Showing papers on "Cipher published in 2016"

The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS

Abstract: We present a new tweakable block cipher family SKINNY, whose goal is to compete with NSA recent design SIMON in terms of hardware/software performances, while proving in addition much stronger security guarantees with regards to differential/linear attacks. In particular, unlike SIMON, we are able to provide strong bounds for all versions, and not only in the single-key model, but also in the related-key or related-tweak model. SKINNY has flexible block/key/tweak sizes and can also benefit from very efficient threshold implementations for side-channel protection. Regarding performances, it outperforms all known ciphers for ASIC round-based implementations, while still reaching an extremely small area for serial implementations and a very good efficiency for software and micro-controllers implementations SKINNY has the smallest total number of AND/OR/XOR gates used for encryption process. Secondly, we present MANTIS, a dedicated variant of SKINNY for low-latency implementations, that constitutes a very efficient solution to the problem of designing a tweakable block cipher for memory encryption. MANTIS basically reuses well understood, previously studied, known components. Yet, by putting those components together in a new fashion, we obtain a competitive cipher to PRINCE in latency and area, while being enhanced with a tweak input.

An efficient and noise resistive selective image encryption scheme for gray images based on chaotic maps and DNA complementary rules

Abstract: A novel image encryption algorithm in streaming mode is proposed which exhaustively employs an entire set of DNA complementary rules alongwith one dimensional chaotic maps. The proposed algorithm is highly efficient due to encrypting the subset of digital image which contains 92.125 % of information. DNA addition operation is carried out on this MSB part. The core idea of the proposed scheme is to scramble the whole image by means of piecewise linear chaotic map (PWLCM) followed by decomposition of image into most significant bits (MSB) and least significant bits (LSB). The logistic sequence is XORed with the decoded MSB and LSB parts separately and finally these two parts are combined to get the ciphered image. The parameters for PWLCM, logistic map and selection of different DNA rules for encoding and decoding of both parts of an image are derived from 128-bit MD5 hash of the plain image. Simulated experimental results in terms of quantitative and qualitative ways prove the encryption quality. Efficiency and robustness against different noises make the proposed cipher a good candidate for real time applications.

On the Security of Permutation-Only Image Encryption Schemes

Abstract: Permutation is a commonly used primitive in multimedia (image/video) encryption schemes, and many permutation-only algorithms have been proposed in recent years for the protection of multimedia data. In permutation-only image ciphers, the entries of the image matrix are scrambled using a permutation mapping matrix which is built by a pseudo-random number generator. The literature on the cryptanalysis of image ciphers indicates that the permutation-only image ciphers are insecure against ciphertext-only attacks and/or known/chosen-plaintext attacks. However, the previous studies have not been able to ensure the correct retrieval of the complete plaintext elements. In this paper, we revisited the previous works on cryptanalysis of permutation-only image encryption schemes and made the cryptanalysis work on chosen-plaintext attacks complete and more efficient. We proved that in all permutation-only image ciphers, regardless of the cipher structure, the correct permutation mapping is recovered completely by a chosen-plaintext attack. To the best of our knowledge, for the first time, this paper gives a chosen-plaintext attack that completely determines the correct plaintext elements using a deterministic method. When the plain-images are of size ${M}\times {N}$ and with ${L}$ different color intensities, the number ${n}$ of required chosen plain-images to break the permutation-only image encryption algorithm is ${n}=\lceil \log _{L}$ ( MN ) $\rceil $ . The complexity of the proposed attack is $O$ ( $n\,\cdot \, {M N}$ ) which indicates its feasibility in a polynomial amount of computation time. To validate the performance of the proposed chosen-plaintext attack, numerous experiments were performed on two recently proposed permutation-only image/video ciphers. Both theoretical and experimental results showed that the proposed attack outperforms the state-of-the-art cryptanalytic methods.

