Wyniki wyszukiwania - BazTech

1

Searching for an Efficient System of Equations Defining the AES Sbox for the QUBO Problem

Burek Elżbieta, Mańk Krzysztof, Wroński Michał

Journal of Telecommunications and Information Technology

|

2023

|

nr 4

30--37

EN

The time complexity of solving the QUBO problem depends mainly on the number of logical variables in the problem. This paper focuses mainly on finding a system of equations that uniquely defines the Sbox of the AES cipher and simultaneously allows us to obtain the smallest known optimization problem in the QUBO form for the algebraic attack on the AES cipher. A novel method of searching for an efficient system of equations using linear-feedback shift registers has been presented in order to perform that task efficiently. Transformation of the AES cipher to the QUBO problem, using the identified efficient system, is presented in this paper as well. This method allows us to reduce the target QUBO problem for AES- 128 by almost 500 logical variables, compared to our previous results, and allows us to perform the algebraic attack using quantum annealing four times faster.

2

Cryptanalytic attacks on RSA algorithm and its variants

Savić Dragan, Milić Petar, Mazinjanin Borislaw, Spalević Petar

Przegląd Elektrotechniczny

|

2022

|

R. 98, nr 2

14--20

EN

The goal of this paper is to provide a review of principles and techniques used in public-key cryptanalysis with special attention on RSA algorithm. The ways to defend against attacks on RSA algorithm are suggested. Furthermore, we provide a retrospective of results obtained during the research separately treated in the final part of the paper through the description of brute-force, low-exponent attack, chosen-plaintext attack and timing attack.

PL

Celem tego artykułu jest przedstawienie przeglądu zasad i technik stosowanych w kryptoanalizie klucza publicznego ze szczególnym uwzględnieniem algorytmu RSA. Sugerowane są sposoby obrony przed atakami na algorytm RSA. Ponadto przedstawiamy retrospektywę wyników uzyskanych podczas badań oddzielnie potraktowanych w końcowej części artykułu poprzez opis ataku brute-force, ataku o niskim wykładniku, ataku z wybranym tekstem jawnym i ataku czasowego.

3

A novel cryptosystem based on chaotic signals for data encryption applications and CDMA communication system

Alshammari Ahmed Saud

Przegląd Elektrotechniczny

|

2022

|

R. 98, nr 2

10--13

EN

In this paper, we study the Lorenz chaotic system as a cryptosystem stream cipher. The system employs a stream cipher, in which the encryption key changes in a chaotic manner over time. For added security, one of the Lorenz generator's parameters are controlled by step function subsystem. The cryptosystem's bit stream passed the statistical randomness test. As a result, a cryptosystem's design can withstand many sorts of attacks, such as brute force. The system's key size will be greater than 256, allowing for a total of 2256 key spaces. As a result, the large key space will give strong plaintext security against a brute force attack.

PL

W tym artykule badamy chaotyczny system Lorenza jako szyfr strumieniowy kryptosystemu. System wykorzystuje szyfr strumieniowy, w którym klucz szyfrowania zmienia się w czasie w sposób chaotyczny. Dla zwiększenia bezpieczeństwa, jeden z parametrów generatora Lorenza jest kontrolowany przez podsystem funkcji krokowej. Strumień bitów kryptosystemu przeszedł test losowości statystycznej. W rezultacie projekt kryptosystemu może wytrzymać wiele rodzajów ataków, takich jak brutalna siła. Rozmiar klucza systemowego będzie większy niż 256, co pozwoli na łącznie 2256 miejsc na klucze. W rezultacie duża przestrzeń na klucze zapewni silne zabezpieczenie tekstu jawnego przed atakiem brute force.

4

Cryptanalysis of a Bilateral-Diffusion image encryption algorithm based on dynamical compound chaos

Alshammari Badr Mesned

Przegląd Elektrotechniczny

|

2021

|

R. 97, nr 1

128--131

EN

This paper proposes an attack on a recently proposed cryptosystem using bilateral-diffusion algorithm with dynamical compound chaos. The original image encryption scheme employed a compound chaotic function and (linear feedback shift register) LFSR. Experimental results of the studied scheme showed that it is strong enough to resist against different attacks. The method used in the cryptosystem under study, presents weakness and a chosen plaintext attack can be done to recover the plain image without any knowledge of the key value. Only one pair of (plaintext/cipher text) is needed to totally break the cryptosystem.

