V.Sorge/E.Ritter, Handout 5
|
|
- Jessie Hood
- 5 years ago
- Views:
Transcription
1 Cryptography The University of Birmingham Autumn Semester 2015 School of Computer Science V.Sorge/E.Ritter, 2015 Handout 5 Summary of this handout: Stream Ciphers RC4 Linear Feedback Shift Registers CSS A5/1 II.3 Stream Ciphers A stream cipher is a symmetric cipher that encrypts the plaintext units one at a time and that varies the transformation of successive units during the encryption. In practise, the units are typically single bits or bytes. In contrast to a block cipher, which encrypts one block and then starts over again, a stream cipher encrypts plaintext streams continuously and therefore needs to maintain an internal state in order to avoid obvious duplication of encryptions. The main difference between stream ciphers and block ciphers is that stream ciphers have to maintain an internal state, while block ciphers do not. Recall that we have already seen how block ciphers avoid duplication and can also be transformed into stream ciphers via modes of operation. Basic stream ciphers are similar to the OFB and CTR modes for block ciphers in that they produce a continuous keystream, which is used to encipher the plaintext. However, modern stream ciphers are computationally far more efficient and easier to implement in both hard- and software than block ciphers and are therefore preferred in applications where speed really matters, such as in real-time audio and video encryption. Before we look at the technical details how stream ciphers work, we recall the One Time Pad, which we have briefly discussed in Handout 1. The One Time Pad is essentially an unbreakable cipher that depends on the fact that the key 1. is as long as the message, and 2. is a truly random sequence of letters that cannot be guessed. Both points are reasons, why the One Time Pad is unpractical, since one has to constantly exchange new keys and getting true randomness in practise is difficult to achieve. 41. Pseudo-random Generators One idea to overcome this problem is to not use keys that are fully random but keys that only look random. A relatively short string which is truly random is used to compute a larger string which, while of course not being truly random, is as good as being random. This large string is called a pseudo-random string, and it can be used to replace the random key in the One Time Pad. Algorithms that produce pseudo-random strings are called pseudo-random generators (PRG). The short string that initialises a pseudo-random generator is called a seed and takes the place of the secret key for stream ciphers. In overview a stream cipher works like this: Plaintext Key/Seed Pseudo-random Generator Keystream Ciphertext 42. Getting True Randomness The seed for a pseudo-random generator, and keys for symmetric encryption schemes in general, should be as random as possible. One uses for example physical random number generators to get good randomness. There are some physical sources that are supposed to produce good randomness, but the resulting bits may have a certain bias or some correlation. One usually circumvents this by taking the xor of bits obtained from different such sources. Typical physical sources of randomness include: Thermal noise in various electric circuits, 49
2 Radioactive decay, Atmospheric noise. In practise more easily available are events in computer hardware such as measurement of times between user key-strokes, and time needed to access different sectors on the hard-disk drive (the air turbulence caused by the spinning disk is supposed to be random). 43. Properties of Pseudo-random Generators One of the most important improper usages of stream ciphers is to re-use the seed and therefore the keystream twice, i.e., to encrypt several messages with the same key. Assume Eve intercepts two encryptionsc 1 = K M 1 andc 2 = K M 2 for two messagesm 1,M 2 with the same keyk then she can simply compute the xor of C 1 andc 2 yielding: C 1 C 2 = (M 1 K) (M 2 K) = M 1 M 2 Thus re-using the key leaks the xor of the actual plaintexts. Assuming that both messages contain ordinary text, Eve can use frequency analysis to recover the plaintextsm 1 andm 2 fromm 1 M 2. Thus one has to be careful not to re-use a key when using stream ciphers. There are mainly two methods to realise this: One might use successive parts of the output stream to encrypt successive messages. This requires synchronisation of the senders and the receivers streams by some means, usually by transmitting its position along with the encrypted message. This has disadvantages if the order of messages is changed in the transmission line or by the protocol. One might create a new seed for each message that needs to be encrypted. Then one additionally transmits the seed along with the message. Of course, the seed has to be transmitted secretly somehow. This can be done by combining the stream cipher with a block cipher and to transmit the seed enciphered with the block cipher before the actual ciphertext encrypted with the stream cipher. As a consequence it is important that stream ciphers appear random which can be checked with statistical methods and have a long period, i.e. can produce a large number of bits before the same keystream is produced again. Generally determining more of the sequence from a part should be computationally infeasible. Ideally, even if one knows the first one billion bits of the keystream sequence, the probability of guessing the next bit correctly should be no better than one half. We now have a look at several pseudo-random generators. II.3.1 RC4 RC4 is a stream-cipher invented by Ron Rivest in 1987 for RSA Security, which also holds the trademark for it. The source code was originally not released to the public because it was a trade secret, but was posted to a newsgroup some time ago; thus people referred to this version as alleged RC4. Today it is known that alleged RC4 indeed equals RC4. While RC4 does not hold up to most randomness tests, it is considered secure from a practical point of view if one takes certain precautions. It works on bytes instead of bits and can therefore be very efficiently implemented. It is used in many protocols such as SSL/TLS and b WEP. RC4 consists of two phases: an initialisation phase, which can also be understood as a key schedule, and a keystream generation phase. Its main data structure is an array S of 256 bytes. The array is initialised to the identity before any output is generated, i.e., the first cell is initialised with 0, the second with 1 and so on. Then the cells are permuted using a swap operation that depends on the current state and the chosen key K. The key K can be of variable size between 5 and 16 bytes. This keylength is a constant that is exploited during the initialisation algorithm. In pseudo code, the RC4 initialisation phase works as follows: 50
