scholarly journals Human-readable Proof of the Related-Key Security of AES-128

2017 ◽  
pp. 59-83 ◽  
Author(s):  
Khoongming Khoo ◽  
Eugene Lee ◽  
Thomas Peyrin ◽  
Siang Meng Sim
Keyword(s):  
Block Cipher ◽  
Internal State ◽  
Meaningful Information ◽  
Key Schedule ◽  
Simple Permutation ◽  
Computer Based ◽  
First Time ◽  
Truncated Differential

The related-key model is now considered an important scenario for block cipher security and many schemes were broken in this model, even AES-192 and AES-256. Recently were introduced efficient computer-based search tools that can produce the best possible related-key truncated differential paths for AES. However, one has to trust the implementation of these tools and they do not provide any meaningful information on how to design a good key schedule, which remains a challenge for the community as of today. We provide in this article the first human-readable proof on the minimal number of active Sboxes in the related-key model for AES-128, without any help from a computer. More precisely, we show that any related-key differential path for AES-128 will respectively contain at least 0, 1, 3 and 9 active Sboxes for 1, 2, 3 and 4 rounds. Our proof is tight, not trivial, and actually exhibits for the first time the interplay between the key state and the internal state of an AES-like block cipher with an AES-like key schedule. As application example, we leverage our proofs to propose a new key schedule, that is not only faster (a simple permutation on the byte positions) but also ensures a higher number of active Sboxes than AES-128’s key schedule. We believe this is an important step towards a good understanding of efficient and secure key schedule designs.

scholarly journals Improved Security Evaluation of SPN Block Ciphers and its Applications in the Single-key Attack on SKINNY

2020 ◽  
pp. 171-191
Author(s):  
Wenying Zhang ◽  
Meichun Cao ◽  
Jian Guo ◽  
Enes Pasalic
Keyword(s):  
Block Cipher ◽  
Internal State ◽  
Block Ciphers ◽  
Security Evaluation ◽  
Algebraic Expression ◽  
Single Pair ◽  
Integral Property ◽  
Simple Method ◽  
Truncated Differential ◽  
Impossible Differentials

In this paper, a new method for evaluating the integral property, truncated and impossible differentials for substitution-permutation network (SPN) block ciphers is proposed. The main assumption is an explicit description/expression of the internal state words in terms of the plaintext (ciphertext) words. By counting the number of times these words occur in the internal state expression, we can evaluate the resistance of a given block cipher to integral and impossible/truncated differential attacks more accurately than previous methods. More precisely, we explore the cryptographic consequences of uneven frequency of occurrences of plaintext (ciphertext) words appearing in the algebraic expression of the internal state words. This approach gives a new family of distinguishers employing different concepts such as the integral property, impossible/truncated differentials and the so-called zero-sum property. We then provide algorithms to determine the maximum number of rounds of such new types of distinguishers for SPN block ciphers. The potential and efficiency of this relatively simple method is confirmed through applications. For instance, in the case of SKINNY block cipher, several 10-round integral distinguishers, all of the 11-round impossible differentials, and a 7-round truncated differential could be determined. For the last case, using a single pair of plaintexts differing in three words so that (a = b = c) ≠ (a’ = b’ = c’), we are able to distinguish 7-round SKINNY from random permutations. More importantly, exploiting our distinguishers, we give the first practical attack on 11-round SKINNY-128-128 in the single-key setting (a theoretical attack reaches 16 rounds). Finally, using the same ideas, we provide a concise explanation on the existing distinguishers for round-reduced AES.

scholarly journals Novel AI driven approach to classify infant motor functions

2021 ◽  
Vol 11 (1) ◽  
Author(s):  
Simon Reich ◽  
Dajie Zhang ◽  
Tomas Kulvicius ◽  
Sven Bölte ◽  
Karin Nielsen-Saines ◽  
...  
Keyword(s):  
Learning Algorithm ◽  
Movement Pattern ◽  
Video Stream ◽  
Typically Developing ◽  
The Past ◽  
Movement Assessment ◽  
Computer Based ◽  
Ablation Study ◽  
First Time ◽  
Efficient Screening

