PARALLEL PLATFORM FOR NEW SECURE STREAM CIPHERS BASED ON NP-HARD PROBLEMS

KHALED MOHAMMAD A. SUWAIS

UNIVERSITI SAINS MALAYSIA

2009

PARALLEL PLATFORM FOR NEW SECURE STREAM CIPHERS BASED ON NP-HARD PROBLEMS

by

KHALED MOHAMMAD A. SUWAIS

Thesis submitted in fulfillment of the requirements for the degree of Doctor of Philosophy

JUNE 2009 ACKNOWLEDGMENT

During my work on this thesis, there were many people who sincerely guided and supported me. I would like to take this opportunity to express my gratitude to all of them, for giving me the opportunity to complete this thesis.

I am deeply indebted to my supervisor, Associated Professor Azman Samsudin, for his guidance during my research at School of Computer Sciences, Universiti Sains

Malaysia (USM). He was always accessible and enthusiastic in research. His enthusiasm motivated me, and made my research life became smooth and rewording.

I want to express my gratitude to School of Computer Sciences, Universiti Sains

Malaysia and the general office staff, for supporting this study financially and morally.

I would like to take this opportunity to thank my beloved parents, Mohammad and Ilham. Their unlimited support and true love had maimed the geographical distances between us. They stand by me, raised me, supported me, taught me, and love me. To them I dedicate this thesis.

I would also like to thank my lovely brother Abdul Aziz and my beloved sisters

Dina, Abeer and Haneen for their support and love during my study abroad.

I wish to thank the person who stand by me and shared my happiness and sadness. The person who supported me and provided me with a caring environment, and unforgettable moments in Malaysia. Thank you dear Beh Bee Cheng.

ii ii

I would like to thank Khader Alrawajfih, Nagham Almadi and Mohammad

Almadi, for being my second family in Malaysia. With them, I felt the support and shared happy and unforgettable moments during my study.

Last but not least, I would like to thank my colleagues, Ibrahim, Hisham, Ali,

Fazila and Hamid, for their support and help. I also want to thank my dearest frinds

Mohammad Wasef, Mohammad Bakkar, Wesam Hatamleh, Mohammad Alia, Muthanna

Albuldawi, Bashar Alashal, Osama Abu-Dayyeh Sarah Shalini, Adnan Hunaif Ahmad

Alzoubi and Mohammad Betar for their care and support.

Khaled M. Suwais

iii

TABLE OF CONTENTS

ACKNOWLEDGMENTS ii

TABLE OF CONTENTS iv

LIST OF TABLES x

LIST OF FIGURES xi

LIST OF ABBREVIATIONS xv

ABSTRAK xviii

ABSTRACT xx

CHAPTER ONE: INTRODUCTION

1.0 Introduction 1

1.1 NP -Hard Problems and Parallelism 5

1.2 Research Prob lem 7

1.3 Research Scope 8

1.4 Research Goal and Objectives 9

1.5 Research Contribution s 9

1.6 Research Methodology 10

1.7 Thesis Organization 13

iv iv

CHAPTER TWO: STREAM CIPHERS AND PARALLELISM

2.0 Introduction 15

2.1 Stream Ciphers: Concep t and Definition 17 2.1.1 Synchronous Stream Ciphers 19 2.1.2 Asynchronous Stream Ciphers 21

2.2 Stream Ciphers: Categorization and Related Works 23 2.2.1 Hardware based Stream Ciphers 26 2.2.2 Software based Stream Ciphers 38 2.2.3 Hybrid Designs 53

2.3 Non -deterministic Polynomial Time Hard Problem ( NP -hard) 58 2.3.1 Discrete Logarithm Problem (DLP) 62 2.3.2 Elliptic Curve Discrete Logarithm Problem (ECDLP) 64 2.3.3 Shortest Vector Problem in Lattice (SVP) 67 2.3.4 Travelling Salesman Problem (TSP) 68

2.4 Parallelism in Cryptography 70 2.4.1 Methods for Parallel Computing 71 2.4.2 Current Parallelism in Cryptography 76

2.5 Summary 78

CHAPTER THREE: NP-HARD BASED STREAM CIPHERS AND PARALLEL PLATFORM

3.0 Introduction 80

3.1 Stream Ciphers Based on NP -hard Problems 80

3.1.1 Stream Ciphers Based on Elliptic Curve Discrete Log Problem 81 (ECSC-128)

3.1.1.1 Problem Definition 81 3.1.1.2 The Design of ECSC -128 85 3.1.2 Stream Cipher Based on Discrete Log Problem (DSP -128) 90 3.1.2.1 Problem Definition 90

v v

3.1.2.2 The Design of DSP -128 93 3.1.3 Stream Cipher Based on Shortest Vector Problem in Lattice 98 (LTSC-128)

3.1.3.1 Problem Definitio n 98 3.1.3.2 The Design of LTSC -128 101 3.2 The Design of the Parallel Platform 108 3.2.1 Generator Selector (GS) 109 3.2.2 Parameter Extractor (PEx) 110 3.2.3 Keystream Generator (KG) 111 3.2.4 Keystream -size Controller (K C) 113 3.2.5 Plaintext Encoder (PEn) 114 3.2.6 Detector, Controllers and Inner -Components Communications 116

3.3 Summary 131

CHAPTER FOUR: SECURITY AND PERFORMANCE ANALYSIS

4.0 Introduction 134

4.1 Implementation Issu es and Techniques 136

4.2 Stream Ciphers Performance and Security Analysis 139

4.2.1 Analyzing ECSC -128 Stream Cipher 141 4.2.1.1 Security Analysis 141 4.2.1.2 Performance Analysis 146 4.2.2 Analyzing DSP -128 Stream Cipher 148 4.2. 2.1 Security Analysis 148 4.2.2.2 Performance Analysis 152 4.2.3 Analyzing LTSC -128 Stream Cipher 153 4.2.3.1 Security Analysis 153 4.2.3.2 Performance Analysis 159

