A critical problem in the cube attack is how to recover superpolies efficiently.As the targeting number of rounds of an iterative stream cipher increases,the scale of its superpolies becomes larger and larger.Recently...A critical problem in the cube attack is how to recover superpolies efficiently.As the targeting number of rounds of an iterative stream cipher increases,the scale of its superpolies becomes larger and larger.Recently,to recover massive superpolies,the nested monomial prediction technique,the algorithm based on the divide-and-conquer strategy,and stretching cube attacks were proposed,which have been used to recover a superpoly with over ten million monomials for the NFSR-based stream ciphers such as Trivium and Grain-128AEAD.Nevertheless,when these methods are used to recover superpolies,many invalid calculations are performed,which makes recovering superpolies more difficult.This study finds an interesting observation that can be used to improve the above methods.Based on the observation,a new method is proposed to avoid a part of invalid calculations during the process of recovering superpolies.Then,the new method is applied to the nested monomial prediction technique and an improved superpoly recovery framework is presented.To verify the effectiveness of the proposed scheme,the improved framework is applied to 844-and 846-round Trivium and the exact ANFs of the superpolies is obtained with over one hundred million monomials,showing the improved superpoly recovery technique is powerful.Besides,extensive experiments on other scaled-down variants of NFSR-based stream ciphers show that the proposed scheme indeed could be more efficient on the superpoly recovery against NFSR-based stream ciphers.展开更多
We propose a framework for designing randomized stream ciphers with enhanced security. The key attribute of this framework is using of nonlinear bijective mappings or keyless hash functions for random coding. We inves...We propose a framework for designing randomized stream ciphers with enhanced security. The key attribute of this framework is using of nonlinear bijective mappings or keyless hash functions for random coding. We investigate the computational security of the proposed ciphers against chosen-plaintext-chosen-initialization-vector attacks and show that it is based on the hardness of solving some systems of random nonlinear Boolean equations. We also provide guidelines for choosing components to design randomizers for specified ciphers.展开更多
This paper presents a characteristic more efficient and has better properties than the set method for solving Boolean equations, which is general characteristic set method. In particular, the authors give a disjoint a...This paper presents a characteristic more efficient and has better properties than the set method for solving Boolean equations, which is general characteristic set method. In particular, the authors give a disjoint and monic zero decomposition algorithm for the zero set of a Boolean equation system and an explicit formula for the number of solutions of a Boolean equation system. The authors also prove that a characteristic set can be computed with a polynomial number of multiplications of Boolean polynomials in terms of the number of variables. As experiments, the proposed method is used to solve equations from cryptanalysis of a class of stream ciphers based on nonlinear filter generators. Extensive experiments show that the method is quite effective.展开更多
A resynchronization attack is proposed on stream ciphers filtered by Maiorana-McFarland (M-M) functions and equipped with a linear resynchronization mechanism. The proposed attack utilizes the linear weakness of the...A resynchronization attack is proposed on stream ciphers filtered by Maiorana-McFarland (M-M) functions and equipped with a linear resynchronization mechanism. The proposed attack utilizes the linear weakness of the resynchronization mechanism, the partial linearity of M-M functions, and applies the linear consistency test method to recover the secret key. It is shown that an M-M function should not be implemented by itself but rather in combination with other nonlinear components in stream ciphers using linear mechanisms to prevent the proposed attack. It is also shown that the use of linear resynchronization mechanisms should be avoided despite their high efficiency in stream ciphers filtered by M-M functions.展开更多
Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast e...Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast exposes the physical layer vulnerable to the threat of illegal eavesdropping. Quantum noise stream cipher(QNSC) is a classic physical layer encryption method and well compatible with the OFDM-PON. Meanwhile, it is indispensable to exploit forward error correction(FEC) to control errors in data transmission. However, when QNSC and FEC are jointly coded, the redundant information becomes heavier and thus the code rate of the transmitted signal will be largely reduced. In this work, we propose a physical layer encryption scheme based on polar-code-assisted QNSC. In order to improve the code rate and security of the transmitted signal, we exploit chaotic sequences to yield the redundant bits and utilize the redundant information of the polar code to generate the higher-order encrypted signal in the QNSC scheme with the operation of the interleaver.We experimentally demonstrate the encrypted 16/64-QAM, 16/256-QAM, 16/1024-QAM, 16/4096-QAM QNSC signals transmitted over 30-km standard single mode fiber. For the transmitted 16/4096-QAM QNSC signal, compared with the conventional QNSC method, the proposed method increases the code rate from 0.1 to 0.32 with enhanced security.展开更多
