Stream Cipher Research Articles

A Scalable, Secure, and Efficient Framework for Sharing Electronic Health Records Using Permissioned Blockchain Technology

This paper presents a scalable, secure blockchain-based healthcare system architecture that efficiently manages large patient datasets. DHTs and Skip Lists enable efficient data access, while DPoS and PBFT facilitate parallel transaction processing. Adaptive filters, Radix Trees extended by Merkle Trees, and an immutable blockchain ledger secured by Tendermint consensus ensure data integrity and protection against evolving threats. Threshold Cryptography secures consensus participant selection, and Bulletproofs verify transactions, complying with healthcare regulations. ChaCha20, a symmetric stream cipher, encrypts sensitive data, enhancing performance across devices. ABAC manages access rights, ensuring fine-grained control over data accessibility. This architecture offers a comprehensive, efficient, and secure solution for healthcare data management in blockchain environments.

A Novel Hybrid Elementary Cellular Automata and Its Application in a Stream Cipher

A Novel Hybrid Elementary Cellular Automata and Its Application in a Stream Cipher

Scenarios for Optical Encryption Using Quantum Keys

Optical communications providing huge capacity and low latency remain vulnerable to a range of attacks. In consequence, encryption at the optical layer is needed to ensure secure data transmission. In our previous work, we proposed LightPath SECurity (LPSec), a secure cryptographic solution for optical transmission that leverages stream ciphers and Diffie–Hellman (DH) key exchange for high-speed optical encryption. Still, LPSec faces limitations related to key generation and key distribution. To address these limitations, in this paper, we rely on Quantum Random Number Generators (QRNG) and Quantum Key Distribution (QKD) networks. Specifically, we focus on three meaningful scenarios: In Scenario A, the two optical transponders (Tp) involved in the optical transmission are within the security perimeter of the QKD network. In Scenario B, only one Tp is within the QKD network, so keys are retrieved from a QRNG and distributed using LPSec. Finally, Scenario C extends Scenario B by employing Post-Quantum Cryptography (PQC) by implementing a Key Encapsulation Mechanism (KEM) to secure key exchanges. The scenarios are analyzed based on their security, efficiency, and applicability, demonstrating the potential of quantum-enhanced LPSec to provide secure, low-latency encryption for current optical communications. The experimental assessment, conducted on the Madrid Quantum Infrastructure, validates the feasibility of the proposed solutions.

Статистичний критерій перевірки незалежності внутрішніх станів та виходів криптопримітиву, що генерує (псевдо)випадкові послідовності

The article is devoted to creation and justification of new statistical criterion of pairwise independence of binary sequences from given set, which are considered as realization of random variables. The corresponding algorithm, which fulfills the checking of pairwise independence, is formulated in details. This algorithm is necessary tool for statistical veri-fication of cryptographic quality of different cryptoprimitives, which functioning is con-nected with random/ pseudorandom sequences generation — such as ran-dom/pseudorandom sequences generators or stream ciphers. Usage of the obtained criteri-on allows independence checking not only for output sequences, but also for its interme-diate state or inputs. Note that such independence is necessary for unpredictability of out-put sequences.

Side-Channel Linearization Attack on Unrolled Trivium Hardware

This paper presents a new side-channel attack (SCA) on unrolled implementations of stream ciphers, with a particular focus on Trivium. Most conventional SCAs predominantly concentrate on leakage of some first rounds prior to the sufficient diffusion of the secret key and initial vector (IV). However, recently, unrolled hardware implementation has become common and practical, which achieves higher throughput and energy efficiency compared to a round-based hardware. The applicability of conventional SCAs to such unrolled hardware is unclear because the leakage of the first rounds from unrolled hardware is hardly observed. In this paper, focusing on Trivium, we propose a novel SCA on unrolled stream cipher hardware, which can exploit leakage of rounds latter than 80, while existing SCAs exploited intermediate values earlier than 80 rounds. We first analyze the algebraic equations representing the intermediate values of these rounds and present the recursive restricted linear decomposition (RRLD) strategy. This approach uses correlation power analysis (CPA) to estimate the intermediate values of latter rounds. Furthermore, we present a chosen-IV strategy for a successful key recovery through linearization. We experimentally demonstrate that the proposed SCA achieves the key recovery of a 288-round unrolled Trivium hardware implementation using 360,000 traces. Finally, we evaluate the performance of unrolled Trivium hardware implementations to clarify the trade-off between performance and SCA (in)security. The proposed SCA requires 34.5 M traces for a key recovery of 384-round unrolled Trivium implementation and is not applicable to 576-round unrolled hardware.