3 fori:= 0 to 255 do S[i] := i end j := 0 for i := 0 to 255 do j := (j + S[i] + K[i mod keylength]) mod 256 swap(s[i],s[j]) end After initialisation has been completed, the following procedure computes the pseudo-random sequence. For each output byte, new values of the variables i, j are calculated, the corresponding cells are swapped, and the content of a third cell is output. The algorithm looks as follows: i := 0 j := 0 while GeneratingOutput: i := (i + 1) mod 256 j := (j + S[i]) mod 256 swap(s[i],s[j]) output S[(S[i] + S[j]) mod 256] end In the while loop the first line makes sure every array element is used once after 256 iterations; the second line makes the output depend non-linearly on the array; the third line makes sure the array is evolved and modified as the iteration continues; and the fourth line makes sure the output sequence reveals little about the internal state of the array. The generated keystream is then xor-ed with the plaintext byte by byte. Here is a graphical depiction of RC4. Observe that the K here stands for the generated keystream byte and not for the initial key. Source: Wikipedia Nevertheless we can see that the first output byte depends on the content of 3 cells, only. This property can be used to launch attacks against the cipher, so one usually discards the first 256 bytes of output generated by this algorithm to prevent these attacks. II.3.2 LFSR Linear Feedback Shift Registers (LFSR) is a pseudo-random generator that is used as a building block for many modern stream ciphers. They can be very efficiently implemented in both hardware and software and constitute a very fast way to produce keystreams. They consist of a shift register, which is a group of single bit cells that shift by one cell at every clock cycle together with a linear function f, called the feedback function, that determines the new incoming bit for the shift register. The functionf generally uses some of the bits in the shift register to determine the new input bit. For instance below we have a 4 bit shift register, and the feedback function uses bit 1 and4to compute the new input. 51
4 The process of taking certain bits, but not all bits from a shift register is referred to as tapping. Thus the feedback function f above taps the bits 1 and 4. The sequence of bits tapped from a shift register by a feedback function is also referred to as the tapping sequence. Since normally the feedback function f is a simple xor of the tapped bits, the behaviour of an LFSR is determined by the tapping sequence together with the initial content of the shift register, which serves as seed for the PRG, and thereby as the key for the cipher. As an example take the following16 bit LFSR with tapping sequence[11,13,14,16]: Source: Wikipedia 44. Properties of LFSRs The main property one is interested in for an LFSR is of course the length of its period, i.e. how long it takes before the same keystream is reproduced. Since during the construction of the LFSR we can only choose the tapping sequence, as the seeds are random, we have to examine the effect of particular tapping sequences on the set of all possible initial states. This is done mathematically via computations inf 2. I will only sketch this process here: Let L be a LFSR, then we define 1. the state vector of L for the shift register s with n cells as s = [s 1,s 2,...,s n ], where s n is the highest bit, i.e., the next output bit. s 1 is the lowest bit, the one that will be filled with the result of the feedback function in the next step. 2. the connection polynomial c(x) F 2 [x] as follows: c(x) = c n x n +...+c 1 x+1, where c i is 1 if the i th cell in s is tapped or 0 if it is not tapped. For instance the connection polynomial for the above 16 bit LFSR is x 16 +x 14 +x 13 +x Observe that the trailing 1 does not correspond to a cell in the shift register as we start counting the registers from 1 (i.e., x 1 ) rather then from 0 (i.e.,x 0 ). c 1 c 2 c n 1 c n a matrixm = We can now easily express the transitions of the state vector s for L by s = M s and observe the behaviour oflgiven different seeds fors. The properties ofldepend strongly on the algebraic properties of the connection polynomial c(x) and reasoning about the security of L or how it could be attacked is done via examiningc(x). We will not go into any detail and only have a brief look at two examples how to generate sequences of states. Example: Let L be a 4 bit register with connection polynomial c(x) = x 3 + x + 1. Thus we get M = We denote the single states s of L by their corresponding integer value and recall
5 that the highest bit is right and the lowest left, e.g., s = [1,0,0,0] is 1 and s = [0,0,0,1] is 8. Observe that for state0we will always get the0state as a result. We get then the following sequences of states: The sequence can be easily computed using all16 possible values fors. In the example fors = 8 we get M s = = = Example: Let L be a 4 bit register with connection polynomial c(x) = x 4 + x + 1. Thus we get M = and the following sequences of states: Combining multiple LFSRs While LFSR are easy to build they are very insecure in practise. Even for large shift registers with good security properties, there are fairly efficient algorithms to compute the connection polynomial from a sufficiently long keystream. Thus in practise stream ciphers are built by combining multiple LFSRs in a non-linear fashion (i.e., with functions other than simple xor). The picture below illustrates how the output keystreams of n LFSRs are combined with a function F to produce the eventual keystream K. As an example for a non-linear function F consider F(x 1,x 2,x 3 ) = x 1 x 2 x 1 x 3, where the x i are output bits of three different LFSRs and is bit-wise multiplication inf 2. We will discuss two examples of stream ciphers using multiple LFSRs below. Source: Wikipedia Normally LFSRs are clocked regularly, i.e., for each bit of output they perform one shift. One way of introducing non-linearity is to make shifts dependent on the output of a second LFSR. Or, when combining several LFSRs, to express the clock of a each LFSR as a function in selected bits of the other LFSRs. We will discuss this in more detail for the A5/1 stream cipher. 53
6 II.3.3 CSS The content scrambling system (CSS) was the old proprietary standard to encrypt multimedia DVDs for copy protection. It is a stream cipher with a 40 bit key and two combined LFSRs and combines these with a fairly complex authentication and key extraction protocols. DVD players contain a CSS decryption module that performs key extraction and unscrambling. In a first step the DVD and the player authenticate each other and check their regional compatibility. (There are 8 different regions for DVDs and players in the world. DVDs released in each region will typically only play on players sold in that region. I.e., a DVD released in the UK Region 2 would not play on a player sold in the US Region 1.) Each player has roughly 400 Player Keys that are used to extract a Disk Key from the DVD, which is in turn used to extract a title key for each individual track. The title key is then used to extract for each single sector a 5 byte sector key, which is stored in bytes of a DVD sector. The 40 bits of the sector key are used as seed for the two LFSRs to start the actual decryption process. Each sector key is of the form K 0 K 1 K 2 K 3 K 4, where each K i has 8 bits. The pseudo random generator consists of: a 17 bit LFSR with connection polynomial x 15 +x+1 and seed1 K 0 K 1, a 25 bit LFSR with connection polynomial x 23 +x 20 +x 19 +x 11 and seed1 K 2 K 3 K 4, a combination function that adds every 8 bits of output from the LFSR modulo 256 while observing the carry bit from the previous addition. seed 8 bits 1 K 0 K 1 17 bit LFSR add modulo 256 Keystream 1 K 2 K 3 K 4 25 bit LFSR 8 bits 46. Security and Legal Issues In 1999 CSS was successfully re-engineered and is effectively insecure. Copies of the decss libraries started appearing on the Internet and Open Source solutions to playback CSS encrypted DVDs where created. However, the CSS licensing agency obtained court injunctions against both people developing decss tools as well as web sites distributing the code. Eventually in 2003 the California Supreme Court threw out the last law suit on grounds that decss falls under freedom of speech. According to the court s decision it is not legal to offer binary tools to enable illegal copying of protected content, however, it is perfectly legal to develop alternative means to decrypt CSS for legal purposes, such as the replay of legally purchased DVD content, as well as offering source code for others to read and to work on. In 2003 the European Parliament passed the European Directive on Copyright and Related Rights Regulations in which the development, provision, and possession of tools, the sole intended purpose of which is to facilitate the unauthorised removal or circumvention of the technical device is prohibited. As this definition is fairly vague, different member states implemented the directive differently in their respective national legislation. Some went so far as to even outlaw the discussion of how such tools could be built, as they are part of the development process. In the UK legislation the concept fair dealing prevents these extremities as working with protected content for the purposes... of research for a non-commercial purpose... the purpose of criticism or review... does not infringe any copyright in the work provided it is accompanied by a sufficient acknowledgement Some of the issues debated how digital copyright differs from normal copyright are: 54
