Partition-Based Trapdoor Ciphers

Trapdoors are a two-face key concept in modern cryptography. They are primarily related to the concept of trapdoor function used in asymmetric cryptography. A trapdoor function is a one-to-one mapping that is easy to compute, but for which its inverse function is difficult to compute without special information, called the trapdoor. It is a necessary condition to get reversibility between the sender and the receiver for encryption or between the signer and the verifier for digital signature. The trapdoor mechanism is always fully public and detailed. The second concept of trapdoor relates to the more subtle and perverse concept of mathematical backdoor, which is a key issue in symmetric cryptography. In this case, the aim is to insert hidden mathematical weaknesses, which enable one who knows them to break the cipher. Therefore, the existence of a backdoor is a strongly undesirable property. This book deals with this second concept and is focused on block ciphers or, more specifically, on substitution-permutation networks (SPN). Inserting a backdoor in an encryption algorithm gives an effective cryptanalysis of the cipher to the designer

Automatic Search for a Maximum Probability Differential Characteristic in a Substitution-Permutation Network

The algorithm presented in this paper computes a maximum probability differential characteristic in a Substitution-Permutation Network (or SPN). Such characteristics can be used to prove that a cipher is practically secure against differential cryptanalysis or on the contrary to build the most effective possible attack. Running in just a few second on 64 or 128-bit SPN, our algorithm is an important tool for both cryptanalists and designers of SPN

Partition-Based Trapdoor Ciphers

This paper deals with block ciphers embedding a trapdoor which consists to map a partition of the plaintext space to a partition of the ciphertext space. In a first part, this issue is reduced to the study of the S-boxes of the cipher satisfying a few criteria. Then, differential and linear properties of such S-boxes are assessed and an algorithm to build optimal S-boxes is provided. Finally, these primitives are used to design a small trapdoor cipher resistant to linear and differential cryptanalysis. This trapdoor allows to recover the $\kappa$-bit master key with only one plaintext/ciphertext pair and an effort of $2^{\frac{\kappa}{2}}$ encryptions

Analyse combinatoire des chiffrements par blocs avec trappes

Trapdoors are a two-face key concept in modern cryptography. Even if they are essential in asymmetric cryptography, their role is reversed in symmetric cryptography. In this case, the aim is to insert hidden mathematical weaknesses which enable one who knows them to break the cipher, making the existence of a trapdoor a strongly undesirable property. For a backdoor cipher to be trusted, it must provide the same security proofs than any other cipher. The first part of this thesis focuses on a security analysis with respect to the two mains attacks on block ciphers, namely differential and linear cryptanalysis. The second part is devoted to the study of a family of backdoor ciphers introduced by Paterson and Harpes. These ciphers maps a partition of the plaintexts to a partition of the ciphertexts independently of the keys used. First the structure of such ciphers is investigated and bounds of their security are obtained. We then explain how the basic components of a backdoor cipher can be designed to achieve these bounds. Finally we introduce BEA-1, a real-size backdoor cipher based on this theory. This cipher resists differential and linear cryptanalysis whereas the knowledge of the trapdoor enables recovery of the full 120-bit cipher key in just a few second on a laptop computer.Les trappes jouent un double rôle dans la cryptographie moderne. Même si elles sont essentielles en cryptographie asymétrique, leur rôle est tout autre lorsque l’on considère la cryptographie symétrique. Dans ce cas, une trappe désigne une faiblesse mathématique insérée volontairement au cœur du chiffrement, permettant à son concepteur de le casser efficacement. Une telle propriété est alors fortement indésirable. Pour qu’un chiffrement à trappe puisse inspirer confiance, il doit fournir les mêmes preuves de sécurité que tout autre chiffrement. La première partie de cette thèse se concentre sur les analyses de sécurité par rapport aux deux principales cryptanalyses des chiffrements par blocs, à savoir les attaques différentielles et linéaires.La seconde partie est quant à elle dédiée à l’étude d’une famille de chiffrements à trappes introduite par Paterson et Harpes. Ces chiffrements envoient une partition des messages clairs sur une partition des messages chiffrés indépendamment des clés utilisées. Tout d’abord, nous étudions la structure de tels chiffrements puis obtenons des bornes sur leur sécurité. Nous expliquons ensuite comment les primitives du chiffrement doivent être conçues pour atteindre ces bornes. Enfin, nous présentons BEA-1, un chiffrement à trappe grandeur nature développé à partir de cette théorie. Bien qu’il soit résistant aux cryptanalyses différentielle et linéaire, la connaissance de la trappe permet de retrouver la clé de 120 bits en seulement quelques secondes sur un portable

Partition-Based Trapdoor Ciphers

Block encryption algorithms are now the most widely used cipher systems in the world to protect our communications and our data. Despite the fact that their design is open and public, there is absolutely no guarantee that there do not exist hidden features, at the mathematical design level, that could enable an attacker to break those systems in an operational way. Such features are called backdoors or trapdoors. The present book intends to address the feasibility of a particular class of such backdoors based on partitionning the plaintext and ciphertext message spaces. Going from the theory to the practical aspects, it is shown that mathematical backdoors in encryption systems are possible. This book, thus, intends to initiate a new field of research

