Showing papers on "Block cipher published in 2019"

Enhancing speed of SIMON: A light-weight-cryptographic algorithm for IoT applications

Abstract: Multimedia communication is revolutionizing all major spheres of human life. The advent of IoT and its applications in many fields like sensing, healthcare and industry, result exponential increase in multimedia data, that needs to be shared over insecure networks. IoT driven setups are however constrained in terms of resources as a result of their small size. From data security point of view a conventional algorithms cannot be used for data encryption on an IoT platform given the resource constraints. The work presented in this paper studies the performance of SIMON cryptographic algorithm and proposes a light-weight-cryptography algorithm based on SIMON for its possible use in an IoT driven setup. The focus is on speed enhancement benefitting from software prospective, making it different than common studies mostly reflecting hardware implementations. To achieve performance in practical prospective, the contribution looks into SIMON cipher’s characteristics considering utilizing it for internet of things (IoT) healthcare applications. The paper suggests further improvement to implement the original SIMON cryptography in order to reduce the encryption time and maintain the practical trade-off between security and performance. The proposed work has been compared to Advanced Encryption Standard (AES) and the original SIMON block cipher algorithms in terms of execution time, memory consumption. The results show that the proposed work is suitable for securing data in an IoT driven setup.

Triathlon of Lightweight Block Ciphers for the Internet of Things

Abstract: In this paper, we introduce a framework for the benchmarking of lightweight block ciphers on a multitude of embedded platforms Our framework is able to evaluate the execution time, RAM footprint, as well as binary code size, and allows one to define a custom “figure of merit” according to which all evaluated candidates can be ranked We used the framework to benchmark implementations of 19 lightweight ciphers, namely AES, Chaskey, Fantomas, HIGHT, LBlock, LEA, LED, Piccolo, PRESENT, PRIDE, PRINCE, RC5, RECTANGLE, RoadRunneR, Robin, Simon, SPARX, Speck, and TWINE, on three microcontroller platforms: 8-bit AVR, 16-bit MSP430, and 32-bit ARM Our results bring some new insights into the question of how well these lightweight ciphers are suited to secure the Internet of things The benchmarking framework provides cipher designers with an easy-to-use tool to compare new algorithms with the state of the art and allows standardization organizations to conduct a fair and consistent evaluation of a large number of candidates

A Novel Construction of Efficient Substitution-Boxes Using Cubic Fractional Transformation.

Abstract: A symmetric block cipher employing a substitution-permutation duo is an effective technique for the provision of information security. For substitution, modern block ciphers use one or more substitution boxes (S-Boxes). Certain criteria and design principles are fulfilled and followed for the construction of a good S-Box. In this paper, an innovative technique to construct substitution-boxes using our cubic fractional transformation (CFT) is presented. The cryptographic strength of the proposed S-box is critically evaluated against the state of the art performance criteria of strong S-boxes, including bijection, nonlinearity, bit independence criterion, strict avalanche effect, and linear and differential approximation probabilities. The performance results of the proposed S-Box are compared with recently investigated S-Boxes to prove its cryptographic strength. The simulation and comparison analyses validate that the proposed S-Box construction method has adequate efficacy to generate efficient candidate S-Boxes for usage in block ciphers.

Implementing Grover oracles for quantum key search on AES and LowMC.

Abstract: Grover’s search algorithm gives a quantum attack against block ciphers by searching for a key that matches a small number of plaintext-ciphertext pairs. This attack uses \(O(\sqrt{N})\) calls to the cipher to search a key space of size N. Previous work in the specific case of AES derived the full gate cost by analyzing quantum circuits for the cipher, but focused on minimizing the number of qubits.

Lightweight Cryptography for Internet of Insecure Things: A Survey

Abstract: This paper surveys Lightweight Cryptographic solutions for Internet of Things (IoT). This survey covers comprehensively a flow of security measures from Lightweight Cryptographic solutions to comparison among different types of block ciphers. It also includes comparison between Hardware vs Software solutions and different recent approaches of the most trusted and researched block cipher, Advanced Encryption Standard (AES) in terms of architecture, Mix-Column/S-box modify strategy and attacks for IoT security. According to the study, lightweight AES has proved to be a good security solution for constrained IoT devices.

