Most cipher systems designed thus far are binary-valued or integer-valued cipher systems. Their security relies on the assumption that one-way functions exist. Though the existence of one-way functions has not been pr...Most cipher systems designed thus far are binary-valued or integer-valued cipher systems. Their security relies on the assumption that one-way functions exist. Though the existence of one-way functions has not been proved yet, most cryptographic researchers believe that one-way functions exist. In addition, many candidates for one-way functions have been proposed. Therefore, the key step for developing real-valued cipher systems is to define real one-way functions and to propose candidates for them. In this paper, based on computational complexity theory over the real field, we give two definitions of real one-way functions; one is for digital one-way functions and the other is for general one-way functions. Candidates for these two classes of one-way functions are also proposed. Moreover, we present two examples to demonstrate that the candidates for both digital one-way functions and general one-way functions can be applied to construct secure real-valued cipher systems.展开更多
In this paper, a class of block cipher systems having asymptotically perfectsecrecy is constructed by using the neural network models modified from the Hopfieldmodel.
Nowadays the E-bank systems witnessed huge growth due to the huge developments in the internet and technologies.The transmitted information represents crucial information that is exposed to various kinds of attacks.Th...Nowadays the E-bank systems witnessed huge growth due to the huge developments in the internet and technologies.The transmitted information represents crucial information that is exposed to various kinds of attacks.This paper presents a new block cipher technique to provide security to the transmitted information between the customers and the ebank systems.The proposed algorithm consists of 10 rounds,each round involves 5 operations.The operations involve Add round key,Sub bytes,Zigzag method,convert to vector,and Magic Square of order 11.The purpose of this algorithm is to make use of the complexity of the Magic Square algorithm,the speed of addition operation,the confusion provided by the zigzag,using these operations with Galois field 28 GF(28),and repeating these operations for several rounds to build fast high secure encryption algorithm.This algorithm is designed to provide fast with high complexity and security which is suitable to encrypt the data that is transmitted over the internet.Speed,complexity,and The National Institute of Standards and Technology Framework NIST suite tests were done.The complexity of the proposed algorithm is=((256)32)r+1∗((256)89)r+1+(256)121.The proposed technique gives higher speed and security in the encryption and decryption phases,according to the results of the experiments.The degree of randomness has grown by 31.8 percent.Due to a decrease in the time of encrypting and decrypting,as well as the usage of the central processing unit(CPU),efficiency is improved.The encryption process throughput is enhanced by 13%,while the decryption process throughput is increased by 11.6 percent with the recommended approach.展开更多
Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective ...Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective of differential-linear(DL)cryptanalysis.Specifically,we present an automated search for the DL distinguishers of Ballet based on MILP/MIQCP.For the versions with block sizes of 128 and 256 bits,we obtain 16 and 22 rounds distinguishers with estimated correlations of 2^(-59.89)and 2^(-116.80),both of which are the publicly longest distinguishers.In addition,this study incorporates the complexity information of key-recovery attacks into the automated model,to search for the optimal key-recovery attack structures based on DL distinguishers.As a result,we mount the key-recovery attacks on 16-round Ballet-128/128,17-round Ballet-128/256,and 21-round Ballet-256/256.The data/time complexities for these attacks are 2^(108.36)/2^(120.36),2^(115.90)/2^(192),and 2^(227.62)/2^(240.67),respectively.展开更多
This paper presents a method for differen- tial collision attack of reduced FOX block cipher based on 4-round distinguishing property. It can be used to attack 5, 6 and 7-round FOX64 and 5-round FOX128. Our attack has...This paper presents a method for differen- tial collision attack of reduced FOX block cipher based on 4-round distinguishing property. It can be used to attack 5, 6 and 7-round FOX64 and 5-round FOX128. Our attack has a precomputation phase, but it can be obtained before attack and computed once for all. This attack on the reduced to 4-round FOX64 requires only 7 chosen plaintexts, and performs 242.8 4-round FOX64 encryptions. It could be extended to 5 (6, 7)-round FOX64 by a key exhaustive search behind the fourth round.展开更多
Wireless sensor networks (WSNs) are exposed to a variety of attacks. The quality and complexity of attacks are rising day by day. The proposed work aims at showing how the complexity of modern attacks is growing accor...Wireless sensor networks (WSNs) are exposed to a variety of attacks. The quality and complexity of attacks are rising day by day. The proposed work aims at showing how the complexity of modern attacks is growing accordingly, leading to a similar rise in methods of resistance. Limitations in computational and battery power in sensor nodes are constraints on the diversity of security mechanisms. We must apply only suitable mechanisms to WSN where our approach was motivated by the application of an improved Feistel scheme. The modified accelerated-cipher design uses data-dependent permutations, and can be used for fast hardware, firmware, software and WSN encryption systems. The approach presented showed that ciphers using this approach are less likely to suffer intrusion of differential cryptanalysis than currently used popular WSN ciphers like DES, Camellia and so on.展开更多