4.3 The Parallel Platform Performance and Security Analysis 161

4.3 .1 The Effect of the Parallel Platform on the Stream Ciphers Security 162 4.3.2 The Impact of the Parallel Platform on ECSC-128 Stream Cipher 162

vi vi

4.3.3 The Impact of the Parallel Platform on DSP -128 Stream Cipher 164 4.3.4 The Impact of the P arallel Platform on LTSC -128 Stream Cipher 167

4.4 Discussion 169

4.5 Summary 172

CHAPTER FIVE: CONCLUSIONS AND FUTURE WORKS

5.0 Thesis Summary 173 5.1 Future Works 174

REFERENCES 182

APPENDIX A: DIEHARD STATISTIC AL TESTS SUITE

A.0 Introduction 193

A.1 Diehard Statistical Tests Description 193 A.1.1 Birthday Spacing Test 193 A.1.2 Overlapping 5 -Permutation Test 194 A.1.3 Binary Rank Test for (31×31) Matrices 194 A.1.4 Binary Rank Te st for (32×32) Matrices 195 A.1.5 Binary Rank Test for (6×8) Matrices 195 A.1.6 Bitstream Test 196 A.1.7 DNA Test 196 A.1.8 OPSO Test 196 A.1.9 OQSO Test 197 A.1.10 Count -The -1’s Test on Stream of Bytes 197

vii

A.1.11 Count -The -1’s Test for Specific Bytes 198 A.1.12 Parking Lot Test 199 A.1.13 Minimum Distance Test 199 A.1.14 3Dspheres Test 200 A.1.15 Squeeze Test 200 A.1.16 Overlapping Sums Test 201 A.1.17 Run Test 201 A.1.17 Run Te st 201

APPENDIX B: ENCRYPTION RATES AND STATISTICAL RESULTS

B.0 Introduction 203

B.1 Encryption Rates of the Proposed Stream ciphers 203

B.1.1 Encryption Rates of ECSC -128, DSP -128 and LTSC -128 Stream 203 Ciphers

B.1.2 Encryption R ates of the Parallelized ECSC -128, DSP -128 and 204 LTSC-128

B.1.3 Effect of Multi -core Processors on Stream Ciphers Encryption 205 Rates

B.1.4 Effect of Multi -core Processors on the Parallelized Stream Ciphers 205 Encryption Rates

B.2 Results Obta ined from Diehard Tests 206

B.2.1 Diehard Test Results for ECSC -128 Stream Cipher 207 B.2.2 Diehard Test Results for DSP -128 Stream Cipher 209 B.2.3 Diehard Test Results for LTSC -128 Stream Cipher 211

viii

APPENDIX C: GMP AND NTL LIBRARIES

C.0 Introduction 213

C.1 Auxiliaries Libraries 213 C.1.1 GMP Library 213 C.1.1.1 GMP Functions Classifications 214 C.1.1.2 Using GMP 214 C.1.2 NTL Library 220 C.1.2.1 NTL: Headers and Modules 221 C.1.2.2 Using NTL 223

LIST OF PUBLICATIONS 228

ix ix

LIST OF TABLES

Page

2.1 Truth table of the Boolean function βββ (a1, a2) = a1a2 + a1 31

3.1 Association table between the counter, plaintext segment and 117 thread ID

3.2 Generating new counter value for encryption on each thread 12 3

3.3 Generating new counter value for decryption on each thread 12 4

4.1 p-values and conclusion for Diehard test on ECSC -128 14 2

4.2 The rounded distribution of the overall produced p-values for 14 3 ECSC-128

4.3 p-values and conclusion for Diehard test on DSP -128 148

4.4 The rounded distribution of the overall produced p-values for 148 DSP-128

4.5 p-values and conclusion for Diehard test on LT SC -128 15 4

4. 6 The rounded distribution of the overall produced p-values for 15 5 LTSC-128

B.1 Encryption rates of ECSC -128, DSP -128 and LTSC -128 on Dual - 20 0 Core and Quad-Core processors

B.2 Encryption rates of the parallelized P(ECSC -128), P(DSP -128) 20 0 and P(LTSC-128) on Dual-Core and Quad-Core processors

B.3 The improvement of ECSC -128, DSP -128 and LTSC -128 stream 20 1 ciphers performance on Quad-core processor

B.4 The improvement of the parallelized ECSC -128, DSP -128 and 20 2 LTSC-128 stream ciphers performance on Quad-core processor