Scan-based design for test (DFT) is a powerful and the most popular testing technique. However, while scan-based DFT improves test efficiency, it also leaves a side channel to the privacy information stored in the c...Scan-based design for test (DFT) is a powerful and the most popular testing technique. However, while scan-based DFT improves test efficiency, it also leaves a side channel to the privacy information stored in the chip. This paper investigates the side channel and proposes a simple but powerful scan-based attack that can reveal the key and/or state stored in the chips that implement the state-of-the-art stream ciphers with less than 85 scan-out vectors.展开更多
Due to their significant correlation and redundancy,conventional block cipher cryptosystems are not efficient in encryptingmultimedia data.Streamciphers based onCellularAutomata(CA)can provide amore effective solution...Due to their significant correlation and redundancy,conventional block cipher cryptosystems are not efficient in encryptingmultimedia data.Streamciphers based onCellularAutomata(CA)can provide amore effective solution.The CA have recently gained recognition as a robust cryptographic primitive,being used as pseudorandom number generators in hash functions,block ciphers and stream ciphers.CA have the ability to perform parallel transformations,resulting in high throughput performance.Additionally,they exhibit a natural tendency to resist fault attacks.Few stream cipher schemes based on CA have been proposed in the literature.Though,their encryption/decryption throughput is relatively low,which makes them unsuitable formultimedia communication.Trivium and Grain are efficient stream ciphers that were selected as finalists in the eSTREAM project,but they have proven to be vulnerable to differential fault attacks.This work introduces a novel and scalable stream cipher named CeTrivium,whose design is based on CA.CeTrivium is a 5-neighborhood CA-based streamcipher inspired by the designs of Trivium and Grain.It is constructed using three building blocks:the Trivium(Tr)block,the Nonlinear-CA(NCA)block,and the Nonlinear Mixing(NM)block.The NCA block is a 64-bit nonlinear hybrid 5-neighborhood CA,while the Tr block has the same structure as the Trivium stream cipher.The NM block is a nonlinear,balanced,and reversible Boolean function that mixes the outputs of the Tr and NCA blocks to produce a keystream.Cryptanalysis of CeTrivium has indicated that it can resist various attacks,including correlation,algebraic,fault,cube,Meier and Staffelbach,and side channel attacks.Moreover,the scheme is evaluated using histogramand spectrogramanalysis,aswell as several differentmeasurements,including the correlation coefficient,number of samples change rate,signal-to-noise ratio,entropy,and peak signal-to-noise ratio.The performance of CeTrivium is evaluated and compared with other state-of-the-art techniques.CeTrivium outperforms them in terms of encryption throughput while maintaining high security.CeTrivium has high encryption and decryption speeds,is scalable,and resists various attacks,making it suitable for multimedia communication.展开更多
The Grain v1 stream cipher is one of the seven finalists in the final e STREAM portfolio. Though many attacks have been published,no recovery attack better than exhaustive key search on full Grain v1 in the single key...The Grain v1 stream cipher is one of the seven finalists in the final e STREAM portfolio. Though many attacks have been published,no recovery attack better than exhaustive key search on full Grain v1 in the single key setting has been found yet. In this paper,new state recovery attacks on Grain v1 utilizing the weak normality order of the employed keystream output function in the cipher are proposed. These attacks have remarkable advantages in the offline time,online time and memory complexities,which are all better than exhaustive key search. The success probability of each new attack is 0.632. The proposed attack primarily depends on the order of weak normality of the employed keystream output function. This shows that the weak normality order should be carefully considered when designing the keystream output functions of Grain-like stream ciphers.展开更多
Based on a coupled nonlinear dynamic filter (NDF), a novel chaotic stream cipher is presented in this paper and employed to protect palmprint templates. The chaotic pseudorandom bit generator (PRBG) based on a cou...Based on a coupled nonlinear dynamic filter (NDF), a novel chaotic stream cipher is presented in this paper and employed to protect palmprint templates. The chaotic pseudorandom bit generator (PRBG) based on a coupled NDF, which is constructed in an inverse flow, can generate multiple bits at one iteration and satisfy the security requirement of cipher design. Then, the stream cipher is employed to generate cancelable competitive code palmprint biometrics for template protection. The proposed cancelable palmprint authentication system depends on two factors: the palmprint biometric and the password/token. Therefore, the system provides high-confidence and also protects the user's privacy. The experimental results of verification on the Hong Kong PolyU Palmprint Database show that the proposed approach has a large template re-issuance ability and the equal error rate can achieve 0.02%. The performance of the palmprint template protection scheme proves the good practicability and security of the proposed stream cipher.展开更多
Algebraic attack was applied to attack Filter-Combintr model keystreamgenerators. We proposed the technique of function composition to improve the model, and the improvedmodel can resist the algebraic attack. A new cr...Algebraic attack was applied to attack Filter-Combintr model keystreamgenerators. We proposed the technique of function composition to improve the model, and the improvedmodel can resist the algebraic attack. A new criterion for designing Filter-Combiner model was alsoproposed: the total length I. of Linear Finite State Machines used in the model should be largeenough and the degree d of Filter-Combiner function should be approximate [L/2].展开更多
Data encryption is essential in securing exchanged data between connected parties.Encryption is the process of transforming readable text into scrambled,unreadable text using secure keys.Stream ciphers are one type of...Data encryption is essential in securing exchanged data between connected parties.Encryption is the process of transforming readable text into scrambled,unreadable text using secure keys.Stream ciphers are one type of an encryption algorithm that relies on only one key for decryption and as well as encryption.Many existing encryption algorithms are developed based on either a mathematical foundation or on other biological,social or physical behaviours.One technique is to utilise the behavioural aspects of game theory in a stream cipher.In this paper,we introduce an enhanced Deoxyribonucleic acid(DNA)-coded stream cipher based on an iterated n-player prisoner’s dilemma paradigm.Our main goal is to contribute to adding more layers of randomness to the behaviour of the keystream generation process;these layers are inspired by the behaviour of multiple players playing a prisoner’s dilemma game.We implement parallelism to compensate for the additional processing time that may result fromadding these extra layers of randomness.The results show that our enhanced design passes the statistical tests and achieves an encryption throughput of about 1,877 Mbit/s,which makes it a feasible secure stream cipher.展开更多
A class of chaotic map called piecewise-quadratic-equation map to design feedback stream cipher is proposed. Such map can generate chaotic signals that have uniform distribution function, δ-like autocorrelation funct...A class of chaotic map called piecewise-quadratic-equation map to design feedback stream cipher is proposed. Such map can generate chaotic signals that have uniform distribution function, δ-like autocorrelation function. Compared with the piecewise-linear map, this map provides enhanced security in that they can maintain the original perfect statistical properties, as well as overcome the defect of piecewise-linearity and expand the key space. This paper presents a scheme to improve the local complexity of the chaotic stream cipher based on the piecewise-quadratic-equationmap. Both the theoretic analysis and the results of simulation show that this scheme improves the microstructure of the phase-space graph on condition that the good properties of the original scheme are remained.展开更多
Chaos is a similar and random process which is very sensitive to initial value in deterministic system. It is a performance of nonlinear dynamical system with built-in randomness. Combined with the advantages and disa...Chaos is a similar and random process which is very sensitive to initial value in deterministic system. It is a performance of nonlinear dynamical system with built-in randomness. Combined with the advantages and disadvantages of the present chaos encryption model, the paper proposes a chaotic stream cipher model based on chaos theory, which not only overcomes finite precision effect, but also improves the randomness of chaotic system and output sequence. The Sequence cycle theory generated by the algorithm can reach more than 10600 at least, which completely satisfies the actual application requirements of stream cipher system.展开更多
Using the fact that the factorization of x^N — 1 over GF(2) is especiallyexplicit, we completely establish the distributions and the expected values of the lineal complexityand the k-error linear complexity of the N-...Using the fact that the factorization of x^N — 1 over GF(2) is especiallyexplicit, we completely establish the distributions and the expected values of the lineal complexityand the k-error linear complexity of the N-periodic sequences respectively,where N is an odd primeand 2 is a primitive root modulo N. The results show that there are a large percentage of sequenceswith both the linear complexity and the k-enor linear complexity not less than N, quite close totheir maximum possible values.展开更多
A family of binary sequences were constructed by using an elliptic curve and its twisted curves over finite fields. It was shown that these sequences possess "good" cryptographie properties of 0-1 distribution, long...A family of binary sequences were constructed by using an elliptic curve and its twisted curves over finite fields. It was shown that these sequences possess "good" cryptographie properties of 0-1 distribution, long period and large linear complexity. The results indicate that such se quences provide strong potential applications in cryptography.展开更多
