DOCSLIB.ORG

LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm Ain Shams Engineering Journal (2014) xxx, xxx–xxx Ain Shams University Ain Shams Engineering Journal www.elsevier.com/locate/asej www.sciencedirect.com ELECTRICAL ENGINEERING LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm Hadia M.S. El Hennawy a, Alaa E.A. Omar b, Salah M.A. Kholaif c,* a Electronics and Communications Department, Faculty of Engineering, Ain Shams University, Cairo, Egypt b Head of Research Development Division, Research Development Center, Cairo, Egypt c Research Development Center, Cairo, Egypt Received 20 June 2013; revised 19 December 2013; accepted 9 August 2014 KEYWORDS Abstract Cryptographic algorithms for confidentiality and authentication play a major important Link Encryption Algorithm; role in nowadays information security Sen (2012) [1]. Encryption algorithms are becoming more Stream cipher; necessary to ensure the securely transmitted data over insecure communication channels. A new Linear Feedback Shift stream cipher is proposed. The design is very simple and based on 16 shift registers, nonlinear Register; and an output function. The proposed algorithm is characterized by a high performance in software Bit organization; with measured encryption/decryption on Pentium IV processor. We have performed detailed secu- Non Linear Function rity analysis, in particular, and standard statistical randomness test of the produced ciphertext. Experimental results in terms of performance and resources are presented. Ó 2014 Production and hosting by Elsevier B.V. on behalf of Ain Shams University. 1. Introduction ciphers have been becoming the best choice for several commu- nication protocols especially that used in wireless field [2]. Nowadays there are many stream cipher algorithms proposed Block ciphers are memory less algorithms that permute N-bit in both academic and industrial research. Stream cipher is an blocks of plain text data under the influence of the secret key important category of symmetric encryption algorithms [1]; and generate N-bit blocks of encrypted data, whereas stream what’s more, synchronous stream ciphers do not suffer from ciphers contain internal states and typically operate serially error propagation, because each bit is independently by generating a stream of pseudo random key bits, namely encrypted/decrypted from any other. Compared with block the keystream (stream ciphers are also called keystream gener- ciphers, most stream ciphers are generally much faster and ators). The keystream is then bitwise XORed with the data to have greater software efficiency. Due to these features, stream encrypt/decrypt. LEA is a word-oriented stream cipher; it takes a 128-bit ini- tial key and a 128-bit initial vector as input, and outputs a key- * Corresponding author. Tel.: +20 1227337460. stream of 32-bit words (where each 32-bit word is henceforth E-mail address: [email protected] (S.M.A. Kholaif). called a key word). This keystream is used to encrypt the plain Peer review under responsibility of Ain Shams University. text. To ensure the security of LEA, it is evaluated through a software implementation. Since the Linear Feedback Shift Registers (LFSRs) are pretty efficient in hardware and are Production and hosting by Elsevier http://dx.doi.org/10.1016/j.asej.2014.08.001 2090-4479 Ó 2014 Production and hosting by Elsevier B.V. on behalf of Ain Shams University. Please cite this article in press as: El Hennawy HMS et al., LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm, Ain Shams Eng J (2014), http:// dx.doi.org/10.1016/j.asej.2014.08.001 2 H.M.S. El Hennawy et al. the main building blocks of this cipher, it is possible to imple- where (&&) is bitwise AND, || is concatenation operator, and ment LEA in hardware and achieve higher throughput. LRot8 (x, y) = cyclic rotation of 8 bits sequence x by y posi- This paper is structured as follows. In Section 2 the LEA tion left. stream cipher algorithm specifications are briefly described. The Key Loading part use four keys groups SK (SK0 || SK1 In Section 3, we explain the security analysis of the LEA algo- ||...|| SK15), MK (MK0 || MK1 ||...|| MK15), IV (IV0 || IV1 rithm. In Section 4, we discuss the algorithm performance ||...|| IV15), and BK (BK0 || BK1 ||...|| BK15), respectively, results. Finally, Section 5 concludes the paper. to produce sixteen substrings of 32-bit according to the follow- ing rule Ri =Ski || MKi || IVi || BKi, where (0 6 i 6 15). The 2. Proposed Stream Cipher Algorithm generated value Ri is used as the initial state of the LFSR layer, and the BKi will be the rightmost bit with value equal to 1 for each register for register balancing requirement. The Proposed Link Encryption Algorithm, LEA, is a stream cipher algorithm. It is cryptological concept which was devel- oped for encipher/decipher 8-bit ASCII character. For each 2.3. The Linear Feedback Shift Register (LFSR), layer step, cipher or decipher, the algorithm is performed once deliv- ering an 8-bit key character. This character is combined with The Linear Feedback Shift Register (LFSR), illustrated in the plain (or cipher) character by bitwise addition to give the Fig. 2, has sixteen Registers of 32-bit (R0 to R15), each register 32 cipher (or plain) character. Thus there is no difference between is restricted to take values from the (1 to 2 – 1). The LFSR encipher/decipher and this meaningful to explain only the pro- layer has two stages of operations: the initialization stage of cess of encipherment. The algorithm is offering highest security sixteen register and the working stage. level achieved through the high nonlinear complexity and the In the initialization mode, each register LFSR receives a 32- complete re-initialization before every encryption process. bit input, which is obtained from key loading process. In the The idea of this algorithm is building up the key character working mode, the LFSR receives two 32-bit word inputs, sequence of combination of two different sequences, where the one word N, which is obtained from the 32-bit output M of first one has probable long period and the second one is high the nonlinear function F, and the other word R, from output complexity by using nonlinear functions. Moreover, both of feedback operation of LFSR. The output of the LFSR layer these sequences are statistically flat. The good statistical prop- stage supplies four 32-bit (128-bit) as input to the bit compres- erties of the first sequence are in principle that of Liner Feed- sion layer, and the last register R15 are used in producing key back Shift Registers (LFSRs) with primitive characteristic stream. polynomials to achieve maximal-length period. Also, those of Informative note: Since the multiplication of a 32-bit string i 32 the second part are achieved by using well distributed gener- R by 2 over GF (2 – 1) can be implemented by a cyclic shift 32 ated substitution boxes, confusion, and diffusion. The LEA of R to the left by i bits, only addition modulo 2 –1is encryption algorithm can be divided into a driving part and needed. a combining part. The driving part consists of a set of maxi- mum length Linear Feedback Shift Registers. It mainly gov- 2.4. The bit-compression layer erns the state sequence of the generator and is responsible for providing sequences of large periods and good statistics. The middle layer of the LEA algorithm is the bit-compression The combining part is essentially nonlinear. It has the task (BC). It receives four 32 bits (128-bit) from the four distinct to make the cipher stream generation to be mathematically registers of the LFSR layer and combine them using addition complex [3]. modulo 232, and bitwise XOR operations, as shown in Fig. 3. Finally it produces 32-bit word, which will be used as the input 2.1. General structure of algorithm of the nonlinear function F in the bottom layer. LEA is a word-oriented stream cipher that takes a 128-bit Key 2.5. The Nonlinear Function F layer and a 128-bit Initial Vector (IV) as input, and outputs a key stream of 32-bit words, see Fig. 1. LEA has three logical layers. The Non Linear Function or Finite state machine (FSM) func- The top layer is a Linear Feedback Shift Register (LFSR) of tion, as shown in Fig. 4, used as a non linear core, needs to sat- sixteen Registers, each cell of 32-bit, the middle layer is for isfy various cryptographic criteria. They must be balanced [4], bit compression (BC), and the bottom layer is a nonlinear possess high nonlinearity to resist fast correlation attacks [5], function (F). and must possess high algebraic degree: 2.2. Key loading To resist the Ronjom–Helleseth attack [6]. To resist the Berlekamp–Massey attack [5]. The Initialization key procedure has four main parts, a 128-bit As a necessary but not sufficient condition to resist fast secret key (SK), 128-bit initialization value (IV), 240-bit Mas- algebraic attacks [7]. ter Key (MK), and 16-bit balance Key (BK). MK is combina- tion of SK and IV. In the case of FSM functions, a high order of correlation immunity is also necessary [8]. The nonlinear function F has 32-bit input comes from bit-compression stage. The construc- MK ¼ðLRot ðSK;2Þ&&ð0xFFFFFFFÞÞk 8 tion of nonlinear function sequences was designed for crypto- ðLRot8ðIV;5Þ&&ð0xFFFFFFFÞÞ: graphic robustness, efficiency when implemented in software. Please cite this article in press as: El Hennawy HMS et al., LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm, Ain Shams Eng J (2014), http:// dx.doi.org/10.1016/j.asej.2014.08.001 LEA: Link Encryption Algorithm New Proposed Stream Cipher Algorithm 3 Figure 1 General structure of Link Encryption Algorithm (LEA). Fig. 1, describes the general structure of LEA encryption algorithm, which is a word-oriented stream cipher that takes a 128-bit Key and a 128-bit Initial Vector (IV) as input, and outputs a key stream of 32- bit words.
