DOCSLIB.ORG

"Analysis and Implementation of RC4 Stream Cipher"

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Analysis and Implementation of RC4 Stream Cipher A thesis presented to Indian Statistical Institute in fulfillment of the thesis requirement for the degree of Doctor of Philosophy in Computer Science by Sourav Sen Gupta under the supervision of Professor Subhamoy Maitra Applied Statistics Unit INDIAN STATISTICAL INSTITUTE Kolkata, West Bengal, India, 2013 To the virtually endless periods of sweet procrastination that kept me sane during the strenuous one-night stands with my thesis. i ii Abstract RC4 has been the most popular stream cipher in the history of symmetric key cryptography. Designed in 1987 by Ron Rivest, RC4 is the most widely deployed commercial stream cipher, having applications in network protocols such as SSL, WEP, WPA and in Microsoft Windows, Apple OCE, Secure SQL, etc. The enigmatic appeal of the cipher has roots in its simple design, which is undoubtedly the simplest for any practical cryptographic algorithm to date. In this thesis, we focus on the analysis and implementation of RC4. For the first time in RC4 literature, we report significant keystream bi- ases depending on the length of RC4 secret key. In the process, we prove two empirical biases that were experimentally reported and used in recent attacks against WEP and WPA by Sepehrdad, Vaudenay and Vuagnoux in EUROCRYPT 2011. In addition to this, we present a conclusive proof for the extended keylength dependent biases in RC4, a follow-up problem to our keylength dependent results, identified and partially solved by Isobe, Ohigashi, Watanabe and Morii in FSE 2013. In a recent result by AlFardan, Bernstein, Paterson, Poettering and Schuldt, to appear in USENIX Security Symposium 2013, the authors ob- served a bias of the first output byte towards 129. While attempting the proof of this bias, we observed that the bias occurs prominently only for certain lengths of the RC4 secret key. In addition, our findings revealed that this bias may be related to the old and unsolved problem of ‘anomalies’ in the distribu- tion of the state array S0, right after the Key Scheduling Algorithm. In this connection, we prove the bias in (S0[128] = 127), a problem left open for more iii than a decade since the observation of anomaly pairs by Mantin in 2001. Subsequently, we present theoretical proofs of some significant initial-round empirical biases involving the state variables of RC4, observed by Sepehrdad, Vaudenay and Vuagnoux in SAC 2010. We also study the non-random behavior of index j and completely characterize the first two instances j1, j2 of the index. In the same part of the thesis, we show that there are certain events in the RC4 keystream that leak state information with probability 3/N, higher than the best existing glimpse correlations identified by Jenkins in 1996. We further study the short-term and long-term biases in RC4 keystream bytes. In the process, we derive the complete probability distribution of the first byte of RC4 keystream, a problem left open for a decade since the ob- servation by Mironov in CRYPTO 2002. In addition to this, we contradict a claim by Mantin and Shamir from FSE 2001 by proving that there exist positive biases towards zero for all the initial bytes 3 to 255 of RC4. In the recent work of AlFardan, Bernstein, Paterson, Poettering and Schuldt, extensive computations were conducted to identify significant short- term single-byte keystream biases of RC4, some of which already exist in the current literature, and some of which are new. We prove (almost) all new, unproved or partially proved significant biases observed in the aforesaid work. We also investigate for long-term non-randomness in the keystream, and prove a new long-term bias of RC4. Our proofs and observations in this thesis, along with their connections to the contemporary and old results, provide a comprehensive view on the state-of-the-art literature in RC4 cryptanalysis. In the second part of this thesis, we systematically study the hardware implementation of RC4, and propose the fastest known design for the cipher. For the first time in the literature, we exploit the idea of loop unrolling in RC4 hardware design, and subsequently combine hardware pipelining to loop unrolling in a hybrid architecture that produces 2 bytes-per-cycle throughput in RC4. This is better than the existing 3 cycles-per-byte design by Kitsos, Kostopoulos, Sklavos and Koufopavlou, and the 3 cycles-per-byte and 1 cycle- per-byte patents of Matthews Jr. We have optimized and implemented our proposed designs using VHDL description, synthesized with 130 nm, 90 nm and 65 nm fabrication technologies, for proper comparison with existing designs in terms of keystream throughput and hardware footprint. iv Acknowledgments You can’t connect the dots looking forward; you can only connect them looking backwards. – Steve Jobs Looking back at the last few years