In lightweight cryptographic primitives, round functions with only simple operations XOR, modular addition and rotation are widely used nowadays. This kind of ciphers is called ARX ciphers. For ARX ciphers, impossible...In lightweight cryptographic primitives, round functions with only simple operations XOR, modular addition and rotation are widely used nowadays. This kind of ciphers is called ARX ciphers. For ARX ciphers, impossible differential cryptanalysis and zero-correlation linear cryptanalysis are among the most powerful attacks, and the key problems for these two attacks are discovering more and longer impossible differentials(IDs) and zero-correlation linear hulls(ZCLHs). However, finding new IDs and ZCLHs for ARX ciphers has been a manual work for a long time, which has been an obstacle in improving these two attacks. This paper proposes an automatic search method to improve the efficiency of finding new IDs and ZCLHs for ARX ciphers. In order to prove the efficiency of this new tool, we take HIGHT, LEA, SPECK three typical ARX algorithms as examples to explore their longer and new impossible differentials and zero-correlation linear hulls. To the best of our knowledge, this is the first application of automatic search method for ARX ciphers on finding new IDs and ZCLHs. For HIGHT, we find more 17 round IDs and multiple 17 round ZCLHs. This is the first discovery of 17 round ZCLHs for HIGHT. For LEA, we find extra four 10 round IDs and several 9 round ZCLHs. In the specification of LEA, the designers just identified three 10 round IDs and one 7round ZCLH. For SPECK, we find thousands of 6 round IDs and forty-four 6 round ZCLHs. Neither IDs nor ZCLHs of SPECK has been proposed before. The successful application of our new tool shows great potential in improving the impossible differential cryptanalysis and zero-correlation linear cryptanalysis on ARX ciphers..展开更多
Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast e...Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast exposes the physical layer vulnerable to the threat of illegal eavesdropping. Quantum noise stream cipher(QNSC) is a classic physical layer encryption method and well compatible with the OFDM-PON. Meanwhile, it is indispensable to exploit forward error correction(FEC) to control errors in data transmission. However, when QNSC and FEC are jointly coded, the redundant information becomes heavier and thus the code rate of the transmitted signal will be largely reduced. In this work, we propose a physical layer encryption scheme based on polar-code-assisted QNSC. In order to improve the code rate and security of the transmitted signal, we exploit chaotic sequences to yield the redundant bits and utilize the redundant information of the polar code to generate the higher-order encrypted signal in the QNSC scheme with the operation of the interleaver.We experimentally demonstrate the encrypted 16/64-QAM, 16/256-QAM, 16/1024-QAM, 16/4096-QAM QNSC signals transmitted over 30-km standard single mode fiber. For the transmitted 16/4096-QAM QNSC signal, compared with the conventional QNSC method, the proposed method increases the code rate from 0.1 to 0.32 with enhanced security.展开更多
This article proposes an enhanced differential fault analysis(DFA) method named as fault-propagation pattern-based DFA(FPP-DFA).The main idea of FPP-DFA is using the FPP of the ciphertext difference to predict the...This article proposes an enhanced differential fault analysis(DFA) method named as fault-propagation pattern-based DFA(FPP-DFA).The main idea of FPP-DFA is using the FPP of the ciphertext difference to predict the fault location and the fault-propagation path.It shows that FPP-DFA is very effective on SPN structure block ciphers using bitwise permutation,which is applied to two block ciphers.The first is PRESENT with the substitution permutation sequence.With the fault model of injecting one nibble fault into the r-2nd round,on average 8 and 16 faults can reduce the key search space of PRESENT-80/128 to 214.7 and 221.1,respectively.The second is PRINTcipher with the permutation substitution sequence.For the first time,it shows that although the permutation of PRINTcipher is secret key dependent,FPP-DFA still works well on it.With the fault model of injecting one nibble fault into the r-2nd round,12 and 24 effective faults can reduce the key search space of PRINTcipher-48/96 to 213.7 and 222.8,respectively.展开更多
The combination of traditional processors and Field Programmable Gate Arrays(FPGA)is shaping the future networking platform for intensive computation in resource-constrained networks and devices.These networks present...The combination of traditional processors and Field Programmable Gate Arrays(FPGA)is shaping the future networking platform for intensive computation in resource-constrained networks and devices.These networks present two key challenges of security and resource limitations.Lightweight ciphers are suitable to provide data security in such constrained environments.Implementing the lightweight PRESENT encryption algorithm in a reconfigurable platform(FPGAs)can offer secure communication service and flexibility.This paper presents hardware acceleration of security primitives in SDN using NETFPGA-10G.We implement an efficient design of the PRESENT algorithm for faster,smaller and lower power consumption hardware circuit using Verilog.We evaluate the performance of the hardware and software implementations of PRESENT.Experimental results prove that the proposed hardware design is a viable option for use in resource constrained devices in future networks and their applications.展开更多