PRISEC: Comparison of Symmetric Key Algorithms for IoT Devices

Abstract: With the growing number of heterogeneous resource-constrained devices connected to the Internet, it becomes increasingly challenging to secure the privacy and protection of data. Strong but efficient cryptography solutions must be employed to deal with this problem, along with methods to standardize secure communications between these devices. The PRISEC module of the UbiPri middleware has this goal. In this work, we present the performance of the AES (Advanced Encryption Standard), RC6 (Rivest Cipher 6), Twofish, SPECK128, LEA, and ChaCha20-Poly1305 algorithms in Internet of Things (IoT) devices, measuring their execution times, throughput, and power consumption, with the main goal of determining which symmetric key ciphers are best to be applied in PRISEC. We verify that ChaCha20-Poly1305 is a very good option for resource constrained devices, along with the lightweight block ciphers SPECK128 and LEA.

A Novel S-Box Design Algorithm Based on a New Compound Chaotic System

Abstract: Substitution-boxes (S-Boxes) are important non-linear components in block cryptosystem, which play an important role in the security of cryptosystems. Constructing S-Boxes with a strong cryptographic feature is an important step in designing block cipher systems. In this paper, a novel algorithm for constructing S-Boxes based on a new compound chaotic system is presented. Firstly, the new chaotic system, tent–logistic system, is proposed, which has better chaotic performance and wider chaotic range than the tent and logistic system, and can not only increase the randomness of the chaotic sequences but also expand the key space of cryptosystems. Secondly, a novel linear mapping is employed to construct the initial S-Box. Then, the permutation operation on the initial S-Box is performed by using chaotic sequence generated with the tent–logistic system, which improves the cryptographic features of the S-Box. The idea behind the proposed work is to make supplementary safe S-box. Detail tests for cryptographic strength of the proposed S-Box are performed by using different standard benchmarks. The test results and performance analysis show that our proposed S-Box has very smaller values of linear probability (LP) and differential probability (DP) and a satisfactory average value of nonlinearity compared with other S-Boxes, showing its excellent application potential in block cipher system.

Image encryption using block cipher and chaotic sequences

Abstract: Encryption of data with high correlation, such as images, is a challenge for block ciphers, since patterns of the original image may remain after encryption. This is due to the deterministic mapping performed by the cipher. To overcome this limitation, a block cipher is used in an adequate mode of operation, such as cipher block chaining, counter mode. It is presented in this work randomized block ciphers inspired by the Rijndael architecture employing chaotic maps as an entropy source. It is shown that the proposal achieves good security and robustness indicators with fewer rounds compared to that obtained with the Rijndael algorithm.

DLCT: A New Tool for Differential-Linear Cryptanalysis

Abstract: Differential cryptanalysis and linear cryptanalysis are the two best-known techniques for cryptanalysis of block ciphers. In 1994, Langford and Hellman introduced the differential-linear (DL) attack based on dividing the attacked cipher E into two subciphers \(E_0\) and \(E_1\) and combining a differential characteristic for \(E_0\) with a linear approximation for \(E_1\) into an attack on the entire cipher E. The DL technique was used to mount the best known attacks against numerous ciphers, including the AES finalist Serpent, ICEPOLE, COCONUT98, Chaskey, CTC2, and 8-round DES.

Quantum Security Analysis of AES

Abstract: In this paper we analyze for the first time the post-quantum security of AES. AES is the most popular and widely used block cipher, established as the encryption standard by the NIST in 2001. We consider the secret key setting and, in particular, AES-256, the recommended primitive and one of the few existing ones that aims at providing a post-quantum security of 128 bits. In order to determine the new security margin, i.e., the lowest number of non-attacked rounds in time less than 2128 encryptions, we first provide generalized and quantized versions of the best known cryptanalysis on reduced-round AES, as well as a discussion on attacks that don’t seem to benefit from a significant quantum speed-up. We propose a new framework for structured search that encompasses both the classical and quantum attacks we present, and allows to efficiently compute their complexity. We believe this framework will be useful for future analysis.Our best attack is a quantum Demirci-Selcuk meet-in-the-middle attack. Unexpectedly, using the ideas underlying its design principle also enables us to obtain new, counter-intuitive classical TMD trade-offs. In particular, we can reduce the memory in some attacks against AES-256 and AES-128.One of the building blocks of our attacks is solving efficiently the AES S-Box differential equation, with respect to the quantum cost of a reversible S-Box. We believe that this generic quantum tool will be useful for future quantum differential attacks. Judging by the results obtained so far, AES seems a resistant primitive in the post-quantum world as well as in the classical one, with a bigger security margin with respect to quantum generic attacks.