Combining with the research on the linear complexity of explicit nonlinear generators of pseudorandom sequences, we study the stability on linear complexity of two classes of explicit inversive generators and two clas...Combining with the research on the linear complexity of explicit nonlinear generators of pseudorandom sequences, we study the stability on linear complexity of two classes of explicit inversive generators and two classes of explicit nonlinear generators. We present some lower bounds in theory on the k-error linear complexity of these explicit generatol's, which further improve the cryptographic properties of the corresponding number generators and provide very useful information when they are applied to cryptography.展开更多
This paper presents a new method for resynchronization attack, which is the combination of the differential cryptanalysis and algebraic attack. By using the new method one gets a system of linear equations or low-degr...This paper presents a new method for resynchronization attack, which is the combination of the differential cryptanalysis and algebraic attack. By using the new method one gets a system of linear equations or low-degree equations about initial keys, and the solution of the system of equations results in the recovery of the initial keys. This method has a lower computational complexity and better performance of attack in contrast to the known methods. Accordingly, the design of the resynchronization stream generators should be reconsidered to make them strong enough to avoid our attacks. When implemented to the Toyocrypt, our method gains the computational complexity of O(2^17), and that of 0(2^67) for LILI-128.展开更多
Small-state stream ciphers(SSCs),which violate the principle that the state size should exceed the key size by a factor of two,still demonstrate robust security properties while maintaining a lightweight design.These ...Small-state stream ciphers(SSCs),which violate the principle that the state size should exceed the key size by a factor of two,still demonstrate robust security properties while maintaining a lightweight design.These ciphers can be clas-sifed into several constructions and their basic security requirement is to resist generic attacks,ie.,the time-mem-ory-data tradeoff(TMDTO)attack.In this paper,we investigate the security of small-state constructions in the multi-user setting.Based on it,the TMDTO distinguishing attack and the TMDTO key recovery attack are developed for such a setting.It is shown that SSCs which continuously use the key can not resist the TMDTO distinguishing attack.Moreover,SSCs based on the continuous-IV-key-use construction cannot withstand the TMDTO key recovery attack when the key length is shorter than the IV length,no matter whether the keystream length is limited or not.Finally,We apply these two generic attacks to TinyJAMBU and DRACO in the multi-user setting.The TMDTO distinguish-ing attack on TinyJAMBU with a 128-bit key can be mounted with time,memory,and data complexities of 264,248,and 232,respectively.This attack is comparable with a recent work on ToSC 2022,where partial key bits of TinyJAMBU are recovered with more than 250 users(or keys).As DRACO's IV length is smaller than its key length,itis vulnerable to the TMDTO key recovery attack.The resulting attack has a time and memory complexity of both 2112,which means DRACO does not provide 128-bit security in the multi-user setting.展开更多
Minimal polynomials and linear complexity of binary Ding generalized cyclotomic sequences of order 2 with the two-prime residue ring Zpq are obtained by Bai in 2005. In this paper, we obtain linear complexity and mini...Minimal polynomials and linear complexity of binary Ding generalized cyclotomic sequences of order 2 with the two-prime residue ring Zpq are obtained by Bai in 2005. In this paper, we obtain linear complexity and minimal polynomials of all Ding generalized cyclotomic sequences. Our result shows that linear complexity of these sequences takes on the values pq and pq-1 on our necessary and sufficient condition with probability 1/4 and the lower bound (pq - 1)/2 with probability 1/8. This shows that most of these sequences are good. We also obtained that linear complexity and minimal polynomials of these sequences are independent of their orders. This makes it no more difficult in choosing proper p and q.展开更多
PCM/PPK telemetry system is a multi-nary pulse modulation system.It is commonly used to transmit high-accuracy time information and some express signals.To the issue of security that telemetry data is transmitted in t...PCM/PPK telemetry system is a multi-nary pulse modulation system.It is commonly used to transmit high-accuracy time information and some express signals.To the issue of security that telemetry data is transmitted in the open space,a data encryption scheme in the PCM/PPK telemetry system is proposed.In this scheme,the PCM data of signal source are encrypted by stream cipher in which key streams are generated with clock control LSFR.The scheme can save system resource in the dual-modulation compound telemetry system.A backward key synchronization scheme is also proposed,which has the property of strong real-time and easy to implement.A simplified simulation model of PCM/PPK remote system is established based on the actual framework of telemetry system,and the model is simple and easy to simulate.The error performance of the system is analyzed in theory and tested by computer simulation.Also the security of the system is analyzed.The simulation and analysis results show that the encryption scheme can ensure the security of the telemetry data and does not cause error-diffusion.展开更多
基金National Natural Science Foundation of China(62372464)。
