Random Bit Generation and Stream Ciphers

Similar documents
Pseudorandom Number Generation and Stream Ciphers

Two Factor Full Factorial Design with Replications

DUBLIN CITY UNIVERSITY

II. RC4 Cryptography is the art of communication protection. This art is scrambling a message so it cannot be clear; it

Linear Congruences. The solutions to a linear congruence ax b (mod m) are all integers x that satisfy the congruence.

Implementation / Programming: Random Number Generation

A4M33PAL, ZS , FEL ČVUT

o Broken by using frequency analysis o XOR is a polyalphabetic cipher in binary

Analyzing the Efficiency and Security of Permuted Congruential Number Generators

Block Ciphers Security of block ciphers. Symmetric Ciphers

4. Design Principles of Block Ciphers and Differential Attacks

Image Encryption using Pseudo Random Number Generators

Introduction to Cryptography CS 355

Cryptography CS 555. Topic 20: Other Public Key Encryption Schemes. CS555 Topic 20 1

Network Security: Secret Key Cryptography

A Block Cipher Based Pseudo Random Number Generator Secure against Side-Channel Key Recovery

AES Encryption and Decryption in Microsoft.NET

Introduction to Wireless Coding and Modulation

Number Theory and Public Key Cryptography Kathryn Sommers

Introduction to Wireless Coding and Modulation

DUBLIN CITY UNIVERSITY

Stream Ciphers And Pseudorandomness Revisited. Table of contents

Diffie-Hellman key-exchange protocol

CPSC 467: Cryptography and Computer Security

Random. Bart Massey Portland State University Open Source Bridge Conf. June 2014

Proceedings of Meetings on Acoustics

Cryptography. Module in Autumn Term 2016 University of Birmingham. Lecturers: Mark D. Ryan and David Galindo

Generation of AES Key Dependent S-Boxes using RC4 Algorithm

TMA4155 Cryptography, Intro

Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014

Public Key Cryptography

B. Substitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.

Lecture 32. Handout or Document Camera or Class Exercise. Which of the following is equal to [53] [5] 1 in Z 7? (Do not use a calculator.

Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography

Introduction to Cryptography

Mathematics Explorers Club Fall 2012 Number Theory and Cryptography

Fermat s little theorem. RSA.

The number theory behind cryptography

SHA-3 and permutation-based cryptography

Introduction to Wireless Signal Propagation

CESEL: Flexible Crypto Acceleration. Kevin Kiningham Dan Boneh, Mark Horowitz, Philip Levis

Analysis of a Modified RC4 Algorithm

CDMA Physical Layer Built-in Security Enhancement

Implementation and Performance Testing of the SQUASH RFID Authentication Protocol

Quality of Encryption Measurement of Bitmap Images with RC6, MRC6, and Rijndael Block Cipher Algorithms

EE 418: Network Security and Cryptography

Spread Spectrum. Chapter 18. FHSS Frequency Hopping Spread Spectrum DSSS Direct Sequence Spread Spectrum DSSS using CDMA Code Division Multiple Access

Solution: Alice tosses a coin and conveys the result to Bob. Problem: Alice can choose any result.

An Efficient Quasigroup Block Cipher

Merkle s Puzzles. c Eli Biham - May 3, Merkle s Puzzles (8)

A Novel Color Image Cryptosystem Using Chaotic Cat and Chebyshev Map

Lab 6 Using PicoBlaze. Speed Punching Game

Course Business. Harry. Hagrid. Homework 2 Due Now. Midterm is on March 1. Final Exam is Monday, May 1 (7 PM) Location: Right here

MA/CSSE 473 Day 9. The algorithm (modified) N 1

CHAPTER 2. Instructor: Mr. Abhijit Parmar Course: Mobile Computing and Wireless Communication ( )

Overview. The Big Picture... CSC 580 Cryptography and Computer Security. January 25, Math Basics for Cryptography

Conditional Cube Attack on Reduced-Round Keccak Sponge Function

Comments on An Image Encryption Scheme Based on Rotation Matrix Bit-Level Permutation and Block Diffusion

Distribution of Primes

Related Ideas: DHM Key Mechanics

Xor. Isomorphisms. CS70: Lecture 9. Outline. Is public key crypto possible? Cryptography... Public key crypography.

