IACR News item: 03 December 2013
PhD Database
Name: Aleksandar Kircanski
Topic: Cryptanalysis of Symmetric Cryptographic Primitives
Category: secret-key cryptography
Description: Symmetric key cryptographic primitives are the essential building blocks in modern information security systems. The security argument for the majority of such primitives in use is only a heuristic one and therefore their respective security evaluation continually remains an open question. In this thesis, we provide cryptanalytic results for several relevant cryptographic hash functions and stream ciphers.\r\n\r\nFirst, we provide results concerning two standardized cryptographic hash functions: HAS-160 and SM3. We develop a new heuristic for finding compatible differential paths and apply it to the the Korean hash function standard HAS-160. Our heuristic leads to a practical second order collision over all of the HAS-160 function steps, which is the first practical complexity distinguisher for this function. In case of SM3, which is a design that builds upon the SHA-2 hash, we study second order collision attacks on reduced-round versions and point out a structural slide-rotational property that exists in the function.\r\n\r\nNext, we examine the security of the following three stream ciphers: Loiss, SNOW 3G and SNOW 2.0. By exploiting the differential properties of a particular component utilized in the Loiss cipher, we provide a key-recovery attack of practical complexity on Loiss in the related-key model. SNOW 3G stream cipher is used in 3rd Generation Partnership Project (3GPP) and the SNOW 2.0 cipher is an ISO/IEC standard (IS 18033-4). For both of these ciphers,we show that the initialization procedure admits a sliding property, resulting in several sets of related-key pairs. Our investigation leads to related-key key recovery attacks against SNOW 2.0 with 256-bit keys.\r\n\r\nFinally, we provide differential fault analysis attacks against two stream ciphers: HC-128 and Rabbit. In this type of attacks, the attacker is assumed to have physical influence over the device that performs the encryption and is able to introduce random faults into the computational p[...]
Topic: Cryptanalysis of Symmetric Cryptographic Primitives
Category: secret-key cryptography
Description: Symmetric key cryptographic primitives are the essential building blocks in modern information security systems. The security argument for the majority of such primitives in use is only a heuristic one and therefore their respective security evaluation continually remains an open question. In this thesis, we provide cryptanalytic results for several relevant cryptographic hash functions and stream ciphers.\r\n\r\nFirst, we provide results concerning two standardized cryptographic hash functions: HAS-160 and SM3. We develop a new heuristic for finding compatible differential paths and apply it to the the Korean hash function standard HAS-160. Our heuristic leads to a practical second order collision over all of the HAS-160 function steps, which is the first practical complexity distinguisher for this function. In case of SM3, which is a design that builds upon the SHA-2 hash, we study second order collision attacks on reduced-round versions and point out a structural slide-rotational property that exists in the function.\r\n\r\nNext, we examine the security of the following three stream ciphers: Loiss, SNOW 3G and SNOW 2.0. By exploiting the differential properties of a particular component utilized in the Loiss cipher, we provide a key-recovery attack of practical complexity on Loiss in the related-key model. SNOW 3G stream cipher is used in 3rd Generation Partnership Project (3GPP) and the SNOW 2.0 cipher is an ISO/IEC standard (IS 18033-4). For both of these ciphers,we show that the initialization procedure admits a sliding property, resulting in several sets of related-key pairs. Our investigation leads to related-key key recovery attacks against SNOW 2.0 with 256-bit keys.\r\n\r\nFinally, we provide differential fault analysis attacks against two stream ciphers: HC-128 and Rabbit. In this type of attacks, the attacker is assumed to have physical influence over the device that performs the encryption and is able to introduce random faults into the computational p[...]
Additional news items may be found on the IACR news page.