analysis and design of stream ciphers - mics. · pdf file1 analysis and design of stream...
Post on 19-Mar-2018
220 Views
Preview:
TRANSCRIPT
1
Analysis and Design of Stream Ciphers
Simon Fischer and Willi Meier
MICS Workshop, July 3 2007
2
Stream Ciphers
Use cipher to secure communication over insecure channel. Stream ciphers are very simple and fast.
• Profile 1: Optimised for software applications with high throughput requirements.
• Profile 2: Optimised for hardware applications with restricted resources.
3
Applications
Stream ciphers of profile 2 can be used in mobile devices such as:
• Cell phones
• Sensor networks
• RFID‘s
Well-known examples are the stream ciphers of GSM and Bluetooth, but both of them are insecure…
4
eSTREAM
European project eSTREAM was initiated in 2004.
Algorithm designers were invited to submit new stream cipher proposals.
Winners will be elected in 2008.
►34 submissions►Strong competition
5
Our contributions
(1) Submitted own design (jointly with University Lund): "Grain".
(2) We have analysed the security of some other submissions:
• Complete break of a weak submission
• Confirmed the security of one promising submission
• Improved a previous attack
• Observed partial weakness
6
The submission "Grain"
It can be implemented with very low hardware, it is efficient, and supposed to be secure.
One of the top candidates for eSTREAM profile 2.
Grain consists of• 80 bit linear shift register• 80 bit nonlinear shift register• Nonlinear filter function
7
One example of analysis
Well-known attacks on stream ciphers: algebraic attacks.Find and solve equations of low degree.
Inspired by algebraic attacks, we developed a new tool to assess the security of stream ciphers.
►Confirmed security of one eSTREAM submission.
Apply the new tool also to other stream ciphers. Recently, we could attack the "Alternating Step Generator"…
8
Attack on the Alternating Step Generator
The stream cipher ASG is very simple and elegant.It was developed 20 years ago in Switzerland.It consits of three linear shift registers, which are irregularly clocked.
Our attack improves the previous attacks by a factor of more than 7000!
9
Conclusions
►Security is necessary in mobile environments.
►Stream ciphers can be suitable for this need.
►The security of stream ciphers must be evaluated carefully.
►We participate in the analysis and design of modern stream ciphers.
Thank you for your attention!
top related