In this paper, a fast image encryption algorithm is proposed, in which the shuffling and diffusion is performed simul- taneously. The cipher-text image is divided into blocks and each block has k x k pixels, while the...In this paper, a fast image encryption algorithm is proposed, in which the shuffling and diffusion is performed simul- taneously. The cipher-text image is divided into blocks and each block has k x k pixels, while the pixels of the plain-text are scanned one by one. Four logistic maps are used to generate the encryption key stream and the new place in the cipher image of plain image pixels, including the row and column of the block which the pixel belongs to and the place where the pixel would be placed in the block. After encrypting each pixel, the initial conditions of logistic maps would be changed ac- cording to the encrypted pixel's value; after encrypting each row of plain image, the initial condition would also be changed by the skew tent map. At last, it is illustrated that this algorithm has a faster speed, big key space, and better properties in withstanding differential attacks, statistical analysis, known plaintext, and chosen plaintext attacks.展开更多
We investigate the lightweight block cipher KATAN family which consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32, KATAN48 and KATAN64 respectively. However, three variants all have the same...We investigate the lightweight block cipher KATAN family which consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32, KATAN48 and KATAN64 respectively. However, three variants all have the same key length of 80 bits. On the basis of the bit-oriented faulty model and the differential analysis principle, we describe the attack that combines differential fault attack with the meet-in-the-middle (MITM) attack on the KATAN32. More precisely, inducing a fault at a bit, we can recover some linear differential fault equations on the key bits. During solving equations, without the help of computer, we need only algebraic deduction to obtain relations of some key bits. The complexity in this process is neglectable. The secret key of the full cipher can be recovered faster than exhaustive search for all three block sizes in the KATAN family. Our result describes that KATAN32 is vulnerable.展开更多
The Hill cipher algorithm is one of the symmetric key algorithms that have several advantages in data encryption. However, a main drawback of this algorithm is that it encrypts identical plaintext blocks to identical ...The Hill cipher algorithm is one of the symmetric key algorithms that have several advantages in data encryption. However, a main drawback of this algorithm is that it encrypts identical plaintext blocks to identical ciphertext blocks and cannot encrypt images that contain large areas of a single color. Thus, it does not hide all features of the image which reveals patterns in the plaintext. Moreover, it can be easily broken with a known plaintext attack revealing weak security. This paper presents a variant of the Hill cipher that overcomes these disadvantages. The proposed technique adjusts the encryption key to form a dif- ferent key for each block encryption. Visually and computationally, experimental results demonstrate that the proposed variant yields higher security and significantly superior encryption quality compared to the original one.展开更多
There are a lot of security issues in block cipher algorithm.Security analysis and enhanced design of a dynamic block cipher was proposed.Firstly,the safety of ciphertext was enhanced based on confusion substitution o...There are a lot of security issues in block cipher algorithm.Security analysis and enhanced design of a dynamic block cipher was proposed.Firstly,the safety of ciphertext was enhanced based on confusion substitution of S-box,thus disordering the internal structure of data blocks by four steps of matrix transformation.Then,the diffusivity of ciphertext was obtained by cyclic displacement of bytes using column ambiguity function.The dynamic key was finally generated by using LFSR,which improved the stochastic characters of secret key in each of round of iteration.The safety performance of proposed algorithm was analyzed by simulation test.The results showed the proposed algorithm has a little effect on the speed of encryption and decryption while enhancing the security.Meanwhile,the proposed algorithm has highly scalability,the dimension of S-box and the number of register can be dynamically extended according to the security requirement.展开更多
The Grain v1 stream cipher is one of the seven finalists in the final e STREAM portfolio. Though many attacks have been published,no recovery attack better than exhaustive key search on full Grain v1 in the single key...The Grain v1 stream cipher is one of the seven finalists in the final e STREAM portfolio. Though many attacks have been published,no recovery attack better than exhaustive key search on full Grain v1 in the single key setting has been found yet. In this paper,new state recovery attacks on Grain v1 utilizing the weak normality order of the employed keystream output function in the cipher are proposed. These attacks have remarkable advantages in the offline time,online time and memory complexities,which are all better than exhaustive key search. The success probability of each new attack is 0.632. The proposed attack primarily depends on the order of weak normality of the employed keystream output function. This shows that the weak normality order should be carefully considered when designing the keystream output functions of Grain-like stream ciphers.展开更多
PCM/PPK telemetry system is a multi-nary pulse modulation system.It is commonly used to transmit high-accuracy time information and some express signals.To the issue of security that telemetry data is transmitted in t...PCM/PPK telemetry system is a multi-nary pulse modulation system.It is commonly used to transmit high-accuracy time information and some express signals.To the issue of security that telemetry data is transmitted in the open space,a data encryption scheme in the PCM/PPK telemetry system is proposed.In this scheme,the PCM data of signal source are encrypted by stream cipher in which key streams are generated with clock control LSFR.The scheme can save system resource in the dual-modulation compound telemetry system.A backward key synchronization scheme is also proposed,which has the property of strong real-time and easy to implement.A simplified simulation model of PCM/PPK remote system is established based on the actual framework of telemetry system,and the model is simple and easy to simulate.The error performance of the system is analyzed in theory and tested by computer simulation.Also the security of the system is analyzed.The simulation and analysis results show that the encryption scheme can ensure the security of the telemetry data and does not cause error-diffusion.展开更多
With the new era of the Internet of Things(IoT)technology,many devices with limited resources are utilized.Those devices are susceptible to a signicant number of new malware and other risks emerging rapidly.One of the...With the new era of the Internet of Things(IoT)technology,many devices with limited resources are utilized.Those devices are susceptible to a signicant number of new malware and other risks emerging rapidly.One of the most appropriate methods for securing those IoT applications is cryptographic algorithms,as cryptography masks information by eliminating the risk of collecting any meaningful information patterns.This ensures that all data communications are private,accurate,authenticated,authorized,or nonrepudiated.Since conventional cryptographic algorithms have been developed specically for devices with limited resources;however,it turns out that such algorithms are not ideal for IoT restricted devices with their current conguration.Therefore,lightweight block ciphers are gaining popularity to meet the requirements of low-power and constrained devices.A new ultra-lightweight secret-key block-enciphering algorithm named“LBC-IoT”is proposed in this paper.The proposed block length is 32-bit supporting key lengths of 80-bit,and it is mainly based on the Feistel structure.Energy-efcient cryptographic features in“LBC-IoT”include the use of simple functions(shift,XOR)and small rigid substitution boxes(4-bit-S-boxes).Besides,it is immune to different types of attacks such as linear,differential,and side-channel as well as exible in terms of implementation.Moreover,LBC-IoT achieves reasonable performance in both hardware and software compared to other recent algorithms.LBC-IoT’s hardware implementation results are very promising(smallest ever area“548”GE)and competitive with today’s leading lightweight ciphers.LBC-IoT is also ideally suited for ultra-restricted devices such as RFID tags.展开更多
In block ciphers,the nonlinear components,also known as sub-stitution boxes(S-boxes),are used with the purpose of inducing confusion in cryptosystems.For the last decade,most of the work on designing S-boxes over the ...In block ciphers,the nonlinear components,also known as sub-stitution boxes(S-boxes),are used with the purpose of inducing confusion in cryptosystems.For the last decade,most of the work on designing S-boxes over the points of elliptic curves has been published.The main purpose of these studies is to hide data and improve the security levels of crypto algorithms.In this work,we design pair of nonlinear components of a block cipher over the residue class of Gaussian integers(GI).The fascinating features of this structure provide S-boxes pair at a time by fixing three parameters.But the prime field dependent on the Elliptic curve(EC)provides one S-box at a time by fixing three parameters a,b,and p.The newly designed pair of S-boxes are assessed by various tests like nonlinearity,bit independence criterion,strict avalanche criterion,linear approximation probability,and differential approximation probability.展开更多
The substitution box(S-box)is a fundamentally important component of symmetric key cryptosystem.An S-box is a primary source of non-linearity in modern block ciphers,and it resists the linear attack.Various approaches...The substitution box(S-box)is a fundamentally important component of symmetric key cryptosystem.An S-box is a primary source of non-linearity in modern block ciphers,and it resists the linear attack.Various approaches have been adopted to construct S-boxes.S-boxes are commonly constructed over commutative and associative algebraic structures including Galois fields,unitary commutative rings and cyclic and non-cyclic finite groups.In this paper,first a non-associative ring of order 512 is obtained by using computational techniques,and then by this ring a triplet of 8×8 S-boxes is designed.The motivation behind the designing of these S-boxes is to upsurge the robustness and broaden the key space due to non-associative and noncommutative behavior of the algebraic structure under consideration.A novel color image encryption application is anticipated in which initially these 3 S-boxes are being used to produce confusion in three layers of a standard RGB image.However,for the sake of diffusion 3D Arnold chaotic map is used in the proposed encryption scheme.A comparison with some of existing chaos and S-box dependent color image encryption schemes specs the performance results of the anticipated RGB image encryption and observed as approaching the standard prime level.展开更多
基金The research is supported by the National Natural Science Foundation of China under Grant No. 90304012 and No. 10331030.
