Parent–Daughter Confusion Component: A New Approach for the Construction of Nonlinear Confusion Component

The nonlinear confusion component is one of an integral part of any modern block cipher. This nonlinear confusion component is used to hides the relationship between the ciphertext and the key. The primary objective of this article is to formulate a new mechanism for the construction this confusion component. Usually substitution box (S-box) is used to achieve this kind of characteristics in block ciphers. We have utilized deoxyribonucleic acid (DNA) sequences for the construction of new S-boxes with optimized cryptographic characteristics. The projected technique fundamentally optimized the DNA sequences along with traditional confusion component to generate a completely new S-box. The obtained S-boxes have the same cryptographic strength as a parent S-box have.

     

轻量级分组密码PUFFIN的差分故障攻击

基于代换–置换网络结构的轻量级分组密码算法PUFFIN在资源受限的硬件环境中使用较广泛,差分故障攻击是针对硬件密码算法较为有效的攻击手段。该文针对PUFFIN算法,改进多比特故障模型,通过构建输出差分和可能输入值之间的关系,注入5次故障即可确定单个S盒唯一输入值;在最后一轮加密过程中注入10次故障,成功恢复轮密钥的概率为78.64%,进而可恢复初始密钥。     

A new S-box construction method based on the fractional-order chaotic Chen system

Since substitution box (S-box) is the only nonlinear component related to confusion properties for many block encryption algorithms, it is a necessity for the strong block encryption algorithms. S-box is a vital component in cryptography due to having the effect on the security of entire system. Therefore, alternative S-box construction techniques have been proposed in many researches. In this study, a new S-box construction method based on fractional-order (FO) chaotic Chen system is presented. In order to achieve that goal, numerical results of the FO chaotic Chen system for \(a= 35, b=3, c=28\) and \(\alpha =0.9\) are obtained by employing the predictor–corrector scheme. Besides, a simpler algorithm is suggested for the construction of S-box via time response of the FO chaotic Chen system. The performance of suggested S-box design is compared with other S-box designs developed by chaotic systems, and it is observed that this method provides a stronger S-box design.     

Impossible differential distinguisher analysis of GRANULE and MANTRA algorithm

The lightweight block cipher algorithms called GRANULE and MANTRA have a simple structure,fast encryption speed,and they can be easy implemented in software and hardware.Two algorithms are especially suitable for resource-constrained environments.To analyze the security of two algorithms,an automatic search method of impossible differential distinguishers was proposed.Based on the structural characteristics of the GRANALE and MANTRA,the S-box differential characteristics were obtained by analyzing the S-box differential distribution table,and then the idea of intermediate encounter was used to traverse from the difference path obtained from the encryption/decryption direction seperately to select the optimal differential path with probability 0.The analysis results show that there are 144 different 7-round impossible differential distinguishers in the GRANULE,and 52 different 9-round impossible differential distinguishers in the MANTRA.Compared with the existing results,the rounds of the proposed distinguisher is currently the highest.     

An enhanced chaotic key‐based RC5 block cipher adapted to image encryption

RC5 is a block cipher that has several salient features such as adaptability to process different word lengths with a variable block size, a variable number of rounds and a variable‐length secret key. However, RC5 can be broken with various attacks such as correlation attack, timing attack, known plaintext correlation attack and differential attacks, revealing weak security. We aimed to enhance the RC5 block cipher to be more secure and efficient for real‐time applications while preserving its advantages. For this purpose, this article introduces a new approach based on strengthening both the confusion and diffusion operations by combining chaos and cryptographic primitive operations to produce round keys with better pseudo‐random sequences. Comparative security analysis and performance evaluation of the enhanced RC5 block cipher (ERC5) with RC5, RC6 and chaotic block cipher algorithm (CBCA) are addressed. Several test images are used for inspecting the validity of the encryption and decryption algorithms. The experimental results show the superiority of the suggested enhanced RC5 (ERC5) block cipher to image encryption algorithms such as RC5, RC6 and CBCA from the security analysis and performance evaluation points of view.     

