scholarly journals Generating Graphs Packed with Paths Estimation of Linear Approximations and Differentials

2018 ◽  
pp. 265-289
Author(s):  
Mathias Hall-Andersen ◽  
Philip S. Vejre
Keyword(s):  
Linear Approximation ◽  
The Other ◽  
Differential Cryptanalysis ◽  
Linear Approximations ◽  
Correlation Distribution ◽  
Optimal Linear ◽  
Symmetric Key ◽  
Differential Attacks ◽  
Linear Correlations ◽  
Dependent Correlation

When designing a new symmetric-key primitive, the designer must show resistance to known attacks. Perhaps most prominent amongst these are linear and differential cryptanalysis. However, it is notoriously difficult to accurately demonstrate e.g. a block cipher’s resistance to these attacks, and thus most designers resort to deriving bounds on the linear correlations and differential probabilities of their design. On the other side of the spectrum, the cryptanalyst is interested in accurately assessing the strength of a linear or differential attack.While several tools have been developed to search for optimal linear and differential trails, e.g. MILP and SAT based methods, only few approaches specifically try to find as many trails of a single approximation or differential as possible. This can result in an overestimate of a cipher’s resistance to linear and differential attacks, as was for example the case for PRESENT.In this work, we present a new algorithm for linear and differential trail search. The algorithm represents the problem of estimating approximations and differentials as the problem of finding many long paths through a multistage graph. We demonstrate that this approach allows us to find a very large number of good trails for each approximation or differential. Moreover, we show how the algorithm can be used to efficiently estimate the key dependent correlation distribution of a linear approximation, facilitating advanced linear attacks. We apply the algorithm to 17 different ciphers, and present new and improved results on several of these.

scholarly journals Comparing Large-unit and Bitwise Linear Approximations of SNOW 2.0 and SNOW 3G and Related Attacks

2021 ◽  
pp. 71-103
Author(s):  
Xinxin Gong ◽  
Bin Zhang
Keyword(s):  
Linear Approximation ◽  
The Other ◽  
Initial State ◽  
Large Unit ◽  
Research Results ◽  
Linear Approximations ◽  
Correlation Attack ◽  
Correlation Attacks

In this paper, we study and compare the byte-wise and bitwise linear approximations of SNOW 2.0 and SNOW 3G, and present a fast correlation attack on SNOW 3G by using our newly found bitwise linear approximations. On one side, we reconsider the relation between the large-unit linear approximation and the smallerunit/ bitwise ones derived from the large-unit one, showing that approximations on large-unit alphabets have advantages over all the smaller-unit/bitwise ones in linear attacks. But then on the other side, by comparing the byte-wise and bitwise linear approximations of SNOW 2.0 and SNOW 3G respectively, we have found many concrete examples of 8-bit linear approximations whose certain 1-dimensional/bitwise linear approximations have almost the same SEI (Squared Euclidean Imbalance) as that of the original 8-bit ones. That is, each of these byte-wise linear approximations is dominated by a single bitwise approximation, and thus the whole SEI is not essentially larger than the SEI of the dominating single bitwise approximation. Since correlation attacks can be more efficiently implemented using bitwise approximations rather than large-unit approximations, improvements over the large-unit linear approximation attacks are possible for SNOW 2.0 and SNOW 3G. For SNOW 3G, we make a careful search of the bitwise masks for the linear approximations of the FSM and obtain many mask tuples which yield high correlations. By using these bitwise linear approximations, we mount a fast correlation attack to recover the initial state of the LFSR with the time/memory/data/pre-computation complexities all upper bounded by 2174.16, improving slightly the previous best one which used an 8-bit (vectorized) linear approximation in a correlation attack with all the complexities upper bounded by 2176.56. Though not a significant improvement, our research results illustrate that we have an opportunity to achieve improvement over the large-unit attacks by using bitwise linear approximations in a linear approximation attack, and provide a newinsight on the relation between large-unit and bitwise linear approximations.

