1 / 13

Stream Ciphers

Stream Ciphers. CSCI284-162 Spring 2007 GWU. One-time pad is best. But key too long to be practical Can we use a pseudo-random key then, which would be generated from a short truly random string?. Stream Ciphers.

faith-hull
Download Presentation

Stream Ciphers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Stream Ciphers CSCI284-162 Spring 2007 GWU

  2. One-time pad is best • But key too long to be practical • Can we use a pseudo-random key then, which would be generated from a short truly random string? CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  3. Stream Ciphers • Message does not consist of words of symbols, but an (unending) stream of symbols. • A key stream (not a single key) encrypts the stream of symbols y1y2… = ez1(x1)ez2(x2)… Synchronous: when keystream generated by a key, independent of plaintext z1,z2,… = g(K) CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  4. Definition: Synchronous Stream Cipher P: plaintext C: ciphertext K: keyspace (so far exactly that in block ciphers) L: keystream alphabet g: keystream generator z1,z2,… = g(K) where K K, and ziL ezi: P C dzi: C  P dzi(ezi(x)) = x CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  5. Examples from ciphers we have already seen? • Shift? Affine? Substitution? Vigenère? Permutation? CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  6. Periodic Stream Cipher? • Security? • Binary addition as XOR, easy to implement in hardware. • Encryption and decryption are the same operations: addition of the bit CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  7. Example: Linear recurrenceProb 1.18 and 1.19 (text) zi+4 = (zi + zi+1 + zi+2 + zi+3) mod 2 Of degree 4. Why linear? Start with some z1, z2, z3, z4 0 1 0 1 0 0 1 0 1 0 0 1 Period? Security? Try two other initialization vectors Same with zi+4 = (zi + zi+3) mod 2 CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  8. Hardware implementationLinear Feedback Shift Register (LFSR) Key = (c0, c1, …cm-1, z0, z1, …zm-1) zi+m zi …. Delay Delay Delay Cm-1 Cm-2 C1 C0  ….  zi+m = j=0m-1 cizi+j m CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  9. Shrinking Generator Y = f(X, Z) / * X, Y, Z, (pseudo) random-number sequences */ /* X and Z from an LFSR with different keys */ j := 0 For every i If (Xi == 1) /* Clock is ON */ Yj = Zi /* Output other sequence */ j +=1 Endif End i Disadvantage? CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  10. Shrinking Generator: Examples CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  11. Stop-and-go Generator Y = f(X, Z) x_pos = 0; /* mark stop position */ Forall i If(Zi == 1) /* Go. */ x_pos += 1 Endif Yi := Xx_pos /* Hold onto output value */ End i CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  12. Examples CS284-162/Spring07/GWU/Vora/ Stream Ciphers

  13. Is the one-time pad with a pseudo-random key perfectly secret? CS284-162/Spring07/GWU/Vora/ Stream Ciphers

More Related