PL

W artykule zaproponowano atak na kryptosystem wykorzystujący algorytm bilateral-diffusion z dynamiczna składową chaosu. Pokazano że jest możliwe wystarczająco mocny opór przeciwko różnym atakom. Jest więc możliwe odzyskanie obrazu.

5

Development and Analysis of Symmetric Encryption Algorithm Qamal Based on a Substitution-permutation Network

Biyashev Rustem G., Kapalova Nursulu A., Dyusenbayev Dilmuhanbet S., Algazy Kunbolat T., Wojcik Waldemar, Smolarz Andrzej

International Journal of Electronics and Telecommunications

|

2021

|

Vol. 67, No. 1

127--132

EN

This paper represents a developed cryptographic information protection algorithm based on a substitution permutation network. We describe the cryptographic transformations used in the developed algorithm. One of the features of the algorithm is the simplicity of its modification with regard to different security levels. The algorithm uses a predeveloped S-box tested against differential and linear cryptanalysis. The S-box is consistent with one of the known standards AES and GOST R 34.12-2015. We provide the findings of an avalanche-effect investigation and statistical properties of ciphertexts. The algorithm actually meets the avalanche-effect criterion even after the first round.

6

A stream cipher generator based on a combination of two non-linear systems for secure signal transmissions

Alshammari Ahmed Saud

Przegląd Elektrotechniczny

|

2020

|

R. 96, nr 10

51--54

EN

A new cryptosystem approach based on two non-linear systems combined to satisfy a high degree of signal transmission security. These systems are Lorenz system and Rössler system. Each chaotic system has a completely different output bit stream. The system uses a stream cipher, in which the encryption key varies continuously. Therefore, a design of a secure communication system that is robust to different types of attacks such brute force attack is very important. One of the main properties of this system is the ability to retrieve the data transmitted through a noisy environment. The proposed system is a novel stream cipher which is based on combining two non-linear systems that are used in digital communication system. The key size of the system will exceed 576, which provide 2576 key space. Hence, this huge key space will provide a high security for plaintext against a brute force attack.

PL

Przedstawiono nowy szystem szyfrowania danych bazujący na kombinacji dwóch nieliniowych. Te dwa systemy to system Lorenza i system Rosslera. System umożliwia odzyskanie danych przy transmisji w zaszumionym środowisku.

7

Cryptographic Protection for Military Radio Communications

Białas Robert, Grzonkowski Marcin, Wicik Robert

International Journal of Electronics and Telecommunications

|

2020

|

Vol. 66, No. 4

687--693

EN

Protecting the confidentiality, integrity and availability of information is very important in any telecommunications system. Information protection requires use of necessary physical, personal, information and communication technologies and above all – electromagnetic and cryptographic security measures. Equipment and tools for cryptographic protection should be examined and assessed in terms of resistance to known threats. Additional requirements are put on information protection for radio communication, especially military, where radio transmission is characterized by uncertainty of establishing and maintaining connections, bit rates are relatively low, often without full duplex. All this has an impact on the methods of cryptographic synchronization and implementation of cryptographic functions. A different approach to information protection is required by classic narrowband radio communications, a different one in time-division multi-access modes, and another one in broadband packet data transmission. Systems designed for information protection in radio communications implement appropriate operating modes of operation for cryptographic algorithms and protocols. Latest threats from quantum computers pose new challenges, especially in systems using public-key cryptography, because there are algorithms that can be used to attack these schemes with polynomial complexity.

8

Multi-factor signcryption scheme for secure authentication using hyper elliptic curve cryptography and bio-hash function

Rajasekar Vani, Premalatha J., Sathya K.

