Cryptanalysis of Some Self-Synchronous Chaotic Stream Ciphers and Their Improved Schemes

In this paper, a cryptanalysis method that combines a chosen-ciphertext attack with a divide-and-conquer attack by traversing multiple nonzero component initial conditions (DCA-TMNCIC) is proposed. The method is used for security analysis of [Formula: see text]-D ([Formula: see text]) self-synchronous chaotic stream ciphers that employ a product of two chaotic variables and three chaotic variables ([Formula: see text]-D SCSC-2 and [Formula: see text]-D SCSC-3), taking 3-D SCSC-2 as a typical example for cryptanalysis. For resisting the combinational effect of the chosen-ciphertext attack and DCA-TMNCIC, several improved chaotic cipher schemes are designed, including 3-D SCSC based on a nonlinear nominal system (3-D SCSC-NNS) and [Formula: see text]-D SCSC based on sinusoidal modulation ([Formula: see text]-D SCSC-SM ([Formula: see text])). Theoretical security analysis validates the improved schemes.

Download Full-text

Design and Smartphone Implementation of Chaotic Duplex H.264-Codec Video Communications

International Journal of Bifurcation and Chaos ◽

10.1142/s0218127421500450 ◽

2021 ◽

Vol 31 (03) ◽

pp. 2150045

Author(s):

Baoju Chen ◽

Simin Yu ◽

Zeqing Zhang ◽

David Day-Uei Li ◽

Jinhu Lü

Keyword(s):

Real Time ◽

Initial Conditions ◽

Security Analysis ◽

Divide And Conquer ◽

Video Communications ◽

Sinusoidal Modulation ◽

Low Level ◽

Modulo Operation ◽

Communication Scheme ◽

Known Plaintext Attack

In this paper, a chaotic duplex H.264-codec-based secure video communication scheme is designed and its smartphone implementation is also carried out. First, an improved self-synchronous chaotic stream cipher algorithm equipped with a sinusoidal modulation, a multiplication, a modulo operation and a round down operation (SCSCA-SMMR) is developed. Using the sinusoidal modulation and multiplication, the improved algorithm can resist the divide-and-conquer attack by traversing multiple nonzero component initial conditions (DCA-TMNCIC). Meanwhile, also by means of the round down operation and modulo operation, on the premise that the DCA-TMNCIC does not work, the original keys cannot be further deciphered only by the known-plaintext attack, the chosen-plaintext attack and the chosen-ciphertext attack, respectively. Then, the Android low-level multimedia support infrastructure MediaCodec class is used to access low-level media encoder/decoder components and the H.264 hardware encoding/decoding is performed on real-time videos, so the chaotic video encryption and decryption can be realized in real-time by smartphones. Security analysis and smartphone experimental results verify the effectiveness of the proposed method.

Download Full-text

Cryptanalysis of a Chaotic Stream Cipher and Its Improved Scheme

International Journal of Bifurcation and Chaos ◽

10.1142/s0218127418500864 ◽

2018 ◽

Vol 28 (07) ◽

pp. 1850086 ◽

Cited By ~ 8

Author(s):

Zhuosheng Lin ◽

Simin Yu ◽

Xiutao Feng ◽

Jinhu Lü

Keyword(s):

Stream Cipher ◽

Initial Conditions ◽

Divide And Conquer ◽

State Variables ◽

Nonlinear Functions ◽

Secret Keys ◽

Multiple State ◽

Nonlinear Operation ◽

Known Plaintext Attack ◽

Chosen Ciphertext Attack

In this paper, the security performance for an 8D self-synchronous and feedback-based chaotic stream cipher with the low 8 bits of state variables for encryption is analyzed. According to known-plaintext attack and divide-and-conquer attack, only the second plain-pixel and its corresponding cipher-pixel are required to decipher the secret keys [Formula: see text] [Formula: see text] by properly setting 64 different kinds of initial conditions. Then, according to chosen-ciphertext attack and divide-and-conquer attack, it is found that under the condition of selecting the ciphertext as zero, the original chaotic equation is degenerated as a linear one. So, by setting appropriate initial conditions, the secret keys [Formula: see text] [Formula: see text] can be deciphered with only four iterative operations. As for the secret keys [Formula: see text] [Formula: see text] multiplied by ciphertext and the secret keys [Formula: see text] [Formula: see text] related to nonlinear functions, maybe a more powerful attack method is required for these secret keys to be deciphered. Finally, an improved chaotic stream cipher scheme equipped with the low 8 bits derived from nonlinear operation of multiple state variables for encryption is proposed for improving the ability to resist divide-and-conquer attack and chosen-ciphertext attack.