7 Fair Use goes further than just fair dealing. It allows the use of copyright protected material also in commercial context for a number of purposes, such as criticism, parody and in education. Lifetime of Copyrights is normally limited in order to protect the copyright owner and enable them to earn proceeds for a finite time before their intellectual property will become public domain. An effective, enforceable digital content protection makes copyright effectively infinite. Liability Issues The focus on who commits a copyright infringement shifts from the actual perpetrators (i.e. the person that illegally copies content) to the tool-maker (i.e. the person providing software to unscramble content). For other copyrighted material, this is not the case: For example a photocopier can easily be abused to mass-copy a copyrighted book. However, no-one would sue the manufacturer of the photocopier. DeCSS is a library that can of course be used for ripping DVDs illegally, but also for playing back legally purchased content. 47. Illegal Primes Since any data on a computer is essentially only a string of binary numbers, it can be represented as a single number. Therefore, any program can simply be published as a single number as well. The C implementation of DeCSS for the Linux operation system was probably the first program to be published as a single, executable decimal number in Interestingly enough, it turned out that the number representing the program was a prime number. Since it was argued at the time that DeCSS was an illegal means to copyright infringement, DeCSS was the first known instance of a number, whose possession was deemed illegal by some, or simply an illegal prime number. Illegal primes are special instances of illegal numbers that represent some secret which is illegal to possess or distribute. These not only include implementations such as DeCSS but also software product keys, etc. As already mentioned for the AACS controversy, the question is, is it possible to patent a number and enforce that patent by stopping others from using and, in particular, publishing such a number as it might infringe a patent or copyright. Since I can represent any number in different bases (binary, octal, decimal, hexadecimal,... ) as well as a combination of other numbers using mathematical operations, would that imply that all representations are illegal? In the particular case of AACS, it can be used with millions of keys. Are all those illegal numbers and can one be prevented from using these numbers? Thinking this through further, illegal numbers have even more implications: One can mathematically show that you can produce an infinite number of primes that represent the compressed version of a program. (I put compressed in quotation marks since clearly some of the compressed programs are larger than the uncompressed ones.) This would mean that there is a potentially infinite number of numbers illegal. II.3.4 A5/1 A5/1 is a stream cipher used in GSM mobile phone communication. It was developed in 1987 in Europe and, while it was initially kept secret, it became public knowledge through leaks and reverse engineering. It is a stream cipher built from three LFSRs with irregular clock cycle, that use a 64 bit secret key (actually only 54 bits are relevant as 10 bits are fixed to 0) and 22 bit publicly available frame number for initialisation. In detail the pseudo random generator consists of: a 19 bit LFSR with connection polynomial x 19 +x 5 +x 2 +x+1 and clock bit 9, a 22 bit LFSR with connection polynomial x 22 +x+1 and clock bit 11, a 23 bit LFSR with connection polynomial x 23 +x 15 +x 2 +x+1 and clock bit 11, The output of the LFSRs is simply xor-ed together to compute the keystream. The idea of the clock bits is that a shift register is only shifted if its clock bit is the same as the majority of the three clock bits of the three LFSRs taken together. For example if two clock bits are 0 and one is 55
8 1 then only those two registers with clock bits 0 will be shifted. Thus in each cycle either two or three registers are shifted. The following graphic illustrates A5/1. Observe that the registers are enumerated starting with 0, thus the clock bits are labelled 8 and10. Source: Wikipedia The shift registers are initialised by xor-ing the64 bit key and the22 bit frame number step-wise into the originally empty register. This takes 86 cycles. The next 100 cycles are then computed and discarded. Afterwards communication can begin. Call transmission is consists of sequences of bursts, one burst is sent every milliseconds and contains 114 bits of information. For each burst A5/1 produces a 114 bit key stream which is xor-ed with the 114 bits before the digital signal is transformed into an audio signal. 56
9 Cryptography The University of Birmingham Autumn Semester 2015 School of Computer Science V.Sorge/E.Ritter, 2015 Mathematics 6 Generators Definition 22 Let (G, ) be a multiplicative group. We call the element g G a generator if for each h G there exists ani N suchh = g i. A group with a generator is called cyclic. If the groupghasnelements,g = {1,g,g 2,...,g n 1 }. Examples arez 5, where2and3are generators, but 4 is not. In a cyclic groupgwithnelements and generatorg, multiplication can reduced to integer addition by a lookup table, which for each element h stores the indexisuch that h = g i. We have then h k = g i g j (i+j) mod n = g We also can calculate inverses easily, as the inverse of h = g i is equal tog i mod n. An important result of group theory is Theorem 23 LetF be a field with finitely many elements. The group F is cyclic. As a consequence we can reduce multiplication in the finite field used by AES to integer addition. 57
LFSR stream cipher RC4. Stream cipher. Stream Cipher
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 89 Stream Cipher Suppose you want to encrypt a stream of data, such as: the data from a keyboard the data from a sensor Block ciphers
More informationStream Cipher. Block cipher as stream cipher LFSR stream cipher RC4 General remarks. Stream cipher
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2015. Slide: 90 Stream Cipher Suppose you want to encrypt a stream of data, such as: the data from a keyboard the data from a sensor Block ciphers
More informationCryptography CS 555. Topic 5: Pseudorandomness and Stream Ciphers. CS555 Spring 2012/Topic 5 1
Cryptography CS 555 Topic 5: Pseudorandomness and Stream Ciphers CS555 Spring 2012/Topic 5 1 Outline and Readings Outline Stream ciphers LFSR RC4 Pseudorandomness Readings: Katz and Lindell: 3.3, 3.4.1
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 2 Stream Ciphers ver.
