LFSR stream cipher RC4. Stream cipher. Stream Cipher

Similar documents
Stream Cipher. Block cipher as stream cipher LFSR stream cipher RC4 General remarks. Stream cipher

V.Sorge/E.Ritter, Handout 5

Cryptography CS 555. Topic 5: Pseudorandomness and Stream Ciphers. CS555 Spring 2012/Topic 5 1

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 2 Stream Ciphers ver.

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 2 Stream Ciphers ver.

New Address Shift Linear Feedback Shift Register Generator

Sequences and Cryptography

Stream Ciphers. Debdeep Mukhopadhyay

Cryptanalysis of LILI-128

Randomness analysis of A5/1 Stream Cipher for secure mobile communication

Performance Evaluation of Stream Ciphers on Large Databases

Testing of Cryptographic Hardware

DESIGN and IMPLETATION of KEYSTREAM GENERATOR with IMPROVED SECURITY

Attacking of Stream Cipher Systems Using a Genetic Algorithm

Design for Test. Design for test (DFT) refers to those design techniques that make test generation and test application cost-effective.

Pseudorandom bit Generators for Secure Broadcasting Systems

Designing Integrated Accelerator for Stream Ciphers with Structural Similarities

MATHEMATICAL APPROACH FOR RECOVERING ENCRYPTION KEY OF STREAM CIPHER SYSTEM

21.1. Unit 21. Hardware Acceleration

Fault Analysis of Stream Ciphers

EFFICIENT IMPLEMENTATION OF RECENT STREAM CIPHERS ON RECONFIGURABLE HARDWARE DEVICES

WG Stream Cipher based Encryption Algorithm

Testing Digital Systems II

An Introduction to Cryptography

Encryption. Secure Chat. Encryption Machine

How to Predict the Output of a Hardware Random Number Generator

Physical Layer Built-in Security Analysis and Enhancement of CDMA Systems

A Pseudorandom Binary Generator Based on Chaotic Linear Feedback Shift Register

(12) Patent Application Publication (10) Pub. No.: US 2003/ A1

Fault Analysis of Stream Ciphers

A New Proposed Design of a Stream Cipher Algorithm: Modified Grain - 128

Eric Roberts and Jerry Cain Handout #36 CS 106J May 15, The Enigma Machine

Decim v2. To cite this version: HAL Id: hal

Modified Version of Playfair Cipher Using Linear Feedback Shift Register and Transpose Matrix Concept

VLSI Test Technology and Reliability (ET4076)

Permutation-based cryptography for the Internet of Things

Modified Alternating Step Generators with Non-Linear Scrambler

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

UPDATE TO DOWNSTREAM FREQUENCY INTERLEAVING AND DE-INTERLEAVING FOR OFDM. Presenter: Rich Prodan

Power Optimization of Linear Feedback Shift Register Using Clock Gating

CS408 Cryptography & Internet Security

Physical Layer Built-in Security Enhancement of DS-CDMA Systems Using Secure Block Interleaving

Most people familiar with codes and cryptography have at least heard of the German

Physical Layer Built-in Security Enhancement of DS-CDMA Systems Using Secure Block Interleaving

Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors

Sherlock Holmes and the adventures of the dancing men

CMOS Testing-2. Design for testability (DFT) Design and Test Flow: Old View Test was merely an afterthought. Specification. Design errors.

LFSR Counter Implementation in CMOS VLSI

Institute of Southern Punjab, Multan

Individual Project Report

Welch Gong (Wg) 128 Bit Stream Cipher For Encryption and Decryption Algorithm

Design of Fault Coverage Test Pattern Generator Using LFSR

CSE 352 Laboratory Assignment 3

LFSR Based Watermark and Address Generator for Digital Image Watermarking SRAM

Multiple Image Secret Sharing based on Linear System

An Improved Hardware Implementation of the Grain-128a Stream Cipher

TEST PATTERN GENERATION USING PSEUDORANDOM BIST

EE241 - Spring 2001 Advanced Digital Integrated Circuits. References

2e 23-1 Peta Bits Per Second (Pbps) PRBS HDL Design for Ultra High Speed Applications/Products

DETERMINISTIC SEED RANGE AND TEST PATTERN DECREASE IN LOGIC BIST

Breaking the Enigma. Dmitri Gabbasov. June 2, 2015

Comparative Analysis of Stein s. and Euclid s Algorithm with BIST for GCD Computations. 1. Introduction

Segmented Leap-Ahead LFSR Architecture for Uniform Random Number Generator

Bit Swapping LFSR and its Application to Fault Detection and Diagnosis Using FPGA

Efficient Realization for A Class of Clock-Controlled Sequence Generators

The Swiss cipher machine NeMa

Design and Implementation of Data Scrambler & Descrambler System Using VHDL

Enigma. Developed and patented (in 1918) by Arthur Scherbius Many variations on basic design Eventually adopted by Germany

Securing Scan Design Using Lock & Key Technique

BLOCK CIPHER AND NON-LINEAR SHIFT REGISTER BASED RANDOM NUMBER GENERATOR QUALITY ANALYSIS

A Look at Some Scrambling Techniques U sed in Various Data Transport Protocols

MODERN day VLSI designs are placing an ever increasing

CSc 466/566. Computer Security. 4 : Cryptography Introduction

VLSI System Testing. BIST Motivation

Synthesis Techniques for Pseudo-Random Built-In Self-Test Based on the LFSR

Fault Analysis of GRAIN-128

Design and Analysis of a Linear Feedback Shift Register with Reduced Leakage Power