that I have spent at Indian Statistical Institute as a doctoral student, I see several people who have significantly influenced the course of my thesis, as well as my life. I take this opportunity to offer my gratitude to all who stood beside me in the hardest of times. First and foremost, I extend my heartfelt gratitude to my PhD supervisor, Prof. Subhamoy Maitra, Indian Statistical Institute, Kolkata. The ease with which Subhamoy-da converted our ‘student-supervisor’ relationship into a last- ing friendship, will remain an eternal mystery to me. Every research problem that we have discussed, debated upon and solved, has enriched my academic outlook; and every morsel of experience that he has kindly shared with me will continue to add value to my life. I will always be grateful to Subhamoy-da for being my friend, philosopher and guide during the last few years; primarily because he kept his sanity and sense of humor alive whenever I lost mine! It was a delight working with my collaborators and co-authors – Prof. Bha- bani P Sinha of ISI Kolkata, Prof. Dr.-Ing. Anupam Chattopadhyay of RWTH Aachen, Dr. Goutam Paul of Jadavpur University, Dr. Santanu Sarkar of CMI Chennai and Dr. Koushik Sinha of HP Labs India. Their academic insight and vision have taught me a lot over the last few years, and I look forward to further collaborations with them in the future. I would like to specially thank Goutam-da and Anupam-da for mentoring and supporting me in numerous ways, academic and otherwise, during the course of this thesis. I would like to express my sincerest gratitude to the esteemed anonymous reviewers of my thesis for their invaluable comments, which helped me improve the technical presentation and editorial quality of the thesis to a great extent. v I am thankful to Applied Statistics Unit, ISI Kolkata for supporting me during the formative years of my doctoral studies; Centre of Excellence in Cryptology, ISI Kolkata, funded by DRDO, Government of India, for support- ing parts of my research; and MPSoC Architectures, UMIC Research Centre, RWTH Aachen University, Germany, for hosting me during Summer 2011. I have always idolized Prof. Bimal Roy, Director, Indian Statistical Insti- tute, without whose active support and unparalleled vision, the field of Cryp- tology would probably not exist in Indian academia in the first place. I extend my sincerest gratitude to Bimal-da; it is because of him that I could get the perfect academic ambiance at the Institute, and the coveted exposure in this niche area that would otherwise remain only a distant dream for me. I am indebted to Prof. Rana Barua, Prof. Palash Sarkar, Dr. Kishan Chand Gupta and Dr. Mridul Nandi for several invaluable discussions during the tenure of my PhD. I would also like to thank my past and present colleagues at ISI Kolkata, Sibu-da, Mrinal-da, Somitra-da, Sumanta-da, Pinaki-da, Ashish- da, Sushmita-di, Srimanta-da, Rishi-da, Sumit-da, Tapas-da, Indranil-da, Subhadeep-da, Sanjay, Subhabrata, Somindu, Shashank, Samiran, Nilanjan, Avik, Satrajit and Pratyay, for providing me with an adorable social support. Special thanks to Rishi-da, as it was only through the uncountably many philo- sophical and technical discussions with him that I could see myself through the most arduous times during the last few years. I humbly acknowledge the kind support of Cryptology Research Society of India, and that of Mr. Amitabha Sinha (our beloved Amitabha-da), during my stay at ISI Kolkata. I am also thankful to the Director’s office, the Dean’s office, the ASU, BIRU and CoEC offices, and all administrative sectors of the Institute, for their continuous support to make my life smooth at the Institute. My family has always been the ‘happy place’ for me; even in the hardest of times. This thesis could not be completed without the ardent support and inspiration from my parents, Baapi and Maa, who made me what I am by resting their unflinching faith in me at every step of my life. Undoubtedly the most significant contribution towards this thesis has been made by Sananda – my wife, who painstakingly accepted the thesis as her co-wife, night after night, even during the first year of our marriage. Thank you Love! vi Contents Abstract.................................. iii Contents.................................. vii List of Tables............................... xiii List of Figures............................... xv 1 Preliminaries and Motivation1 1.1 Scope of this Thesis.........................2 1.2 Stream Ciphers...........................3 1.2.1 One-Time Pad and Perfect Secrecy............3 1.2.2 Generic model for Stream Ciphers.............4 1.2.3 Cryptanalysis of Stream Ciphers..............7 1.2.4 Practical Designs...................... 11 1.3 Motivation of the Thesis...................... 13 1.3.1 Description of RC4..................... 14 1.3.2 Choice of RC4 for analysis and implementation....
Recommended publications
  • Failures of Secret-Key Cryptography D

    Failures of Secret-Key Cryptography D

    Failures of secret-key cryptography D. J. Bernstein University of Illinois at Chicago & Technische Universiteit Eindhoven http://xkcd.com/538/ 2011 Grigg{Gutmann: In the past 15 years \no one ever lost money to an attack on a properly designed cryptosystem (meaning one that didn't use homebrew crypto or toy keys) in the Internet or commercial worlds". 2011 Grigg{Gutmann: In the past 15 years \no one ever lost money to an attack on a properly designed cryptosystem (meaning one that didn't use homebrew crypto or toy keys) in the Internet or commercial worlds". 2002 Shamir:\Cryptography is usually bypassed. I am not aware of any major world-class security system employing cryptography in which the hackers penetrated the system by actually going through the cryptanalysis." Do these people mean that it's actually infeasible to break real-world crypto? Do these people mean that it's actually infeasible to break real-world crypto? Or do they mean that breaks are feasible but still not worthwhile for the attackers? Do these people mean that it's actually infeasible to break real-world crypto? Or do they mean that breaks are feasible but still not worthwhile for the attackers? Or are they simply wrong: real-world crypto is breakable; is in fact being broken; is one of many ongoing disaster areas in security? Do these people mean that it's actually infeasible to break real-world crypto? Or do they mean that breaks are feasible but still not worthwhile for the attackers? Or are they simply wrong: real-world crypto is breakable; is in fact being broken; is one of many ongoing disaster areas in security? Let's look at some examples.
  • (SMC) MODULE of RC4 STREAM CIPHER ALGORITHM for Wi-Fi ENCRYPTION

    (SMC) MODULE of RC4 STREAM CIPHER ALGORITHM for Wi-Fi ENCRYPTION

    InternationalINTERNATIONAL Journal of Electronics and JOURNAL Communication OF Engineering ELECTRONICS & Technology (IJECET),AND ISSN 0976 – 6464(Print), ISSN 0976 – 6472(Online), Volume 6, Issue 1, January (2015), pp. 79-85 © IAEME COMMUNICATION ENGINEERING & TECHNOLOGY (IJECET) ISSN 0976 – 6464(Print) IJECET ISSN 0976 – 6472(Online) Volume 6, Issue 1, January (2015), pp. 79-85 © IAEME: http://www.iaeme.com/IJECET.asp © I A E M E Journal Impact Factor (2015): 7.9817 (Calculated by GISI) www.jifactor.com VHDL MODELING OF THE SRAM MODULE AND STATE MACHINE CONTROLLER (SMC) MODULE OF RC4 STREAM CIPHER ALGORITHM FOR Wi-Fi ENCRYPTION Dr.A.M. Bhavikatti 1 Mallikarjun.Mugali 2 1,2Dept of CSE, BKIT, Bhalki, Karnataka State, India ABSTRACT In this paper, VHDL modeling of the SRAM module and State Machine Controller (SMC) module of RC4 stream cipher algorithm for Wi-Fi encryption is proposed. Various individual modules of Wi-Fi security have been designed, verified functionally using VHDL-simulator. In cryptography RC4 is the most widely used software stream cipher and is used in popular protocols such as Transport Layer Security (TLS) (to protect Internet traffic) and WEP (to secure wireless networks). While remarkable for its simplicity and speed in software, RC4 has weaknesses that argue against its use in new systems. It is especially vulnerable when the beginning of the output key stream is not discarded, or when nonrandom or related keys are used; some ways of using RC4 can lead to very insecure cryptosystems such as WEP . Many stream ciphers are based on linear feedback shift registers (LFSRs), which, while efficient in hardware, are less so in software.
  • A Practical Attack on Broadcast RC4

