DOCSLIB.ORG

Hardware Evaluation of Estream Candidates

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Hardware Evaluation of Estream Candidates Hardware Evaluation of eSTREAM Candidates Frank K. G¨urkaynak, Peter Luethi, Nico Bernold, Ren´eBlattmann,Victoria Goode, Marcel Marghitola, Hubert Kaeslin, Norbert Felber, Wolfgang Fichtner Integrated Systems Laboratory ETH Zurich 2. February 2006 Table of Contents 1 Overview 2 Methodology 3 Algorithms 4 Efficiency in Hardware 5 Results 6 Conclusions 2 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Algorithms that support only Profile-II Algorithms without any cryptological issues Algorithms which are not likely to get updates Once these are completed, look for additional algorithms that seem easy to implement. Implementing eSTREAM Candidates eSTREAM candidates (34) ABC Achterbahn CryptMT/Fubuki DECIM DICING DRAGON Edon80 F-FCSR Frogbit Grain HC-256 Hermes8 LEX MAG MICKEY Mir-1 MOSQUITO NLS Phelix Polar Bear POMARANCH Py Rabbit Salsa20 SFINKS SOSEMANUK SSS TRBDK3 YAEA Trivium TSC-3 VEST WG Yamb ZK-Crypt 3 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Algorithms without any cryptological issues Algorithms which are not likely to get updates Once these are completed, look for additional algorithms that seem easy to implement. Implementing eSTREAM Candidates eSTREAM candidates (12) ABC Achterbahn CryptMT/Fubuki DECIM DICING DRAGON Edon80 F-FCSR Frogbit Grain HC-256 Hermes8 LEX MAG MICKEY Mir-1 MOSQUITO NLS Phelix Polar Bear POMARANCH Py Rabbit Salsa20 SFINKS SOSEMANUK SSS TRBDK3 YAEA Trivium TSC-3 VEST WG Yamb ZK-Crypt Algorithms that support only Profile-II 3 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Algorithms which are not likely to get updates Once these are completed, look for additional algorithms that seem easy to implement. Implementing eSTREAM Candidates eSTREAM candidates (10) ABC Achterbahn CryptMT/Fubuki DECIM DICING DRAGON Edon80 F-FCSR Frogbit Grain HC-256 Hermes8 LEX MAG MICKEY Mir-1 MOSQUITO NLS Phelix Polar Bear POMARANCH Py Rabbit Salsa20 SFINKS SOSEMANUK SSS TRBDK3 YAEA Trivium TSC-3 VEST WG Yamb ZK-Crypt Algorithms that support only Profile-II Algorithms without any cryptological issues 3 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Once these are completed, look for additional algorithms that seem easy to implement. Implementing eSTREAM Candidates eSTREAM candidates (7) ABC Achterbahn CryptMT/Fubuki DECIM DICING DRAGON Edon80 F-FCSR Frogbit Grain HC-256 Hermes8 LEX MAG MICKEY Mir-1 MOSQUITO NLS Phelix Polar Bear POMARANCH Py Rabbit Salsa20 SFINKS SOSEMANUK SSS TRBDK3 YAEA Trivium TSC-3 VEST WG Yamb ZK-Crypt Algorithms that support only Profile-II Algorithms without any cryptological issues Algorithms which are not likely to get updates 3 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Implementing eSTREAM Candidates eSTREAM candidates (8) ABC Achterbahn CryptMT/Fubuki DECIM DICING DRAGON Edon80 F-FCSR Frogbit Grain HC-256 Hermes8 LEX MAG MICKEY Mir-1 MOSQUITO NLS Phelix Polar Bear POMARANCH Py Rabbit Salsa20 SFINKS SOSEMANUK SSS TRBDK3 YAEA Trivium TSC-3 VEST WG Yamb ZK-Crypt Algorithms that support only Profile-II Algorithms without any cryptological issues Algorithms which are not likely to get updates Once these are completed, look for additional algorithms that seem easy to implement. 3 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Implementing eSTREAM Candidates eSTREAM candidates (8) ABC Achterbahn CryptMT/Fubuki DECIM DICING DRAGON Edon80 F-FCSR Frogbit Grain HC-256 Hermes8 LEX MAG MICKEY Mir-1 MOSQUITO NLS Phelix Polar Bear POMARANCH Py Rabbit Salsa20 SFINKS SOSEMANUK SSS TRBDK3 YAEA Trivium TSC-3 VEST WG Yamb ZK-Crypt Algorithms that support only Profile-II Algorithms without any cryptological issues Algorithms which are not likely to get updates Once these are completed, look for additional algorithms that seem easy to implement. Compare against an AES core running in OFB mode 3 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Implementation platform/technology FPGA (which device?, how are the resources used?), ASIC (which technology?) Project schedule In this project All designs were implemented by