Muhammad Reza Z'aba

Bit-Pattern Based Integral Attack

Integral attacks are well-known to be effective against byte-based block ciphers. In this document, we outline how to launch integral attacks against bit-based block ciphers. This new type of integral attack traces the propagation of the plaintext structure at bit-level by incorporating bit-pattern based notations. The new notation gives the attacker more details about the properties of a structure of cipher blocks. The main difference from ordinary integral attacks is that we look at the pattern the bits in a specific position in the cipher block has through the structure. The bit-pattern based integral attack is applied to Noekeon, Serpent and present reduced up to 5, 6 and 7 rounds, respectively. This includes the first attacks on Noekeon and present using integral cryptanalysis. All attacks manage to recover the full subkey of the final round.

S-box construction from non-permutation power functions

A substitution box (s-box) is a nonlinear component function used in most block ciphers. It must fulfill several cryptographic properties such as high nonlinearity, low differential uniformity and complex algebraic expression to resist against linear, differential and interpolation attacks. In this paper, we extend and improve the s-box construction method proposed by Mamadolimov et al. [26, 27] which construct an s-box from power and binomial functions over the finite field F28. We study the cryptographic properties exhibited from our s-box and do a comparative analysis with several known 8X8 bijective s-boxes. Our analysis shows that our proposed s-box is ranked seventh compared to known 8X8 bijective s-boxes in terms of strong cryptographic properties. It even surpasses some known s-boxes used in popular block ciphers.

AES: Current security and efficiency analysis of its alternatives

The Advanced Encryption Standard (AES) has been in existence over the last 11 years. It was widely accepted as the de facto standard in many security-related applications such as SSL/TLS, Microsoft BitLocker Drive Encryption, Skype and many others. Recently in 2011, the AES was claimed to be theoretically broken in the single-key attack model using a new technique called biclique. Just two years before in 2009, the AES with 192- and 256- bit keys were found to be theoretically broken in the related-key attack model. This paper reviews existing attacks on the AES and evaluates the efficiency of recent block cipher proposals as alternatives to the AES. These block ciphers were proposed to patch the AES against the related-key type of attack.

Randomness analysis on LED block ciphers

In this paper, we present the statistical test of randomness on the Light Encryption Device (LED) Block Cipher. LED is a lightweight block cipher with a 64-bit block size and variable key lengths from 64 to 128 bits (in multiple of 16 bits). The randomness testing was performed using NIST Statistical Test Suite. The tests were performed on reduced rounds of LED with key sizes of 64-, 96- and 128-bits. Our analysis shows that all LED variants tested appear to be random based on the 1% significance level.

An Observation of Cryptographic Properties of 256 One-Dimensional Cellular Automata Rules

The robustness of a cryptographic system substantially depends on its underlying elements. Boolean functions are the most frequently used elements in various cryptographic systems, be it block ciphers, stream ciphers and hash functions. However, constructing Boolean functions satisfying all fundamental cryptographic properties are not trivial. We study the cryptographic properties of Boolean functions of biological system namely one-dimensional Cellular Automata (CA) and show that some of its Boolean functions satisfy all mentioned properties on levels very close to optimal and therefore can be recommended as cryptographically strong Boolean function.

Implementation of PRINCE algorithm in FPGA

This paper presents a hardware implementation of the PRINCE block cipher in Field Programmable Gate Array (FPGA). In many security applications, the software implementations of cryptographic algorithms are slow and inefficient. In order to solve the problems, a new FPGA architecture was proposed to speed up the performance and flexibility of PRINCE algorithm. The concurrent computing design allows an encryption block data of 64 bits within one clock cycle, reducing the hardware area and producing a high throughput and low latency. It also showed high speed processing and consumed low power. To do this, firstly, the encryption, decryption and key schedule are all implemented with small hardware resources, Next, an efficient hardware architectural model for PRINCE algorithms was developed using very high speed integrated circuit hardware description language (VHDL). Finally, the VHDL design for PRINCE algorithm was synthesized in FPGA boards. Two FPGA boards were used in this study, which are Virtex-4 and Virtex-6. The results show a throughput of 2.03 Gbps and efficiency of 2.126 Mbps/slice for Virtex-4, whereas a throughput of 4.18 Gbps and efficiency of 8.681 Mbps/slice for Virtex-6.

Linearity within the SMS4 block cipher

We present several new observations on the SMS4 block cipher, and discuss their cryptographic significance. The crucial observation is the existence of fixed points and also of simple linear relationships between the bits of the input and output words for each component of the round functions for some input words. This implies that the nonlinear function T of SMS4 does not appear random and that the linear transformation provides poor diffusion. Furthermore, the branch number of the linear transformation in the key scheduling algorithm is shown to be less than optimal. The main security implication of these observations is that the round function is not always non-linear. Due to this linearity, it is possible to reduce the number of effective rounds of SMS4 by four. We also investigate the susceptibility of SMS4 to further cryptanalysis. Finally, we demonstrate a successful differential attack on a slightly modified variant of SMS4. These findings raise serious questions on the security provided by SMS4.

Securing electrical substation's wireless messaging with a Lightweight Crypto-Algorithm IP core

Monitoring assets such as remote electrical substations and remote small power stations often pose challenges to utility companies. Often, cheap solutions to monitor and to provide an online control for these assets are by means of cellular. However, using this kind of communication requires proper security measures, but not at the expense of cost. Therefore, to improve security of wireless communication of these remote assets, we would like to propose a light-weight crypto-algorithm in the form hardware circuits called IP core. The crypto-algorithm has been implemented within an environment of microprocessor system on a XILINX Field Programmable Logic Arrays chip. A complete microprocessor system consists of Micro-Blaze processor, memory, serial communication and a light-weight crypto-algorithm can be fitted on a single XILINX VIRTEX chip. We have tested the system with a simplified version of the crypto-algorithm on a VIRTEX evaluation board, using GSM modems communicate over a cellular network.

On the security and practicality of a buyer seller watermarking protocol for DRM

A buyer seller watermarking (BSW) protocol allows a seller of digital content to prove to a third party that a buyer illegally distributed copies of content when these copies are found. It also protects an honest buyer from being falsely accused of such an act by the seller. We examine the security and practicality of a recent BSW protocol for Digital Rights Management (BSW-DRM) proposed in SIN 2009. We show that the protocol contains weaknesses, which may result in successful replay, modification and content piracy. Furthermore, the heavy reliance on the fully trusted Certificate Authority has its security concern and it is also less practical to be applied in current digital content distribution systems. We further suggest possible improvements based on the many protocols proposed prior to this protocol.