DOCSLIB.ORG

Administrative Details

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Administrative Details SECRET KEY: STREAM CIPHERS & BLOCK CIPHERS Sicurezza nelle reti e nei sistemi SECRET KEY CRYPTOGRAPHY march march Alice and Bob share 2010 A crypto protocol E Secret key: key: Secret stream & block ciphers A secret key K They communicate using E with key K Adversary knows E, knows some exchanged messages but ignores K Two approaches: Stream Cipher Block ciphers 2 STREAM CIPHERS march march Idea: try to simulate one-time pad 2010 define a secret key (“seed”) key: Secret stream & block ciphers using the seed generates a byte stream (Keystream): i-th byte is function of only key (synchronous stream cipher), or both key and first i-1 bytes of ciphertext (asynchronous stream cipher) obtain ciphertext by using XOR of plaintext and keystream (bit-wise) 3 SYNCHRONOUS STREAM CIPHER march march 2010 key encryption key: Secret stream & block ciphers stream plaintext = ciphertext 4 SYNCHRONOUS STREAM CIPHER march march 2010 key decryption key: Secret stream & block ciphers stream ciphertext = plaintext 5 CIPHER STREAMS IN PRACTICE march march Many codes before 2010 1940 Secret key: key: Secret stream & block ciphers Enigma - II world war (Germany) A5 – GSM (encryption cell phone-base station) WEP - used in Ethernet 802.11 (wireless) RC-4 (Ron‟s Code) Enigma wiring diagram showing current flow. The A key is encoded to the D lamp. D yields A, but A never yields A; this property was due to 6 a patented feature unique to the Enigmas, and could be exploited by cryptanalysts in some situations. A5/1 march march Stream cipher (1987) used to provide over-the-air 2010 communication privacy in the GSM cellular telephone standard key: Secret stream & block ciphers It was initially kept secret, but became public knowledge through leaks and reverse engineering. A number of serious weaknesses in the cipher have been identified. Used in Europe and the United States. A5/2 was a deliberate weakening of the algorithm for certain export regions Initially kept secret, but the general design was leaked in 1994, and the algorithms were entirely reverse engineered in 1999 by Marc Briceno There was a terrific row between the NATO signal intelligence agencies in the mid 1980s over whether 7 GSM encryption should be strong or not Ronald Linn Rivest RC-4 march march RC: Ron‟s Code 2010 (Ron = Ronald Rivest, MIT, born in key: Secret stream & block ciphers 1947 in NY state) Considered safe: 1987 - 1994 kept secret, after „94 extensively studied Good for exporting (complaining US restrictions) Easy to program, fast Very popular: Lotus Notes, SSL, Wep etc. 8 RC4: PROPERTIES march march variable key length (byte) 2010 synchronous key: Secret stream & block ciphers starting from the key, it generates an apparently random permutation eventually the sequence will repeat however, long period > 10100 (in this way it simulates one-time-pad) very fast: 1 byte of output requires 8-16 instructions 9 RC-4 INITIALIZATION march march Goal: generate a (pseudo)random permutation of 2010 the first 256 natural numbers Secret key: key: Secret stream & block ciphers 1. j=0 2. S0=0, S1=1, …, S255=255 3. Assume a key of 256 bytes k0,…,k255 (if the key is shorter, repeat) 4. for i=0 to 255 do j = (j + Si+ ki) mod 256 exchange Si and Sj In this way we obtain a permutation of 0, 1, …,255, the resulting permutation is a function of the key 10 RC-4 KEY-STREAM GENERATION march march Input: permutation S of 0,1,…255 2010 1. i = 0, j = 0 key: Secret stream & block ciphers 2. while (true) 3. i = (i + 1) mod 256 4. j = (j + Si) mod 256 5. exchange Si and Sj 6. t = (Si + Sj) mod 256 7. k = St // compute XOR at every iteration compute the XOR between k and next byte of plaintext (or ciphertext) 11 BLOCK CIPHERS march march 2010 Given Secret key: key: Secret stream & block ciphers a block P of text of h bits (h fixed) P a key k of fixed # of bits a cryptographic protocol Ek produces Ek a block C of h bits, function of P and k Note: lengths of both block and key C (# of bits) are fixed (not necessarily equal) 12 REAL WORLD BLOCK CIPHERS march march DES, 3-DES - (64 bit block, 56 bit key) 2010 AES (Rijndael) (128 bit block, 128-256 bit key) Secret key: key: Secret stream & block ciphers RC-2 RC-5 IDEA (64 bit block, 128 bit key) Blowfish, Cast Gost 13 SYMMETRIC BLOCK CIPHERS march march 2010 Secret key: key: Secret stream & block ciphers Standard out in DES AES 14 HISTORIC NOTE march march DES (data encryption standard) is a symmetric block 2010 cipher using 64 bit blocks and a 56 bit key. Secret key: key: Secret stream & block ciphers Developed at IBM, approved by the US government (1976) as a standard. Size of key (56 bits) was apparently small enough to allow the NSA (US national security agency) to break it exhaustively even back in 70‟s. In the 90‟s it became clear that DES is too weak for contemporary hardware & algorithmics (Matsui “linear attack”, requires only 243 known plaintext/ciphertext pairs; in 1999 Deep Crack and distributed.net break a DES key in 22 hours and 15 minutes) 15 HISTORIC NOTE (CONT.) march march The US government NIST (National Inst. of 2010 standards and technology) announced a call for an Secret key: key: Secret stream & block ciphers advanced encryption standard in 1997. This was an international open competition. Overall, 15 proposals were made and evaluated, and 6 were finalists. Out of those, a proposal named Rijndael, by Daemen and Rijmen (two Belgians), was chosen in February 2001. 16 AES - ADVANCED ENCRYPTION STANDARD march march 2010 Symmetric block cipher key: Secret stream & block ciphers Key lengths: 128, 192, or 256 bits Approved US standard (2001) Finite fields algebra 17 AES - ADVANCED ENCRYPTION STANDARD march march Symmetric block cipher 2010 Key lengths: 128, 192, or 256 bits key: Secret stream & block ciphers Rationale Resistance to all known attacks Speed and code compactness good for devices with limited computing power, e.g. smart cards Simplicity 18 AES SPECIFICATIONS march march 2010 • Input & output block length: 128 bits. • State: 128 bits, arranged in a 4-by-4 matrix of bytes. key: Secret stream & block ciphers A0,0 A0,1 A0,2 A0,3 Each byte is viewed as an A1,0 A1,1 A1,2 A1,3 element in A2,0 A2,1 A2,2 A2,3 GF(28) A3,0 A3,1 A3,2 A3,3 Input/Output: A , A , A , A , A ,… 0,0 1,0 2,0 3,0 0,1 19 AES Specifications • Key length: 128, 196, 256 bits. march march Cipher Key Layout: n = 128, 196, 256 bits, arranged in a 2010 4-by-n/32 matrix of bytes. key: Secret stream & block ciphers K0,0 K0,1 K0,2 K0,3 K0,4 K0,5 K1,0 K1,1 K1,2 K1,3 K1,4 K1,5 K2,0 K2,1 K2,2 K2,3 K2,4 K2,5 K3,0 K3,1 K3,2 K3,3 K3,4 K3,5 Initial layout: K , K , K , K , K ,… 0,0 1,0 2,0 3,0 0,1 20 AES SPECIFICATIONS march march High level code 2010 Secret key: key: Secret stream & block ciphers AES(State, Key) KeyExpansion(Key, ExpandKey) AddRoundKey(State, ExpandKey[0]) for (i = 1; i < R; i++) do Round(State, ExpandKey[i]); FinalRound(State, ExpandKey[R]); 21 Encryption: Carried out in rounds Secret key (128 bits) input block march (128 bits) 2010 Secret key: key: Secret stream & block ciphers output block (128 bits) 22 Rounds in AES 128 bits AES uses 10 rounds, no shortcuts march known for 6 rounds 2010 • The secret key is expanded from 128 bits Secret key: key: Secret stream & block ciphers to 10 round keys, 128 bits each. • Each round changes the state, then XORs the round key. (for longer keys, add one round for every extra 32 bits) Each rounds complicates things a little. Overall it seems infeasible to invert without 23 the secret key (but easy given the key). AES Specifications: One Round Transform the state by applying: march 2010 1. Substitution key: Secret stream & block ciphers A0,0 A0,1 A0,2 A0,3 2. Shift rows A1,0 A1,1 A1,2 A1,3 3. Mix columns 4. XOR round key A2,0 A2,1 A2,2 A2,3 A3,0 A3,1 A3,2 A3,3 24 Substitution (S-Box) march march Substitution operates on every Byte 2010 -1 separately: Ai,j <-- Ai,j key: Secret stream & block ciphers (multiplicative inverse in GF(28) which is highly non linear) If Ai,j = 0, don‟t change Ai,j Clearly, the substitution is invertible. 25 Cyclic Shift of Rows march march 2010 Secret key: key: Secret stream & block ciphers A0,0 A0,1 A0,2 A0,3 no shift shift 1 position A1,3 A1,0 A1,1 A1,2 shift 2 positions A2,2 A2,3 A2,0 A2,1 shift 3 positions A3,1 A3,2 A3,3 A3,0 Clearly, the shift is invertible. 26 Mixing Columns Every state column is considered as a Polynomial over GF(28) march 2010 Multiply with an invertible polynomial key: Secret stream & block ciphers 03 x3 + 01x2 + 01x + 02 (mod x4 + 1) Inv = 0B x3 + 0D x2 +09 x + 0E Round: SubBytes(State) ShiftRows(State) MixColumns(State) AddRoundKey(State,ExpandedKey[i]) 27 KEY EXPANSION march march Generate a “different key” per round 2010 Need a 4 x 4 matrix of values (over key: Secret stream & block ciphers GF(28)) per round Based upon a non-linear transformation of the original key.
