PARALLEL PLATFORM FOR NEW SECURE STREAM CIPHERS BASED ON NP-HARD PROBLEMS
KHALED MOHAMMAD A. SUWAIS
UNIVERSITI SAINS MALAYSIA
2009
PARALLEL PLATFORM FOR NEW SECURE STREAM CIPHERS BASED ON NP-HARD PROBLEMS
by
KHALED MOHAMMAD A. SUWAIS
Thesis submitted in fulfillment of the requirements for the degree of Doctor of Philosophy
JUNE 2009 ACKNOWLEDGMENT
During my work on this thesis, there were many people who sincerely guided and supported me. I would like to take this opportunity to express my gratitude to all of them, for giving me the opportunity to complete this thesis.
I am deeply indebted to my supervisor, Associated Professor Azman Samsudin, for his guidance during my research at School of Computer Sciences, Universiti Sains
Malaysia (USM). He was always accessible and enthusiastic in research. His enthusiasm motivated me, and made my research life became smooth and rewording.
I want to express my gratitude to School of Computer Sciences, Universiti Sains
Malaysia and the general office staff, for supporting this study financially and morally.
I would like to take this opportunity to thank my beloved parents, Mohammad and Ilham. Their unlimited support and true love had maimed the geographical distances between us. They stand by me, raised me, supported me, taught me, and love me. To them I dedicate this thesis.
I would also like to thank my lovely brother Abdul Aziz and my beloved sisters
Dina, Abeer and Haneen for their support and love during my study abroad.
I wish to thank the person who stand by me and shared my happiness and sadness. The person who supported me and provided me with a caring environment, and unforgettable moments in Malaysia. Thank you dear Beh Bee Cheng.
ii ii
I would like to thank Khader Alrawajfih, Nagham Almadi and Mohammad
Almadi, for being my second family in Malaysia. With them, I felt the support and shared happy and unforgettable moments during my study.
Last but not least, I would like to thank my colleagues, Ibrahim, Hisham, Ali,
Fazila and Hamid, for their support and help. I also want to thank my dearest frinds
Mohammad Wasef, Mohammad Bakkar, Wesam Hatamleh, Mohammad Alia, Muthanna
Albuldawi, Bashar Alashal, Osama Abu-Dayyeh Sarah Shalini, Adnan Hunaif Ahmad
Alzoubi and Mohammad Betar for their care and support.
Khaled M. Suwais
iii
TABLE OF CONTENTS
ACKNOWLEDGMENTS ii
TABLE OF CONTENTS iv
LIST OF TABLES x
LIST OF FIGURES xi
LIST OF ABBREVIATIONS xv
ABSTRAK xviii
ABSTRACT xx
CHAPTER ONE: INTRODUCTION
1.0 Introduction 1
1.1 NP -Hard Problems and Parallelism 5
1.2 Research Prob lem 7
1.3 Research Scope 8
1.4 Research Goal and Objectives 9
1.5 Research Contribution s 9
1.6 Research Methodology 10
1.7 Thesis Organization 13
iv iv
CHAPTER TWO: STREAM CIPHERS AND PARALLELISM
2.0 Introduction 15
2.1 Stream Ciphers: Concep t and Definition 17 2.1.1 Synchronous Stream Ciphers 19 2.1.2 Asynchronous Stream Ciphers 21
2.2 Stream Ciphers: Categorization and Related Works 23 2.2.1 Hardware based Stream Ciphers 26 2.2.2 Software based Stream Ciphers 38 2.2.3 Hybrid Designs 53
2.3 Non -deterministic Polynomial Time Hard Problem ( NP -hard) 58 2.3.1 Discrete Logarithm Problem (DLP) 62 2.3.2 Elliptic Curve Discrete Logarithm Problem (ECDLP) 64 2.3.3 Shortest Vector Problem in Lattice (SVP) 67 2.3.4 Travelling Salesman Problem (TSP) 68
2.4 Parallelism in Cryptography 70 2.4.1 Methods for Parallel Computing 71 2.4.2 Current Parallelism in Cryptography 76
2.5 Summary 78
CHAPTER THREE: NP-HARD BASED STREAM CIPHERS AND PARALLEL PLATFORM
3.0 Introduction 80
3.1 Stream Ciphers Based on NP -hard Problems 80
3.1.1 Stream Ciphers Based on Elliptic Curve Discrete Log Problem 81 (ECSC-128)
3.1.1.1 Problem Definition 81 3.1.1.2 The Design of ECSC -128 85 3.1.2 Stream Cipher Based on Discrete Log Problem (DSP -128) 90 3.1.2.1 Problem Definition 90
v v
3.1.2.2 The Design of DSP -128 93 3.1.3 Stream Cipher Based on Shortest Vector Problem in Lattice 98 (LTSC-128)
3.1.3.1 Problem Definitio n 98 3.1.3.2 The Design of LTSC -128 101 3.2 The Design of the Parallel Platform 108 3.2.1 Generator Selector (GS) 109 3.2.2 Parameter Extractor (PEx) 110 3.2.3 Keystream Generator (KG) 111 3.2.4 Keystream -size Controller (K C) 113 3.2.5 Plaintext Encoder (PEn) 114 3.2.6 Detector, Controllers and Inner -Components Communications 116
3.3 Summary 131
CHAPTER FOUR: SECURITY AND PERFORMANCE ANALYSIS
4.0 Introduction 134
4.1 Implementation Issu es and Techniques 136
4.2 Stream Ciphers Performance and Security Analysis 139
4.2.1 Analyzing ECSC -128 Stream Cipher 141 4.2.1.1 Security Analysis 141 4.2.1.2 Performance Analysis 146 4.2.2 Analyzing DSP -128 Stream Cipher 148 4.2. 2.1 Security Analysis 148 4.2.2.2 Performance Analysis 152 4.2.3 Analyzing LTSC -128 Stream Cipher 153 4.2.3.1 Security Analysis 153 4.2.3.2 Performance Analysis 159
4.3 The Parallel Platform Performance and Security Analysis 161
4.3 .1 The Effect of the Parallel Platform on the Stream Ciphers Security 162 4.3.2 The Impact of the Parallel Platform on ECSC-128 Stream Cipher 162
vi vi
4.3.3 The Impact of the Parallel Platform on DSP -128 Stream Cipher 164 4.3.4 The Impact of the P arallel Platform on LTSC -128 Stream Cipher 167
