Global ETD Search

21	Cryptanalyse des algorithmes de chiffrement symétrique / Cryptanalysis of symmetric encryption algorithms Chaigneau, Colin 28 November 2018 (has links) La sécurité des transmissions et du stockage des données est devenue un enjeu majeur de ces dernières années et la cryptologie, qui traite de la protection algorithmique de l'information, est un sujet de recherche extrêmement actif. Elle englobe la conception d'algorithmes cryptographiques, appelée cryptographie, et l'analyse de leur sécurité, appelée cryptanalyse.Dans cette thèse, nous nous concentrons uniquement sur la cryptanalyse, et en particulier celle des algorithmes de chiffrement symétrique, qui reposent sur le partage d'un même secret entre l'entité qui chiffre l'information et celle qui la déchiffre. Dans ce manuscrit, trois attaques contre des algorithmes de chiffrement symétriques sont présentées. Les deux premières portent sur deux candidats de l'actuelle compétition cryptographique CAESAR, les algorithmes AEZ et NORX, tandis que la dernière porte sur l'algorithme Kravatte, une instance de la construction Farfalle qui utilise la permutation de la fonction de hachage décrite dans le standard SHA-3. Les trois algorithmes étudiés présentent une stratégie de conception similaire, qui consiste à intégrer dans une construction nouvelle une primitive, i.e. une fonction cryptographique élémentaire, déjà existante ou directement inspirée de travaux précédents.La compétition CAESAR, qui a débuté en 2015, a pour but de définir un portefeuille d'algorithmes recommandés pour le chiffrement authentifié. Les deux candidats étudiés, AEZ et NORX, sont deux algorithmes qui ont atteint le troisième tour de cette compétition. Les deux attaques présentées ici ont contribué à l'effort de cryptanalyse nécessaire dans une telle compétition. Cet effort n'a, en l'occurrence, pas permis d'établir une confiance suffisante pour justifier la présence des algorithmes AEZ et NORX parmi les finalistes.AEZ est une construction reposant sur la primitive AES, dont l'un des principaux objectifs est d'offrir une résistance optimale à des scénarios d'attaque plus permissifs que ceux généralement considérés pour les algorithmes de chiffrement authentifié. Nous montrons ici que dans de tels scénarios il est possible, avec une probabilité anormalement élevée, de retrouver l'ensemble des secrets utilisés dans l'algorithme.NORX est un algorithme de chiffrement authentifié qui repose sur une variante de la construction dite en éponge employée par exemple dans la fonction de hachage Keccak. Sa permutation interne est inspirée de celles utilisées dans BLAKE et ChaCha. Nous montrons qu'il est possible d'exploiter une propriété structurelle de cette permutation afin de récupérer la clé secrète utilisée. Pour cela, nous tirons parti du choix des concepteurs de réduire les marges de sécurité dans le dimensionnement de la construction en éponge.Enfin, la dernière cryptanalyse remet en cause la robustesse de l'algorithme Kravatte, une fonction pseudo-aléatoire qui autorise des entrées et sorties de taille variable. Dérivée de la permutation Keccak-p de SHA-3 au moyen de la construction Farfalle, Kravatte est efficace et parallélisable. Ici, nous exploitons le faible degré algébrique de la permutation interne pour mettre au jour trois attaques par recouvrement de clé : une attaque différentielle d'ordre supérieur, une attaque algébrique "par le milieu" et une attaque inspirée de la cryptanalyse de certains algorithmes de chiffrement à flot. / Nowadays, cryptology is heavily used to protect stored and transmitted data against malicious attacks, by means of security algorithms. Cryptology comprises cryptography, the design of these algorithms, and cryptanalysis, the analysis of their security.In this thesis, we focus on the cryptanalysis of symmetric encryption algorithms, that is cryptographic algorithms that rely on a secret value shared beforehand between two parties to ensure both encryption and decryption. We present three attacks against symmetric encryption algorithms. The first two cryptanalyses target two high profile candidates of the CAESAR cryptographic competition, the AEZ and NORX algorithms, while the last one targets the Kravatte algorithm, an instance of the Farfalle construction based on the Keccak permutation. Farfalle is multipurpose a pseudo-random function (PRF) developed by the same designers' team as the permutation Keccak used in the SHA-3 hash function.The CAESAR competition, that began in 2015, aims at selecting a portfolio of algorithms recommended for authenticated encryption. The two candidates analysed, AEZ and NORX, reached the third round of the CAESAR competition but were not selected to be part of the finalists. These two results contributed to the cryptanalysis effort required in such a competition. This effort did not establish enough confidence to justify that AEZ and NORX accede to the final round of the competition.AEZ is a construction based on the AES primitive, that aims at offering an optimal resistance against more permissive attack scenarios than those usually considered for authenticated encryption algorithms. We show here that one can recover all the secret