Algebraic Cryptanalysis of STARK-Friendly Designs: Application to MARVELlous and MiMC

Abstract: The block cipher Jarvis and the hash function Friday, both members of the MARVELlous family of cryptographic primitives, are among the first proposed solutions to the problem of designing symmetric-key algorithms suitable for transparent, post-quantum secure zero-knowledge proof systems such as ZK-STARKs. In this paper we describe an algebraic cryptanalysis of Jarvis and Friday and show that the proposed number of rounds is not sufficient to provide adequate security. In Jarvis, the round function is obtained by combining a finite field inversion, a full-degree affine permutation polynomial and a key addition. Yet we show that even though the high degree of the affine polynomial may prevent some algebraic attacks (as claimed by the designers), the particular algebraic properties of the round function make both Jarvis and Friday vulnerable to Grobner basis attacks. We also consider MiMC, a block cipher similar in structure to Jarvis. However, this cipher proves to be resistant against our proposed attack strategy. Still, our successful cryptanalysis of Jarvis and Friday does illustrate that block cipher designs for “algebraic platforms” such as STARKs, FHE or MPC may be particularly vulnerable to algebraic attacks.

A Novel Cryptographic Substitution Box Design Using Gaussian Distribution

Abstract: In this paper, a novel method is being proposed to construct a substitution box or Boolean function for block ciphers using Gaussian distribution and linear fractional transform. The substitution box is constructed by employing a linear fractional transform based on Box–Muller transform, polarization decision, and central limit algorithm. The cryptographic strength of the proposed S-boxes is evaluated with standardized tests such as linear approximation probability, unified averaged changed intensity, bit independent criterion, histogram analysis, nonlinearity score, strict avalanche criterion, and differential approximation probability. The results show that the proposed substitution box achieves better cryptographic strength as compared with the state-of-the-art techniques.

Application Based Construction and Optimization of Substitution Boxes Over 2D Mixed Chaotic Maps

Abstract: Chaotic maps play a vital role in the development of cryptographic techniques being used in today’s world. Efficient and highly secure algorithms can be constructed based on chaotic maps. Chaotic maps have the intrinsic property of being highly sensitive to initial conditions. In this paper, we have presented a novel scheme for construction and optimization of substitution boxes (S-boxes) based on mixed two dimensional (2D) chaotic maps in which cryptographic properties of S-boxes are optimized based on initial conditions of their parent 2D chaotic map. The proposed scheme and the resulting substitution boxes are analyzed with existing cryptanalysis techniques and their results have been compared with some other algorithms available in literature. The proposed scheme has been found to be more efficacious than other algorithms. The outcomes of security analysis indicate that our proposed technique and resulting optimized non-linear component in the current era of information technology.

A new construction of confusion component of block ciphers

Abstract: Confusion is one of the most important component of modern block ciphers. The security of modern encryption scheme is based on substitution and permutation network (SP-network). The idea of SP-network was proposed by Claude Shannon in 1949. Construction of optimal confusion component (substitution box) has been a prominent topic of interest. In this article, we have proposed a new technique for the construction of S-boxes which fulfill the required cryptographic properties. Our proposed scheme utilized double affine transformation which gives nonlinearity of 112 for each primitive irreducible polynomials of degree 8. The simulation results of our proposed nonlinear component are compared with some recently suggested substitution boxes (S-boxes) which demonstrate that the proposed scheme is more capable to construct strong nonlinear component of block encryption systems.