Automated Analysis and Synthesis of Block-Cipher Modes of Operation

Wireless Physical Layer Concepts: Part II

Why (Special Agent) Johnny (Still) Can t Encrypt: A Security Analysis of the APCO Project 25 Two-Way Radio System

Image Encryption Based on New One-Dimensional Chaotic Map

Application: Public Key Cryptography. Public Key Cryptography

OFDM Based Low Power Secured Communication using AES with Vedic Mathematics Technique for Military Applications

CRYPTANALYSIS OF THE PERMUTATION CIPHER OVER COMPOSITION MAPPINGS OF BLOCK CIPHER

COS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017

Example Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext

Introduction to Cryptography

Public-key Cryptography: Theory and Practice

Classical Cryptography

Example Enemy agents are trying to invent a new type of cipher. They decide on the following encryption scheme: Plaintext converts to Ciphertext

Time-Memory Trade-Offs for Side-Channel Resistant Implementations of Block Ciphers. Praveen Vadnala

IND-CCA Secure Hybrid Encryption from QC-MDPC Niederreiter

Running head: SIMPLE SECRECY. Simple Secrecy: Analog Stream Cipher for Secure Voice Communication. John Campbell

V.Sorge/E.Ritter, Handout 2

LOSSLESS CRYPTO-DATA HIDING IN MEDICAL IMAGES WITHOUT INCREASING THE ORIGINAL IMAGE SIZE THE METHOD

Chapter 3 LEAST SIGNIFICANT BIT STEGANOGRAPHY TECHNIQUE FOR HIDING COMPRESSED ENCRYPTED DATA USING VARIOUS FILE FORMATS

MAT199: Math Alive Cryptography Part 2

A Fast Image Encryption Scheme based on Chaotic Standard Map

CS70: Lecture 8. Outline.

Threshold Implementations. Svetla Nikova

Symmetric-key encryption scheme based on the strong generating sets of permutation groups

Digital Data Communication Techniques

A Secure Image Encryption Algorithm Based on Hill Cipher System

The Chinese Remainder Theorem

EE 418 Network Security and Cryptography Lecture #3

Number Theory and Security in the Digital Age

BIT PERMUTATION INSTRUCTIONS: ARCHITECTURE, IMPLEMENTATION, AND CRYPTOGRAPHIC PROPERTIES

Dr. V.U.K.Sastry Professor (CSE Dept), Dean (R&D) SreeNidhi Institute of Science & Technology, SNIST Hyderabad, India. P = [ p

Chapter 4 MASK Encryption: Results with Image Analysis

Chapter 4 The Data Encryption Standard

Purple. Used by Japanese government. Not used for tactical military info. Used to send infamous 14-part message

NEW METHOD FOR USING CHAOTIC MAPS TO IMAGE ENCRYPTION

H.A.F Technique for Documents and Archaeologist Images Encryption

p 1 MAX(a,b) + MIN(a,b) = a+b n m means that m is a an integer multiple of n. Greatest Common Divisor: We say that n divides m.

CMath 55 PROFESSOR KENNETH A. RIBET. Final Examination May 11, :30AM 2:30PM, 100 Lewis Hall

Journal of Discrete Mathematical Sciences & Cryptography Vol. ( ), No., pp. 1 10

Transcription:

Random Bit Generation and Stream Ciphers Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 8-1 Overview 1. Principles of Pseudorandom Number Generation 2. Pseudorandom number generators 3. Pseudorandom number generation using a block cipher 4. Stream Cipher 5. RC4 These slides are based on Lawrie Brown s slides supplied with William Stalling s book Cryptography and Network Security: Principles and Practice, 7 th Ed, 2017. 8-2 Pseudo Random Numbers Many uses of random numbers in cryptography Nonces in authentication protocols to prevent replay Keystream for a one-time pad These values should be Statistically random, uniform distribution, independent Unpredictability of future values from previous values True random numbers provide this Psuedo Deterministic, reproducible, generated by a formula 8-3 For example, Starting with x 0 =5: A Sample Generator The first 32 numbers obtained by the above procedure 10, 3, 0, 1, 6, 15, 12, 13, 2, 11, 8, 9, 14, 7, 4, 5 10, 3, 0, 1, 6, 15, 12, 13, 2, 11, 8, 9, 14, 7, 4, 5. By dividing x's by 16: 0.6250, 0.1875, 0.0000, 0.0625, 0.3750, 0.9375, 0.7500, 0.8125, 0.1250, 0.6875, 0.5000, 0.5625, 0.8750, 0.4375, 0.2500, 0.3125, 0.6250, 0.1875, 0.0000, 0.0625, 0.3750, 0.9375, 0.7500, 0.8125, 0.1250, 0.6875, 0.5000, 0.5625, 0.8750, 0.4375, 0.2500, 0.3125. 8-4

Seed = x 0 Terminology Pseudo-Random: Deterministic yet would pass randomness tests Fully Random: Not repeatable Cycle length, Tail, Period Linear-Congruential Generators Discovered by D. H. Lehmer in 1951 The residues of successive powers of a number have good randomness properties. Equivalently, a = multiplier m = modulus 8-5 8-6 Linear-Congruential Generators (Cont) Lehmer's choices: a = 23 and m = 10 8 +1 Good for ENIAC, an 8-digit decimal machine. Generalization: Can be analyzed easily using the theory of congruences Mixed Linear-Congruential Generators or Linear-Congruential Generators (LCG) Mixed = both multiplication by a and addition of b Blum Blum Shub Generator Use least significant bit from iterative equation: x i = x i-1 2 mod n where n = p.q, and primes p, q p mod 4=3, q mod 4=3 E.g., p=7, q=11 Unpredictable, passes next-bit test Cannot predict (k+1)st bit given k bits with probability greater than ½. Security rests on difficulty of factoring n Is unpredictable given any run of bits Slow, since very large numbers must be used Too slow for cipher use, good for key generation 8-7 8-8