material used in AEZ with an abnormal success probability.NORX is an authenticated encryption algorithm based on a variant of the so-called sponge construction used for instance in the SHA-3 hash function. The internal permutation is inspired from the one of BLAKE and ChaCha. We show that one can leverage a strong structural property of this permutation to recover the secret key, thanks to the designers' non-conservative choice of reducing the security margin in the sponge construction.Finally, the last cryptanalysis reconsiders the robustness of the Kravatte algorithm. Kravatte is an efficient and parallelizable PRF with input and output of variable length. In this analysis, we exploit the low algebraic degree of the permutation Keccak used in Kravatte to mount three key-recovery attacks targeting different parts of the construction: a higher order differential attack, an algebraic meet-in-the-middle attack and an attack based on a linear recurrence distinguisher. Cryptographie symétrique Cryptanalyse Chiffrement par bloc Chiffrement à flot Chiffrement authentifié Symmetric cryptography Cryptanalysis Block ciphers Stream ciphers Authenticated encryption 005.82
22	Algoritmos criptográficos para redes de sensores. / Cryptographic algorithms for sensor networks. Simplicio Junior, Marcos Antonio 03 April 2008 (has links) É crescente a necessidade de prover segurança às informações trocadas nos mais diversos tipos de redes. No entanto, redes amplamente dependentes de dispositivos com recursos limitados (como sensores, tokens e smart cards) apresentam um desafio importante: a reduzida disponibilidade de memória, capacidade de processamento e (principalmente) energia dos mesmos dificulta a utilização de alguns dos principais algoritmos criptográficos considerados seguros atualmente. É neste contexto que se insere o presente documento, que não apenas apresenta uma pesquisa envolvendo projeto e análise de algoritmos criptográficos, mas também descreve um novo algoritmo simétrico denominado CURUPIRA. Esta cifra de bloco baseia-se na metodologia conhecida como Estratégia de Trilha Larga e foi projetada especialmente para ambientes onde existe escassez de recursos. O CURUPIRA possui estrutura involutiva, o que significa que os processos de encriptação e decriptação diferem apenas na seqüência da geração de chaves, dispensando a necessidade de algoritmos distintos para cada uma destas operações. Além disto, são propostas duas formas diferentes para seu algoritmo de geração de chaves, cada qual mais focada em segurança ou em desempenho. Entretanto, ambas as formas caracterizam-se pela possibilidade de computação das sub-chaves de round no momento de sua utilização, em qualquer ordem, garantindo uma operação com reduzido uso de memória RAM. / The need for security is a great concern in any modern network. However, networks that are highly dependent of constrained devices (such as sensors, tokens and smart cards) impose a difficult challenge: their reduced availability of memory, processing power and (more importantly) energy hinders the deployment of many important cryptographic algorithms known to be secure. In this context, this document not only presents the research involving the design and analysis of cryptographic algorithms, but also proposes a new symmetric block cipher named CURUPIRA. The CURUPIRA follows the methodology known as theWide Trail Strategy and was specially developed having constrained platforms in mind. It displays an involutional structure, which means that the encryption and decryption processes differ only in the key schedule and, thus, there is no need to implement them separately. Also, two distinct scheduling algorithms are proposed, whose main focus are either on tight security or improved performance. In spite of this difference, both of them allow the keys to be computed on-the-fly, in any desired order, assuring a reduced consumption of RAM memory during their operation. Block ciphers Constrained networks Criptografia Involutional ciphers Redes de sensores Segurança Sensor networks Symmetric cryptography Wide trail strategy
23	Algoritmos criptográficos para redes de sensores. / Cryptographic algorithms for sensor networks. Marcos Antonio Simplicio Junior 03 April 2008 (has links) É crescente a necessidade de prover segurança às informações trocadas nos mais diversos tipos de redes. No entanto, redes amplamente dependentes de dispositivos com recursos limitados (como sensores, tokens e smart cards) apresentam um desafio importante: a reduzida disponibilidade de memória, capacidade de processamento e (principalmente) energia dos mesmos dificulta a utilização de alguns dos principais algoritmos criptográficos considerados seguros atualmente. É neste contexto que se insere o presente documento, que não apenas apresenta uma pesquisa envolvendo projeto e análise de algoritmos criptográficos, mas também descreve um novo algoritmo simétrico denominado CURUPIRA. Esta cifra de bloco baseia-se na metodologia conhecida como Estratégia de Trilha Larga e foi projetada especialmente para ambientes onde existe escassez de recursos. O CURUPIRA possui estrutura involutiva, o que significa que os processos de encriptação e