文摘A critical problem in the cube attack is how to recover superpolies efficiently.As the targeting number of rounds of an iterative stream cipher increases,the scale of its superpolies becomes larger and larger.Recently,to recover massive superpolies,the nested monomial prediction technique,the algorithm based on the divide-and-conquer strategy,and stretching cube attacks were proposed,which have been used to recover a superpoly with over ten million monomials for the NFSR-based stream ciphers such as Trivium and Grain-128AEAD.Nevertheless,when these methods are used to recover superpolies,many invalid calculations are performed,which makes recovering superpolies more difficult.This study finds an interesting observation that can be used to improve the above methods.Based on the observation,a new method is proposed to avoid a part of invalid calculations during the process of recovering superpolies.Then,the new method is applied to the nested monomial prediction technique and an improved superpoly recovery framework is presented.To verify the effectiveness of the proposed scheme,the improved framework is applied to 844-and 846-round Trivium and the exact ANFs of the superpolies is obtained with over one hundred million monomials,showing the improved superpoly recovery technique is powerful.Besides,extensive experiments on other scaled-down variants of NFSR-based stream ciphers show that the proposed scheme indeed could be more efficient on the superpoly recovery against NFSR-based stream ciphers.
文摘We propose a framework for designing randomized stream ciphers with enhanced security. The key attribute of this framework is using of nonlinear bijective mappings or keyless hash functions for random coding. We investigate the computational security of the proposed ciphers against chosen-plaintext-chosen-initialization-vector attacks and show that it is based on the hardness of solving some systems of random nonlinear Boolean equations. We also provide guidelines for choosing components to design randomizers for specified ciphers.
基金This research is partially supported by a National Key Basic Research Project of China under Grant No.2004CB318000.
文摘This paper presents a characteristic more efficient and has better properties than the set method for solving Boolean equations, which is general characteristic set method. In particular, the authors give a disjoint and monic zero decomposition algorithm for the zero set of a Boolean equation system and an explicit formula for the number of solutions of a Boolean equation system. The authors also prove that a characteristic set can be computed with a polynomial number of multiplications of Boolean polynomials in terms of the number of variables. As experiments, the proposed method is used to solve equations from cryptanalysis of a class of stream ciphers based on nonlinear filter generators. Extensive experiments show that the method is quite effective.
基金Acknowledgements This work was supported in part by the Major State Basic Research Development Program of China (973 Program) (2007CB311201), and the National Natural Science Foundation of China (Grant Nos. 60833008 and 60803149), and foundation of Guangxi key laboratory of information and communication (20902).
文摘A resynchronization attack is proposed on stream ciphers filtered by Maiorana-McFarland (M-M) functions and equipped with a linear resynchronization mechanism. The proposed attack utilizes the linear weakness of the resynchronization mechanism, the partial linearity of M-M functions, and applies the linear consistency test method to recover the secret key. It is shown that an M-M function should not be implemented by itself but rather in combination with other nonlinear components in stream ciphers using linear mechanisms to prevent the proposed attack. It is also shown that the use of linear resynchronization mechanisms should be avoided despite their high efficiency in stream ciphers filtered by M-M functions.
基金supported in part by the National Natural Science Foundation of China Project under Grant 62075147the Suzhou Industry Technological Innovation Projects under Grant SYG202348.
文摘Orthogonal frequency division multiplexing passive optical network(OFDM-PON) has superior anti-dispersion property to operate in the C-band of fiber for increased optical power budget. However,the downlink broadcast exposes the physical layer vulnerable to the threat of illegal eavesdropping. Quantum noise stream cipher(QNSC) is a classic physical layer encryption method and well compatible with the OFDM-PON. Meanwhile, it is indispensable to exploit forward error correction(FEC) to control errors in data transmission. However, when QNSC and FEC are jointly coded, the redundant information becomes heavier and thus the code rate of the transmitted signal will be largely reduced. In this work, we propose a physical layer encryption scheme based on polar-code-assisted QNSC. In order to improve the code rate and security of the transmitted signal, we exploit chaotic sequences to yield the redundant bits and utilize the redundant information of the polar code to generate the higher-order encrypted signal in the QNSC scheme with the operation of the interleaver.We experimentally demonstrate the encrypted 16/64-QAM, 16/256-QAM, 16/1024-QAM, 16/4096-QAM QNSC signals transmitted over 30-km standard single mode fiber. For the transmitted 16/4096-QAM QNSC signal, compared with the conventional QNSC method, the proposed method increases the code rate from 0.1 to 0.32 with enhanced security.