MiMC: Efficient Encryption and Cryptographic Hashing with Minimal Multiplicative Complexity

Abstract: We explore cryptographic primitives with low multiplicative complexity. This is motivated by recent progress in practical applications of secure multi-party computation (MPC), fully homomorphic encryption (FHE), and zero-knowledge proofs (ZK) where primitives from symmetric cryptography are needed and where linear computations are, compared to non-linear operations, essentially “free”. Starting with the cipher design strategy “LowMC” from Eurocrypt 2015, a number of bit-oriented proposals have been put forward, focusing on applications where the multiplicative depth of the circuit describing the cipher is the most important optimization goal.

A Review of Compressive Sensing in Information Security Field

Abstract: The applications of compressive sensing (CS) in the field of information security have captured a great deal of researchers’ attention in the past decade. To supply guidance for researchers from a comprehensive perspective, this paper, for the first time, reviews CS in information security field from two aspects: theoretical security and application security. Moreover, the CS applied in image cipher is one of the most widespread applications, as its characteristics of dimensional reduction and random projection can be utilized and integrated into image cryptosystems, which can achieve simultaneous compression and encryption of an image or multiple images. With respect to this application, the basic framework designs and the corresponding analyses are investigated. Specifically, the investigation proceeds from three aspects, namely, image ciphers based on chaos and CS, image ciphers based on optics and CS, and image ciphers based on chaos, optics, and CS. A total of six frameworks are put forward. Meanwhile, their analyses in terms of security, advantages, disadvantages, and so on are presented. At last, we attempt to indicate some other possible application research topics in future.

A novel image encryption algorithm based on genetic recombination and hyper-chaotic systems

Abstract: In this paper, a novel image encryption algorithm based on genetic recombination and hyper-chaotic system is proposed. The basic rules of genetic recombination are employed to scramble images because of its effectiveness. Specifically, the plain image is expanded into two compound images composed of selected four bit-planes and diffuse them at bit-plane level, the compound bit-planes and key streams are reconstructed based on the principles of genetic recombination, then perform traditional diffusion and obtain cipher images. The hyper-chaotic Lorenz system in this algorithm generates pseudorandom sequences in each phase. The experiment results and analysis have proved that the novel image encryption algorithm is effective for image encryption.

Evaluating Performance of Symmetric Encryption Algorithms

Abstract: The security of information being stored and transmitted is paramount in today's world. Many efficient encryption standards exist for securing classified data from cyber threats. Two common types of encryption algorithms are classified as Symmetric and Asymmetric. With Symmetric encryption, the same key/password is used to cipher and decipher data whereas with Asymmetric algorithms, we have different key/passwords for encryption and decryption. Symmetric algorithms tend to be less complicated than Asymmetric and hence are more widely used. In this paper, we evaluate and compare the performance between the universally used Advanced Encryption Standard (AES) and Blowfish algorithms. The execution time is measured for different types of data string values. The length of the string as well as ASCII value range is also varied.

Ciphers for MPC and FHE.

Abstract: Designing an efficient cipher was always a delicate balance between linear and non-linear operations. This goes back to the design of DES, and in fact all the way back to the seminal work of Shannon.

A pseudorandom number generator based on piecewise logistic map

Abstract: In order to overcome the disadvantages of logistic map in designing chaos-based cipher, the piecewise logistic map (PLM) is presented. Some properties related to cryptography of the PLM, such as ergodicity, Lyapunov exponent, and bifurcation, are analyzed and compared with the logistic map. From the view of cryptography, the PLM owns better properties than the logistic map. Then, a novel pseudorandom number generator (PRNG) based on the PLM is proposed. Since the cryptographic properties of the PLM are enhanced, the presented PRNG achieves a trade-off between efficiency and security. Both performance analysis and simulation test confirm that our scheme is simple, secure, and efficient, with high potential to be adopted as a stream cipher for secure communication.