Load more

Recommended publications
  • Block Ciphers
    Block Ciphers Chester Rebeiro IIT Madras CR STINSON : chapters 3 Block Cipher KE KD untrusted communication link Alice E D Bob #%AR3Xf34^$ “Attack at Dawn!!” message encryption (ciphertext) decryption “Attack at Dawn!!” Encryption key is the same as the decryption key (KE = K D) CR 2 Block Cipher : Encryption Key Length Secret Key Plaintext Ciphertext Block Cipher (Encryption) Block Length • A block cipher encryption algorithm encrypts n bits of plaintext at a time • May need to pad the plaintext if necessary • y = ek(x) CR 3 Block Cipher : Decryption Key Length Secret Key Ciphertext Plaintext Block Cipher (Decryption) Block Length • A block cipher decryption algorithm recovers the plaintext from the ciphertext. • x = dk(y) CR 4 Inside the Block Cipher PlaintextBlock (an iterative cipher) Key Whitening Round 1 key1 Round 2 key2 Round 3 key3 Round n keyn Ciphertext Block • Each round has the same endomorphic cryptosystem, which takes a key and produces an intermediate ouput • Size of the key is huge… much larger than the block size. CR 5 Inside the Block Cipher (the key schedule) PlaintextBlock Secret Key Key Whitening Round 1 Round Key 1 Round 2 Round Key 2 Round 3 Round Key 3 Key Expansion Expansion Key Key Round n Round Key n Ciphertext Block • A single secret key of fixed size used to generate ‘round keys’ for each round CR 6 Inside the Round Function Round Input • Add Round key : Add Round Key Mixing operation between the round input and the round key. typically, an ex-or operation Confusion Layer • Confusion layer : Makes the relationship between round Diffusion Layer input and output complex.
    [Show full text]
  • Performance Evaluation of Newly Proposed Lightweight Cipher, BRIGHT
    Received: January 22, 2019 71 Performance Evaluation of Newly Proposed Lightweight Cipher, BRIGHT Deepti Sehrawat1* Nasib Singh Gill1 1Department of Computer Science & Applications, Maharshi Dayanand University, Rohtak, Haryana, India * Corresponding author’s Email: [email protected] Abstract: Lightweight security algorithms are tailored for resource-constrained environment. To improve the efficiency of an algorithm, usually, a tradeoff is involved in lightweight cryptography in terms of its memory requirements and speed. By adopting several performance enhancement techniques, a security framework for IoT enabled applications is presented in this paper. Proposed BRIGHT family of ciphers is comparably better than existing lightweight ciphers and support a range of block and key sizes for constraint environment. It enables users to match their security needs with application requirements by supporting a range of cryptographic solutions. The BRIGHT family of ciphers is a software-oriented design. The performance of BRIGHT family of lightweight ciphers is evaluated on different parameters. All versions of BRIGHT family ciphers fulfill Strict Avalanche Criteria, key sensitivity test, and randomness test. BRIGHT family ciphers show better performance in terms of memory requirements, cost and speed as compared to existing lightweight ciphers. Keywords: Performance evaluation, BRIGHT, Cryptographic solutions, Lightweight block cipher, ARX, GFN, Feistel block ciphers. devices information security is evidently necessary 1. Introduction [3]. To provide high security and privacy, cryptographic solutions must be used. However, due In IoT field, various resource constraints devices to very low available energy, the limited size of ROM communicate in the network using RFID (Radio and RAM consumption and high-security demand in Frequency Identification Devices) which is a fast- a resource-constrained environment, lightweight growing technology that allows automated cryptographic security solutions are required [4].