基金partially supported by the National High Technology Research and Development 863 Program of China under Grant No.2013AA013202the Key Programs for Science and Technology Development of Chongqing of China under Grant No.cstc2012ggC40005+1 种基金the National Natural Science Foundation of China under Grant No.61173014the National Science Foundation of USA under Grant No.CNS-1015802
文摘Scan-based design for test (DFT) is a powerful and the most popular testing technique. However, while scan-based DFT improves test efficiency, it also leaves a side channel to the privacy information stored in the chip. This paper investigates the side channel and proposes a simple but powerful scan-based attack that can reveal the key and/or state stored in the chips that implement the state-of-the-art stream ciphers with less than 85 scan-out vectors.
文摘Due to their significant correlation and redundancy,conventional block cipher cryptosystems are not efficient in encryptingmultimedia data.Streamciphers based onCellularAutomata(CA)can provide amore effective solution.The CA have recently gained recognition as a robust cryptographic primitive,being used as pseudorandom number generators in hash functions,block ciphers and stream ciphers.CA have the ability to perform parallel transformations,resulting in high throughput performance.Additionally,they exhibit a natural tendency to resist fault attacks.Few stream cipher schemes based on CA have been proposed in the literature.Though,their encryption/decryption throughput is relatively low,which makes them unsuitable formultimedia communication.Trivium and Grain are efficient stream ciphers that were selected as finalists in the eSTREAM project,but they have proven to be vulnerable to differential fault attacks.This work introduces a novel and scalable stream cipher named CeTrivium,whose design is based on CA.CeTrivium is a 5-neighborhood CA-based streamcipher inspired by the designs of Trivium and Grain.It is constructed using three building blocks:the Trivium(Tr)block,the Nonlinear-CA(NCA)block,and the Nonlinear Mixing(NM)block.The NCA block is a 64-bit nonlinear hybrid 5-neighborhood CA,while the Tr block has the same structure as the Trivium stream cipher.The NM block is a nonlinear,balanced,and reversible Boolean function that mixes the outputs of the Tr and NCA blocks to produce a keystream.Cryptanalysis of CeTrivium has indicated that it can resist various attacks,including correlation,algebraic,fault,cube,Meier and Staffelbach,and side channel attacks.Moreover,the scheme is evaluated using histogramand spectrogramanalysis,aswell as several differentmeasurements,including the correlation coefficient,number of samples change rate,signal-to-noise ratio,entropy,and peak signal-to-noise ratio.The performance of CeTrivium is evaluated and compared with other state-of-the-art techniques.CeTrivium outperforms them in terms of encryption throughput while maintaining high security.CeTrivium has high encryption and decryption speeds,is scalable,and resists various attacks,making it suitable for multimedia communication.
基金supported in part by the National Natural Science Foundation of China (Grant No.61202491,61272041,61272488,61402523,61602514)the Science and Technology on Communication Security Laboratory Foundation of China under Grant No.9140C110303140C11051
文摘The Grain v1 stream cipher is one of the seven finalists in the final e STREAM portfolio. Though many attacks have been published,no recovery attack better than exhaustive key search on full Grain v1 in the single key setting has been found yet. In this paper,new state recovery attacks on Grain v1 utilizing the weak normality order of the employed keystream output function in the cipher are proposed. These attacks have remarkable advantages in the offline time,online time and memory complexities,which are all better than exhaustive key search. The success probability of each new attack is 0.632. The proposed attack primarily depends on the order of weak normality of the employed keystream output function. This shows that the weak normality order should be carefully considered when designing the keystream output functions of Grain-like stream ciphers.
