Key Search Attack Research Articles

Implementing Grover’s on AES-based AEAD schemes

Extensive research is currently underway to determine the security of existing ciphers in light of the advancements in quantum computing. Against symmetric key cryptography, Grover’s search algorithm is a prominent attack, capable of reducing search costs to the square root. For using Grover’s algorithm, it is imperative to embed the target cipher into a quantum circuit. Even so, this area of research is relatively new; it has garnered significant attention from the research community. In this study, we provide the first estimation of the cost of Grover’s key search attack against the AES-based AEAD schemes Rocca-S, AEGIS-128, and Tiaoxin-346. Our analysis considers circuit depth restrictions specified in NIST’s PQC standardization process. Considering NIST’s maximum depth constraints, We present the overall cost of these attacks using gate count and depth-times-width metrics. We observed that for MAXDEPTH=240\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$$\ extsf{MAXDEPTH} = 2^{40}$$\\end{document}, Rocca-S, AEGIS-128, and Tiaoxin-346 can be retrieved using Grover’s search algorithm with gate count of 1.09 × 2253, 1.14 × 2124, and 1.22 × 2124 respectively. Concerning the current updated values by NIST, these ciphers are secure in terms of the cost of implementing Grover’s attack for key recovery. The quantum circuits of these ciphers are implemented using QISKIT, an open-source software development kit (SDK) designed for working with quantum computers running on the IBM Quantum Experience platform.

Integration of a novel 3D chaotic map with ELSS and novel cross-border pixel exchange strategy for secure image communication

This paper proposes a robust image encryption algorithm that utilizes a Novel three-dimensional (3D) Chaotic map and an Enhanced Logistic Sine System (ELSS). We leverage the unpredictability of 3D chaotic dynamics alongside the complexity of ELSS and DNA Sequence to forge a formidable image encryption scheme. Firstly, the image pixels are converted from decimal to hexadecimal notation and sorted in a 1D pixel array carrying a unique sequence of three channels of the RGB image. Secondly, the secret key is appended to XOR, the values with that 1-D pixels array. Thirdly, values are sorted by performing the binary right shift operation and encoded into DNA. Fourthly, a novel chaotic map is used to perform scrambling operations. Lastly, a novel enormous keyspace ELSS is used to perform efficient Border and Cross-Border (B &CB) pixel exchange, further enhancing the encryption quality of the proposed algorithm. Comprehensive security analysis proved that the proposed algorithm exhibits remarkable resilience against powerful known and chosen plaintext attacks and other prevalent cryptanalysis attacks, including differential attacks and exhaustive key search attacks. Henceforth, the proposed algorithm’s superior security and low computational cost make it an ideal choice for real-time secure image communication across various platforms, including satellite, multimedia, and military communications.

Analysis of Atom against quantum attacks

AbstractA significant amount of study is being done to review the security promises made for the various ciphers now in use as a result of the development of quantum computing technology. A general attack against symmetric key cryptography primitives that can reduce search costs to the square root is Grover's search algorithm. To implement Grover's algorithm, it is necessary that the target cipher be implemented as a quantum circuit. Despite being relatively new, this area of study has received significant attention from the research community. The authors have estimated the cost of Grover's key search attack against the stream cipher Atom, for the first time, under circuit depth restrictions defined in National Institute of Standards and Technology (NIST) PQC standardisation process. The authors implement the quantum circuit of Atom in QISKIT, (open‐source software development kit for working with quantum computers running on IBM Quantum Experience). The results are also compared with other existing literature on LFSR‐based stream ciphers, such as Grain‐v1, Grain‐128‐AEAD, and Lizard. The authors also find that, to the best of their knowledge, in the existing literature on estimating the cost of Grover's attack on symmetric ciphers, Atom is the only 128‐bit key cipher that meets the threshold of ≈2170 set by NIST for quantum security of 128‐bit key ciphers. The authors also analyse the security of Atom against quantum TMDTO attacks.