Download Full-text

New Family of Stream Ciphers as Physically Clone-Resistant VLSI-Structures

Cryptography ◽

10.3390/cryptography3020011 ◽

2019 ◽

Vol 3 (2) ◽

pp. 11 ◽

Cited By ~ 4

Author(s):

Ayoub Mars ◽

Wael Adi

Keyword(s):

Security Analysis ◽

Stream Ciphers ◽

Nonlinear Feedback ◽

Worst Case ◽

Physically Unclonable Functions ◽

New Family ◽

Nonlinear Feedback Shift Registers ◽

Security Levels ◽

Post Quantum Cryptography ◽

Near Future

A concept for creating a large class of lightweight stream ciphers as Key Stream Generators KSGs is presented. The resulting class-size exceeds 2323 possible different KSGs. If one unknown cipher from the KSG-class is randomly picked-up and stored irreversibly within a VLSI device, the device becomes physically hard-to-clone. The selected cipher is only usable by the device itself, therefore cloning it requires an invasive attack on that particular device. Being an unknown selection out of 2323 possible KSGs, the resulting cipher is seen as a Secret Unknown Cipher (SUC). The SUC concept was presented a decade ago as a digital alternative to the inconsistent traditional analog Physically Unclonable Functions (PUFs). This work presents one possible practical self-creation technique for such PUFs as hard-to-clone unknown KSGs usable to re-identify VLSI devices. The proposed sample cipher-structure is based on non-linear merging of randomly selected 16 Nonlinear Feedback Shift Registers (NLFSRs). The created KSGs exhibit linear complexities exceeding 281 and a period exceeding 2161. The worst-case device cloning time complexity approaches 2162. A simple lightweight identification protocol for physically identifying such SUC structures in FPGA-devices is presented. The required self-reconfiguring FPGAs for embedding such SUCs are not yet available, however, expected to emerge in the near future. The security analysis and hardware complexities of the resulting clone-resistant structures are evaluated and shown to offer scalable security levels to cope even with the post-quantum cryptography.

Download Full-text

Chosen Ciphertext Attack on a New Class of Self-Synchronizing Stream Ciphers

Progress in Cryptology - INDOCRYPT 2004 - Lecture Notes in Computer Science ◽

10.1007/978-3-540-30556-9_7 ◽

2004 ◽

pp. 73-83 ◽

Cited By ~ 5

Author(s):

Bin Zhang ◽

Hongjun Wu ◽

Dengguo Feng ◽

Feng Bao

Keyword(s):

Stream Ciphers ◽

New Class ◽

Chosen Ciphertext Attack

Download Full-text

Tradeoff Attacks on Symmetric Ciphers

10.5772/intechopen.96627 ◽

2021 ◽

Author(s):

Orhun Kara

Keyword(s):

Internal State ◽

Security Analysis ◽

Stream Ciphers ◽

Open Problems ◽

Key Recovery ◽

State Recovery ◽

Internal States ◽

Symmetric Ciphers ◽

Iot Devices ◽

State Size

Tradeoff attacks on symmetric ciphers can be considered as the generalization of the exhaustive search. Their main objective is reducing the time complexity by exploiting the memory after preparing very large tables at a cost of exhaustively searching all the space during the precomputation phase. It is possible to utilize data (plaintext/ciphertext pairs) in some cases like the internal state recovery attacks for stream ciphers to speed up further both online and offline phases. However, how to take advantage of data in a tradeoff attack against block ciphers for single key recovery cases is still unknown. We briefly assess the state of art of tradeoff attacks on symmetric ciphers, introduce some open problems and discuss the security criterion on state sizes. We discuss the strict lower bound for the internal state size of keystream generators and propose more practical and fair bound along with our reasoning. The adoption of our new criterion can break a fresh ground in boosting the security analysis of small keystream generators and in designing ultra-lightweight stream ciphers with short internal states for their usage in specially low source devices such as IoT devices, wireless sensors or RFID tags.

