DOCSLIB.ORG

An Introduction to Cryptography

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
An Introduction to Cryptography An Introduction to Cryptography Edward J. Delp Purdue University School of Electrical and Computer Engineering Video and Image Processing Laboratory (VIPER) West Lafayette, Indiana email: [email protected] http://www.ece.purdue.edu/~ace EPICS Spring 2003 Slide 1 Course Goals • Provide an introduction to modern cryptography and overview its use EPICS Spring 2003 Slide 2 Digital Communication System EPICS Spring 2003 Slide 3 Cryptography • Analog Techniques • Digital Techniques EPICS Spring 2003 Slide 4 Cryptography - History • Very rich history – Mary Queen of Scots – WWII Admiral Yamamoto – WWII Ultra (Enigma Machine) • “Modern” Cryptography after World War II – NSA • Popular interest since about 1978 http://www.cybercrimes.net/Cryptography/Articles/Hebert. html http://www.ics.uci.edu/~ics54/doc/security/pkhistory.html EPICS Spring 2003 Slide 5 Goals • Privacy - protect information from unauthorized users • Authentication - “are you who you say you are” EPICS Spring 2003 Slide 6 “Drivers” of Modern Cryptography • Prime Number Generation – integer factorization • Random Number Generation EPICS Spring 2003 Slide 7 Why Is It Now Popular • Driven by everything “digital” • Most work to date devoted to text-based or character- based data EPICS Spring 2003 Slide 8 Export Controls • The export of encryption software and hardware is controlled by the US government • Can cause a problem if encryption is included in a product and it is desired to sell it outside the US http://www.rsasecurity.com/rsalabs/faq/6-4.html http://www.bxa.doc.gov/Encryption/Default.htm EPICS Spring 2003 Slide 9 Cryptography • Code - exploit the linguistic properties of a language • Cipher - do not exploit linguistic properties EPICS Spring 2003 Slide 10 Cryptography P - plaintext C - ciphertext EPICS Spring 2003 Slide 11 Cryptography • A special form of computation used to protect a plain- text message • The “security” of the system is based on the difficulty of the “inverse” computation without special “side information” known as “keys” EPICS Spring 2003 Slide 12 Unbreakable Ciphers? • Are there unbreakable ciphers? – Shannon showed that “unbreakable” systems exists – “one time pad” - form of a stream cipher • difficult to manage http://www.ranum.com/pubs/otpfaq/ http://world.std.com/~franl/crypto/one-time-pad.html EPICS Spring 2003 Slide 13 Unbreakable Ciphers? • certificational security – secure because it has withstood the test of time in that no attacks have been successful • provable security – successfully attacking a provable system is identical to attacking a classically know “hard” problem “A Note on the Security of the OAEP-Enhanced RSA Public-Key Encryption Scheme,” RSA Laboratories Bulletin Number 9, February 23, 1999. EPICS Spring 2003 Slide 14 Cryptanalysis • Used to break or attack cipher systems • Attack can be brute force (exhaustive search on the keyspace) • Exploit vulnerabilities in the cipher system or the way it is used • “Black bag jobs” • “rubber hose” techniques • “purchase key” technique • “dumpster diving” • social engineering EPICS Spring 2003 Slide 15 Cryptanalysis • Known plaintext • Known ciphertext • Chosen plaintext • Cripping • Differential approaches • Traffic flow analysis • Exploit “poor” use of the encryption system EPICS Spring 2003 Slide 16 Cryptanalysis • How do you know when you have been success in your attack? • Shannon showed this using the unicity distance: log K n = 2 RL log2 P K - key space, P - plaintext, RL - redundancy in plaintext EPICS Spring 2003 Slide 17 Cryptanalysis • Unicity distance indicates much ciphertext is needed to ensure there is only one plaintext that corresponds to this ciphertext - “spurious keys” • Example - simple letter substitution cipher P = 26; K = 26!; RL = 0.75 n = 25 • hence given a ciphertext of 25 letters a unique decryption is possible EPICS Spring 2003 Slide 18 Why Use Encryption? • Enhance ability to conduct global commerce • Privacy • Authentication EPICS Spring 2003 Slide 19 Cryptographic Systems • Protocols describe how encryption system is used • In many cases the security of the system is compromised by the protocol and NOT the encryption algorithm – “man in the middle” attack EPICS Spring 2003 Slide 