Load more

Recommended publications
  • Zero Correlation Linear Cryptanalysis on LEA Family Ciphers
    Journal of Communications Vol. 11, No. 7, July 2016 Zero Correlation Linear Cryptanalysis on LEA Family Ciphers Kai Zhang, Jie Guan, and Bin Hu Information Science and Technology Institute, Zhengzhou 450000, China Email: [email protected]; [email protected]; [email protected] Abstract—In recent two years, zero correlation linear Zero correlation linear cryptanalysis was firstly cryptanalysis has shown its great potential in cryptanalysis and proposed by Andrey Bogdanov and Vicent Rijmen in it has proven to be effective against massive ciphers. LEA is a 2011 [2], [3]. Generally speaking, this cryptanalytic block cipher proposed by Deukjo Hong, who is the designer of method can be concluded as “use linear approximation of an ISO standard block cipher - HIGHT. This paper evaluates the probability 1/2 to eliminate the wrong key candidates”. security level on LEA family ciphers against zero correlation linear cryptanalysis. Firstly, we identify some 9-round zero However, in this basic model of zero correlation linear correlation linear hulls for LEA. Accordingly, we propose a cryptanalysis, the data complexity is about half of the full distinguishing attack on all variants of 9-round LEA family code book. The high data complexity greatly limits the ciphers. Then we propose the first zero correlation linear application of this new method. In FSE 2012, multiple cryptanalysis on 13-round LEA-192 and 14-round LEA-256. zero correlation linear cryptanalysis [4] was proposed For 13-round LEA-192, we propose a key recovery attack with which use multiple zero correlation linear approximations time complexity of 2131.30 13-round LEA encryptions, data to reduce the data complexity.
    [Show full text]
  • On the NIST Lightweight Cryptography Standardization
    On the NIST Lightweight Cryptography Standardization Meltem S¨onmez Turan NIST Lightweight Cryptography Team ECC 2019: 23rd Workshop on Elliptic Curve Cryptography December 2, 2019 Outline • NIST's Cryptography Standards • Overview - Lightweight Cryptography • NIST Lightweight Cryptography Standardization Process • Announcements 1 NIST's Cryptography Standards National Institute of Standards and Technology • Non-regulatory federal agency within U.S. Department of Commerce. • Founded in 1901, known as the National Bureau of Standards (NBS) prior to 1988. • Headquarters in Gaithersburg, Maryland, and laboratories in Boulder, Colorado. • Employs around 6,000 employees and associates. NIST's Mission to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. 2 NIST Organization Chart Laboratory Programs Computer Security Division • Center for Nanoscale Science and • Cryptographic Technology Technology • Secure Systems and Applications • Communications Technology Lab. • Security Outreach and Integration • Engineering Lab. • Security Components and Mechanisms • Information Technology Lab. • Security Test, Validation and • Material Measurement Lab. Measurements • NIST Center for Neutron Research • Physical Measurement Lab. Information Technology Lab. • Advanced Network Technologies • Applied and Computational Mathematics • Applied Cybersecurity • Computer Security • Information Access • Software and Systems • Statistical
    [Show full text]
  • LEA 192: High Speed Architecture of Lightweight Block Cipher
    International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Volume-9 Issue-2S, December 2019 LEA 192: High Speed Architecture of Lightweight Block Cipher Zeesha Mishra, Shubham Mishra, Bibhudendra Acharya The communication among connected things must be secure Abstract: High-throughput lightweight cryptography and fast while processing confidential data. Due to a calculation is the need of the present world to convey between two substantial amount of sensitive and valuable data and low asset obliged devices Pipelining is the technique have been used computational resources in the network, it has become to achieve high throughput. In this paper we have target to cumbersome to provide security in the IoT[2]. lightweight block cipher LEA. Block size of LEA is 