Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

Watermarking for the Secure Transmission of the Key into an Encrypted Image

Ensuring the confidentiality of any data exchanged always presents a great concern for all communication instances. Technically, encryption is the ideal solution for this task. However, this process must deal with the progress of the cryptanalysis that aims to disclose the information exchanged. The risk increases due to the need for a dual transmission that includes the encrypted medium and the decryption key. In a context of chaotic encryption of images, we propose to insert the decryption key into the encrypted image using image watermarking. Thus, only the watermarked encrypted image will be transmitted. Upon reception, the recipient extracts the key and decrypts the image. The cryptosystem proposed is based on an encryption using a dynamic Look-Up Table issued from a chaotic generator. The obtained results prove the efficiency of our method to ensure a secure exchange of images and keys

A 1 Gbps Chaos-Based Stream Cipher Implemented in 0.18 m CMOS Technology

In this work, a novel chaos-based stream cipher based on a skew tent map is proposed and implemented in a 0.18 µm CMOS (Complementary Metal-Oxide-Semiconductor) technology. The proposed ciphering algorithm uses a linear feedback shift register that perturbs the orbits generated by the skew tent map after each iteration. This way, the randomness of the generated sequences is considerably improved. The implemented stream cipher was capable of achieving encryption speeds of 1 Gbps by using an approximate area of ~20,000 2-NAND equivalent gates, with a power consumption of 24.1 mW. To test the security of the proposed cipher, the generated keystreams were subjected to National Institute of Standards and Technology (NIST) randomness tests, proving that they were undistinguishable from truly random sequences. Finally, other security aspects such as the key sensitivity, key space size, and security against reconstruction attacks were studied, proving that the stream cipher is secure

A Covert Encryption Method for Applications in Electronic Data Interchange

A principal weakness of all encryption systems is that the output data can be ‘seen’ to be encrypted. In other words, encrypted data provides a ‘flag’ on the potential value of the information that has been encrypted. In this paper, we provide a new approach to ‘hiding’ encrypted data in a digital image. In conventional (symmetric) encryption, the plaintext is usually represented as a binary stream and encrypted using an XOR type operation with a binary cipher. The algorithm used is ideally designed to: (i) generate a maximum entropy cipher so that there is no bias with regard to any bit; (ii) maximize diffusion in terms of key dependency so that a change in any bit of the key can effect any, and potentially all, bits of the cipher. In the work reported here, we consider an approach in which a binary or low-bit plaintext image is encrypted with a decimal integer or floating point cipher using a convolution operation and the output quantized into a 1-bit array generating a binary image ciphertext. This output is then ‘embedded’ in a host image to hide the encrypted information. Embedding is undertaken either in the lowest 1-bit layer or multiple 1-bit layers. Decryption is accomplished by: (i) extracting the binary image from the host image; (ii) correlating the result with the original cipher. In principle, any cipher generator can be used for this purpose and the method has been designed to operate with 24-bit colour images. The approach has a variety of applications and, in this paper, we focus on the authentication and self-authentication of e-documents (letters and certificates, for example) that are communicated over the Internet and are thereby vulnerable to attack (e.g. modification, editing, counterfeiting etc.). In addition to document authentication, the approach considered provides a way of propagating disinformation and a solution to scenarios that require ‘plausible deniability’

Public Key Cryptography with the Brin-Thompson Group 2V

The Brin-Thompson group 2V is a simple, finitely presented group of functions with solvable word problem and unsolvable torsion problem, which makes it a promising platform group for the Anshel-Anshel-Goldfeld key agreement protocol. The primary results of this project are an implementation of 2V and the AAG protocol in Java, which is shown to be susceptible to the heuristic length based attack

Algebraic analysis of Trivium-like ciphers

Trivium is a bit-based stream cipher in the final portfolio of the eSTREAM project. In this paper, we apply the approach of Berbain et al. to Trivium-like ciphers and perform new algebraic analyses on them, namely Trivium and its reduced versions: Trivium-N, Bivium-A and Bivium-B. In doing so, we answer an open question in the literature. We demonstrate a new algebraic attack on Bivium-A. This attack requires less time and memory than previous techniques which use the F4 algorithm to recover Bivium-A's initial state. Though our attacks on Bivium-B, Trivium and Trivium-N are worse than exhaustive keysearch, the systems of equations which are constructed are smaller and less complex compared to previous algebraic analysis. Factors which can affect the complexity of our attack on Trivium-like ciphers are discussed in detail

On Some Symmetric Lightweight Cryptographic Designs

This dissertation presents cryptanalysis of several symmetric lightweight primitives, both stream ciphers and block ciphers. Further, some aspects of authentication in combination with a keystream generator is investigated, and a new member of the Grain family of stream ciphers, Grain-128a, with built-in support for authentication is presented. The first contribution is an investigation of how authentication can be provided at a low additional cost, assuming a synchronous stream cipher is already implemented and used for encryption. These findings are then used when presenting the latest addition to the Grain family of stream ciphers, Grain-128a. It uses a 128-bit key and a 96-bit initialization vector to generate keystream, and to possibly also authenticate the plaintext. Next, the stream cipher BEAN, superficially similar to Grain, but notably using a weak output function and two feedback with carry shift registers (FCSRs) rather than linear and (non-FCSR) nonlinear feedback shift registers, is cryptanalyzed. An efficient distinguisher and a state-recovery attack is given. It is shown how knowledge of the state can be used to recover the key in a straightforward way. The remainder of this dissertation then focuses on block ciphers. First, a related-key attack on KTANTAN is presented. The attack notably uses only a few related keys, runs in less than half a minute on a current computer, and directly contradicts the designers' claims. It is discussed why this is, and what can be learned from this. Next, PRINTcipher is subjected to linear cryptanalysis. Several weak key classes are identified and it is shown how several observations of the same statistical property can be made for each plaintext--ciphertext pair. Finally, the invariant subspace property, first observed for certain key classes in PRINTcipher, is investigated. In particular, its connection to large linear biases is studied through an eigenvector which arises inside the cipher and leads to trail clustering in the linear hull which, under reasonable assumptions, causes a significant number of large linear biases. Simulations on several versions of PRINTcipher are compared to the theoretical findings

Modernizing Password Usage In Computing

A study of password usage and crypotography in computing culminates in the development of a password manager that improves users' password security. PassMan offers two-factor encrypted storage of user passwords and account information via the Yubikey, a common hardware authentication device, login auto-typing, password strength calculation, and customizable password generation. *Includes CD