Deep self-learning based dynamic secret key generation for novel secure and efficient hashing algorithm

The hash function is an efficient source of the integrity and authentication of input text and other data messages (image & audio-video) in the cryptography field. Existing hashing algorithms are time-consuming and vulnerable to collision attacks, birthday attacks, meet-in-the-middle attacks, and key search attacks. In this context, we propose an innovative and secure hash algorithm that uses self-learning neurons during the implementation phase. Firstly, the proposed deep learning hashing algorithm accepts the variable length (ln) of the input text and image messages (im) at the input layer 0 and divides the whole input (M) into four characters, represented as message pair (MP). If the last MP contains less than four characters, have been completed by the assumption of the special cases and processed via the OR logical operation. Subsequently, the proposed pattern matching-swapping methods have resolved the conflict of the repeated characters in each MP. Secondly, the proposed novel dynamic secret keys are generated for each MP by introducing a skip and select basic conditions by omitting the consecutive 0's or 1's in key selection. Thirdly, upon successfully processing the phases above, the proposed novel hashing algorithm generates collision-free hash values using forwarding and backward propagation. Experimental results show that our proposed hashing algorithm is efficient and significantly outperforms in terms of sensitivity generated in hash output, speed, and collision resistance compared to the existing state-of-the-art hashing algorithms.

Chaotic neural networks and farfalle construction based parallel keyed secure hash function

AbstractParallel computing of hash functions along with the security requirements have great advantage in order to reduce the time consumption and overhead of the CPU. In this article, a keyed hash function based on farfalle construction and chaotic neural networks (CNNs) is proposed, which generates a hash value with arbitrary (defined by user) length (eg, 256 and 512 bits). The proposed hash function has parallelism merit because it is built over farfalle construction which avoids the dependency between the blocks of a given message. Moreover, the proposed hash function is chaos based (ie, it relies on chaotic maps and CNNs which have non‐periodic behavior). The security analysis shows that the proposed hash function is robust and satisfies the properties of hash algorithms, such as random‐like (non‐periodic) behavior, ideal sensitivity to original message and secret key, one‐way property and optimal diffusion effect. The speed performance of the hash function is also analyzed and compared with a hash function which was built based on sponge construction and CNN, and compared with secure hash algorithm (SHA) variants like SHA‐2 and SHA‐3. The results have shown that the proposed hash function has lower time complexity and higher throughput especially with large size messages. Additionally, the proposed hash function has enough resistance to multiple attacks, such as collision attack, birthday attack, exhaustive key search attack, preimage and second preimage attacks, and meet‐in‐the‐middle attack. These advantages make it ideal to be used as a good collision‐resistant hash function.

Grover on KATAN: Quantum Resource Estimation

This article presents the cost analysis of mounting Grover’s key search attack on the family of KATAN block cipher. Several designs of the reversible quantum circuit of KATAN are proposed. Owing to the National Insitute of Standards and Technology’s (NIST) proposal for postquantum cryptography standardization, the circuits are designed focusing on minimizing the overall depth. We observe that the reversible quantum circuits designed using <monospace xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"/> <sc xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">and</small> gates and <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$T$</tex-math></inline-formula> -depth one Toffoli gate give more shallow circuits. Grover oracle for KATAN is designed based on the reversible circuits, which are used further to mount Grover’s key search attack on KATAN. The designs are implemented using the software framework ProjectQ, which provides a resource estimation tool to perform an appropriate cost analysis in an automated way. While estimating the resources, NIST’s depth restrictions are also respected.