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 2 Stream Ciphers ver. October 29, 2009 These slides were prepared by
More informationUnderstanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 2 Stream Ciphers ver.
Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 2 Stream Ciphers ver. October 29, 2009 These slides were prepared by
More informationStream Ciphers. Debdeep Mukhopadhyay
Stream Ciphers Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -7232 Classifications Objectives Feedback Based Stream
More informationNew Address Shift Linear Feedback Shift Register Generator
New Address Shift Linear Feedback Shift Register Generator Kholood J. Moulood Department of Mathematical, Tikrit University, College of Education for Women, Salahdin. E-mail: khmsc2006@yahoo.com. Abstract
More informationFault Analysis of Stream Ciphers
Fault Analysis of Stream Ciphers M.Sc. Thesis Ya akov Hoch yaakov.hoch@weizmann.ac.il Advisor: Adi Shamir Weizmann Institute of Science Rehovot 76100, Israel Abstract A fault attack is a powerful cryptanalytic
More informationISSN (Print) Original Research Article. Coimbatore, Tamil Nadu, India
Scholars Journal of Engineering and Technology (SJET) Sch. J. Eng. Tech., 016; 4(1):1-5 Scholars Academic and Scientific Publisher (An International Publisher for Academic and Scientific Resources) www.saspublisher.com
More informationMATHEMATICAL APPROACH FOR RECOVERING ENCRYPTION KEY OF STREAM CIPHER SYSTEM
MATHEMATICAL APPROACH FOR RECOVERING ENCRYPTION KEY OF STREAM CIPHER SYSTEM Abdul Kareem Murhij Radhi College of Information Engineering, University of Nahrian,Baghdad- Iraq. Abstract Stream cipher system
More informationSequences and Cryptography
Sequences and Cryptography Workshop on Shift Register Sequences Honoring Dr. Solomon W. Golomb Recipient of the 2016 Benjamin Franklin Medal in Electrical Engineering Guang Gong Department of Electrical
More informationHow to Predict the Output of a Hardware Random Number Generator
How to Predict the Output of a Hardware Random Number Generator Markus Dichtl Siemens AG, Corporate Technology Markus.Dichtl@siemens.com Abstract. A hardware random number generator was described at CHES
More informationOptimization of Multi-Channel BCH Error Decoding for Common Cases. Russell Dill Master's Thesis Defense April 20, 2015
Optimization of Multi-Channel BCH Error Decoding for Common Cases Russell Dill Master's Thesis Defense April 20, 2015 Bose-Chaudhuri-Hocquenghem (BCH) BCH is an Error Correcting Code (ECC) and is used
More informationRandomness analysis of A5/1 Stream Cipher for secure mobile communication
Randomness analysis of A5/1 Stream Cipher for secure mobile communication Prof. Darshana Upadhyay 1, Dr. Priyanka Sharma 2, Prof.Sharada Valiveti 3 Department of Computer Science and Engineering Institute
More informationBreaking the Enigma. Dmitri Gabbasov. June 2, 2015
Breaking the Enigma Dmitri Gabbasov June 2, 2015 1 Introduction Enigma was an electro-mechanical machine that was used before and during the World War II by Germany to encrypt and decrypt secret messages.