4.4 Discussion 169
4.5 Summary 172
CHAPTER FIVE: CONCLUSIONS AND FUTURE WORKS
5.0 Thesis Summary 173 5.1 Future Works 174
REFERENCES 182
APPENDIX A: DIEHARD STATISTIC AL TESTS SUITE
A.0 Introduction 193
A.1 Diehard Statistical Tests Description 193 A.1.1 Birthday Spacing Test 193 A.1.2 Overlapping 5 -Permutation Test 194 A.1.3 Binary Rank Test for (31×31) Matrices 194 A.1.4 Binary Rank Te st for (32×32) Matrices 195 A.1.5 Binary Rank Test for (6×8) Matrices 195 A.1.6 Bitstream Test 196 A.1.7 DNA Test 196 A.1.8 OPSO Test 196 A.1.9 OQSO Test 197 A.1.10 Count -The -1’s Test on Stream of Bytes 197
vii
A.1.11 Count -The -1’s Test for Specific Bytes 198 A.1.12 Parking Lot Test 199 A.1.13 Minimum Distance Test 199 A.1.14 3Dspheres Test 200 A.1.15 Squeeze Test 200 A.1.16 Overlapping Sums Test 201 A.1.17 Run Test 201 A.1.17 Run Te st 201
APPENDIX B: ENCRYPTION RATES AND STATISTICAL RESULTS
B.0 Introduction 203
B.1 Encryption Rates of the Proposed Stream ciphers 203
B.1.1 Encryption Rates of ECSC -128, DSP -128 and LTSC -128 Stream 203 Ciphers
B.1.2 Encryption R ates of the Parallelized ECSC -128, DSP -128 and 204 LTSC-128
B.1.3 Effect of Multi -core Processors on Stream Ciphers Encryption 205 Rates
B.1.4 Effect of Multi -core Processors on the Parallelized Stream Ciphers 205 Encryption Rates
B.2 Results Obta ined from Diehard Tests 206
B.2.1 Diehard Test Results for ECSC -128 Stream Cipher 207 B.2.2 Diehard Test Results for DSP -128 Stream Cipher 209 B.2.3 Diehard Test Results for LTSC -128 Stream Cipher 211
viii
APPENDIX C: GMP AND NTL LIBRARIES
C.0 Introduction 213
C.1 Auxiliaries Libraries 213 C.1.1 GMP Library 213 C.1.1.1 GMP Functions Classifications 214 C.1.1.2 Using GMP 214 C.1.2 NTL Library 220 C.1.2.1 NTL: Headers and Modules 221 C.1.2.2 Using NTL 223
LIST OF PUBLICATIONS 228
ix ix
LIST OF TABLES
Page
2.1 Truth table of the Boolean function βββ (a1, a2) = a1a2 + a1 31
3.1 Association table between the counter, plaintext segment and 117 thread ID
3.2 Generating new counter value for encryption on each thread 12 3
3.3 Generating new counter value for decryption on each thread 12 4
4.1 p-values and conclusion for Diehard test on ECSC -128 14 2
4.2 The rounded distribution of the overall produced p-values for 14 3 ECSC-128
4.3 p-values and conclusion for Diehard test on DSP -128 148
4.4 The rounded distribution of the overall produced p-values for 148 DSP-128
4.5 p-values and conclusion for Diehard test on LT SC -128 15 4
4. 6 The rounded distribution of the overall produced p-values for 15 5 LTSC-128
B.1 Encryption rates of ECSC -128, DSP -128 and LTSC -128 on Dual - 20 0 Core and Quad-Core processors
B.2 Encryption rates of the parallelized P(ECSC -128), P(DSP -128) 20 0 and P(LTSC-128) on Dual-Core and Quad-Core processors
B.3 The improvement of ECSC -128, DSP -128 and LTSC -128 stream 20 1 ciphers performance on Quad-core processor
B.4 The improvement of the parallelized ECSC -128, DSP -128 and 20 2 LTSC-128 stream ciphers performance on Quad-core processor
B.5 List of p-values produced by Diehard tests for ECSC -128 stream 20 3 cipher
B.6 List of p-values produced by Diehard tests for DSP -128 stream 20 5 cipher
B.7 List of p-values produced by Diehard tests for LTSC -128 stream 207 cipher
C.1 Summary of some NTL modules 218
x x
LIST OF FIGURES
Page
1.1 Taxonomy of Cryptology 2
1. 2 Stream cipher 4
1.3 Quad -core processor 6
1.4 Proposed stream cipher design 11
1.5 Research workflow 12
2.1 Model of conventional cryptosystem (Stalling, 2003) 14
2.2 Synchronous stream cipher 18
2.3 Asynchronous stream cipher 20
2.4 Stream ciphers classifications 24
2.5 LFSR of length l 26
2.6 Shrinking generator (modified from (Choi, et al., 20 03) ) 28
2.7 Self -shrinking generator 29
2.8 Alternating step generator 34
2.9 S-Box input/output mapping 39
2.10 F-function of MUGI 41
2.11 Stream cipher based on block cipher scheme 42
2.12 Single round of Phelix (Whiting, et al., 2005) 44
2.13 One block of Phelix (Whiting, et al., 2005) 46
2.14 Updating the inner states of Rabbit (Boesgaard, et al., 2003) 47
2.15 KSA and PRGA algorithms in RC4 stream cipher 50
2.16 PRGA round operation 50
2.17 Functions A, B and C in the keyst ream generator ABC (Anashin, et al., 2005) 53
2.18 Relationship between P, NP , NP -complete and NP -hard problems 61
xi xi
2.19 The geometry of point doubling on Elliptic Curve (Certicom, 2008) 64
2.20 2-Dimensional Lattice Space (Csárdi, 2006) 66
2.21 Travelling Salesman Problem representation 67
2.22 Multithreaded system architecture 70
2.23 Multithreading on multiprocessors machine 71
2.24 Multithreading on distributed processors 72
2.25 Performance improvement gained from multi -core technol ogy 73
3.1 KGS mechanism in ECSC -128 86
3.2 The design of ES stage in ECSC -128 87
3.3 The overall design of ECSC -128 87
3.4 The code snippet of IS in DSP -128 stream cipher 91
3.5 The code snippet of KGS in DSP -128 stream cipher 93
3. 6 KGS mecha nism in DSP -128 94
3. 7 The overall design of DSP -128 . 94
3. 8 Initializing polynomials L and M by extracting the coefficients from ℓ 10 0
3. 9 Choosing the second and third segments to form the final Ks 10 2
