Year 2010 Issues on Cryptographic Algorithms

In the financial sector, cryptographic algorithms are used as fundamental techniques for assuring confidentiality and integrity of data used in financial transactions and for authenticating entities involved in the transactions. Currently, the most widely used algorithms appear to be two-key triple DES and RC4 for symmetric ciphers, RSA with a 1024-bit key for an asymmetric cipher and a digital signature, and SHA-1 for a hash function according to international standards and guidelines related to the financial transactions. However, according to academic papers and reports regarding the security evaluation for such algorithms, it is difficult to ensure enough security by using the algorithms for a long time period, such as 10 or 15 years, due to advances in cryptanalysis techniques, improvement of computing power, and so on. To enhance the transition to more secure ones, National Institute of Standards and Technology (NIST) of the United States describes in various guidelines that NIST will no longer approve two-key triple DES, RSA with a 1024-bit key, and SHA-1 as the algorithms suitable for IT systems of the U.S. Federal Government after 2010. It is an important issue how to advance the transition of the algorithms in the financial sector. This paper refers to issues regarding the transition as Year 2010 issues in cryptographic algorithms. To successfully complete the transition by 2010, the deadline set by NIST, it is necessary for financial institutions to begin discussing the issues at the earliest possible date. This paper summarizes security evaluation results of the current algorithms, and describes Year 2010 issues, their impact on the financial industry, and the transition plan announced by NIST. This paper also shows several points to be discussed when dealing with Year 2010 issues.Cryptographic algorithm; Symmetric cipher; Asymmetric cipher; Security; Year 2010 issues; Hash function

Design implementation and analysis of a dynamic cryptography algorithm with applications

Cryptographers need to provide the world with a new encryption standard. DES, the major encryption algorithm for the past fifteen years, is nearing the end of its useful life. Its 56-bit key size is vulnerable to a brute-force attack on powerful microprocessors and recent advances in linear cryptanalysis and differential cryptanalysis indicate that DES is vulnerable to other attacks as well. A more recent attack called XSL, proposes a new attack against AES and Serpent. The attack depends much more critically on the complexity of the nonlinear components than on the number of rounds. Ciphers with small S-boxes and simple structures are particularly vulnerable. Serpent has small S-boxes and a simple structure. AES has larger S-boxes, but a very simple algebraic description. If the attack is proven to be correct, cryptographers predict it to break AES with a 2; 80 complexity, over the coming years; Many of the other unbroken algorithms---Khufu, REDOC II, and IDEA---are protected by patents. RC2 is broken. The U.S. government has declassified the Skipjack algorithm in the Clipper and Capstone chips

A Better Key Schedule for DES-like Ciphers

Several DES-like ciphers aren't utilizing their full potential strength, because of the short key and linear or otherwise easily tractable algorithms they use to generate their key schedules. Using DES as example, we show a way to generate round subkeys to increase the cipher strength substantially by making relations between the round subkeys practically intractable

A Novel Latin Square Image Cipher

In this paper, we introduce a symmetric-key Latin square image cipher (LSIC) for grayscale and color images. Our contributions to the image encryption community include 1) we develop new Latin square image encryption primitives including Latin Square Whitening, Latin Square S-box and Latin Square P-box ; 2) we provide a new way of integrating probabilistic encryption in image encryption by embedding random noise in the least significant image bit-plane; and 3) we construct LSIC with these Latin square image encryption primitives all on one keyed Latin square in a new loom-like substitution-permutation network. Consequently, the proposed LSIC achieve many desired properties of a secure cipher including a large key space, high key sensitivities, uniformly distributed ciphertext, excellent confusion and diffusion properties, semantically secure, and robustness against channel noise. Theoretical analysis show that the LSIC has good resistance to many attack models including brute-force attacks, ciphertext-only attacks, known-plaintext attacks and chosen-plaintext attacks. Experimental analysis under extensive simulation results using the complete USC-SIPI Miscellaneous image dataset demonstrate that LSIC outperforms or reach state of the art suggested by many peer algorithms. All these analysis and results demonstrate that the LSIC is very suitable for digital image encryption. Finally, we open source the LSIC MATLAB code under webpage https://sites.google.com/site/tuftsyuewu/source-code.Comment: 26 pages, 17 figures, and 7 table

Energy-Efficient Multi-Key Security Scheme for Wireless Sensor Network

This paper proposes multi-key encryption scheme and engine architecture (MKE) that increases security and optimizes energy efficiency of sensor networks, while minimizing modifications to existing implementations. The scheme improves security of AES against correlation power analysis (CPA) attack by employing MKE engine, breaking the correlation between power consumption and the used key. Other schemes utilize complex hardware designs, for example by using the inhomogeneous s-boxes that reduce energy efficiency of the engine. In contrast, the proposed hardware engine uses a randomly sequence of few keys to encode subsequent blocks of a messages. Additionally, the scheme improves security of AES against brute-force attacks for a given key size by utilizing multiple keys to encrypt subsequent blocks of a message. In contrast, a typical security upgrade would require a larger key size and encryption engine, which would increase cost and energy consumption of the devices. Both analytical and simulation results are presented in this paper