Loading...
Search for:
block-ciphers
0.006 seconds
Total 34 records
Low-data complexity biclique cryptanalysis of block ciphers with application to piccolo and HIGHT
, Article IEEE Transactions on Information Forensics and Security ; Vol. 9, Issue. 10 , 2005 , Pages 1641-1652 ; Ahmadian, Z ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
Abstract
In this paper, we present a framework for biclique cryptanalysis of block ciphers which extremely requires a low amount of data. To that end, we enjoy a new representation of biclique attack based on a new concept of cutset that describes our attack more clearly. Then, an algorithm for choosing two differential characteristics is presented to simultaneously minimize the data complexity and control the computational complexity. Then, we characterize those block ciphers that are vulnerable to this technique and among them, we apply this attack on lightweight block ciphers Piccolo-80, Piccolo-128, and HIGHT. The data complexity of these attacks is only 16-plaintext-ciphertext pairs, which is...
An improved truncated differential cryptanalysis of klein
, Article Tatra Mountains Mathematical Publications ; Volume 67, Issue 1 , 2016 , Pages 135-147 ; 12103195 (ISSN) ; Ahmadian, Z ; Salmasizadeh, M ; Aref, M. R ; Sharif University of Technology
De Gruyter Open Ltd
2016
Abstract
KLEIN is a family of lightweight block ciphers which was proposed at RFIDSec 2011 by Gong et. al. It has three versions with 64, 80 or 96-bit key size, all with a 64-bit state size. It uses 16 identical 4-bit S-boxes combined with two AES's MixColumn transformations for each round. This approach allows compact implementations of KLEIN in both low-end software and hardware. Such an unconventional combination attracts the attention of cryptanalysts, and several security analyses have been published. The most successful one was presented at FSE 2014 which was a truncated differential attack. They could attack up to 12, 13 and 14 rounds out of total number of 12, 16 and 20 rounds for...
Biclique cryptanalysis of the full-round KLEIN block cipher
, Article IET Information Security ; Volume 9, Issue 5 , 2015 , Pages 294-301 ; 17518709 (ISSN) ; Salmasizadeh, M ; Aref, M. R ; Sharif University of Technology
Institution of Engineering and Technology
2015
Abstract
In this study, the authors evaluate the security of the lightweight block cipher KLEIN-64 using biclique cryptanalysis. They first point out some new weaknesses of the diffusion layer and key schedule of this algorithm. Then they exploit them to cryptanalyst the full round version of KLEIN-64 using an asymmetric biclique. The (worst case) computations and data complexity of this cryptanalysis are 262.84 and 239, respectively. A modified version of this cryptanalysis is also presented which is slightly faster at the expense of the data required
Impossible Differential Cryptanalysis of Lightweight Blockciphers TEA and XTEA
, M.Sc. Thesis Sharif University of Technology ; Aref, Mohammad Reza (Supervisor) ; Salmasizadeh, Mohmoud (Co-Advisor)
Abstract
The lightweight blockciphers and lightweight authenticated encryptions are special kind of the symmetric schemes designed to use in cases that resources such as power, area, etc. are limited. Sensor Networks and RF-Tags are two good example of lightweight schemes application. This limitations force designers to use simpler functions and operators in comparison to conventional schemes; therefore, providing the security in this case is so important. A novel approach for evaluating security of an algorithm is to apply different kinds of attack. Impossible differential cryptanalysis is one of the shortcut cryptanalysis, using the impossible differential characteristic. Impossible differential...
Impossible Differential Cryptanalysis of Lightweight Block Ciphers
, M.Sc. Thesis Sharif University of Technology ; Aref, Mohammad Reza (Supervisor) ; Mohajeri, Javad (Co-Advisor)
Abstract
Due to the ever-increasing growth of the ubiquitous computing systems such as RFID, IoT, etc. and their important security concerns specially in the domain of user’s privacy, a great attention from the cryptology community is attracted to the design and analysis of lightweight primitives. Lightweight primitives, including block ciphers, hash functions, stream ciphers, and authenticated encryption schemes, are those ones that are specifically tailored to the devices with extreme limitations in power, area and cost. It is natural that the conventional rules for designing a typical all-purpose primitive can not be used here identically, and designers have to relax the conditions of some...
