other block ciphers, which employs substitution boxes, or S-boxes, for nonlinear behavior. As a result, much research has been devoted to improving the cryptographic strength and implementation efficiency of S-boxes so as to prohibit cryptanalysis attacks that exploit weak constructions and enable fast and area-efficient hardware implementations on a variety of platforms. To date, most published and standardized S-boxes are bijective functions on elements of 4 or 8 bits. In this work, we explore the cryptographic properties and implementations of 8 and 16 bit S-boxes. We study the strength of these S-boxes in the context of Boolean functions and investigate area-optimized combinational hardware implementations. We then present a variety of new 8 and 16 bit S-boxes that have ideal cryptographic properties and enable low-area combinational implementations
Algorithm 959: VBF: A Library of C plus plus Classes for Vector Boolean Functions in Cryptography
VBF is a collection of C++ classes designed for analyzing vector Boolean functions (functions that map a Boolean vector to another Boolean vector) from a cryptographic perspective. This implementation uses the NTL library from Victor Shoup, adding new modules that call NTL functions and complement the existing ones, making it better suited to cryptography. The class representing a vector Boolean function can be initialized by several alternative types of data structures such as Truth Table, Trace Representation, and Algebraic Normal Form (ANF), among others. The most relevant cryptographic criteria for both block and stream ciphers as well as for hash functions can be evaluated with VBF: it obtains the nonlinearity, linearity distance, algebraic degree, linear structures, and frequency distribution of the absolute values of the Walsh Spectrum or the Autocorrelation Spectrum, among others. In addition, operations such as equality testing, composition, inversion, sum, direct sum, bricklayering (parallel application of vector Boolean functions as employed in Rijndael cipher), and adding coordinate functions of two vector Boolean functions are presented. Finally, three real applications of the library are described: the first one analyzes the KASUMI block cipher, the second one analyzes the Mini-AES cipher, and the third one finds Boolean functions with very high nonlinearity, a key property for robustness against linear attacks
- …