文摘Most cipher systems designed thus far are binary-valued or integer-valued cipher systems. Their security relies on the assumption that one-way functions exist. Though the existence of one-way functions has not been proved yet, most cryptographic researchers believe that one-way functions exist. In addition, many candidates for one-way functions have been proposed. Therefore, the key step for developing real-valued cipher systems is to define real one-way functions and to propose candidates for them. In this paper, based on computational complexity theory over the real field, we give two definitions of real one-way functions; one is for digital one-way functions and the other is for general one-way functions. Candidates for these two classes of one-way functions are also proposed. Moreover, we present two examples to demonstrate that the candidates for both digital one-way functions and general one-way functions can be applied to construct secure real-valued cipher systems.
文摘In this paper, a class of block cipher systems having asymptotically perfectsecrecy is constructed by using the neural network models modified from the Hopfieldmodel.
文摘Nowadays the E-bank systems witnessed huge growth due to the huge developments in the internet and technologies.The transmitted information represents crucial information that is exposed to various kinds of attacks.This paper presents a new block cipher technique to provide security to the transmitted information between the customers and the ebank systems.The proposed algorithm consists of 10 rounds,each round involves 5 operations.The operations involve Add round key,Sub bytes,Zigzag method,convert to vector,and Magic Square of order 11.The purpose of this algorithm is to make use of the complexity of the Magic Square algorithm,the speed of addition operation,the confusion provided by the zigzag,using these operations with Galois field 28 GF(28),and repeating these operations for several rounds to build fast high secure encryption algorithm.This algorithm is designed to provide fast with high complexity and security which is suitable to encrypt the data that is transmitted over the internet.Speed,complexity,and The National Institute of Standards and Technology Framework NIST suite tests were done.The complexity of the proposed algorithm is=((256)32)r+1∗((256)89)r+1+(256)121.The proposed technique gives higher speed and security in the encryption and decryption phases,according to the results of the experiments.The degree of randomness has grown by 31.8 percent.Due to a decrease in the time of encrypting and decrypting,as well as the usage of the central processing unit(CPU),efficiency is improved.The encryption process throughput is enhanced by 13%,while the decryption process throughput is increased by 11.6 percent with the recommended approach.
基金National Natural Science Foundation of China(62272147,12471492,62072161,12401687)Shandong Provincial Natural Science Foundation(ZR2024QA205)+1 种基金Science and Technology on Communication Security Laboratory Foundation(6142103012207)Innovation Group Project of the Natural Science Foundation of Hubei Province of China(2023AFA021)。
文摘Ballet is one of the finalists of the block cipher project in the 2019 National Cryptographic Algorithm Design Competition.This study aims to conduct a comprehensive security evaluation of Ballet from the perspective of differential-linear(DL)cryptanalysis.Specifically,we present an automated search for the DL distinguishers of Ballet based on MILP/MIQCP.For the versions with block sizes of 128 and 256 bits,we obtain 16 and 22 rounds distinguishers with estimated correlations of 2^(-59.89)and 2^(-116.80),both of which are the publicly longest distinguishers.In addition,this study incorporates the complexity information of key-recovery attacks into the automated model,to search for the optimal key-recovery attack structures based on DL distinguishers.As a result,we mount the key-recovery attacks on 16-round Ballet-128/128,17-round Ballet-128/256,and 21-round Ballet-256/256.The data/time complexities for these attacks are 2^(108.36)/2^(120.36),2^(115.90)/2^(192),and 2^(227.62)/2^(240.67),respectively.
基金This work has been performed in the Project "The Research on the New Analysis in Block Ciphers" supported by the Fundamental Research Funds for the Central Universities of China,the National Natural Science Foundation of China,the 111 Project of China,the Scientific Research Foundation of Education Department of Shaanxi Provincial Government of China
文摘This paper presents a method for differen- tial collision attack of reduced FOX block cipher based on 4-round distinguishing property. It can be used to attack 5, 6 and 7-round FOX64 and 5-round FOX128. Our attack has a precomputation phase, but it can be obtained before attack and computed once for all. This attack on the reduced to 4-round FOX64 requires only 7 chosen plaintexts, and performs 242.8 4-round FOX64 encryptions. It could be extended to 5 (6, 7)-round FOX64 by a key exhaustive search behind the fourth round.
