This volume provides a detailed account of block cipher analysis, design, and deployment. The authors describe the most prominent block ciphers and give insights into their design.
In this paper we consider some cryptographic implications of integrated circuit (IC) printing. While still in its infancy, IC-printing allows the production and personalisation of circuits at very ...low cost. In this paper we present two block ciphers PRINTcipher-48 and PRINTcipher-96 that are designed to exploit the properties of IC-printing technology and we further extend recent advances in lightweight block cipher design.
Good Variants of HB + Are Hard to Find Gilbert, Henri; Robshaw, Matthew J. B; Seurin, Yannick
Financial Cryptography and Data Security
5143
Book Chapter
Recenzirano
Odprti dostop
The strikingly simple HB + protocol of Juels and Weis 11 has been proposed for the authentication of low-cost RFID tags. As well as being computationally efficient, the protocol is accompanied by an ...elegant proof of security. After its publication, Gilbert et al. 8 demonstrated a simple man-in-the-middle attack that allowed an attacker to recover the secret authentication keys. (The attack does not contradict the proof of security since the attacker lies outside the adversarial model.) Since then a range of schemes closely related to HB + have been proposed and these are intended to build on the security of HB + while offering resistance to the attack of 8. In this paper we show that many of these variants can still be attacked using the techniques of 8 and the original HB + protocol remains the most attractive member of the HB + family.
How to Encrypt with the LPN Problem Gilbert, Henri; Robshaw, Matthew J. B; Seurin, Yannick
Automata, Languages and Programming
5126
Book Chapter
Recenzirano
We present a probabilistic private-key encryption scheme named LPN-C whose security can be reduced to the hardness of the Learning from Parity with Noise (LPN) problem. The proposed protocol involves ...only basic operations in GF(2) and an error-correcting code. We show that it achieves indistinguishability under adaptive chosen plaintext attacks (IND-P2-C0). Appending a secure MAC renders the scheme secure under adaptive chosen ciphertext attacks. This scheme enriches the range of available cryptographic primitives whose security relies on the hardness of the LPN problem.
The field of lightweight cryptography has developed significantly over recent years and many impressive implementation results have been published. However these results are often concerned with a ...core computation and when it comes to a real implementation there can be significant hidden overheads. In this paper we consider the case of cryptoGPS and we outline a full implementation that has been fabricated in ASIC. Interestingly, the implementation requirements still remain within the typically-cited limits for on-the-tag cryptography. Keywords: Lightweight cryptography, RFID, cryptoGPS, ASIC
The Belgian block cipher Rijndael was chosen in 2000 by the U.S. government's National Institute of Standards and Technology (NIST) to be the successor to the Data Encryption Standard. Rijndael was ...subsequently standardized as the Advanced Encryption Standard (AES), which is potentially the world's most important block cipher. In 2002, some new analytical techniques were suggested that may have a dramatic effect on the security of the AES. Existing analytical techniques for block ciphers depend heavily on a statistical approach, whereas these new techniques are algebraic in nature. Algebraic Aspects of the Advanced Encryption Standard, appearing five years after publication of the AES, presents the state of the art for the use of such algebraic techniques in analyzing the AES. The primary audience for this work includes academic and industry researchers in cryptology, the book is also suitable for advanced-level students.
Securing RSA-KEM via the AES Jonsson, Jakob; Robshaw, Matthew J. B.
Lecture notes in computer science,
2005
Book Chapter, Conference Proceeding
Recenzirano
Odprti dostop
RSA-KEM is a popular key encapsulation mechanism that combines the RSA trapdoor permutation with a key derivation function (KDF). Often the details of the KDF are viewed as orthogonal to the RSA-KEM ...construction and the RSA-KEM proof of security models the KDF as a random oracle. In this paper we present an AES-based KDF that has been explicitly designed so that we can appeal to currently held views on the ideal behaviour of the AES when proving the security of RSA-KEM. Thus, assuming that encryption with the AES provides a permutation of 128-bit input blocks that is chosen uniformily at random for each key k, the security of RSA-KEM against chosen-ciphertext attacks can be related to the hardness of inverting RSA.
In this paper we explore the recovery of key information from a block cipher when using unbiased linear approximations of a certain form. In particular we develop a theoretical framework for their ...treatment and we confirm their behaviour with experiments on reduced-round variants of DES. As an application we show a novel form of linear cryptanalysis using multiple linear approximations which can be used to extract key information when all pre-existing techniques would fail.
This state-of-the-art survey presents the outcome of the eSTREAM Project, which was launched in 2004 as part of ECRYPT, the European Network of Excellence in Cryptology (EU Framework VI). The goal of ...eSTREAM was to promote the design of new stream ciphers with a particular emphasis on algorithms that would be either very fast in software or very resource-efficient in hardware. Algorithm designers were invited to submit new stream cipher proposals to eSTREAM, and 34 candidates were proposed from around the world. Over the following years the submissions were assessed with regard to both security and practicality by the cryptographic community, and the results were presented at major conferences and specialized workshops dedicated to the state of the art of stream ciphers. This volume describes the most successful of the submitted designs and, over 16 chapters, provides full specifications of the ciphers that reached the final phase of the eSTREAM project. The book is rounded off by two implementation surveys covering both the software- and the hardware-oriented finalists.