3.10 The code snippet of KGS in DSP -128 stream cipher 10 3
3. 11 The design of ES Stage implemented in LTSC -128 10 3
3. 12 Generator Selector (GS) component 10 6
3. 13 Paramet er Extractor (PEx) component 107
3.1 4 Parallel keystream generated by the Keystream Generator (KG) component 108
3.15 The code snippet of KG in the parallel platform 109
3.1 6 Keystream -size Controller (KC) component 11 0
3.1 7 Plaintext Encoder (P En) component 11 2
3.1 8 MCD and MCD on Dual -core processor 11 4
xii
3.19 The code snippet of BsC controller 11 5
3. 20 Bit -sync Controller (BsC) 11 6
3. 21 Parallel keystream generation controlled by BsC 118
3. 22 Concurrency and consistency in parallel keystream generation 12 0
3. 23 Encryption performed on Dual -core processor 12 1
3. 24 Decryption performed on Quad -core processor 12 2
3.2 5 Performing encryption and decryption on different number of cores 12 6
3.26 The general form of the parallelize d platform 127
3.27 Shared processes between the stream cipher and the platform architecture 129
4.1 Difficulty of forward, inverse operation against key length 139
4. 2 Performance comparison between ECSC -128 and RC4 14 4
4. 3 Performance comparison between DSP -128 and RC4 149
4. 4 Performance comparison between LTSC -128 and RC4 156
4. 5 Performance comparison between ECSC -128, DSP -128, LTSC -128 and RC4 157
4. 6 Performance comparison between the parallelized P(ECSC -128) and RC4 159
4. 7 Performa nce improvement achieved by P(ECSC -128) 16 0
4. 8 Performance comparison between the parallelized P(DSP -128) and RC4 16 2
4. 9 Performance improvement achieved by P(DSP -128) 16 3
4.1 0 Performance comparison between the parallelized P(LTSC -128) and RC4 165
4. 11 Performance improvement achieved by P(LTSC -128) 16 6
4. 12 Efficiency level of the parallel platform on 2, 4, 8 -cores processors 167
5.1 Current level of parallelism on Quad -core processor 17 2
5.2 Extended level of parallelism on Quad -core proc essor 17 3
C.1 Example on program header supporting GMP 211
C.2 Linking C and C++ programs to lgmp library 21 1
C.3 Various GMP data types declarations 21 2
xiii
C.4 Integer variables initialization 21 2
C.5 Assignment functions 21 3
C.6 Conversion funct ions 21 4
C.7 Arithmetic functions 21 5
C.8 Logical and bit manipulation functions 216
C.9 Relationship between NTL header files 217
C.10 Polynomial addition 219
C.11 Polynomial multiplication 22 0
C.12 Left and right shift operations on pol ynomial 22 1
C.13 NTL miscellany functions 22 2
xiv
LIST OF ABBREVIATIONS
NP -hard : Non -deterministic Polynomial -hard
PRNG : Pseudo -random Number Generator
NS : Next -State
LFSR : Linear Feed -back Shift Register
NLFSR: Non -Linear Feed -back Shift Register
FCSR : Feed Carry Shift Register
FPGA : Field Programmable Gate Array
ANF : Algebraic Normal Form
T-Function : Triangular -Function
S-Box : Substitution -Box
AES: Advanced Encryption Standard
SPN: Substitution -Per mutation Network
SSL: Secure Socket Layer
WEP: Wired Equivalent Privacy
IV: Initial Vector
SHA: Secure Hash Algorithm
KSA: Key -Scheduling Algorithm
PRGA: Pseudo -random Generation Algorithm
NoC: Network on Chip
DLP: Discrete Logarithm Proble m
ECDLP: Elliptic Curve Discrete Logarithm Problem
ECC: Elliptic Curve Cryptography
ECDSA: Elliptic Curve Digital Signature Algorithm
x v xv
ECMQV: Elliptic Curve Menezes -Qu -Vanstone
SVP: Shortest Vector Problem
CVP: Closest Vector Problem
TSP: Trav elling Salesman Problem
VHDL: VHSIC Hardware Description Language
PS -LFSR: Parallelized -Structured Linear Feed -back Shift Register
ONB: Optimal Normal Form
PB: Polynomial Basis
IS: Initialization Stage
KGS: Keystream Generation Stage
ES: Encr yption Stage
NIST: National Institute of Standard and Technology
GCD: Greatest Common Divisor
LSB: Least Significant Bit
MSB: Most Significant Bit
GS: Generator Selector
PEx: Parameter Extractor
KG: Keystream Generator
KC: Keystream -size Co ntroller
PEn: Plaintext Encoder
MCD: Machine -core Detector
TCC: Thread Creation Controller
BsC: Bit -sync Controller
NOB: Number of Bits
NOC: Number of Cores
DualC: Dual -Core
xvi
QuadC: Quad -Core
BDAY: Birthday Spacing Test
OPERM: Overlappin g 5 -Permutation Test
RANK: Binary Rank Test for Matrices
BSTM: Bitstream Test
DNA: DNA Tests
OPSO: OPSO Test
OQSO: OQSO Test
CBYTE: Count -The -1’s Test on stream of bytes
CSBYTE: Count -The -1’s Test for specific bytes
PARKL: Parking Lot Test
MDIST: Minimum Distance Test
3DS: 3Dspheres Test
SQEZ: Squeeze Test
OSUM: Overlapping Sums Test
RUN: Run Test
CRAP: Crap Test
GMP: GNU Multi -precision
NTL: Number Theory Library
xvii
PELANTAR SELARI UNTUK SIFER ALIRAN SELAMAT YANG BARU BERASASKAN PERMASALAHAN NP-HARD
ABSTRAK
Tujuan kajian ini adalah untuk mengenal pasti unsur-unsur utama reka bentuk sifer aliran yang selamat dan pantas. Dalam bidang kriptografi, sifer aliran ialah algoritma kekunci simetri yang direka untuk menyulitkan dan menyahsulitkan data-data sulit. Penyulitan dan penyahsulitan sejumlah besar data-data ini memerlukan reka bentuk alternatif sifer aliran yang menjanjikan tahap keselamatan dan kepantasan yang lebih tinggi bagi penyulitan data.