Optimization Design of Beam Based on Genetic Algorithm

2010 ◽  
Vol 163-167 ◽  
pp. 2365-2368 ◽  
Author(s):  
Shu Ling Qiao ◽  
Zhi Jun Han
Keyword(s):  
Genetic Algorithm ◽  
Objective Function ◽  
Linear Approximation ◽  
Approximation Method ◽  
Optimization Design ◽  
Mathematic Model ◽  
Processing Method ◽  
Fast Convergence ◽  
The Other ◽  
Linear Approximation Method

In this paper, determinate beam and indeterminate beam with multiple span are optimized by using genetic algorithm, the mathematic model of optimize beam is built and the processing method of constraint conditions is given. The examples show that the algorithm could be used for optimizing determinate structure, and also optimizing indeterminate structure. Compared to the linear approximation method, genetic algorithm has advantages of being simple, easy, fast convergence and has no use for changing the objective function and constraint conditions to linearity or other processing. Its results agree with linear approximation method’s. It is the other method that can be adopt in engineering field.

The Perception of Pacing in a Music Appreciation Class and Its Relationship to Teacher Effectiveness and Teacher Intensity

2014 ◽  
Vol 62 (3) ◽  
pp. 302-318 ◽  
Author(s):  
Jason M. Silveira
Keyword(s):  
College Students ◽  
Teacher Effectiveness ◽  
The Other ◽  
Music Appreciation ◽  
Control Group ◽  
Digital Interface ◽  
Continuous Response ◽  
Teaching Situation ◽  
Intensity Control ◽  
Linear Correlations

The purpose of this study was to determine relationships among pacing, teacher effectiveness, and teacher intensity in the context of a realistic teaching situation. A scripted stimulus video was created in which the teacher demonstrated predefined pacing lapses to measure their effects on observers’ ratings of teacher effectiveness, teacher intensity, teacher pacing, and general perceptions. Participants ( N = 164 college students) were randomly assigned to one of four groups ( n = 41) to evaluate ongoing teacher effectiveness, teacher intensity, teacher pacing, or general perceptions (control group). Participants evaluated the teacher on their assigned construct using both continuous (Continuous Response Digital Interface) and summative measures (Likert-type scale). Results showed that the constructs had strong positive linear correlations with each other. The pacing group evidenced a greater response magnitude than the other three groups (effectiveness, intensity, control), suggesting that participants in the pacing group may have been reacting differently to some aspect of the teaching demonstration compared to the other groups.

scholarly journals Provable Security Against a Differential Attack

1994 ◽  
Vol 23 (473) ◽  
Author(s):  
Kaisa Nyberg ◽  
Lars Ramkilde Knudsen
Keyword(s):  
Upper Bound ◽  
Provable Security ◽  
Block Cipher ◽  
Differential Cryptanalysis ◽  
Font Size ◽  
Differential Attack ◽  
Round Function ◽  
Differential Attacks

The purpose of this paper is to show that there exist DES-like iterated ciphers, which are provably resistant against differential attacks. The main result on the security of a DES-like cipher with independent round keys is Theorem 1, which gives an upper bound to the probability of <em>s</em>-round differentials, as defined in <em>Markov Ciphers and Differential Cryptanalysis </em> by X. Lai et al. and this upper bound depends only on the round function of the iterated cipher. Moreover, it is shown that there exist functions such that the probabilities of differentials are less than or equal to 2<sup><span style="font-size: x-small;">3-n</span></sup>, where <em>n</em> is the length of the plaintext block. We also show a prototype of an iterated block cipher, which is compatible with DES and has proven security against differential attacks.

scholarly journals Implementing Information Security Mechanism Over Cloud Network

2019 ◽  
Vol 8 (2) ◽  
pp. 1706-1710
Keyword(s):  
Cloud Computing ◽  
Information Security ◽  
Distributed Computing ◽  
The Other ◽  
Security Mechanism ◽  
Aes Algorithm ◽  
Symmetric Key ◽  
Secure Cloud Computing ◽  
Cloud Network

The security parts of distributed computing, particularly the security of information, turn out to be increasingly essential. It is important to build up another component to verify the information in the cloud. Cryptographic based symmetric key cryptosystems helps to provide an efficient way to protect information. Enhanced symmetric key cryptosystem AES algorithm has been proposed for securing the data and safely storing to the cloud. This paper is to provide an overall security to the files which are in the cloud so the encrypted file can be retrieved at any time from the cloud. The paper also aims to introduce the mechanism use to secure cloud computing applications as well as to compare some existing algorithm like RSA and AES with an enhanced AES algorithm and to prove that the proposed algorithm is more effective than the other two algorithms. The encryption speed of the algorithms is graphically represented in the paper.