More informationDesign of Fault Coverage Test Pattern Generator Using LFSR
Design of Fault Coverage Test Pattern Generator Using LFSR B.Saritha M.Tech Student, Department of ECE, Dhruva Institue of Engineering & Technology. Abstract: A new fault coverage test pattern generator
More informationA Pseudorandom Binary Generator Based on Chaotic Linear Feedback Shift Register
A Pseudorandom Binary Generator Based on Chaotic Linear Feedback Shift Register Saad Muhi Falih Department of Computer Technical Engineering Islamic University College Al Najaf al Ashraf, Iraq saadmuheyfalh@gmail.com
More informationDESIGN and IMPLETATION of KEYSTREAM GENERATOR with IMPROVED SECURITY
DESIGN and IMPLETATION of KEYSTREAM GENERATOR with IMPROVED SECURITY Vijay Shankar Pendluri, Pankaj Gupta Wipro Technologies India vijay_shankarece@yahoo.com, pankaj_gupta96@yahoo.com Abstract - This paper
More informationCryptanalysis of LILI-128
Cryptanalysis of LILI-128 Steve Babbage Vodafone Ltd, Newbury, UK 22 nd January 2001 Abstract: LILI-128 is a stream cipher that was submitted to NESSIE. Strangely, the designers do not really seem to have
More informationDesign and Implementation of Data Scrambler & Descrambler System Using VHDL
Design and Implementation of Data Scrambler & Descrambler System Using VHDL Naina K.Randive Dept.of Electronics and Telecommunications Dept. of Electronics and Telecommunications P.R. Pote (Patil) college
More informationFault Analysis of Stream Ciphers
Fault Analysis of Stream Ciphers Jonathan J. Hoch and Adi Shamir Department of Computer Science and Applied Mathematics, The Weizmann Institute of Science, Israel Abstract. A fault attack is a powerful
More informationPerformance Evaluation of Stream Ciphers on Large Databases
IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.9, September 28 285 Performance Evaluation of Stream Ciphers on Large Databases Dr.M.Sikandar Hayat Khiyal Aihab Khan Saria
More informationModified Version of Playfair Cipher Using Linear Feedback Shift Register and Transpose Matrix Concept
Modified Version of Playfair Cipher Using Linear Feedback Shift Register and Transpose Matrix Concept Vinod Kumar,Santosh kr Upadhyay,Satyam Kishore Mishra,Devesh Singh Abstract In this paper we are presenting
More information21.1. Unit 21. Hardware Acceleration
21.1 Unit 21 Hardware Acceleration 21.2 Motivation When designing hardware we have nearly unlimited control and parallelism at our disposal We can create structures that may dramatically improve performance
More informationIndividual Project Report
EN 3542: Digital Systems Design Individual Project Report Pseudo Random Number Generator using Linear Feedback shift registers Index No: Name: 110445D I.W.A.S.U. Premaratne 1. Problem: Random numbers are
More informationAttacking of Stream Cipher Systems Using a Genetic Algorithm
Attacking of Stream Cipher Systems Using a Genetic Algorithm Hameed A. Younis (1) Wasan S. Awad (2) Ali A. Abd (3) (1) Department of Computer Science/ College of Science/ University of Basrah (2) Department
More informationAn Introduction to Cryptography
An Introduction to http://www.southernct.edu/~fields/ Terminology is the study of secret writing. This is the only branch of mathematics to be designated by the U.S. government as export-controlled. Cryptographic
More informationMultiple Image Secret Sharing based on Linear System
Indian Journal of Science and Technology, Vol 10(33), 10.17485/ijst/2017/v10i33/113085, September 2017 ISSN (Print) : 0974-6846 ISSN (Online) : 0974-5645 Multiple Image Secret Sharing based on Linear System
More information(12) Patent Application Publication (10) Pub. No.: US 2003/ A1
(19) United States US 2003O152221A1 (12) Patent Application Publication (10) Pub. No.: US 2003/0152221A1 Cheng et al. (43) Pub. Date: Aug. 14, 2003 (54) SEQUENCE GENERATOR AND METHOD OF (52) U.S. C.. 380/46;
More informationDesign for Test. Design for test (DFT) refers to those design techniques that make test generation and test application cost-effective.
Design for Test Definition: Design for test (DFT) refers to those design techniques that make test generation and test application cost-effective. Types: Design for Testability Enhanced access Built-In
More informationUPDATE TO DOWNSTREAM FREQUENCY INTERLEAVING AND DE-INTERLEAVING FOR OFDM. Presenter: Rich Prodan
UPDATE TO DOWNSTREAM FREQUENCY INTERLEAVING AND DE-INTERLEAVING FOR OFDM Presenter: Rich Prodan 1 CURRENT FREQUENCY INTERLEAVER 2-D store 127 rows and K columns N I data subcarriers and scattered pilots
More informationExercise 4. Data Scrambling and Descrambling EXERCISE OBJECTIVE DISCUSSION OUTLINE DISCUSSION. The purpose of data scrambling and descrambling
Exercise 4 Data Scrambling and Descrambling EXERCISE OBJECTIVE When you have completed this exercise, you will be familiar with data scrambling and descrambling using a linear feedback shift register.
More informationWATERMARKING USING DECIMAL SEQUENCES. Navneet Mandhani and Subhash Kak
Cryptologia, volume 29, January 2005 WATERMARKING USING DECIMAL SEQUENCES Navneet Mandhani and Subhash Kak ADDRESS: Department of Electrical and Computer Engineering, Louisiana State University, Baton
More informationPseudorandom bit Generators for Secure Broadcasting Systems
+00? IE.Nfejb~lV 4 Pseudorandom bit Generators for Secure Broadcasting Systems Chung-Huang Yang m Computer & Communication Research Laboratories Industrial Technology Research Institute Chutung, Hsinchu
More informationTesting of Cryptographic Hardware
Testing of Cryptographic Hardware Presented by: Debdeep Mukhopadhyay Dept of Computer Science and Engineering, Indian Institute of Technology Madras Motivation Behind the Work VLSI of Cryptosystems have
More informationCS408 Cryptography & Internet Security
CS408 Cryptography & Internet Security Lecture 4: Rotor Machines Enigma Reza Curtmola Department of Computer Science / NJIT How to move from pencil and paper to more automatic ways of encrypting and decrypting?