Kedua-dua masalah NP-hard dan keselarian digunakan dalam kajian ini.
Masalah-masalah NP-hard digunakan untuk memberi tahap keselamatan tinggi pada sifer aliran memandangkan ketiadaan algoritma untuk menyelesaikan masalah tersebut dalam sistem polinomial. Konsep keselarian diperkenalkan sebagai platform bagi sifer aliran berdasarkan masalah NP-hard . Platform selari ini direka bentuk bagi membolehkan sifer aliran ini berfungsi lebih pantas di atas pemproses berbilang teras
(multicore processor).
Integrasi antara sifer aliran berdasarkan masalah NP-hard dengan platform selari merupakan faktor utama dalam penghasilan sifer aliran yang selamat dan pantas.
Analisis keselamatan dan statistik menunjukkan bahawa sifer aliran berdasarkan masalah NP-hard kami adalah selamat daripada serangan-serangan cryptanalysis dan statistik. Analisis prestasi ke atas platform selari menunjukkan keputusan mengagumkan xviii bagi sifer aliran yang diuji, di mana platform selari tersebut dapat mempercepatkan kadar enkripsi lebih kurang 1.8 dan 3.75 kali, masing-masing pada pemproses dwi-teras dan empat-teras. Platform tersebut didapati cekap menggunakan pemproses berbilang teras di mana ia mampu meningkatkan prestasi sifer aliran yang diuji selaras dengan peningkatan bilangan teras dalam pemproses berbilang teras.
Kajian ini memperkenalkan reka bentuk praktikal (bagi sifer aliran dan platform selari) yang berskala menggunakan pemproses berbilang teras. Masa depan platform selari ini adalah cerah memandangkan bilangan teras dalam pemproses berbilang teras meningkat secara eksponen. Justeru, bilangan teras yang meningkat ini akan memacu prestasi sifer aliran berasaskan permasalahan NP-hard terpalam.
xix
PARALLEL PLATFROM FOR NEW SECURE STREAM CIPHERS BASED ON NP-HARD PROBLEMS
ABSTRACT
The purpose of this study was to identify the key elements for secure and fast stream cipher’s design. In cryptography, stream cipher is a symmetric key algorithm, which is designed to encrypt and decrypt stream of confidential data. Encrypting and decrypting massive amount of data, necessitates alternative design for stream cipher, which compromises high level of security and fast data encryption.
Both NP -hard problems and parallelism were utilized in this study. The NP -hard problems were used to provide stream ciphers with high level of security, since there is no algorithm exists to solve NP -hard problems in polynomial time. Parallelism was introduced as a platform for stream ciphers based on NP -hard problems. The parallel platform was designed to enable stream ciphers based on NP -hard problems to perform faster on multi-core processors.
The integration between the stream ciphers based on NP -hard problems and the parallel platform was the primary factor in producing secure and fast stream ciphers. The security and statistical analysis showed that our NP -hard problem-based stream ciphers are secure against cryptanalysis and statistical attacks. The performance analysis on the parallel platform revealed impressive results for the tested stream ciphers, where the parallel platform accelerated the encryption rate by approximately 1.8 and 3.75 times on
Dual-core and Quad-core processors respectively. The platform was found efficient in xx xx utilizing multi-core processors, in which it was able to speed up the performance of the tested stream ciphers relatively to the increasing number of cores, on multi-core processors.
This study has introduced a practical design (stream cipher and parallel platform), which was scalable in utilizing multi-core processors. The future of the parallel platform is promising, since the number of cores in multi-core processors is increasing exponentially. Thus, the increasing number of cores will effectively accelerate the performance of plugged-in NP -hard problem-based stream ciphers.
xxi
CHAPTER ONE
INTRODUCTION
1.0 Introduction to Cryptography
Cryptography is the fundamental component for any computer security application used to provide cryptographic services for secure communication over public and unsecured channels. Cryptography focuses on issues of securing messages so that only the relevant parties can read the message (Mollin, 2007). The main purpose of cryptography is to encode the data (plaintext) to unreadable form
(ciphertext) and vice versa. Transforming a message to an incomprehensive form is accomplished by a process known as encryption. In contrast, transforming an encrypted message to its original form is accomplished by a process known as decryption.