a group of 4 students: with equal experience using a standard cell based ASIC design flow within 14 weeks Fair Comparison The following factors may have significant effect on the outcome of a hardware design: The experience of the designer 4 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Project schedule In this project All designs were implemented by a group of 4 students: with equal experience using a standard cell based ASIC design flow within 14 weeks Fair Comparison The following factors may have significant effect on the outcome of a hardware design: The experience of the designer Implementation platform/technology FPGA (which device?, how are the resources used?), ASIC (which technology?) 4 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich In this project All designs were implemented by a group of 4 students: with equal experience using a standard cell based ASIC design flow within 14 weeks Fair Comparison The following factors may have significant effect on the outcome of a hardware design: The experience of the designer Implementation platform/technology FPGA (which device?, how are the resources used?), ASIC (which technology?) Project schedule 4 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Fair Comparison The following factors may have significant effect on the outcome of a hardware design: The experience of the designer Implementation platform/technology FPGA (which device?, how are the resources used?), ASIC (which technology?) Project schedule In this project All designs were implemented by a group of 4 students: with equal experience using a standard cell based ASIC design flow within 14 weeks 4 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Guidelines for design The provided C code has been used as a reference All synthesized algorithms include test structures No ROM macros were used Optional MAC support is not included All algorithms accept plaintext and deliver ciphertext Methodology Tools Description: Code written in VHDL Simulation: Mentor Graphics Modelsim 6.0c Logic Synthesis: Synopsys Design Vision-2004.12 Physical Design: Cadence SoC Encounter 4.1-usr4 Technology: UMC 0.25 µm 5-Metal CMOS 5 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Methodology Tools Description: Code written in VHDL Simulation: Mentor Graphics Modelsim 6.0c Logic Synthesis: Synopsys Design Vision-2004.12 Physical Design: Cadence SoC Encounter 4.1-usr4 Technology: UMC 0.25 µm 5-Metal CMOS Guidelines for design The provided C code has been used as a reference All synthesized algorithms include test structures No ROM macros were used Optional MAC support is not included All algorithms accept plaintext and deliver ciphertext 5 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich The Team Sherlock Watson Nico Bernold Victoria Goode Ren´eBlattmann Marcel Marghitola 7th semester students of the Information Technologies and Electronics Department of the ETH Zurich. 6 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich T Throughput in Gbits/s TpA Throughput per area in Gbits/s·mm2 E Energy per data item mJ/Gbits Performance Metrics Circuit performance will be measured by: A Total circuit area after synthesis in µm2 f Maximum clock rate in MHz P Power consumption in mW Radix Generated output bits per clock cycle 7 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Performance Metrics Circuit performance will be measured by: A Total circuit area after synthesis in µm2 f Maximum clock rate in MHz P Power consumption in mW Radix Generated output bits per clock cycle T Throughput in Gbits/s TpA Throughput per area in Gbits/s·mm2 E Energy per data item mJ/Gbits 7 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich IV Key AES 32 128 128 128 Round Key Generator State Register (128 FF) (128 FF) Radix 3.12 32 32 32 32 8 8 8 8 FFs 265 32 32 8 8 8 8 2 A 300k µm Sbox Sbox Sbox Sbox 8 8 8 8 T 0.665 Gb/s Mixcolumns Output Advanced Encryption Standard More experience with implementing AES Highly optimized 32-bit datapath on-the-fly key generation 8 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich Key 80 IV 64 Achterbahn 6 1 NLFSR A (22 FF) Filter A Plaintext 7 1 NLFSR B (23 FF) Filter B 7 1 1 Radix 1-16 NLFSR C (25 FF) Filter C 8 1 NLFSR D (26 FF) Filter D 1 8 1 FFs 285 NLFSR E (27 FF) Filter E 9 1 NLFSR F (28 FF) Filter F Combining Function R 2 NLSFR V (64 FF) A 191k-480k µm 1 9 1 NLFSR G (29 FF) Filter G 10 1 Ciphertext T 0.310-1.423 Gb/s NLFSR H (31 FF) Filter H Pro X Very good documentation and reference code X Good performance trade-off Con x Low throughput x Large area 9 / 28 Department of Information Technology Integrated Systems Laboratory and Electrical Engineering Zurich