文摘Wireless sensor networks (WSNs) are exposed to a variety of attacks. The quality and complexity of attacks are rising day by day. The proposed work aims at showing how the complexity of modern attacks is growing accordingly, leading to a similar rise in methods of resistance. Limitations in computational and battery power in sensor nodes are constraints on the diversity of security mechanisms. We must apply only suitable mechanisms to WSN where our approach was motivated by the application of an improved Feistel scheme. The modified accelerated-cipher design uses data-dependent permutations, and can be used for fast hardware, firmware, software and WSN encryption systems. The approach presented showed that ciphers using this approach are less likely to suffer intrusion of differential cryptanalysis than currently used popular WSN ciphers like DES, Camellia and so on.
基金supported by the National Natural Science Foundation of China under Grant No. 61572516, 61402523, 61202491, 61272041 and 61272488
文摘In lightweight cryptographic primitives, round functions with only simple operations XOR, modular addition and rotation are widely used nowadays. This kind of ciphers is called ARX ciphers. For ARX ciphers, impossible differential cryptanalysis and zero-correlation linear cryptanalysis are among the most powerful attacks, and the key problems for these two attacks are discovering more and longer impossible differentials(IDs) and zero-correlation linear hulls(ZCLHs). However, finding new IDs and ZCLHs for ARX ciphers has been a manual work for a long time, which has been an obstacle in improving these two attacks. This paper proposes an automatic search method to improve the efficiency of finding new IDs and ZCLHs for ARX ciphers. In order to prove the efficiency of this new tool, we take HIGHT, LEA, SPECK three typical ARX algorithms as examples to explore their longer and new impossible differentials and zero-correlation linear hulls. To the best of our knowledge, this is the first application of automatic search method for ARX ciphers on finding new IDs and ZCLHs. For HIGHT, we find more 17 round IDs and multiple 17 round ZCLHs. This is the first discovery of 17 round ZCLHs for HIGHT. For LEA, we find extra four 10 round IDs and several 9 round ZCLHs. In the specification of LEA, the designers just identified three 10 round IDs and one 7round ZCLH. For SPECK, we find thousands of 6 round IDs and forty-four 6 round ZCLHs. Neither IDs nor ZCLHs of SPECK has been proposed before. The successful application of our new tool shows great potential in improving the impossible differential cryptanalysis and zero-correlation linear cryptanalysis on ARX ciphers..
基金supported in part by the National Natural Science Foundation of China Project under Grant 62075147the Suzhou Industry Technological Innovation Projects under Grant SYG202348.
文摘Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast exposes the physical layer vulnerable to the threat of illegal eavesdropping. Quantum noise stream cipher(QNSC) is a classic physical layer encryption method and well compatible with the OFDM-PON. Meanwhile, it is indispensable to exploit forward error correction(FEC) to control errors in data transmission. However, when QNSC and FEC are jointly coded, the redundant information becomes heavier and thus the code rate of the transmitted signal will be largely reduced. In this work, we propose a physical layer encryption scheme based on polar-code-assisted QNSC. In order to improve the code rate and security of the transmitted signal, we exploit chaotic sequences to yield the redundant bits and utilize the redundant information of the polar code to generate the higher-order encrypted signal in the QNSC scheme with the operation of the interleaver.We experimentally demonstrate the encrypted 16/64-QAM, 16/256-QAM, 16/1024-QAM, 16/4096-QAM QNSC signals transmitted over 30-km standard single mode fiber. For the transmitted 16/4096-QAM QNSC signal, compared with the conventional QNSC method, the proposed method increases the code rate from 0.1 to 0.32 with enhanced security.
基金Supported by the National Natural Science Foundation ofChina (60772082,61173191,and 61272491)
文摘This article proposes an enhanced differential fault analysis(DFA) method named as fault-propagation pattern-based DFA(FPP-DFA).The main idea of FPP-DFA is using the FPP of the ciphertext difference to predict the fault location and the fault-propagation path.It shows that FPP-DFA is very effective on SPN structure block ciphers using bitwise permutation,which is applied to two block ciphers.The first is PRESENT with the substitution permutation sequence.With the fault model of injecting one nibble fault into the r-2nd round,on average 8 and 16 faults can reduce the key search space of PRESENT-80/128 to 214.7 and 221.1,respectively.The second is PRINTcipher with the permutation substitution sequence.For the first time,it shows that although the permutation of PRINTcipher is secret key dependent,FPP-DFA still works well on it.With the fault model of injecting one nibble fault into the r-2nd round,12 and 24 effective faults can reduce the key search space of PRINTcipher-48/96 to 213.7 and 222.8,respectively.
基金This work was supported by the National Natural Science Foundation of China under grant number 61471055European Horizon 2020 INPUT project“In-Network Programmability for next-generation personal Cloud service support”,www.input-project.eu,under grant agreement number 644672.