128 and key Resource-constrained applications comprising of sensor size 128, 192, and 256 bit. In this paper we have focus on LEA architecture for 192- bit key size and achieve very good nodes in wireless sensor networks, RFID tags require smaller throughput. This method has a higher capability of throughput as footprint with minimum battery consumption. compared to previous LEA ciphers. Proposed work is 56% LEA[3] is a lightweight block cipher. LEA has 128-bit improved version of compared paper for respective Speed and block size with 128, 192, 256-bit key sizes and rounds 24, 28 area also less than previous architecture. Graph representation and 32 respectively. LEA supports simple ARX (addition have been shown of different matrices and comparison. rotation XOR ) operation, LEA is not using complex S-box Keywords : ARX, Block Cipher, Cryptography, LEA, structure like AES [4] hence it will give high-speed Lightweight, Pipeline, Throughput.
    [Show full text]
  • State of the Art in Lightweight Symmetric Cryptography
    State of the Art in Lightweight Symmetric Cryptography Alex Biryukov1 and Léo Perrin2 1 SnT, CSC, University of Luxembourg, [email protected] 2 SnT, University of Luxembourg, [email protected] Abstract. Lightweight cryptography has been one of the “hot topics” in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products. In this paper, we discuss the different implementation constraints that a “lightweight” algorithm is usually designed to satisfy. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (nist...) and international (iso/iec...) standards are listed. We then discuss some trends we identified in the design of lightweight algorithms, namely the designers’ preference for arx-based and bitsliced-S-Box-based designs and simple key schedules. Finally, we argue that lightweight cryptography is too large a field and that it should be split into two related but distinct areas: ultra-lightweight and IoT cryptography. The former deals only with the smallest of devices for which a lower security level may be justified by the very harsh design constraints. The latter corresponds to low-power embedded processors for which the Aes and modern hash function are costly but which have to provide a high level security due to their greater connectivity. Keywords: Lightweight cryptography · Ultra-Lightweight · IoT · Internet of Things · SoK · Survey · Standards · Industry 1 Introduction The Internet of Things (IoT) is one of the foremost buzzwords in computer science and information technology at the time of writing.
    [Show full text]
  • Tongan Ways of Talking
    TONGAN WAYS OF TALKING MELENAITE TAUMOEFOLAU University of Auckland Some excellent work has been published on Tongan speech levels from a sociolinguistic perspective (e.g., Philips 1991). The purpose of this article is to contribute to the literature by describing some important, not previously well-described features of ways of talking (WOT) in Tongan. I will use as my theoretical framework George Grace’s theory of language; he argued that a language is “a generalized way of talking about things” (Grace 1987: 99), a device for saying things, and it is, in turn, made up of “conventionalized ways of talking about consecrated subject-matters” (p. 103). In this article I will distinguish the following “ways of talking” (WOT):1 WOT 1. lea fakatu‘i—way of talking to or about the monarch/king (tu‘i) WOT 2. lea fakahouhou‘eiki—way of talking to or about chiefly people (hou‘eiki) WOT 3. lea fakamatäpule—polite way of talking that is characteristic of titled orators (matäpule) WOT 4. lea fakatökilalo / faka‘aki‘akimui—self-derogatory way of talking when addressing those of higher rank WOT 5. lea tavale—way of talking to a person with whom one is familiar or with whom one is socially equal, or way of talking to or about commoners (tu‘a) WOT 6. lea ‘ita—abusive way of talking Here I make four main claims about Tongan ways of talking: • The number of registers described for Tongan has been underestimated. I distinguish six (above) instead of the three that are traditionally described: of king—tu‘i, of chiefs—hou‘eiki, of commoners—tu‘a.