20 Types of Cryptographic Systems C = S(P) S(·) - encryption function P = H(C) H(·) - decryption function EPICS Spring 2003 Slide 21 Types of Cryptographic Systems • Totally Secret – Kerckhoff’s Principle - “The security of any cipher lies in the key and NOT in the algorithm.” • Public Algorithm (Secret Key) • Public Key System EPICS Spring 2003 Slide 22 Types of Cryptographic Systems Totally secret systems - all aspects of the encryption/decryption is secret EPICS Spring 2003 Slide 23 Public Algorithm • Algorithms are known but parameters (keys) are secret C = Sk(P) P = Hk(C) K » key • Use same key for enciphering and deciphering • Block Ciphers -- DES, IDEA, Twofish, TEA • Stream Ciphers • Problem: key management EPICS Spring 2003 Slide 24 Public Key Cryptography • Two keys E ~ enciphering key D ~ deciphering key C = SE(P) P= HD(C) • Computationally infeasible to derive D from E • Each user could publish E in a “public key directory” EPICS Spring 2003 Slide 25 Public Key Cryptography • No problem with key distribution - really? – fronting attacks – “man in the middle” attack • Authentication - use private deciphering key to enciphering a message EPICS Spring 2003 Slide 26 Authentication • Two keys E ~ enciphering key D ~ deciphering key Ca = SD(P) - encipher with private key P= HE(Ca) - decipher with public key The message P has been “signed” EPICS Spring 2003 Slide 27 Public Key Cryptography • Must protect public key directory • Application of the use of signatures • Certify the public key with a broker of trust (the US Post Office?!) EPICS Spring 2003 Slide 28 History of Public Key Cryptography • Diffie, Hellman, and Merkle are credited with being the inventors of public key cryptography – W. Diffie and M.E. Hellman, “Privacy and Authentication: An Introduction to Cryptography,” Proceedings of the IEEE, Vol. 67, No. 3, March 1979, pp. 397-427. • British claim they did it in 1970 (http://www.gchq.gov.uk/about/history.html) • NSA claim they also invented it http://www.research.att.com/~smb/nsam-160/ EPICS Spring 2003 Slide 29 Key Management • Block Ciphers - how do you distribute keys • Public Key - protect public key directory • Political issue - key recovery EPICS Spring 2003 Slide 30 Clipper and Capstone Escrowed Encryption Standard, also known as “CLIPPER,” is a cryptographic device intended to protect private communications while at the same time permitting government agents to obtain the "keys" upon presentation of "legal authorization." The "keys" would be held by two government "escrow agents" and would enable the government to access the encrypted private communication. (February 4, 1992) Clipper would be used to encrypt voice transmissions, a similar device known as Capstone would be used to encrypt data. Both systems based on the SKIPJACK algorithm. http://www.eff.org/pub/Privacy/Clipper/ EPICS Spring 2003 Slide 31 Encryption Systems • Trapdoor Functions - easily computable functions with a computationally infeasible inverse (without use of special knowledge) EPICS Spring 2003 Slide 32 Public Key Systems • Trapdoor-Knapsack System (Merkle and Hellman) • Discrete Log (El Gamal) • RSA (Rivest, Shamir, Adleman) • Elliptic Curve Methods EPICS Spring 2003 Slide 33 Knapsack System Subset Sum Problem: Given positive integers a1, a2, …, an and positive integer c, determine the subset of the integers which sum to c. EPICS Spring 2003 Slide 34 “Hard Knapsack” Assume the source produces binary words of n bits X = (x1, x2, …, xn) xi Î { 0, 1 } A = (a1, a2, …, an) n c = A · X = åai · xi i=1 EPICS Spring 2003 Slide 35 “Easy Knapsack” A¢ = (a1¢,a2¢,L,an¢ ) i-1 ai¢ > åa¢j j=1 A¢ = (3, 5, 11, 20, 41 ,83, 169, 340, 679, 1358) c¢ = A¢ · X c¢ = 1260 a10¢ = 1358 > c¢ Þ x10 = 0 EPICS Spring 2003 Slide 36 “Easy Knapsack” = 679 < c¢ Þ x = 1 a9¢ 9 1260 - 679 = 581 a8¢ = 350 < 581 Þ x8 =1 X = (0011101110) “Easy” Knapsack is too easy! EPICS Spring 2003 Slide 37 “Moderately” Hard Knapsack Choose two large positive numbers w and m ai = ai¢w mod(m) Example: w = 764 m = 2731 a4¢ = 20 a4 = 20 x 764 mod (2731) = 1625 EPICS Spring 2003 Slide 38 “Moderately” Hard Knapsack A - public enciphering key A¢ , w, and m - private deciphering key c = A· X w-1w mod(m) = 1 -1 w = 1605 n ¢ -1 ¢ -1 c = cw mod(m) c = å xiaiw mod(m) i a w-1 mod(m) = i ai¢ c ¢ ~ easy knapsack EPICS Spring 2003 Slide 39 Knapsack Attack • Shamir proposed an interesting attack on the Knapsack system: – A. Shamir and R.E. Zippel, "On the Security of the Merkle-Hellman Cryptographic System," IEEE Transactions on Information Theory, Vol. 26, No. 3, May 1980, pp. 339-340. – A. Shamir, "A Polynomial-Time Algorithm for Breaking the Basic Merkle-Hellman Cryptosystem," IEEE Transactions on Information Theory, Vol. 30, No. 5, September 1984, pp. 699-704. EPICS Spring 2003 Slide 40 Block Ciphers Encipher block of x bits using y bits of key to produce x bits of ciphertext • Message extension • Substitution cipher EPICS Spring 2003 Slide 41 Block Cipher • Think of substitution operation as a permutation • (2x)! Permutations x • Key requires log2[(2 )!] bits – are all keys equally likely? Þ entropy of the key space EPICS Spring 2003 Slide 42 Block Ciphers Problems • Vulnerable to statistical attacks • Vulnerable to dictionary attacks EPICS Spring 2003 Slide 43 Triple Encryption • Use block cipher three times – Tuchman, W, “Hellman Presents
Load more

Recommended publications
  • Impossible Differentials in Twofish
    Twofish Technical Report #5 Impossible differentials in Twofish Niels Ferguson∗ October 19, 1999 Abstract We show how an impossible-differential attack, first applied to DEAL by Knudsen, can be applied to Twofish. This attack breaks six rounds of the 256-bit key version using 2256 steps; it cannot be extended to seven or more Twofish rounds. Keywords: Twofish, cryptography, cryptanalysis, impossible differential, block cipher, AES. Current web site: http://www.counterpane.com/twofish.html 1 Introduction 2.1 Twofish as a pure Feistel cipher Twofish is one of the finalists for the AES [SKW+98, As mentioned in [SKW+98, section 7.9] and SKW+99]. In [Knu98a, Knu98b] Lars Knudsen used [SKW+99, section 7.9.3] we can rewrite Twofish to a 5-round impossible differential to attack DEAL. be a pure Feistel cipher. We will demonstrate how Eli Biham, Alex Biryukov, and Adi Shamir gave the this is done. The main idea is to save up all the ro- technique the name of `impossible differential', and tations until just before the output whitening, and applied it with great success to Skipjack [BBS99]. apply them there. We will use primes to denote the In this report we show how Knudsen's attack can values in our new representation. We start with the be applied to Twofish. We use the notation from round values: [SKW+98] and [SKW+99]; readers not familiar with R0 = ROL(Rr;0; (r + 1)=2 ) the notation should consult one of these references. r;0 b c R0 = ROR(Rr;1; (r + 1)=2 ) r;1 b c R0 = ROL(Rr;2; r=2 ) 2 The attack r;2 b c R0 = ROR(Rr;3; r=2 ) r;3 b c Knudsen's 5-round impossible differential works for To get the same output we update the rule to com- any Feistel cipher where the round function is in- pute the output whitening.
    [Show full text]
  • On the Decorrelated Fast Cipher (DFC) and Its Theory
    On the Decorrelated Fast Cipher (DFC) and Its Theory Lars R. Knudsen and Vincent Rijmen ? Department of Informatics, University of Bergen, N-5020 Bergen Abstract. In the first part of this paper the decorrelation theory of Vaudenay is analysed. It is shown that the theory behind the propo- sed constructions does not guarantee security against state-of-the-art differential attacks. In the second part of this paper the proposed De- correlated Fast Cipher (DFC), a candidate for the Advanced Encryption Standard, is analysed. It is argued that the cipher does not obtain prova- ble security against a differential attack. Also, an attack on DFC reduced to 6 rounds is given. 1 Introduction In [6,7] a new theory for the construction of secret-key block ciphers is given. The notion of decorrelation to the order d is defined. Let C be a block cipher with block size m and C∗ be a randomly chosen permutation in the same message space. If C has a d-wise decorrelation equal to that of C∗, then an attacker who knows at most d − 1 pairs of plaintexts and ciphertexts cannot distinguish between C and C∗. So, the cipher C is “secure if we use it only d−1 times” [7]. It is further noted that a d-wise decorrelated cipher for d = 2 is secure against both a basic linear and a basic differential attack. For the latter, this basic attack is as follows. A priori, two values a and b are fixed. Pick two plaintexts of difference a and get the corresponding ciphertexts.