CRAFT: Lightweight Tweakable Block Cipher with Efficient Protection Against DFA Attacks

Abstract: Traditionally, countermeasures against physical attacks are integrated into the implementation of cryptographic primitives after the algorithms have been designed for achieving a certain level of cryptanalytic security. This picture has been changed by the introduction of PICARO, ZORRO, and FIDES, where efficient protection against Side-Channel Analysis (SCA) attacks has been considered in their design. In this work we present the tweakable block cipher CRAFT: the efficient protection of its implementations against Differential Fault Analysis (DFA) attacks has been one of the main design criteria, while we provide strong bounds for its security in the related-tweak model. Considering the area footprint of round-based hardware implementations, CRAFT outperforms the other lightweight ciphers with the same state and key size. This holds not only for unprotected implementations but also when fault-detection facilities, side-channel protection, and their combination are integrated into the implementation. In addition to supporting a 64-bit tweak, CRAFT has the additional property that the circuit realizing the encryption can support the decryption functionality as well with very little area overhead.

A fast double-keyed authenticated image encryption scheme using an improved chaotic map and a butterfly-like structure

Abstract: Authenticated image encryption is crucial in handling top-secret images. To ensure confidentiality, authenticated encryption supplies legal validity for the image data. We propose a novel modified logistic map with an expanded key space, an integer-based key generation algorithm and an authenticated image encryption algorithm for block ciphers using a modified logistic map and a butterfly-like structure. The key that is used to encrypt images also aids in detecting content tampering of the images. The performance evaluations demonstrate that the proposed encryption method is fast and invulnerable to attacks and has a large key space. Additionally, the designed algorithm can assess the credibility of the data. Moreover, eight keys are used in decryption compared to four in encryption, which strengthens the security. Therefore, this algorithm can be used in real-time scenarios.

Efficient and Secure Multiparty Computation from Fixed-Key Block Ciphers.

Abstract: Many implementations of secure computation use fixed-key AES (modeled as a random permutation); this results in substantial performance benefits due to existing hardware support for AES and the ability to avoid recomputing the AES key schedule. Surveying these implementations, however, we find that most utilize AES in a heuristic fashion; in the best case this leaves a gap in the security proof, but in many cases we show it allows for explicit attacks.Motivated by this unsatisfactory state of affairs, we initiate a comprehensive study of how to use fixed-key block ciphers for secure computation—in particular for OT extension and circuit garbling—efficiently and securely. Specifically:•We consider several notions of pseudorandomness for hash functions (e.g., correlation robustness), and show provably secure schemes for OT extension, garbling, and other applications based on hash functions satisfying these notions.•We provide provably secure constructions, in the (non-programmable) random-permutation model, of hash functions satisfying the different notions of pseudorandomness we consider.Taken together, our results provide end-to-end security proofs for implementations of secure-computation protocols based on fixed-key block ciphers (modeled as random permutations). Perhaps surprisingly, at the same time our work also results in noticeable performance improvements over the state-of-the-art.

MILP-aided Method of Searching Division Property Using Three Subsets and Applications

Abstract: Division property is a generalized integral property proposed by Todo at EUROCRYPT 2015, and then conventional bit-based division property (CBDP) and bit-based division property using three subsets (BDPT) were proposed by Todo and Morii at FSE 2016. At the very beginning, the two kinds of bit-based division properties once couldn’t be applied to ciphers with large block size just because of the huge time and memory complexity. At ASIACRYPT 2016, Xiang et al. extended Mixed Integer Linear Programming (MILP) method to search integral distinguishers based on CBDP. BDPT can find more accurate integral distinguishers than CBDP, but it couldn’t be modeled efficiently.

A Prospective Lightweight Block Cipher for Green IT Engineering

Abstract: This chapter provides general requirements to modern block ciphers required for implementation at lightweight cryptographic transformations for critical distributed environment applications with Green IT conformance. It is given an overview of well-known block ciphers and lightweight primitives PRESENT and CLEFIA, defined at ISO/IEC 29192-2. It is given a specification of the lightweight block cipher Cypress that was recently developed and presented in Ukraine. Cypress does not use heavy computation operations, nor require any precomputed tables that allows efficient hardware implementation. The Cypress performance in software is approximately three times higher than AES one on Windows, Linux and Android platforms.