AbstractThe past decade has evinced a boom of computer-based approaches to aid movement assessment in early infancy. Increasing interests have been dedicated to develop AI driven approaches to complement the classic Prechtl general movements assessment (GMA). This study proposes a novel machine learning algorithm to detect an age-specific movement pattern, the fidgety movements (FMs), in a prospectively collected sample of typically developing infants. Participants were recorded using a passive, single camera RGB video stream. The dataset of 2800 five-second snippets was annotated by two well-trained and experienced GMA assessors, with excellent inter- and intra-rater reliabilities. Using OpenPose, the infant full pose was recovered from the video stream in the form of a 25-points skeleton. This skeleton was used as input vector for a shallow multilayer neural network (SMNN). An ablation study was performed to justify the network’s architecture and hyperparameters. We show for the first time that the SMNN is sufficient to discriminate fidgety from non-fidgety movements in a sample of age-specific typical movements with a classification accuracy of 88%. The computer-based solutions will complement original GMA to consistently perform accurate and efficient screening and diagnosis that may become universally accessible in daily clinical practice in the future.

scholarly journals Different Types of Attacks on Block Ciphers

2020 ◽  
Vol 9 (3) ◽  
pp. 28-31
Keyword(s):  
Block Cipher ◽  
Classical Method ◽  
System Of Nonlinear Equations ◽  
Algebraic Attack ◽  
Differential Attack ◽  
Different Types ◽  
Important Challenge ◽  
Impossible Differential ◽  
Linear Differential ◽  
Truncated Differential

Cryptanalysis is a very important challenge that faces cryptographers. It has several types that should be well studied by cryptographers to be able to design cryptosystem more secure and able to resist any type of attacks. This paper introduces six types of attacks: Linear, Differential , Linear-Differential, Truncated differential Impossible differential attack and Algebraic attacks. In this paper, algebraic attack is used to formulate the substitution box(S-box) of a block cipher to system of nonlinear equations and solve this system by using a classical method called Grobner  Bases . By Solving these equations, we made algebraic attack on S-box.

scholarly journals BLOCK CIPHERS ON THE BASIS OF REVERSIBLE CELLULAR AUTOMATA

2020 ◽  
Vol 10 (1) ◽  
pp. 8-11
Author(s):  
Yuliya Tanasyuk ◽  
Petro Burdeinyi
Keyword(s):  
Cellular Automata ◽  
Block Cipher ◽  
Key Generation ◽  
One Dimensional ◽  
C Programming Language ◽  
C Programming ◽  
Shared Secret ◽  
Reversible Cellular Automata ◽  
The Given ◽  
First Time

The given paper is devoted to the software development of block cipher based on reversible one-dimensional cellular automata and the study of its statistical properties. The software implementation of the proposed encryption algorithm is performed in C# programming language in Visual Studio 2017. The paper presents specially designed approach for key generation. To ensure desired cryptographic stability, the shared secret parameters can be adjusted to contain information needed for creating substitution tables, defining reversible rules, and hiding final data. For the first time, it is suggested to create substitution tables based on iterations of a cellular automaton that is initialized by the key data.

scholarly journals Cryptanalysis on SDDO-Based BM123-64 Designs Suitable for Various IoT Application Targets

Symmetry ◽  
2018 ◽  
Vol 10 (8) ◽  
pp. 353 ◽  
Author(s):  
Tran Phuc ◽  
Changhoon Lee
Keyword(s):  
Internet Of Things ◽  
High Speed ◽  
High Probability ◽  
Block Cipher ◽  
Algorithm Selection ◽  
Key Schedule ◽  
Boomerang Attack ◽  
Selection For ◽  
Differential Attacks

BM123-64 block cipher, which was proposed by Minh, N.H. and Bac, D.T. in 2014, was designed for high speed communication applications factors. It was constructed in hybrid controlled substitution–permutation network (CSPN) models with two types of basic controlled elements (CE) in distinctive designs. This cipher is based on switchable data-dependent operations (SDDO) and covers dependent-operations suitable for efficient primitive approaches for cipher constructions that can generate key schedule in a simple way. The BM123-64 cipher has advantages including high applicability, flexibility, and portability with different algorithm selection for various application targets with internet of things (IoT) as well as secure protection against common types of attacks, for instance, differential attacks and linear attacks. However, in this paper, we propose methods to possibly exploit the BM123-64 structure using related-key attacks. We have constructed a high probability related-key differential characteristics (DCs) on a full eight rounds of BM123-64 cipher. The related-key amplified boomerang attack is then proposed on all three different cases of operation-specific designs with effective results in complexity of data and time consumptions. This study can be considered as the first cryptographic results on BM123-64 cipher.