    [Show full text]
  • Report on the AES Candidates
    Rep ort on the AES Candidates 1 2 1 3 Olivier Baudron , Henri Gilb ert , Louis Granb oulan , Helena Handschuh , 4 1 5 1 Antoine Joux , Phong Nguyen ,Fabrice Noilhan ,David Pointcheval , 1 1 1 1 Thomas Pornin , Guillaume Poupard , Jacques Stern , and Serge Vaudenay 1 Ecole Normale Sup erieure { CNRS 2 France Telecom 3 Gemplus { ENST 4 SCSSI 5 Universit e d'Orsay { LRI Contact e-mail: [email protected] Abstract This do cument rep orts the activities of the AES working group organized at the Ecole Normale Sup erieure. Several candidates are evaluated. In particular we outline some weaknesses in the designs of some candidates. We mainly discuss selection criteria b etween the can- didates, and make case-by-case comments. We nally recommend the selection of Mars, RC6, Serp ent, ... and DFC. As the rep ort is b eing nalized, we also added some new preliminary cryptanalysis on RC6 and Crypton in the App endix which are not considered in the main b o dy of the rep ort. Designing the encryption standard of the rst twentyyears of the twenty rst century is a challenging task: we need to predict p ossible future technologies, and wehavetotake unknown future attacks in account. Following the AES pro cess initiated by NIST, we organized an op en working group at the Ecole Normale Sup erieure. This group met two hours a week to review the AES candidates. The present do cument rep orts its results. Another task of this group was to up date the DFC candidate submitted by CNRS [16, 17] and to answer questions which had b een omitted in previous 1 rep orts on DFC.
    [Show full text]
  • The Long Road to the Advanced Encryption Standard
    The Long Road to the Advanced Encryption Standard Jean-Luc Cooke CertainKey Inc. [email protected], http://www.certainkey.com/˜jlcooke Abstract 1 Introduction This paper will start with a brief background of the Advanced Encryption Standard (AES) process, lessons learned from the Data Encryp- tion Standard (DES), other U.S. government Two decades ago the state-of-the-art in cryptographic publications and the fifteen first the private sector cryptography was—we round candidate algorithms. The focus of the know now—far behind the public sector. presentation will lie in presenting the general Don Coppersmith’s knowledge of the Data design of the five final candidate algorithms, Encryption Standard’s (DES) resilience to and the specifics of the AES and how it dif- the then unknown Differential Cryptanaly- fers from the Rijndael design. A presentation sis (DC), the design principles used in the on the AES modes of operation and Secure Secure Hash Algorithm (SHA) in Digital Hash Algorithm (SHA) family of algorithms Signature Standard (DSS) being case and will follow and will include discussion about point[NISTDSS][NISTDES][DC][NISTSHA1]. how it is directly implicated by AES develop- ments. The selection and design of the DES was shrouded in controversy and suspicion. This very controversy has lead to a fantastic acceler- Intended Audience ation in private sector cryptographic advance- ment. So intrigued by the NSA’s modifica- tions to the Lucifer algorithm, researchers— This paper was written as a supplement to a academic and industry alike—powerful tools presentation at the Ottawa International Linux in assessing block cipher strength were devel- Symposium.