B.5 List of p-values produced by Diehard tests for ECSC -128 stream 20 3 cipher

B.6 List of p-values produced by Diehard tests for DSP -128 stream 20 5 cipher

B.7 List of p-values produced by Diehard tests for LTSC -128 stream 207 cipher

C.1 Summary of some NTL modules 218

x x

LIST OF FIGURES

Page

1.1 Taxonomy of Cryptology 2

1. 2 Stream cipher 4

1.3 Quad -core processor 6

1.4 Proposed stream cipher design 11

1.5 Research workflow 12

2.1 Model of conventional cryptosystem (Stalling, 2003) 14

2.2 Synchronous stream cipher 18

2.3 Asynchronous stream cipher 20

2.4 Stream ciphers classifications 24

2.5 LFSR of length l 26

2.6 Shrinking generator (modified from (Choi, et al., 20 03) ) 28

2.7 Self -shrinking generator 29

2.8 Alternating step generator 34

2.9 S-Box input/output mapping 39

2.10 F-function of MUGI 41

2.11 Stream cipher based on block cipher scheme 42

2.12 Single round of Phelix (Whiting, et al., 2005) 44

2.13 One block of Phelix (Whiting, et al., 2005) 46

2.14 Updating the inner states of Rabbit (Boesgaard, et al., 2003) 47

2.15 KSA and PRGA algorithms in RC4 stream cipher 50

2.16 PRGA round operation 50

2.17 Functions A, B and C in the keyst ream generator ABC (Anashin, et al., 2005) 53

2.18 Relationship between P, NP , NP -complete and NP -hard problems 61

xi xi

2.19 The geometry of point doubling on Elliptic Curve (Certicom, 2008) 64

2.20 2-Dimensional Lattice Space (Csárdi, 2006) 66

2.21 Travelling Salesman Problem representation 67

2.22 Multithreaded system architecture 70

2.23 Multithreading on multiprocessors machine 71

2.24 Multithreading on distributed processors 72

2.25 Performance improvement gained from multi -core technol ogy 73

3.1 KGS mechanism in ECSC -128 86

3.2 The design of ES stage in ECSC -128 87

3.3 The overall design of ECSC -128 87

3.4 The code snippet of IS in DSP -128 stream cipher 91

3.5 The code snippet of KGS in DSP -128 stream cipher 93

3. 6 KGS mecha nism in DSP -128 94

3. 7 The overall design of DSP -128 . 94

3. 8 Initializing polynomials L and M by extracting the coefficients from ℓ 10 0

3. 9 Choosing the second and third segments to form the final Ks 10 2

3.10 The code snippet of KGS in DSP -128 stream cipher 10 3

3. 11 The design of ES Stage implemented in LTSC -128 10 3

3. 12 Generator Selector (GS) component 10 6

3. 13 Paramet er Extractor (PEx) component 107

3.1 4 Parallel keystream generated by the Keystream Generator (KG) component 108

3.15 The code snippet of KG in the parallel platform 109

3.1 6 Keystream -size Controller (KC) component 11 0

3.1 7 Plaintext Encoder (P En) component 11 2

3.1 8 MCD and MCD on Dual -core processor 11 4

xii

3.19 The code snippet of BsC controller 11 5

3. 20 Bit -sync Controller (BsC) 11 6

3. 21 Parallel keystream generation controlled by BsC 118

3. 22 Concurrency and consistency in parallel keystream generation 12 0

3. 23 Encryption performed on Dual -core processor 12 1

3. 24 Decryption performed on Quad -core processor 12 2

3.2 5 Performing encryption and decryption on different number of cores 12 6

3.26 The general form of the parallelize d platform 127

3.27 Shared processes between the stream cipher and the platform architecture 129

4.1 Difficulty of forward, inverse operation against key length 139

4. 2 Performance comparison between ECSC -128 and RC4 14 4

4. 3 Performance comparison between DSP -128 and RC4 149

4. 4 Performance comparison between LTSC -128 and RC4 156

4. 5 Performance comparison between ECSC -128, DSP -128, LTSC -128 and RC4 157

4. 6 Performance comparison between the parallelized P(ECSC -128) and RC4 159

4. 7 Performa nce improvement achieved by P(ECSC -128) 16 0

4. 8 Performance comparison between the parallelized P(DSP -128) and RC4 16 2

4. 9 Performance improvement achieved by P(DSP -128) 16 3

4.1 0 Performance comparison between the parallelized P(LTSC -128) and RC4 165

4. 11 Performance improvement achieved by P(LTSC -128) 16 6

4. 12 Efficiency level of the parallel platform on 2, 4, 8 -cores processors 167

5.1 Current level of parallelism on Quad -core processor 17 2

5.2 Extended level of parallelism on Quad -core proc essor 17 3

C.1 Example on program header supporting GMP 211

C.2 Linking C and C++ programs to lgmp library 21 1

C.3 Various GMP data types declarations 21 2

xiii

C.4 Integer variables initialization 21 2

C.5 Assignment functions 21 3

C.6 Conversion funct ions 21 4

C.7 Arithmetic functions 21 5

C.8 Logical and bit manipulation functions 216

C.9 Relationship between NTL header files 217

C.10 Polynomial addition 219

C.11 Polynomial multiplication 22 0

C.12 Left and right shift operations on pol ynomial 22 1

C.13 NTL miscellany functions 22 2

xiv

LIST OF ABBREVIATIONS

NP -hard : Non -deterministic Polynomial -hard

PRNG : Pseudo -random Number Generator

NS : Next -State

LFSR : Linear Feed -back Shift Register

NLFSR: Non -Linear Feed -back Shift Register

FCSR : Feed Carry Shift Register

FPGA : Field Programmable Gate Array

ANF : Algebraic Normal Form

T-Function : Triangular -Function

S-Box : Substitution -Box

AES: Advanced Encryption Standard

SPN: Substitution -Per mutation Network

SSL: Secure Socket Layer

WEP: Wired Equivalent Privacy

IV: Initial Vector

SHA: Secure Hash Algorithm

KSA: Key -Scheduling Algorithm

PRGA: Pseudo -random Generation Algorithm

NoC: Network on Chip

DLP: Discrete Logarithm Proble m

ECDLP: Elliptic Curve Discrete Logarithm Problem

ECC: Elliptic Curve Cryptography

ECDSA: Elliptic Curve Digital Signature Algorithm

x v xv

ECMQV: Elliptic Curve Menezes -Qu -Vanstone

SVP: Shortest Vector Problem

CVP: Closest Vector Problem

TSP: Trav elling Salesman Problem

VHDL: VHSIC Hardware Description Language

PS -LFSR: Parallelized -Structured Linear Feed -back Shift Register

ONB: Optimal Normal Form

PB: Polynomial Basis

IS: Initialization Stage

KGS: Keystream Generation Stage

ES: Encr yption Stage

NIST: National Institute of Standard and Technology

GCD: Greatest Common Divisor

LSB: Least Significant Bit

MSB: Most Significant Bit

GS: Generator Selector

PEx: Parameter Extractor

KG: Keystream Generator