Random & Pseudorandom Number Generators Using Block Ciphers as PRNGs Can use a block cipher to generate random numbers for cryptographic applications, For creating session keys from master key CTR (Counter Mode) X i = E K [V i ] OFB (Output Feedback) X i = E K [X i-1 ] Continuous Stream (stream cipher) 8-9 Fixed Length # (Keys, Nonces) 8-10 Date/Time Seed ANSI X9.17 PRG Keys Random Stream EDE= Triple DES =Encrypt using k 1 +Decrypt using k 2 +Encrypt using k 1 8-11 Next Seed Natural Random Noise Best source is natural randomness in real world Find a regular but random event and monitor Do generally need special h/w to do this E.g., radiation counters, radio noise, audio noise, thermal noise in diodes, leaky capacitors, mercury discharge tubes etc Starting to see such h/w in new CPU's Problems of bias or uneven distribution in signal Have to compensate for this when sample, often by passing bits through a hash function Best to only use a few noisiest bits from each sample RFC4086 recommends using multiple sources + hash 8-12

Stream Ciphers Process message bit by bit (as a stream) A pseudo random keystream XOR ed with plaintext bit by bit C i = M i XOR StreamKey i But must never reuse stream key otherwise messages can be recovered RC4 A proprietary cipher owned by RSA Another Ron Rivest design, simple but effective Variable key size, byte-oriented stream cipher Widely used (web SSL/TLS, wireless WEP/WPA) Key forms random permutation of all 8-bit values Uses that permutation to scramble input info processed a byte at a time 8-13 8-14 RC4 Initialization RC4 Initial Permutation Start with an array S of numbers: 0..255 S forms internal state of the cipher for i = 0 to 255 do S[i] = i T[i] = K[i mod keylen] Use key to well and truly shuffle j = 0 for i = 0 to 255 do j = (j + S[i] + T[i]) (mod 256) swap (S[i], S[j]) S 0 1 2 254 255 T k 0 k 1 k 2 k 254 k 255 If key is shorter than 256 bytes, it is simply repeated to make 256 bytes. 8-15 8-16

RC4 Encryption Encryption continues shuffling array values Sum of shuffled pair selects "stream key" value from permutation i = j = 0 i = (i + 1) (mod 256) j = (j + S[i]) (mod 256) swap(s[i], S[j]) t = (S[i] + S[j]) (mod 256) Key=S[t] C i = M i XOR S[t] Summary 1. Pseudorandom number generators use a seed and a formula to generate the next number 2. Stream ciphers xor a random stream with the plain text. 3. RC4 is a stream cipher 8-17 8-18 Homework 8 Acronyms a. Find the period of the following generator using seed x 0 =1: b. Now repeat part a with seed x 0 =2 c. What RC4 key value will leave S unchanged during initialization? That is, after the initial permutation of S, the entries of S will be equal to the values from 0 through 255 in ascending order. AES Advanced Encryption Standard ANSI American National Standards Institute BBS Blum, Blum, Shub CPU Central Processing Unit CSPRBG Cryptographically Secure CTR Counter DES Data Encryption Standard EDE Encrypt-Decrypt-Encrypt ENIAC An 8-digit decimal machine. ID Identifier LAN Local Area Networks LCG Linear-Congruential Generator MD5 Message Digest 5 OFB Output Feedback OFV Output Feedback Value PRBG Pseudorandom bit generator 8-19 8-20

Acronyms (Cont) PRF Pseudorandom function PRG Pseudorandom Generator RC4 Ron's Code 4 RF Request for Comment RSA Rivest, Samir, and Adleman SHA Secure Hash Algorithm SP Standard Protocol SSL Secure Socket Layer TLS Transport Layer Security TRNG True random number generator WEP Wired equivalent privacy WPA Wi-Fi Protected Access XOR Exclusive-Or Scan This to Download These Slides Raj Jain http://rajjain.com 8-21 8-22 Related Modules CSE571S: Network Security (Spring 2017), index.html CSE473S: Introduction to Computer Networks (Fall 2016), http://www.cse.wustl.edu/~jain/cse473-16/index.html Wireless and Mobile Networking (Spring 2016), http://www.cse.wustl.edu/~jain/cse574-16/index.html CSE571S: Network Security (Fall 2014), http://www.cse.wustl.edu/~jain/cse571-14/index.html Audio/Video Recordings and Podcasts of Professor Raj Jain's Lectures, https://www.youtube.com/channel/ucn4-5wznp9-ruozqms-8nuw 8-23

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback