61 |
Optimisation Heuristics for CryptologyClark, Andrew J. January 1998 (has links)
The aim of the research presented in this thesis is to investigate the use of various optimisation heuristics in the fields of automated cryptanalysis and automated cryptographic function generation. These techniques were found to provide a successful method of automated cryptanalysis of a variety of the classical ciphers. Also, they were found to enhance existing fast correlation attacks on certain stream ciphers. A previously proposed attack of the knapsack cipher is shown to be flawed due to the absence of a suitable solution evaluation mechanism. Finally, a new approach for finding highly nonlinear Boolean functions is introduced.
|
62 |
Etudes cryptographiques et statistiques de signaux compromettants / Cryptographic and statistical side channel analysisLinge, Yanis 22 November 2013 (has links)
Cette thèse porte sur les attaques par observations. Ces attaques étudient les variations d'émanation d'un composant pour retrouver une clé secrète. Ces émanations peuvent être multiples, par exemple, la consommation de courant électrique, le rayonnement électromagnétique, etc. Généralement, ces attaques font appel à des méthodes statistiques pour examiner la relation entre les émanations du composant et des modèles de consommation imaginés par l'attaquant. Trois axes sont développés dans cette thèse. Dans un premier temps, nous avons implémenté différentes attaques par observations sur des cartes graphiques en utilisant l'API OpenCL. Ces implémentations sont plus performantes que les implémentations classiques, ce qui permet à un attaquant de pouvoir traiter plus de données. Dans un second temps, nous avons proposé l'utilisation du MIC dans le cadre des attaques par observations. L'avantage du MIC, par rapport à l'information mutuelle, est sa facilité de calcul, ne dépendant pas de choix de noyau ou de taille de fenêtre. Son utilisation dans une attaque par observations est donc aisée, même si, la complexité des calculs à effectuer est souvent très importante. Enfin, nous avons introduit une nouvelle attaque, basée sur la distribution jointe de l'entrée et de la sortie de fonction cryptographique. Si cette distribution varie en fonction de la valeur de la clé impliquée par la fonction, on est capable de retrouver la clé secrète utilisée par le composant. Cette nouvelle attaque a la particularité de ne nécessiter ni la connaissance du texte clair, ni la connaissance du texte chiffré, ce qui lui permet d'être efficace même en présence de certaines contre-mesures. / The main subject of this manuscript is the Side Channel Attacks. These attacks investigate the variation of device emanations to retrieve a secret key. These emanations can be the power consumption, the electromagnetic radiation, etc. Most of the time, those attacks use statistical methods to examine the relationship between the emanations and some leakage models supposed by the attacker. Three main axis are developed here. First, we have implemented many side channel attacks on GPGPU using the API OpenCL. These implementations are more effective than the classical ones, so an attacker can exploit more data. Then, in order to provide a new side channel attack, we have suggested the use of a new dependency measurement proposed by Reshef et al., the MIC. The MIC is more advantageous than the mutual information, because its computation does not depend of a kernel choice nor a windows size. So, its use in side channel analysis is simple, even if the time complexity is large. Finally, we have introduced a new attack based on the join distribution of the input and the output of a cryptographic sub-function. If the distribution depends on the key used in the function, we can retrieve the secret key. This attack can be efficient even in presence of some countermeasures because it does not required the knowledge of both plain text or cipher text.