One Trace Is All It Takes: Machine Learning-Based Side-Channel Attack on EdDSA

Abstract: Profiling attacks, especially those based on machine learning proved as very successful techniques in recent years when considering side-channel analysis of block ciphers implementations. At the same time, the results for implementations of public-key cryptosystems are very sparse. In this paper, we consider several machine learning techniques in order to mount a power analysis attack on EdDSA using the curve Curve25519 as implemented in WolfSSL. The results show all considered techniques to be viable and powerful options. Especially convolutional neural networks (CNNs) are effective as we can break the implementation with only a single measurement in the attack phase while requiring less than 500 measurements in the training phase. Interestingly, that same convolutional neural network was recently shown to perform extremely well for attacking the implementation of the AES cipher. Our results show that some common grounds can be established when using deep learning for profiling attacks on distinct cryptographic algorithms and their corresponding implementations.

4-Round Luby-Rackoff Construction is a qPRP

Abstract: The Luby-Rackoff construction, or the Feistel construction, is one of the most important approaches to construct secure block ciphers from secure pseudorandom functions. The 3- and 4-round Luby-Rackoff constructions are proven to be secure against chosen-plaintext attacks (CPAs) and chosen-ciphertext attacks (CCAs), respectively, in the classical setting. However, Kuwakado and Morii showed that a quantum superposed chosen-plaintext attack (qCPA) can distinguish the 3-round Luby-Rackoff construction from a random permutation in polynomial time. In addition, Ito et al. recently showed a quantum superposed chosen-ciphertext attack (qCCA) that distinguishes the 4-round Luby-Rackoff construction. Since Kuwakado and Morii showed the result, a problem of much interest has been how many rounds are sufficient to achieve provable security against quantum query attacks. This paper answers to this fundamental question by showing that 4-rounds suffice against qCPAs. Concretely, we prove that the 4-round Luby-Rackoff construction is secure up to \(O(2^{n/12})\) quantum queries. We also give a query upper bound for the problem of distinguishing the 4-round Luby-Rackoff construction from a random permutation by showing a distinguishing qCPA with \(O(2^{n/6})\) quantum queries. Our result is the first to demonstrate the security of a typical block-cipher construction against quantum query attacks, without any algebraic assumptions. To give security proofs, we use an alternative formalization of Zhandry’s compressed oracle technique.

How to Build Pseudorandom Functions from Public Random Permutations

Abstract: Pseudorandom functions are traditionally built upon block ciphers, but with the trend of permutation based cryptography, it is a natural question to investigate the design of pseudorandom functions from random permutations. We present a generic study of how to build beyond birthday bound secure pseudorandom functions from public random permutations. We first show that a pseudorandom function based on a single permutation call cannot be secure beyond the \(2^{n/2}\) birthday bound, where n is the state size of the function. We next consider the Sum of Even-Mansour (SoEM) construction, that instantiates the sum of permutations with the Even-Mansour construction. We prove that SoEM achieves tight \(2n{/}3\)-bit security if it is constructed from two independent permutations and two randomly drawn keys. We also demonstrate a birthday bound attack if either the permutations or the keys are identical. Finally, we present the Sum of Key Alternating Ciphers (SoKAC) construction, a translation of Encrypted Davies-Meyer Dual to a public permutation based setting, and show that SoKAC achieves tight \(2n{/}3\)-bit security even when a single key is used.

DNA Encoding and Channel Shuffling for Secured Encryption of Audio Data

Abstract: Multimedia file like audio demands special encryption technique due to its large data capacity without compromising correlation between it’s original and encrypted version (closer to zero). Most of the popular block cipher techniques work on multiple rounds whereas the proposed scheme guarantees the necessary low correlation between the original and the encrypted file without multiple rounds. The unique feature is that the consecutive blocks use different keys derived from the original one using the proposed key chaining algorithm and experimental results show that the correlation between the consecutive keys is also close to zero. The used encryption technique is based on DNA encoding with logistic chaotic map using the generated chain of keys. Furthermore, the concept of channel shuffling is introduced to make the encrypted data more secure. The experimental results confirm that the correlation between the original and ciphered block is close to zero and number of samples change rate value is close to 100. Again correlation between the two consecutive ciphered blocks is also close to zero, which conforms the acceptability of proposed scheme.