The use of cryptography was important through the centuries, in which cryptographic applications were used for civilian usage (companies, individuals, etc), or even were used in military operations as in World War I (e.g. cipher wheels or marks on papers) and World War II (e.g. Purple machine and Enigma) (Kahn, 1967).
Cryptography is generally designed to provide confidentiality, authentication, integrity and accessibility services (Menezes, et al., 1993; Mouratidis, et al., 2003).
Confidentiality service is used to ensure that messages are accessible only to authorized recipients. Authentication is normally used to authenticate the identity of the connected parties. Preventing eavesdroppers from changing the content of the messages sent from source to destination is basically a service provided by the
1 integrity service. Lastly, accessibility is designed to only allow authorized parties to use the available information resources.
In modern times, cryptographic systems (cryptosystems) have been used extensively in our daily communications to provide us with high level of security. In practice, cryptography is applied in numerous applications such as: internet communication, wireless communication (mobile phones) and banking transactions.
The development of the cryptographic tools and systems has played an important role in re shaping the communication style in a significant manner.
Based on the cryptography taxonomy found in (Kahn, 1967; Feistel, 1970;
Beutelspacher, 1996), cryptography and cryptanalysis are combined together to form the science of Cryptology. The sciences of Cryptology and its cryptographic primitives are categorized in Figure 1.1.
Cryptology
Cryptography Cryptanalysis
Encryption Authentication Active Passive Attack Attack
Symmetric Asymmetric
Hash Function Certificates Block Cipher Stream Cipher
Public Key Digital Signature
Figure 1.1: Taxonomy of Cryptology 2
Cryptography, as shown in Figure 1.1, deals with two categories of cryptosystems. The first category includes encryption algorithms which are classified into two further sub categories: symmetric and asymmetric cryptosystems. The other category includes authentication algorithms which are classified into two main categories: hash functions and certificates authentication. In this research, we are focusing only on the stream cipher which falls under the encryption category of cryptography.
In principle, symmetric and asymmetric cryptosystems share the same design goal, in which both cryptosystems are responsible for encrypting and decrypting user’s messages. The main difference between these cryptosystems is the use of additional key in asymmetric cryptosystems. Symmetric key cryptosystems use a single key to encrypt and decrypt a given message. On the contrary, asymmetric key cryptosystems (also known as public key cryptosystems), use two different keys to encrypt and decrypt a message.
In stream ciphers, a sequence of random bits is generated and used as a keystream which will never be used again during the run of the cipher. In general, stream ciphers are faster than block ciphers, making them suitable to be used in a resource constrained environment (Karlof, et al., 2004). The basic idea of stream ciphers is inherited from the theoretical encryption algorithm called a One Time Pad, in which a plaintext is XORed with a key of the same length as the plaintext
(Daswani, 2007). The general structure of stream ciphers is shown in Figure 1.2.
Some of the classical ciphers are: Affine cipher, Vigenère Autokey Polyalphabetic cipher and Playfair cipher (Bishop, 2003; Stallings, 2006).
3
Keystream Keystream Key Generator Generator
Keystream Keystream
ki ki Plain Text Cipher Text Plain Text P C C P ….11001…. i i ….01100…. i i ….11001….
Figure 1.2: Stream cipher
The essential motivation of using stream ciphers, instead of block ciphers, is the ability of stream ciphers to perform faster in environment where computational power and memory capacity are limited (Karlof, et al., 2004). However, current technologies tend to overcome the limitation problems (such as performance and computational power) by presenting new multi core processors which can improve the performance of the running systems.
1.1 NP Hard Problems and Parallelism
NP hard problems are complex mathematical problems with no algorithm to solve them in polynomial time is exist. NP hard problems are well known in the field of cryptography since they proved to provide cryptosystems with high security. The use of NP hard problems was efficient in different symmetric key cryptosystems, key exchange protocols, digital signature algorithms, and many others. However, the problem associated with NP hard problems is the intensive number of calculations required during the run of the algorithm. Therefore, parallelism is introduced to fill
4 up the gap between the intensive calculations of NP hard problems and their performance by utilizing the existence of multi core processors.
High performance computing is increasingly in demand especially in several scientific and commercial applications. The need for secure and high performance communication has become an important ingredient in our daily life. Achieving higher performance is feasible by utilizing more computer resources, where several jobs are accomplished simultaneously and therefore completed in shorter time.
Parallel processing is described as the concurrent use of multiple processing resources (e.g. multiple CPUs) to solve a computational problem, where a given problem is broken into smaller segments and solved concurrently using multiple processors. Technically, the achievement of higher performance depends on two essential factors: faster hardware devices and processing techniques (Briggs, 1986).
Several researches were conducted to improve the hardware architecture and software techniques in order to achieve higher performance.
Under the processing techniques factor, multithreading technique was introduced in 1960s (SunSoft, 2002) to enhance the performance of applications by running them in parallel on the available resources. Multithreading technique aims to create a virtual multiprocessors environment and use this environment to run multiple tasks on single processor. From other perspective, the recent hardware revolution has played a significant role in improving systems performance through the multi core technology. Multi core is a technology where a single physical processor contains the logical core of more than one processor as shown in Figure
1.3. The main goal of this technology is to enable the multi core processor to run
5 multiple tasks concurrently in order to achieve higher performance compared to single core processors.
C C C C O O O O R R R R E E E E 1 2 3 4
Single physical processor
Figure 1.3: Quad core processor
Applying parallel techniques in cryptography has become essential for higher throughput and improved performance, especially with the current available resources. Therefore, in this study we are utilizing the new multi core technology with the multithreading techniques to speed up the encryption process in stream ciphers, in order to provide secured and better performance cryptosystems.
1.2 Research Problem
This study is conducted due to the importance of stream ciphers in securing information, which is considered as the most strategic resources. The state of art of stream ciphers is found lack of a comprehensive literature review that analyzes the constructional design of existing stream ciphers. Therefore, the exploration and analysis of existing stream ciphers resulted in addressing two problems, which are: the security and the design properties .