Optimal linear approximation in project compression

1984 ◽  
Vol 16 (4) ◽  
pp. 339-347 ◽  
Author(s):  
Salem M. Adel ◽  
Salah E. Elmaghraby
Keyword(s):  
Linear Approximation ◽  
Optimal Linear

Elastic Stability of Two-Span Continuous Beams under Moving Loads

2005 ◽  
Vol 8 (2) ◽  
pp. 157-172 ◽  
Author(s):  
Lei Zhang ◽  
Gengshu Tong
Keyword(s):  
Critical Load ◽  
Linear Approximation ◽  
Critical Loads ◽  
Elastic Stability ◽  
The Other ◽  
Moving Loads ◽  
Absolute Moment ◽  
Load Combination ◽  
Continuous Beams ◽  
Shear Centre

The elastic stability of two span continuous beams has been studied using FEA methods. Two formulae for estimating the critical loads are proposed, one is suitable for two-span beams with one span loaded, while the other is suitable for two-span beams with both spans equally loaded. Two identical concentrated loads symmetrically located about the mid-span of each loaded span were considered in the derivation of both formulae, and the effect of the height of loaded points for doubly symmetric beams was included. The formulae presented are also accurate enough in calculating the critical loads for two-span continuous beams with the mono-symmetric sections used in practice if the point of load application is at or above the shear centre. A linear approximation is suggested for the interaction of two spans when the two spans of the beam are not equally loaded. For a two-span continuous runway girder supporting moving cranes, the minimum critical load and the maximum absolute moment were investigated, some possible combination of wheel forces on beams considered, and approaches to calculating the critical load for each load combination are suggested when the girder has either one or two cranes moving along it.

scholarly journals Resistance of SNOW-V against Fast Correlation Attacks

2021 ◽  
pp. 378-410
Author(s):  
Xinxin Gong ◽  
Bin Zhang
Keyword(s):  
Linear Approximation ◽  
Mobile Communication ◽  
Time Complexity ◽  
Stream Ciphers ◽  
Design Document ◽  
Linear Approximations ◽  
Correlation Attack ◽  
Correlation Attacks ◽  
Memory Complexity ◽  
Fast Correlation Attacks

SNOW-V is a new member in the SNOW family of stream ciphers, hoping to be competitive in the 5G mobile communication system. In this paper, we study the resistance of SNOW-V against bitwise fast correlation attacks by constructing bitwise linear approximations. First, we propose and summarize some efficient algorithms using the slice-like techniques to compute the bitwise linear approximations of certain types of composition functions composed of basic operations like ⊞, ⊕, Permutation, and S-box, which have been widely used in word-oriented stream ciphers such as SNOW-like ciphers. Then, using these algorithms, we find a number of stronger linear approximations for the FSM of the two variants of SNOW-V given in the design document, i.e., SNOW-V σ0 and SNOW-V⊞8, ⊞8. For SNOW-V σ0, where there is no byte-wise permutation, we find some bitwise linear approximations of the FSM with the SEI (Squared Euclidean Imbalance) around 2−37.34 and mount a bitwise fast correlation attack with the time complexity 2251.93 and memory complexity 2244, given 2103.83 keystream outputs, which improves greatly the results in the design document. For SNOW-V⊞8, ⊞8, where both of the two 32-bit adders in the FSM are replaced by 8-bit adders, we find our best bitwise linear approximations of the FSM with the SEI 2−174.14, while the best byte-wise linear approximation in the design document of SNOW-V has the SEI 2−214.80. Finally, we study the security of a closer variant of SNOW-V, denoted by SNOW-V⊞32, ⊞8, where only the 32-bit adder used for updating the first register is replaced by the 8-bit adder, while everything else remains identical. For SNOW-V⊞32, ⊞8, we derive many mask tuples yielding the bitwise linear approximations of the FSM with the SEI larger than 2−184. Using these linear approximations, we mount a fast correlation attack with the time complexity 2377.01 and a memory complexity 2363, given 2253.73 keystream outputs. Note that neither of our attack threatens the security of SNOW-V. We hope our research could further help in understanding bitwise linear approximation attacks and also the structure of SNOW-like stream ciphers.

Sign in / Sign up

Export Citation Format

Share Document