Zero correlation linear attack on reduced round Piccolo-80
, Article 13th International ISC Conference on Information Security and Cryptology, 7 September 2016 through 8 September 2016 ; 2016 , Pages 66-71 ; 9781509039494 (ISBN) ; Hoseini Najarkolaei, S. R ; Ahmadi, S ; Aref, M. R ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc
Abstract
Universal deployment of lightweight block ciphers increase the importance of cryptanalysis of these ciphers. In this paper, we focus on reduced round version of Piccolo-80 as a lightweight block cipher and try to analyze it by zero correlation linear attack. As a result, we proposed a new zero correlation linear attack on 12-round Piccolo-80 without whitening keys with computational complexity of 251.4, while memory and data complexities of the attack are equal to 258.2 and 250, respectively. Also, we proposed an attack on 12-round Piccolo-80 with whitening keys and 13-round Piccolo-80 without whitening keys. To the best of our knowledge, these are the first zero correlation attacks on...
Impossible differential cryptanalysis of safer++
, Article 2008 International Conference on Security and Management, SAM 2008, Las Vegas, NV, 14 July 2008 through 17 July 2008 ; July , 2008 , Pages 10-14 ; 160132085X (ISBN); 9781601320858 (ISBN) ; Eghlidos, T ; Aref, M. R ; Sharif University of Technology
2008
Abstract
In this paper, we describe an impossible differential property for 2.5 rounds of Safer++. It allows an impossible differential attack on 4 rounds of Safer++. The proposed attack requires 2 23 chosen plaintexts and 2 75 bytes of memory and performs 2 84 4-round Safer++ encryptions. The method developed to attack Safer++ can be applied to other block ciphers in Safer family. 1
Security analysis of CLEFIA-128
, Article 2014 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; 2014 , p. 84-88 ; Delavar, M ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
Abstract
Biclique attack is one of the most recent methods for cryptanalysis of block ciphers. In this paper, we present a new biclique attack on the full round of the lightweight block cipher CLEFIA-128. We obtained 2127.44 for computational complexity while the data complexity is 264 and memory complexity is 27. To the best of our knowledge, it is the first biclique attack on the full CLEFIA-128 lightweight block cipher. Also, we show that MITM attack in the way of using partial matching with precomputation and recomputation technique can reduce the data complexity of the attack to only 2 known plaintext-ciphertext pairs
Impossible differential cryptanalysis of reduced-round midori64 block cipher
, Article 2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology, ISCISC 2017, 6 September 2017 through 7 September 2017 ; 2018 , Pages 31-36 ; 9781538665602 (ISBN) ; Azimi, S. A ; Salmasizadeh, M ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
Abstract
Impossible differential attack is a well-known mean to examine robustness of block ciphers. Using impossible differential cryptanalysis, we analyze security of a family of lightweight block ciphers, named Midori, that are designed considering low energy consumption. Midori state size can be either 64 bits for Midori64 or 128 bits for Midori128; however, both versions have key size equal to 128 bits.In this paper, we mainly study security of Midori64. To this end, we use various techniques such as early-abort, memory reallocation, miss-in-the-middle and turning to account the inadequate key schedule algorithm of Midori64. We first show two new 7-round impossible differential characteristics...
Reflection Cryptanalysis of GOST Block Cipher
,
M.Sc. Thesis
Sharif University of Technology
;
khazaei, Shahram
(Supervisor)
Abstract
Block ciphers are the central tool in the design of security protocols. GOST is a block cipher that several attacks have been published on it during the past 20 years. One of them is the reflection attack that was first introduced in 2007. This attack utilizes similarities of some round functions of both encryption and decryption processes. In addition, there are approaches that combines techniques of the reflection attack and variants of the meet-in-the-middle attack. In this thesis, we study reflection-based attacks on GOST. We first describe the GOST block cipher and the reflection attack. Then, we review previous reflectionbased attacks such as reflection-meet-in-the-middle attack and...