6
The massive numbers of existing stream ciphers are found vulnerable
(security breakable) to cryptanalysis attacks due to the weaknesses of their keystream generator. From the other perspective, the constructional design of these stream ciphers is found sequential. Therefore, these stream ciphers do not allow parallelism and not able to take full advantage of parallel computer architecture which is ready and available in markets.
As a summary, identifying the problems associated with existing stream ciphers is crucial to determine the efficient solutions. However, solving the security issue require applying complex and hard mathematical problems (i.e. NP hard problems) at the keystream generator level to increase its resistance against cryptanalysis attacks. The use of NP hard problems in stream ciphers is promising since there is no algorithm to solve these problems in polynomial time. On the other hand, re constructing the design of stream ciphers is possible by identifying the independent components of their internal design. By doing that, stream ciphers will be able to utilize multi core processors to enhance their performance, and then deliver the security community with highly secure and fast stream ciphers.
1.3 Research Scope
Stream ciphers are found lack of several security and statistical attributes, making them subjected to cryptanalysis attacks. The scope of this thesis is presented in introducing alternative stream ciphers based on the following NP hard problems:
• Elliptic Curve Discrete Logarithm Problem (ECDLP).
• Discrete Logarithm Problem (DLP).
7
• Shortest Vector Problem in Lattice (SVP).
This research aims to use NP hard problems in stream cipher cryptosystems, with the focus on the three NP hard problems mentioned above. Security and performance analysis and assessment on the proposed stream ciphers and the parallel platform are also carried out to ensure their practicality.
The limitation of this research is associated with the choice of the highly studied NP hard problems (ECDLP, DLP and SVP) for the proposed stream ciphers.
In fact, there are several other NP hard problems which are not well studied and therefore such problems need to be studied first before they can be used in cryptography.
1.4 Research Goal and Objectives
The main goal of the research is to overcome the security and design problems (as addressed in Section 1.2), by utilizing both NP hard problems and parallelism on multi core processors. The general objectives of this research are listed as follows:
• Propose alternative methods of generating sequences of keystream in stream
ciphers based on:
o Elliptic curve discrete logarithm problem represented by point
multiplication over selected elliptic curve.
o Discrete logarithm problem represented by polynomial
representations using polynomial arithmetic.
8
o Shortest vector problem in lattice spaces represented by Low
Hamming weigh polynomials.
• Propose new parallel platform for stream ciphers based on NP hard problems
with proper design specifications.
• Perform intensive security and performance for the proposed stream ciphers
and the parallel platform.
1.5 Research Contributions
This thesis provides a comprehensive review of stream ciphers which assist the development process of new stream ciphers. This thesis also present a secure and fast stream ciphers that has great impact on the field of information security. The main contributions of this research are summarized as follows:
1. Developing new highly secure stream ciphers based on NP hard problems for
cryptographic applications.
2. Presenting new research direction for parallel stream ciphers through the
utilization of multi core technologies.
3. Presenting new constructional design for stream ciphers capable to work on
parallel environments.
4. Designing new parallel platform to accelerate the performance of secure
stream ciphers.
9
1.6 Research Methodology
Stream ciphers are classified into two main categories: software and hardware based stream ciphers. These stream ciphers rely on several software and hardware techniques to achieve better security. In our research, we found that many of the subcategories, under the main two categories, suffer from some security vulnerabilities (such as cryptanalysis attacks and statistical biased), and sequential structure. Therefore, this study aims to use NP hard problems (new subcategory under the software based category) to achieve optimum level of security.
Achieving the research objectives is accomplished in two phases. The two phases are as follows:
• Stream Cipher Implementation Phase: the design of the proposed stream
ciphers is divided into three stages: Initialization stage, Keystream
Generation stage and Encryption stage. Dividing the structure of the stream
ciphers into stages has enabled stream cipher to work in parallel, therefore
transforming the sequential structure of existing stream cipher into new
parallelizable structure. The employment of NP hard problems will be
targeted to the second stage of the design. Accordingly, generating infinite
new keystream depends on infinite number of iterations during the run of the
stream cipher. The iteration rests on a counter created for incremental
operation on the initial value of the input key obtained from the initial stage.
Finally, the obtained keystream is used to encrypt a stream of plaintext bits
and generate a stream of enciphered bits. The general design of the proposed
stream ciphers is shown in Figure 1.4.
10
Plaintext Input Key
Keystream Initialization K K Encryption Generation s Stage Stage Stage Ciphertext Counter++
Figure 1.4: Proposed stream cipher design
• Platform Implementation Phase: the platform consists of several components
and special designed detector and controllers. It is divided into five main
components: Generator Selector, Parameter Extractor, Keystream Generator,
Keystream size Controller and Plaintext Encoder. These components are
designed to work best with the stream ciphers obtained from the previous
stage. The main goal of this platform is to enable stream ciphers generating
multiple keystream concurrently and independently from each other.
Evaluating the two phases (stream ciphers implementation phase and platform implementation phase) is an important step in our research. The first phase is evaluated by verifying the reliability of our stream ciphers security against cryptanalysis attacks, and examining the statistical attributes of the generated keystream. On the other hand, the evaluation of the platform includes extensive performance tests on different multi core processors. In addition, the platform is also verified statistically; by re verifying the statistical properties of the generated keystream by the attached stream ciphers to the parallel platform. Figure 1.5 shows the workflow of the main components carried out in this research.
11
ECDL
NP hard Stream SVP Problems DLP Ciphers
NP hard Based Stream Ciphers
Multi Core Processor
Parallel Platform
Security & Performance Statistical Parallel Platform Evaluation Analysis
Figure 1.5: Research workflow
1.7 Thesis Organization
The work conducted in this thesis is presented in five chapters with appendices. The first chapter provides an introduction to the work by introducing a brief introduction to cryptography and its related concepts. In addition, a brief introduction to our work is also conducted here (Chapter 1). The reminder of the thesis is organized as follows.