Bulletin of the Polish Academy of Sciences. Technical Sciences

|

2020

|

Vol. 68, nr 4

923--935

EN

Among rapid development of wireless communication, technology cryptography plays a major role in securing the personal information of the user. As such, many authentication schemes have been proposed to ensure secrecy of wireless communication but they fail to meet all the required security goals. The proposed signcryption scheme uses multi-factor authentication techniques such as user biometrics, smart card and passwords to provide utmost security of personal information. In general, wireless devices are susceptible to various attacks and resource constraint by their very nature. To overcome these challenges a lightweight cryptographic scheme called signcryption has evolved. Signcryption is a logical combination of encryption and digital signature in a single step. Thereby it provides necessary security features in less computational and communication time. The proposed research work outlines the weaknesses of the already existing Cao et al.’s authentication scheme, which is prone to biometric recognition error, offline password guessing attack, impersonation attack and replay attack. Furthermore, the proposed study provides an enhanced multi-factor authentication scheme using signcryption based on hyper elliptic curve cryptography and bio-hash function. Security of the proposed scheme is analyzed using Burrows-Abadi-Needham logic. This analysis reveals that the proposed scheme is computational and communication-efficient and satisfies all the needed security goals. Finally, an analysis of the study results has revealed that the proposed scheme protects against biometric recognition error, password guessing attack, impersonation attack, DoS attack and dictionary attack.

9

Malicious SHA-3

Morawiecki Paweł

Fundamenta Informaticae

|

2019

|

Vol. 169, nr 4

331--343

EN

In this paper, we investigate Keccak — the cryptographic hash function adopted as the SHA-3 standard. We propose a malicious variant of the function, where new round constants are introduced. We show that for such a variant, collision and preimage attacks are possible. We also identify a class of weak keys for malicious Keccak working in the MAC mode. Ideas presented in the paper were verified by implementing the attacks on the function with the 128-bit hash. Additionally, we show how the idea of malicious Keccak could be used in differential fault analysis against real Keccak working in the keyed mode such as the authenticated encryption mode.

10

Atak za pomocą kostek na szyfr blokowy CTC

Dawiec M., Paszkiewicz A.

Przegląd Telekomunikacyjny + Wiadomości Telekomunikacyjne

|

2018

|

nr 8-9

674--678, CD

PL

Celem ataku za pomocą kostek na ustalony szyfr symetryczny jest wyznaczenie jego klucza. W artykule przedstawiono szybki algorytm wyszukiwania kostek użytecznych kryptograficznie, w którym wykorzystywana jest znajomość architektury atakowanego szyfru. Jako przykład skuteczności nowego algorytmu zaprezentowano atak na 5-rundowy szyfr blokowy CTC.

EN

Main aim of the Cube Attack on a given symmetric cipher is determining its key. In this paper we present a fast algorithm for determining cryptographically useful cubes. It is assumed, the architecture of the cipher to be cracked is publically known. The method is powerfull and as example of its effectivity we present an attack on the 5-round CTC-cipher.

11

Tabu Search Against Permutation Based Stream Ciphers

Polak I., Boryczka M.

International Journal of Electronics and Telecommunications

|

2018

|

Vol. 64, No. 2

137--145

EN

Encryption is one of the most effective methods of securing data confidentiality, whether stored on hard drives or transferred (e.g. by e-mail or phone call). In this paper a new state recovery attack with tabu search is introduced. Based on research and theoretical approximation it is shown that the internal state can be recovered after checking 2⁵² internal states for RC4 and 2¹⁸⁰ for VMPC.

12

Cryptanalysis and Improvement for Certificateless Aggregate Signature

Li J., Yuan H., Zhang Y.

Fundamenta Informaticae

|

2018

|

Vol. 157, nr 1/2

111--123

EN

In order to satisfy application in resource constrained environment, aggregate signature schemes have been widely investigated. Recently, He et al. pointed out that certificateless aggregate signature (CLAS) scheme proposed by Xiong et al. was insecure against the Type II adversary and presented an possible improvement. In this article, we show that their improved scheme is not secure against a malicious-but-passive KGC attack. We analyze attack reason and propose an improved certificateless aggregate signature scheme. Based on the CDH difficult problem assumption, the proposed CLAS scheme is existentially unforgeable against adaptive chosen-message attacks in the random oracle model.

13

Analiza bezpieczeństwa Microsoft RMS

Dmitruk J., Kaczyński K.

Biuletyn Wojskowej Akademii Technicznej

|

2017

|

Vol. 66, nr 4

75--88

PL

Microsoft Rights Management Services (RMS) to system mający zapewniać ochronę i prawidłowe użytkowanie dokumentów elektronicznych. RMS pozwala na stosowanie różnej polityki dostępu do dokumentu, pozwalając na kontrolę jego obiegu i wykorzystania. System umożliwia zdefiniowanie polityki dostępu nie tylko w momencie tworzenia danego dokumentu, lecz także po jego dystrybucji. Microsoft RMS wykorzystuje szereg zaawansowanych mechanizmów kryptograficznych mających zapewnić bezpieczeństwo usługi. W niniejszej pracy została przeprowadzona analiza bezpieczeństwa usługi RMS, wskazująca na istnienie szeregu luk w ochronie dokumentów. Zaproponowane zostały metody rozwiązania podstawowych problemów, w szczególności związanych z zapewnieniem integralności danych.