Cube and dynamic cube attacks on SIMON32/64
, Article 2014 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; Sept , 2014 , pp. 98-103 ; ISBN: 9781479953837 ; Ahmadian, Z ; Salmasizadeh, M ; Aref, M. R ; Sharif University of Technology
Abstract
This paper presents cube and dynamic cube attacks on reduced-round lightweihgt block cipher SIMON32/64, proposed by U.S. National Security Agency in 2013. Cube attack is applied to 17 rounds out of 32 rounds of SIMON using a 13-round distinguisher and dynamic cube breaks 14 rounds out of 32 rounds using 10-round distinguishers. Both attacks recover the full 64-bit key of the cipher in a practical time complexity
Impossible differential cryptanalysis of Piccolo lightweight block cipher
, Article 2014 11th International ISC Conference on Information Security and Cryptology, ISCISC 2014 ; Sep , 2014 , p. 89-94 ; Ahmadian, Z ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
Abstract
This paper analyzes the Piccolo family of lightweight block ciphers against the impossible differential cryptanalysis. A combination of some ploys such as decreasing the S-box computations, finding an appropriate propagation of differentials, utilizing hash tables and using the linearity of the key-schedule as well as disregarding subkeys of two rounds lead to 12-round and 13-round impossible differential attack on Piccolo-80 and 15-round attack on Piccolo-128. The time and data complexity of the attack against Piccolo-80 is 255.18 and 236.34 for 12-round and 269.7 and 243.25 for 13-round, respectively. Moreover, the time and data complexity for 15 rounds cryptanalysis of Piccolo-128 are...
Related-key impossible differential cryptanalysis of full-round HIGHT
, Article ICETE 2013 - 10th International Joint Conference on E-Business and Telecommunications; SECRYPT 2013 - 10th International Conference on Security and Cryptography, Proceedings, Reykjavik ; 2013 , Pages: 537-542 ; 9789898565730 (ISBN) ; Chafjiri, S. B ; Tabatabaei, S. A. H ; Sharif University of Technology
2013
Abstract
The HIGHT algorithm is a 64-bit block cipher with 128-bit key length, at CHES'06 as a lightweight cryptographic algorithm. In this paper, a new related-key impossible differential attack on the full-round algorithm is introduced. Our cryptanalysis requires time complexity of 2127.276 HIGHT evaluations which is slightly faster than exhaustive search attack. This is the first related-key impossible differential cryptanalysis on the full-round HIGHT block cipher. Copyright
Improved fixed point attack on gost2
, Article 2017 14th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology, ISCISC 2017, 6 September 2017 through 7 September 2017 ; 2018 , Pages 19-24 ; 9781538665602 (ISBN) ; Aref, M. R ; Sharif University of Technology
Abstract
One of the well known block cipher is Gost which was accepted as a Russian Standard, and was proposed to be included in ISO/IEC 18033-3. But, recent attacks on this cipher result in extracting more weaknesses of it and so the standardization of Gost was rejected. In 2015, the designers proposed a modified version of Gost, namely Gost2, which has a new key schedule and explicit choice for Sboxes. In this paper, we present an improved algorithm for fixed point attack on Gost2 with computational complexity of 2233. This computational complexity has a factor of 24 improvement in comparison to previous attack which has 2237 computational complexity. © 2017 IEEE
Improved impossible differential and biclique cryptanalysis of HIGHT
, Article International Journal of Communication Systems ; Volume 31, Issue 1 , 2018 ; 10745351 (ISSN) ; Ahmadi, S ; Ahmadian, Z ; Mohajeri, J ; Aref, M. R ; Sharif University of Technology
John Wiley and Sons Ltd
2018
Abstract
HIGHT is a lightweight block cipher introduced in CHES 2006 by Hong et al as a block cipher suitable for low-resource applications. In this paper, we propose improved impossible differential and biclique attacks on HIGHT block cipher both exploiting the permutation-based property of the cipher's key schedule algorithm as well as its low diffusion. For impossible differential attack, we found a new 17-round impossible differential characteristic that enables us to propose a new 27-round impossible differential attack. The total time complexity of the attack is 2120.4 where an amount of 259.3 chosen plaintext-ciphertext pairs and 2107.4 memory are required. We also instantiate a new biclique...