    [Show full text]
  • Partly-Pseudo-Linear Cryptanalysis of Reduced-Round SPECK
    cryptography Article Partly-Pseudo-Linear Cryptanalysis of Reduced-Round SPECK Sarah A. Alzakari * and Poorvi L. Vora Department of Computer Science, The George Washington University, 800 22nd St. NW, Washington, DC 20052, USA; [email protected] * Correspondence: [email protected] Abstract: We apply McKay’s pseudo-linear approximation of addition modular 2n to lightweight ARX block ciphers with large words, specifically the SPECK family. We demonstrate that a pseudo- linear approximation can be combined with a linear approximation using the meet-in-the-middle attack technique to recover several key bits. Thus we illustrate improvements to SPECK linear distinguishers based solely on Cho–Pieprzyk approximations by combining them with pseudo-linear approximations, and propose key recovery attacks. Keywords: SPECK; pseudo-linear cryptanalysis; linear cryptanalysis; partly-pseudo-linear attack 1. Introduction ARX block ciphers—which rely on Addition-Rotation-XOR operations performed a number of times—provide a common approach to lightweight cipher design. In June 2013, a group of inventors from the US’s National Security Agency (NSA) proposed two families of lightweight block ciphers, SIMON and SPECK—each of which comes in a variety of widths and key sizes. The SPECK cipher, as an ARX cipher, provides efficient software implementations, while SIMON provides efficient hardware implementations. Moreover, both families perform well in both hardware and software and offer the flexibility across Citation: Alzakari, S.; Vora, P. different platforms that will be required by future applications [1,2]. In this paper, we focus Partly-Pseudo-Linear Cryptanalysis on the SPECK family as an example lightweight ARX block cipher to illustrate our attack.
    [Show full text]
  • Triathlon of Lightweight Block Ciphers for the Internet of Things
    Triathlon of Lightweight Block Ciphers for the Internet of Things Daniel Dinu, Yann Le Corre, Dmitry Khovratovich, Léo Perrin, Johann Großschädl, and Alex Biryukov SnT and CSC, University of Luxembourg Maison du Nombre, 6, Avenue de la Fonte, L–4364 Esch-sur-Alzette, Luxembourg {dumitru-daniel.dinu,yann.lecorre,dmitry.khovratovich,leo.perrin}@uni.lu {johann.groszschaedl,alex.biryukov}@uni.lu Abstract. In this paper we introduce a framework for the benchmarking of lightweight block ciphers on a multitude of embedded platforms. Our framework is able to evaluate the execution time, RAM footprint, as well as binary code size, and allows one to define a custom “figure of merit” according to which all evaluated candidates can be ranked. We used the framework to benchmark implementations of 19 lightweight ciphers, namely AES, Chaskey, Fantomas, HIGHT, LBlock, LEA, LED, Piccolo, PRE- SENT, PRIDE, PRINCE, RC5, RECTANGLE, RoadRunneR, Robin, Simon, SPARX, Speck, and TWINE, on three microcontroller platforms: 8-bit AVR, 16-bit MSP430, and 32-bit ARM. Our results bring some new insights to the question of how well these lightweight ciphers are suited to secure the Internet of Things (IoT). The benchmarking framework provides cipher designers with an easy-to-use tool to compare new algorithms with the state-of-the-art and allows standardization organizations to conduct a fair and consistent evaluation of a large number of candidates. Keywords: IoT, lightweight cryptography, block ciphers, evaluation framework, benchmarking. 1 Introduction The Internet of Things (IoT) is a frequently-used term to describe the currently ongoing evolution of the Internet into a network of smart objects (“things”) with the ability to communicate with each other and to access centralized resources via the IPv6 (resp.
