Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology

Published byGabriella Maser Modified over 9 years ago

Similar presentations

Presentation on theme: "An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology"— Presentation transcript:

1 An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology ahmadian@ee.sharif.ir

2 Overview The development of stream ciphers Two types of stream ciphers – Synchronizing stream ciphers – Self synchronizing stream ciphers Cryptanalyses of stream ciphers eStream project Conclusion

3 Taxonomy of cryptographic primitives Keyed Hash Functions

4 Vernam one time pad cipher Vernam one time pad cipher: a sequence of independent and uniformly distributed bits. its perfect security is proven by Shannon; I(M,C)=0.  No deterministic algorithm can produce truly independent outputs.  The keystream should be at least as long as the plaintext and each key should be used only once so the exchanging of the private key becomes difficult.

5 The development of Stream cipher Tries to be a generalization of Vernam cipher. Turning a blind eye, Stream ciphers can be considered as Pseudo Random Generators (PRG). Generation of a periodic key stream with – maximal period, – Maximal linear complexity, – Easy to implement, – Fast algorithm, – Easily controlled by the key.

6 Stream cipher V.S. Block ciphers Stream ciphers are typically Faster – Suitable for real time scenarios – multi-Gigabit-per-second communications e.g. routers More efficient compact implementation – Suitable for constrained devices zero error propagation – Suitable for radio communications

7 Current widespread application A5 family in GSM mobile network SNOW 3G in UMTS mobile network E0 in Bluetooth RC4 in Wired Equivalent Privacy (WEP) …

8 synchronous stream cipher

9 self-synchronizing stream cipher

10 Comparison of synchronous and Self synchronizing Stream ciphers PropertysynchronousSelf synchronizing SynchronizingWeak (IV is needed)Good Error propagationGoodWeak Detection of active attacksWeakGood Possible attack scenarios Ctx onlyYes Known PtxYes Chosen PtxNoYes Known CtxNoYes

11 Cryptanalysis of stream ciphers The standard assumption: KNOWN PLAINTEXT ATTACK This implies knowledge of the keystream

12 Types of attacks Key Recovery attacks – Recover the secret key k. Distinguishing Attacks – Build a distinguisher that can distinguish the running key from a random sequence Other attacks: – Prediction of the next symbol – Recovering the initial state –…–…

13 Attack techniques Universal distinguishers – Apply known statistical tests Time-memory tradeoff attacks – Decrease computational complexity by using memory Guess-and-determine – Guess unknown things on demand

14 Attack techniques Correlation attacks – Dependence between output and internal unknown variables Linear attacks – Apply linear approximations Algebraic attacks – View your problem as the solution to a system of nonlinear equations

15 eStream Project

16 Held by ECRYPT a consortium of European research organizations. A multi-year effort running from 2004 to 2008 A Call for Stream Cipher Primitives to identify new stream ciphers suitable for widespread adoption.

17 eStream Project The submissions fall into either or both of two profiles: – Profile 1: Stream ciphers for software applications with high throughput requirements – Profile 2: Stream ciphers for hardware applications with restricted resources such as limited storage, gate count, or power consumption.

18 Three phases of eStream Project Phase 1. a general analysis of all submissions based on their security, performance, simplicity, flexibility, justification, clarity and completeness of the documentation. Phase 2. For each of the profiles, a number of algorithms have been selected to be focus Phase 2 algorithm.

19 Three phases of eStream Project Phase 3. for each of the profiles, eight candidate have been introduced to be analyzed with more scrutiny, It ended April 15, 2008 with the announcement of the candidates that had been selected for the final eSTREAM portfolio. Profile 1 (SW)Profile 2 (HW) HC-128Grain v1 RabbitMICKEY v2 Salsa20/12Trivium SOSEMANUK

20 Conclusion Due to the advantages of stream ciphers, they are widely used in many applications (e.g. wireless) Before eStream project, there was a little work on stream ciphers. eStream introduced new block cipher designs and also results in a extensive development in cryptanalysis method for stream ciphers. A serious competitor for stream ciphers are block ciphers in counter or OFB modes of operation.

Download ppt "An Introduction to Stream Ciphers Zahra Ahmadian Electrical Engineering Department Sahrif University of Technology"

Similar presentations

1 KCipher-2 KDDI R&D Laboratories Inc.. ©KDDI R&D Laboratories Inc. All rights Reserved. 2 Introduction LFSR-based stream ciphers Linear recurrence between.

1 KCipher-2 KDDI R&D Laboratories Inc.. ©KDDI R&D Laboratories Inc. All rights Reserved. 2 Introduction LFSR-based stream ciphers Linear recurrence between.
Block Cipher Modes of Operation and Stream Ciphers

Block Cipher Modes of Operation and Stream Ciphers
ECE454/CS594 Computer and Network Security

ECE454/CS594 Computer and Network Security
“Advanced Encryption Standard” & “Modes of Operation”

“Advanced Encryption Standard” & “Modes of Operation”
Xiutao Feng Institute of Software Chinese Academy of Sciences A Byte-Based Guess and Determine Attack on SOSEMANUK.

Xiutao Feng Institute of Software Chinese Academy of Sciences A Byte-Based Guess and Determine Attack on SOSEMANUK.
CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukStream Ciphers1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Introduction to Practical Cryptography Lectures 3/4 Stream Ciphers.

1 Introduction to Practical Cryptography Lectures 3/4 Stream Ciphers.
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
Modern Symmetric-Key Ciphers

Modern Symmetric-Key Ciphers
Dan Boneh Stream ciphers Real-world Stream Ciphers Online Cryptography Course Dan Boneh.

Dan Boneh Stream ciphers Real-world Stream Ciphers Online Cryptography Course Dan Boneh.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Stream ciphers 2 Session 2. Contents PN generators with LFSRs Statistical testing of PN generator sequences Cryptanalysis of stream ciphers 2/75.

Stream ciphers 2 Session 2. Contents PN generators with LFSRs Statistical testing of PN generator sequences Cryptanalysis of stream ciphers 2/75.
CIS 5371 Cryptography 3b. Pseudorandomness.

CIS 5371 Cryptography 3b. Pseudorandomness.
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:

WEP 1 WEP WEP 2 WEP  WEP == Wired Equivalent Privacy  The stated goal of WEP is to make wireless LAN as secure as a wired LAN  According to Tanenbaum:
Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 7 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.

Cryptography1 CPSC 3730 Cryptography Chapter 6 Triple DES, Block Cipher Modes of Operation.
HSC: Building Stream Cipher from Secure Hash Functions Juncao Li Nov. 29 th 2007 Department of Computer Science Portland State University.

HSC: Building Stream Cipher from Secure Hash Functions Juncao Li Nov. 29 th 2007 Department of Computer Science Portland State University.
Stream cipher diagram + + Recall: One-time pad in Chap. 2.

Stream cipher diagram + + Recall: One-time pad in Chap. 2.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)

Similar presentations

Ads by Google