基金Project supported by the National Natural Science Foundation of China (Grant No. 60971104)the Basic Research Foundation of Sichuan Province,China (Grant No. 2006J013-011)+1 种基金the Outstanding Young Researchers Foundation of Sichuan Province,China (Grant No. 09ZQ026-091)the Research Fund for the Doctoral Program of Higher Education of China(Grant No. 20090184110008)
文摘Based on a coupled nonlinear dynamic filter (NDF), a novel chaotic stream cipher is presented in this paper and employed to protect palmprint templates. The chaotic pseudorandom bit generator (PRBG) based on a coupled NDF, which is constructed in an inverse flow, can generate multiple bits at one iteration and satisfy the security requirement of cipher design. Then, the stream cipher is employed to generate cancelable competitive code palmprint biometrics for template protection. The proposed cancelable palmprint authentication system depends on two factors: the palmprint biometric and the password/token. Therefore, the system provides high-confidence and also protects the user's privacy. The experimental results of verification on the Hong Kong PolyU Palmprint Database show that the proposed approach has a large template re-issuance ability and the equal error rate can achieve 0.02%. The performance of the palmprint template protection scheme proves the good practicability and security of the proposed stream cipher.
文摘Algebraic attack was applied to attack Filter-Combintr model keystreamgenerators. We proposed the technique of function composition to improve the model, and the improvedmodel can resist the algebraic attack. A new criterion for designing Filter-Combiner model was alsoproposed: the total length I. of Linear Finite State Machines used in the model should be largeenough and the degree d of Filter-Combiner function should be approximate [L/2].
文摘Data encryption is essential in securing exchanged data between connected parties.Encryption is the process of transforming readable text into scrambled,unreadable text using secure keys.Stream ciphers are one type of an encryption algorithm that relies on only one key for decryption and as well as encryption.Many existing encryption algorithms are developed based on either a mathematical foundation or on other biological,social or physical behaviours.One technique is to utilise the behavioural aspects of game theory in a stream cipher.In this paper,we introduce an enhanced Deoxyribonucleic acid(DNA)-coded stream cipher based on an iterated n-player prisoner’s dilemma paradigm.Our main goal is to contribute to adding more layers of randomness to the behaviour of the keystream generation process;these layers are inspired by the behaviour of multiple players playing a prisoner’s dilemma game.We implement parallelism to compensate for the additional processing time that may result fromadding these extra layers of randomness.The results show that our enhanced design passes the statistical tests and achieves an encryption throughput of about 1,877 Mbit/s,which makes it a feasible secure stream cipher.
文摘A class of chaotic map called piecewise-quadratic-equation map to design feedback stream cipher is proposed. Such map can generate chaotic signals that have uniform distribution function, δ-like autocorrelation function. Compared with the piecewise-linear map, this map provides enhanced security in that they can maintain the original perfect statistical properties, as well as overcome the defect of piecewise-linearity and expand the key space. This paper presents a scheme to improve the local complexity of the chaotic stream cipher based on the piecewise-quadratic-equationmap. Both the theoretic analysis and the results of simulation show that this scheme improves the microstructure of the phase-space graph on condition that the good properties of the original scheme are remained.
文摘Chaos is a similar and random process which is very sensitive to initial value in deterministic system. It is a performance of nonlinear dynamical system with built-in randomness. Combined with the advantages and disadvantages of the present chaos encryption model, the paper proposes a chaotic stream cipher model based on chaos theory, which not only overcomes finite precision effect, but also improves the randomness of chaotic system and output sequence. The Sequence cycle theory generated by the algorithm can reach more than 10600 at least, which completely satisfies the actual application requirements of stream cipher system.
文摘Using the fact that the factorization of x^N — 1 over GF(2) is especiallyexplicit, we completely establish the distributions and the expected values of the lineal complexityand the k-error linear complexity of the N-periodic sequences respectively,where N is an odd primeand 2 is a primitive root modulo N. The results show that there are a large percentage of sequenceswith both the linear complexity and the k-enor linear complexity not less than N, quite close totheir maximum possible values.
基金Supported by the National Natural Science Foun-dation of China (60473028) the Natural Science Foundation of FujianProvince (A0540011) +1 种基金the Science and Technology Foundation of Fu-jian Educational Committee (JA04264) the Science and Technolo-gy Foundation of Putian City (2005S04)
文摘A family of binary sequences were constructed by using an elliptic curve and its twisted curves over finite fields. It was shown that these sequences possess "good" cryptographie properties of 0-1 distribution, long period and large linear complexity. The results indicate that such se quences provide strong potential applications in cryptography.