GPU accelerated 3DES encryption

AbstractTriple DES (3DES) is a NIST and ISO/IEC standard block cipher that is also used in some web browsers and several electronic payment applications. We propose an optimized bit‐level parallelization of 3DES for GPU accelerated encryption to allow processing high volumes of data. Since the block size of 3DES is 64 bits, our approach considers a kernel block as a 64‐bit 3DES block. Each kernel block performs XOR, permutation, and S‐box operations of this cipher in parallel and memory accesses are optimized by the use of constant and shared memory. Although table based and bitsliced implementations of block ciphers on GPUs outperform naive implementations, their performance vary significantly on different GPU models and architectures. Lack of publicly available source codes prohibit a fair comparison of the performance results for different implementations. In this work, we provide performance results on various GPU models and make our implementation publicly available for reproducibility and further comparisons. When compared against the baseline multi‐threaded CPU implementation, our optimization achieves an average of 15.95 speed‐up when encrypting large files using an RTX 2070 Super GPU. Moreover, when modified into a key search attack, more than 94.4 million 3DES key searches per second can be conducted on an RTX 2070 Super GPU.

On the key-exchange protocol using real quadratic fields

To prevent an exhaustive key-search attack of the key-exchange protocol using real quadratic fields, we need to ensure that the number l of reduced principal ideals in K is sufficiently large. In this paper we present an example of a family which are not valid for this protocol.

Alternative Codes and Phase Rotation Extensions for Alternating Space-Time Coding-Based Physical Layer Security

In this article, several extensions to an alternating space-time (ST) code (STC) physical layer security (PLS) scheme from the literature are proposed. These contributions include alternative orthogonal STCs as well as non-orthogonal and spatially-multiplexed (SM) STCs for improved bandwidth efficiency. Phase rotation (PR) algorithms are provided to build very large sets of unique alternative STCs for use with this scheme. Decoding methods are discussed for alternating non-orthogonal and SM STCs. Monte Carlo simulations are provided to compare bit error rate (BER) performance between different decoding methods. Secrecy system nomenclature is adapted to the alternative STCs and proposed algorithms. Information-theoretic security analysis including message and key equivocation is provided along with expected eavesdropper BER based on an assumed attack methodology. A comparison of security offered by the alternating STC PLS scheme with and without incorporation of proposed PR algorithms is performed. Substantially greater exhaustive key search attack complexity is achieved by using the PR algorithms proposed in this article.

A Way to Improve the Key Recovery Accuracy Based on Dynamic Programming

Key-recovery technology is often used by an adversary to attempt to recover the cryptographic key of an encryption scheme. The most obvious key-recovery attack is the exhaustive key-search attack. But modern ciphers often have a key space of size 2128 or greater, making such attacks infeasible with current technology. Cache-based side channel attack is another way to get the cryptographic key of an encryption scheme, but there are random noises in side channel attack. In order to reduce random errors, it is advisable to repeat the key recovery process many times. This paper is focused on the way to improve the key recovery accuracy by dealing with the key sequences obtained from the repeated Cache-based side channel attacks. To get the real key, private key bits from side channel attack are collected firstly. And then the key sequences are aligned using sequence alignment algorithms based on dynamic programming. The provided method of key recovery is universal, which is not limited to any cryptographic algorithm. The experiment shows that the proposed method has a good performance and a high availability when the error rate of the collected key bit is within a reasonable range.

SEC-CMAC A New Message Authentication Code Based on the Symmetrical Evolutionist Ciphering Algorithm

This article describes how the simplicity of data transmission made eavesdropping by malicious people easier. This became one the flaws of computer security that needs to be handled. In order to establish a secure data communication, many data security techniques were developed to ensure privacy, integrity and authenticity. One of the techniques developed was to fulfill authentication with a message authentication code (MAC) that was defined by the National Institute of Standards and Technology. It is still a powerful data integrity and authentication tool that provides better protection than error detection codes or checksums. In this article, the authors propose a new cipher-based message authentication code (CMAC) algorithm. Their proposed algorithm, termed SEC-CMAC, is based on a previously developed symmetric evolutionist ciphering algorithm named symmetrical evolutionist ciphering (SEC). Compared to the well-known previously developed MAC, their suggested algorithm proved to be robust and fulfill some security requirement by resisting an exhaustive key search and mac forgery attacks.