KC: Keystream -size Co ntroller

PEn: Plaintext Encoder

MCD: Machine -core Detector

TCC: Thread Creation Controller

BsC: Bit -sync Controller

NOB: Number of Bits

NOC: Number of Cores

DualC: Dual -Core

xvi

QuadC: Quad -Core

BDAY: Birthday Spacing Test

OPERM: Overlappin g 5 -Permutation Test

RANK: Binary Rank Test for Matrices

BSTM: Bitstream Test

DNA: DNA Tests

OPSO: OPSO Test

OQSO: OQSO Test

CBYTE: Count -The -1’s Test on stream of bytes

CSBYTE: Count -The -1’s Test for specific bytes

PARKL: Parking Lot Test

MDIST: Minimum Distance Test

3DS: 3Dspheres Test

SQEZ: Squeeze Test

OSUM: Overlapping Sums Test

RUN: Run Test

CRAP: Crap Test

GMP: GNU Multi -precision

NTL: Number Theory Library

xvii

PELANTAR SELARI UNTUK SIFER ALIRAN SELAMAT YANG BARU BERASASKAN PERMASALAHAN NP-HARD

ABSTRAK

Tujuan kajian ini adalah untuk mengenal pasti unsur-unsur utama reka bentuk sifer aliran yang selamat dan pantas. Dalam bidang kriptografi, sifer aliran ialah algoritma kekunci simetri yang direka untuk menyulitkan dan menyahsulitkan data-data sulit. Penyulitan dan penyahsulitan sejumlah besar data-data ini memerlukan reka bentuk alternatif sifer aliran yang menjanjikan tahap keselamatan dan kepantasan yang lebih tinggi bagi penyulitan data.

Kedua-dua masalah NP-hard dan keselarian digunakan dalam kajian ini.

Masalah-masalah NP-hard digunakan untuk memberi tahap keselamatan tinggi pada sifer aliran memandangkan ketiadaan algoritma untuk menyelesaikan masalah tersebut dalam sistem polinomial. Konsep keselarian diperkenalkan sebagai platform bagi sifer aliran berdasarkan masalah NP-hard . Platform selari ini direka bentuk bagi membolehkan sifer aliran ini berfungsi lebih pantas di atas pemproses berbilang teras

(multicore processor).

Integrasi antara sifer aliran berdasarkan masalah NP-hard dengan platform selari merupakan faktor utama dalam penghasilan sifer aliran yang selamat dan pantas.

Analisis keselamatan dan statistik menunjukkan bahawa sifer aliran berdasarkan masalah NP-hard kami adalah selamat daripada serangan-serangan cryptanalysis dan statistik. Analisis prestasi ke atas platform selari menunjukkan keputusan mengagumkan xviii bagi sifer aliran yang diuji, di mana platform selari tersebut dapat mempercepatkan kadar enkripsi lebih kurang 1.8 dan 3.75 kali, masing-masing pada pemproses dwi-teras dan empat-teras. Platform tersebut didapati cekap menggunakan pemproses berbilang teras di mana ia mampu meningkatkan prestasi sifer aliran yang diuji selaras dengan peningkatan bilangan teras dalam pemproses berbilang teras.

Kajian ini memperkenalkan reka bentuk praktikal (bagi sifer aliran dan platform selari) yang berskala menggunakan pemproses berbilang teras. Masa depan platform selari ini adalah cerah memandangkan bilangan teras dalam pemproses berbilang teras meningkat secara eksponen. Justeru, bilangan teras yang meningkat ini akan memacu prestasi sifer aliran berasaskan permasalahan NP-hard terpalam.

xix

PARALLEL PLATFROM FOR NEW SECURE STREAM CIPHERS BASED ON NP-HARD PROBLEMS

ABSTRACT

The purpose of this study was to identify the key elements for secure and fast stream cipher’s design. In cryptography, stream cipher is a symmetric key algorithm, which is designed to encrypt and decrypt stream of confidential data. Encrypting and decrypting massive amount of data, necessitates alternative design for stream cipher, which compromises high level of security and fast data encryption.

Both NP -hard problems and parallelism were utilized in this study. The NP -hard problems were used to provide stream ciphers with high level of security, since there is no algorithm exists to solve NP -hard problems in polynomial time. Parallelism was introduced as a platform for stream ciphers based on NP -hard problems. The parallel platform was designed to enable stream ciphers based on NP -hard problems to perform faster on multi-core processors.

The integration between the stream ciphers based on NP -hard problems and the parallel platform was the primary factor in producing secure and fast stream ciphers. The security and statistical analysis showed that our NP -hard problem-based stream ciphers are secure against cryptanalysis and statistical attacks. The performance analysis on the parallel platform revealed impressive results for the tested stream ciphers, where the parallel platform accelerated the encryption rate by approximately 1.8 and 3.75 times on

Dual-core and Quad-core processors respectively. The platform was found efficient in xx xx utilizing multi-core processors, in which it was able to speed up the performance of the tested stream ciphers relatively to the increasing number of cores, on multi-core processors.

This study has introduced a practical design (stream cipher and parallel platform), which was scalable in utilizing multi-core processors. The future of the parallel platform is promising, since the number of cores in multi-core processors is increasing exponentially. Thus, the increasing number of cores will effectively accelerate the performance of plugged-in NP -hard problem-based stream ciphers.

xxi

CHAPTER ONE

INTRODUCTION

1.0 Introduction to Cryptography

Cryptography is the fundamental component for any computer security application used to provide cryptographic services for secure communication over public and unsecured channels. Cryptography focuses on issues of securing messages so that only the relevant parties can read the message (Mollin, 2007). The main purpose of cryptography is to encode the data (plaintext) to unreadable form

(ciphertext) and vice versa. Transforming a message to an incomprehensive form is accomplished by a process known as encryption. In contrast, transforming an encrypted message to its original form is accomplished by a process known as decryption.

The use of cryptography was important through the centuries, in which cryptographic applications were used for civilian usage (companies, individuals, etc), or even were used in military operations as in World War I (e.g. cipher wheels or marks on papers) and World War II (e.g. Purple machine and Enigma) (Kahn, 1967).