    A Practical Attack on Broadcast RC4

    A Practical Attack on Broadcast RC4 Itsik Mantin and Adi Shamir Computer Science Department, The Weizmann Institute, Rehovot 76100, Israel. {itsik,shamir}@wisdom.weizmann.ac.il Abstract. RC4is the most widely deployed stream cipher in software applications. In this paper we describe a major statistical weakness in RC4, which makes it trivial to distinguish between short outputs of RC4 and random strings by analyzing their second bytes. This weakness can be used to mount a practical ciphertext-only attack on RC4in some broadcast applications, in which the same plaintext is sent to multiple recipients under different keys. 1 Introduction A large number of stream ciphers were proposed and implemented over the last twenty years. Most of these ciphers were based on various combinations of linear feedback shift registers, which were easy to implement in hardware, but relatively slow in software. In 1987Ron Rivest designed the RC4 stream cipher, which was based on a different and more software friendly paradigm. It was integrated into Microsoft Windows, Lotus Notes, Apple AOCE, Oracle Secure SQL, and many other applications, and has thus become the most widely used software- based stream cipher. In addition, it was chosen to be part of the Cellular Digital Packet Data specification. Its design was kept a trade secret until 1994, when someone anonymously posted its source code to the Cypherpunks mailing list. The correctness of this unofficial description was confirmed by comparing its outputs to those produced by licensed implementations. RC4 has a secret internal state which is a permutation of all the N =2n possible n bits words.
  • Ensuring Fast Implementations of Symmetric Ciphers on the Intel Pentium 4 and Beyond

    Ensuring Fast Implementations of Symmetric Ciphers on the Intel Pentium 4 and Beyond

    This may be the author’s version of a work that was submitted/accepted for publication in the following source: Henricksen, Matthew& Dawson, Edward (2006) Ensuring Fast Implementations of Symmetric Ciphers on the Intel Pentium 4 and Beyond. Lecture Notes in Computer Science, 4058, Article number: AISP52-63. This file was downloaded from: https://eprints.qut.edu.au/24788/ c Consult author(s) regarding copyright matters This work is covered by copyright. Unless the document is being made available under a Creative Commons Licence, you must assume that re-use is limited to personal use and that permission from the copyright owner must be obtained for all other uses. If the docu- ment is available under a Creative Commons License (or other specified license) then refer to the Licence for details of permitted re-use. It is a condition of access that users recog- nise and abide by the legal requirements associated with these rights. If you believe that this work infringes copyright please provide details by email to [email protected] Notice: Please note that this document may not be the Version of Record (i.e. published version) of the work. Author manuscript versions (as Sub- mitted for peer review or as Accepted for publication after peer review) can be identified by an absence of publisher branding and/or typeset appear- ance. If there is any doubt, please refer to the published source. https://doi.org/10.1007/11780656_5 Ensuring Fast Implementations of Symmetric Ciphers on the Intel Pentium 4 and Beyond Matt Henricksen and Ed Dawson Information Security Institute, Queensland University of Technology, GPO Box 2434, Brisbane, Queensland, 4001, Australia.
  • RC4 Encryption