    [Show full text]
  • Security Evaluation of the K2 Stream Cipher
    Security Evaluation of the K2 Stream Cipher Editors: Andrey Bogdanov, Bart Preneel, and Vincent Rijmen Contributors: Andrey Bodganov, Nicky Mouha, Gautham Sekar, Elmar Tischhauser, Deniz Toz, Kerem Varıcı, Vesselin Velichkov, and Meiqin Wang Katholieke Universiteit Leuven Department of Electrical Engineering ESAT/SCD-COSIC Interdisciplinary Institute for BroadBand Technology (IBBT) Kasteelpark Arenberg 10, bus 2446 B-3001 Leuven-Heverlee, Belgium Version 1.1 | 7 March 2011 i Security Evaluation of K2 7 March 2011 Contents 1 Executive Summary 1 2 Linear Attacks 3 2.1 Overview . 3 2.2 Linear Relations for FSR-A and FSR-B . 3 2.3 Linear Approximation of the NLF . 5 2.4 Complexity Estimation . 5 3 Algebraic Attacks 6 4 Correlation Attacks 10 4.1 Introduction . 10 4.2 Combination Generators and Linear Complexity . 10 4.3 Description of the Correlation Attack . 11 4.4 Application of the Correlation Attack to KCipher-2 . 13 4.5 Fast Correlation Attacks . 14 5 Differential Attacks 14 5.1 Properties of Components . 14 5.1.1 Substitution . 15 5.1.2 Linear Permutation . 15 5.2 Key Ideas of the Attacks . 18 5.3 Related-Key Attacks . 19 5.4 Related-IV Attacks . 20 5.5 Related Key/IV Attacks . 21 5.6 Conclusion and Remarks . 21 6 Guess-and-Determine Attacks 25 6.1 Word-Oriented Guess-and-Determine . 25 6.2 Byte-Oriented Guess-and-Determine . 27 7 Period Considerations 28 8 Statistical Properties 29 9 Distinguishing Attacks 31 9.1 Preliminaries . 31 9.2 Mod n Cryptanalysis of Weakened KCipher-2 . 32 9.2.1 Other Reduced Versions of KCipher-2 .
    [Show full text]
  • Twofish Algorithm for Encryption and Decryption
    © 2019 JETIR January 2019, Volume 6, Issue 1 www.jetir.org (ISSN-2349-5162) TWOFISH ALGORITHM FOR ENCRYPTION AND DECRYPTION *1 Anil G. Sawant,2 Dr. Vilas N. Nitnaware, 3Pranali Dengale, 4Sayali Garud, 5Akshay Gandewar *1 Research Scholar (Asst. Professor) ,2 Principal, 3Student, 4Student, 5Student *1 JJT University, Rajasthan, India (Trinity College of Engineering and Research, Pune), 2 D. Y. Patil School of Engineering Academy, Pune, India, 3Trinity College of Engineering and Research Pune, 4Trinity College of Engineering and Research, Pune5 Trinity College of Engineering and Research, Pune. Email:* [email protected], [email protected], [email protected], [email protected], [email protected] Abstract - In this paper, a novel VLSI architecture of the TWOFISH block cipher is presented. TWOFISH is one of the most secure cryptographic algorithm. The characteristic features of the TWOFISH Algorithm are good security margin and has fast encryption/decryption in software, moderately fast in hardware and moderate flexibility. Based on the loop-folding technique combined with efficient hardware mapping, the architecture of twofish Algorithm can make data encryption/ decryption more efficient and secure. To demonstrate the correctness of our Algorithm , a prototype chip for the architecture has been implemented. The chip can achieve an encryption rate and low power consumption while operating clock rate. Designed TWOFISH cryptographic algorithm improved the MDS block that improved a process speed, and decreased complexity and power consumption. Therefore, the chip can be applied to encryption in high-speed networking protocols like ATM networks. This paper will be implemented in Xilinx 14.2 in Verilog HDL. Keywords - Verilog , MDS, PHT, DES, Function F and h.
    [Show full text]
  • Bruce Schneier 2
    Committee on Energy and Commerce U.S. House of Representatives Witness Disclosure Requirement - "Truth in Testimony" Required by House Rule XI, Clause 2(g)(5) 1. Your Name: Bruce Schneier 2. Your Title: none 3. The Entity(ies) You are Representing: none 4. Are you testifying on behalf of the Federal, or a State or local Yes No government entity? X 5. Please list any Federal grants or contracts, or contracts or payments originating with a foreign government, that you or the entity(ies) you represent have received on or after January 1, 2015. Only grants, contracts, or payments related to the subject matter of the hearing must be listed. 6. Please attach your curriculum vitae to your completed disclosure form. Signatur Date: 31 October 2017 Bruce Schneier Background Bruce Schneier is an internationally renowned security technologist, called a security guru by the Economist. He is the author of 14 books—including the New York Times best-seller Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World—as well as hundreds of articles, essays, and academic papers. His influential newsletter Crypto-Gram and blog Schneier on Security are read by over 250,000 people. Schneier is a fellow at the Berkman Klein Center for Internet and Society at Harvard University, a Lecturer in Public Policy at the Harvard Kennedy School, a board member of the Electronic Frontier Foundation and the Tor Project, and an advisory board member of EPIC and VerifiedVoting.org. He is also a special advisor to IBM Security and the Chief Technology Officer of IBM Resilient.
