• Title/Summary/Keyword: Algebraic attacks

Search Result 7, Processing Time 0.019 seconds

Finding New Algebraic Relations on Some Combiners with Memory And Its Applications (메모리를 가지는 Combiner 모델에 대한 새로운 대수적 방정식 구성 방법과 그 응용)

  • Kim, Jaeheon;Han, Jae-Woo;Moon, Dukjae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.16 no.1
    • /
    • pp.65-70
    • /
    • 2006
  • It is hewn that we can apply algebraic attacks on combiners with memory such as summation generators. [1,8] To apply algebraic attacks on combiners with memory, we need to construct algebraic relations between the keystream bits and the initial bits of the LFSRs. Until now, all known methods produce algebraic relations involving several consecutive bits of keystream. [l.4.8] In this paper, we show that algebraic relations involving only one keystream bit can be constructed for summation generators. We also show that there is an algebraic relation involving only one keystream bit for ISG (9) proposed by Lee and Moon. Using this fact, we analyze the keystream generators which generate the keystreams by combining summation generators.

Security Analysis of Software-Oriented Stream Ciphers against Algebraic Attacks (소프트웨어 구현에 적합한 스트림 암호의 대수적 공격에 대한 안전성)

  • Sung Jaechul;Moon Dukjae;Im Hung-su;Chee Seongtaek;Lee Sangjin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.1
    • /
    • pp.29-40
    • /
    • 2005
  • In this paper we consider the security of recently proposed software-orienred stram cipher HELIX, SCREAM, MUGI, and PANAMA against algebraic attacks. Algebraic attack is a key recovery attack by solving an over-defined system of multi-variate equations with input-output pairs of an algorithm. The attack was firstly applied to block ciphers with some algebraic properties and then it has been mon usefully applied to stream ciphers. However it is difficult to obtain over-defined algebraic equations for a given cryptosystem in general. Here we analyze recently proposed software-oriented stream ciphers by constructing a system of equations for each cipher. furthermore we propose three design considerations of software-oriented stream ciphers.

Algebraic Attacks on Summation Generators (Summation Generator에 대한 대수적 공격)

  • Lee, Dong-Hoon;Kim, Jae-Heon;Han, Jae-Woo;Hong, Jin;Moon, Duk-Jae
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.14 no.1
    • /
    • pp.71-77
    • /
    • 2004
  • It was proved that Hen is an algebraic ,elation of degree [n(l+1]/2] for an (n, 1)-combine. which consists of n LFSRs and l memory bits. For the summation generator with $2^k$ LFSRs which uses k memory bits, we show that there is a non-trivial relation of degree at most $2^k$ using k+1 consecutive outputs. In general, for the summation generator with n LFSRs, we can construct a non-trivial algebraic relation of degree at most 2$^{{2^{[${log}_2$}n]}}$ using [${log}_2$+1 consecutive outputs.

Gröbner Basis Attacks on Lightweight RFID Authentication Protocols

  • Han, Dae-Wan
    • Journal of Information Processing Systems
    • /
    • v.7 no.4
    • /
    • pp.691-706
    • /
    • 2011
  • Since security and privacy problems in RFID systems have attracted much attention, numerous RFID authentication protocols have been suggested. One of the various design approaches is to use light-weight logics such as bitwise Boolean operations and addition modulo $2^m$ between m-bits words. Because these operations can be implemented in a small chip area, that is the major requirement in RFID protocols, a series of protocols have been suggested conforming to this approach. In this paper, we present new attacks on these lightweight RFID authentication protocols by using the Gr$\ddot{o}$bner basis. Our attacks are superior to previous ones for the following reasons: since we do not use the specific characteristics of target protocols, they are generally applicable to various ones. Furthermore, they are so powerful that we can recover almost all secret information of the protocols. For concrete examples, we show that almost all secret variables of six RFID protocols, LMAP, $M^2AP$, EMAP, SASI, Lo et al.'s protocol, and Lee et al.'s protocol, can be recovered within a few seconds on a single PC.

Performance Study of genus 3 Hyperelliptic Curve Cryptosystem

  • Gupta, Daya;De, Asok;Chatterjee, Kakali
    • Journal of Information Processing Systems
    • /
    • v.8 no.1
    • /
    • pp.145-158
    • /
    • 2012
  • Hyperelliptic Curve Cryptosystem (HECC) is well suited for all kinds of embedded processor architectures, where resources such as storage, time, or power are constrained due to short operand sizes. We can construct genus 3 HECC on 54-bit finite fields in order to achieve the same security level as 160-bit ECC or 1024-bit RSA due to the algebraic structure of Hyperelliptic Curve. This paper explores various possible attacks to the discrete logarithm in the Jacobian of a Hyperelliptic Curve (HEC) and addition and doubling of the divisor using explicit formula to speed up the scalar multiplication. Our aim is to develop a cryptosystem that can sign and authenticate documents and encrypt / decrypt messages efficiently for constrained devices in wireless networks. The performance of our proposed cryptosystem is comparable with that of ECC and the security analysis shows that it can resist the major attacks in wireless networks.

A Public Key Encryption Scheme Using Algebraic-Geometry Codes (대수기하 부호를 이용한 공개키 암호)

  • Lee Jung-Keun;Kim Jaeheon;Park Sangwoo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.6
    • /
    • pp.119-125
    • /
    • 2005
  • We propose a new code-based publick key encryption scheme. It is obtained by modifying the Augot and Finiasz scheme proposed at Eurocrypt 2003. We replace the Reed-Solomon codes with general algebraic-geometry codes and employ Guruswami-Sudan decoding algorithm for decryption. The scheme is secure against Colon's attack or Kiayias and Yung's attack to which the Augot and Finiasz scheme is vulnerable. Considering basic attacks aprlied to the Augot and Finiasz scheme, we claim that the proposed scheme provides similar security levels as the Augot and Finiasz scheme was claimed to provide for given key lengths.

An Efficient Post-Quantum Signature Scheme Based on Multivariate-Quadratic Equations with Shorter Secret Keys (양자컴퓨터에 안전한 짧은 비밀키를 갖는 효율적인 다변수 이차식 기반 전자서명 알고리즘 설계)

  • Kyung-Ah Shim
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.33 no.2
    • /
    • pp.211-222
    • /
    • 2023
  • Multivariate quadratic equations (MQ)-based public-key cryptographic algorithms are one of promising post-quantumreplacements for currently used public-key cryptography. After selecting to NIST Post-Quantum Cryptography StandardizationRound 3 as one of digital signature finalists, Rainbow was cryptanalyzed by advanced algebraic attacks due to its multiple layered structure. The researches on MQ-based schemes are focusing on UOV with a single layer. In this paper, we propose a new MQ-signature scheme based on UOV using the combinations of the special structure of linear equations, spare polynomials and random polynomials to reduce the secret key size. Our scheme uses the block inversion method using half-sized blockmatrices to improve signing performance. We then provide security analysis, suggest secure parameters at three security levels and investigate their key sizes and signature sizes. Our scheme has the shortest signature length among post-quantumsignature schemes based on other hard problems and its secret key size is reduced by up to 97% compared to UOV.