IACR News item: 11 December 2011
PhD Database
Name: Souradyuti Paul
Topic: Design and Analysis of Stream Ciphers Based on Arrays and Modular Addition
Category: secret-key cryptography
Description: In modern cryptography, stream ciphers are most useful in applications where information needs to be encrypted/decrypted at high speed (e.g. high resolution streaming video data) or when low footprint (gates/memory) encryption is required. In the literature, there exist plenty of stream ciphers whose internal states are based on arrays and that they use modular additions to generate output streams. The abundance of array-based stream ciphers with modular additions can be attributed to the fact that, when implemented in software skillfully, they are able to produce outputs at a very high speed. The main contribution of this thesis is a unified analysis of stream ciphers based on arrays and modular addition. During the process, we detect cryptographic weaknesses in the designs of 9 widely known stream ciphers or pseudorandom bit generators (PRBGs).\r\n
\r\nAt first, we show some theoretical results on solving an important class of equations known as \\emph{differential equations of addition} (DEA) that combine modular additions over two different algebraic groups such as GF(2) and GF($2^{32}$). The results include, \\bite \\item proof of the fact that the satisfiability of an arbitrary set of DEA is in the complexity class \\pP,\\item deriving all the solutions of an arbitrary set of DEA. \\eite Next, we apply these results to attack a practical stream cipher named Helix (designed by Ferguson \\emph{et al.}) with both chosen plaintexts and adaptive chosen plaintexts.\r\n
\r\nIn the second phase, the thesis closely scrutinizes a number of array-based stream ciphers (or PRBGs) in order to estimate their resistance against distinguishing attacks. We eventually discover, counter-intuitively, that the correlations between the array-indices and their associated array-elements, which apparently seem to be useful from the point of view of implementation purposes, can be exploited to mount distinguishing attacks on such type of ciphers if adequate precautions are not tak[...]
Topic: Design and Analysis of Stream Ciphers Based on Arrays and Modular Addition
Category: secret-key cryptography
Description: In modern cryptography, stream ciphers are most useful in applications where information needs to be encrypted/decrypted at high speed (e.g. high resolution streaming video data) or when low footprint (gates/memory) encryption is required. In the literature, there exist plenty of stream ciphers whose internal states are based on arrays and that they use modular additions to generate output streams. The abundance of array-based stream ciphers with modular additions can be attributed to the fact that, when implemented in software skillfully, they are able to produce outputs at a very high speed. The main contribution of this thesis is a unified analysis of stream ciphers based on arrays and modular addition. During the process, we detect cryptographic weaknesses in the designs of 9 widely known stream ciphers or pseudorandom bit generators (PRBGs).\r\n
\r\nAt first, we show some theoretical results on solving an important class of equations known as \\emph{differential equations of addition} (DEA) that combine modular additions over two different algebraic groups such as GF(2) and GF($2^{32}$). The results include, \\bite \\item proof of the fact that the satisfiability of an arbitrary set of DEA is in the complexity class \\pP,\\item deriving all the solutions of an arbitrary set of DEA. \\eite Next, we apply these results to attack a practical stream cipher named Helix (designed by Ferguson \\emph{et al.}) with both chosen plaintexts and adaptive chosen plaintexts.\r\n
\r\nIn the second phase, the thesis closely scrutinizes a number of array-based stream ciphers (or PRBGs) in order to estimate their resistance against distinguishing attacks. We eventually discover, counter-intuitively, that the correlations between the array-indices and their associated array-elements, which apparently seem to be useful from the point of view of implementation purposes, can be exploited to mount distinguishing attacks on such type of ciphers if adequate precautions are not tak[...]
Additional news items may be found on the IACR news page.