|
63 |
Le logarithme discret dans les corps finis / Discrete logarithm in finite fieldsPierrot, Cécile 25 November 2016 (has links)
La cryptologie consiste en l’étude des techniques utilisées par deux entités pour communiquer en secret en présence d’une troisième. Les propriétés mathématiques qui sous-tendent ces techniques garantissent que leur attaque reste infaisable en pratique par un adversaire malveillant. Ainsi, les protocoles s’appuient sur diverses hypothèses, comme la di fficulté présumée de factoriser des entiers ou de calculer le logarithme discret d’un élément arbitraire dans certains groupes. Cette thèse qui porte sur le problème du logarithme discret dans les corps finis s’articule autour de trois volets.Nous exposons les résultats théoriques associés au problème sans considération du groupe cible, détaillant ainsi les classes de complexité auxquelles il appartient ainsi que di fférentes approches pour tenter de le résoudre.L’étude du problème dans les corps finis commence en tant que telle par les corps présentant une caractéristique de petite taille relativement à l’ordre total du corps en question. Cette seconde partie résulte sur l’exposition d’un algorithme par représentation de Frobenius dont une application a aboutit au record actuel de calcul de logarithme discret en caractéristique 3.Pour les corps de moyenne ou grande caractéristiques, une autre méthode est requise. Le crible par corps de nombres (NFS) multiples obtient les complexités asymptotiques les plus basses pour un corps arbitraire. Un dernier chapitre introduit la notion de matrice presque creuse. L’élaboration d’un nouvel algorithme spécifique qui explicite le noyau d’une telle matrice facilite en pratique l’étape d’algèbre sous-jacente à toute variante de NFS. / Cryptography is the study of techniques for secure communication in the presence of third parties, also called adversaries. Such techniques are detailed in cryptosystems, explaining how to securely encode and decode messages. They are designed around computational hardness assumptions related to mathematical properties, making such algorithms hard to break in practice by any adversary. These protocols are based on the computational difficulty of various problems which often come from number theory, such as integer factorization or discrete logarithms computations. This manuscript focuses on the discrete logarithm problem in finite fields and revolves around three axes.First we detail classical results about the problem without any consideration to the target group. We deal with complexity classes and some general methods that do not need any information on the group.The study of the discrete logarithm problem in finite fields starts with small characteristic ones. The aim is to present a Frobenius representation algorithm that leads to the current discrete logarithm record in characteristic 3.For medium or large characteristics finite fields, another approach is required. The multiple number field sieve reaches the best asymptotic heuristic complexities for this double range of characteristics. We also introduce the notion of nearly sparse matrices. Designing a new algorithm dedicated to explicitly give the kernel of such a matrix eases in practice the linear algebra step of any variant of the number field sieve.
|
64 |
Correlation attacks on stream ciphers using convolutional codesBruwer, Christian S 24 January 2006 (has links)
This dissertation investigates four methods for attacking stream ciphers that are based on nonlinear combining generators: -- Two exhaustive-search correlation attacks, based on the binary derivative and the Lempel-Ziv complexity measure. -- A fast-correlation attack utilizing the Viterbi algorithm -- A decimation attack, that can be combined with any of the above three attacks. These are ciphertext-only attacks that exploit the correlation that occurs between the ciphertext and an internal linear feedback shift-register (LFSR) of a stream cipher. This leads to a so-called divide and conquer attack that is able to reconstruct the secret initial states of all the internal LFSRs within the stream cipher. The binary derivative attack and the Lempel-Ziv attack apply an exhaustive search to find the secret key that is used to initialize the LFSRs. The binary derivative and the Lempel-Ziv complexity measures are used to discriminate between correct and incorrect solutions, in order to identify the secret key. Both attacks are ideal for implementation on parallel processors. Experimental results show that the Lempel-Ziv correlation attack gives successful results for correlation levels of p = 0.482, requiring approximately 62000 ciphertext bits. And the binary derivative attack is successful for correlation levels of p = 0.47, using approximately 24500 ciphertext bits. The fast-correlation attack, utilizing the Viterbi algorithm, applies principles from convolutional coding theory, to identify an embedded low-rate convolutional code in the pn-sequence that is generated by an internal LFSR. The embedded convolutional code can then be decoded with a low complexity Viterbi algorithm. The algorithm operates in two phases: In the first phase a set of suitable parity check equations is found, based on the feedback taps of the LFSR, which has to be done once only once for a targeted system. In the second phase these parity check equations are utilized in a Viterbi decoding algorithm to recover the transmitted pn-sequence, thereby obtaining the secret initial state of the LFSR. Simulation results for a 19-bit LFSR show that this attack can recover the secret key for correlation levels of p = 0.485, requiring an average of only 153,448 ciphertext bits. All three attacks investigated in this dissertation are capable of attacking LFSRs with a length of approximately 40 bits. However, these attacks can be extended to attack much longer LFSRs by making use of a decimation attack. The decimation attack is able to reduce (decimate) the size of a targeted LFSR, and can be combined with any of the three above correlation attacks, to attack LFSRs with a length much longer than 40 bits. / Dissertation (MEng (Electronic Engineering))--University of Pretoria, 2007. / Electrical, Electronic and Computer Engineering / unrestricted
|
65 |
On A Cubic Sieve Congruence Related To The Discrete Logarithm ProblemVivek, Srinivas V 08 1900 (has links) (PDF)
There has been a rapid increase interest in computational number theory ever since the invention of public-key cryptography. Various attempts to solve the underlying hard problems behind public-key cryptosystems has led to interesting problems in computational number theory. One such problem, called the cubic sieve congruence problem, arises in the context of the cubic sieve method for solving the discrete logarithm problem in prime fields.