Bi-level Protected Compressive Sampling

Abstract: Some pioneering works have investigated embedding cryptographic properties in compressive sampling (CS) in a way similar to one-time pad symmetric cipher. This paper tackles the problem of constructing a CS-based symmetric cipher under the key reuse circumstance, i.e., the cipher is resistant to common attacks even when a fixed measurement matrix is used multiple times. To this end, we suggest a bi-level protected CS (BLP-CS) model which makes use of the advantage of measurement matrix construction without restricted isometry property (RIP). Specifically, two kinds of artificial basis mismatch techniques are investigated to construct key-related sparsifying bases. It is demonstrated that the encoding process of BLP-CS is simply a random linear projection, which is the same as the basic CS model. However, decoding the linear measurements requires knowledge of both the key-dependent sensing matrix and its sparsifying basis. The proposed model is exemplified by sampling images as a joint data acquisition and protection layer for resource-limited wireless sensors. Simulation results and numerical analyses have justified that the new model can be applied in circumstances where the measurement matrix can be reused.

A novel sensitive image encryption algorithm based on the Zaslavsky chaotic map

Abstract: In this article, a novel sensitive encryption scheme to secure the digital images based on the Zaslavsky chaotic map is proposed. We employ the Zaslavsky chaotic map as a pseudo-random generator to produce the key encryption of the proposed image cryptosystem. The cipher structure has been chosen based on permutation-diffusion processes, where we adopt the classic permutation substitution network, which ensures both confusion and diffusion properties for the encrypted image. Our proposed algorithm has high sensitivity in plain image and the secret key. Moreover, the results show that the characteristics of our approach have excellent performance, with high scores NPRC = 99.61%, UACI = 33.47%, entropy CipherImage 8, and correlation coefficient 0. Experimental results have been studied and analyzed in detail with various types of security analysis. These results demonstrate that our proposed cryptosystem has highly satisfactory security performance and can withstand various attacks compared to state-of-the-art methods.

A New Image Encryption Scheme Based on Dynamic S-Boxes and Chaotic Maps

Abstract: Substitution box is a unique and nonlinear core component of block ciphers. A better designing technique of substitution box can boost up the quality of ciphertexts. In this paper, a new encryption method based on dynamic substitution boxes is proposed via using two chaotic maps. To break the correlation in an original image, pixels values of the original plaintext image are permuted row- and column-wise through random sequences. The aforementioned random sequences are generated by 2-D Burgers chaotic map. For the generation of dynamic substitution boxes, Logistic chaotic map is employed. In the process of diffusion, the permuted image is divided into blocks and each block is substituted via different dynamic substitution boxes. In contrast to conventional encryption schemes, the proposed scheme does not undergo the fixed block cipher and hence the security level can be enhanced. Extensive security analysis including histogram test is applied on the proposed image encryption technique. All experimental results reveal that the proposed scheme has a high level of security and robustness for transmission of digital images on insecure communication channels.

A Framework for the Analysis and Evaluation of Algebraic Fault Attacks on Lightweight Block Ciphers

Abstract: Algebraic fault analysis (AFA), which combines algebraic cryptanalysis with fault attacks, has represented serious threats to the security of lightweight block ciphers. Inspired by an earlier framework for the analysis of side-channel attacks presented at EUROCRYPT 2009, a new generic framework is proposed to analyze and evaluate algebraic fault attacks on lightweight block ciphers. We interpret AFA at three levels: 1) the target; 2) the adversary; and 3) the evaluator. We describe the capability of an adversary in four parts: 1) the fault injector; 2) the fault model describer; 3) the cipher describer; and 4) the machine solver. A formal fault model is provided to cover most of current fault attacks. Different strategies of building optimal equation set are also provided to accelerate the solving process. At the evaluator level, we consider the approximate information metric and the actual security metric. These metrics can be used to guide adversaries, cipher designers, and industrial engineers. To verify the feasibility of the proposed framework, we make a comprehensive study of AFA on an ultra-lightweight block cipher called LBlock. Three scenarios are exploited, which include injecting a fault to encryption, to key scheduling, or modifying the round number or counter. Our best results show that a single fault injection is enough to recover the master key of LBlock within the affordable complexity in each scenario. To verify the generic feature of the proposed framework, we apply AFA to three other block ciphers, i.e., Data Encryption Standard, PRESENT, and Twofish. The results demonstrate that our framework can be used for different ciphers with different structures.