Cryptography is generally designed to provide confidentiality, authentication, integrity and accessibility services (Menezes, et al., 1993; Mouratidis, et al., 2003).

Confidentiality service is used to ensure that messages are accessible only to authorized recipients. Authentication is normally used to authenticate the identity of the connected parties. Preventing eavesdroppers from changing the content of the messages sent from source to destination is basically a service provided by the

1 integrity service. Lastly, accessibility is designed to only allow authorized parties to use the available information resources.

In modern times, cryptographic systems (cryptosystems) have been used extensively in our daily communications to provide us with high level of security. In practice, cryptography is applied in numerous applications such as: internet communication, wireless communication (mobile phones) and banking transactions.

The development of the cryptographic tools and systems has played an important role in reshaping the communication style in a significant manner.

Based on the cryptography taxonomy found in (Kahn, 1967; Feistel, 1970;

Beutelspacher, 1996), cryptography and cryptanalysis are combined together to form the science of Cryptology. The sciences of Cryptology and its cryptographic primitives are categorized in Figure 1.1.

Cryptology

Cryptography Cryptanalysis

Encryption Authentication Active Passive Attack Attack

Symmetric Asymmetric

Hash Function Certificates Block Cipher Stream Cipher

Public Key Digital Signature

Figure 1.1: Taxonomy of Cryptology 2

Cryptography, as shown in Figure 1.1, deals with two categories of cryptosystems. The first category includes encryption algorithms which are classified into two further subcategories: symmetric and asymmetric cryptosystems. The other category includes authentication algorithms which are classified into two main categories: hash functions and certificates authentication. In this research, we are focusing only on the stream cipher which falls under the encryption category of cryptography.

In principle, symmetric and asymmetric cryptosystems share the same design goal, in which both cryptosystems are responsible for encrypting and decrypting user’s messages. The main difference between these cryptosystems is the use of additional key in asymmetric cryptosystems. Symmetric key cryptosystems use a single key to encrypt and decrypt a given message. On the contrary, asymmetric key cryptosystems (also known as publickey cryptosystems), use two different keys to encrypt and decrypt a message.

In stream ciphers, a sequence of random bits is generated and used as a keystream which will never be used again during the run of the cipher. In general, stream ciphers are faster than block ciphers, making them suitable to be used in a resourceconstrained environment (Karlof, et al., 2004). The basic idea of stream ciphers is inherited from the theoretical encryption algorithm called a OneTime Pad, in which a plaintext is XORed with a key of the same length as the plaintext

(Daswani, 2007). The general structure of stream ciphers is shown in Figure 1.2.

Some of the classical ciphers are: Affine cipher, Vigenère Autokey Polyalphabetic cipher and Playfair cipher (Bishop, 2003; Stallings, 2006).

3

Keystream Keystream Key Generator Generator

Keystream Keystream

ki ki Plain Text Cipher Text Plain Text P C C P ….11001…. i i ….01100…. i i ….11001….

Figure 1.2: Stream cipher

The essential motivation of using stream ciphers, instead of block ciphers, is the ability of stream ciphers to perform faster in environment where computational power and memory capacity are limited (Karlof, et al., 2004). However, current technologies tend to overcome the limitation problems (such as performance and computational power) by presenting new multicore processors which can improve the performance of the running systems.

1.1 NPHard Problems and Parallelism

NPhard problems are complex mathematical problems with no algorithm to solve them in polynomial time is exist. NPhard problems are well known in the field of cryptography since they proved to provide cryptosystems with high security. The use of NPhard problems was efficient in different symmetric key cryptosystems, key exchange protocols, digital signature algorithms, and many others. However, the problem associated with NPhard problems is the intensive number of calculations required during the run of the algorithm. Therefore, parallelism is introduced to fill

4 up the gap between the intensive calculations of NPhard problems and their performance by utilizing the existence of multicore processors.

High performance computing is increasingly in demand especially in several scientific and commercial applications. The need for secure and high performance communication has become an important ingredient in our daily life. Achieving higher performance is feasible by utilizing more computer resources, where several jobs are accomplished simultaneously and therefore completed in shorter time.

Parallel processing is described as the concurrent use of multiple processing resources (e.g. multiple CPUs) to solve a computational problem, where a given problem is broken into smaller segments and solved concurrently using multiple processors. Technically, the achievement of higher performance depends on two essential factors: faster hardware devices and processing techniques (Briggs, 1986).

Several researches were conducted to improve the hardware architecture and software techniques in order to achieve higher performance.

Under the processing techniques factor, multithreading technique was introduced in 1960s (SunSoft, 2002) to enhance the performance of applications by running them in parallel on the available resources. Multithreading technique aims to create a virtual multiprocessors environment and use this environment to run multiple tasks on single processor. From other perspective, the recent hardware revolution has played a significant role in improving systems performance through the multicore technology. Multicore is a technology where a single physical processor contains the logical core of more than one processor as shown in Figure

1.3. The main goal of this technology is to enable the multicore processor to run

5 multiple tasks concurrently in order to achieve higher performance compared to singlecore processors.

C C C C O O O O R R R R E E E E 1 2 3 4

Single physical processor

Figure 1.3: Quadcore processor

Applying parallel techniques in cryptography has become essential for higher throughput and improved performance, especially with the current available resources. Therefore, in this study we are utilizing the new multicore technology with the multithreading techniques to speed up the encryption process in stream ciphers, in order to provide secured and better performance cryptosystems.

1.2 Research Problem

This study is conducted due to the importance of stream ciphers in securing information, which is considered as the most strategic resources. The stateofart of stream ciphers is found lack of a comprehensive literature review that analyzes the constructional design of existing stream ciphers. Therefore, the exploration and analysis of existing stream ciphers resulted in addressing two problems, which are: the security and the design properties .

6

The massive numbers of existing stream ciphers are found vulnerable

(securitybreakable) to cryptanalysis attacks due to the weaknesses of their keystream generator. From the other perspective, the constructional design of these stream ciphers is found sequential. Therefore, these stream ciphers do not allow parallelism and not able to take full advantage of parallel computer architecture which is ready and available in markets.

As a summary, identifying the problems associated with existing stream ciphers is crucial to determine the efficient solutions. However, solving the security issue require applying complex and hard mathematical problems (i.e. NPhard problems) at the keystream generator level to increase its resistance against cryptanalysis attacks. The use of NPhard problems in stream ciphers is promising since there is no algorithm to solve these problems in polynomial time. On the other hand, reconstructing the design of stream ciphers is possible by identifying the independent components of their internal design. By doing that, stream ciphers will be able to utilize multicore processors to enhance their performance, and then deliver the security community with highly secure and fast stream ciphers.

1.3 Research Scope

Stream ciphers are found lack of several security and statistical attributes, making them subjected to cryptanalysis attacks. The scope of this thesis is presented in introducing alternative stream ciphers based on the following NP hard problems:

• Elliptic Curve Discrete Logarithm Problem (ECDLP).

• Discrete Logarithm Problem (DLP).

7

• Shortest Vector Problem in Lattice (SVP).

This research aims to use NP hard problems in stream cipher cryptosystems, with the focus on the three NP hard problems mentioned above. Security and performance analysis and assessment on the proposed stream ciphers and the parallel platform are also carried out to ensure their practicality.

The limitation of this research is associated with the choice of the highly studied NP hard problems (ECDLP, DLP and SVP) for the proposed stream ciphers.

In fact, there are several other NP hard problems which are not well studied and therefore such problems need to be studied first before they can be used in cryptography.

1.4 Research Goal and Objectives

The main goal of the research is to overcome the security and design problems (as addressed in Section 1.2), by utilizing both NP hard problems and parallelism on multicore processors. The general objectives of this research are listed as follows:

• Propose alternative methods of generating sequences of keystream in stream

ciphers based on:

o Elliptic curve discrete logarithm problem represented by point

multiplication over selected elliptic curve.

o Discrete logarithm problem represented by polynomial

representations using polynomial arithmetic.

8

o Shortest vector problem in lattice spaces represented by Low

Hamming weigh polynomials.

• Propose new parallel platform for stream ciphers based on NP hard problems

with proper design specifications.

• Perform intensive security and performance for the proposed stream ciphers

and the parallel platform.

1.5 Research Contributions

This thesis provides a comprehensive review of stream ciphers which assist the development process of new stream ciphers. This thesis also present a secure and fast stream ciphers that has great impact on the field of information security. The main contributions of this research are summarized as follows:

1. Developing new highly secure stream ciphers based on NPhard problems for

cryptographic applications.

2. Presenting new research direction for parallel stream ciphers through the

utilization of multicore technologies.

3. Presenting new constructional design for stream ciphers capable to work on

parallel environments.

4. Designing new parallel platform to accelerate the performance of secure

stream ciphers.

9

1.6 Research Methodology

Stream ciphers are classified into two main categories: software and hardware based stream ciphers. These stream ciphers rely on several software and hardware techniques to achieve better security. In our research, we found that many of the subcategories, under the main two categories, suffer from some security vulnerabilities (such as cryptanalysis attacks and statistical biased), and sequential structure. Therefore, this study aims to use NP hard problems (new subcategory under the softwarebased category) to achieve optimum level of security.

Achieving the research objectives is accomplished in two phases. The two phases are as follows:

• Stream Cipher Implementation Phase: the design of the proposed stream

ciphers is divided into three stages: Initialization stage, Keystream

Generation stage and Encryption stage. Dividing the structure of the stream

ciphers into stages has enabled stream cipher to work in parallel, therefore

transforming the sequential structure of existing stream cipher into new

parallelizable structure. The employment of NP hard problems will be

targeted to the second stage of the design. Accordingly, generating infinite

new keystream depends on infinite number of iterations during the run of the

stream cipher. The iteration rests on a counter created for incremental

operation on the initial value of the input key obtained from the initial stage.

Finally, the obtained keystream is used to encrypt a stream of plaintext bits

and generate a stream of enciphered bits. The general design of the proposed

stream ciphers is shown in Figure 1.4.

10

Plaintext Input Key

Keystream Initialization K K Encryption Generation s Stage Stage Stage Ciphertext Counter++

Figure 1.4: Proposed stream cipher design

• Platform Implementation Phase: the platform consists of several components

and special designed detector and controllers. It is divided into five main

components: Generator Selector, Parameter Extractor, Keystream Generator,

Keystreamsize Controller and Plaintext Encoder. These components are

designed to work best with the stream ciphers obtained from the previous

stage. The main goal of this platform is to enable stream ciphers generating

multiple keystream concurrently and independently from each other.

Evaluating the two phases (stream ciphers implementation phase and platform implementation phase) is an important step in our research. The first phase is evaluated by verifying the reliability of our stream ciphers security against cryptanalysis attacks, and examining the statistical attributes of the generated keystream. On the other hand, the evaluation of the platform includes extensive performance tests on different multicore processors. In addition, the platform is also verified statistically; by reverifying the statistical properties of the generated keystream by the attached stream ciphers to the parallel platform. Figure 1.5 shows the workflow of the main components carried out in this research.

11

ECDL

NPhard Stream SVP Problems DLP Ciphers

NPhard Based Stream Ciphers

MultiCore Processor

Parallel Platform

Security & Performance Statistical Parallel Platform Evaluation Analysis

Figure 1.5: Research workflow

1.7 Thesis Organization

The work conducted in this thesis is presented in five chapters with appendices. The first chapter provides an introduction to the work by introducing a brief introduction to cryptography and its related concepts. In addition, a brief introduction to our work is also conducted here (Chapter 1). The reminder of the thesis is organized as follows.