    RC4 Encryption

    Ralph (Eddie) Rise Suk-Hyun Cho Devin Kaylor RC4 Encryption RC4 is an encryption algorithm that was created by Ronald Rivest of RSA Security. It is used in WEP and WPA, which are encryption protocols commonly used on wireless routers. The workings of RC4 used to be a secret, but its code was leaked onto the internet in 1994. RC4 was originally very widely used due to its simplicity and speed. Typically 16 byte keys are used for strong encryption, but shorter key lengths are also widely used due to export restrictions. Over time this code was shown to produce biased outputs towards certain sequences, mostly in first few bytes of the keystream generated. This led to a future version of the RC4 code that is more widely used today, called RC4-drop[n], in which the first n bytes of the keystream are dropped in order to get rid of this biased output. Some notable uses of RC4 are implemented in Microsoft Excel, Adobe's Acrobat 2.0 (1994), and BitTorrent clients. To begin the process of RC4 encryption, you need a key, which is often user-defined and between 40-bits and 256-bits. A 40-bit key represents a five character ASCII code that gets translated into its 40 character binary equivalent (for example, the ASCII key "pwd12" is equivalent to 0111000001110111011001000011000100110010 in binary). The next part of RC4 is the key-scheduling algorithm (KSA), listed below (from Wikipedia). for i from 0 to 255 S[i] := i endfor j := 0 for i from 0 to 255 j := (j + S[i] + key[i mod keylength]) mod 256 swap(S[i],S[j]) endfor KSA creates an array S that contains 256 entries with the digits 0 through 255, as in the table below.
  • Cryptanalysis of Sfinks*

    Cryptanalysis of Sfinks*

    Cryptanalysis of Sfinks? Nicolas T. Courtois Axalto Smart Cards Crypto Research, 36-38 rue de la Princesse, BP 45, F-78430 Louveciennes Cedex, France, [email protected] Abstract. Sfinks is an LFSR-based stream cipher submitted to ECRYPT call for stream ciphers by Braeken, Lano, Preneel et al. The designers of Sfinks do not to include any protection against algebraic attacks. They rely on the so called “Algebraic Immunity”, that relates to the complexity of a simple algebraic attack, and ignores other algebraic attacks. As a result, Sfinks is insecure. Key Words: algebraic cryptanalysis, stream ciphers, nonlinear filters, Boolean functions, solving systems of multivariate equations, fast algebraic attacks on stream ciphers. 1 Introduction Sfinks is a new stream cipher that has been submitted in April 2005 to ECRYPT call for stream cipher proposals, by Braeken, Lano, Mentens, Preneel and Varbauwhede [6]. It is a hardware-oriented stream cipher with associated authentication method (Profile 2A in ECRYPT project). Sfinks is a very simple and elegant stream cipher, built following a very classical formula: a single maximum-period LFSR filtered by a Boolean function. Several large families of ciphers of this type (and even much more complex ones) have been in the recent years, quite badly broken by algebraic attacks, see for exemple [12, 13, 1, 14, 15, 2, 18]. Neverthe- less the specialists of these ciphers counter-attacked by defining and applying the concept of Algebraic Immunity [7] to claim that some designs are “secure”. Unfortunately, as we will see later, the notion of Algebraic Immunity protects against only one simple alge- braic attack and ignores other algebraic attacks.
  • RC4-2S: RC4 Stream Cipher with Two State Tables

    RC4-2S: RC4 Stream Cipher with Two State Tables

    RC4-2S: RC4 Stream Cipher with Two State Tables Maytham M. Hammood, Kenji Yoshigoe and Ali M. Sagheer Abstract One of the most important symmetric cryptographic algorithms is Rivest Cipher 4 (RC4) stream cipher which can be applied to many security applications in real time security. However, RC4 cipher shows some weaknesses including a correlation problem between the public known outputs of the internal state. We propose RC4 stream cipher with two state tables (RC4-2S) as an enhancement to RC4. RC4-2S stream cipher system solves the correlation problem between the public known outputs of the internal state using permutation between state 1 (S1) and state 2 (S2). Furthermore, key generation time of the RC4-2S is faster than that of the original RC4 due to less number of operations per a key generation required by the former. The experimental results confirm that the output streams generated by the RC4-2S are more random than that generated by RC4 while requiring less time than RC4. Moreover, RC4-2S’s high resistivity protects against many attacks vulnerable to RC4 and solves several weaknesses of RC4 such as distinguishing attack. Keywords Stream cipher Á RC4 Á Pseudo-random number generator This work is based in part, upon research supported by the National Science Foundation (under Grant Nos. CNS-0855248 and EPS-0918970). Any opinions, findings and conclusions or recommendations expressed in this material are those of the author (s) and do not necessarily reflect the views of the funding agencies or those of the employers. M. M. Hammood Applied Science, University of Arkansas at Little Rock, Little Rock, USA e-mail: [email protected] K.
  • Hardware Implementation of the Salsa20 and Phelix Stream Ciphers