Midori: A Block Cipher for Low Energy

Abstract: In the past few years, lightweight cryptography has become a popular research discipline with a number of ciphers and hash functions proposed. The designers' focus has been predominantly to minimize the hardware area, while other goals such as low latency have been addressed rather recently only. However, the optimization goal of low energy for block cipher design has not been explicitly addressed so far. At the same time, it is a crucial measure of goodness for an algorithm. Indeed, a cipher optimized with respect to energy has wide applications, especially in constrained environments running on a tight power/energy budget such as medical implants. This paper presents the block cipher Midorii¾?The name of the cipher is the Japanese translation for the word Green. that is optimized with respect to the energy consumed by the circuit per bt in encryption or decryption operation. We deliberate on the design choices that lead to low energy consumption in an electrical circuit, and try to optimize each component of the circuit as well as its entire architecture for energy. An added motivation is to make both encryption and decryption functionalities available by small tweak in the circuit that would not incur significant area or energy overheads. We propose two energy-efficient block ciphers Midori128i¾?and Midori64i¾?with block sizes equal to 128 and 64 bits respectively. These ciphers have the added property that a circuit that provides both the functionalities of encryption and decryption can be designed with very little overhead in terms of area and energy. We compare our results with other ciphers with similar characteristics: it was found that the energy consumptions ofi¾?Midori64i¾? and Midori128i¾? are by far better when compared ciphers like PRINCE and NOEKEON.

ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS)

Abstract: This document describes the use of the ChaCha stream cipher and Poly1305 authenticator in the Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) protocols. This document updates RFCs 5246 and 6347.

Automatic Search of Meet-in-the-Middle and Impossible Differential Attacks

Abstract: Tracking bits through block ciphers and optimizing attacks at hand is one of the tedious task symmetric cryptanalysts have to deal with. It would be nice if a program will automatically handle them at least for well-known attack techniques, so that cryptanalysts will only focus on finding new attacks. However, current automatic tools cannot be used as is, either because they are tailored for specific ciphers or because they only recover a specific part of the attacks and cryptographers are still needed to finalize the analysis. In this paper we describe a generic algorithm exhausting the best meet-in-the-middle and impossible differential attacks on a very large class of block ciphers from byte to bit-oriented, SPN, Feistel and Lai-Massey block ciphers. Contrary to previous tools that target to find the best differential / linear paths in the cipher and leave the cryptanalysts to find the attack using these paths, we automatically find the best attacks by considering the cipher and the key schedule algorithms. The building blocks of our algorithm led to two algorithms designed to find the best simple meet-in-the-middle attacks and the best impossible truncated differential attacks respectively. We recover and improve many attacks on AES, mCRYPTON, SIMON, IDEA, KTANTAN, PRINCE and ZORRO. We show that this tool can be used by designers to improve their analysis.

Chosen-plaintext attack of an image encryption scheme based on modified permutation–diffusion structure

Abstract: Since the first appearance in Fridrich’s design, the usage of permutation–diffusion structure for designing digital image cryptosystem has been receiving increasing research attention in the field of chaos-based cryptography. Recently, a novel chaotic image cipher using a single-round modified permutation–diffusion pattern (ICMPD) was proposed. Unlike traditional permutation–diffusion structure, the permutation of ICMPD is operated on bit level instead of pixel level and its diffusion stage is operated on masked pixels, which are obtained by carrying out the classical affine cipher, instead of plain pixels. Following a divide-and-conquer strategy, this paper reports that ICMPD can be compromised by a chosen-plaintext attack efficiently and the involved data complexity is linear to the size of the plain-image. Moreover, the relationship between the cryptographic kernel at the diffusion stage of ICMPD and the classical modulo addition then XORing operation is explored thoroughly.