Mathematical Approaches to Cryptographic System Design

In the digital age, cryptographic systems are the most important part of safe communication. To protect data security, confidentiality, and validity, they need strong design frameworks. The math methods used in this paper are very important for designing and analyzing secure systems. As basic ideas, it looks at number theory, math, and complexity theory, with an emphasis on both old and new methods. Some important topics are the creation of prime numbers, modular arithmetic, elliptic curves, and finite fields, which are the basis for many encryption methods. The paper also talks about how complexity theory can be used to measure the strength of cryptography. It specifically talks about issues with discrete logarithms and integer factorization, which are at the heart of popular protocols like RSA and ECC. It also looks into lattice-based cryptography, which is seen as a strong option to quantum threats, and shows how hard it is to solve lattice issues. The study also looks at the design principles of symmetric cryptography, mainly block ciphers and stream ciphers, and how they use permutation groups and linear algebra to make sure that key plans and spread methods are safe. The paper also looks at secure hash functions, focusing on collision resistance, pre-image resistance, and how they are made using mathematics concepts such as Merkle-Damgård and sponge functions. Advanced topics like homomorphic encryption and zero-knowledge proofs show how mathematics and cryptography are increasingly coming together. They show how they can be used to make operations safe on protected data and privacy-preserving protocols. This paper gives a full picture of how mathematical theories and methods are used to build strong cryptographic systems by combining strict mathematical models with real-world cryptographic needs. The discussion stresses that the field is always changing because of new threats and improvements in computers. It also calls for constant scientific progress to make cryptography stronger against future problems.

Comprehensive analysis of services towards Data Aggregation, Data Fusion and enhancing security in IoT-based smart home

Data aggregation and sensors data fusion would be very helpful in a number of developing fields, including deep learning, driverless cars, smart cities, and the Internet of Things (IoT). An advanced smart home application will test the upgraded Constrained Application Protocol (CoAP) using Contiki Cooja. Smart home can enhance people’s comfort. Secure authentication between the transmitter and recipient nodes is essential for providing IoT services. In many IoT applications, device data are critical. Current encryption techniques use complicated arithmetic for security. However, these arithmetic techniques waste power. Hash algorithms can authenticate these IoT applications. Mobile protection issues must be treated seriously, because smart systems are automatically regulated. CoAP lets sensors send and receive server data with an energy-efficient hash function to increase security and speed. SHA224, SHA-1, and SHA256 were tested by the CoAP protocol. Proposed model showed that SHA 224 starts secure sessions faster than SHA-256 and SHA-1. The ChaCha ci. This study proposed enhanced ChaCha, a stream cipher for low-duty-cycle IoT devices. For wireless connections between the IoT gateway and sensors with a maximum throughput of 1.5 Mbps, the proposed model employs a wireless error rate (WER) of 0.05; the throughput rises with an increase in the transmission data rate.

Single-Query Quantum Hidden Shift Attacks

Quantum attacks using superposition queries are known to break many classically secure modes of operation. While these attacks do not necessarily threaten the security of the modes themselves, since they rely on a strong adversary model, they help us to draw limits on their provable security.Typically these attacks use the structure of the mode (stream cipher, MAC or authenticated encryption scheme) to embed a period-finding problem, which can be solved with a dedicated quantum algorithm. The hidden period can be recovered with a few superposition queries (e.g., O(n) for Simon’s algorithm), leading to state or key-recovery attacks. However, this strategy breaks down if the period changes at each query, e.g., if it depends on a nonce.In this paper, we focus on this case and give dedicated state-recovery attacks on the authenticated encryption schemes Rocca, Rocca-S, Tiaoxin-346 and AEGIS- 128L. These attacks rely on a procedure to find a Boolean hidden shift with a single superposition query, which overcomes the change of nonce at each query. This approach has the drawback of a lower success probability, meaning multiple independent (and parallelizable) runs are needed.We stress that these attacks do not break any security claim of the authors, and do not threaten the schemes if the adversary only makes classical queries.