12

Chapter 2 : In this chapter, we discuss the important concepts of stream ciphers and their classifications. The use of the mathematical NP hard problems and parallelism in cryptographic systems is also discussed.

Chapter 3 : A complete description of the proposed methodology is included in this chapter. The chapter is divided into two sections. In Section 3.1, we discuss the stream ciphers design and specifications. The design and the implementation of the parallel platform components are described in Section 3.2.

Chapter 4 : This chapter presents the security and performance analysis of both stream ciphers and parallel platform. The security analysis is conducted from two perspectives: cryptanalysis attacks and statistical analysis, to show the security level provided in the proposed ciphers. The performance evaluation aims to show the efficiency of the platform in terms of the ability of delivering stream ciphers with higher performance.

Chapter 5 : Finally, we conclude our work and illustrate the possible future works for this study.

13

CHAPTER TWO

STREAM CIPHERS AND PARALLELISM

2.0 Introduction

Cryptographic systems are designed to provide digital transmitted data with security attributes over unsecured communication channels. Figure 2.1 sheds light on the main components of a conventional cryptosystem model to understand the environment that cryptographers are dealing with.

K* Cryptanalyst X*

X Y X Sender Encryption Decryption Receiver

K Secure Channel

Key Source

Figure 2.1: Model of conventional cryptosystem (Stalling, 2003)

This chapter will study the encryption component of the cryptosystem model as appears in Figure 2.1. The study will focus on one type of symmetric key algorithms called stream ciphers. The rest of this chapter will discuss the important

14 concepts of stream ciphers in terms of their design and mechanisms (Section 2.1). In

Section 2.2, we survey the existing stream ciphers and classify them into categories based on the similarity between these stream ciphers. Stream ciphers are found somehow lack some of security attributes, making them subject to cryptanalysis attacks.

It is obvious that sending the message X from the sender to the receiver is not simple due to the obstacles that might threaten the security (e.g. integrity, authenticity, confidentiality, etc) of the message. However, cryptosystems rely on some cryptographic primitives (e.g. Encryption, Digital Signatures, Certificates, etc) to provide the message with the required level of security. Cryptanalyst will sometimes be able to attack the encrypted message Y to remove the disguise and recover the message X using several cryptanalysis attacks. These attacks are basically generating a message estimate X* and a key estimate K* to recover either message X or key K, or even both.

The definition of the mathematical concepts related to NP hard problems, as well as survey the existing cryptosystems based on NP hard problems are discussed in Section 2.3. The use of complex mathematical problems is considered costly in terms of computation. The use of such problems will require the keystream generator to perform intensive calculations to generate the sequence of keystreams. One way to overcome this limitation is by applying parallelism to improve the performance of stream ciphers based on NP hard problems. Hence, parallel techniques and their usage in cryptographic applications are discussed in Section 2.4 and 2.5 respectively.

Finally, section 2.6 will summarize the important results obtained from the above analyzed survey.

15

2.1 Stream Ciphers: Concept and Definition

Cryptographic systems are divided into two types of systems: Secretkey

(Symmetric) or Publickey (Asymmetric) cryptosystems. In the later systems, the sender uses public information of the receiver to send a message to the receiver. The receiver then uses his private information to recover the original message. In secret key cryptosystems, both the sender and receiver have previously set up secret information in which they use this information for encryption and decryption.

Further division of symmetric cryptosystems is the block ciphers and stream ciphers.

Rueppel states: “Block ciphers operate with a fixed transformation on large blocks of plaintext data; stream ciphers operate with a timevarying transformation on individual plaintext digit ” as quoted in (Robshaw, 1995).

Definition (Encryption): Let kk1, 2 ,..., kn ∈ K be a set of keystream in the key space

K, mm1, 2 ,..., mn ∈ M be a set of plaintext in the plaintext space M, and

cc, ,..., c∈ C be a set of ciphertext in the ciphertext space C. The encrypted 1 2 n ciphertext is generated by:

Em= cc, ,..., c ∈ C ∀i:1 ≤ i ≤ n ki ( i) 1 2 n (2.1)

From the above definition, the encryption process of a stream cipher Ek is

bijective for every k i . The plaintext space and key space are typically represented in bit or byte representations. Most importantly, keeping the key k is essential for the security of stream ciphers.

The idea of stream ciphers was inspired from the famous cipher called the

Onetime Pad (also called the Vernam cipher) (Mollin, 2007; Delfs, 2002). This

16 cipher is based on XOR’ing ( ⊕ ) the message bits and the key bits. The Onetime pad is defined by Delfs (2000) as in Equation 2.2:

E:{0,1}×→ {0,1} {0,1}, ( mkmk , ) →⊕ (2.2)

where plaintext, keystream and ciphertext bits are in the space {0, 1}. The encryption transformation is given by:

Em( ) = m ⊕ k = cC ∈ (2.3) kii i ii and the decryption transformation is given by:

Dc= c ⊕ k = m ∈ M (2.4) kii ( ) i i i

In Onetime pad cipher, a truly random key is generated and securely transmitted to the receiver. The length of the key is the same as the length of the transmitted message. On the other hand, most stream ciphers other than Onetime pad depend on the use of pseudorandom number generator (PRNG) instead of generating truly random key. Pseudorandom number generator generates key sequence (known also as keystream) that approximate the random numbers properties (Viega, 2003).

Generally, stream cipher uses niterations to generate nsuccessive keystream based on the stream cipher internal state. The mechanisms used in updating the internal state provide us with the classification of stream ciphers: Synchronous and

Asynchronous stream ciphers. The two types of the stream ciphers are discussed in

Sections 2.1.1 and 2.1.2 respectively.

17

2.1.1 Synchronous Stream Ciphers

A stream cipher is said to be synchronous if the next internal state used for generating new keystream is defined independently and without the use of either the plaintext or the ciphertext generated from the previous iteration as shown in Figure

2.2.