decriptação diferem apenas na seqüência da geração de chaves, dispensando a necessidade de algoritmos distintos para cada uma destas operações. Além disto, são propostas duas formas diferentes para seu algoritmo de geração de chaves, cada qual mais focada em segurança ou em desempenho. Entretanto, ambas as formas caracterizam-se pela possibilidade de computação das sub-chaves de round no momento de sua utilização, em qualquer ordem, garantindo uma operação com reduzido uso de memória RAM. / The need for security is a great concern in any modern network. However, networks that are highly dependent of constrained devices (such as sensors, tokens and smart cards) impose a difficult challenge: their reduced availability of memory, processing power and (more importantly) energy hinders the deployment of many important cryptographic algorithms known to be secure. In this context, this document not only presents the research involving the design and analysis of cryptographic algorithms, but also proposes a new symmetric block cipher named CURUPIRA. The CURUPIRA follows the methodology known as theWide Trail Strategy and was specially developed having constrained platforms in mind. It displays an involutional structure, which means that the encryption and decryption processes differ only in the key schedule and, thus, there is no need to implement them separately. Also, two distinct scheduling algorithms are proposed, whose main focus are either on tight security or improved performance. In spite of this difference, both of them allow the keys to be computed on-the-fly, in any desired order, assuring a reduced consumption of RAM memory during their operation. Criptografia Redes de sensores Segurança Block ciphers Constrained networks Involutional ciphers Sensor networks Symmetric cryptography Wide trail strategy
24	Historie šifrovacích metod a jejich aplikace / Historical encryption procedures and their application MILICHOVSKÁ, Eva January 2018 (has links) I deal with historical encryption procedures and with their application in teaching in my diploma thesis. I present a brief list of some encryption methods in following chapters which were used from antiquity to the mid-20th century. There are prepared specific worksheets for encryption and decryption in this thesis. For several ciphers, the required tools are included in this work, too.
25	New Approaches And Experimental Studies On - Alegebraic Attacks On Stream Ciphers Pillai, N Rajesh 08 1900 (has links) (PDF) Algebraic attacks constitute an effective class of cryptanalytic attacks which have come up recently. In algebraic attacks, the relations between the input, output and the key are expressed as a system of equations and then solved for the key. The main idea is in obtaining a system of equations which is solvable using reasonable amount of resources. The new approaches proposed in this work and experimental studies on the existing algebraic attacks on stream ciphers will be presented. In the first attack on filter generator, the input-output relations are expressed in conjunctive normal form. The system of equations is then solved using modified Zakrevskij technique. This was one of the earliest algebraic attacks on the nonlinear filter generator. In the second attack, we relaxed the constraint on algebraic attack that the entire system description be known and the output sequence extension problem where the filter function is unknown is considered. We modeled the problem as a multivariate interpolation problem and solved it. An advantage of this approach is that it can be adapted to work for noisy output sequences where as the existing algebraic attacks expect the output sequence to be error free. Adding memory to filter/combiner function increases the degree of system of equations and finding low degree equations in this case is computeintensive. The method for computing low degree relations for combiners with memory was applied to the combiner in E0 stream cipher. We found that the relation given in literature [Armknecht and Krause] was incorrect. We obtained the correct equation and verified its correctness. A time-data size trade off attack for clock controlled filter generator was developed. The time complexity and the data requirements are in between the two approaches used in literature. A recent development of algebraic attacks - the Cube attack was studied. Cube attack on variants of Trivium were proposed by Dinur and Shamir where linear equations in key bits were obtained by combining equations for output bit for same key and a set of Initialization Vectors (IVs). We investigated the effectiveness of the cube attack on Trivium. We showed that the linear equations obtained were not general and hence the attack succeeds only for some specific values of IVs. A reason for the equations not being general is given and a modification to the linear equation finding step suggested. Cryptography Algebraic Attacks Stream Ciphers Cube Attacks Stream Ciphers - Algebraic Attacks Filter Generators - Algebraic Attacks Trivium Nonlinear Filter Generator Nonlinear Feedforward Generator Clock Controlled Filter Generator Computer Science
