Loading in 5 sec....

An Introduction to Stream CiphersPowerPoint Presentation

An Introduction to Stream Ciphers

- 121 Views
- Uploaded on
- Presentation posted in: General

An Introduction to Stream Ciphers

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

An Introduction to Stream Ciphers

Zahra Ahmadian

Electrical Engineering Department

Sahrif University of Technology

ahmadian@ee.sharif.ir

- The development of stream ciphers
- Two types of stream ciphers
- Synchronizing stream ciphers
- Self synchronizing stream ciphers

- Cryptanalyses of stream ciphers
- eStream project
- Conclusion

Keyed Hash Functions

- Vernam one time pad cipher: a sequence of independent and uniformly distributed bits.
- its perfect security is proven by Shannon; I(M,C)=0.
- No deterministic algorithm can produce truly independent outputs.
- The keystream should be at least as long as the plaintext and each key should be used only once so the exchanging of the private key becomes difficult.

- Tries to be a generalization of Vernam cipher.
- Turning a blind eye, Stream ciphers can be considered as Pseudo Random Generators (PRG).
- Generation of a periodic key stream with
- maximal period,
- Maximal linear complexity,
- Easy to implement,
- Fast algorithm,
- Easily controlled by the key.

- Stream ciphers are typically
- Faster
- Suitable for real time scenarios
- multi-Gigabit-per-second communications e.g. routers

- More efficient compact implementation
- Suitable for constrained devices

- zero error propagation
- Suitable for radio communications

- A5 family in GSM mobile network
- SNOW 3G in UMTS mobile network
- E0 in Bluetooth
- RC4 inWired Equivalent Privacy (WEP)
- …

- The standard assumption: KNOWN PLAINTEXT ATTACK
- This implies knowledge of the keystream

- Key Recovery attacks
- Recover the secret key k.

- Distinguishing Attacks
- Build a distinguisher that can distinguish the running key from a random sequence

- Other attacks:
- Prediction of the next symbol
- Recovering the initial state
- …

- Universal distinguishers
- Apply known statistical tests

- Time-memory tradeoff attacks
- Decrease computational complexity by using memory

- Guess-and-determine
- Guess unknown things on demand

- Correlation attacks
- Dependence between output and internal unknown variables

- Linear attacks
- Apply linear approximations

- Algebraic attacks
- View your problem as the solution to a system of nonlinear equations

eStream Project

- Held by ECRYPT a consortium of European research organizations.
- A multi-year effort running from 2004 to 2008
- A Call for Stream Cipher Primitives to identify new stream ciphers suitable for widespread adoption.

- The submissions fall into either or both of two profiles:
- Profile 1: Stream ciphers for software applications with high throughput requirements
- Profile 2: Stream ciphers for hardware applications with restricted resources such as limited storage, gate count, or power consumption.

- Phase 1. a general analysis of all submissions based on their security, performance, simplicity, flexibility, justification, clarity and completeness of the documentation.
- Phase 2. For each of the profiles, a number of algorithms have been selected to be focus Phase 2 algorithm.

- Phase 3. for each of the profiles, eight candidate have been introduced to be analyzed with more scrutiny,
- It ended April 15, 2008 with the announcement of the candidates that had been selected for the final eSTREAMportfolio.

- Due to the advantages of stream ciphers, they are widely used in many applications (e.g. wireless)
- Before eStream project, there was a little work on stream ciphers.
- eStream introduced new block cipher designs and also results in a extensive development in cryptanalysis method for stream ciphers.
- A serious competitor for stream ciphers are block ciphers in counter or OFB modes of operation.