Download Full-text

Performance Analysis Of Secured Synchronous Stream Ciphers

International Journal of Communication Networks and Security ◽

10.47893/ijcns.2011.1015 ◽

2011 ◽

pp. 22-26

Author(s):

Padmalatha Eddla ◽

R.Ravinder Reddy

Keyword(s):

Information And Communication Technologies ◽

Data Encryption ◽

Stream Ciphers ◽

Divide And Conquer ◽

Clock Frequency ◽

Sensitive Data ◽

Good Efficiency ◽

Digital Storage ◽

Gate Count ◽

Correlation Attacks

The new information and communication technologies require adequate security. In the past decades ,we have witnessed an explosive growth of the digital storage and communication of data ,triggered by some important breakthroughs such as the Internet and the expansive growth of wireless communications. In the world of cryptography ,stream ciphers are known as primitives used to ensure privacy over communication channel and these are widely used for fast encryption of sensitive data. Lots of old stream ciphers that have been formerly used no longer be considered secure ,because of their vulnerability to newly developed cryptanalysis techniques. Many designs stream ciphers have been proposed in an effort to find a proper candidate to be chosen as world standard for data encryption. From these designs, the stream ciphers which are Trivium,Edon80 and Mickey are implemented in ‘c’ language with out affecting their security .Actually these algorithms are particularly suited for hardware oriented environments which provides considerable security and efficiency aspects. We will be targeting hardware applications, and good measure for efficiency of a stream cipher in this environment is the number of key stream bits generated per cycle per gate. For good efficiency we are approaching two ways .One approach is minimizing the number of gates.The other approach is to dramatically increase the number of bits for cycle. This allows reducing the clock frequency at the cost of an increased gate count. Apart from the implementation the analysis which includes the security of these algorithms against some attacks related to stream ciphers such as guess and deterministic attacks, correlation attacks, divide and conquer attacks and algebraic attacks are presented.

Download Full-text

Automatic Search of Cubes for Attacking Stream Ciphers

IACR Transactions on Symmetric Cryptology ◽

10.46586/tosc.v2021.i4.100-123 ◽

2021 ◽

pp. 100-123

Author(s):

Yao Sun

Keyword(s):

Heuristic Method ◽

Stream Ciphers ◽

Divide And Conquer ◽

Key Recovery ◽

Cube Attack ◽

Automatic Search ◽

The Common ◽

Key Recovery Attack ◽

First Time ◽

Key Recovery Attacks

Cube attack was proposed by Dinur and Shamir, and it has become an important tool for analyzing stream ciphers. As the problem that how to recover the superpolys accurately was resolved by Hao et al. in EUROCRYPT 2020, another important problem is how to find “good” superpolys, which is equivalent to finding “good” cubes. However, there are two difficulties in finding “good” cubes. Firstly, the number of candidate cubes is enormous and most of the cubes are not “good”. Secondly, it is costly to evaluate whether a cube is “good”.In this paper, we present a new algorithm to search for a kind of “good” cubes, called valuable cubes. A cube is called valuable, if its superpoly has (at least) a balanced secret variable. A valuable cube is “good”, because its superpoly brings in 1 bit of information about the key. More importantly, the superpolys of valuable cubes could be used in both theoretical and practical analyses. To search for valuable cubes, instead of testing a set of cubes one by one, the new algorithm deals with the set of cubes together, such that the common computations can be done only once for all candidate cubes and duplicated computations are avoided. Besides, the new algorithm uses a heuristic method to reject useless cubes efficiently. This heuristic method is based on the divide-and-conquer strategy as well as an observation.For verifications of this new algorithm, we applied it to Trivium and Kreyvium, and obtained three improvements. Firstly, we found two valuable cubes for 843-round Trivium, such that we proposed, as far as we know, the first theoretical key-recovery attack against 843-round Trivium, while the previous highest round of Trivium that can be attacked was 842, given by Hao et al. in EUROCRYPT 2020. Secondly, by finding many small valuable cubes, we presented practical attacks against 806- and 808-round Trivium for the first time, while the previous highest round of Trivium that can be attacked practically was 805. Thirdly, based on the cube used to attack 892-round Kreyvium in EUROCRYPT 2020, we found more valuable cubes and mounted the key-recovery attacks against Kreyvium to 893-round.

