Secure image encryption scheme using 4D-Hyperchaotic systems based reconfigurable pseudo-random number generator and S-Box

This paper introduces the design of a hardware efficient reconfigurable pseudorandom number generator (PRNG) using two different feedback controllers based four-dimensional (4D) hyperchaotic systems i.e. Hyperchaotic-1 and -2 to provide confidentiality for digital images. The parameter's value of these two hyperchaotic systems is set to be a specific value to get the benefits i.e. all the multiplications (except a few multiplications) are performed using hardwired shifting operations rather than the binary multiplications, which doesn't utilize any hardware resource. The ordinary differential equations (ODEs) of these two systems have been exploited to build a generic architecture that fits in a single architecture. The proposed architecture provides an opportunity to switch between two different 4D hyperchaotic systems depending on the required behavior. To ensure the security strength, that can be also used in the encryption process in which encrypt the input data up to two times successively, each time using a different PRNG configuration. The proposed reconfigurable PRNG has been designed using Verilog HDL, synthesized on the Xilinx tool using the Virtex-5 (XC5VLX50T) and Zynq (XC7Z045) FPGA, its analysis has been done using Matlab tool. It has been found that the proposed architecture of PRNG has the best hardware performance and good statistical properties as it passes all fifteen NIST statistical benchmark tests while it can operate at 79.101-MHz or 1898.424-Mbps and utilize only 0.036 %, 0.23 %, and 1.77 % from the Zynq (XC7Z045) FPGA's slice registers, slice LUTs, and DSP blocks respectively. Utilizing these PRNGs, we design two 16 × 16 substitution boxes (S-boxes). The proposed S-boxes fulfill the following criteria: Bijective, Balanced, Non-linearity, Dynamic Distance, Strict Avalanche Criterion (SAC) and BIC non-linearity criterion. To demonstrate these PRNGs and S-boxes, a new three different scheme of image encryption algorithms have been developed: a) Encryption using S-box-1, b) Encryption using S-box-2 and, c) Two times encryption using S-box-1 and S-box-2. To demonstrate that the proposed cryptosystem is highly secure, we perform the security analysis (in terms of the correlation coefficient, key space, NPCR, UACI, information entropy and image encryption quantitatively in terms of (MSE, PSNR and SSIM)).     

一类Feistel密码的线性分析

该文提出一种新的求取分组密码线性偏差上界的方法，特别适用于密钥线性作用的Feistel密码．该分析方法的思路是，首先对密码体制线性偏差进行严格的数学描述，分别给出密码线性偏差与轮函数F及S盒的线性偏差的数学关系；然后通过求取线性方程组最小重量解，确定密码线性偏差的上界．     

关于S盒的几点注记

分析了Ｓ盒的平衡性，相关免疫性，严格雪崩性和非线性度的各种可能定义及它们之间的相互关系，提出了要Ｓ盒采用这些准则的定义。     

Using RC4 and AES Key Schedule to Generate Dynamic S-Box in AES

ABSTRACT

Advanced Encryption Standard (AES) block cipher system is widely used in cryptographic applications. Substitution boxes (S-boxes) are a keystone of modern symmetric cryptosystems which bring nonlinearity to the cryptosystems and strengthen their cryptographic security. The S-box component used in classic AES is fixed and not changeable. If the S-box is generated dynamically, the cryptographic strength of AES cipher system would be increased. In this article, we use RC4 and AES Key Expansion algorithms to generate dynamic S-box for AES. The purpose of the proposed approach is to generate more secure S-boxes. The generated S-box will have better results in security analysis. To examine the security, various tests are applied to the new S-box and the results pass all of them.     

