DOCSLIB.ORG

Boolean Functions in Cryptography Cheng-Xin Qu University of Wollongong

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

University of Wollongong Research Online University of Wollongong Thesis Collection University of Wollongong Thesis Collections 2000 Boolean functions in cryptography Cheng-Xin Qu University of Wollongong Recommended Citation Qu, Cheng-Xin, Boolean functions in cryptography, Doctor of Philosophy thesis, Department of Computer Science, University of Wollongong, 2000. http://ro.uow.edu.au/theses/1292 Research Online is the open access institutional repository for the University of Wollongong. For further information contact the UOW Library: [email protected] NIVERSITY u OF w OLLONGONG oolean Functions In Cryptography i A thesis submitted in fulfillment of the requirements for the award of the degree Doctor of Philosophy from UNIVERSITY OF WOLLONGONG by Cheng-Xin QU Computer Science Department November 2000 / © Copyright 2000 by Cheng-Xin QU All Rights Reserved n Dedicated to my mother, wife and son. iii Declaration This is to certify that the work reported in this thesis was done •f by the author, unless specified otherwise, and that no part of it has been submitted in a thesis to any other university or similar institution. Cheng-Xin QU November 29, 2000 iv Abstract This thesis is about Boolean functions and their cryptographic properties. Two kinds of Boolean functions are discussed - balanced functions and bent functions. In addition to surveying recent activities of research into Boolean functions, a new representation of bent functions - degree-3 homogeneous bent functions are discovered. The complete 7 set of degree-3 homogeneous bent functions on the lowest dimension Boolean spaces V6 is given. By using bent functions, some ways to construct highly nonlinear balanced Boolean functions are shown in this thesis, which yield a new property of bent func­ tions. The structure of degree-3 highly nonlinear homogeneous balanced functions is also discussed. These results are based on computer searching. The theory of sym­ metric groups is applied in the research. In this study symmetric groups are applied to Boolean functions. Any Boolean function on Vn has its own symmetric properties associated with the symmetric group Sn. The relations between Boolean functions and symmetric groups are highlighted. This may lead to a new way to design good S-boxes by using an additive group of Boolean functions which is a subset of the function group generated by the symmetric group. Because good symmetric properties have the poten­ tial to be faster for implementation, the applications of homogeneous Boolean functions taken as rotation functions are discussed. Bent-like balanced functions are very good candidates of Boolean functions for good S-box design. In a degree-3 homogeneous bent or balanced Boolean function, each term is considered as a three variety block. Then it is found that the homogeneous Boolean function is tightly related with block designs BIBD and PBIBD. So in this thesis, the method of combinatorial block designs to discuss Boolean functions is also used. The connection of symmetric group theory with Boolean functions is established. v Publications During the study, the author, in cooperation with supervisors and colleagues, has published and submitted some papers. There is the list of them showing how much work the author did in these papers. 1. J. Pieprzyk and C. Qu, Rotation-symmetric functions and fast hashing, Infor­ mation Security and Privacy - ACISP'98, Lecture Note in Computer Science, Springer-Verlag, Berlin Heidelberg New York Toyko, 1438:169-180, 1998. — This paper shows the symmetric properties of Boolean functions in fast im­ plementations. The author did about 50 percent of the work. 2. C. Qu and J. Seberry and J. Pieprzyk, On the symmetric properties of homoge­ neous Boolean functions, Information Security and Privacy - ACISP'99, Lecture Note in Computer Science, Springer-Verlag, Berlin Heidelberg New York Toyko, 1587:26-35, 1999. — In this paper, the symmetric properties of homogeneous Boolean functions are studied. The author did about 80 percent of the work. 3. J. Pieprzyk and C. Qu, Fast hashing and rotation-symmetric functions, Journal of Universal Computer Science, 5.1:20-31, 1999. — In this paper further study was taken on the symmetric properties of Boolean functions in fast implementations. The author did about 50 percent of the work. 4. C. Qu and J. Seberry and J. Pieprzyk, Homogeneous bent functions, Discrete Applied Mathematics, 102:133-139, 2000. — In this paper the bent functions that do not contain any quadratic terms were discovered. Block designs were involved to analyze homogeneous bent functions. The author did 80 percent of the work. (Note: The paper was finished in 1998 and was accepted in 1999.) vi 5. C. Qu, J. Seberry and J. Pieprzyk, Construction of highly nonlinear balanced Boolean, functions, (Submit to ASIACRYPT'2000). — This paper gave a new property of bent sequences and shown