Enhancing Security in IoT Devices with a Comprehensive Analysis of Lightweight Cryptographic Algorithms

A lot of gadgets connected to the Internet of Things (IoT) have changed many fields, from healthcare and smart houses to smart cities and commercial robotics. But this fast growth has also brought about big security problems, mostly because IoT devices don't have a lot of resources, which makes it hard to use standard cryptographic methods. The reason of this ponder is to grant a intensive examination of lightweight cryptographic strategies that can make IoT gadgets more secure without abating them down. Since IoT gadgets have uncommon security needs, lightweight cryptography has ended up one of the foremost critical ways to secure them. These methods are made to supply solid assurance whereas utilizing as few computer assets, power, and memory as conceivable. We see at well-known illustrations from each gather, like Display and Driven (square ciphers), Trivium and Grain (stream ciphers), and PHOTON and SPONGENT (hash capacities), to see how well they work in IoT settings. To donate a full picture of the contrasts, we carefully see at a few speed measures, such as running time, vitality utilize, memory utilization, and security against cryptographic dangers. The appraisal is based on both a common see at the subject and real-world tests on common IoT frameworks. We moreover conversation almost the trade-offs that come with choosing the correct cryptographic strategies to meet security needs whereas moreover taking under consideration the limits of IoT gadgets. Our inquire about appears that lightweight cryptographic calculations have a part of benefits, but the correct calculation must be chosen based on the IoT deployment's one of a kind utilize case and threat demonstrate. For example, applications that require a part of speed might advantage from lightweight stream ciphers, while applications that require to form beyond any doubt the security of the data might select lightweight hash capacities. The think about moreover talks approximately unused thoughts and bearings for lightweight cryptography for IoT, such as utilizing post-quantum cryptographic primitives to create IoT security future-proof. We see into the plausibility of blended strategies that use more than one lightweight procedure to progress security without utilizing as well numerous assets. Within the conclusion, this in-depth ponder appears how vital lightweight cryptographic strategies are for progressing IoT security. This paper aims to help researchers and practitioners set up good security measures for IoT devices by giving a thorough look at how well they work and what kinds of uses they are best for. This will make the IoT environment safer and more reliable.

SC-SA: Byte-Oriented Lightweight Stream Ciphers Based on S-Box Substitution

SC-SA: Byte-Oriented Lightweight Stream Ciphers Based on S-Box Substitution

LOL: a highly flexible framework for designing stream ciphers

LOL: a highly flexible framework for designing stream ciphers

On the Stability of the Linear Complexity of Some Generalized Cyclotomic Sequences of Order Two

Linear complexity is an important pseudo-random measure of the key stream sequence in a stream cipher system. The 1-error linear complexity is used to measure the stability of the linear complexity, which means the minimal linear complexity of the new sequence by changing one bit of the original key stream sequence. This paper contributes to calculating the exact values of the linear complexity and 1-error linear complexity of the binary key stream sequence with two prime periods defined by Ding–Helleseth generalized cyclotomy. We provide a novel method to solve such problems by employing the discrete Fourier transform and the M–S polynomial of the sequence. Our results show that, by choosing appropriate parameters p and q, the linear complexity and 1-error linear complexity can be no less than half period, which shows that the linear complexity of this sequence not only meets the requirements of cryptography but also has good stability.

Performance Evaluation of Lightweight Stream Ciphers for Real-Time Video Feed Encryption on ARM Processor

Performance Evaluation of Lightweight Stream Ciphers for Real-Time Video Feed Encryption on ARM Processor

Randomness Generation for Secure Hardware Masking – Unrolled Trivium to the Rescue