FPGA Modeling and Optimization of a SIMON Lightweight Block Cipher.

Abstract: Security of sensitive data exchanged between devices is essential. Low-resource devices (LRDs), designed for constrained environments, are increasingly becoming ubiquitous. Lightweight block ciphers provide confidentiality for LRDs by balancing the required security with minimal resource overhead. SIMON is a lightweight block cipher targeted for hardware implementations. The objective of this research is to implement, optimize, and model SIMON cipher design for LRDs, with an emphasis on energy and power, which are critical metrics for LRDs. Various implementations use field-programmable gate array (FPGA) technology. Two types of design implementations are examined: scalar and pipelined. Results show that scalar implementations require 39% less resources and 45% less power consumption. The pipelined implementations demonstrate 12 times the throughput and consume 31% less energy. Moreover, the most energy-efficient and optimum design is a two-round pipelined implementation, which consumes 31% of the best scalar’s implementation energy. The scalar design that consumes the least energy is a four-round implementation. The scalar design that uses the least area and power is the one-round implementation. Balancing energy and area, the two-round pipelined implementation is optimal for a continuous stream of data. One-round and two-round scalar implementations are recommended for intermittent data applications.

FeW: A Lightweight Block Cipher

Abstract: In this paper, we propose a new lightweight block cipher \textit{FeW} which encrypts plaintext in the blocks of 64-bit using 80/128 bits key to produce 64-bit ciphertext. We also propose a new structure namely \emph{Feistel-M structure} by admixture of Feistel and 4-branch generalised Feistel structures. This new structure significantly contributes to enhance the security margins of our design against the basic cryptanalytic attacks like differential, linear and impossible differential attacks. Security analysis signifies that \emph{FeW} has enough security margins against these cryptanalytic attacks and it can resist any key recovery attack beyond 17 rounds with the complexity better than $ 2^{64} $.

Construction of new S-boxes based on triangle groups and its applications in copyright protection

Abstract: Substitution boxes with resilient cryptographic possessions are normally utilized in block ciphers to give the substantial property of nonlinearity. They are important to resist standard attacks such as linear and differential cryptanalysis. A cryptographically robust S-box must be sound with respect to cryptographic properties like nonlinearity, bit independent criteria, strict avalanche criteria, linear and differential approximation probability. In this paper, we have developed an innovative construction scheme of nonlinear component of block cipher based on the action of projective linear groups on the projective line, and the permutation triangle groups. This nonlinear component, namely S-box, is responsible for making the relation between plaintext and ciphertext intractable which is one of the most important requirements of any modern block ciphers. By widening the scope of the proposed S-boxes, we have applied these lightweight nonlinear components in watermarking scheme.

Forkcipher: A New Primitive for Authenticated Encryption of Very Short Messages

Abstract: Highly efficient encryption and authentication of short messages is an essential requirement for enabling security in constrained scenarios such as the CAN FD in automotive systems (max. message size 64 bytes), massive IoT, critical communication domains of 5G, and Narrowband IoT, to mention a few. In addition, one of the NIST lightweight cryptography project requirements is that AEAD schemes shall be “optimized to be efficient for short messages (e.g., as short as 8 bytes)”. In this work we introduce and formalize a novel primitive in symmetric cryptography called a forkcipher. A forkcipher is a keyed function expanding a fixed-length input to a fixed-length output. We define its security as indistinguishability under chosen ciphertext attack. We give a generic construction validation via the new iterate-fork-iterate design paradigm. We then propose ForkSkinny as a concrete forkcipher instance with a public tweak and based on SKINNY: a tweakable lightweight block cipher constructed using the TWEAKEY framework. We conduct extensive cryptanalysis of ForkSkinny against classical and structure-specific attacks. We demonstrate the applicability of forkciphers by designing three new provably-secure, nonce-based AEAD modes which offer performance and security tradeoffs and are optimized for efficiency of very short messages. Considering a reference block size of 16 bytes, and ignoring possible hardware optimizations, our new AEAD schemes beat the best SKINNY-based AEAD modes. More generally, we show forkciphers are suited for lightweight applications dealing with predominantly short messages, while at the same time allowing handling arbitrary messages sizes. Furthermore, our hardware implementation results show that when we exploit the inherent parallelism of ForkSkinny we achieve the best performance when directly compared with the most efficient mode instantiated with the SKINNY block cipher.