Modeling and optimization of the lightweight HIGHT block cipher design with FPGA implementation

Abstract: The growth of low-resource devices has increased rapidly in recent years. Communication in such devices presents two challenges: security and resource limitation. Lightweight ciphers, such as HIGHT cipher, are encryption algorithms targeted for low resource systems. Designing lightweight ciphers in reconfigurable platform e.g., field-programmable gate array provides speedup as well as flexibility. The HIGHT cipher consists of simple operations and provides adequate security level. The objective of this research work is to design, optimize, and model FPGA implementation of the HIGHT cipher. Several optimized designs are presented to minimize the required hardware resources and energy including the scalar and pipeline ones. Our analysis shows that the scalar designs have smaller area and power dissipation, whereas the pipeline designs have higher throughput and lower energy. Because of the fact that obtaining the best performance out of any implemented design mainly requires balancing the design area and energy, our experimental results demonstrate that it is possible to obtain such optimal performance using the pipeline design with two and four rounds per stage as well as with the scalar design with one and eight rounds. Comparing the best implementations of pipeline and scalar designs, the scalar design requires 18% less resources and 10% less power, while the pipeline design has 18 times higher throughput and 60% less energy consumption. Copyright © 2016 John Wiley & Sons, Ltd.

Cryptanalysis of the FLIP Family of Stream Ciphers

Abstract: At Eurocrypt 2016, Meaux et al. proposed FLIP, a new family of stream ciphers intended for use in Fully Homomorphic Encryption systems. Unlike its competitors which either have a low initial noise that grows at each successive encryption, or a high constant noise, the FLIP family of ciphers achieves a low constant noise thanks to a new construction called filter permutator. In this paper, we present an attack on the early version of FLIP that exploits the structure of the filter function and the constant internal state of the cipher. Applying this attack to the two instantiations proposed by Meaux et al. allows for a key recovery in $$2^{54}$$ basic operations resp. $$2^{68}$$, compared to the claimed security of $$2^{80}$$ resp. $$2^{128}$$.

New Insights on AES-Like SPN Ciphers

Abstract: It has been proved in Eurocrypti¾?2016 by Sun et al. that if the details of the S-boxes are not exploited, an impossible differential and a zero-correlation linear hull can extend over at most 4 rounds of the AES. This paper concentrates on distinguishing properties of AES-like SPN ciphers by investigating the details of both the underlying S-boxes and the MDS matrices, and illustrates some new insights on the security of these schemes. Firstly, we construct several types of 5-round zero-correlation linear hulls for AES-like ciphers that adopt identical S-boxes to construct the round function and that have two identical elements in a column of the inverse of their MDS matrices. We then use these linear hulls to construct 5-round integrals provided that the difference of two sub-key bytes is known. Furthermore, we prove that we can always distinguish 5 rounds of such ciphers from random permutations even when the difference of the sub-keys is unknown. Secondly, the constraints for the S-boxes and special property of the MDS matrices can be removed if the cipher is used as a building block of the Miyaguchi-Preneel hash function. As an example, we construct two types of 5-round distinguishers for the hash function Whirlpool. Finally, we show that, in the chosen-ciphertext mode, there exist some nontrivial distinguishers for 5-round AES. To the best of our knowledge, this is the longest distinguisher for the round-reduced AES in the secret-key setting. Since the 5-round distinguisher for the AES can only be constructed in the chosen-ciphertext mode, the security margin for the round-reduced AES under the chosen-plaintext attack may be different from that under the chosen-ciphertext attack.

DNA-Genetic Encryption Technique

Abstract: In this paper, we propose DNA-Genetic Encryption Technique (D-GET) in order to make the technique more secure and less predictable. In this technique, binaries any type of digital data and convert it to DNA sequencing, reshape, encrypt, crossover, mutate and then reshape. The main stages of D-GET are repeated three times or more. Transmit the encrypted data in text/image format file. In other side, the receiver uses the D-GET to decrypt the received data and reshape it to original format. This Technique also transforms the text into an image and vice versa to improve security and multiple key sequences to increase the degree of diffusion and confusion, which makes resulting cipher data difficult to decipher and makes to realize a perfect secrecy system. Experimental results demonstrate that proposed technique has multilayer protection stages against different attacks and higher level of security based on the multi-stages and genetic operations. Decrypted data are acceptable because of there is absolutely difference between it and secret data.