Masking is a prominent strategy to protect cryptographic implementations against side-channel analysis. Its popularity arises from the exponential security gains that can be achieved for (approximately) quadratic resource utilization. Many variants of the countermeasure tailored for different optimization goals have been proposed. The common denominator among all of them is the implicit demand for robust and high entropy randomness. Simply assuming that uniformly distributed random bits are available, without taking the cost of their generation into account, leads to a poor understanding of the efficiency vs. security tradeoff of masked implementations. This is especially relevant in case of hardware masking schemes which are known to consume large amounts of random bits per cycle due to parallelism. Currently, there seems to be no consensus on how to most efficiently derive many pseudo-random bits per clock cycle from an initial seed and with properties suitable for masked hardware implementations. In this work, we evaluate a number of building blocks for this purpose and find that hardware-oriented stream ciphers like Trivium and its reduced-security variant Bivium B outperform most competitors when implemented in an unrolled fashion. Unrolled implementations of these primitives enable the flexible generation of many bits per cycle, which is crucial for satisfying the large randomness demands of state-of-the-art masking schemes. According to our analysis, only Linear Feedback Shift Registers (LFSRs), when also unrolled, are capable of producing long non-repetitive sequences of random-looking bits at a higher rate per cycle for the same or lower cost as Trivium and Bivium B. Yet, these instances do not provide black-box security as they generate only linear outputs. We experimentally demonstrate that using multiple output bits from an LFSR in the same masked implementation can violate probing security and even lead to harmful randomness cancellations. Circumventing these problems, and enabling an independent analysis of randomness generation and masking, requires the use of cryptographically stronger primitives like stream ciphers. As a result of our studies, we provide an evidence-based estimate for the cost of securely generating n fresh random bits per cycle. Depending on the desired level of black-box security and operating frequency, this cost can be as low as 20 n to 30 n ASIC gate equivalents (GE) or 3 n to 4 n FPGA look-up tables (LUTs), where n is the number of random bits required. Our results demonstrate that the cost per bit is (sometimes significantly) lower than estimated in previous works, incentivizing parallelism whenever exploitable. This provides further motivation to potentially move low randomness usage from a primary to a secondary design goal in hardware masking research.

An exhaustive review of the stream ciphers and their performance analysis

The number of internet of things (IoT) applications has increased, which has increased the demand for low-resource gadgets. The data produced by these devices must be protected to guarantee security. The devices operate in conditions with limited space, computational power, memory, and energy. High-security standards are difficult to achieve with limited resources. The detailed analysis of various stream ciphers and their performance metrics is reviewed in this manuscript. The functionality of the stream ciphers is categorized and thoroughly discussed based on both the hardware and software viewpoints. The security attacks and their countermeasure methods using stream ciphers are discussed. The performance metrics of most hardware-based stream ciphers, including the ECRYPT stream cipher project (eSTREAM) ciphers, are discussed. Each hardware stream cipher design highlights the hardware constraints such as chip area, frequency, throughput, and hardware efficiency. The work also highlights the various applications using these stream ciphers. The current trends using these stream ciphers are discussed with futuristic goals.

A Proposed Text Encryption inside Video Using Harris Corner Detection and Salas20 Encryption Algorithm

يعد تشفير النص في الفيديو أداة حيوية في العديد من الصناعات حيث تكون حماية المعلومات الحساسة هي الأكثر أهمية. عادةً ما تواجه الخوارزميات وطرق الكشف الآلي صعوبة في تحديد موقع النص المخفي في إطارات الفيديو. تزيد هذه المقاومة من أمان المعلومات المخفية لأنه من الصعب على الأطراف غير المدعوة اكتشاف وجود نص مشفر. كما أنه يجمع بين المحتوى المكتوب والمرئي لتقديم كلا النوعين من المعلومات في وقت واحد وبسلاسة. في هذا البحث ، نقدم طريقة جديدة لتشفير النص داخل الفيديو باستخدام خوارزمية التشفير Salsa20 و Harris Corner Detection. الهدف من هذه الدراسة هو زيادة سرية وأمن المعلومات النصية المضمنة في محتوى الفيديو ، وهناك خطوتان أساسيتان في المنهجية المقترحة. لتحديد الزوايا أو النقاط المهمة داخل إطارات الفيديو ، تم استخدام طريقة Harris Corner Detection لأول مرة. تعمل هذه الزوايا كنقاط ميزة قوية يمكن استخدامها لدمج النص. تساعد طريقة Harris Corner Detection في تحديد الأماكن التي قد يتم إخفاء النص بها بدقة ، وذلك دون التقليل من جودة الصورة المرئية الإجمالية للفيديو ، وثانيًا ، يتم إنشاء مفتاح التشفير باستخدام تقنية التشفير Salsa20. Salsa20 هو تشفير دفق شائع يوفر تشفيرًا موثوقًا وتشغيلًا فعالاً. يتم تحويل النص المضمن إلى نص تشفير بواسطة XOR باستخدام مفتاح التشفير قبل تضمينه في الفيديو ، مما يضمن سريته وحمايته من الوصول غير المصرح به. تكشف مقارنة الطريقة المقترحة مع طرق تشفير النص الحالية عن عدد من المزايا. تدمج تقنية Harris Corner Detection النص في إطارات الفيديو بحيث يتم دمجها بشكل أقل وضوحًا ، مما يجعل من الصعب على الخصوم تحديد وجود المعلومات المخفية. يضمن استخدام Salsa20 أيضًا المستوى العالي من الأمان والحماية للنص المشفر ، والدفاع عنه ضد الهجمات المحتملة. يتم تقييم النظام المقترح باستخدام MSE و PSNR والارتباط و NPCR و UACI والإنتروبيا ، وتوفر مقاييس التقييم هذه نتائج ممتازة.