Mimic Encryption System for Network Security

With the rapid development of the Internet, increasingly more attention has been paid to network security problems. A network security defense technology has become a very important research field. Currently, most network equipment transmits data in plaintext at the data link layer, which exposes important information, such as IP addresses, port numbers, and application protocols, to an attacker and provides an opportunity for network attacks. To protect a network against attacks and ensure its security, this paper proposes a mimic encryption system for network security. Based on the concepts of moving target defense and mimic security defense, using the principles of randomization, dynamism, and diversification, a data link layer mimic encryption system is constructed from the underlying network of an information system. By transforming the frame format, a reconfigurable encryption algorithm, an hash algorithm, and a pseudo-random number generator are used to design different combination encryption modes. Then, the hash value of an encrypted frame is obtained by performing the hash operation, and feedback update is performed to generate new key parameters for the hash key pool. In addition, the pseudo-random selection of combinations of encryption algorithms and keys is performed to achieve “one frame-one key”. Finally, an FPGA is used as the network encryption card, and a CPU is used to realize two-party key agreement and the upper layer application. Using the FPGA + CPU hardware and software collaboration, the attack surface is expanded. Taking advantage of the high anti-interference property of an FPGA, part of the attack against the software system is filtered. The experimental results and analysis show that the encryption and decryption performance of this system in a 10 G network are approximately 500 MB/s. Thus, the system can effectively prevent the leakage of user data and resist network sniffing, vulnerability attacks, exhaustive key search attacks, and ciphertext-only attacks. Moreover, this system provides high security.

A tight bound for exhaustive key search attacks against Message Authentication Codes

A Message Authentication Code (MAC) is a function that takes a message and a key as parameters and outputs an authentication of the message. MAC are used to guarantee the legitimacy of messages exchanged through a network, since generating a correct authentication requires the knowledge of the key defined secretly by trusted parties. However, an attacker with access to a sufficiently large number of message/authentication pairs may use a brute force algorithm to infer the secret key: from a set containing initially all possible key candidates, subsequently remove those that yield an incorrect authentication, proceeding this way for each intercepted message/authentication pair until a single key remains. In this paper, we determine an exact formula for the expected number of message/authentication pairs that must be used before such form of attack is successful, along with an asymptotical bound that is both simple and tight. We conclude by illustrating a modern application where this bound comes in handy, namely the estimation of security levels in reflection-based verification of software integrity.

Side-Channel Attack Using Meet-in-the-Middle Technique

In this paper, we introduce a new side-channel attack using block cipher cryptanalysis named a meet-in-the-middle attack. Using our new side-channel technique we show that advanced encryption standard (AES) with reduced 10 masked rounds is broken, which is faster than the exhaustive key search attack. This implies that one has to mask the entire rounds of the 12-round 192-bit key AES to prevent our attacks. Our result is the first one to analyse AES with reduced 10 masked rounds, while the previous best known side-channel attack is on AES with reduced eight masked rounds.

Cryptanalysis with COPACOBANA

Cryptanalysis of ciphers usually involves massive computations. The security parameters of cryptographic algorithms are commonly chosen so that attacks are infeasible with available computing resources. This contribution presents a variety of cryptanalytical applications utilizing the COPACOBANA (Cost-Optimized Parallel Code Breaker) machine which is a high-performance, low-cost cluster consisting of 120 Field Programmable Gate Arrays (FPGA). COPACOBANA appears to be the only such reconfigurable parallel FPGA machine optimized for code breaking tasks reported in the open literature. Depending on the actual algorithm, the parallel hardware architecture can outperform conventional computers by several orders of magnitude. In this work, we will focus on novel implementations of cryptanalytical algorithms, utilizing the impressive computational power of COPACOBANA. We describe various exhaustive key search attacks on symmetric ciphers and demonstrate an attack on a security mechanism employed in the electronic passport. Furthermore, we describe time-memory tradeoff techniques which can, e.g., be used for attacking the popular A5/1 algorithm used in GSM voice encryption. In addition, we introduce efficient implementations of more complex cryptanalysis on asymmetric cryptosystems, e.g., Elliptic Curve Cryptosystems (ECC) and number co-factorization for RSA.