More informationVLSI Test Technology and Reliability (ET4076)
VLSI Test Technology and Reliability (ET476) Lecture 9 (2) Built-In-Self Test (Chapter 5) Said Hamdioui Computer Engineering Lab Delft University of Technology 29-2 Learning aims Describe the concept and
More informationSegmented Leap-Ahead LFSR Architecture for Uniform Random Number Generator
, pp.233-242 http://dx.doi.org/10.14257/ijseia.2013.7.5.21 Segmented Leap-Ahead LFSR Architecture for Uniform Random Number Generator Je-Hoon Lee 1 and Seong Kun Kim 2 1 Div. of Electronics, Information
More informationAnalysis of Different Pseudo Noise Sequences
Analysis of Different Pseudo Noise Sequences Alka Sawlikar, Manisha Sharma Abstract Pseudo noise (PN) sequences are widely used in digital communications and the theory involved has been treated extensively
More informationSherlock Holmes and the adventures of the dancing men
Sherlock Holmes and the adventures of the dancing men Kseniya Garaschuk May 30, 2013 1 Overview Cryptography (from Greek for hidden, secret ) is the practice and study of hiding information. A cipher is
More informationTrue Random Number Generation with Logic Gates Only
True Random Number Generation with Logic Gates Only Jovan Golić Security Innovation, Telecom Italia Winter School on Information Security, Finse 2008, Norway Jovan Golic, Copyright 2008 1 Digital Random
More informationComparative Analysis of Stein s. and Euclid s Algorithm with BIST for GCD Computations. 1. Introduction
IJCSN International Journal of Computer Science and Network, Vol 2, Issue 1, 2013 97 Comparative Analysis of Stein s and Euclid s Algorithm with BIST for GCD Computations 1 Sachin D.Kohale, 2 Ratnaprabha
More informationLFSRs as Functional Blocks in Wireless Applications Author: Stephen Lim and Andy Miller
XAPP22 (v.) January, 2 R Application Note: Virtex Series, Virtex-II Series and Spartan-II family LFSRs as Functional Blocks in Wireless Applications Author: Stephen Lim and Andy Miller Summary Linear Feedback
More informationDesignandImplementationofDataScramblerDescramblerSystemusingVHDL
Global Journal of Computer Science and Technology: A Hardware & Computation Volume 15 Issue 2 Version 1.0 Year 2015 Type: Double Blind Peer Reviewed International Research Journal Publisher: Global Journals
More informationECE 715 System on Chip Design and Test. Lecture 22
ECE 75 System on Chip Design and Test Lecture 22 Response Compaction Severe amounts of data in CUT response to LFSR patterns example: Generate 5 million random patterns CUT has 2 outputs Leads to: 5 million
More informationFully Pipelined High Speed SB and MC of AES Based on FPGA
Fully Pipelined High Speed SB and MC of AES Based on FPGA S.Sankar Ganesh #1, J.Jean Jenifer Nesam 2 1 Assistant.Professor,VIT University Tamil Nadu,India. 1 s.sankarganesh@vit.ac.in 2 jeanjenifer@rediffmail.com
More informationEncryption. Secure Chat. Encryption Machine
Encryption Introduction to Programming in Java: An Interdisciplinary Approach Robert Sedgewick and Kevin Wayne Copy right 2002 2010 19 Feb 2012 19:24:23 Secure Chat Encryption Machine Alice wants to send
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
Tarannum Pathan,, 2013; Volume 1(8):655-662 INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK VLSI IMPLEMENTATION OF 8, 16 AND 32
More informationLFSR Counter Implementation in CMOS VLSI
LFSR Counter Implementation in CMOS VLSI Doshi N. A., Dhobale S. B., and Kakade S. R. Abstract As chip manufacturing technology is suddenly on the threshold of major evaluation, which shrinks chip in size
More informationStanding Committee on Copyright and Related Rights
E SCCR/34/4 ORIGINAL: ENGLISH DATE: MAY 5, 2017 Standing Committee on Copyright and Related Rights Thirty-Fourth Session Geneva, May 1 to 5, 2017 Revised Consolidated Text on Definitions, Object of Protection,
More informationPhysical Layer Built-in Security Analysis and Enhancement of CDMA Systems
Physical Layer Built-in Security Analysis and Enhancement of CDMA Systems Tongtong Li Jian Ren Qi Ling Weiguo Liang Department of Electrical & Computer Engineering, Michigan State University, East Lansing,
More informationDesigning Integrated Accelerator for Stream Ciphers with Structural Similarities
Designing Integrated Accelerator for Stream Ciphers with Structural Similarities Sourav Sen Gupta 1, Anupam Chattopadhyay 2,andAyeshaKhalid 2 1 Centre of Excellence in Cryptology, Indian Statistical Institute,
More informationVLSI System Testing. BIST Motivation
ECE 538 VLSI System Testing Krish Chakrabarty Built-In Self-Test (BIST): ECE 538 Krish Chakrabarty BIST Motivation Useful for field test and diagnosis (less expensive than a local automatic test equipment)
More informationWG Stream Cipher based Encryption Algorithm
International Journal of Emerging Engineering Research and Technology Volume 3, Issue 11, November 2015, PP 63-70 ISSN 2349-4395 (Print) & ISSN 2349-4409 (Online) WG Stream Cipher based Encryption Algorithm
More informationPhysical Layer Built-in Security Enhancement of DS-CDMA Systems Using Secure Block Interleaving
Physical Layer Built-in Security Enhancement of DS-CDMA Systems Using Secure Block Qi Ling, Tongtong Li and Jian Ren Department of Electrical & Computer Engineering Michigan State University, East Lansing,
More informationCSc 466/566. Computer Security. 4 : Cryptography Introduction
1/51 CSc 466/566 Computer Security 4 : Cryptography Introduction Version: 2012/02/06 16:06:05 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg
More informationExploring the Enigma [The MATH Connection]
Exploring the Enigma [The MATH Connection] by Claire Ellis, from Issue 34 of PLUS Magazine As long ago as the Ancient Greeks, warring armies have encrypted their communications in an attempt to keep their
More informationChapter 4. Logic Design
Chapter 4 Logic Design 4.1 Introduction. In previous Chapter we studied gates and combinational circuits, which made by gates (AND, OR, NOT etc.). That can be represented by circuit diagram, truth table
More informationEric Roberts and Jerry Cain Handout #36 CS 106J May 15, The Enigma Machine
Eric Roberts and Jerry Cain Handout #36 CS 106J May 15, 2017 The Enigma Machine In World War II, a team of British mathematicians working at a secret facility called Bletchley Park was able to break the
More informationPhysical Layer Built-in Security Enhancement of DS-CDMA Systems Using Secure Block Interleaving
transmitted signal. CDMA signals can easily be hidden within the noise floor, and it is impossible to recover the desired user s signal without knowing both the user s spreading code and scrambling sequence.