A modified RC‐4 cryptosystems to enhance security by using negative key schedule

AbstractAs technology rapidly advances and internet reliance grows for daily activities, the demand for robust and efficient cryptographic protocols is undeniable. Cryptography, the art of secret writing, uses symmetric mathematical functions to secure data in transit or at rest. Stream ciphers, unlike block ciphers, encrypt data sequentially, eliminating the need for padding with extra bits to complete a block. Rivest Cipher 4 (RC‐4) has been one of the most widely used stream ciphers. However, vulnerabilities exploited by attackers in 2014 led to its widespread replacement. In this paper, we introduce a modified version of RC‐4 designed to address and mitigate the security threats of traditional RC‐4. By incorporating negative numbers into the key generation schedule, our preliminary analysis shows promising results. This adaptation not only enhances RC‐4's security features but also revitalizes its applicability in modern cryptographic scenarios, potentially restoring its viability as a secure cryptographic tool.

Filter generators with variable transition functions over finite fields of characteristic 2

Filter generators are a traditional basis for creating synchronous stream ciphers. They are built with the help of linear shift registers (usually over a field of two elements) and nonlinear complexity functions, which are subject to a number of requirements in terms of the generators security against known attacks. Intensive researches of filter generators during the last decades show that meeting these requirements without degrading the performance of the generators is a very difficult task. Despite a large number of publications devoted to the construction of complexity functions with known “good cryptographic properties”, the usage of such functions in practice often becomes unacceptable due to the bulkiness of their constructions, which slows down the functioning of the corresponding generators, especially during software implementation. The way to overcome the noted difficulties by using an additional secret parameter that determines the appearance of the generator transitions’ function is proposed. Such a modification makes it possible to increase the security of generator (compared to traditional filter generators) against known attacks without increasing the length of its initial state. In particular, a specific version of a generator construction with a complexity function, which is determined with the help of substitutions used in the “Kalyna” encryption scheme, is considered. A lower estimate of the output sequences periods of the proposed generators was obtained. A research of their security to known attacks, in particular, Babbage-Golic balancing attack; an attack associated with a small number of terms in the polynomial representation of the complexity function (which negatively affects the value of the equivalent linear complexity of the output sequences of the generator); a natural correlation attack associated with the specifics of the proposed generator construction scheme; algebraic attacks of the Courtois-Mayer type were also conducted. At the end of the article, it is indicated how to choose the components of the proposed generators to ensure their security at a predetermined level.

Design and implementation of a physical layer optical fiber security communication system based on a ZUC stream cipher

In this work, we have proposed a new physical layer encryption scheme to improve the security of optical fiber communication systems. The secrecy scheme is based on disturbance of the data cluster under the ZUC algorithm (named for Zu Chongzhi, a famous mathematician in ancient China), which is generated by optical XOR using a dual-drive Mach–Zehnder modulator (DD-MZM). A base scrambling pseudo random binary sequence (PRBS) generated by the ZUC stream cipher is introduced, which results in a better scrambling effect and randomness in the key stream of the block encryption structure. A simulation setup conducted in an encrypted transmission of the 64×64 grayscale image over 80 km of optical fiber shows that the authorized user can successfully decrypt the received signal, while the eavesdroppers cannot derive useful information with a bit error rate (BER) at approximately 0.5. In the simulation, after setting the delay compensation to 3.125 ps, a correct signal with a Q-factor as high as 11.3642 and a BER as low as 3.14295−30 can be obtained.

Research on Fault Attacks of Lightweight Cryptographic Algorithms

Fault attacks exploit fault injection techniques to compromise cryptographic systems, compromising device operations and leaking secret keys. Lightweight block cipher algorithms are suitable for resource-constrained environments, ensuring security while reducing hardware and software overhead. This paper summarizes the current research status of fault attacks on some lightweight cryptographic algorithms, including block ciphers, stream ciphers, etc. These studies are crucial for addressing system vulnerabilities, protecting personal privacy, and enhancing the stability of embedded systems. The aim of this paper is to provide comprehensive references for cryptographers, assisting in selecting suitable algorithms and defense strategies.