Cryptanalysis of nonlinear confusion component based encryption algorithm

Recently many substitution box based encryption algorithms ensuring privacy have been proposed. Many, chaotic map based S-boxes have been generated posing high nonlinearity and strong cryptographic properties. Encryption schemes depending on the substitution box (S-box) only are weak and easily breakable with the help of chosen plaintext and ciphertext attacks. In this work, we have completely cryptanalyzed S-box based encryption scheme successfully by two types of attacks. Cryptanalysis in both types of attacks is performed by only one selected image. Moreover, we have suggested some improvements in the algorithm to defeat attacks.     

Lightweight Cryptography: A Solution to Secure IoT

In Internet of Things (IoT), the massive connectivity of devices and enormous data on the air have made information susceptible to different type of attacks. Cryptographic algorithms are used to provide confidentiality and maintain the integrity of the information. But small size, limited computational capability, limited memory, and power resources of the devices make it difficult to use the resource intensive traditional cryptographic algorithms for information security. In this scenario it becomes impertinent to develop lightweight security schemes for IoT. A thorough study on the lightweight cryptography as a solution to the security problem of resource-constrained devices in IoT has been presented in this work. This paper is a comprehensive attempt to provide an in-depth and state of the art survey of available lightweight cryptographic primitives till 2019. In this paper 21 lightweight block ciphers, 19 lightweight stream ciphers, 9 lightweight hash functions and 5 variants of elliptic curve cryptography (ECC) has been discussed i.e. in total 54 LWC primitives are compared in their respective classes. The comparison of the ciphers has been carried out in terms of chip area, energy and power, hardware and software efficiency, throughput, latency and figure of merit (FoM). Based on the findings it can be observed that AES and ECC are the most suitable for used lightweight cryptographic primitives. Several open research problems in the field of lightweight cryptography have also been identified.

     

基于动态策略的S盒设计研究

分组密码作为信息安全应用的主流加密方法,在无线传感器网络中也得到了广泛应用。而S盒作为分组密码算法的核心模块之一,其设计好坏直接影响着整个密码算法。为了在有限的资源下,提高分组密码算法的安全强度,对分组密码算法以及S盒构造设计进行了深入的分析研究,结合Feistel架构和S盒重构的思想,提出了动态S盒的设计方案,并对其进行了相关分析验证。结果表明,经过该设计,安全性能确实有所提高。     

双混沌自同步流密码算法的设计与应用

视频在网络传输过程中需要利用密码进行加密以获得数据的保密性。针对视频存在数据量大和实时性强的特点,提出了一种双混沌自同步流密码算法,以提升加密视频的安全性能和加密效率。密码算法由两个离散时间混沌系统构成：首先,采用混沌反控制方法设计两个三维离散时间混沌系统;然后,将第一个混沌系统的状态变量作为第二个混沌系统的反控制器;最后,将第二个混沌系统迭代产生的状态变量与明文信息进行加密操作。该算法能够有效抵御选择密文攻击与分别征服攻击,具备良好的安全性能。实验测试表明,算法能够达到每秒25帧以上的实时性能,具有良好的加密效率。     

Differential fault attack on FeW

In order to evaluate the security of the lightweight block cipher FeW,a differential fault attack method was proposed and discussed using a single byte random fault model.In this method,a single byte random fault was introduced on the right side of the last round of FeW to recover the key based on the statistical characteristics of S-box difference distribution,and the difference information was obtained using the characteristics of the linear diffusion function.The experiment results show that the complete key recovery can be achieved with an average of 47.73 and 79.55 fault injections for FeW-64-80 and FeW-64-128 respectively.If 2¹⁰exhaustive calculations are added to the key recovery process,the number of average fault injections required can be reduced to 24.90 and 41.50.This attack is effective on FeW.     