Load more

Recommended publications
  • Secure Transmission of Data Using Rabbit Algorithm
    International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395 -0056 Volume: 04 Issue: 05 | May -2017 www.irjet.net p-ISSN: 2395-0072 Secure Transmission of Data using Rabbit Algorithm Shweta S Tadkal1, Mahalinga V Mandi2 1 M. Tech Student , Department of Electronics & Communication Engineering, Dr. Ambedkar institute of Technology,Bengaluru-560056 2 Associate Professor, Department of Electronics & Communication Engineering, Dr. Ambedkar institute of Technology,Bengaluru-560056 ---------------------------------------------------------------------***----------------------------------------------------------------- Abstract— This paper presents the design and simulation of secure transmission of data using rabbit algorithm. The rabbit algorithm is a stream cipher algorithm. Stream ciphers are an important class of symmetric encryption algorithm, which uses the same secret key to encrypt and decrypt the data and has been designed for high performance in software implementation. The data or the plain text in our proposed model is the binary data which is encrypted using the keys generated by the rabbit algorithm. The rabbit algorithm is implemented and the language used to write the code is Verilog and then is simulated using Modelsim6.4a. The software tool used is Xilinx ISE Design Suit 14.7. Keywords—Cryptography, Stream ciphers, Rabbit algorithm 1. INTRODUCTION In today’s world most of the communications done using electronic media. Data security plays a vitalkrole in such communication. Hence there is a need to predict data from malicious attacks. This is achieved by cryptography. Cryptographydis the science of secretscodes, enabling the confidentiality of communication through an in secure channel. It protectssagainstbunauthorizedapartiesoby preventing unauthorized alterationhof use. Several encrypting algorithms have been built to deal with data security attacks.
    [Show full text]
  • A Differential Fault Attack on MICKEY
    A Differential Fault Attack on MICKEY 2.0 Subhadeep Banik and Subhamoy Maitra Applied Statistics Unit, Indian Statistical Institute Kolkata, 203, B.T. Road, Kolkata-108. s.banik [email protected], [email protected] Abstract. In this paper we present a differential fault attack on the stream cipher MICKEY 2.0 which is in eStream's hardware portfolio. While fault attacks have already been reported against the other two eStream hardware candidates Trivium and Grain, no such analysis is known for MICKEY. Using the standard assumptions for fault attacks, we show that if the adversary can induce random single bit faults in the internal state of the cipher, then by injecting around 216:7 faults and performing 232:5 computations on an average, it is possible to recover the entire internal state of MICKEY at the beginning of the key-stream generation phase. We further consider the scenario where the fault may affect at most three neighbouring bits and in that case we require around 218:4 faults on an average. Keywords: eStream, Fault attacks, MICKEY 2.0, Stream Cipher. 1 Introduction The stream cipher MICKEY 2.0 [4] was designed by Steve Babbage and Matthew Dodd as a submission to the eStream project. The cipher has been selected as a part of eStream's final hardware portfolio. MICKEY is a synchronous, bit- oriented stream cipher designed for low hardware complexity and high speed. After a TMD tradeoff attack [16] against the initial version of MICKEY (ver- sion 1), the designers responded by tweaking the design by increasing the state size from 160 to 200 bits and altering the values of some control bit tap loca- tions.