More informationOverview: Logic BIST
VLSI Design Verification and Testing Built-In Self-Test (BIST) - 2 Mohammad Tehranipoor Electrical and Computer Engineering University of Connecticut 23 April 2007 1 Overview: Logic BIST Motivation Built-in
More informationPLTW Engineering Digital Electronics Course Outline
Open doors to understanding electronics and foundations in circuit design. Digital electronics is the foundation of all modern electronic devices such as cellular phones, MP3 players, laptop computers,
More informationColor Spaces in Digital Video
UCRL-JC-127331 PREPRINT Color Spaces in Digital Video R. Gaunt This paper was prepared for submittal to the Association for Computing Machinery Special Interest Group on Computer Graphics (SIGGRAPH) '97
More informationDigital Electronics Course Outline
Digital Electronics Course Outline PLTW Engineering Digital Electronics Open doors to understanding electronics and foundations in circuit design. Digital electronics is the foundation of all modern electronic
More informationReducing DDR Latency for Embedded Image Steganography
Reducing DDR Latency for Embedded Image Steganography J Haralambides and L Bijaminas Department of Math and Computer Science, Barry University, Miami Shores, FL, USA Abstract - Image steganography is the
More informationP1: OTA/XYZ P2: ABC c01 JWBK457-Richardson March 22, :45 Printer Name: Yet to Come
1 Introduction 1.1 A change of scene 2000: Most viewers receive analogue television via terrestrial, cable or satellite transmission. VHS video tapes are the principal medium for recording and playing
More informationCSE 352 Laboratory Assignment 3
CSE 352 Laboratory Assignment 3 Introduction to Registers The objective of this lab is to introduce you to edge-trigged D-type flip-flops as well as linear feedback shift registers. Chapter 3 of the Harris&Harris
More informationDecim v2. To cite this version: HAL Id: hal
Decim v2 Come Berbain, Olivier Billet, Anne Canteaut, Nicolas Courtois, Blandine Debraize, Henri Gilbert, Louis Goubin, Aline Gouget, Louis Granboulan, Cédric Lauradoux, et al. To cite this version: Come
More informationModified Alternating Step Generators with Non-Linear Scrambler
Modified Alternating Step Generators with Non-Linear Scrambler Robert Wicik, Tomasz Rachwalik, Rafał Gliwa Military Communication Institute, Cryptology Department, Zegrze, Poland {r.wicik, t.rachwalik,
More informationNETFLIX MOVIE RATING ANALYSIS
NETFLIX MOVIE RATING ANALYSIS Danny Dean EXECUTIVE SUMMARY Perhaps only a few us have wondered whether or not the number words in a movie s title could be linked to its success. You may question the relevance
More information3rd Slide Set Computer Networks
Prof. Dr. Christian Baun 3rd Slide Set Computer Networks Frankfurt University of Applied Sciences WS1718 1/41 3rd Slide Set Computer Networks Prof. Dr. Christian Baun Frankfurt University of Applied Sciences
More informationThe Swiss cipher machine NeMa
Faculty of Science, Technology and Communication The Swiss cipher machine NeMa Thesis Submitted in Partial Fulfillment of the Requirements for the Degree of Master in Information and Computer Sciences
More informationPermutation-based cryptography for the Internet of Things
Permutation-based cryptography for the Internet of Things Gilles Van Assche 1 Joint work with Guido Bertoni, Joan Daemen 1,2, Seth Hoffert, Michaël Peeters 1 and Ronny Van Keer 1 1 STMicroelectronics 2
More informationExample: compressing black and white images 2 Say we are trying to compress an image of black and white pixels: CSC310 Information Theory.
CSC310 Information Theory Lecture 1: Basics of Information Theory September 11, 2006 Sam Roweis Example: compressing black and white images 2 Say we are trying to compress an image of black and white pixels:
More informationCRYPTOGRAPHY. Sharafat Ibn Mollah Mosharraf TOUCH-N-PASS EXAM CRAM GUIDE SERIES. Special Edition for CSEDU. Students CSE, DU )
Special Edition for CSEDU Students TOUCH-N-PASS EXAM CRAM GUIDE SERIES CRYPTOGRAPHY Prepared By Sharafat Ibn Mollah Mosharraf CSE, DU 12 th Batch (2005 2005-2006 2006) Table of Contents CHAPTER 1: INTRODUCTION
More informationAn Improved Hardware Implementation of the Grain-128a Stream Cipher
An Improved Hardware Implementation of the Grain-128a Stream Cipher Shohreh Sharif Mansouri and Elena Dubrova Department of Electronic Systems Royal Institute of Technology (KTH), Stockholm Email:{shsm,dubrova}@kth.se
More informationEnable input provides synchronized operation with other components
PSoC Creator Component Datasheet Pseudo Random Sequence (PRS) 2.0 Features 2 to 64 bits PRS sequence length Time Division Multiplexing mode Serial output bit stream Continuous or single-step run modes
More informationTiming with Virtual Signal Synchronization for Circuit Performance and Netlist Security
Timing with Virtual Signal Synchronization for Circuit Performance and Netlist Security Grace Li Zhang, Bing Li, Ulf Schlichtmann Chair of Electronic Design Automation Technical University of Munich (TUM)
More informationCold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors
2017 IEEE International Symposium on High Performance Computer Architecture Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors Salessawi Ferede Yitbarek Misiker
More informationNON-BREAKABLE DATA ENCRYPTION WITH CLASSICAL INFORMATION
Fluctuation and Noise Letters Vol. 4, No. 2 (2004) C1 C5 c World Scientific Publishing Company NON-REKLE DT ENCRYPTION WITH CLSSICL INFORMTION LSZLO. KISH and SWMINTHN SETHURMN Texas &M University, Department
More informationKey-based scrambling for secure image communication
University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers: Part A Faculty of Engineering and Information Sciences 2012 Key-based scrambling for secure image communication
More informationPART FOUR. Polyalphabetic Substitution Systems PERIODIC POLYALPHABETIC SUBSTITUTION SYSTEMS
PART FOUR Polyalphabetic Substitution Systems PERIODIC POLYALPHABETIC SUBSTITUTION SYSTEMS CHAPTER 8 Section I Characteristics of Periodic Systems 8-1. Types of Polyalphabetic Systems All the substitution
More informationTitle: Lucent Technologies TDMA Half Rate Speech Codec
UWCC.GTF.HRP..0.._ Title: Lucent Technologies TDMA Half Rate Speech Codec Source: Michael D. Turner Nageen Himayat James P. Seymour Andrea M. Tonello Lucent Technologies Lucent Technologies Lucent Technologies
More informationA Look at Some Scrambling Techniques U sed in Various Data Transport Protocols
Nov 1993 DOC: IEEE PB02.11-93/216 IEEE 802.11 Wireless Access Methods and Physical Layer Specifications TITLE: DATE: AUTHOR: A Look at Some Scrambling Techniques U sed in Various Data Transport Protocols
More informationA Layered Approach for Watermarking In Images Based On Huffman Coding
A Layered Approach for Watermarking In Images Based On Huffman Coding D. Lalitha Bhaskari 1 P. S. Avadhani 1 M. Viswanath 2 1 Department of Computer Science & Systems Engineering, Andhra University, 2
More informationOptimum Composite Field S-Boxes Aimed at AES
Optimum Composite Field S-Boxes Aimed at AES R.THILLAIKKARASI Assistant professor, Department Of ECE, Salem college of Engineering and technology. Salem, India. K.VAISHNAVI Post Graduate Student M.E Applied
More informationFPGA IMPLEMENTATION AN ALGORITHM TO ESTIMATE THE PROXIMITY OF A MOVING TARGET
International Journal of VLSI Design, 2(2), 20, pp. 39-46 FPGA IMPLEMENTATION AN ALGORITHM TO ESTIMATE THE PROXIMITY OF A MOVING TARGET Ramya Prasanthi Kota, Nagaraja Kumar Pateti2, & Sneha Ghanate3,2
More informationThe Discussion of this exercise covers the following points:
Exercise 3-1 Digital Baseband Processing EXERCISE OBJECTIVE When you have completed this exercise, you will be familiar with various types of baseband processing used in digital satellite communications.
