Mehreen Afzal

A Compact S-Box Design for SMS4 Block Cipher

This paper proposes a compact design of SMS4 S-box using combinational logic which is suitable for the implementation in area constraint environments like smart cards. The inversion algorithm of the proposed S-box is based on composite field GF(((22)2)2) using normal basis at all levels. In our approach, we examined all possible normal basis combinations having trace equal to one at each subfield level. There are 16 such possible combinations with normal basis and we have compared the S-box designs based on each case in terms of logic gates it uses for implementation. The isomorphism mapping and inverse mapping bit matrices are fully optimized using greedy algorithm. We prove that our best case reduces the complexity upon the SMS4 S-box design with existing inversion algorithm based on polynomial basis by 15% XOR and 42% AND gates.

Algebraic Cryptanalysis of A NLFSR Based Stream Cipher

Among recent developments on stream ciphers, the algebraic attack has gained much attention. In this paper we concentrate on algebraic cryptanalysis of Grain, a non-linear feedback shift register (NLFSR) based stream cipher. The target here is to analyze generic key generating structure of Grain, that is why, we aim to recover the internal states of cipher rather than the key-bits. Experiments are carried out to solve these varying degree equations, with some guessed bits using Groebner basis technique. Our approach succeeds in recovering (approx) 1/2 of the internal stateAmong recent developments on stream ciphers, the algebraic attack has gained much attention. In this paper we concentrate on algebraic cryptanalysis of Grain, a non-linear feedback shift register (NLFSR) based stream cipher. The target here is to analyze generic key generating structure of Grain, that is why, we aim to recover the internal states of cipher rather than the key-bits. Experiments are carried out to solve these varying degree equations, with some guessed bits using Groebner basis technique. Our approach succeeds in recovering (approx) 1/2 of the internal state bits of Grain-1, while other half are guessed. While, in case of Grain-128, only 1/4 of the state bits can be obtained. bits of Grain-1, while other half are guessed. While, in case of Grain-128, only 1/4 of the state bits can be obtained.

Comparative Analysis of the Structures of eSTREAM Submitted Stream Ciphers

Unlike block ciphers, stream ciphers do not have a standard model. A variety of structures are followed in stream cipher design. The stream cipher project of ECRYPT: eSTREAM aims to identify new stream ciphers that might become suitable for widespread adoption. 34 submissions are made in this on going project, based not only on conventional designs but also on some novel ideas. In this paper a comparative study of these submissions is made with respect to the design structures they have used. Our work aims at having a review of different design philosophies which were used in past and those which are adopted in these submissions. This study of the proposed ciphers also gives an insight into the recent trends in the design of stream ciphers

An extended secret sharing scheme for colour images with fixed pixel expansion

An extended visual secret sharing scheme uses multiple innocent-looking cover images to hide a secret image such that none discloses any portion of the secret. In this article, an extended secret sharing technique is proposed that shares a secret colour image in a couple of significant images using a fixed pixel expansion factor of 9 for a colour space as large as comprising 224, i.e. 16 million colours approximately. Furthermore, the data hiding technique employed in this article uses all three planes of a colour image which reduces the number of cover images that would otherwise be needed. Recovery is performed through a simple stacking (XOR) operation and a sequence of random integers.

On Generating Algebraic Equations for A5-Type Key Stream Generator

Algebraic cryptanalysis is a newer and quite successful technique for the security evaluation of stream ciphers as well as a threat to the structures which are resistant to other types of attacks. Originally algebraic attacks were proved to be successful against ciphers having combining or filtering Boolean function along with the linear part. Very successful attacks have been mounted on ciphers with nonlinear components with or without memory [1–5]. So far the most successful attacks are on a particular design having two components: a nonlinear filter or combining function and a linear component of one or many LFSRs. However, algebraic attack on somewhat different structures of stream ciphers has not been much studied yet. Clock control is also one of the mechanisms employed to introduce nonlinearity into a key stream generator built from linear feedback shift registers. Algebraic attacks against clock-controlled stream ciphers have recently been studied by Sultan AH, Lynn B, Bernard C, Kenneth W [6], which to our knowledge is the first work in this direction. Although LILI 128 is also a clock-controlled cipher and successful algebraic attacks can be found against it [4], for its clock-controlled part, guessing is being used. The work in [6] basically involves stream ciphers such as the stop-and-go generator, alternating step generator, self-decimated, and step1/step2 generator in which one or more LFSRs are irregularly clocked and their clocking depends on some regularly clocked LFSR. This attack is based on the general assumption that the output bit of one shift register controls the clocking of other registers in the system and produces a family of equations relating the output bits to the internal state bits. This chapter aims at finding how practical can it be to mount an algebraic attack on A5/1 in which none of the LFSRs are regularly clocked. Because the feasibility of the algebraic attack has not yet been explored against it, the objective of this research is to mount an algebraic attack against an A5/1-type clock-controlled generator. The A5 key stream generator has a long history of cryptanalytic attacks against it. Most of the attacks are divide and conquer, time–memory trade-off attacks which exploit some of the weaknesses in the algorithm such as the relatively small number

