Two IFEA-M Modifications to Withstand New Attack Alexander G. Chefranov Computer Engineering Department Eastern Mediterranean University.

Slides:

Advertisements

Similar presentations

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:

Advertisements

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.

“Advanced Encryption Standard” & “Modes of Operation”

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.2 Secret Key Cryptography.

1 Lecture 3: Secret Key Cryptography Outline concepts DES IDEA AES.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

Cryptography and Network Security Chapter 3

Block Ciphers and the Data Encryption Standard

Public Key Encryption Algorithm

Advanced Encryption Standard

1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.

AES clear a replacement for DES was needed

1 Overview of the DES A block cipher: –encrypts blocks of 64 bits using a 64 bit key –outputs 64 bits of ciphertext A product cipher –basic unit is the.

The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 游精允.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.

Chapter 2 Basic Encryption and Decryption (part B)

Lecture 23 Symmetric Encryption

Dr. Lo’ai Tawalbeh 2007 Chapter 5: Advanced Encryption Standard (AES) Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus.

Announcements: Quizzes graded, but not in gradebook. (Current grade gives 0 on the parts you shouldn’t have done .) Quizzes graded, but not in gradebook.

1 NTRU: A Ring-Based Public Key Cryptosystem Jeffrey Hoffstein, Jill Pipher, Joseph H. Silverman LNCS 1423, 1998.

Computer Security CS 426 Lecture 3

Encryption Schemes Second Pass Brice Toth 21 November 2001.

CSE 651: Introduction to Network Security

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

Hybrid Cipher encryption Plain Text Key Cipher Text Key Plain Text IV Hybrid Cipher decryption Hybrid Cipher Note: IV used in encryption is not used in.

AES Proposal: Rijndael Joan Daemen Vincent Rijmen “Rijndael is expected, for all key and block lengths defined, to behave as good as can be expected from.

Lecture 3: Cryptographic Tools modified from slides of Lawrie Brown.

Block Cipher Transmission Modes CSCI 5857: Encoding and Encryption.

Cryptanalysis of Modern Symmetric-Key Block Ciphers [Based on “A Tutorial on Linear and Differential Cryptanalysis” by Howard Heys.] Modern block ciphers.

Modes of Operation. Topics  Overview of Modes of Operation  EBC, CBC, CFB, OFB, CTR  Notes and Remarks on each modes.

9/17/15UB Fall 2015 CSE565: S. Upadhyaya Lec 6.1 CSE565: Computer Security Lecture 6 Advanced Encryption Standard Shambhu Upadhyaya Computer Science &

Advance Encryption Standard. Topics  Origin of AES  Basic AES  Inside Algorithm  Final Notes.

AES Background and Mathematics CSCI 5857: Encoding and Encryption.

Information Security Lab. Dept. of Computer Engineering 122/151 PART I Symmetric Ciphers CHAPTER 5 Advanced Encryption Standard 5.1 Evaluation Criteria.

Chapter 20 Symmetric Encryption and Message Confidentiality.

Public Key Encryption and the RSA Public Key Algorithm CSCI 5857: Encoding and Encryption.

1 Secure Hill Cipher Modification SHC-M A.G.Chefranov Eastern Mediterranean University, North Cyprus, Taganrog Institute of Technology, Federal University.

Lecture 4: Using Block Ciphers

Chapter 20 Symmetric Encryption and Message Confidentiality.

Public-Key Encryption

1 Number Theory and Advanced Cryptography 5. Cryptanalysis of RSA Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.

Cryptography Team Presentation 2

AVALANCHE EFFECT IN THE FAMILY OF BLOCK CIPHERS “SD-(n,k)” University “Ss Cyril and Methodius” – Skopje, RM S. Markovski, PhD A. Mileva, MSc D. Gligoroski,

3DES and Block Cipher Modes of Operation CSE 651: Introduction to Network Security.

Modes of Usage Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) 11 Coming up: Modes of.

Lecture 23 Symmetric Encryption

The RC5 Encryption Algorithm: Two Years On Lisa Yin RC5 Encryption –Ron Rivest, December 1994 –Fast Block Cipher –Software and Hardware Implementations.

Block Ciphers and the Advanced Encryption Standard

Chapter 2 Symmetric Encryption.

Computer Security Lecture 5 Ch.9 Public-Key Cryptography And RSA Prepared by Dr. Lamiaa Elshenawy.

Network Security Celia Li Computer Science and Engineering York University.

Le Trong Ngoc Security Fundamentals (2) Encryption mechanisms 4/2011.

Message Authentication Codes CSCI 5857: Encoding and Encryption.

Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim

1 CPCS425: Information Security (Topic 5) Topic 5  Symmetrical Cryptography  Understand the principles of modern symmetric (conventional) cryptography.

CS480 Cryptography and Information Security

Lecture 3: Symmetric Key Encryption

AES Objectives ❏ To review a short history of AES

Outline Introduction Feistel Structures and Two Basic Attacks

SYMMETRIC ENCRYPTION.

Introduction to Cryptography

Counter Mode, Output Feedback Mode

Privacy Protection for E-Health Systems by

Presentation transcript:

Two IFEA-M Modifications to Withstand New Attack Alexander G. Chefranov Computer Engineering Department Eastern Mediterranean University

Introduction  Fast Encryption Algorithm for Multimedia (FEA-M) uses matrix transforms for encryption/decryption. Proposed by X. Yi, C.H. Tan, C.K. Siew, and M.R. Syed in Its performance is three matrix multiplications and two additions giving 196 microoperations vs 616 for Rijndael (AES).