    [Show full text]
  • BRISK: Dynamic Encryption Based Cipher for Long Term Security
    sensors Article BRISK: Dynamic Encryption Based Cipher for Long Term Security Ashutosh Dhar Dwivedi Cyber Security Section, Department of Applied Mathematics and Computer Science, Technical University of Denmark, 2800 Kgs. Lyngby, Denmark; [email protected] or [email protected] Abstract: Several emerging areas like the Internet of Things, sensor networks, healthcare and dis- tributed networks feature resource-constrained devices that share secure and privacy-preserving data to accomplish some goal. The majority of standard cryptographic algorithms do not fit with these constrained devices due to heavy cryptographic components. In this paper, a new block cipher, BRISK, is proposed with a block size of 32-bit. The cipher design is straightforward due to simple round operations, and these operations can be efficiently run in hardware and suitable for software. Another major concept used with this cipher is dynamism during encryption for each session; that is, instead of using the same encryption algorithm, participants use different ciphers for each session. Professor Lars R. Knudsen initially proposed dynamic encryption in 2015, where the sender picks a cipher from a large pool of ciphers to encrypt the data and send it along with the encrypted message. The receiver does not know about the encryption technique used before receiving the cipher along with the message. However, in the proposed algorithm, instead of choosing a new cipher, the process uses the same cipher for each session, but varies the cipher specifications from a given small pool, e.g., the number of rounds, cipher components, etc. Therefore, the dynamism concept is used here in a different way.
    [Show full text]
  • Ten Strategies of a World-Class Cybersecurity Operations Center Conveys MITRE’S Expertise on Accumulated Expertise on Enterprise-Grade Computer Network Defense
    Bleed rule--remove from file Bleed rule--remove from file MITRE’s accumulated Ten Strategies of a World-Class Cybersecurity Operations Center conveys MITRE’s expertise on accumulated expertise on enterprise-grade computer network defense. It covers ten key qualities enterprise- grade of leading Cybersecurity Operations Centers (CSOCs), ranging from their structure and organization, computer MITRE network to processes that best enable effective and efficient operations, to approaches that extract maximum defense Ten Strategies of a World-Class value from CSOC technology investments. This book offers perspective and context for key decision Cybersecurity Operations Center points in structuring a CSOC and shows how to: • Find the right size and structure for the CSOC team Cybersecurity Operations Center a World-Class of Strategies Ten The MITRE Corporation is • Achieve effective placement within a larger organization that a not-for-profit organization enables CSOC operations that operates federally funded • Attract, retain, and grow the right staff and skills research and development • Prepare the CSOC team, technologies, and processes for agile, centers (FFRDCs). FFRDCs threat-based response are unique organizations that • Architect for large-scale data collection and analysis with a assist the U.S. government with limited budget scientific research and analysis, • Prioritize sensor placement and data feed choices across development and acquisition, enteprise systems, enclaves, networks, and perimeters and systems engineering and integration. We’re proud to have If you manage, work in, or are standing up a CSOC, this book is for you. served the public interest for It is also available on MITRE’s website, www.mitre.org. more than 50 years.
    [Show full text]
  • Differential Fault Attack On
    Differential Fault Attack on LEA Dirmanto Jap1 and Jakub Breier2 1School of Physical and Mathematical Sciences Nanyang Technological University, Singapore [email protected] 2Physical Analysis and Cryptographic Engineering Temasek Laboratories at Nanyang Technological University, Singapore [email protected] Abstract. LEA is a symmetric block cipher proposed in 2014. It uses ARX design and its main advantage is the possibility of a fast software implementation on common computing platforms. In this paper we propose a Differential Fault Analysis attack on LEA. By injecting random bit faults in the last round and in the penultimate round, we were able to recover the secret key by using 258 faulty encryp- tions in average. If the position of faults is known, then only 62 faulty encryptions are needed in order to recover the key which surpasses the results achieved so far. Keywords: LEA, Fault Attack, DFA 1 Introduction Today's applications require efficient ciphers that can run on small devices with constrained computing power. Recent trends show an increasing number of ser- vices intended for Internet of Things [8, 5] requiring both high level of security and fast running speed on embedded devices. For such applications, lightweight cryptography is an ideal choice. LEA [6] is a symmetric block cipher, using the ARX design (modular Ad- dition, bitwise Rotation, and bitwise XOR). It offers fast software encryption, comparable to lightweight ciphers, and comes in the same key size variants as AES. There is an exhaustive security analysis report published by Bogdanov et al. [2], stating that the cipher is secure against known cryptanalysis attacks.