Fully Pipelined High Speed SB and MC of AES Based on FPGA

Cabinet War Rooms SIGSALY. The A-3 scrambler

True Random Number Generation with Logic Gates Only

BeepBeep: Embedded Real-Time Encryption

(12) United States Patent (10) Patent No.: US 6,409,089 B1. Eskicioglu (45) Date of Patent: Jun. 25, 2002

Implementation of a new DES chip 1

Design and Implementation OF Logic-BIST Architecture for I2C Slave VLSI ASIC Design Using Verilog

Power Optimization of Linear Feedback Shift Register (LFSR) using Power Gating

Optimization of Multi-Channel BCH Error Decoding for Common Cases. Russell Dill Master's Thesis Defense April 20, 2015

DESIGN OF LOW POWER TEST PATTERN GENERATOR

SECURED EEG DISTRIBUTION IN TELEMEDICINE USING ENCRYPTION MECHANISM

Built-In Self-Test (BIST) Abdil Rashid Mohamed, Embedded Systems Laboratory (ESLAB) Linköping University, Sweden

Further Details Contact: A. Vinay , , #301, 303 & 304,3rdFloor, AVR Buildings, Opp to SV Music College, Balaji

CRYPTOGRAPHY. Sharafat Ibn Mollah Mosharraf TOUCH-N-PASS EXAM CRAM GUIDE SERIES. Special Edition for CSEDU. Students CSE, DU )

ISSN (Print) Original Research Article. Coimbatore, Tamil Nadu, India

Design of BIST with Low Power Test Pattern Generator

(Refer Slide Time: 2:03)

Dynamic Power Reduction in Sequential Circuits Using Look Ahead Clock Gating Technique R. Manjith, C. Muthukumari

Available online at ScienceDirect. Procedia Computer Science 46 (2015 ) Aida S Tharakan a *, Binu K Mathew b

CMSC 313 Preview Slides

Statistical analysis of the LFSR generators in the NIST STS test suite

LECTURE NOTES ON Classical Cryptographic Techniques ( Substitution Ciphers System)

VHDL Implementation of Logic BIST (Built In Self Test) Architecture for Multiplier Circuit for High Test Coverage in VLSI Chips

Transcription:

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 89 Stream Cipher Suppose you want to encrypt a stream of data, such as: the data from a keyboard the data from a sensor Block ciphers might be awkward/inefficient (consider each keystroke as a block??).

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 90 The way we use a stream cipher is a bit like a the way we use a one-time pad (OTP): we generate a key that s as long as the data. However, we generate it from a short random seed, so it is not random like the key used in the OTP. The key stream is not random, but pseudorandom. Plaintext Ciphertext Key/Seed Pseudo-random generator Keystream

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 91 Example 1: LFSR Linear Feedback Shift Register: Building block for many stream ciphers Can be implemented very efficiently Key idea: have register of single bit cells shifted by one at every clock cycle together with feedback function Source: Wikipedia

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 92 Example: Source: Wikipedia

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 93 Reasoning about LFSRs Interesting property: Length of keystream period If the LFSR has n bits, the keystream period will be at most 2 n, but could be much less. LFSRs are not very secure.

Combining LFSRs LFSRs are insecure in practice (given a lot of output, the tap positions can be computed fairly efficiently) Hence multiple LFSRs are combined in non-linear fashion Source: Wikipedia Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 94

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 95 Content Scrambling System (CSS) is an encryption system used on DVDs. Sector encryption is combination of two LFSR s added modulo 256 (observing carry bit from previous addition): seed 1 K 0 K 1 17 bit LFSR add modulo 256 8 bit keystream 1 K 2 K 3 K 4 25 bit LFSR However, this can be broken in time 2 17 (which is much less than the expected 2 42 ).

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 96 A5/1 used in GSM mobile phone communication Became public knowledge through leaks and reverse engineering Built from three LFSRs with irregular clock cycle 54 bit secret key and 22 bit initialisation vector A register is shifted only if its clock bit is the same as majority of the three clock bits

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 97 Source: Wikipedia

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 98 Security of A5/1 Better design: Clock shift make cryptanalysis much harder However, advanced techniques means mainstream PC with terabytes of flash memory (to store pre-processed tables) can break A5/1 with probability 90% in a few seconds

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 99 Example 2: invented 1987 by Ron Rivest Main datastructure is array S of 256 bytes. Consists of two phases: Initalisation of S phase ( key schedule ) Keystream generation phase

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 100 Code for for i := 0 to 255 do S[i] := i end j := 0 for i := 0 to 255 do j := (j + S[i] + K[i mod keylength]) mod 256 swap(s[i],s[j]) end i := 0 j := 0 while GeneratingOutput: i := (i + 1) mod 256 j := (j + S[i]) mod 256 swap(s[i],s[j]) output S[(S[i] + S[j]) mod 256] end

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 101 Graphical representation Source: Wikipedia

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 102 Properties of Extremely compact, and beautiful Exhaustively studied Two books, and hundreds of research papers Pretty good! But not good enough by modern standards: Numerous attacks (biases in the stream, especially the first few bytes) Led to real attacks on WEP, and modes of TLS that use it

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 103 WEP Old standard for encryption on wireless networks based on, but seriously broken - don t use Source: Wikipedia

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 104 Weaknesses in WEP Initialisation vector only 24 bits, hence key streams repeat after at most 2 24 frames First bytes of key stream known because standard headers are always sent. These two facts have led to the development of a method which can crack the key in minutes on modern PC hardware

Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 105 Example 3 A block cipher like AES, using counter mode. This is certainly the best of the stream ciphers seen so far!

2024 © artsdocbox.com Privacy Policy | Terms of Service | Feedback