Download Full-text

Dynamic Partial Encryption System for Digital Image

ECORFAN Journal-Democratic Republic of Congo ◽

10.35429/ejdrc.2019.9.5.10.16 ◽

2019 ◽

pp. 10-16

Author(s):

Gustavo Rodríguez- Cardona ◽

Leonardo Humberto Ramírez- Beltrán ◽

Marco Tulio Ramírez- Torres

Keyword(s):

Cellular Automata ◽

Digital Image ◽

Initial Conditions ◽

Security Analysis ◽

Data Encryption ◽

Encryption Algorithm ◽

Secret Key ◽

Partial Encryption ◽

Attractive Option ◽

Bit Planes

The present investigation is proposing a new partial encryption algorithm for digital image, using the synchronization of cellular automata based on the local rule 90. Unlike other partial encryption algorithm, which become vulnerable to attacks such as Replacement Attack or Reconstruction Attack, this system encodes different bit planes, in function of the secret key, that is, for each block of clear text, different bits are encrypted to prevent that with an elimination operation of the encrypted bits information can be revealed. The synchronization of cellular automata has proven to be a useful tool for data encryption because it is sensitivity to initial conditions and, in addition, rule 90 is considered a chaotic standard. Both characteristics ensure cryptographic and perceptive security. Based on the results of the security analysis, this research could be an attractive option for image encryption with less computer cost and without compromising information confidentiality.

Download Full-text

Catalog and Illustrative Examples of Lightweight Cryptographic Primitives

Security of Ubiquitous Computing Systems ◽

10.1007/978-3-030-10591-4_2 ◽

2021 ◽

pp. 21-47

Author(s):

Aleksandra Mileva ◽

Vesna Dimitrova ◽

Orhun Kara ◽

Miodrag J. Mihaljević

Keyword(s):

Stream Cipher ◽

Block Cipher ◽

Security Analysis ◽

Stream Ciphers ◽

Security Evaluation ◽

Cryptographic Primitives ◽

Internal States ◽

Lightweight Block Cipher ◽

Hardware Performance

AbstractThe main objective of this chapter is to offer to practitioners, researchers and all interested parties a brief categorized catalog of existing lightweight symmetric primitives with their main cryptographic features, ultimate hardware performance, and existing security analysis, so they can easily compare the ciphers or choose some of them according to their needs. Certain security evaluation issues have been addressed as well. In particular, the reason behind why modern lightweight block cipher designs have in the last decade overwhelmingly dominated stream cipher design is analyzed in terms of security against tradeoff attacks. It turns out that it is possible to design stream ciphers having much smaller internal states.

Download Full-text

AN EFFICIENT CONFUSION-DIFFUSION STRUCTURE FOR IMAGE ENCRYPTION USING PLAIN IMAGE RELATED HENON MAP

International Journal of Computing ◽

10.47839/ijc.19.3.1895 ◽

2020 ◽

pp. 464-473

Author(s):

Mohammed Hussein Ahmed ◽

Ahmed Kareem Shibeeb ◽

Fadhil Hanoon Abbood

Keyword(s):

Image Encryption ◽

Diffusion Processes ◽

Initial Conditions ◽

Security Analysis ◽

Hénon Map ◽

Henon Map ◽

Diffusion Structure ◽

Xor Operation ◽

Plain Image ◽

Pixel Value

Chaos-based image encryption has great significance as a branch of image security. So, a series of chaos-based cryptosystems protecting digital images are proposed in recent years. But, most of them have been broken as a result of poor encryption structure. This research paper suggests an effective image encryption structure to resist possible attacks. The proposed method employs plain image related Henon map (PIHM) for shuffling and diffusion processes in a connected way which is different from conventional chaotic based image encryption systems, since the initial conditions of diffusion process are established based on the initial conditions of shuffling process. The principle of confusion is achieved by shuffling the pixels over all the rows and columns. And the diffusion is ensured by using XOR operation of current shuffled pixel value with the previous value, and random pixel produced from PIHM map. The results of simulation and security analysis indicate that the proposed scheme has desirable encryption effects and is robust against different common attacks.

Download Full-text