An Intelligent Session Key-Based Hybrid Lightweight Image Encryption Algorithm Using Logistic-Tent Map and Crossover Operator for Internet of Multimedia Things

Due to the increasing demand for IoMT applications in numerous fields such as healthcare, smart city, smart grids, industrial internet, etc. The privacy and security become a major issue in front of various researchers working in this field. This work proposed a lightweight image encryption algorithm based on a logistic-tent map and crossover operator of a genetic algorithm. Various 1-D chaotic maps are discussed in the literature review, but in some cases, hybrid 1-D chaotic maps have higher performance than simple 1-D chaotic maps. So 1-D chaotic map along with a crossover operator is used in this work. Here logistic-tent map and crossover are used to generate the random session key for each image encryption. Also, a crossover operator is used in encryption rounds for increasing confusion and diffusion. Here in this work, for each image encryption, a new intelligent session key is generated. The strength of the proposed image cryptographic scheme is assessed against resistance to the differential attack (UACI and NPCR), statistical attack (histogram analysis, correlation coefficient and information entropy) and sensitivity to the secret key. The extensive experiments of performance and security assessment show that the proposed cryptographic image scheme is secure enough to withstand all potential cryptanalytic attacks.

     

带陷门分组密码算法的设计与分析

带陷门的密码算法包含了陷门信息,知道陷门信息可以较容易地获得密码算法的密钥进而解密密文得到明文,对于不知道陷门信息的攻击者则无法有效获得密钥,并且要找到陷门信息在计算上也是很困难的。基于对称密码算法中带陷门信息的混淆部件设计了一种带陷门的分组密码算法,并对该算法进行了安全性分析,证明了在假设陷门信息保密(不公开)的情况下该类算法能够抵抗线性密码分析等攻击方法。基于这样的分组密码算法,讨论了构造公钥加密算法的思路。     

基于S盒优化的轻量级加密算法设计

分组密码一直是解决信息系统安全问题的常用加密方法。分组密码的典型代表数据加密标准DES（Data Encryption Standard）被广泛应用于软件加密和硬件加密,其中所体现的设计思想和设计原则依然值得研究和借鉴。S盒作为DES算法的一个关键环节,它的设计好坏直接影响DES的加密性能。通过对分组密码安全性设计的分析,立足于DES算法框架,提出了一种轻量级安全加密算法LEA（Light weight Encryption Algorithm）,通过增加位选逻辑陷阱来对S盒中的元素进行选取和重新优化设计,最后从S盒统计特性角度对其安全性进行分析。该算法能有效解决低成本系统的安全问题。     

Highly dispersive substitution box (S‐box) design using chaos

Highly dispersive S‐boxes are desirable in cryptosystems as nonlinear confusion sub‐layers for resisting modern attacks. For a near optimal cryptosystem resistant to modern cryptanalysis, a highly nonlinear and low differential probability (DP) value is required. We propose a method based on a piecewise linear chaotic map (PWLCM) with optimization conditions. Thus, the linear propagation of information in a cryptosystem appearing as a high DP during differential cryptanalysis of an S‐box is minimized. While mapping from the chaotic trajectory to integer domain, a randomness test is performed that justifies the nonlinear behavior of the highly dispersive and nonlinear chaotic S‐box. The proposed scheme is vetted using well‐established cryptographic performance criteria. The proposed S‐box meets the cryptographic performance criteria and further minimizes the differential propagation justified by the low DP value. The suitability of the proposed S‐box is also tested using an image encryption algorithm. Results show that the proposed S‐box as a confusion component entails a high level of security and improves resistance against all known attacks.     

基于可变S盒的分组密码算法及其在媒体网关中的应用

分组密码算法是信息安全领域中最为重要的加解密技术之一。与传统的分组密码不同，该算法具有可变的S盒和变化的循环加密结构，从而大大提高了抗差分攻击和线性攻击的能力。结合某媒体网关的设计项目，研究了该算法并详细探导了其设计方法。员后，测试了算法的实际性能。     

国内外分组密码理论与技术的研究现状及发展趋势

密码技术，特别是加密技术，是信息安全技术的核心。AES征集和NESSIE计划的相继启动，使得国际上又掀起了一次研究分组密码的新高潮，故概括介绍了国内外分组密码研究的现状，并对其发展趋势进行了分析。同时详细地探讨了与分组密码的主要理论与技术，最后介绍了Rijndael(AES的最终算法）与IDEA（NESSIE分组密码候选算法之一）的两个算法。     