Improved Meet-in-the-Middle Attacks on Reduced-Round Deoxys-BC-256

2020 ◽  
Vol 63 (12) ◽  
pp. 1859-1870
Author(s):  
Ya Liu ◽  
Bing Shi ◽  
Dawu Gu ◽  
Fengyu Zhao ◽  
Wei Li ◽  
...  
Keyword(s):  
Block Cipher ◽  
Encryption Scheme ◽  
The Third ◽  
Caesar Competition ◽  
Internal Block ◽  
Truncated Differential

Abstract In ASIACRYPT 2014, Jean et al. proposed the authentication encryption scheme Deoxys, which is one of the third-round candidates in CAESAR competition. Its internal block cipher is called Deoxys-BC that adopts the tweakey frame. Deoxys-BC has two versions of the tweakey size that are 256 bits and 384 bits, denoted by Deoxys-BC-256 and Deoxys-BC-384, respectively. In this paper, we revaluate the security of Deoxys-BC-256 against the meet-in-the-middle attack to obtain some new results. First, we append one round at the top and two rounds at the bottom of a 6-round distinguisher to form a 9-round truncated differential path with the probability of $2^{-144}$. Based on it, the adversary can attack 9-round Deoxys-BC-256 with $2^{108}$ chosen plaintext-tweaks, $2^{113.6}$ encryptions and $2^{102}$ blocks. Second, we construct a new 6.5-round distinguisher to form 10-round attacking path with the probability of $2^{-152}$. On the basis of it, the adversary could attack 10-round Deoxys-BC-256 with $2^{115}$ chosen plaintext-tweaks, $2^{171}$ encryptions and $2^{152}$ blocks. These two attacks improve the previous cryptanalytic results on reduced-round Deoxys-BC-256 against the meet-in-the-middle attack.

scholarly journals Example of internal function for Sponge scheme built on the basis of the generalized AES design methodology

Doklady BGUIR ◽  
2021 ◽  
Vol 19 (3) ◽  
pp. 89-95
Author(s):  
R. M. Ospanov ◽  
Ye. N. Seitkulov ◽  
B. B. Yergaliyeva ◽  
N. M. Sisenov
Keyword(s):  
Design Methodology ◽  
Block Cipher ◽  
Internal State ◽  
Hash Functions ◽  
Fixed Number ◽  
Encryption Algorithm ◽  
Multidimensional Arrays ◽  
Internal Function ◽  
Symmetric Block ◽  
Cryptographic Hash Functions

The purpose of this article is to construct an internal function underlying the “Sponge” scheme for constructing  cryptographic  hash  functions.  An  internal  function in  the  “Sponge”  scheme  is  a  fixed-length transformation  or  permutation  that  operates  on  a  fixed  number  of  bits  that  make  up  the  internal  state  of  the function. There are various constructive approaches to functiondesign. The most common approach is to use a permutation based on a symmetric block encryption algorithm with constants as the key. This article builds an internal  function  using  the  generalized  AES  design  methodology. This  methodology  makes  it  easy  to  design block  ciphers  to  encrypt  large  blocks  of  plaintext  with  small  components,  representing  the  processed  data as  multidimensional  arrays.  The  internal  function  is  a  block  cipher  that  processes  2048  bits,  represented as  a  9-dimensional  array  of  512  4-bit  elements  with  size  2 × 2 × 2 × 2 × 2 × 2 × 2 × 2 × 2.  Each  round of encryption  consists  of  three  transformations  (S-blocks,  linear  transformation,  and  permutation),  similar  to the three round transformations of AES SubBytes, MixColumns, and ShiftRows. The constructed function can be used as an internal function in the modified “Sponge” schemefor constructing cryptographic hash functions.

scholarly journals Improved Rectangle Attacks on SKINNY and CRAFT

2021 ◽  
pp. 140-198
Author(s):  
Hosein Hadipour ◽  
Nasour Bagheri ◽  
Ling Song
Keyword(s):  
General Framework ◽  
Block Cipher ◽  
Security Analysis ◽  
Differential Cryptanalysis ◽  
Advanced Method ◽  
Model Based ◽  
Tweakable Block Cipher ◽  
First Time