EN

Microsoft Rights Management Services (RMS) is a system designed to ensure the protection and proper use of electronic documents. RMS allows to apply different access policies for documents, thus allowing to control their use in time. The system allows not only defining access policies at document creation, but also after its distribution. Microsoft RMS uses a number of advanced cryptographic mechanisms and primitives to ensure overall service security. In this paper, we have analyzed the security of RMS, indicating a number of possible gaps. The methods of solving those problems, especially those related to data integrity, have been proposed.

14

Wsparcie kryptologiczne bezpieczeństwa narodowego : rozwiązania systemowe w wybranych państwach i uwarunkowania implementacji w Polsce

Adamski J.

Zeszyty Naukowe AON

|

2016

|

nr 1(102)

38--46

PL

W artykule dokonano przeglądu rozwiązań systemowych w zakresie wsparcia kryptologicznego bezpieczeństwa narodowego, funkcjonujących w wybranych krajach. Wyniki skonfrontowano ze stanem obecnym w Polsce. Autor wnioskuje, że w erze postępującej cyfryzacji zdolność państwa do zapewnienia skutecznej ochrony kryptograficznej własnych procesów informacyjnych i decyzyjnych stała się niezbędnym elementem wsparcia bezpieczeństwa narodowego i zapewnienia suwerenności. Wykorzystując analizę SWOT, wskazuje uwarunkowania dla wprowadzenia rozwiązania systemowego w powyższym zakresie w Polsce.

EN

The article provides a conspectus of systemic solutions in the field of cryptologic support for national security operative in selected countries. The results were confronted with the current state of affairs in Poland. The author concludes that in the era of ubiquitous digitalisation the ability of a state to provide an effective cryptographic protection of its own information flow and decision processes has become an essential element supporting the national security and sovereignty. Employing SWOT analysis he identifies conditioning for mandating a systemic solution in the abovementioned field in Poland.

15

Kryptoanaliza algorytmu szyfrującego HPM14

Rzońca D.

Studia Informatica

|

2015

|

Vol. 36, nr 3

5--10

PL

W artykule przeanalizowano jeden z opisywanych w literaturze algorytmów szyfrujących, bazujący na niestandardowym zastosowaniu kryptograficznie silnych funkcji skrótu. Wskazano jego potencjalne słabości i możliwe do przeprowadzenia ataki. Jeden z nich wymaga częściowej znajomości tekstu jawnego, drugi jedynie nierównomiernego rozkładu bitów (nieznanego intruzowi) na poszczególnych pozycjach bloku wiadomości.

EN

The paper analyzes the encryption algorithm, described in the literature, based on a custom application of cryptographically strong hash functions. Potential weaknesses and possible attacks have been described. One of them requires partial knowledge of the plaintext, while the second one needs only the uneven distribution of bits (unknown to intruder) at different positions of message blocks.

16

Algorytmy inspirowane naturą w kryptoanalizie

Polak I., Boryczka M.

Studia Bezpieczeństwa Narodowego

|

2014

|

R. 4, Nr 6

185--197

PL

W dzisiejszych czasach ochrona informacji jest niezwykle istotna, a jednym z elementów zapewniających ową ochronę jest kryptograﬁa. Tu z kolei ważną rolę odgrywa kryptoanaliza, która pozwala badać bezpieczeństwo używanych szyfrów. Oprócz typowo analitycznego podejścia do łamania szyfrów (jak kryptoanaliza różnicowa, kryptoanaliza liniowa czy analiza statystyczna) od kilkunastu lat do tego celu zaprzęga się różnego rodzaju niedeterministyczne systemy inspirowane naturą. Użycie takich technik nie jest do końca intuicyjne – w kryptoanalizie często ważne jest znalezienie jednego konkretnego klucza (rozwiązania optymalnego), a każde inne rozwiązanie daje kiepskie rezultaty, nawet jeśli jest blisko optimum globalnego.