12
Chapter 2 : In this chapter, we discuss the important concepts of stream ciphers and their classifications. The use of the mathematical NP hard problems and parallelism in cryptographic systems is also discussed.
Chapter 3 : A complete description of the proposed methodology is included in this chapter. The chapter is divided into two sections. In Section 3.1, we discuss the stream ciphers design and specifications. The design and the implementation of the parallel platform components are described in Section 3.2.
Chapter 4 : This chapter presents the security and performance analysis of both stream ciphers and parallel platform. The security analysis is conducted from two perspectives: cryptanalysis attacks and statistical analysis, to show the security level provided in the proposed ciphers. The performance evaluation aims to show the efficiency of the platform in terms of the ability of delivering stream ciphers with higher performance.
Chapter 5 : Finally, we conclude our work and illustrate the possible future works for this study.
13
CHAPTER TWO
STREAM CIPHERS AND PARALLELISM
2.0 Introduction
Cryptographic systems are designed to provide digital transmitted data with security attributes over un secured communication channels. Figure 2.1 sheds light on the main components of a conventional cryptosystem model to understand the environment that cryptographers are dealing with.
K* Cryptanalyst X*
X Y X Sender Encryption Decryption Receiver
Key Source
Figure 2.1: Model of conventional cryptosystem (Stalling, 2003)
This chapter will study the encryption component of the cryptosystem model as appears in Figure 2.1. The study will focus on one type of symmetric key algorithms called stream ciphers. The rest of this chapter will discuss the important
14 concepts of stream ciphers in terms of their design and mechanisms (Section 2.1). In
Section 2.2, we survey the existing stream ciphers and classify them into categories based on the similarity between these stream ciphers. Stream ciphers are found somehow lack some of security attributes, making them subject to cryptanalysis attacks.
It is obvious that sending the message X from the sender to the receiver is not simple due to the obstacles that might threaten the security (e.g. integrity, authenticity, confidentiality, etc) of the message. However, cryptosystems rely on some cryptographic primitives (e.g. Encryption, Digital Signatures, Certificates, etc) to provide the message with the required level of security. Cryptanalyst will sometimes be able to attack the encrypted message Y to remove the disguise and recover the message X using several cryptanalysis attacks. These attacks are basically generating a message estimate X* and a key estimate K* to recover either message X or key K, or even both.
The definition of the mathematical concepts related to NP hard problems, as well as survey the existing cryptosystems based on NP hard problems are discussed in Section 2.3. The use of complex mathematical problems is considered costly in terms of computation. The use of such problems will require the keystream generator to perform intensive calculations to generate the sequence of keystreams. One way to overcome this limitation is by applying parallelism to improve the performance of stream ciphers based on NP hard problems. Hence, parallel techniques and their usage in cryptographic applications are discussed in Section 2.4 and 2.5 respectively.
Finally, section 2.6 will summarize the important results obtained from the above analyzed survey.
15
2.1 Stream Ciphers: Concept and Definition
Cryptographic systems are divided into two types of systems: Secret key
(Symmetric) or Public key (Asymmetric) cryptosystems. In the later systems, the sender uses public information of the receiver to send a message to the receiver. The receiver then uses his private information to recover the original message. In secret key cryptosystems, both the sender and receiver have previously set up secret information in which they use this information for encryption and decryption.
Further division of symmetric cryptosystems is the block ciphers and stream ciphers.
Rueppel states: “Block ciphers operate with a fixed transformation on large blocks of plaintext data; stream ciphers operate with a time varying transformation on individual plaintext digit ” as quoted in (Robshaw, 1995).
Definition (Encryption): Let kk1, 2 ,..., kn ∈ K be a set of keystream in the key space
K, mm1, 2 ,..., mn ∈ M be a set of plaintext in the plaintext space M, and
cc, ,..., c∈ C be a set of ciphertext in the ciphertext space C. The encrypted 1 2 n ciphertext is generated by:
Em= cc, ,..., c ∈ C ∀i:1 ≤ i ≤ n ki ( i) 1 2 n (2.1)
From the above definition, the encryption process of a stream cipher Ek is
bijective for every k i . The plaintext space and key space are typically represented in bit or byte representations. Most importantly, keeping the key k is essential for the security of stream ciphers.
The idea of stream ciphers was inspired from the famous cipher called the
One time Pad (also called the Vernam cipher) (Mollin, 2007; Delfs, 2002). This
16 cipher is based on XOR’ing ( ⊕ ) the message bits and the key bits. The One time pad is defined by Delfs (2000) as in Equation 2.2:
E:{0,1}×→ {0,1} {0,1}, ( mkmk , ) →⊕ (2.2)
where plaintext, keystream and ciphertext bits are in the space {0, 1}. The encryption transformation is given by:
Em( ) = m ⊕ k = cC ∈ (2.3) kii i ii and the decryption transformation is given by:
Dc= c ⊕ k = m ∈ M (2.4) kii ( ) i i i
In One time pad cipher, a truly random key is generated and securely transmitted to the receiver. The length of the key is the same as the length of the transmitted message. On the other hand, most stream ciphers other than One time pad depend on the use of pseudorandom number generator (PRNG) instead of generating truly random key. Pseudorandom number generator generates key sequence (known also as keystream) that approximate the random numbers properties (Viega, 2003).
Generally, stream cipher uses n iterations to generate n successive keystream based on the stream cipher internal state. The mechanisms used in updating the internal state provide us with the classification of stream ciphers: Synchronous and
Asynchronous stream ciphers. The two types of the stream ciphers are discussed in
Sections 2.1.1 and 2.1.2 respectively.
17
2.1.1 Synchronous Stream Ciphers
A stream cipher is said to be synchronous if the next internal state used for generating new keystream is defined independently and without the use of either the plaintext or the ciphertext generated from the previous iteration as shown in Figure
2.2.
Keystream Keystream Generator K Generator
k i k i
m i E ci D m i k i k i
Encryption Decryption
Figure 2.2: Synchronous stream cipher (Mollin, 2007)
The encryption process of a synchronous stream cipher is best described by the following equations:
∂i+1 =NS( ∂ i , K ) , (2.5)
k= KG ∂ , K , (2.6) si ( i )
c= EN k, m (2.7) i( si i )
where ∂0 is the initial state determined by the input key K, NS is the next state
function, KG is the keystream generation function which generates ks , and EN is the
18 output function which generates the ciphered text ci by combining both the plaintext
m and the keystream k . i si
The properties of synchronous stream ciphers are summarized in the following points:
• Synchronization requirements: both of the sender and receiver must use the
same secret key and operating at the same position within that secret key for
proper decryption. This mechanism will ensure the synchronization between
the connected parties during the transmission process. The loss of
synchronization due to some modification on the ciphertext being transmitted
will fail the decryption process. In such case, a re synchronization process
such as re initialization or placing special marks at regular intervals in the
ciphertext is required.
• Error propagation: In synchronous stream ciphers, errors in ciphertext
symbols (digits or characters) during transmission do not propagate and affect
the decryption of other ciphertext symbols.
• Active attack: Any modification (insertion, deletion) or replay of ciphertext
symbols by an eavesdropper causes loss of synchronization, which allows the
receiver (decrypter) to detect the modification.
2.1.2 Asynchronous Stream Ciphers (self synchronous)
Unlike synchronous stream ciphers, self synchronous stream ciphers generate keystreams as a function of the key k and a fixed number of previous ciphertext
19 symbols (Stallings, 2006). In other words, self synchronous ciphers utilize plaintext in the process of generating a new keystream as shown in Figure 2.3.
Keystream Keystream Generator K Generator
k i k i
m i E ci D m i k i k i
Encryption Decryption
Figure 2.3: Asynchronous stream cipher
The encryption function of a self synchronous stream cipher is best described by the following equations:
∂i = (c itit−, c −+1 ,..., c i − 1 ) , (2.8)
k= KG ∂ , K , (2.9) si ( i )
c= EN k, m i( si i ) (2.10)
where ∂0 is the initial state, K is the input key, KG is the keystream generation
function which produces ks , and EN is the encryption function which combine both
of the keystream and plaintext mi to produce the ciphertext ci .
In this type of ciphers and unlike synchronous ciphers, the selection of the key may raise problem since any statistical regularities in the plaintext will show up
20 in the key (Bishop, 2003). Self synchronous stream ciphers have the following properties (Mollin, 2005):
• Synchronization requirements: the decryption process in self synchronous
stream ciphers basically depends on a fixed number N of preceding ciphertext
digits. Hence if modifications have been made on ciphertext digits during
transmission, self synchronization will take place.
• Error propagation: self synchronous ciphers are subjected to error
propagation due to the dependency of the keystream generation’s internal
state on the previous ciphertext digits of length N. When modifications on
ciphertext occur during transmission, decryption of up to r subsequent
ciphertext symbols may be incorrect, after which correct decryption resumes.
• Active attacks: any modification of ciphertext digits by an eavesdropper
causes multiple ciphertext symbols to be encrypted incorrectly. According to
Stallings (2003), detecting the modification in self synchronous stream
ciphers is more difficult than in synchronous stream ciphers.
During the process of designing a stream cipher, the cryptographer has to satisfy the following requirements (Lee, et al., 2002):
• Error Propagation: minimum number of redundant bits during the encryption
and decryption process.
• Redundant Information: minimum number of redundant bits during the
information insertion.
• Cryptographic Security: the length of the secret key should be long enough to
avoid exhaustive key search attack.
21
• Implementation Simplicity: the design of the stream cipher should be
suitable for both hardware and software implementations.
• Performance Speed: the stream cipher should be performable at minimum
speed of 1.544 Mbps.
2.2 Stream Ciphers: Categorization and Related Works
In contrast to block ciphers, stream ciphers have no standard model for their construction design, which leads cryptographers to construct various models of stream ciphers. The basic structures often found in stream ciphers may include
LFSR based cipher (Linear Feedback Shift Register), NLFSR based cipher (Non
Linear Feedback Shift Registers), Block cipher based stream cipher, T function based ciphers and other structures. However, this study classifies stream ciphers into categories whereby each category includes stream ciphers that share specific properties. Figure 2.4 shows the classification of different stream cipher algorithms as appears in the literature. Note that the classification is based on how keystream generators operate in generating the keystream.
In our classification, stream ciphers are divided into two main categories:
Hardware based and Software based stream ciphers. The classification aims to look at stream ciphers from the implementation perspectives in which we found that they fall into two categories (hardware implementation and software implementation stream ciphers). The third level on the hierarchy of the classification includes deeper categorization based on hardware or software related issues. The in depth classification of hardware based stream ciphers includes: FCSR/NLFSR based and
22 clock control and LFSR based stream ciphers. On the other hand, the software based stream cipher category includes: T Function based stream ciphers, Block cipher based stream ciphers, NP hard problem based stream ciphers (our proposed direction of stream ciphers) and other alternatives that do not fit into the previous categories.
23
Stream Ciphers
Hardware Based Software Based Hybrid Designs
Simple Logical NP hard Shift Registers T Function S Box Block Cipher & Arithmetic problems Operations
Shortest Vector in LFSR NLFSR/FCSR Clock Control Lattices
Proposed Stream Shrinking & self Elliptic Curve shrinking Stop & Go Discrete Log Ciphers
Discrete Log & Summation Cascades Polynomial
Boolean ABSG Decimation Functions Mechanism
Figure 2.4: Stream ciphers classifications
24