26	ANALYSIS OF SECURITY MEASURES FOR SEQUENCES Kavuluru, Ramakanth 01 January 2009 (has links) Stream ciphers are private key cryptosystems used for security in communication and data transmission systems. Because they are used to encrypt streams of data, it is necessary for stream ciphers to use primitives that are easy to implement and fast to operate. LFSRs and the recently invented FCSRs are two such primitives, which give rise to certain security measures for the cryptographic strength of sequences, which we refer to as complexity measures henceforth following the convention. The linear (resp. N-adic) complexity of a sequence is the length of the shortest LFSR (resp. FCSR) that can generate the sequence. Due to the availability of shift register synthesis algorithms, sequences used for cryptographic purposes should have high values for these complexity measures. It is also essential that the complexity of these sequences does not decrease when a few symbols are changed. The k-error complexity of a sequence is the smallest value of the complexity of a sequence obtained by altering k or fewer symbols in the given sequence. For a sequence to be considered cryptographically ‘strong’ it should have both high complexity and high error complexity values. An important problem regarding sequence complexity measures is to determine good bounds on a specific complexity measure for a given sequence. In this thesis we derive new nontrivial lower bounds on the k-operation complexity of periodic sequences in both the linear and N-adic cases. Here the operations considered are combinations of insertions, deletions, and substitutions. We show that our bounds are tight and also derive several auxiliary results based on them. A second problem on sequence complexity measures useful in the design and analysis of stream ciphers is to determine the number of sequences with a given fixed (error) complexity value. In this thesis we address this problem for the k-error linear complexity of 2n-periodic binary sequences. More specifically: 1. We characterize 2n-periodic binary sequences with fixed 2- or 3-error linear complexity and obtain the counting function for the number of such sequences with fixed k-error linear complexity for k = 2 or 3. 2. We obtain partial results on the number of 2n-periodic binary sequences with fixed k-error linear complexity when k is the minimum number of changes required to lower the linear complexity. Computer Sciences
27	An algebraic attack on block ciphers Unknown Date (has links) The aim of this work is to investigate an algebraic attack on block ciphers called Multiple Right Hand Sides (MRHS). MRHS models a block cipher as a system of n matrix equations Si := Aix = [Li], where each Li can be expressed as a set of its columns bi1, . . . , bisi . The set of solutions Ti of Si is dened as the union of the solutions of Aix = bij , and the set of solutions of the system S1, . . . , Sn is dened as the intersection of T1, . . . , Tn. Our main contribution is a hardware platform which implements a particular algorithm that solves MRHS systems (and hence block ciphers). The case is made that the platform performs several thousand orders of magnitude faster than software, it costs less than US$1,000,000, and that actual times of block cipher breakage can be calculated once it is known how the corresponding software behaves. Options in MRHS are also explored with a view to increase its efficiency. / by Kenneth Matheis. / Thesis (M.S.C.S.)--Florida Atlantic University, 2010. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2010. Mode of access: World Wide Web. Ciphers Cryptography Data encryption (Computer science) Computer security Coding theory
28	Characterizing the HTTPS Trust Landscape : - A Passive View from the Edge / Karaktärisering av HTTPS Förtroende-Landskap Ouvrier, Gustaf January 2019 (has links) Our society increasingly relies on the Internet for common services like online banking, shopping, and socializing. Many of these services heavily depend on secure end-to-end transactions to transfer personal, financial, or other sensitive information. At the core of ensuring secure transactions are the TLS/SSL protocol and the ``trust'' relationships between all involved partners. In this thesis we passively monitor the HTTPS traffic between a campus network and the Internet, and characterize the certificate usage and trust relationships in this complex landscape. By comparing our observations against known vulnerabilities and problems, we provide an overview of the actual security that typical Internet users (such as the people on campus) experience. Our measurements cover both mobile and stationary users, consider the involved trust relationships, and provide insights into how the HTTPS protocol is used and the weaknesses observed in practice. Browsers Servers Ciphers Internet Mobile communication Telecommunication services Online services Web services Computer Sciences Datavetenskap (datalogi)