    [Show full text]
  • Detection and Exploitation of Small Correlations in Stream Ciphers
    Detection and Exploitation of Small Correlations in Stream Ciphers Masterthesis conducted under the guidance of Prof. Dr. Joachim Rosenthal and Dr. Gérard Maze Institute of Mathematics, University of Zurich 2008 Urs Wagner Outline This thesis gives an overview of stream ciphers based on linear feedback shift registers (LFSR) and their vulnerability to correlation attacks. In the rst chapter, a short introduction to symmetric key ciphers is given. The main focus hereby is on LFSR based stream ciphers. Further, the principles of LFSR are presented. The chapter is then closed by a stream cipher example, the Gee Generator. The second chapter treats the general approach of correlation attacks. Moreover a correlation attack is mounted on the Gee Generator and the practical results are presented. Boolean functions play an important role in stream cipher designs. The Walsh transform, a tool to analyze the cryptographic properties of Boolean functions, is introduced in chapter 3. Additionally, the cryptographic properties themselves are discussed. In the fourth chapter, an improved kind of correlation attack -the fast correlation attack- is presented. It exploits the same weaknesses in the stream cipher designs as the correlation attack, the mode of operation is however dierent. In the last chapter, the insights gained in the previous chapters are used to suggest an attack on a stream cipher by Philips, named Hitag 2. 1 Acknowledgments This thesis was written in the course of my master's studies at the University of Zurich. I am grateful to Prof. Joachim Rosenthal who gave me the opportunity to write my master thesis in cryptography. Special thanks go to Dr.
    [Show full text]
  • Analysis of Selected Block Cipher Modes for Authenticated Encryption
    Analysis of Selected Block Cipher Modes for Authenticated Encryption by Hassan Musallam Ahmed Qahur Al Mahri Bachelor of Engineering (Computer Systems and Networks) (Sultan Qaboos University) – 2007 Thesis submitted in fulfilment of the requirement for the degree of Doctor of Philosophy School of Electrical Engineering and Computer Science Science and Engineering Faculty Queensland University of Technology 2018 Keywords Authenticated encryption, AE, AEAD, ++AE, AEZ, block cipher, CAESAR, confidentiality, COPA, differential fault analysis, differential power analysis, ElmD, fault attack, forgery attack, integrity assurance, leakage resilience, modes of op- eration, OCB, OTR, SHELL, side channel attack, statistical fault analysis, sym- metric encryption, tweakable block cipher, XE, XEX. i ii Abstract Cryptography assures information security through different functionalities, es- pecially confidentiality and integrity assurance. According to Menezes et al. [1], confidentiality means the process of assuring that no one could interpret infor- mation, except authorised parties, while data integrity is an assurance that any unauthorised alterations to a message content will be detected. One possible ap- proach to ensure confidentiality and data integrity is to use two different schemes where one scheme provides confidentiality and the other provides integrity as- surance. A more compact approach is to use schemes, called Authenticated En- cryption (AE) schemes, that simultaneously provide confidentiality and integrity assurance for a message. AE can be constructed using different mechanisms, and the most common construction is to use block cipher modes, which is our focus in this thesis. AE schemes have been used in a wide range of applications, and defined by standardisation organizations. The National Institute of Standards and Technol- ogy (NIST) recommended two AE block cipher modes CCM [2] and GCM [3].
    [Show full text]
  • Key Differentiation Attacks on Stream Ciphers
    Key differentiation attacks on stream ciphers Abstract In this paper the applicability of differential cryptanalytic tool to stream ciphers is elaborated using the algebraic representation similar to early Shannon’s postulates regarding the concept of confusion. In 2007, Biham and Dunkelman [3] have formally introduced the concept of differential cryptanalysis in stream ciphers by addressing the three different scenarios of interest. Here we mainly consider the first scenario where the key difference and/or IV difference influence the internal state of the cipher (∆key, ∆IV ) → ∆S. We then show that under certain circumstances a chosen IV attack may be transformed in the key chosen attack. That is, whenever at some stage of the key/IV setup algorithm (KSA) we may identify linear relations between some subset of key and IV bits, and these key variables only appear through these linear relations, then using the differentiation of internal state variables (through chosen IV scenario of attack) we are able to eliminate the presence of corresponding key variables. The method leads to an attack whose complexity is beyond the exhaustive search, whenever the cipher admits exact algebraic description of internal state variables and the keystream computation is not complex. A successful application is especially noted in the context of stream ciphers whose keystream bits evolve relatively slow as a function of secret state bits. A modification of the attack can be applied to the TRIVIUM stream cipher [8], in this case 12 linear relations could be identified but at the same time the same 12 key variables appear in another part of state register.
