Design and Analysis of RC4-like Stream Ciphers

McKague, Matthew

January 2005

RC4 is one of the most widely used ciphers in practical software applications. In this thesis we examine security and design aspects of RC4. First we describe the functioning of RC4 and present previously published analyses. We then present a new cipher, Chameleon which uses a similar internal organization to RC4 but uses different methods. The remainder of the thesis uses ideas from both Chameleon and RC4 to develop design strategies for new ciphers. In particular, we develop a new cipher, RC4B, with the goal of greater security with an algorithm comparable in simplicity to RC4. We also present design strategies for ciphers and two new ciphers for 32-bit processors. Finally we present versions of Chameleon and RC4B that are implemented using playing-cards.

Mathematics

cryptography

rc4

symmetric cipher

cipher

Design and Analysis of RC4-like Stream Ciphers

McKague, Matthew

January 2005

RC4 is one of the most widely used ciphers in practical software applications. In this thesis we examine security and design aspects of RC4. First we describe the functioning of RC4 and present previously published analyses. We then present a new cipher, Chameleon which uses a similar internal organization to RC4 but uses different methods. The remainder of the thesis uses ideas from both Chameleon and RC4 to develop design strategies for new ciphers. In particular, we develop a new cipher, RC4B, with the goal of greater security with an algorithm comparable in simplicity to RC4. We also present design strategies for ciphers and two new ciphers for 32-bit processors. Finally we present versions of Chameleon and RC4B that are implemented using playing-cards.

Mathematics

cryptography

rc4

symmetric cipher

cipher

Implantations cryptographiques sécurisées et outils d’aide à la validation des contremesures contre les attaques par canaux cachés

Thuillet, Céline

30 March 2012

Depuis plusieurs années, les composants dédiés à la sécurité comme les cartes à puce sont soumises à des attaques dites par canaux cachés. Ces attaques permettent d'exhiber les secrets en analysant des caractéristiques physiques comme la consommation du composant ou encore son temps d'exécution. Dans le cadre de cette thèse, deux contremesures ont été réalisées et appliquées à l'AES (algorithme de chiffrement symétrique). De plus, afin d'aider les développements futurs des contremesures et la validation de celles-ci, un simulateur a été développé. Il permet de réaliser des attaques grâce à un modèle de consommation défini dans les phases amont de développement. Enfin, j'ai pu participer aux groupes de travail qui ont proposé Shabal à la compétition SHA-3, qui vise à définir un nouveau standard pour les fonctions de hachage. Des implantations matérielles ont été réalisées par la suite. / For several years, the security components such as smart cards are subject to side channel attacks. These attacks allow to exhibit secrets by analyzing the physical characteristics such as power consumption or execution time. As part of this thesis, two countermeasures were carried out and applied to the AES (symmetric cipher). In addition, to help future development of countermeasures and their validation, a simulator was developed. It realizes attacks using a power consumption model defined in the early phases of development. Finally, I participated in working groups that have proposed Shabal to SHA-3 competition, which aims to define a new standard for hash functions. Hardware implementations have been made thereafter.

Attaques par canaux cachés

Fonctions de hachage

Carte à puce

Asic

Protections

Side channel attacks

Smartcards

ASIC

Countermeasures

Symmetric cipher

Hash functions

Autentizace pomocí smartkaret / Smartcard authentication

Juras, Stanislav

January 2010

The master’s thesis outlines the problem of authentication. It describes authentication factors like ownership, knowledge and inherent. There are described properties of each of that. Authentication based on ownership focuses on authenticators - the smartcards. The thesis also describes different types of smartcards (contact, contactless and hybrid smartcards) and refers to their basic properties. Emphasis is placed on the description of contact and contactless smartcard, specifically focusing on .NET smartcards. It describes their internal components such as memory (RAM, ROM, EEPROM), crypto processor etc. Smartcards are also examined in terms of support for cryptographic primitives. The thesis also introduces the cryptographic methods and principles describing symmetric and asymmetric ciphers. Symmetric ciphers are divided in to stream and block ciphers. There is description of asymmetric cipher, digital signature etc. This work also touches on the fundamental principles required for safe programming. Part of this work is also practical implementation (programs). Practical part aims to implement the communication between the user and AC (Access Control) AASR system. The first suite of applications provides encrypted communication between the PC and smartcards. These applications should create on smartcard services that will be able to perform operations on the client side, which are necessary to authenticate in the AASR system. The paper also presents algorithms for working with big numbers - addition, subtraction, multiplication, and Montgomery's algorithm for multiplication. The second application implements the functionality of AC components (Access Control). This functionality is for example – authenticate received token, digital signature authentication, generating random numbers, logging etc.