29	Design of Stream Ciphers and Cryptographic Properties of Nonlinear Functions Nawaz, Yassir January 2007 (has links) Block and stream ciphers are widely used to protect the privacy of digital information. A variety of attacks against block and stream ciphers exist; the most recent being the algebraic attacks. These attacks reduce the cipher to a simple algebraic system which can be solved by known algebraic techniques. These attacks have been very successful against a variety of stream ciphers and major efforts (for example eSTREAM project) are underway to design and analyze new stream ciphers. These attacks have also raised some concerns about the security of popular block ciphers. In this thesis, apart from designing new stream ciphers, we focus on analyzing popular nonlinear transformations (Boolean functions and S-boxes) used in block and stream ciphers for various cryptographic properties, in particular their resistance against algebraic attacks. The main contribution of this work is the design of two new stream ciphers and a thorough analysis of the algebraic immunity of Boolean functions and S-boxes based on power mappings. First we present WG, a family of new stream ciphers designed to obtain a keystream with guaranteed randomness properties. We show how to obtain a mathematical description of a WG stream cipher for the desired randomness properties and security level, and then how to translate this description into a practical hardware design. Next we describe the design of a new RC4-like stream cipher suitable for high speed software applications. The design is compared with original RC4 stream cipher for both security and speed. The second part of this thesis closely examines the algebraic immunity of Boolean functions and S-boxes based on power mappings. We derive meaningful upper bounds on the algebraic immunity of cryptographically significant Boolean power functions and show that for large input sizes these functions have very low algebraic immunity. To analyze the algebraic immunity of S-boxes based on power mappings, we focus on calculating the bi-affine and quadratic equations they satisfy. We present two very efficient algorithms for this purpose and give new S-box constructions that guarantee zero bi-affine and quadratic equations. We also examine these S-boxes for their resistance against linear and differential attacks and provide a list of S-boxes based on power mappings that offer high resistance against linear, differential, and algebraic attacks. Finally we investigate the algebraic structure of S-boxes used in AES and DES by deriving their equivalent algebraic descriptions. Stream ciphers Algebraic properties S-boxes Boolean functions Electrical and Computer Engineering
30	Design of Stream Ciphers and Cryptographic Properties of Nonlinear Functions Nawaz, Yassir January 2007 (has links) Block and stream ciphers are widely used to protect the privacy of digital information. A variety of attacks against block and stream ciphers exist; the most recent being the algebraic attacks. These attacks reduce the cipher to a simple algebraic system which can be solved by known algebraic techniques. These attacks have been very successful against a variety of stream ciphers and major efforts (for example eSTREAM project) are underway to design and analyze new stream ciphers. These attacks have also raised some concerns about the security of popular block ciphers. In this thesis, apart from designing new stream ciphers, we focus on analyzing popular nonlinear transformations (Boolean functions and S-boxes) used in block and stream ciphers for various cryptographic properties, in particular their resistance against algebraic attacks. The main contribution of this work is the design of two new stream ciphers and a thorough analysis of the algebraic immunity of Boolean functions and S-boxes based on power mappings. First we present WG, a family of new stream ciphers designed to obtain a keystream with guaranteed randomness properties. We show how to obtain a mathematical description of a WG stream cipher for the desired randomness properties and security level, and then how to translate this description into a practical hardware design. Next we describe the design of a new RC4-like stream cipher suitable for high speed software applications. The design is compared with original RC4 stream cipher for both security and speed. The second part of this thesis closely examines the algebraic immunity of Boolean functions and S-boxes based on power mappings. We derive meaningful upper bounds on the algebraic immunity of cryptographically significant Boolean power functions and show that for large input sizes these functions have very low algebraic immunity. To analyze the algebraic immunity of S-boxes based on power mappings, we focus on calculating the bi-affine and quadratic equations they satisfy. We present two very efficient algorithms for this purpose and give new S-box constructions that guarantee zero bi-affine and quadratic equations. We also examine these S-boxes for their resistance against linear and differential attacks and provide a list of S-boxes based on power mappings that offer high resistance against linear, differential, and algebraic attacks. Finally we investigate the algebraic structure of S-boxes used in AES and DES by deriving their equivalent algebraic descriptions. Stream ciphers Algebraic properties S-boxes Boolean functions Electrical and Computer Engineering

Search results