    [Show full text]
  • Characteristics of Key-Dependent S-Boxes: the Case of Twofish
    Characteristics of Key-Dependent S-Boxes: the Case of Twofish Marco Macchetti Politecnico di Milano, Milan, Italy [email protected] Abstract. In this paper we analyze and discuss the cryptographic ro- bustness of key-dependent substitution boxes (KDSBs); these can be found in some symmetric-key algorithms such as Khufu, Blowfish, and the AES finalist Twofish. We analyze KDSBs in the framework of com- posite permutations, completing the theory developed by O’Connor. Un- der the basic assumption that KDSBs are built choosing permutations randomly from the symmetric group S2m by means of the key, the ex- pressions of their linear and differential characteristics are derived. These results are used as a statistical tool to show that Twofish KDSBs, al- though very efficient, can be easily distinguished from truly randomly built KDSBs. We also analyze the motivations that lead to this previ- ously unknown property; it can be concluded that the efficiency of the construction and the small computational complexity of Twofish KDSBs, although very desirable, cannot be easily obtained together with the highest level of security. Keywords: key-dependent s-boxes, linear cryptanalysis, differential crypt- analysis, composite permutations, Twofish. 1 Introduction Block ciphers are an important and widely studied class of cryptographic algo- rithms; the obsolete Data Encryption Standard (DES) [1] and the established Advanced Encryption Standard (AES) [2] are two well known examples. Practically all the proposed algorithms are constructed as Substitution Per- mutation Networks (SPNs) or Feistel structures; in both cases the importance of the non-linear part of the algorithm is crucial, especially considering the crypt- analytic techniques known as Differential [6] and Linear Cryptanalysis [8].
    [Show full text]
  • Miss in the Middle Attacks on IDEA and Khufu
    Miss in the Middle Attacks on IDEA and Khufu Eli Biham? Alex Biryukov?? Adi Shamir??? Abstract. In a recent paper we developed a new cryptanalytic techni- que based on impossible differentials, and used it to attack the Skipjack encryption algorithm reduced from 32 to 31 rounds. In this paper we describe the application of this technique to the block ciphers IDEA and Khufu. In both cases the new attacks cover more rounds than the best currently known attacks. This demonstrates the power of the new cryptanalytic technique, shows that it is applicable to a larger class of cryptosystems, and develops new technical tools for applying it in new situations. 1 Introduction In [5,17] a new cryptanalytic technique based on impossible differentials was proposed, and its application to Skipjack [28] and DEAL [17] was described. In this paper we apply this technique to the IDEA and Khufu cryptosystems. Our new attacks are much more efficient and cover more rounds than the best previously known attacks on these ciphers. The main idea behind these new attacks is a bit counter-intuitive. Unlike tra- ditional differential and linear cryptanalysis which predict and detect statistical events of highest possible probability, our new approach is to search for events that never happen. Such impossible events are then used to distinguish the ci- pher from a random permutation, or to perform key elimination (a candidate key is obviously wrong if it leads to an impossible event). The fact that impossible events can be useful in cryptanalysis is an old idea (for example, some of the attacks on Enigma were based on the observation that letters can not be encrypted to themselves).