More informationA New "Duration-Adapted TR" Waveform Capture Method Eliminates Severe Limitations
31 st Conference of the European Working Group on Acoustic Emission (EWGAE) Th.3.B.4 More Info at Open Access Database www.ndt.net/?id=17567 A New "Duration-Adapted TR" Waveform Capture Method Eliminates
More informationModule 8 VIDEO CODING STANDARDS. Version 2 ECE IIT, Kharagpur
Module 8 VIDEO CODING STANDARDS Lesson 27 H.264 standard Lesson Objectives At the end of this lesson, the students should be able to: 1. State the broad objectives of the H.264 standard. 2. List the improved
More informationCryptanalysis of the Bluetooth E 0 Cipher using OBDD s
Cryptanalysis of the Bluetooth E 0 Cipher using OBDD s Yaniv Shaked and Avishai Wool School of Electrical Engineering Systems, Tel Aviv University, Ramat Aviv 69978, ISRAEL shakedy@eng.tau.ac.il, yash@acm.org
More informationSECURED EEG DISTRIBUTION IN TELEMEDICINE USING ENCRYPTION MECHANISM
SECURED EEG DISTRIBUTION IN TELEMEDICINE USING ENCRYPTION MECHANISM Ankita Varshney 1, Mukul Varshney 2, Jitendra Varshney 3 1 Department of Software Engineering, 3 Department Of Computer Science and Engineering
More informationDigital Transmission System Signaling Protocol EVLA Memorandum No. 33 Version 3
Digital Transmission System Signaling Protocol EVLA Memorandum No. 33 Version 3 A modified version of Digital Transmission System Signaling Protocol, Written by Robert W. Freund, September 25, 2000. Prepared
More information(12) United States Patent (10) Patent No.: US 6,409,089 B1. Eskicioglu (45) Date of Patent: Jun. 25, 2002
USOO64O9089B1 (12) United States Patent (10) Patent No.: Eskicioglu (45) Date of Patent: Jun. 25, 2002 (54) METHOD FOR PROTECTING THE (58) Field of Search... 235/382, 492; AUDIO/VISUAL DATA ACROSS THE
More informationUltra-lightweight 8-bit Multiplicative Inverse Based S-box Using LFSR
Ultra-lightweight -bit Multiplicative Inverse Based S-box Using LFSR Sourav Das Alcatel-Lucent India Ltd Email:sourav10101976@gmail.com Abstract. Most of the lightweight block ciphers are nibble-oriented
More informationECE 172 Digital Systems. Chapter 2.2 Review: Ring Counter, Johnson Counter. Herbert G. Mayer, PSU Status 7/14/2018
ECE 172 Digital Systems Chapter 2.2 Review: Ring Counter, Johnson Counter Herbert G. Mayer, PSU Status 7/14/2018 1 Syllabus l Ring Counter l Parallel Output Ring Counter l Ring Counter via D Flip-Flops
More informationPattern Creator/Converter Software User Manual
Application Note: HFAN-9.5.0 Rev.1; 04/08 Pattern Creator/Converter Software User Manual Pattern Creator/Converter Software User Manual 1 Introduction The Pattern Creator/Converter software (available
More informationAdaptive decoding of convolutional codes
Adv. Radio Sci., 5, 29 214, 27 www.adv-radio-sci.net/5/29/27/ Author(s) 27. This work is licensed under a Creative Commons License. Advances in Radio Science Adaptive decoding of convolutional codes K.
More informationEFFICIENT IMPLEMENTATION OF RECENT STREAM CIPHERS ON RECONFIGURABLE HARDWARE DEVICES
EFFICIENT IMPLEMENTATION OF RECENT STREAM CIPHERS ON RECONFIGURABLE HARDWARE DEVICES Philippe Léglise, François-Xavier Standaert, Gaël Rouvroy, Jean-Jacques Quisquater UCL Crypto Group, Microelectronics
More informationA NUMERIC COMPRESSION ALGORITHM FOR THE HP PRIME CALCULATOR DR. JACKIE F. WOLDERING HHC SEPT , 2015 NASHVILLE, TN.
A NUMERIC COMPRESSION ALGORITHM FOR THE HP PRIME CALCULATOR DR. JACKIE F. WOLDERING HHC SEPT. 26 27, 2015 NASHVILLE, TN. ABSTRACT VCR Plus+ Instant Programmer uses short (1 8 digit) codes to encrypt television
More information