    [Show full text]
  • Network Security H B ACHARYA
    Network Security H B ACHARYA NETWORK SECURITY Day 2 NETWORK SECURITY Encryption Schemes NETWORK SECURITY Basic Problem ----- ----- ? Given: both parties already know the same secret How is this achieved in practice? Goal: send a message confidentially Any communication system that aims to guarantee confidentiality must solve this problem NETWORK SECURITY slide 4 One-Time Pad (Vernam Cipher) ----- 10111101… ----- = 10111101… 10001111… = 00110010… 00110010… = Key is a random bit sequence as long as the plaintext Decrypt by bitwise XOR of ciphertext and key: ciphertext key = (plaintext key) key = Encrypt by bitwise XOR of plaintext (key key) = plaintext and key: plaintext ciphertext = plaintext key Cipher achieves perfect secrecy if and only if there are as many possible keys as possible plaintexts, and every key is equally likely (Claude Shannon, 1949) NETWORK SECURITY slide 5 Advantages of One-Time Pad Easy to compute ◦ Encryption and decryption are the same operation ◦ Bitwise XOR is very cheap to compute As secure as theoretically possible ◦ Given a ciphertext, all plaintexts are equally likely, regardless of attacker’s computational resources ◦ …if and only if the key sequence is truly random ◦ True randomness is expensive to obtain in large quantities ◦ …if and only if each key is as long as the plaintext ◦ But how do the sender and the receiver communicate the key to each other? Where do they store the key? NETWORK SECURITY slide 6 Problems with One-Time Pad Key must be as long as the plaintext ◦ Impractical in most realistic
    [Show full text]
  • Applied Cryptography and Data Security
    Lecture Notes APPLIED CRYPTOGRAPHY AND DATA SECURITY (version 2.5 | January 2005) Prof. Christof Paar Chair for Communication Security Department of Electrical Engineering and Information Sciences Ruhr-Universit¨at Bochum Germany www.crypto.rub.de Table of Contents 1 Introduction to Cryptography and Data Security 2 1.1 Literature Recommendations . 3 1.2 Overview on the Field of Cryptology . 4 1.3 Symmetric Cryptosystems . 5 1.3.1 Basics . 5 1.3.2 A Motivating Example: The Substitution Cipher . 7 1.3.3 How Many Key Bits Are Enough? . 9 1.4 Cryptanalysis . 10 1.4.1 Rules of the Game . 10 1.4.2 Attacks against Crypto Algorithms . 11 1.5 Some Number Theory . 12 1.6 Simple Blockciphers . 17 1.6.1 Shift Cipher . 18 1.6.2 Affine Cipher . 20 1.7 Lessons Learned | Introduction . 21 2 Stream Ciphers 22 2.1 Introduction . 22 2.2 Some Remarks on Random Number Generators . 26 2.3 General Thoughts on Security, One-Time Pad and Practical Stream Ciphers 27 2.4 Synchronous Stream Ciphers . 31 i 2.4.1 Linear Feedback Shift Registers (LFSR) . 31 2.4.2 Clock Controlled Shift Registers . 34 2.5 Known Plaintext Attack Against Single LFSRs . 35 2.6 Lessons Learned | Stream Ciphers . 37 3 Data Encryption Standard (DES) 38 3.1 Confusion and Diffusion . 38 3.2 Introduction to DES . 40 3.2.1 Overview . 41 3.2.2 Permutations . 42 3.2.3 Core Iteration / f-Function . 43 3.2.4 Key Schedule . 45 3.3 Decryption . 47 3.4 Implementation . 50 3.4.1 Hardware .