Keystream Keystream Generator K Generator

k i k i

m i E ci D m i k i k i

Encryption Decryption

Figure 2.2: Synchronous stream cipher (Mollin, 2007)

The encryption process of a synchronous stream cipher is best described by the following equations:

∂i+1 =NS( ∂ i , K ) , (2.5)

k= KG ∂ , K , (2.6) si ( i )

c= EN k, m (2.7) i( si i )

where ∂0 is the initial state determined by the input key K, NS is the nextstate

function, KG is the keystream generation function which generates ks , and EN is the

18 output function which generates the ciphered text ci by combining both the plaintext

m and the keystream k . i si

The properties of synchronous stream ciphers are summarized in the following points:

• Synchronization requirements: both of the sender and receiver must use the

same secret key and operating at the same position within that secret key for

proper decryption. This mechanism will ensure the synchronization between

the connected parties during the transmission process. The loss of

synchronization due to some modification on the ciphertext being transmitted

will fail the decryption process. In such case, a resynchronization process

such as reinitialization or placing special marks at regular intervals in the

ciphertext is required.

• Error propagation: In synchronous stream ciphers, errors in ciphertext

symbols (digits or characters) during transmission do not propagate and affect

the decryption of other ciphertext symbols.

• Active attack: Any modification (insertion, deletion) or replay of ciphertext

symbols by an eavesdropper causes loss of synchronization, which allows the

receiver (decrypter) to detect the modification.

2.1.2 Asynchronous Stream Ciphers (selfsynchronous)

Unlike synchronous stream ciphers, selfsynchronous stream ciphers generate keystreams as a function of the key k and a fixed number of previous ciphertext

19 symbols (Stallings, 2006). In other words, selfsynchronous ciphers utilize plaintext in the process of generating a new keystream as shown in Figure 2.3.

Keystream Keystream Generator K Generator

k i k i

m i E ci D m i k i k i

Encryption Decryption

Figure 2.3: Asynchronous stream cipher

The encryption function of a selfsynchronous stream cipher is best described by the following equations:

∂i = (c itit−, c −+1 ,..., c i − 1 ) , (2.8)

k= KG ∂ , K , (2.9) si ( i )

c= EN k, m i( si i ) (2.10)

where ∂0 is the initial state, K is the input key, KG is the keystream generation

function which produces ks , and EN is the encryption function which combine both

of the keystream and plaintext mi to produce the ciphertext ci .

In this type of ciphers and unlike synchronous ciphers, the selection of the key may raise problem since any statistical regularities in the plaintext will show up

20 in the key (Bishop, 2003). Selfsynchronous stream ciphers have the following properties (Mollin, 2005):

• Synchronization requirements: the decryption process in selfsynchronous

stream ciphers basically depends on a fixed number N of preceding ciphertext

digits. Hence if modifications have been made on ciphertext digits during

transmission, selfsynchronization will take place.

• Error propagation: selfsynchronous ciphers are subjected to error

propagation due to the dependency of the keystream generation’s internal

state on the previous ciphertext digits of length N. When modifications on

ciphertext occur during transmission, decryption of up to r subsequent

ciphertext symbols may be incorrect, after which correct decryption resumes.

• Active attacks: any modification of ciphertext digits by an eavesdropper

causes multiple ciphertext symbols to be encrypted incorrectly. According to

Stallings (2003), detecting the modification in selfsynchronous stream

ciphers is more difficult than in synchronous stream ciphers.

During the process of designing a stream cipher, the cryptographer has to satisfy the following requirements (Lee, et al., 2002):

• Error Propagation: minimum number of redundant bits during the encryption

and decryption process.

• Redundant Information: minimum number of redundant bits during the

information insertion.

• Cryptographic Security: the length of the secret key should be long enough to

avoid exhaustive key search attack.

21

• Implementation Simplicity: the design of the stream cipher should be

suitable for both hardware and software implementations.

• Performance Speed: the stream cipher should be performable at minimum

speed of 1.544 Mbps.

2.2 Stream Ciphers: Categorization and Related Works

In contrast to block ciphers, stream ciphers have no standard model for their construction design, which leads cryptographers to construct various models of stream ciphers. The basic structures often found in stream ciphers may include

LFSRbased cipher (LinearFeedback Shift Register), NLFSRbased cipher (Non

Linear Feedback Shift Registers), Block cipherbased stream cipher, Tfunction based ciphers and other structures. However, this study classifies stream ciphers into categories whereby each category includes stream ciphers that share specific properties. Figure 2.4 shows the classification of different stream cipher algorithms as appears in the literature. Note that the classification is based on how keystream generators operate in generating the keystream.

In our classification, stream ciphers are divided into two main categories:

Hardwarebased and Softwarebased stream ciphers. The classification aims to look at stream ciphers from the implementation perspectives in which we found that they fall into two categories (hardwareimplementation and softwareimplementation stream ciphers). The third level on the hierarchy of the classification includes deeper categorization based on hardware or software related issues. The indepth classification of hardwarebased stream ciphers includes: FCSR/NLFSRbased and

22 clock control and LFSR based stream ciphers. On the other hand, the softwarebased stream cipher category includes: TFunctionbased stream ciphers, Block cipher based stream ciphers, NP hard problembased stream ciphers (our proposed direction of stream ciphers) and other alternatives that do not fit into the previous categories.

23

Stream Ciphers

HardwareBased SoftwareBased Hybrid Designs

Simple Logical NPhard Shift Registers TFunction SBox Block Cipher & Arithmetic problems Operations

Shortest Vector in LFSR NLFSR/FCSR Clock Control Lattices

Proposed Stream Shrinking & self Elliptic Curve shrinking Stop & Go Discrete Log Ciphers

Discrete Log & Summation Cascades Polynomial

Boolean ABSG Decimation Functions Mechanism

Figure 2.4: Stream ciphers classifications

24