    Hardware Implementation of the Salsa20 and Phelix Stream Ciphers

    Hardware Implementation of the Salsa20 and Phelix Stream Ciphers Junjie Yan and Howard M. Heys Electrical and Computer Engineering Memorial University of Newfoundland Email: {junjie, howard}@engr.mun.ca Abstract— In this paper, we present an analysis of the digital of battery limitations and portability, while for virtual private hardware implementation of two stream ciphers proposed for the network (VPN) applications and secure e-commerce web eSTREAM project: Salsa20 and Phelix. Both high speed and servers, demand for high-speed encryption is rapidly compact designs are examined, targeted to both field increasing. programmable (FPGA) and application specific integrated circuit When considering implementation technologies, normally, (ASIC) technologies. the ASIC approach provides better performance in density and The studied designs are specified using the VHDL hardware throughput, but an FPGA is reconfigurable and more flexible. description language, and synthesized by using Synopsys CAD In our study, several schemes are used, catering to the features tools. The throughput of the compact ASIC design for Phelix is of the target technology. 260 Mbps targeted for 0.18µ CMOS technology and the corresponding area is equivalent to about 12,400 2-input NAND 2. PHELIX gates. The throughput of Salsa20 ranges from 38 Mbps for the 2.1 Short Description of the Phelix Algorithm compact FPGA design, implemented using 194 CLB slices to 4.8 Phelix is claimed to be a high-speed stream cipher. It is Gbps for the high speed ASIC design, implemented with an area selected for both software and hardware performance equivalent to about 470,000 2-input NAND gates. evaluation by the eSTREAM project.
  • A Practical Attack on the Fixed RC4 in the WEP Mode

    A Practical Attack on the Fixed RC4 in the WEP Mode

    A Practical Attack on the Fixed RC4 in the WEP Mode Itsik Mantin NDS Technologies, Israel [email protected] Abstract. In this paper we revisit a known but ignored weakness of the RC4 keystream generator, where secret state info leaks to the gen- erated keystream, and show that this leakage, also known as Jenkins’ correlation or the RC4 glimpse, can be used to attack RC4 in several modes. Our main result is a practical key recovery attack on RC4 when an IV modifier is concatenated to the beginning of a secret root key to generate a session key. As opposed to the WEP attack from [FMS01] the new attack is applicable even in the case where the first 256 bytes of the keystream are thrown and its complexity grows only linearly with the length of the key. In an exemplifying parameter setting the attack recov- ersa16-bytekeyin248 steps using 217 short keystreams generated from different chosen IVs. A second attacked mode is when the IV succeeds the secret root key. We mount a key recovery attack that recovers the secret root key by analyzing a single word from 222 keystreams generated from different IVs, improving the attack from [FMS01] on this mode. A third result is an attack on RC4 that is applicable when the attacker can inject faults to the execution of RC4. The attacker derives the internal state and the secret key by analyzing 214 faulted keystreams generated from this key. Keywords: RC4, Stream ciphers, Cryptanalysis, Fault analysis, Side- channel attacks, Related IV attacks, Related key attacks. 1 Introduction RC4 is the most widely used stream cipher in software applications.
  • The Rc4 Stream Encryption Algorithm