    [Show full text]
  • Identifying Open Research Problems in Cryptography by Surveying Cryptographic Functions and Operations 1
    International Journal of Grid and Distributed Computing Vol. 10, No. 11 (2017), pp.79-98 http://dx.doi.org/10.14257/ijgdc.2017.10.11.08 Identifying Open Research Problems in Cryptography by Surveying Cryptographic Functions and Operations 1 Rahul Saha1, G. Geetha2, Gulshan Kumar3 and Hye-Jim Kim4 1,3School of Computer Science and Engineering, Lovely Professional University, Punjab, India 2Division of Research and Development, Lovely Professional University, Punjab, India 4Business Administration Research Institute, Sungshin W. University, 2 Bomun-ro 34da gil, Seongbuk-gu, Seoul, Republic of Korea Abstract Cryptography has always been a core component of security domain. Different security services such as confidentiality, integrity, availability, authentication, non-repudiation and access control, are provided by a number of cryptographic algorithms including block ciphers, stream ciphers and hash functions. Though the algorithms are public and cryptographic strength depends on the usage of the keys, the ciphertext analysis using different functions and operations used in the algorithms can lead to the path of revealing a key completely or partially. It is hard to find any survey till date which identifies different operations and functions used in cryptography. In this paper, we have categorized our survey of cryptographic functions and operations in the algorithms in three categories: block ciphers, stream ciphers and cryptanalysis attacks which are executable in different parts of the algorithms. This survey will help the budding researchers in the society of crypto for identifying different operations and functions in cryptographic algorithms. Keywords: cryptography; block; stream; cipher; plaintext; ciphertext; functions; research problems 1. Introduction Cryptography [1] in the previous time was analogous to encryption where the main task was to convert the readable message to an unreadable format.
    [Show full text]
  • Journal Paper Format
    International Journal of Advanced Science and Technology Vol. 28, No. 8, (2019), pp. 282-288 Cryptographic protocols for Mobile Cloud Computing Suresh.P1, Venkatagiri J2,Lochan B3, Dr. Pritam Gajkumar Shah4 Abstract Cloud computing will be the buzzword of an Information Technology to access the different resources placed all across the globe with the help of the Internet. With the advancement in mobile technology the number of users accessing the resources placed across the data centres will also get increased, through their mobile devices. With many technologies are evolved to provide security to the user while on transit, still not much security is given while the user is on the transit, which will be the main concern for people who are going to use the cloud resources through mobile devices across the world. Providing the security from the data which is a main concern for the data centers. Keywords: Cloud computing, protocols, Security 1. Introduction Since in todays world every human being is making use of mobile devices for their daily day to day activities. People want to access the resources while on a go. With the invention of the cloud computing the data can be accessed through the computer as well as the mobile device. Mobile cloud computing has been introduced to make use of the cloud resources through mobile servers. Mobile cloud computing is a combination of cloud computing and mobile services working together. With the accessing of the cloud resources on move, severe drawbacks has to be faced related to the performance, security(Reliability and privacy) and environment( Low bandwidth, Service and heterogeneity) along with scalability and availability.
    [Show full text]
  • Vulnerability Analysis of PRINCE and RECTANGLE Using DPA
    Side Channel Attacks: Vulnerability Analysis of PRINCE and RECTANGLE using DPA Ravikumar Selvam, Dillibabu Shanmugam, and Suganya Annadurai Hardware Security Research Group, Society for Electronic Transactions and Security, India. {ravikumar,dillibabu,asuganya}@setsindia.net http://www.setsindia.org/hardware.html Abstract. Over a decade, cryptographers are more attentive on design- ing lightweight ciphers in focus to compact cryptographic devices. More often, the security of these algorithms are defined in terms of its resis- tance to mathematical cryptanalysis methods. Nevertheless, designers are well aware of implementation attacks and concentrating on new de- sign strategies to improve the defence quality against implementation attack. PRINCE [3] and RECTANGLE [17] lightweight block ciphers are de- signed using new design strategies for efficiency and security. In this paper we analyse the security of PRINCE and RECTANGLE against a type of implementation attack called Differential Power Analysis (DPA) at- tack. Our attack reduces key search space from 2128 to 33008 for PRINCE and 280 to 288 for RECTANGLE. Keywords: Lightweight block cipher, power characteristic, FPGA imple- mentation, differential power analysis 1 Introduction Differential Power Analysis (DPA) attack, a type of implementation at- tack, exploits the power consumed by the device when it performs cryp- tography operations. In 1999, Kocher et al. [11] showed that power anal- ysis attacks can efficiently reveal the secret key. After the DPA became public, designers of cryptographic algorithm had started concentrating on the new design strategies to improve the defense quality against the attack. However, few algorithms are still vulnerable to DPA attack. This motivated us to evaluate algorithms that are vulnerable to DPA attack.
