Login | Register

Cryptanalysis of symmetric key primitives


Cryptanalysis of symmetric key primitives

Kircanski, Aleksandar (2009) Cryptanalysis of symmetric key primitives. Masters thesis, Concordia University.

[thumbnail of MR63043.pdf]
Text (application/pdf)
MR63043.pdf - Accepted Version


Block ciphers and stream ciphers are essential building blocks that are used to construct computing systems which have to satisfy several security objectives. Since the security of these systems depends on the security of its parts, the analysis of these symmetric key primitives has been a goal of critical importance. In this thesis we provide cryptanalytic results for some recently proposed block and stream ciphers. First, we consider two light-weight block ciphers, TREYFER and PIFEA-M. While TREYFER was designed to be very compact in order to fit into constrained environments such as smart cards and RFIDs, PIFEA-M was designed to be very fast in order to be used for the encryption of multimedia data. We provide a related-key attack on TREYFER which recovers the secret key given around 2 11 encryptions and negligible computational effort. As for PIFEA-M, we provide evidence that it does not fulfill its design goal, which was to defend from certain implementation dependant differential attacks possible on previous versions of the cipher. Next. we consider the NGG stream cipher, whose design is based on RC4 and aims to increase throughput by operating with 32-bit or 64-bit values instead of with 8-bit values. We provide a distinguishing attack on NGG which requires just one keystream word. We also show that the first few kilobytes of the keystream may leak information about the secret key which allows the cryptanalyst to recover the secret key in an efficient way. Finally, we consider GGHN, another RC4-like cipher that operates with 32-bit words. We assess different variants of GGHN-Iike algorithms with respect to weak states, in which all internal state words and output elements are even. Once GGHN is absorbed in such a weak state, the least significant bit of the plaintext words will be revealed only by looking at the ciphertext. By modelling the algorithm by a Markov chain and calculating the chain absorption time, we show that the average number of steps required by these algorithms to enter this weak state can be lower than expected at first glance and hence caution should be exercised when estimating this number

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Thesis (Masters)
Authors:Kircanski, Aleksandar
Pagination:x, 90 leaves : ill. ; 29 cm.
Institution:Concordia University
Degree Name:M.A. Sc
Program:Information Systems Security
Thesis Supervisor(s):Email sent to student re. c. 1 and 2, Aug 17 and Youssef, A. M
Identification Number:LE 3 C66I54M 2009 K57
ID Code:976777
Deposited By: Concordia University Library
Deposited On:22 Jan 2013 16:32
Last Modified:13 Jul 2020 20:11
Related URLs:
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top