a few ways to construct highly nonlinear balanced Boolean functions. The author did 80 percent of the work. 6. C. Qu, J. Seberry and J. Pieprzyk, Relationships between Boolean functions and symmetric groups, (Accepted by ICS'2000), Taiwan, 2000. — In this paper symmetric group theory was applied for studying homogeneous Boolean functions and some relations between Boolean functions and symmetric groups were established. The author did about 80 percent of the work. 7. J. Seberry, T. Xia, C. Qu and J. Pieprzyk, Construction of highly non-linearity cubic homogeneous Boolean functions on GF(2)2n+l and their properties, (Sub­ mitted to Designs, Codes, and Cryptography), 1999. — In this paper, The author did about 25 percent of the work. vn Symbols Galois field with parameter 2 An n entry boolean space ) A vector in Vn Nonlinearity of the boolean function f(x) on Vn An affine boolean function on Vn A sequence of a linear boolean function Hamming weight, the number of Is in the sequence £ Hamming weight, the number of solutions of f(x) = l over Vn ) A variable vector in the boolean space Vn A boolean function on Vn A boolean function on the subspace Vs(c Vn) The Walsh-Hadamard transform of a boolean function f(x) on The 2n x 2" Sylvester-Hadamard matrix n Sequences (binary or ±1) with length 2 on Vn Boolean addition, 101=0, 100 = 1, 0©0 = 0 S-box, a mapping S(x) : Vn —> Vm The dual space of a subspace Vm C Vn Subset of Vn The dual set of the subset E The number -of all vectors in the space Vn Set The A;-th order propagation criteria Balanced incomplete block design Partial balanced incomplete block design vm Acknowledgements I wish to acknowledge the help of my supervisor Professor Jennifer Seberry whose knowledge, patience and enthusiasm have been a driving force behind this work. She devoted many hours to my studies not only on academic research but also with English language help. I would like to thank Associate,Professor Josef Pieprzyk, Co-supervisor, who gave me many ideas and suggestions which greatly benefited to my studies. I have also appreciated our talks with Dr M. Zhang, Dr C. Charnes and Mr T. Xia which gave me many hints that enriched the thesis. Here I express my deep appreciation to them. I wish to thank all the staff and students in the Center for Computer Security Research and School of IT & CS, University of Wollongong for the help, both academic and technical. IX Contents Abstract j v Publications vi / Acknowledgements ix 1 Introduction 1 1.1 Contributions to this thesis 1 1.2 Contents of the thesis 2 1.3 Further research problems .....' 4 2 Boolean spaces and Boolean functions 5 2.1 Review of Boolean functions in cryptography 5 2.2 Boolean space and Boolean functions 12 2.3 Cryptographic desirable characteristics of Boolean functions 16 2.4 Hadamard matrix and Walsh-Hadamard transformation 21 2.5 Construction of affine sequences 26 3 Bent Boolean functions and their constructions 29 3.1 Bent functions and their basic properties 29 3.2 Constructions for bent functions 34 3.3 Constructing bent sequences 40 3.4 Notes on the propagation criterion of degree / and order k 43 3.5 Partially-bent functions 45 3.6 Plateaued Boolean functions 49 4 The excess of Boolean functions and Hadamard transform 52 x 5 On the symmetric properties of Boolean functions 60 5.1 Symmetric group and Boolean functions 60 5.2 Homogeneous Boolean functions 67 5.3 Degree-3 homogeneous Bent Functions 73 5.4 Degree-3 homogeneous Balanced Functions 78 5.5 Degree-3 homogeneous Boolean functions 81 6 Balanced Boolean functions 84 6.1 Balanced Boolean functions with high nonlinearity and good propaga­ tion criteria , 84 6.2 Concatenating functions 88 6.3 Constructions for highly nonlinear balanced Boolean functions by bent functions 93 6.4 Constructions for highly nonlinear balanced Boolean functions by highly nonlinear non-balanced Boolean functions 96 7 Block designs and degree-3 homogeneous functions 98 7.1 Introduction of BIBD and PBIBD 98 7.2 Designs for highly nonlinear homogeneous Boolean functions 102 8 The applications of degree-3 homogeneous Boolean functions 108 8.1 Motivation 109 8.2 Definition of Rotation-Symmetric Boolean Functions 110 8.3 Properties of Rotation-Symmetric Functions Ill 8.4 Balanced Rotation-Symmetric Boolean Functions 113 8.5 Evaluation of Functions 115 8.6 Extensions and Further Research 116 A Homogeneous bent functions on 14 118 B Homogeneous balanced functions 121 C Homogeneous functions with the highest nonlinearity 137 Bibliography 139 xi Chapter 1 Introduction This chapter contains three parts. In the first part, the author's contributions to this thesis are declared. In the second part, the contents in the following chapters are summarized. In the last part, some open problems related to the thesis are listed. 1.1 Contributions to this thesis In chapter 2 and 3, Boolean functions and bent functions are characterized from the viewpoint of cryptography.
Recommended publications
  • Vector Boolean Functions: Applications in Symmetric Cryptography