Design and Analysis of Password-Based Key Derivation Functions

A password-based key derivation function (KDF)-a function that derives cryptographic keys from a password-is necessary in many security applications. Like any password-based schemes, such KDFs are subject to key search attacks (often called dictionary attacks). Salt and iteration count are used in practice to significantly increase the workload of such attacks. These techniques have also been specified in widely adopted industry standards such as PKCS and IETF. Despite the importance and widespread usage, there has been no formal security analysis on existing constructions. In this correspondence, we propose a general security framework for password-based KDFs and introduce two security definitions each capturing a different attacking scenario. We study the most commonly used construction H/sup (c)/(p/spl par/s) and prove that the iteration count c, when fixed, does have an effect of stretching the password p by log/sub 2/c bits. We then analyze the two standardized KDFs in PKCS #5. We show that both are secure if the adversary cannot influence the parameters but subject to attacks otherwise. Finally, we propose a new password-based KDF that is provably secure even when the adversary has full control of the parameters.

Some attacks on quantum-based cryptographic protocols

Quantum-based cryptographic protocols are often said to enjoy security guaranteed by the fundamental laws of physics. However, even carefully designed quantum-based cryptographic schemes may be susceptible to subtle attacks that are outside the original design. As an example, we give attacks against a recently proposed ``secure communication using mesoscopic coherent states'', which employs mesoscopic states, rather than single-photon states. Our attacks can be used either as a known-plaintext attack or in the case where the plaintext has not been randomized. One of our attacks requires beamsplitters and the replacement of a lossy channel by a lossless one. It is successful provided that the original loss in the channel is so big that Eve can obtain $2^k$ copies of what Bob receives, where $k$ is the length of the seed key pre-shared by Alice and Bob. In addition, substantial improvements over such an exhaustive key search attack can be made, whenever a key is reused. Furthermore, we remark that, under the same assumption of a known or non-random plaintext, Grover's exhaustive key search attack can be applied directly to "secure communication using mesoscopic coherent states", whenever the channel loss is more than 50 percent. Therefore, as far as information-theoretic security is concerned, optically amplified signals necessarily degrade the security of the proposed scheme, when the plaintext is known or non-random. Our attacks apply even if the mesoscopic scheme is used only for key generation with a subsequent use of the key for one-time-pad encryption. Studying those attacks can help us to better define the risk models and parameter spaces in which quantum-based cryptographic schemes can operate securely. Finally, we remark that our attacks do not affect standard protocols such as Bennett-Brassard BB84 protocol or Bennett B92 protocol, which rely on single-photon signals.

The difficulty of attacking cryptosystems

Abstract In this article the author discusses cryptosystems both from the designer's point of view as well as the attacker's point of view. Particular attention is paid to exhaustive key search attacks and the effort required for an attack to be successful.

FOILING AN EXHAUSTIVE KEY-SEARCH ATTACK

It is proposed that simple substitution, applied both before and after encipherment by the Data Encryption Standard (DES) cipher, will make that encryption safe against an exhaustive key-search attack based on the DES key.

THE HAND-HELD CALCULATOR AS A CRYPTOGRAPHIC MACHINE

The degree of sophistication available in today's programmable personal calculators may be used to provide a practical field cipher capability of significant power. Procedures are presented for key management, key generator cycling alarm, cipher-type selection to match cryptanalytic threat level, and key length options as an answer to key-search attacks. Three basic cipher procedures are presented with special emphasis given to the inherent power of transposition techniques. Four cryptogram examples are included to demonstrate four of the levels of available security offered by the system.