FEA-M

IFEA-M  FEA-M was successfully attacked because of used in it chaining, and different way of processing the 1 st and next blocks. IFEA-M is free of these:

Differential Known Plaintext Attack on IFEA-M

Conditions for the Attack  Such an attack is possible if the involved (pseudo) random process can be tampered. One of such situations is when the pseudo-random process is uniquely controlled by an external source. An attack on IFEA-M exploits an assumption that some it’s improper implementation can allow an intruder to use the same key in two consecutive sessions (this may happen due to the control of pseudo-random generator, used for generating new keys, by the intruder), and the intruder performs differential chosen plaintext (ciphertext) attack. The latter means that the intruder can generate plaintext (ciphertext) blocks with a known difference and can view respective ciphertext (plaintext) block differences.

IFEA-M Weakness Reason  Such an attack is possible due to i- depending (dynamic) term in IFEA-M used as the rightmost multiplier in the first contributor,. This would not be possible if the dynamic term would be used as a middle term.

IFEA-M Performance  Encryption/decryption requires 4 multiplications and 2 additions, giving 260 microoperations according to the formula (with n=64)

I 2 FEA-M Encryption/Decryption  The improved twice fast encryption algorithm for multimedia I2FEA-M is as follows: where power is used in the first factor to enhance resistance of the algorithm, and in the last factor - to avoid low powers of K for small values of i.

I 2 FEA-M Properties  I2FEA-M resists differential known plaintext and ciphertext attack if matrices K and V do not commute.  Performance of I2FEA-M is defined for encryption by three matrix multiplications and two additions, if one uses incremental calculation of powers, and holds constant matrix products. Decryption in such a case needs four matrix multiplications and two additions. On average, for encryption-decryption, it needs 3.5 matrix multiplications, and two additions. Hence, the number of micro-operations for I 2 FEA-M is 228, and I 2 FEA-M has performance about 10% better than that of IFEA-M.

PIFEA-M Encryption/Decryption  The parameterized improved fast encryption algorithm for multimedia PIFEA-M is as follows:

PIFEA-M Parameters  Session parameters, r, are to be delivered to a receiver by a sender together with and in a way similar to the session key matrices. The parameters are integer numbers which can be represented as the first five rows of an additional parameter matrix, the rest rows of which are zeros.

PIFEA-M Properties  PIFEA-M resists differential known plaintext and ciphertext attack if matrices K and V do not commute.  Performance of PIFEA-M is defined for encryption/decryption by 3 matrix multiplications and 2 additions Hence, the number of micro-operations for PIFEA-M is 196, and PIFEA-M has performance about 25% better than that of IFEA-M, and the same as of FEA-M

Conclusion  Thus far, we proposed and analyzed PIFEA-M and I 2 FEA-M algorithms. They have about 25% and 10% better performance respectively than that of IFEA-M. They are resistant to all attacks to which IFEA-M is resistant (because they do not use chaining, and the first encryption proceeds in the same manner as the other ones). They withstand also differential known plaintext-ciphertext attack on IFEA-M that became possible due to the inside position of the dynamic term. Used in PIFEA-M set of five 64-bit parameters also hardens possible attacks. As far as these parameters are considered as the five first rows of the parameter matrix, and the rest rows are assumed as zeroes, there is a high potential to increase size of the parameters by utilization of these currently not used zero rows.

References  S. Li and K.-T. Lo, “Security problems with improper implementations of improved FEA-M,” Journal of Systems and Software, vol. 80, no. 5, May 2007, pp ; arXiv: cs: cr/ v2 25 Jun 2006  M.J. Mihaljevic, “On vulnerabilities and improvements of fast encryption algorithm for multimedia FEA-M,” IEEE Transactions on Consumer Electronics, vol. 49, no. 4, Nov. 2003, pp  X. Yi, C.H. Tan, C.K. Siew, and M.R. Syed, “Fast encryption for multimedia,” IEEE Transactions on Consumer Electronics, vol. 47, no. 1, Feb. 2001, pp  X. Yi, C.H. Tan, C.K. Siew, and M.R. Syed, “ID-based key agreement for multimedia encryption,” IEEE Transactions on Consumer Electronics, vol. 48, no. 2, May 2002, pp  M.J. Mihaljevic and R. Kohno, “Cryptanalysis of fast encryption algorithm for multimedia FEA-M,” IEEE Communications Letters, vol. 6, no. 9, Sep. 2002, pp  A.M. Youssef and S.E. Tavares, “Comments on the security of fast encryption algorithm for multimedia (FEA-M),” IEEE Transactions on Consumer Electronics, vol. 49, no. 1, Feb. 2003, pp  A.G. Chefranov, “Improved Twice Fast Encryption Algorithm for Multimedia I2FEA-M,” IEEE Transactions on Dependable and Secure Computing (gönderilen).  A.G. Chefranov, “Parameterized Improved Fast Encryption Algorithm for Multimedia PIFEA-M,” IEEE Communications Letters (yayınlanması kabul edilen makale).