The boomerang and rectangle attacks are adaptions of differential cryptanalysis that regard the target cipher E as a composition of two sub-ciphers, i.e., E = E1 ∘ E0, to construct a distinguisher for E with probability p2q2 by concatenating two short differential trails for E0 and E1 with probability p and q respectively. According to the previous research, the dependency between these two differential characteristics has a great impact on the probability of boomerang and rectangle distinguishers. Dunkelman et al. proposed the sandwich attack to formalise such dependency that regards E as three parts, i.e., E = E1 ∘ Em ∘ E0, where Em contains the dependency between two differential trails, satisfying some differential propagation with probability r. Accordingly, the entire probability is p2q2r. Recently, Song et al. have proposed a general framework to identify the actual boundaries of Em and systematically evaluate the probability of Em with any number of rounds, and applied their method to accurately evaluate the probabilities of the best SKINNY’s boomerang distinguishers. In this paper, using a more advanced method to search for boomerang distinguishers, we show that the best previous boomerang distinguishers for SKINNY can be significantly improved in terms of probability and number of rounds. More precisely, we propose related-tweakey boomerang distinguishers for up to 19, 21, 23, and 25 rounds of SKINNY-64-128, SKINNY-128-256, SKINNY-64-192 and SKINNY-128-384 respectively, which improve the previous boomerang distinguishers of these variants of SKINNY by 1, 2, 1, and 1 round respectively. Based on the improved boomerang distinguishers for SKINNY, we provide related-tweakey rectangle attacks on 23 rounds of SKINNY-64-128, 24 rounds of SKINNY-128-256, 29 rounds of SKINNY-64-192, and 30 rounds of SKINNY-128-384. It is worth noting that our improved related-tweakey rectangle attacks on SKINNY-64-192, SKINNY-128-256 and SKINNY-128-384 can be directly applied for the same number of rounds of ForkSkinny-64-192, ForkSkinny-128-256 and ForkSkinny-128-384 respectively. CRAFT is another SKINNY-like tweakable block cipher for which we provide the security analysis against rectangle attack for the first time. As a result, we provide a 14-round boomerang distinguisher for CRAFT in the single-tweak model based on which we propose a single-tweak rectangle attack on 18 rounds of this cipher. Moreover, following the previous research regarding the evaluation of switching in multiple rounds of boomerang distinguishers, we also introduce new tools called Double Boomerang Connectivity Table (DBCT), LBCT⫤, and UBCT⊨ to evaluate the boomerang switch through the multiple rounds more accurately.

scholarly journals Implementasi algoritma block cipher four pada mikrokontroler STM32F103C8T6

2021 ◽  
Vol 1 (2) ◽  
pp. 175-188
Author(s):  
Muhammad Adli Rizqulloh ◽  
Yoyo Somantri ◽  
Resa Pramudita ◽  
Agus Ramelan
Keyword(s):  
Block Cipher ◽  
Nios Ii ◽  
Key Schedule

Pada masa industri 4.0, data menjadi salah satu komponen yang wajib dilindungi. Block cipher merupakan salah satu algoritma yang digunakan untuk mengamankan data. Penelitian ini bertujuan untuk mengimplementasikan algoritma block cipher four (BCF) pada mikrokontroler. Parameter yang menjadi tolak ukur antara lain besaran flash dan RAM mikrokontroler yang terpakai, serta kecepatan eksekusi proses komputasi algoritma BCF. Mikrokontroler akan menjalankan algoritma BCF dengan urutan komputasi key-schedule, enkripsi, dan dekripsi. Setiap kali memulai proses komputasi, maka pin trigger pada mikrokontroler akan mengirimkan sinyal rising ke osiloskop dan pada saat selesai melakukan komputasi maka pin trigger mikrokontroler akan mengirimkan sinyal falling ke osiloskop. Hasil penelitian menunjukkan algoritma BCF dapat diimplementasikan pada mikrokontroler STM32F103C8T6. Flash dan RAM yang digunakan mencapai 22,02 Kb dan 5,12 Kb. Algoritma BCF yang diimplementasikan pada mikrokontroler STM32F103C8T6 mampu berjalan sampai dengan 704 kali lebih cepat jika dibandingkan dengan prosesor NIOS II, 11 kali lebih cepat dibandingkan dengan AES-Engine, dan lebih lambat 4 kali jika dibandingkan dengan BCF-Engine.

Sign in / Sign up

Export Citation Format

Share Document