FPGA Implementation and Energy Cost Analysis of Two Light-Weight Involutional Block Ciphers Targeted to Wireless Sensor Networks

In this paper, we investigate the energy cost of the FPGA implementation of two cryptographic algorithms targeted to wireless sensor networks (WSNs). Recent trends have seen the emergence of WSNs using sensor nodes based on reconfigurable hardware, such as a field-programmable gate arrays (FPGAs), thereby providing flexible functionality with higher performance than classical microcontroller based sensor nodes. In our study, we investigate the hardware implementation of involutional block ciphers since the characteristics of involution enables performing encryption and decryption using the same circuit. This characteristic is particularly appropriate for a wireless sensor node which requires the function of both encryption and decryption. Further, in order to consider the suitability of a cipher for application to a wireless sensor node, which is an energy constrained device, it is most critical to consider the cost of encryption in terms of energy consumption. Hence, we choose two involutional block ciphers, KHAZAD and BSPN, and analyze their energy efficiency for FPGA implementation.     

一种密码专用可编程逻辑阵列的分组密码能效模型及其映射算法

密码专用可编程逻辑阵列(CSPLA)是一种数据流驱动的密码处理结构，该文针对不同规模的阵列结构和密码算法映射实现能效关系的问题，首先以CSPLA的特定硬件结构为基础，以分组密码的高能效实现为切入点，建立基于该结构的分组密码算法映射能效模型并分析影响能效的相关因素，然后进一步根据阵列结构上算法映射的基本过程提出映射算法，最后选取几种典型的分组密码算法分别在不同规模的阵列进行映射实验。结果表明越大的规模并不一定能够带来越高的能效，为取得映射的最佳能效，阵列的规模参数应当与具体的硬件资源限制和密码算法运算需求相匹配，CSPLA规模为4×4～4×6时映射取得最优能效，AES算法最优能效为33.68 Mbps/mW，对比其它密码处理结构，CSPLA具有较优的能效特性。     

On Random Pattern Testability of Cryptographic VLSI Cores

In this paper we show, that the statistical properties of cryptographic algorithms are the reason for the excellent pseudorandom testability of cryptographic processor cores. The work is especially concerned with modern symmetric block encryption algorithms and their VLSI implementations. For the examination typical basic operations of these cryptographic algorithms are categorized in classes and analyzed regarding their pseudorandom properties. Based on the results the pseudorandom properties of symmetric block ciphers can be determined by means of data flow graphs (DFG) and so-called predecessor operation lists. This is demonstrated with a paradigm algorithm, the symmetric block cipher 3WAY. The results of the theoretical analysis lead to a so-called global BIST concept for cryptographic processor cores. This self-test approach is characterized by central pseudorandom pattern generators and signature registers at the primary inputs and outputs of the cores. The global BIST is exemplarily applied to an implementation of the 3WAY algorithm. Finally, the quality of the developed test approach is determined by fault simulations.     

Quark: A Lightweight Hash

The need for lightweight (that is, compact, low-power, low-energy) cryptographic hash functions has been repeatedly expressed by professionals, notably to implement cryptographic protocols in RFID technology. At the time of writing, however, no algorithm exists that provides satisfactory security and performance. The ongoing SHA-3 Competition will not help, as it concerns general-purpose designs and focuses on software performance. This paper thus proposes a novel design philosophy for lightweight hash functions, based on the sponge construction in order to minimize memory requirements. Inspired by the stream cipher Grain and by the block cipher KATAN (amongst the lightest secure ciphers), we present the hash function family Quark, composed of three instances: u-Quark, d-Quark, and s-Quark. As a sponge construction, Quark can be used for message authentication, stream encryption, or authenticated encryption. Our hardware evaluation shows that Quark compares well to previous tentative lightweight hash functions. For example, our lightest instance u-Quark conjecturally provides at least 64-bit security against all attacks (collisions, multicollisions, distinguishers, etc.), fits in 1379 gate-equivalents, and consumes on average 2.44 μW at 100 kHz in 0.18 μm ASIC. For 112-bit security, we propose s-Quark, which can be implemented with 2296 gate-equivalents with a power consumption of 4.35 μW.