A new drawing for simple Venn diagrams based on algebraic construction

Venn diagrams are used to display all relations between a finite number of sets. Recent researches in this domain concern the mathematical aspects of these constructions, but are not directed towards the readability of the diagram. This article presents a new way to draw easy-to-read Venn diagrams, in which each region tends to be drawn with the same size when the number of sets grows, and tends to draw a grid. Finally, using linear algebra, we prove that this construction gives a simple Venn diagram for any number of sets

Voxel Based Analysis of 3D Double Inversion Recovery for the detection of cortical abnormalities in drug resistant epilepsy

International audienc

Mechanisms of body weight gain in patients with Parkinson's disease after subthalamic stimulation

International audienceChronic bilateral subthalamic stimulation leads to a spectacular clinical improvement in patients with motor complications. However, the post-operative body weight gain involved may limit the benefits of surgery and induce critical metabolic disorders. Twenty-four Parkinsonians (61.1 +/- 1.4 years) were examined 1 month before (M - 1) and 3 months after (M + 3) surgery. Body composition and energy expenditure (EE) were measured (1) over 36 h in calorimetric chambers (CC) with rigorous control of food intakes and activities [sleep metabolic rate, resting activities, meals, 3 or 4 sessions of 20 min on a training bicycle at 13 km/h and daily EE] and (2) in resting conditions (basal metabolic rate) during an acute L-dopa challenge (M - 1) or according to acute 'off' and 'on' stimulation (M + 3). Before surgery, EE was compared between the Parkinsonian patients and healthy subjects matched for height and body composition (metabolic rate during sleep, daily EE) or matched to predicted values (basal metabolic rate). Before surgery, in Parkinsonian men but not women, (1) daily EE was higher while sleep metabolic rate was lower compared to healthy matched men (+9.2 +/- 3.9 and -8.2 +/- 2.3%, respectively, P < 0.05) and (2) basal metabolic rate (L-dopa 'on') was higher than predicted basal metabolic rate (+11.5 +/- 4.0%, P < 0.05) but was further increased without L-dopa (+8.4 +/- 3.2% vs L-dopa 'on', P < 0.05). EE during daily activities was higher during 'off' periods compared to 'on' periods for both men (+19.3 +/- 3.3%, P < 0.0001) and women (+16.1 +/- 4.7%, P < 0.01). After surgery, there was a 3.4 +/- 0.6 kg (P < 0.0001) body weight increase together with fat mass (P < 0.0001) and fat-free mass (P < 0.05) in Parkinsonian men and a 2.6 +/- 0.8 kg (P < 0.05) body weight increase together with fat mass (P < 0.05) in Parkinsonian women. Sleep metabolic rate increased in men (+7.5 +/- 2.0%, P < 0.01) to reach control values but remained unchanged in women. Daily EE decreased significantly in both men and women (-7.3 +/- 2.2% and -13.1 +/- 1.7%, respectively, P < 0.01) but there was no correlation between daily EE changes and body weight gain. Parkinson's disease is associated with profound alterations in the central control of energy metabolism. Normalization of energy metabolism after DBS-STN implantation may favour body weight gain, of which quality was gender specific. As men gained primarily fat-free mass, a reasonable weight gain may be tolerated, in contrast with women who gained only fat. Other factors such as changes in free-living physical activity may help to limit body weight gain in some patients

Ultra-small Super Paramagnetic Iron Oxide predicts higher disease activity in clinically isolated syndrome

Background: Macrophages are important components of inflammatory processes inmultiple sclerosis, closely linked to axonal loss, and can now be observed in-vivo usingUltra-Small super-Paramagnetic Iron Oxide (USPIO). We aimed to determine theprevalence of macrophage infiltration and to assess the predictive value on diseaseactivity and tissue injury after one year in clinical isolated syndrome patients.Methods: Thirty-five patients were imaged using conventional-MRI, magnetizationtransfer ratio (MTR) to assess tissue destructuration, gadolinium (Gd) to probe bloodbrain barrier integrity, and USPIO to study macrophage infiltration.Results: At baseline, patients showed 17 USPIO-positive lesions reflecting infiltrationof macrophages present from the onset. This infiltration was associated with higherlocal tissue destructuration as emphasized by lower MTR values of USPIO-positive/Gdpositivelesions compared to USPIO-negative/Gd-positive and to non-enhanced lesions,at baseline and Month-12, and no difference between USPIO-negative/Gd-positive andnon-enhanced lesions. While at baseline T2-lesion load of patients with USPIOenhancementcompared to patients with Gd-enhancement was not different, it washigher at Month-12. T1-lesion load was also higher at Month-12 in patients withUSPIO-enhancement.Conclusion: Infiltration of activated macrophages evidenced by USPIO enhancement,is present at the onset of MS and is associated with higher local and global progressionof tissue destructuration