Experimental Results on Algebraic Analysis of Trivium and Tweaked Trivium

Trivium is an eSTREAM candidate cipher first proposed in 2005. It has a key length of 80 while an internal state of 288 bits. Its internal state bits can be related to output bits with simple algebraic equations, but non-linear update results in rising degree of equations with time. Recently a tweaked structure of Trivium is also proposed. This article presents algebraic analysis of the key generating structure of both versions. Our experiments target to recover the internal state bits rather than the key bits, as is generally the case in algebraic cryptanalysis. Our approach is to solve practically the varying degree equations of Trivium structure, with some guessed bits using Groebner basis algorithm. Our analysis shows that although tweaked structure offer more complex equations, still it is not suitable to provide a security level of 128 bits.

Improved Results on Algebraic Cryptanalysis of A5/2

Algebraic analysis of A5/2, the weaker version of GSM encryption algorithm, is presented in this article. We have enhanced existing cryptanalysis of A5/2 in terms of data requirement. Experimental results using an implementation of Groebner basis algorithm are presented. It has been found that state bits of the cipher can be recovered in fewer number of data frames than required in a previous efficient attack against GSM communication. Number of data frames required for both known-plaintext and ciphertext-only attacks can be reduced if linearization is replaced by Groebner basis technique without changing the time complexity of attack.

On the Security of LBlock against the Cube Attack and Side Channel Cube Attack

In this research, a recently proposed lightweight block cipher LBlock, not tested against the cube attack has been analyzed. 7, 8 and 9 round LBlock have been successfully attacked with complexities of O(210.76), O(211.11) and O(247.00) respectively. For the case of side channel cube attack, full version of LBlock has been attacked using a single bit leakage model with the complexity of O(255.00) cipher evaluations. For this purpose, a generic practical platform has been developed to test various stream and block ciphers against the latest cube attack.

Resistance of Stream Ciphers to Algebraic Recovery of Internal Secret States

Cryptanalysis is also a tool to measure the strength of a cipher in terms of its resistance against different types of attacks. Every new proposed design ensures at least that it is resistant to the existing attacks. Algebraic attack is now quite a familiar threat for stream ciphers. Moreover, to make out the design components that can strengthen a cipher against algebraic cryptanalysis must also be of interest to stream cipher designers. Algebraic cryptanalysis, in its general form, aims to recover the internal secret state bits of the registers of the cipher by solving non-linear algebraic equations. That is why it is considered to be not applicable on stream ciphers where registers are updated non-linearly. Since in this case degree of algebraic equations, which relate internal states with key-stream bits, increase with each clock. However different designs with nonlinear update may offer disparate levels of resistance. In this article we compare some recently proposed structures of stream ciphers and identify the level of resistance their design shows against gaining the secret internal states. We analyze eSTREAM proposed stream ciphers Grain, Trivium and Mickey and also compare their key generating structures. Mickey and Grain-128 are found to be more resistant than Grain-v1 and Trivium.

Algebraic Side Channel Attack on Trivium and Grain Ciphers

Solving a system of multivariate quadratic equations obtained through algebraic cryptanalysis is a nondeterministic polynomial time-complete problem. Owing to the trend of stream ciphers based on nonlinear update, the success of algebraic attacks has been limited to their reduced variants. On the other hand, side channel attacks (SCAs), although require a continued access to the target device for capturing leakages, are a potent threat against the stream ciphers. Algebraic SCA (ASCA) combines and solves equations obtained through algebraic cryptanalysis and partial SCA of cipher implementation. ASCA is successfully being applied against block ciphers since 2009; however, there is no existing published work on ASCA against stream ciphers as per our knowledge. In this paper, we propose an idea of mounting ASCA on stream ciphers, and we demonstrated it through the application of ASCA on trivium and grain stream ciphers.