    Vector Boolean Functions: Applications in Symmetric Cryptography

    Vector Boolean Functions: Applications in Symmetric Cryptography José Antonio Álvarez Cubero Departamento de Matemática Aplicada a las Tecnologías de la Información y las Comunicaciones Universidad Politécnica de Madrid This dissertation is submitted for the degree of Doctor Ingeniero de Telecomunicación Escuela Técnica Superior de Ingenieros de Telecomunicación November 2015 I would like to thank my wife, Isabel, for her love, kindness and support she has shown during the past years it has taken me to finalize this thesis. Furthermore I would also liketo thank my parents for their endless love and support. Last but not least, I would like to thank my loved ones such as my daughter and sisters who have supported me throughout entire process, both by keeping me harmonious and helping me putting pieces together. I will be grateful forever for your love. Declaration The following papers have been published or accepted for publication, and contain material based on the content of this thesis. 1. [7] Álvarez-Cubero, J. A. and Zufiria, P. J. (expected 2016). Algorithm xxx: VBF: A library of C++ classes for vector Boolean functions in cryptography. ACM Transactions on Mathematical Software. (In Press: http://toms.acm.org/Upcoming.html) 2. [6] Álvarez-Cubero, J. A. and Zufiria, P. J. (2012). Cryptographic Criteria on Vector Boolean Functions, chapter 3, pages 51–70. Cryptography and Security in Computing, Jaydip Sen (Ed.), http://www.intechopen.com/books/cryptography-and-security-in-computing/ cryptographic-criteria-on-vector-boolean-functions. (Published) 3. [5] Álvarez-Cubero, J. A. and Zufiria, P. J. (2010). A C++ class for analysing vector Boolean functions from a cryptographic perspective.
  • A Quantitative Study of Advanced Encryption Standard Performance