    [Show full text]
  • Identifying Open Research Problems in Cryptography by Surveying Cryptographic Functions and Operations 1
    International Journal of Grid and Distributed Computing Vol. 10, No. 11 (2017), pp.79-98 http://dx.doi.org/10.14257/ijgdc.2017.10.11.08 Identifying Open Research Problems in Cryptography by Surveying Cryptographic Functions and Operations 1 Rahul Saha1, G. Geetha2, Gulshan Kumar3 and Hye-Jim Kim4 1,3School of Computer Science and Engineering, Lovely Professional University, Punjab, India 2Division of Research and Development, Lovely Professional University, Punjab, India 4Business Administration Research Institute, Sungshin W. University, 2 Bomun-ro 34da gil, Seongbuk-gu, Seoul, Republic of Korea Abstract Cryptography has always been a core component of security domain. Different security services such as confidentiality, integrity, availability, authentication, non-repudiation and access control, are provided by a number of cryptographic algorithms including block ciphers, stream ciphers and hash functions. Though the algorithms are public and cryptographic strength depends on the usage of the keys, the ciphertext analysis using different functions and operations used in the algorithms can lead to the path of revealing a key completely or partially. It is hard to find any survey till date which identifies different operations and functions used in cryptography. In this paper, we have categorized our survey of cryptographic functions and operations in the algorithms in three categories: block ciphers, stream ciphers and cryptanalysis attacks which are executable in different parts of the algorithms. This survey will help the budding researchers in the society of crypto for identifying different operations and functions in cryptographic algorithms. Keywords: cryptography; block; stream; cipher; plaintext; ciphertext; functions; research problems 1. Introduction Cryptography [1] in the previous time was analogous to encryption where the main task was to convert the readable message to an unreadable format.
    [Show full text]
  • Improbable Differential from Impossible Differential
    Improbable Differential from Impossible Differential: On the Validity of the Model C´elineBlondeau Aalto University, School of Science, Department of Information and Computer Science [email protected] Abstract. Differentials with low probability are used in improbable dif- ferential cryptanalysis to distinguish a cipher from a random permuta- tion. Due to large diffusion, finding such differentials for actual ciphers re- mains a challenging task. At Indocrypt 2010, Tezcan proposed a method to derive improbable differential distinguishers from impossible differ- ential ones. In this paper, we discuss the validity of the assumptions made in the computation of the improbable differential probabilities. In particular, we show based on experiments that such improbable differ- ential cryptanalysis can fail. The validity of the improbable differential cryptanalyses on PRESENT and CLEFIA is discussed. Keywords:improbable differential, impossible differential, truncated differential, PRESENT, CLEFIA 1 Introduction Since the introduction of differential cryptanalysis [2] in the beginning of the 90's, many generalizations of this attack have been proposed to cryptanalyse a large number of block ciphers. While most of them exploit differentials with high probability, in the impossible differential cryptanalysis context [1] attackers take advantage of zero-probability differentials. Recently a variation of this attack called improbable differential cryptanalysis have been introduced by Tezcan [21] at Indocrypt 2010 and by Mala, Dakhilalian and Shakiba [15]. In this context, differentials with low probabilities are used to distinguish the cipher from a random permutation. While in theory this attack could be efficient on some ciphers, in practice, it may be hard to find differentials or truncated differentials with such small prob- abilities.
    [Show full text]
  • AES, Blowfish and Twofish for Security of Wireless Networks
    International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 06 | June 2020 www.irjet.net p-ISSN: 2395-0072 Comparison of Encryption Algorithms: AES, Blowfish and Twofish for Security of Wireless Networks Archisman Ghosh Department of Computer Science & Engineering, National Institute of Technology, Durgapur, West Bengal, India --------------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - Encryption is the process of encoding data to A secure WiFi system uses algorithms such as DES, RSA, prevent unauthorized access. Cyber security is the need of AES, Blowfish and Twofish to secure the communication the hour which ensures transfer of data across the internet over seemingly unsecured Internet channels. In addition, with confidentiality and integrity, and provides protection the existing cryptographic algorithm is based on an against malicious attacks. In this research paper, encryption model designed by Horst Feistel of IBM [4]. comparison between the encryption algorithms, viz. AES (Advanced Encryption Standard), Blowfish, and Twofish is In this paper, a comparative study of the cryptographic done in terms of time of encryption and decryption, and algorithms: AES, Blowfish and Twofish has been done and their throughput, and the results are analysed indicating the the results have been analysed in order to find the superiority of Twofish over AES and Blowfish as a viable algorithm most suitable for encrypting data in wireless algorithm for data encryption in wireless networks. networks. Keywords: Cryptography, Network security, AES, 2. Overview of the algorithms Blowfish, Twofish, Secure communication. 2.1 AES 1. Introduction The Advanced Encryption Standard (AES) is a Owing to the advancement in internet accessibility and cryptographic algorithm for encryption of electronic data networking, most of the security sensitive stuff like established by the U.S.
    [Show full text]