1 / 22

VL 713 Cryptography: Stream Ciphers

VL 713 Cryptography: Stream Ciphers. NN April 3 2009 Amritapuri. Overview. Stream Ciphers One-Time Pad LFSRs. Stream Ciphers: Characteristics. These encrypt individual characters or symbols of the message Encryption transformation varies with time (have memory)

milesj
Download Presentation

VL 713 Cryptography: Stream Ciphers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VL 713 Cryptography: Stream Ciphers NN April 3 2009 Amritapuri

  2. Overview • Stream Ciphers • One-Time Pad • LFSRs

  3. Stream Ciphers: Characteristics • These encrypt individual characters or symbols of the message • Encryption transformation varies with time (have memory) • Faster than block ciphers in hardware • Less complex hardware circuitry • Appropriate in situations where buffering is limited (eg. Telecommunications applications) • Limited or no error propogation • These can be symmetric key or asymmetric key. We focus only on symmetric key stream ciphers.

  4. Examples • Caeser cipher, Shift ciphers, Mono-alphabetic substitution cipher, Vigenere cipher etc. • One-Time Pad (OTP) this is a special case of Vigenere cipher where the key is perfectly random and the key is as long as the message. The word ‘pad’ is meant to indicate ‘key’. This is a symmetric key cipher.

  5. One-Time Pad (OTP) • Also known as Vernam Cipher (Gilbert Vernam discovered in 1917) • A very important stream cipher (for historical and mathematical reasons) • Perfectly secure (also known as unconditionally secure or Shannon security) • Shannon proved that OTP is the only perfectly secure cryptosystem in 1949. • Moscow and Washington DC used OTP in ? • The one-time pad (key) was transmitted using a trusted courier. • Asymmetric key cryptosystems (PKCS) can never be perfectly secure.

  6. Condition for Perfect Secrecy • Shannon derived Perfect secrecy condition as: H(K)L(K) H(M)L(M) • For OTP, L(K) = L(M) = N bits, and H(K) = N bits. This is the MAXIMUM possible entropy for a data with N bits long. Thus, the perfect secrecy condition is always satisfied, and therefore OTP is perfectly secure.

  7. Attacks on OTP • Ciphertext only attack does not work since the cipher is perfectly secure • Known plaintext-ciphertext pair attack • Chosen plaintext attack • Why should OTP be “perfectly random”? • Why is OTP “one-time”?

  8. Drawbacks of OTP • Key length = Message length This is a pain!!! • OTP should be perfectly random This is a bigger pain!!!!!!!! • Hence go for Stream Ciphers which have short key length and which rely on “pseudo-randomness”. However, we lose perfect secrecy.

  9. Encryption Decryption Key stream Generator (PRNG) Key stream Generator (PRNG) Practical Stream Ciphers • L(K) << L(M), symmetric key is small in length. • Key stream is generated from a key stream generator using key K • Key stream generator is not perfectly random, but ‘pseudo-random’ • PRNG: Pseudo-random number generator • PRNG satisfies statistical tests of randomness.

  10. Stream Ciphers: Classification • Synchronous Stream Ciphers • Asynchronous Stream Ciphers Ref: Chapter 6, pg. 193, Textbook [2]

  11. Synchronous Stream Ciphers

  12. Asynchronous Stream Ciphers Example: Block ciphers in CFB mode – cipher feedback mode

  13. Recall: CFB mode of Block Ciphers Key Stream Generator

  14. Binary Additive Stream Cipher • Is this synchronous or asynchronous? • Is the OTP synchronous or asynchronous? • OTP is a Binary Additive Stream Cipher which is a Synchronous Stream Cipher XOR XOR

  15. Linear Feedback Shift Registers(LFSR)

  16. LFSR • LFSRs are the backbone of key-stream generators for stream ciphers. • The goal of an LFSR is to “mimic” randomness, hence called “pseudo-random” generator (PRG or PRNG or PRBG – pseudo random bit generator) • Pseudo-random: not truly random, but passes many statistical tests of randomness (but definitely fails some tests). • Well suited for hardware implementation, can produce sequences of large periods, can be analyzed by algebraic techniques owing to their simple structure.

  17. Chapter 6, pg. 196, Textbook [2] AND AND AND AND

  18. LFSR: Notations • LFSR: <L, C(D)> • L stages and C(D) is the Connection Polynomial of LFSR • A • Initial state of L registers: • Output of the LFSR is given by:

  19. Example: LFSR

  20. What is the output of LFSR if the initial state is [0 1 1 0] ?

  21. Singular vs. Non-singular LFSR • If the degree of the Connection Polynomial C(D) is equal to L, then the LFSR is called as non-singular. Else, it is called singular. • Which is better? Singular or Non-singular?

  22. Classwork 1. Non-singular LFSR: Draw the LFSR for < 2, 1 + D + D2 > What is the output sequence? What is the period of the output sequence? 2. Singular LFSR: Draw the LFSR for < 4, 1 + D + D2 > What is the output sequence? What is the period of the output sequence?

More Related