    A Quantitative Study of Advanced Encryption Standard Performance

    United States Military Academy USMA Digital Commons West Point ETD 12-2018 A Quantitative Study of Advanced Encryption Standard Performance as it Relates to Cryptographic Attack Feasibility Daniel Hawthorne United States Military Academy, [email protected] Follow this and additional works at: https://digitalcommons.usmalibrary.org/faculty_etd Part of the Information Security Commons Recommended Citation Hawthorne, Daniel, "A Quantitative Study of Advanced Encryption Standard Performance as it Relates to Cryptographic Attack Feasibility" (2018). West Point ETD. 9. https://digitalcommons.usmalibrary.org/faculty_etd/9 This Doctoral Dissertation is brought to you for free and open access by USMA Digital Commons. It has been accepted for inclusion in West Point ETD by an authorized administrator of USMA Digital Commons. For more information, please contact [email protected]. A QUANTITATIVE STUDY OF ADVANCED ENCRYPTION STANDARD PERFORMANCE AS IT RELATES TO CRYPTOGRAPHIC ATTACK FEASIBILITY A Dissertation Presented in Partial Fulfillment of the Requirements for the Degree of Doctor of Computer Science By Daniel Stephen Hawthorne Colorado Technical University December, 2018 Committee Dr. Richard Livingood, Ph.D., Chair Dr. Kelly Hughes, DCS, Committee Member Dr. James O. Webb, Ph.D., Committee Member December 17, 2018 © Daniel Stephen Hawthorne, 2018 1 Abstract The advanced encryption standard (AES) is the premier symmetric key cryptosystem in use today. Given its prevalence, the security provided by AES is of utmost importance. Technology is advancing at an incredible rate, in both capability and popularity, much faster than its rate of advancement in the late 1990s when AES was selected as the replacement standard for DES. Although the literature surrounding AES is robust, most studies fall into either theoretical or practical yet infeasible.
  • Quasi-Orthogonal Sequences for Code-Division Multiple-Access Systems Kyeongcheol Yang, Member, IEEE, Young-Ky Kim, and P

    Quasi-Orthogonal Sequences for Code-Division Multiple-Access Systems Kyeongcheol Yang, Member, IEEE, Young-Ky Kim, and P

    982 IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 46, NO. 3, MAY 2000 Quasi-Orthogonal Sequences for Code-Division Multiple-Access Systems Kyeongcheol Yang, Member, IEEE, Young-Ky Kim, and P. Vijay Kumar, Member, IEEE Abstract—In this paper, the notion of quasi-orthogonal se- correlation between two binary sequences and of quence (QOS) as a means of increasing the number of channels the same length is given by in synchronous code-division multiple-access (CDMA) systems that employ Walsh sequences for spreading information signals and separating channels is introduced. It is shown that a QOS sequence may be regarded as a class of bent (almost bent) functions possessing, in addition, a certain window property. Such sequences while increasing system capacity, minimize interference where is computed modulo for all . It is easily to the existing set of Walsh sequences. The window property gives shown that where denotes the the system the ability to handle variable data rates. A general procedure of constructing QOS's from well-known families of Hamming distance of two vectors and . Two sequences are binary sequences with good correlation, including the Kasami and said to be orthogonal if their correlation is zero. Gold sequence families, as well as from the binary Kerdock code Let be a family of binary is provided. Examples of QOS's are presented for small lengths. sequences of period . The family is said to be orthogonal if Some examples of quaternary QOS's drawn from Family are any two sequences are mutually orthogonal, that is, also included. for any and . For example, the Walsh sequence family of Index Terms—Bent functions, code-division multiple-access sys- length is orthogonal.
  • Fast Hashing and Stream Encryption with Panama

    Fast Hashing and Stream Encryption with Panama

    Fast Hashing and Stream Encryption with Panama Joan Daemen1 and Craig Clapp2 1 Banksys, Haachtesteenweg 1442, B-1130 Brussel, Belgium [email protected] 2 PictureTel Corporation, 100 Minuteman Rd., Andover, MA 01810, USA [email protected] Abstract. We present a cryptographic module that can be used both as a cryptographic hash function and as a stream cipher. High performance is achieved through a combination of low work-factor and a high degree of parallelism. Throughputs of 5.1 bits/cycle for the hashing mode and 4.7 bits/cycle for the stream cipher mode are demonstrated on a com- mercially available VLIW micro-processor. 1 Introduction Panama is a cryptographic module that can be used both as a cryptographic hash function and a stream cipher. It is designed to be very efficient in software implementations on 32-bit architectures. Its basic operations are on 32-bit words. The hashing state is updated by a parallel nonlinear transformation, the buffer operates as a linear feedback shift register, similar to that applied in the compression function of SHA [6]. Panama is largely based on the StepRightUp stream/hash module that was described in [4]. Panama has a low per-byte work factor while still claiming very high security. The price paid for this is a relatively high fixed computational overhead for every execution of the hash function. This makes the Panama hash function less suited for the hashing of messages shorter than the equivalent of a typewritten page. For the stream cipher it results in a relatively long initialization procedure. Hence, in applications where speed is critical, too frequent resynchronization should be avoided.
  • A Construction of Bent Functions with Optimal Algebraic Degree and Large Symmetric Group

    A Construction of Bent Functions with Optimal Algebraic Degree and Large Symmetric Group

    Advances in Mathematics of Communications doi:10.3934/amc.2020003 Volume 14, No. 1, 2020, 23{33 A CONSTRUCTION OF BENT FUNCTIONS WITH OPTIMAL ALGEBRAIC DEGREE AND LARGE SYMMETRIC GROUP Wenying Zhang and Zhaohui Xing School of Information Science and Engineering, Shandong Normal University Jinan 250014, China Keqin Feng Department of Mathematical Sciences, Tsinghua University Beijing, 100084 China State Key Lab. of Cryptology, P.O.Box 5159 Beijing 100878 China (Communicated by Sihem Mesnager) Abstract. As maximal, nonlinear Boolean functions, bent functions have many theoretical and practical applications in combinatorics, coding theory, and cryptography. In this paper, we present a construction of bent function m fa;S with n = 2m variables for any nonzero vector a 2 F2 and subset S m of F2 satisfying a + S = S. We give a simple expression of the dual bent function of fa;S and prove that fa;S has optimal algebraic degree m if and only if jSj ≡ 2(mod4). This construction provides a series of bent functions with optimal algebraic degree and large symmetric group if a and S are chosen properly. We also give some examples of those bent functions fa;S and their dual bent functions. 1. Introduction Bent functions were introduced by Rothaus [17] in 1976 and studied by Dillon [7] in 1974 with their equivalent combinatorial objects: Hadamard difference sets in elementary 2-groups. Bent functions are equidistant from all the affine func- tions, so it is equally hard to approximate with any affine function. Given such good properties, bent functions are the ideal choice for secure cryptographic func- tions.
  • Constructing Low-Weight Dth-Order Correlation-Immune Boolean Functions Through the Fourier-Hadamard Transform Claude Carlet and Xi Chen*

    Constructing Low-Weight Dth-Order Correlation-Immune Boolean Functions Through the Fourier-Hadamard Transform Claude Carlet and Xi Chen*

    1 Constructing low-weight dth-order correlation-immune Boolean functions through the Fourier-Hadamard transform Claude Carlet and Xi Chen* Abstract The correlation immunity of Boolean functions is a property related to cryptography, to error correcting codes, to orthogonal arrays (in combinatorics, which was also a domain of interest of S. Golomb) and in a slightly looser way to sequences. Correlation-immune Boolean functions (in short, CI functions) have the property of keeping the same output distribution when some input variables are fixed. They have been widely used as combiners in stream ciphers to allow resistance to the Siegenthaler correlation attack. Very recently, a new use of CI functions has appeared in the framework of side channel attacks (SCA). To reduce the cost overhead of counter-measures to SCA, CI functions need to have low Hamming weights. This actually poses new challenges since the known constructions which are based on properties of the Walsh-Hadamard transform, do not allow to build unbalanced CI functions. In this paper, we propose constructions of low-weight dth-order CI functions based on the Fourier- Hadamard transform, while the known constructions of resilient functions are based on the Walsh-Hadamard transform. We first prove a simple but powerful result, which makes that one only need to consider the case where d is odd in further research. Then we investigate how constructing low Hamming weight CI functions through the Fourier-Hadamard transform (which behaves well with respect to the multiplication of Boolean functions). We use the characterization of CI functions by the Fourier-Hadamard transform and introduce a related general construction of CI functions by multiplication.
  • Ohio IT Standard ITS-SEC-01 Data Encryption and Cryptography

    Ohio IT Standard ITS-SEC-01 Data Encryption and Cryptography

    Statewide Standard State of Ohio IT Standard Standard Number: Title: ITS-SEC-01 Data Encryption and Cryptography Effective Date: Issued By: 03/12/2021 Ervan D. Rodgers II, Assistant Director/State Chief Information Officer Office of Information Technology Ohio Department of Administrative Services Version Identifier: Published By: 2.0 Investment and Governance Division Ohio Office of Information Technology 1.0 Purpose This state IT standard defines the minimum requirements for cryptographic algorithms that are cryptographically strong and are used in security services that protect at-risk or sensitive data as defined and required by agency or State policy, standard or rule. This standard does not classify data elements; does not define the security schemes and mechanisms for devices such as tape backup systems, storage systems, mobile computers or removable media; and does not identify or approve secure transmission protocols that may be used to implement security requirements. 2.0 Scope Pursuant to Ohio Administrative Policy IT-01, “Authority of the State Chief Information Officer to Establish Ohio IT Policy,” this state IT standard is applicable to every organized body, office, or agency established by the laws of the state for the exercise of any function of state government except for those specifically exempted. 3.0 Background The National Institute for Science and Technology (NIST) conducts extensive research and development in cryptography techniques. Their publications include technical standards for data encryption, digital signature and message authentication as well as guidelines for implementing information security and managing cryptographic keys. These standards and guidelines have been mandated for use in federal agencies and adopted by state governments and private enterprises.
  • Cryptanalysis of MD4

    Cryptanalysis of MD4

    Cryptanalysis of MD4 Hans Dobbertin German Information Security Agency P. O. Box 20 03 63 D-53133 Bonn e-maih dobbert inQskom, rhein .de Abstract. In 1990 Rivest introduced the hash function MD4. Two years later RIPEMD, a European proposal, was designed as a stronger mode of MD4. Recently wc have found an attack against two of three rounds of RIPEMD. As we shall show in the present note, the methods developed to attack RIPEMD can be modified and supplemented such that it is possible to break the full MD4, while previously only partial attacks were known. An implementation of our attack allows to find collisions for MD4 in a few seconds on a PC. An example of a collision is given demonstrating that our attack is of practical relevance. 1 Introduction Rivest [7] introduced the hash function MD4 in 1990. The MD4 algorithm is defined as an iterative application of a three-round compress function. After an unpublished attack on the first two rounds of MD4 due to Merkle and an attack against the last two rounds by den Boer and Bosselaers [2], Rivest introduced the strengthened version MD5 [8]. The most important difference to MD4 is the adding of a fourth round. On the other hand the stronger mode RIPEMD [1] of MD4 was designed as a European proposal in 1992. The compress function of RIPEMD consists of two parallel lines of a modified version of the MD4 compress function. In [4] we have shown that if the first or the last round of its compress function is omitted, then RIPEMD is not collision-free.
  • State of the Art in Lightweight Symmetric Cryptography

    State of the Art in Lightweight Symmetric Cryptography

    State of the Art in Lightweight Symmetric Cryptography Alex Biryukov1 and Léo Perrin2 1 SnT, CSC, University of Luxembourg, [email protected] 2 SnT, University of Luxembourg, [email protected] Abstract. Lightweight cryptography has been one of the “hot topics” in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products. In this paper, we discuss the different implementation constraints that a “lightweight” algorithm is usually designed to satisfy. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (nist...) and international (iso/iec...) standards are listed. We then discuss some trends we identified in the design of lightweight algorithms, namely the designers’ preference for arx-based and bitsliced-S-Box-based designs and simple key schedules. Finally, we argue that lightweight cryptography is too large a field and that it should be split into two related but distinct areas: ultra-lightweight and IoT cryptography. The former deals only with the smallest of devices for which a lower security level may be justified by the very harsh design constraints. The latter corresponds to low-power embedded processors for which the Aes and modern hash function are costly but which have to provide a high level security due to their greater connectivity. Keywords: Lightweight cryptography · Ultra-Lightweight · IoT · Internet of Things · SoK · Survey · Standards · Industry 1 Introduction The Internet of Things (IoT) is one of the foremost buzzwords in computer science and information technology at the time of writing.
  • Construction of Stream Ciphers from Block Ciphers and Their Security