    [Show full text]
  • A Survey of ARX-Based Symmetric-Key Primitives
    397 International Journal of Communication Networks and Information Security (IJCNIS) Vol. 11, No. 3, December 2019 A Survey of ARX-based Symmetric-key Primitives Nur Fasihah Mohd Esa1, Shekh Faisal Abdul-Latip1 and Mohd Rizuan Baharon1 1INSFORNET Centre for Advanced Computing Technology, Fakulti Teknologi Maklumat dan Komunikasi, Universiti Teknikal Malaysia Melaka Abstract: Addition Rotation XOR is suitable for fast and fast software-oriented implementation. Nevertheless, the implementation symmetric –key primitives, such as stream and security properties are still not well studied in literature as block ciphers. This paper presents a review of several block and compared to SPN and Feistel ciphers. stream ciphers based on ARX construction followed by the Observation of addition from [4]: First, addition modulo discussion on the security analysis of symmetric key primitives n where the best attack for every cipher was carried out. We 2 on the window can be approximated by addition modulo benchmark the implementation on software and hardware platforms according to the evaluation metrics. Therefore, this paper aims at . Second, this addition gives a perfect approximation if providing a reference for a better selection of ARX design strategy. the carry into the window is estimated correctly. The probability distribution of the carry is generated, depending Keywords: ARX, cryptography, cryptanalysis, design, stream on the probability of approximation correctness. The ciphers, block ciphers. probability of the carry is independent of w; in fact, for 1. Introduction uniformly distributed addends it is , where The rapid development of today’s computing technology has is the position of the least significant bit in the window. made computer devices became smaller which in turn poses Thirdly, the probability of correctness for a random guess of a challenge to their security aspects.
    [Show full text]
  • A Small and Fast Lightweight Block Cipher for 32-Bit Processor
    International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 2249-8958, Volume-8 Issue-5, June 2019 BRIGHT: A Small and Fast Lightweight Block Cipher for 32-bit Processor Deepti Sehrawat, Nasib Singh Gill maintenance as compared to hardware implementations. Even Abstract: Recently a number of lightweight ciphers are providing strong resistance against mathematical attacks designed for improved hardware or software performance. could not protect hardware-oriented block ciphers from side Designing block ciphers for a resource-constrained 32-bit channel attacks thereby losing its keys. So a good software processor is even more challenging. Usually, for 32-bit CPU the lightweight ciphers are designed with low-security margins. This design is required to provide enough security guard against paper presents, an efficient family of LBC, named BRIGHT. The attacks. proposed design is a software-oriented security framework for Our Contribution resource-constrained IoT-enabled applications. It has lowest code First, the analysis of various existing benchmarked designs size and fastest execution speed on 32-bit processor because of its is carried out to identify the strong points and flaws of each 32-bit ARX operations. It enables users to match their security needs with application requirements by supporting a range of one which is culminated in the publication in [3, 4]. Then the cryptographic solutions. The proposed design has 6 variants and design goals are formulated to ensure a fair comparison of the all variants of BRIGHT family ciphers fulfills Strict Avalanche proposed design with other benchmarked designs. The Criteria and key sensitivity test. BRIGHT family ciphers show framework of the proposed design is then described and the better performance in terms of memory requirements, cost and performance is evaluated on different platforms.
    [Show full text]
  • CLEFIA Implementation with Full Key Expansion
    2015 Euromicro Conference on Digital System Design CLEFIA Implementation with Full Key Expansion Jo˜ao Carlos Bittencourt†‡,Jo˜ao Carlos Resende‡, Wagner Luiz de Oliveira† and Ricardo Chaves‡ †Polytechnic Institute, Federal University of Bahia – Bahia, Brazil ‡INESC-ID, IST, Universidade de Lisboa – Lisbon, Portugal Abstract—In this paper a compact and high throughput architecture at very low added cost. To validate this, a hardware structure is proposed allowing for the computation fully functional compact hardware structure is proposed, of the novel 128-bit CLEFIA encryption algorithm and its supporting both the encryption computation of the CLEFIA associated full key expansion. In the existing state of the art only the 128-bit key schedule is supported, given the needed algorithm and the respective key expansion for all key sizes. modification to the CLEFIA Feistel network. This work shows that with a small area cost and with no performance impact, II. CLEFIA 128-BIT BLOCKCIPHER full key expansion can be supported. This is achieved by using addressable shift registers, available in modern FPGAs, The CLEFIA cipher is a 128-bit symmetrical block ci- and adaptable scheduling, allowing to compute the 4 and 8 phering algorithm supporting cipher key sizes of 128, 192, branch CLEFIA Feistel network within the same structure. and 256 bits. This algorithm is based on the well known and The obtained experimental results suggest that throughputs commonly used Feistel network structure. As in most block above 1 Gbps can be achieved with a low area cost, while ciphers, the input data is processed over several rounds, achieving efficiency metrics above those of the restricted state of the art.
    [Show full text]
  • Understanding Cryptography” by Christof Paar and Jan Pelzl Springer, 2010
    Review of the book "Understanding Cryptography" by Christof Paar and Jan Pelzl Springer, 2010 ISBN: 978-3-642-04100-6 Luigi Lo Iacono 1 What the book is about Yet another introductory book on cryptography!? This is what most people from the community might think, when they first glimpse at the present book by Christof Paar and Jan Pelzl. And that is what the book entitled Understanding Cryptography really is about. It is a textbook mainly targeted to under- graduate students as a very first course in cryptography. Still, when having a closer second look at the book, the unique and distinguishing character appears. The book is organized into thirteen chapters as follows: It kicks-off in chapter 1 by characterizing the field of cryptology. The fundamental counterparts of cryptography as the science of secret writing and cryptanalysis as the science of breaking cryptography are introduced. Cryptography is further divided into its major areas including symmetric and asymmetric cryptographic primitives as well as protocols. The same is done for Cryptanalysis. It is subdivided into its fields social engineering, implementation attacks and the classical cryptanalysis which is further splitted-up into brute-force attacks and mathe- matical analysis. All of these mentioned domains and concepts are illustrated and explained by making use of historical ciphers. Chapter 2 is devoted to stream ciphers. Before diving into this topic, the two basic types of symmetric ciphers|block ciphers and stream ciphers|are introduced and the main differences between these ap- proaches are explained. Hereafter, the essential ingredient required in each and every stream cipher is described: the XOR operation.
    [Show full text]
  • Bright - Proposed Family of Lightweight Block Ciphers for Iot-Enabled Smart Environment
    International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Volume-8 Issue-9, July 2019 Bright - Proposed Family of Lightweight Block Ciphers for IoT-Enabled Smart Environment Deepti Sehrawat, Nasib Singh Gill security algorithms are tailored for a resource-constrained Abstract: Lightweight security algorithms are tailored for environment and include RFID (Radio Frequency resource-constrained environment. To improve the efficiency of Identification Devices) tags, sensor nodes, contactless smart an algorithm, usually, a tradeoff is involved in lightweight cards, smart health devices and many more [3]. Tremendous cryptography in terms of its memory requirements and speed. This paper proposes a software-oriented new family of lightweight work has already been done in the area of lightweight block ciphers, BRIGHT. Proposed family of ciphers support a cryptography. Software implementations of lightweight range of block and key sizes for constraint environment. BRIGHT cryptography consider low resource processors, which is family has 6 variants and all variants fulfill Strict Avalanche significant because encryption in embedded systems can be Criteria and key sensitivity test. It is believed that BRIGHT family carried out in H/W but decryption is done in S/W. Software of ciphers provides better security and performance in oriented cipher designs provide more flexibility at lower costs IoT-enabled smart environment. Our aim, while designing BRIGHT is to enhance the cipher for IoT applications. For this, on manufacturing and maintenance as compared to hardware we have used the concept of key whitening that helps to resist implementations [4]. Even providing strong resistance against against attacks like MITM and brute-force.
    [Show full text]