A Statistical Fault Analysis Methodology for the Ascon Authenticated Cipher

Abstract: Authenticated ciphers are trending in secret key cryptography, since they combine confidentiality, integrity, and authentication into one algorithm, and offer potential efficiencies over the use of separate block ciphers and keyed hashes. Current cryptographic contests and standardization efforts are evaluating authenticated ciphers for weaknesses, to include implementation vulnerabilities, such as fault attacks. In this paper, we analyze fault attacks against the Ascon authenticated cipher, which was selected by CAESAR as the first choice for the lightweight use case. We propose a fault attack technique based on statistical ineffective fault analysis (SIFA) using double-fault injection and key dividing. Faults are injected at two selected S-boxes for every encryption during the last round of permutation in the Ascon Finalization stage. The correct tag values, resulting from ineffective fault inductions, are then used to analyze key hypotheses. The complexity of our attack method is a trade-off between the size of key hypothesis search space and the number of double-fault injections. The sufficient number of correct tag values needed to recover a key subset depends on the bias of fault distributions. We perform experiments on a software implementation of Ascon to show that between 12.5 to 2500 correct tag values (i.e., ineffective faults) are enough for key recovery for highly biased to more uniform fault distributions, respectively.

Division cryptanalysis of block ciphers with a binary diffusion layer

Abstract: In this study, the authors propose an accurate approach to model the propagation of the division property of linear layers by the smallest amount of inequalities. The solutions of the inequalities are exactly the division trails of a linear transformation. Therefore, the description is compact and optimal. As applications of their results, they present a 7-round integral distinguisher for both Midori64 and Midori128. The designers of Midori only obtained a 3.5-round integral characteristic. For Skinny64, they find a 10-round integral distinguisher which was previously found by the designers. It is well to remind that their result proves that 7 rounds and 10 rounds are the upper bounds of Midori and Skinny64 correspondingly when searching for integral distinguishers based on division property. The significance of their result lies in that they shed light on how far division cryptanalysis can influence the security analysis of block ciphers with a binary diffusion layer, and their technique can be used to prove security against division cryptanalysis.

A Low Power Cryptography Solution Based on Chaos Theory in Wireless Sensor Nodes

Abstract: Unobtrusive personal data collection by wearable sensors and ambient monitoring has increased concerns about user privacy. Applying cryptography solutions to resource constraint wireless sensors as one of the privacy-preserving solutions demand addressing limited memory and energy resources. In this paper, we set up testbed experiments to evaluate the existing cryptographic algorithms for sensors, such as Skipjack and RC5, which are less secure compared to block cipher based on chaotic (BCC) on existing IEEE802.15.4 based SunSPOT sensors. We have proposed modified BCC (MBCC) algorithm, which uses chaos theory characteristics to achieve higher resistance against statistical and differential attacks while maintaining resource consumption. Our comparison observations show that MBCC outperforms BCC in both energy consumption and RAM usage and that both MBCC and BCC outperform RC5 and Skipjack in terms of security measures, such as entropy and characters frequency. Our comparison analysis of MBCC vs BCC suggests 13.44% lower RAM usage for encryption and decryption as well as 6.4 and 6.6 times reduced consumed time and energy for encrypting 32-bit data, respectively. Further analysis is reported for increasing the length of MBCC key, periodical generation of master key on the base station and periodical generation of round key on the sensors to prevent the brute-force attacks. An overall comparison of cipher techniques with respect to energy, time, memory and security concludes the suitability of MBCC algorithm for resource constraint wireless sensors with security requirements.