文摘The combination of traditional processors and Field Programmable Gate Arrays(FPGA)is shaping the future networking platform for intensive computation in resource-constrained networks and devices.These networks present two key challenges of security and resource limitations.Lightweight ciphers are suitable to provide data security in such constrained environments.Implementing the lightweight PRESENT encryption algorithm in a reconfigurable platform(FPGAs)can offer secure communication service and flexibility.This paper presents hardware acceleration of security primitives in SDN using NETFPGA-10G.We implement an efficient design of the PRESENT algorithm for faster,smaller and lower power consumption hardware circuit using Verilog.We evaluate the performance of the hardware and software implementations of PRESENT.Experimental results prove that the proposed hardware design is a viable option for use in resource constrained devices in future networks and their applications.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61370145,61173183,and 60973152)the Doctoral Program Foundation of Institution of Higher Education of China(Grant No.20070141014)+2 种基金the Program for Liaoning Excellent Talents in University,China(Grant No.LR2012003)the National Natural Science Foundation of Liaoning Province,China(Grant No.20082165)the Fundamental Research Funds for the Central Universities,China(Grant No.DUT12JB06)
文摘In this paper, a fast image encryption algorithm is proposed, in which the shuffling and diffusion is performed simul- taneously. The cipher-text image is divided into blocks and each block has k x k pixels, while the pixels of the plain-text are scanned one by one. Four logistic maps are used to generate the encryption key stream and the new place in the cipher image of plain image pixels, including the row and column of the block which the pixel belongs to and the place where the pixel would be placed in the block. After encrypting each pixel, the initial conditions of logistic maps would be changed ac- cording to the encrypted pixel's value; after encrypting each row of plain image, the initial condition would also be changed by the skew tent map. At last, it is illustrated that this algorithm has a faster speed, big key space, and better properties in withstanding differential attacks, statistical analysis, known plaintext, and chosen plaintext attacks.
基金the National Natural Science Foundation of China (No. 61272434)the Natural Science Foundation of Shandong Province (Nos. ZR2011FQ032 and ZR2012FM004)+1 种基金the Project of Shandong Province Higher Educational Science and Technology Program(No. J11LG33)the Project of Senior Visiting Scholar of Shandong Province
文摘We investigate the lightweight block cipher KATAN family which consists of three variants with 32, 48 and 64-bit block sizes, called KATAN32, KATAN48 and KATAN64 respectively. However, three variants all have the same key length of 80 bits. On the basis of the bit-oriented faulty model and the differential analysis principle, we describe the attack that combines differential fault attack with the meet-in-the-middle (MITM) attack on the KATAN32. More precisely, inducing a fault at a bit, we can recover some linear differential fault equations on the key bits. During solving equations, without the help of computer, we need only algebraic deduction to obtain relations of some key bits. The complexity in this process is neglectable. The secret key of the full cipher can be recovered faster than exhaustive search for all three block sizes in the KATAN family. Our result describes that KATAN32 is vulnerable.
文摘The Hill cipher algorithm is one of the symmetric key algorithms that have several advantages in data encryption. However, a main drawback of this algorithm is that it encrypts identical plaintext blocks to identical ciphertext blocks and cannot encrypt images that contain large areas of a single color. Thus, it does not hide all features of the image which reveals patterns in the plaintext. Moreover, it can be easily broken with a known plaintext attack revealing weak security. This paper presents a variant of the Hill cipher that overcomes these disadvantages. The proposed technique adjusts the encryption key to form a dif- ferent key for each block encryption. Visually and computationally, experimental results demonstrate that the proposed variant yields higher security and significantly superior encryption quality compared to the original one.
基金supported in part by National Natural Science Fundation of China under Grant No.61202458,61403109
文摘There are a lot of security issues in block cipher algorithm.Security analysis and enhanced design of a dynamic block cipher was proposed.Firstly,the safety of ciphertext was enhanced based on confusion substitution of S-box,thus disordering the internal structure of data blocks by four steps of matrix transformation.Then,the diffusivity of ciphertext was obtained by cyclic displacement of bytes using column ambiguity function.The dynamic key was finally generated by using LFSR,which improved the stochastic characters of secret key in each of round of iteration.The safety performance of proposed algorithm was analyzed by simulation test.The results showed the proposed algorithm has a little effect on the speed of encryption and decryption while enhancing the security.Meanwhile,the proposed algorithm has highly scalability,the dimension of S-box and the number of register can be dynamically extended according to the security requirement.