EN

Nowadays protection of information is very crucial and cryptography is a signiﬁcant part of keeping information secure. Here in turn cryptanalysis plays an important role by examining the safety of ciphers used. Besides the analytical approach to ciphers breaking (eg. diﬀerential cryptanalysis, linear cryptanalysis, statistical analysis) for this purpose there are several kinds of non-deterministic, inspired by nature systems applied. It is not intuitive - as in cryptanalysis often it is important to ﬁnd the exact key used (optimal solution) and every other solution is giving poor results, even if it is near global optimum.

17

Cryptanalysis and Improvement of a Certificateless Multi-proxy Signature Scheme

Tian M., Yang W., Huang L.

Fundamenta Informaticae

|

2014

|

Vol. 129, nr 4

365--375

EN

Certificateless cryptography is a new type of public key cryptography,which removes the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based public key cryptography. Multi-proxy signature is an extension of proxy signature, which allows an original signer authorizing a group of proxy signers and only the cooperation of all proxy signers in the group can create valid proxy signatures on behalf of the original signer. Recently, Jin andWen combined certificateless cryptographywith multi-proxy signature, and proposed a model as well as a concrete scheme of certificateless multi-proxy signature. They claimed that their scheme is provably secure in their security model. Unfortunately, in this paper by giving two attacks, we will show that their certificateless multi-proxy signature scheme can be broken. The first attack indicates their security model is flawed and the second attack indicates their certificateless multi-proxy signature scheme is insecure. Possible improvements are also suggested to prevent these attacks.

18

Cryptanalysis of the FSR-255 hash function

Kontak M., Szmidt J.

Control and Cybernetics

|

2014

|

Vol. 43, no. 2

365--374

EN

In this paper we analyse the security of the FSR-255 cryptographic hash function. As a result of our security analysis we present preimage and second-preimage attacks. The attacks base on practical reversibility of the compression function. The complexity of preimage attack is about 211 evaluations of the compression function. The second-preimage attack has the complexity equivalent to one time evaluation of the compression function. Both of the attacks have been practically realised.

19

Kryptograficzne funkcje skrótu

Rodwald P.

Zeszyty Naukowe Akademii Marynarki Wojennej

|

2013

|

R. 54 nr 2 (193)

91--102

PL

Celem artykułu jest przegląd informacji dotyczących funkcji skrótu oraz przedstawienie najnowszych osiągnięć kryptografii w tym zakresie. Wyjaśnione są podstawowe pojęcia dotyczące funkcji skrótu, ich zastosowanie oraz metody ataków. Pokazany jest bieżący stan kryptoanalizy znanych i powszechnie stosowanych funkcji skrótu: MD4, MD5, SHA. Na zakończenie omówiona jest przyszłość funkcji skrótu i zakończony konkurs na nowy standard funkcji SHA-3.

EN

The article presents a synthesis of information about the hash function and shows the latest developments in this field of cryptography. Basic concepts of the hash function are explained: definition, properties, classification, usage of the hash function and methods of attacks. The current state of cryptanalysis of known and commonly used hash functions (MD, SHA) is shown as well as consequences coming from this. At the end the attention will be paid to the future of the hash function and the current state of art in the competition for developing the new standard of SHA-3 function.

20

Projektowanie ataku z kompromisem czasu i pamięci na przykładzie szyfru A5/1

Kanciak K., Misztal M.

Biuletyn Wojskowej Akademii Technicznej

|

2013

|

Vol. 62, nr 4

77-94

PL

W artykule przeanalizowano różne warianty ataku brutalnego z fazą obliczeń wstępnych (lub inaczej ataku kompromisu czasu-pamięci) na przykładzie algorytmu strumieniowego A5/1. Omówiono również teoretyczną skuteczność różnych wariantów ataku, przedstawiono wyniki optymalizacji parametrów ataku, sformułowano wnioski dotyczące projektowania ataku kompromisu czasu-pamięci. Przedstawione zostały także otrzymane wyniki kryptoanalizy algorytmu A5/1 w zestawieniu z oczekiwanymi wartościami teoretycznymi.

EN

The paper discusses variants of time memory tradeoff attack. The article uses A5/1 stream cipher as an example. The article describes known variants of the attack with their theoretical effectiveness. Results of tradeoff parameters optimization are presented. The article covers conclusions on tradeoffs design and comparison of obtained A5/1 algorithm cryptanalysis results with expected theoretical values.