    [Show full text]
  • Ray Bradbury Creative Contest Literary Journal
    32nd Annual Ray Bradbury Creative Contest Literary Journal 2016 Val Mayerik Val Ray Bradbury Creative Contest A contest of writing and art by the Waukegan Public Library. This year’s literary journal is edited, designed, and produced by the Waukegan Public Library. Table of Contents Elementary School Written page 1 Middle School Written page 23 High School Written page 52 Adult Written page 98 Jennifer Herrick – Designer Rose Courtney – Staff Judge Diana Wence – Staff Judge Isaac Salgado – Staff Judge Yareli Facundo – Staff Judge Elementary School Written The Haunted School Alexis J. In one wonderful day there was a school-named “Hyde Park”. One day when, a kid named Logan and his friend Mindy went to school they saw something new. Hyde Park is hotel now! Logan and Mindy Went inside to see what was going on. So they could not believe what they say. “Hyde Park is also now haunted! When Logan took one step they saw Slender Man. Then they both walk and there was a scary mask. Then mummies started coming out of the grown and zombies started coming from the grown and they were so stinky yuck! Ghost came out all over the school and all the doors were locked. Now Mindy had a plan to scare all the monsters away. She said “we should put all the monsters we saw all together. So they make Hyde Park normal again. And they live happy ever after and now it is back as normal. THE END The Haunted House Angel A. One day it was night. And it was so dark a lot of people went on a house called “dead”.
    [Show full text]
  • Side Channel Analysis Attacks on Stream Ciphers
    Side Channel Analysis Attacks on Stream Ciphers Daehyun Strobel 23.03.2009 Masterarbeit Ruhr-Universität Bochum Lehrstuhl Embedded Security Prof. Dr.-Ing. Christof Paar Betreuer: Dipl.-Ing. Markus Kasper Erklärung Ich versichere, dass ich die Arbeit ohne fremde Hilfe und ohne Benutzung anderer als der angegebenen Quellen angefertigt habe und dass die Arbeit in gleicher oder ähnlicher Form noch keiner anderen Prüfungsbehörde vorgelegen hat und von dieser als Teil einer Prüfungsleistung angenommen wurde. Alle Ausführungen, die wörtlich oder sinngemäß übernommen wurden, sind als solche gekennzeichnet. Bochum, 23.März 2009 Daehyun Strobel ii Abstract In this thesis, we present results from practical differential power analysis attacks on the stream ciphers Grain and Trivium. While most published works on practical side channel analysis describe attacks on block ciphers, this work is among the first ones giving report on practical results of power analysis attacks on stream ciphers. Power analyses of stream ciphers require different methods than the ones used in todays most popular attacks. While for the majority of block ciphers it is sufficient to attack the first or last round only, to analyze a stream cipher typically the information leakages of many rounds have to be considered. Furthermore the analysis of hardware implementations of stream ciphers based on feedback shift registers inevitably leads to methods combining algebraic attacks with methods from the field of side channel analysis. Instead of a direct recovery of key bits, only terms composed of several key bits and bits from the initialization vector can be recovered. An attacker first has to identify a sufficient set of accessible terms to finally solve for the key bits.