SMS4算法S盒的密码学性质

S盒是分组密码的重要组成部分,在很大程度上决定了分组密码的安全性。该文研究了中国分组密码标准SMS4算法S盒的平衡性、差分性质、线性结构、非线性、Walsh谱等性质,通过与美国高级加密标准、欧洲分组加密标准Camellia的S盒作比较,说明了SMS4算法S盒一些较好的安全特性。     

基于Cache行为的旁路攻击

分析新型高速缓冲存储器(Cache)旁路攻击技术,给出一种Cache旁路攻击方法。针对S盒操作使用查找表处理的数据加密标准(DES)算法实现,通过获取DES加密过程中前2轮加密运算对应的Cache命中信息,结合数学分析方法,可以有效地缩小DES密钥搜索空间。对Cache存储器行为和数学分析攻击进行仿真实现的结果显示,通过26个选择明文,大约耗费230次离线DES加密时间成功地恢复了DES密钥。给出了防御Cache攻击的基本对策。     

DBST: a lightweight block cipher based on dynamic S-box

IoT devices have been widely used with the advent of 5G. These devices contain a large amount of private data during transmission. It is primely important for ensuring their security. Therefore, we proposed a lightweight block cipher based on dynamic S-box named DBST. It is introduced for devices with limited hardware resources and high throughput requirements. DBST is a 128-bit block cipher supporting 64-bit key, which is based on a new generalized Feistel variant structure. It retains the consistency and significantly boosts the diffusion of the traditional Feistel structure. The SubColumns of round function is implemented by combining bit-slice technology with subkeys. The S-box is dynamically associated with the key. It has been demonstrated that DBST has a good avalanche effect, low hardware area, and high throughput. Our S-box has been proven to have fewer differential features than RECTANGLE S-box. The security analysis of DBST reveals that it can against impossible differential attack, differential attack, linear attack, and other types of attacks.     

Quantum-inspired design of resilient substitution boxes: From coding to hardware implementation

S-boxes constitute a cornerstone component in symmetric-key cryptographic algorithms, such as DES and AES encryption systems. In block ciphers, they are typically used to obscure the relationship between the plaintext and the ciphertext. Non-linear and non-correlated S-boxes are the most secure against linear and differential cryptanalysis. In this paper, we focus on a twofold objective: first, we evolve regular S-boxes with high non-linearity and low auto-correlation properties; then automatically generate evolvable hardware for the obtained S-box. Targeting the former, we use a quantum-inspired evolutionary algorithm to optimize regularity, non-linearity and auto-correlation, which constitute the three main desired properties in resilient S-boxes. Pursuing the latter, we exploit the same algorithm to automatically generate the evolvable hardware designs of substitution boxes that minimize hardware space and encryption/decryption time, which form the two main hardware characteristics. We compare our results against existing and well-known designs, which were produced by using conventional methods as well as through genetic algorithm. We will show that our approach provides higher quality S-boxes coding as well as circuits.     

针对AES分组密码S盒的差分故障分析

研究了AES分组密码对差分故障攻击的安全性,攻击采用面向字节的随机故障模型,结合差分分析技术,通过在AES第8轮列混淆操作前导入随机单字节故障,一次故障导入可将AES密钥搜索空间由2128降低到232.3,在93.6%的概率下,两次故障导入无需暴力破解可直接恢复128位AES密钥.数学分析和实验结果表明:分组密码差分S盒取值的不完全覆盖性为差分故障分析提供了可能性,而AES密码列混淆操作良好的扩散特性极大的提高了密钥恢复效率,另外,本文提出的故障分析模型可适用于其它使用S盒的分组密码算法.     

对称密码算法S盒安全性分析

S盒是大多数对称密码算法中唯一的非线性结构,其密码学特性直接决定了密码算法的好坏。该文对美国高级加密标准 AES 算法、韩国对称加密标准SEED算法、欧洲对称加密标准 Camellia算法和中国商用密码标准SMS4算法的S盒密码学性质进行了深入的探讨,研究各种算法中S盒的代数性质和布尔函数性质,分析各种算法抵抗差分密码分析和线性密码分析等攻击的能力。通过对比S盒的优缺点,揭示了各种算法的安全性。