    The Rc4 Stream Encryption Algorithm

    TTHEHE RC4RC4 SSTREAMTREAM EENCRYPTIONNCRYPTION AALGORITHMLGORITHM William Stallings Stream Cipher Structure.............................................................................................................2 The RC4 Algorithm ...................................................................................................................4 Initialization of S............................................................................................................4 Stream Generation..........................................................................................................5 Strength of RC4 .............................................................................................................6 References..................................................................................................................................6 Copyright 2005 William Stallings The paper describes what is perhaps the popular symmetric stream cipher, RC4. It is used in the two security schemes defined for IEEE 802.11 wireless LANs: Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). We begin with an overview of stream cipher structure, and then examine RC4. Stream Cipher Structure A typical stream cipher encrypts plaintext one byte at a time, although a stream cipher may be designed to operate on one bit at a time or on units larger than a byte at a time. Figure 1 is a representative diagram of stream cipher structure. In this structure a key is input to a pseudorandom bit generator that produces a stream
  • Adding MAC Functionality to Edon80

    Adding MAC Functionality to Edon80

    194 IJCSNS International Journal of Computer Science and Network Security, VOL.7 No.1, January 2007 Adding MAC Functionality to Edon80 Danilo Gligoroski and Svein J. Knapskog “Centre for Quantifiable Quality of Service in Communication Systems”, Norwegian University of Science and Technology, Trondheim, Norway Summary VEST. At the time of writing, it seams that for NLS and In this paper we show how the synchronous stream cipher Phelix some weaknesses have been found [11,12]. Edon80 - proposed as a candidate stream cipher in Profile 2 of Although the eSTREAM project does not accept anymore the eSTREAM project, can be efficiently upgraded to a any tweaks or new submissions, we think that the design synchronous stream cipher with authentication. We are achieving of an efficient authentication techniques as a part of the that by simple addition of two-bit registers into the e- internal definition of the remaining unbroken stream transformers of Edon80 core, an additional 160-bit shift register and by putting additional communication logic between ciphers of Phase 2 of eSTREAM project still is an neighboring e-transformers of the Edon80 pipeline core. This important research challenge. upgrade does not change the produced keystream from Edon80 Edon80 is one of the stream ciphers that has been and we project that in total it will need not more then 1500 gates. proposed for hardware based implementations (PROFILE A previous version of the paper with the same title that has been 2) [13]. Its present design does not contain an presented at the Special Workshop “State of the Art of Stream authentication mechanism by its own.
  • Iris Um Oifig Maoine Intleachtúla Na Héireann Journal of the Intellectual Property Office of Ireland

    Iris Um Oifig Maoine Intleachtúla Na Héireann Journal of the Intellectual Property Office of Ireland

    Iris um Oifig Maoine Intleachtúla na hÉireann Journal of the Intellectual Property Office of Ireland Iml. 96 Cill Chainnigh 04 August 2021 Uimh. 2443 CLÁR INNSTE Cuid I Cuid II Paitinní Trádmharcanna Leath Leath Official Notice 2355 Official Notice 1659 Applications for Patents 2354 Applications for Trade Marks 1660 Applications Published 2354 Oppositions under Section 43 1717 Patents Granted 2355 Application(s) Amended 1717 European Patents Granted 2356 Application(s) Withdrawn 1719 Applications Withdrawn, Deemed Withdrawn or Trade Marks Registered 1719 Refused 2567 Trade Marks Renewed 1721 Patents Lapsed 2567 International Registrations under the Madrid Request for Grant of Supplementary Protection Protocol 1724 Certificate 2568 International Trade Marks Protected 1735 Supplementary Protection Certificate Granted 2568 Cancellations effected for the following Patents Expired 2570 goods/services under the Madrid protocol 1736 Dearachtaí Designs Information under the 2001 Act Designs Registered 2578 Designs Renewed 2582 The Journal of the Intellectual Property Office of Ireland is published fortnightly. Each issue is freely available to view or download from our website at www.ipoi.gov.ie © Rialtas na hÉireann, 2021 © Government of Ireland, 2021 2353 (04/08/2021) Journal of the Intellectual Property Office of Ireland (No. 2443) Iris um Oifig Maoine Intleachtúla na hÉireann Journal of the Intellectual Property Office of Ireland Cuid I Paitinní agus Dearachtaí No. 2443 Wednesday, 4 August, 2021 NOTE: The office does not guarantee the accuracy of its publications nor undertake any responsibility for errors or omissions or their consequences. In this Part of the Journal, a reference to a section is to a section of the Patents Act, 1992 unless otherwise stated.