    Construction of Stream Ciphers from Block Ciphers and Their Security

    Sridevi, International Journal of Computer Science and Mobile Computing, Vol.3 Issue.9, September- 2014, pg. 703-714 Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology ISSN 2320–088X IJCSMC, Vol. 3, Issue. 9, September 2014, pg.703 – 714 RESEARCH ARTICLE Construction of Stream Ciphers from Block Ciphers and their Security Sridevi, Assistant Professor, Department of Computer Science, Karnatak University, Dharwad Abstract: With well-established encryption algorithms like DES or AES at hand, one could have the impression that most of the work for building a cryptosystem -for example a suite of algorithms for the transmission of encrypted data over the internet - is already done. But the task of a cipher is very specific: to encrypt or decrypt a data block of a specified length. Given an plaintext of arbitrary length, the most simple approach would be to break it down to blocks of the desired length and to use padding for the final block. Each block is encrypted separately with the same key, which results in identical ciphertext blocks for identical plaintext blocks. This is known as Electronic Code Book (ECB) mode of operation, and is not recommended in many situations because it does not hide data patterns well. Furthermore, ciphertext blocks are independent from each other, allowing an attacker to substitute, delete or replay blocks unnoticed. The feedback modes in fact turn the block cipher into a stream cipher by using the algorithm as a keystream generator. Since every mode may yield different usage and security properties, it is necessary to analyse them in detail.
  • Chapter 2 the Data Encryption Standard (DES)

    Chapter 2 the Data Encryption Standard (DES)

    Chapter 2 The Data Encryption Standard (DES) As mentioned earlier there are two main types of cryptography in use today - symmet- ric or secret key cryptography and asymmetric or public key cryptography. Symmet- ric key cryptography is the oldest type whereas asymmetric cryptography is only being used publicly since the late 1970’s1. Asymmetric cryptography was a major milestone in the search for a perfect encryption scheme. Secret key cryptography goes back to at least Egyptian times and is of concern here. It involves the use of only one key which is used for both encryption and decryption (hence the use of the term symmetric). Figure 2.1 depicts this idea. It is necessary for security purposes that the secret key never be revealed. Secret Key (K) Secret Key (K) ? ? - - - - Plaintext (P ) E{P,K} Ciphertext (C) D{C,K} Plaintext (P ) Figure 2.1: Secret key encryption. To accomplish encryption, most secret key algorithms use two main techniques known as substitution and permutation. Substitution is simply a mapping of one value to another whereas permutation is a reordering of the bit positions for each of the inputs. These techniques are used a number of times in iterations called rounds. Generally, the more rounds there are, the more secure the algorithm. A non-linearity is also introduced into the encryption so that decryption will be computationally infeasible2 without the secret key. This is achieved with the use of S-boxes which are basically non-linear substitution tables where either the output is smaller than the input or vice versa. 1It is claimed by some that government agencies knew about asymmetric cryptography before this.
  • Implementation of Advanced Encryption Standard Algorithm

    Implementation of Advanced Encryption Standard Algorithm

    International Journal of Scientific & Engineering Research Volume 3, Issue 3, March -2012 1 ISSN 2229-5518 Implementation of Advanced Encryption Standard Algorithm M.Pitchaiah, Philemon Daniel, Praveen Abstract—Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication and data origin authentication. In data and telecommunications, cryptography is necessary when communicating over any unreliable medium, which includes any network particularly the internet. In this paper, a 128 bit AES encryption and Decryption by using Rijndael algorithm (Advanced Encryption Standard algorithm) is been made into a synthesizable using Verilog code which can be easily implemented on to FPGA. The algorithm is composed of three main parts: cipher, inverse cipher and Key Expansion. Cipher converts data to an unintelligible form called plaintext. Key Expansion generates a Key schedule that is used in cipher and inverse cipher procedure. Cipher and inverse cipher are composed of special number of rounds. For the AES algorithm, the number of rounds to be performed during the execution of the algorithm uses a round function that is composed of four different byte-oriented transformations: Sub Bytes, Shift Rows, Mix columns and Add Round Key. Index Terms—Advanced Encryption Standard, Cryptography, Decryption, Encryption. I. INTRODUCTION standard explicitly defines the allowed values for the key T HE Cryptography plays an important role in the security of length (Nk), block size (Nb), and number of rounds (Nr). data transmission [1]. This paper addresses efficient hardware B. AES Algorithm Specification implementation of the AES (Advanced Encryption Standard) algorithm and describes the design and performance testing of For the AES algorithm, the length of the input block, the Rijndael algorithm [3].