    [Show full text]
  • A Survey of ARX-Based Symmetric-Key Primitives
    397 International Journal of Communication Networks and Information Security (IJCNIS) Vol. 11, No. 3, December 2019 A Survey of ARX-based Symmetric-key Primitives Nur Fasihah Mohd Esa1, Shekh Faisal Abdul-Latip1 and Mohd Rizuan Baharon1 1INSFORNET Centre for Advanced Computing Technology, Fakulti Teknologi Maklumat dan Komunikasi, Universiti Teknikal Malaysia Melaka Abstract: Addition Rotation XOR is suitable for fast and fast software-oriented implementation. Nevertheless, the implementation symmetric –key primitives, such as stream and security properties are still not well studied in literature as block ciphers. This paper presents a review of several block and compared to SPN and Feistel ciphers. stream ciphers based on ARX construction followed by the Observation of addition from [4]: First, addition modulo discussion on the security analysis of symmetric key primitives n where the best attack for every cipher was carried out. We 2 on the window can be approximated by addition modulo benchmark the implementation on software and hardware platforms according to the evaluation metrics. Therefore, this paper aims at . Second, this addition gives a perfect approximation if providing a reference for a better selection of ARX design strategy. the carry into the window is estimated correctly. The probability distribution of the carry is generated, depending Keywords: ARX, cryptography, cryptanalysis, design, stream on the probability of approximation correctness. The ciphers, block ciphers. probability of the carry is independent of w; in fact, for 1. Introduction uniformly distributed addends it is , where The rapid development of today’s computing technology has is the position of the least significant bit in the window. made computer devices became smaller which in turn poses Thirdly, the probability of correctness for a random guess of a challenge to their security aspects.
    [Show full text]
  • Data Security Collection with LEA Cipher for Iot-Based Monitoring
    EasyChair Preprint № 1421 Data Security Collection With LEA Cipher For IoT-Based Monitoring Xuelan Yang and Tao Hai EasyChair preprints are intended for rapid dissemination of research results and are integrated with the rest of EasyChair. August 25, 2019 Data Security Collection With LEA Cipher For IoT- Based Monitoring 1 2 Xuelan Yang , Tao Hai 1 Baoji University of Art and Science, Shaanxi, China 2 Baoji University of Art and Science, Shaanxi, China Abstract. There are tremendous security concerns with patient health monitoring sensors in Internet of Things (IoT). The concerns are also realized by recent sophisticated security and privacy attacks, including data breaching, data integrity, and data collusion. Conventional solutions often offer security to patients health monitoring data during the communication. However, they often fail to deal with complicated attacks at the time of data conversion into cipher and after the cipher transmission. In this paper, we first study privacy and security concerns with health-care data acquisition and then transmission. Then, we propose a secure data collection scheme for IoT-based healthcare system named SecureData with the aim to tackle security concerns similar to the above. SecureData scheme is composed of four layers: 1) IoT network sensors/devices; 2) Fog layers; 3) cloud computing layer; and 4) healthcare provider layer. We mainly contribute to the first three layers. For the first two layers, SecureData includes two techniques: 1) light-weight field programmable gate array (FPGA) hardware-based cipher algorithm and 2) secret cipher share algorithm. We study KATAN algorithm and we implement and optimize it on the FPGA hardware platform, while we use the idea of secret cipher sharing technique to protect patients’ data privacy.
    [Show full text]