基金supported in part by the National Natural Science Foundation of China (Grant No.61202491,61272041,61272488,61402523,61602514)the Science and Technology on Communication Security Laboratory Foundation of China under Grant No.9140C110303140C11051
文摘The Grain v1 stream cipher is one of the seven finalists in the final e STREAM portfolio. Though many attacks have been published,no recovery attack better than exhaustive key search on full Grain v1 in the single key setting has been found yet. In this paper,new state recovery attacks on Grain v1 utilizing the weak normality order of the employed keystream output function in the cipher are proposed. These attacks have remarkable advantages in the offline time,online time and memory complexities,which are all better than exhaustive key search. The success probability of each new attack is 0.632. The proposed attack primarily depends on the order of weak normality of the employed keystream output function. This shows that the weak normality order should be carefully considered when designing the keystream output functions of Grain-like stream ciphers.
文摘PCM/PPK telemetry system is a multi-nary pulse modulation system.It is commonly used to transmit high-accuracy time information and some express signals.To the issue of security that telemetry data is transmitted in the open space,a data encryption scheme in the PCM/PPK telemetry system is proposed.In this scheme,the PCM data of signal source are encrypted by stream cipher in which key streams are generated with clock control LSFR.The scheme can save system resource in the dual-modulation compound telemetry system.A backward key synchronization scheme is also proposed,which has the property of strong real-time and easy to implement.A simplified simulation model of PCM/PPK remote system is established based on the actual framework of telemetry system,and the model is simple and easy to simulate.The error performance of the system is analyzed in theory and tested by computer simulation.Also the security of the system is analyzed.The simulation and analysis results show that the encryption scheme can ensure the security of the telemetry data and does not cause error-diffusion.
基金funded by Scientic Research Deanship at University of Ha’il—Saudi Arabia through Project Number RG-20019。
文摘With the new era of the Internet of Things(IoT)technology,many devices with limited resources are utilized.Those devices are susceptible to a signicant number of new malware and other risks emerging rapidly.One of the most appropriate methods for securing those IoT applications is cryptographic algorithms,as cryptography masks information by eliminating the risk of collecting any meaningful information patterns.This ensures that all data communications are private,accurate,authenticated,authorized,or nonrepudiated.Since conventional cryptographic algorithms have been developed specically for devices with limited resources;however,it turns out that such algorithms are not ideal for IoT restricted devices with their current conguration.Therefore,lightweight block ciphers are gaining popularity to meet the requirements of low-power and constrained devices.A new ultra-lightweight secret-key block-enciphering algorithm named“LBC-IoT”is proposed in this paper.The proposed block length is 32-bit supporting key lengths of 80-bit,and it is mainly based on the Feistel structure.Energy-efcient cryptographic features in“LBC-IoT”include the use of simple functions(shift,XOR)and small rigid substitution boxes(4-bit-S-boxes).Besides,it is immune to different types of attacks such as linear,differential,and side-channel as well as exible in terms of implementation.Moreover,LBC-IoT achieves reasonable performance in both hardware and software compared to other recent algorithms.LBC-IoT’s hardware implementation results are very promising(smallest ever area“548”GE)and competitive with today’s leading lightweight ciphers.LBC-IoT is also ideally suited for ultra-restricted devices such as RFID tags.
文摘In block ciphers,the nonlinear components,also known as sub-stitution boxes(S-boxes),are used with the purpose of inducing confusion in cryptosystems.For the last decade,most of the work on designing S-boxes over the points of elliptic curves has been published.The main purpose of these studies is to hide data and improve the security levels of crypto algorithms.In this work,we design pair of nonlinear components of a block cipher over the residue class of Gaussian integers(GI).The fascinating features of this structure provide S-boxes pair at a time by fixing three parameters.But the prime field dependent on the Elliptic curve(EC)provides one S-box at a time by fixing three parameters a,b,and p.The newly designed pair of S-boxes are assessed by various tests like nonlinearity,bit independence criterion,strict avalanche criterion,linear approximation probability,and differential approximation probability.
文摘The substitution box(S-box)is a fundamentally important component of symmetric key cryptosystem.An S-box is a primary source of non-linearity in modern block ciphers,and it resists the linear attack.Various approaches have been adopted to construct S-boxes.S-boxes are commonly constructed over commutative and associative algebraic structures including Galois fields,unitary commutative rings and cyclic and non-cyclic finite groups.In this paper,first a non-associative ring of order 512 is obtained by using computational techniques,and then by this ring a triplet of 8×8 S-boxes is designed.The motivation behind the designing of these S-boxes is to upsurge the robustness and broaden the key space due to non-associative and noncommutative behavior of the algebraic structure under consideration.A novel color image encryption application is anticipated in which initially these 3 S-boxes are being used to produce confusion in three layers of a standard RGB image.However,for the sake of diffusion 3D Arnold chaotic map is used in the proposed encryption scheme.A comparison with some of existing chaos and S-box dependent color image encryption schemes specs the performance results of the anticipated RGB image encryption and observed as approaching the standard prime level.