基金the Natural Science Foundation of Fujian Province (2007F3086)the Funds of the Education Department of Fujian Prov-ince (JA07164)the Open Funds of Key Laboratory of Fujian Province University Network Security and Cryptology (07B005)
文摘Combining with the research on the linear complexity of explicit nonlinear generators of pseudorandom sequences, we study the stability on linear complexity of two classes of explicit inversive generators and two classes of explicit nonlinear generators. We present some lower bounds in theory on the k-error linear complexity of these explicit generatol's, which further improve the cryptographic properties of the corresponding number generators and provide very useful information when they are applied to cryptography.
基金Supported in part by the National Natural Science Foundation of China (No.60273084)the National Laboratory for Modern Communications Foundation of China (No.51436030105DZ0105).
文摘This paper presents a new method for resynchronization attack, which is the combination of the differential cryptanalysis and algebraic attack. By using the new method one gets a system of linear equations or low-degree equations about initial keys, and the solution of the system of equations results in the recovery of the initial keys. This method has a lower computational complexity and better performance of attack in contrast to the known methods. Accordingly, the design of the resynchronization stream generators should be reconsidered to make them strong enough to avoid our attacks. When implemented to the Toyocrypt, our method gains the computational complexity of O(2^17), and that of 0(2^67) for LILI-128.
基金This work was supported by the National Natural Science Foundation of China[grant number 62022036,62132008,62372213].
文摘Small-state stream ciphers(SSCs),which violate the principle that the state size should exceed the key size by a factor of two,still demonstrate robust security properties while maintaining a lightweight design.These ciphers can be clas-sifed into several constructions and their basic security requirement is to resist generic attacks,ie.,the time-mem-ory-data tradeoff(TMDTO)attack.In this paper,we investigate the security of small-state constructions in the multi-user setting.Based on it,the TMDTO distinguishing attack and the TMDTO key recovery attack are developed for such a setting.It is shown that SSCs which continuously use the key can not resist the TMDTO distinguishing attack.Moreover,SSCs based on the continuous-IV-key-use construction cannot withstand the TMDTO key recovery attack when the key length is shorter than the IV length,no matter whether the keystream length is limited or not.Finally,We apply these two generic attacks to TinyJAMBU and DRACO in the multi-user setting.The TMDTO distinguish-ing attack on TinyJAMBU with a 128-bit key can be mounted with time,memory,and data complexities of 264,248,and 232,respectively.This attack is comparable with a recent work on ToSC 2022,where partial key bits of TinyJAMBU are recovered with more than 250 users(or keys).As DRACO's IV length is smaller than its key length,itis vulnerable to the TMDTO key recovery attack.The resulting attack has a time and memory complexity of both 2112,which means DRACO does not provide 128-bit security in the multi-user setting.
基金Project supported by the National Natural Science Foundation of China(Grant No.60473028)the Natural Science Foundation of Fujian Province(Grant No.A0540011)the Science and Technology Fund of Educational Committee of Fujian Province(Grant No.JA04264)
文摘Minimal polynomials and linear complexity of binary Ding generalized cyclotomic sequences of order 2 with the two-prime residue ring Zpq are obtained by Bai in 2005. In this paper, we obtain linear complexity and minimal polynomials of all Ding generalized cyclotomic sequences. Our result shows that linear complexity of these sequences takes on the values pq and pq-1 on our necessary and sufficient condition with probability 1/4 and the lower bound (pq - 1)/2 with probability 1/8. This shows that most of these sequences are good. We also obtained that linear complexity and minimal polynomials of these sequences are independent of their orders. This makes it no more difficult in choosing proper p and q.
文摘PCM/PPK telemetry system is a multi-nary pulse modulation system.It is commonly used to transmit high-accuracy time information and some express signals.To the issue of security that telemetry data is transmitted in the open space,a data encryption scheme in the PCM/PPK telemetry system is proposed.In this scheme,the PCM data of signal source are encrypted by stream cipher in which key streams are generated with clock control LSFR.The scheme can save system resource in the dual-modulation compound telemetry system.A backward key synchronization scheme is also proposed,which has the property of strong real-time and easy to implement.A simplified simulation model of PCM/PPK remote system is established based on the actual framework of telemetry system,and the model is simple and easy to simulate.The error performance of the system is analyzed in theory and tested by computer simulation.Also the security of the system is analyzed.The simulation and analysis results show that the encryption scheme can ensure the security of the telemetry data and does not cause error-diffusion.