The cubic sieve method requires a nontrivial solution to the Cubic Sieve Congruence (CSC)x3 y2z (mod p), where p is a given prime. A nontrivial solution must satisfy
x3 y2z (mod p), x3 ≠ y2z, 1≤ x, y, z < pα ,
where α is a given real number ⅓ < α ≤ ½. The CSC problem is to find an efficient algorithm to obtain a nontrivial solution to CSC.
This thesis is concerned with the CSC problem. Recently, the parametrization x y2z (mod p) and y υ3z (mod p) of CSC was introduced. We give a deterministic polynomial-time (O(ln3p) bit-operations) algorithm to determine, for a given υ, a nontrivial solution to CSC, if one exists. Previously it took Õ(pα) time to do this. We relate the CSC problem to the gap problem of fractional part sequences. We also show in the α = ½ case that for a certain class of primes the CSC problem can be solved deterministically Õ(p⅓) time compared to the previous best of Õ(p½). It is empirically observed that about one out of three primes are covered by this class, up to 109
|
66 |
Softwarová podpora výuky kryptografie / Software support for cryptography educationStančík, Peter January 2008 (has links)
The main aim of this thesis was to study, choose and decribe techniques eligible for cryptography education. A pedagogically appropriate presentation for the selected techniques' principles was to be chosen. Another goal was to create an integrated modular web interface containing a calculator focused on cryptographic operations. The eligibility of techniques was assessed accordingly to the computing processes implied by these techniques and also accordingly to the ability of being presented in an illustrative way. A program simplifying calculations used in symetric and asymetric cryptography was designed and implemented. It disposes of a web interface and one of its parts is focused on steganographic techniques. On the other hand, any pedagogically appropriate presentation interconnecting this program with theoretical findings from this field was not found.
|
67 |
Portál pro podporu výuky kryptografie / Portal for the support of cryptography instructionForman, Tomáš January 2010 (has links)
The main goal of this master's thesis is building of web portal for presentation basic cryptography algorithms. Those algorithms would be explained in the theoretical page in the first place. After that, they would be demonstrated by scripts. One part of this project is designing simplified theoretical element for basic impletion portal of information. Next part is creating web portal by one of the free available CMS´s systems. Programming language JAVA would be used as an instrument for creating demonstration scripts. For creating animations will be used the Flash animation tool. Target of formed web portal is creating community of expert public. It would make new articles, scripts and knowledge. This way, the portal would be kept current. The section which would include failure the most widely used algorithms and instructions how to eliminate it will be part of portal.
|
68 |
On the Properties of S-boxes : A Study of Differentially 6-Uniform Monomials over Finite Fields of Characteristic 2Perrin, Léo Paul January 2013 (has links)
S-boxes are key components of many symmetric cryptographic primitives. Among them, some block ciphers and hash functions are vulnerable to attacks based on differential cryptanalysis, a technique introduced by Biham and Shamir in the early 90’s. Resistance against attacks from this family depends on the so-called differential properties of the S-boxes used. When we consider S-boxes as functions over finite fields of characteristic 2, monomials turn out to be good candidates. In this Master’s Thesis, we study the differential properties of a particular family of monomials, namely those with exponent 2ͭᵗ-1 In particular, conjectures from Blondeau’s PhD Thesis are proved. More specifically, we derive the differential spectrum of monomials with exponent 2ͭᵗ-1 for several values of t using a method similar to the proof Blondeau et al. made of the spectrum of x -<img src="http://www.diva-portal.org/cgi-bin/mimetex.cgi?%5Crightarrow" /> x⁷. The first two chapters of this Thesis provide the mathematical and cryptographic background necessary while the third and fourth chapters contain the proofs of the spectra we extracted and some observations which, among other things, connect this problem with the study of particular Dickson polynomials.