    [Show full text]
  • Cryptanalysis of Stream Ciphers Based on Arrays and Modular Addition
    KATHOLIEKE UNIVERSITEIT LEUVEN FACULTEIT INGENIEURSWETENSCHAPPEN DEPARTEMENT ELEKTROTECHNIEK{ESAT Kasteelpark Arenberg 10, 3001 Leuven-Heverlee Cryptanalysis of Stream Ciphers Based on Arrays and Modular Addition Promotor: Proefschrift voorgedragen tot Prof. Dr. ir. Bart Preneel het behalen van het doctoraat in de ingenieurswetenschappen door Souradyuti Paul November 2006 KATHOLIEKE UNIVERSITEIT LEUVEN FACULTEIT INGENIEURSWETENSCHAPPEN DEPARTEMENT ELEKTROTECHNIEK{ESAT Kasteelpark Arenberg 10, 3001 Leuven-Heverlee Cryptanalysis of Stream Ciphers Based on Arrays and Modular Addition Jury: Proefschrift voorgedragen tot Prof. Dr. ir. Etienne Aernoudt, voorzitter het behalen van het doctoraat Prof. Dr. ir. Bart Preneel, promotor in de ingenieurswetenschappen Prof. Dr. ir. Andr´eBarb´e door Prof. Dr. ir. Marc Van Barel Prof. Dr. ir. Joos Vandewalle Souradyuti Paul Prof. Dr. Lars Knudsen (Technical University, Denmark) U.D.C. 681.3*D46 November 2006 ⃝c Katholieke Universiteit Leuven { Faculteit Ingenieurswetenschappen Arenbergkasteel, B-3001 Heverlee (Belgium) Alle rechten voorbehouden. Niets uit deze uitgave mag vermenigvuldigd en/of openbaar gemaakt worden door middel van druk, fotocopie, microfilm, elektron- isch of op welke andere wijze ook zonder voorafgaande schriftelijke toestemming van de uitgever. All rights reserved. No part of the publication may be reproduced in any form by print, photoprint, microfilm or any other means without written permission from the publisher. D/2006/7515/88 ISBN 978-90-5682-754-0 To my parents for their unyielding ambition to see me educated and Prof. Bimal Roy for making cryptology possible in my life ... My Gratitude It feels awkward to claim the thesis to be singularly mine as a great number of people, directly or indirectly, participated in the process to make it see the light of day.
    [Show full text]
  • *UPDATED Canadian Values 07-04 201 7/26/2016 4:42:21 PM *UPDATED Canadian Values 07-04 202 COIN VALUES: CANADA 02 .0 .0 12
    CANADIAN VALUES By Michael Findlay Large Cents VG-8 F-12 VF-20 EF-40 MS-60 MS-63R 1917 1.00 1.25 1.50 2.50 13. 45. CANADA COIN VALUES: 1918 1.00 1.25 1.50 2.50 13. 45. 1919 1.00 1.25 1.50 2.50 13. 45. 1920 1.00 1.25 1.50 3.00 18. 70. CANADIAN COIN VALUES Small Cents PRICE GUIDE VG-8 F-12 VF-20 EF-40 MS-60 MS-63R GEORGE V All prices are in U.S. dollars LargeL Cents C t 1920 0.20 0.35 0.75 1.50 12. 45. Canadian Coin Values is a comprehensive retail value VG-8 F-12 VF-20 EF-40 MS-60 MS-63R 1921 0.50 0.75 1.50 4.00 30. 250. guide of Canadian coins published online regularly at Coin VICTORIA 1922 20. 23. 28. 40. 200. 1200. World’s website. Canadian Coin Values is provided as a 1858 70. 90. 120. 200. 475. 1800. 1923 30. 33. 42. 55. 250. 2000. reader service to collectors desiring independent informa- 1858 Coin Turn NI NI 2500. 5000. BNE BNE 1924 6.00 8.00 11. 16. 120. 800. tion about a coin’s potential retail value. 1859 4.00 5.00 6.00 10. 50. 200. 1925 25. 28. 35. 45. 200. 900. Sources for pricing include actual transactions, public auc- 1859 Brass 16000. 22000. 30000. BNE BNE BNE 1926 3.50 4.50 7.00 12. 90. 650. tions, fi xed-price lists and any additional information acquired 1859 Dbl P 9 #1 225.
    [Show full text]
  • An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext
    An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext By Isaac Quinn DuPont A thesis submitted in conformity with the requirements for the degree of Doctor of Philosophy Faculty of Information University of Toronto © Copyright by Isaac Quinn DuPont 2017 ii An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext Isaac Quinn DuPont Doctor of Philosophy Faculty of Information University of Toronto 2017 Abstract Tis dissertation is an archeological study of cryptography. It questions the validity of thinking about cryptography in familiar, instrumentalist terms, and instead reveals the ways that cryptography can been understood as writing, media, and computation. In this dissertation, I ofer a critique of the prevailing views of cryptography by tracing a number of long overlooked themes in its history, including the development of artifcial languages, machine translation, media, code, notation, silence, and order. Using an archeological method, I detail historical conditions of possibility and the technical a priori of cryptography. Te conditions of possibility are explored in three parts, where I rhetorically rewrite the conventional terms of art, namely, plaintext, encryption, and ciphertext. I argue that plaintext has historically been understood as kind of inscription or form of writing, and has been associated with the development of artifcial languages, and used to analyze and investigate the natural world. I argue that the technical a priori of plaintext, encryption, and ciphertext is constitutive of the syntactic iii and semantic properties detailed in Nelson Goodman’s theory of notation, as described in his Languages of Art. I argue that encryption (and its reverse, decryption) are deterministic modes of transcription, which have historically been thought of as the medium between plaintext and ciphertext.
    [Show full text]
  • Security Evaluation of the K2 Stream Cipher
    Security Evaluation of the K2 Stream Cipher Editors: Andrey Bogdanov, Bart Preneel, and Vincent Rijmen Contributors: Andrey Bodganov, Nicky Mouha, Gautham Sekar, Elmar Tischhauser, Deniz Toz, Kerem Varıcı, Vesselin Velichkov, and Meiqin Wang Katholieke Universiteit Leuven Department of Electrical Engineering ESAT/SCD-COSIC Interdisciplinary Institute for BroadBand Technology (IBBT) Kasteelpark Arenberg 10, bus 2446 B-3001 Leuven-Heverlee, Belgium Version 1.1 | 7 March 2011 i Security Evaluation of K2 7 March 2011 Contents 1 Executive Summary 1 2 Linear Attacks 3 2.1 Overview . 3 2.2 Linear Relations for FSR-A and FSR-B . 3 2.3 Linear Approximation of the NLF . 5 2.4 Complexity Estimation . 5 3 Algebraic Attacks 6 4 Correlation Attacks 10 4.1 Introduction . 10 4.2 Combination Generators and Linear Complexity . 10 4.3 Description of the Correlation Attack . 11 4.4 Application of the Correlation Attack to KCipher-2 . 13 4.5 Fast Correlation Attacks . 14 5 Differential Attacks 14 5.1 Properties of Components . 14 5.1.1 Substitution . 15 5.1.2 Linear Permutation . 15 5.2 Key Ideas of the Attacks . 18 5.3 Related-Key Attacks . 19 5.4 Related-IV Attacks . 20 5.5 Related Key/IV Attacks . 21 5.6 Conclusion and Remarks . 21 6 Guess-and-Determine Attacks 25 6.1 Word-Oriented Guess-and-Determine . 25 6.2 Byte-Oriented Guess-and-Determine . 27 7 Period Considerations 28 8 Statistical Properties 29 9 Distinguishing Attacks 31 9.1 Preliminaries . 31 9.2 Mod n Cryptanalysis of Weakened KCipher-2 . 32 9.2.1 Other Reduced Versions of KCipher-2 .
    [Show full text]
  • Comparing Some Pseudo-Random Number Generators and Cryptography Algorithms Using a General Evaluation Pattern
    I.J. Information Technology and Computer Science, 2016, 9, 25-31 Published Online September 2016 in MECS (http://www.mecs-press.org/) DOI: 10.5815/ijitcs.2016.09.04 Comparing Some Pseudo-Random Number Generators and Cryptography Algorithms Using a General Evaluation Pattern Ahmad Gaeini Imam Husein Comprehensive University, Iran E-mail: [email protected] Abdolrasoul Mirghadri1, Gholamreza Jandaghi2, Behbod Keshavarzi3 1Imam Husein Comprehensive University, Iran, E-mail: [email protected] 2Corresponding Author, University of Tehran, Farabi College, E-mail: [email protected] 3Shahed University, E-mail: [email protected] Abstract—Since various pseudo-random algorithms and generated by using chaotic systems and perturbation and sequences are used for cryptography of data or as initial by choosing least significant bits (LSB’s).In [4] and [5], values for starting a secure communication, how these chaotic maps have been used to design a cryptographic algorithms are analyzed and selected is very important. In algorithm; furthermore, output sequence has been fact, given the growingly extensive types of pseudo- statistically analyzed and method has also been evaluated random sequences and block and stream cipher in term of vulnerability to a variety of attacks, which has algorithms, selection of an appropriate algorithm needs proved the security of algorithm. In [6], a new an accurate and thorough investigation. Also, in order to pseudorandom number generator based on a complex generate a pseudo-random sequence and generalize it to a number chaotic equation has been introduced and cryptographer algorithm, a comprehensive and regular randomness of the produced sequence has been proven by framework is needed, so that we are enabled to evaluate NIST tests.
    [Show full text]