Polytopic Cryptanalysis

Abstract: Standard differential cryptanalysis uses statistical dependencies between the difference of two plaintexts and the difference of the respective two ciphertexts to attack a cipher. Here we introduce polytopic cryptanalysis which considers interdependencies between larger sets of texts as they traverse through the cipher. We prove that the methodology of standard differential cryptanalysis can unambiguously be extended and transferred to the polytopic case including impossible differentials. We show that impossible polytopic transitions have generic advantages over impossible differentials. To demonstrate the practical relevance of the generalization, we present new low-data attacks on round-reduced DES and AES using impossible polytopic transitions that are able to compete with existing attacks, partially outperforming these.

Fast implementation of block ciphers and PRNGs in Maxwell GPU architecture

Abstract: GPU is widely used in various applications that require huge computational power. In this paper, we contribute to the cryptography and high performance computing research community by presenting techniques to accelerate symmetric block ciphers (AES-128, CAST-128, Camellia, SEED, IDEA, Blowfish and Threefish) in NVIDIA GTX 980 with Maxwell architecture. The proposed techniques consider various aspects of block cipher implementation in GPU, including the placement of encryption keys and T-box in memory, thread block size, cipher operating mode, parallel granularity and data copy between CPU and GPU. We proposed a new method to store the encryption keys in registers with high access speed and exchange it with other threads by using the warp shuffle operation in GPU. The block ciphers implemented in this paper operate in CTR mode, and able to achieve high encryption speed with 149 Gbps (AES-128), 143 Gbps (CAST-128), 124 Gbps (Camelia), 112 Gbps (SEED), 149 Gbps (IDEA), 111 Gbps (Blowfish) and 197 Gbps (Threefish). To the best of our knowledge, this is the first implementation of block ciphers that exploits warp shuffle, an advanced feature in NVIDIA GPU. On the other hand, block ciphers can be used as pseudorandom number generator (PRNG) when it is operating under counter mode (CTR), but the speed is usually slower compare to other PRNG using lighter operations. Hence, we attempt to modify IDEA and Blowfish in order to achieve faster PRNG generation. The modified IDEA and Blowfish manage to pass all NIST Statistical Test and TestU01 SmallCrush except the more stringent tests in TestU01 (Crush and BigCrush).

An efficient and secure cipher scheme for images confidentiality preservation

Abstract: In this paper, a novel image encryption scheme based on two rounds of substitution-diffusion is proposed. Two main objectives have guided the design of this scheme: (a) robustness against the most known type of attacks (statistical, chosen/known plaintext, ciphertext-only and brute force attacks) and (b) efficiency in terms of computational complexity (i.e., execution time reduction) in order to meet recent mobiles' applications' requirements. First, a dynamic key, changed for every input image is generated and used as the basis to construct the substitution and diffusion processes. Then, the encryption process is performed by the transmitter based on a non-linear S-box (substitution) and a matrix multiplication (diffusion), applied on each sub-matrix of the image. At the destination side, decryption is applied in the reverse order. We have conducted several series of experiments to evaluate the effectiveness of the proposed scheme. The obtained results validated the robustness of our scheme against all considered types of attacks and showed an improvement in terms of execution time reduction compared to the recent existed image-encryption schemes.

On the Security of 2-Key Triple DES

Abstract: This paper reconsiders the security offered by two-key triple DES, an encryption technique that remains widely used despite recently being de-standardised by NIST. A generalization of the 1990 van Oorschot–Wiener attack is described, constituting the first advance in cryptanalysis of two-key triple DES since 1990. We give further attack enhancements that together imply that the widely used estimate that two-key triple DES provides 80 bits of security can no longer be regarded as conservative; the widely stated assertion that the scheme is secure as long as the key is changed regularly is also challenged. The main conclusion is that, whilst not completely broken, the margin of safety for two-key triple DES is slim, and efforts to replace it, at least with its three-key variant, and preferably with a more modern cipher such as AES, should be pursued with some urgency.