Biclique Cryptanalysis of Lightweight Block Ciphers
, M.Sc. Thesis Sharif University of Technology ; Aref, Mohammad Reza (Supervisor) ; Mohajeri, Javad (Co-Advisor)
Abstract
Along with the proliferation of pervasive systems such as RFID systems and sensor networks, the demand for the low-cost, secure-enough primitives has continued to rise. Symmetric-key algorithms especially block ciphers still play an important role as secure ciphers that can be also consistent with the inherent restrictions of pervasive systems. Recently, a lot of block ciphers tailored for these conditions have been designed, such as Present, PrintCipher, Piccolo, and Twine. Biclique attack introduced in AsiaCrypt 2011 is the first and the only method that could break all versions of AES faster than brute-force attack in the single key model. Afterwards, the efficiency of this attack on some...
Cryptanalysis of Lightweight Block Ciphers
, M.Sc. Thesis Sharif University of Technology ; Aref, Mohammad Reza (Supervisor) ; Salmasizadeh, Mahmoud (Co-Advisor)
Abstract
Lightweight cryptography is a branch of cryptography science which is expanded in response of security need in pervasive and lightweight systems (such as RFID systems and wireless sensor networks) in the last decade. In general, the significant challenges in designing lightweight ciphers can be attributed to three essential parameters: security, cost, and performance. Hence the main goal in designing new lightweight ciphers is to develop innovative and atypical structures in order to have a cipher with a small footprint, sufficient speed, reduced power consumption, while remaining sufficiently secure. Due to lack of proper ciphers that are both efficient and secure for constrained...
A novel design of the KASUMI block cipher using one-hot residue number system
, Article Middle East Journal of Scientific Research ; Volume 11, Issue 8 , 2012 , Pages 1078-1086 ; 19909233 (ISSN) ; Sharif University of Technology
2012
Abstract
The KASUMI block cipher is used for the cellular communications networks and safety of many wireless standards. Third generation cellular network technology (3G) permits to transmit information, voice and video at very high data rates never seen before that will revolutionize personal communications and information exchange. On the other hand, Residue Number System (RNS) is a modular representation and is evidenced to be serviceable equipment in many applications which need high-speed computations and high-performance components. RNS is a non-weighted and integer number system that can support secure, highspeed, low-power, parallel and carry-free arithmetic. For attaining the most...
Reliable and high-speed KASUMI block cipher by residue number system code
, Article World Applied Sciences Journal ; Volume 17, Issue 9 , 2012 , Pages 1149-1158 ; 18184952 (ISSN) ; Sharif University of Technology
2012
Abstract
Third generation cellular network technology (3G) can revolutionize communications and data exchanges between many people in a more overwhelming fashion than 2G and 2.5G networks did. The 3G UMTS, the 3G GSM and the 3G GPRS rely on the KASUMI block cipher. Therefore, increasing speed, decreasing power consumption and error detection/correction are the major concerns of the KASUMI algorithm and its generation. On the other hand, Residue Number System is a non-weighted number system and it is currently considered as an important method for high-speed, low-power, parallel and carry-free arithmetic realizations. Redundant Residue Number System is an extension of RNS that also supports error...
A new CPA resistant software implementation for symmetric ciphers with smoothed power consumption
, Article 13th International ISC Conference on Information Security and Cryptology, 7 September 2016 through 8 September 2016 ; 2016 , Pages 38-45 ; 9781509039494 (ISBN) ; Salmasizadeh, M ; Sharif University of Technology
Institute of Electrical and Electronics Engineers Inc
Abstract
In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. We propose a new heuristic encoding scheme for implementing block cipher algorithms. Our new method includes only AND-equivalent and XOR-equivalent operations since every cryptographic algorithm can be implemented with two basic operations, namely AND, XOR. In order to practically evaluate resistance improvement against CPA, we implement the proposed coding scheme on SIMON, a lightweight block cipher, on a smartcard with ATmega163 microprocessor. The results of this implementation show a 350 times more...