|
69 |
Mathématiques discrètes appliquées à la cryptographie symétrique / Mathématiques discrètes appliquées à la cryptographie symétriqueRotella, Yann 19 September 2018 (has links)
Dans cette thèse, nous étudions la sécurité de primitives cryptographiques. Ces systèmes sont fondés sur des transformations utilisant des objets mathématiques représentés de multiples manières. Nous utilisons alors certaines structures inhérentes à leurs composantes, et jusqu'alors non prises en compte, pour mettre en évidence de nouvelles vulnérabilités. Par l'exploitation de diverses représentations, nous avons ainsi cryptanalysé des chiffrements authentifiés de la compétition CAESAR, des chiffrements à flot spécifiques et des constructions génériques. Nous avons donné des critères de conception en vue de la standardisation par le NIST de chiffrements à bas coût. Dans le cas des chiffrements à flot, nous avons défini de nouveaux critères cryptographiques plus pertinents que les critères usuels. Plus précisément, nous analysons la sécurité des chiffrements par bloc légers au regard des récentes attaques par invariant, et nous montrons comment les éviter par un choix approprié de la couche linéaire de diffusion et des constantes de tour. Nous proposons une nouvelle cryptanalyse des registres filtrés, grâce à la décomposition des éléments dans les sous-groupes multiplicatifs du corps fini à 2^n éléments. L'analyse du chiffrement FLIP, mais aussi du générateur pseudo-aléatoire de Goldreich a mis en évidence des faiblesses exploitables dans des attaques de type ``supposer et déterminer'', qui nécessitent la prise en compte de nouveaux critères sur les fonctions booléennes utilisées dans ce contexte. Enfin, nous cryptanalysons une version simplifiée du chiffrement authentifié Ketje en utilisant plusieurs techniques, permettant ainsi d'affiner l'évaluation de sa sécurité. / In this thesis, we study the security of symmetric cryptographic primitives. These systems are based on transformations relying on mathematical objects that can be represented in multiple ways. We then exploit different induced structures to highlight new vulnerabilities. By exploiting various representations, we cryptanalyzed some schemes submitted to the CAESAR competition, and also some dedicated and generic stream ciphers. We exhibited design criteria for lightweight block ciphers in view of the NIST standardization process and in the case of stream ciphers we defined new cryptographic criteria more relevant than the usual ones. More precisely, we study the security of lightweight block ciphers with respect to the recent invariant attacks, and we show how to avoid them with an appropriate choice of the linear layer and the round constants. We propose a new cryptanalysis of the filtered registers, by decomposing elements in the multiplicative subgroups of the finite field with 2^n elements. The analysis of the FLIP cipher, but also of the Goldreich pseudo-random generator, revealed weaknesses that are exploitable in ``guess and determine'' attacks. This leads to new criteria on the Boolean functions used in this context. Finally, we cryptanalyze a weaker version of the authenticated encryption scheme Ketje using several techniques, in order to refine the security evaluation of this cipher.
|
70 |
Cyklicky-aditivně-diferenční množiny ze Singerových a GMW diferenčních množin. / Cyklicky-aditivně-diferenční množiny ze Singerových a GMW diferenčních množin.Beneš, Daniel January 2021 (has links)
Cyclic-additive-difference sets are combinatorial objects defined by Claude Carlet in 2018. It is, in some sense similar to cyclic difference sets, a well-known concept. In this thesis, first we summarize the current knowledge about cyclic-additive-difference sets and their connection to differential cryptanalysis. Then we present our own results. First, we prove the existence of three infinite families of cyclic-additive-difference sets arising from powers of Singer sets which is an open problem asked by Carlet in 2019. Then we generalize the definition of cyclic-additive-difference sets to the fields of odd characteristic and study similar sets in odd characteristic case. 1
|
Page generated in 0.0627 seconds