Professional Documents
Culture Documents
Assign 1
Assign 1
Introduction to Cryptography
Submitted To Submitted By
Dr. Surbhi Chhabra Chitraksh Gupta
Institute of Engineering and 2021Btech063
Technology
Table Of Contents
Introduction...........................................................................................................................................3
Frequency Test.......................................................................................................................................5
Bit-Independence Tests.........................................................................................................................6
Avalanche Effect (AE).........................................................................................................................6
Completeness...................................................................................................................................8
Bitwise-Uncorrelation Tests (BUCT).......................................................................................................9
Frequency Test...................................................................................................................................9
Runs Test..........................................................................................................................................10
Poker Test........................................................................................................................................11
Hardware Security...............................................................................................................................12
Physical Unclonable Functions (PUFs)..............................................................................................12
Side-Channel Analysis (SCA)............................................................................................................13
Introduction
In this modern era, cyber threats are becoming increasingly prevalent, and data
breaches are also on the rise. However, the field of cryptography is continuously
evolving to ensure data confidentiality, integrity, and authenticity. It's necessary
to understand the metrics and properties that define their security.
This article includes the minimum requirements for keys that should be
fulfilled, or we can say key security metrics, from encryption strength to
algorithm efficiency in modern cryptography. Before creating a key or key
algorithm, certain key metrics must always be fulfilled to ensure better security
that is difficult to break.
Modern encryption algorithms depends significantly on key scheduling
algorithms, whose security is just as important as the encryption algorithms'
own. Numerous research have been conducted on the cryptographic strength
assessment of encryption algorithms; however, the strength assessment of key
scheduling algorithms frequently receives less attention, which may indicate a
potential vulnerability in the encryption process as a whole.
The objective of the frequency test is to assess whether the distribution of zeros
and ones in randomly generated data is approximately balanced, with each
occurring roughly half of the time. Specifically, this test is applied to the
subkeys produced by a Key Scheduling Algorithm
If the counts of ones and zeros in these subkeys is not almost same the n the
randomness criterion is not met which reselts to be not good ksa .
k 0 −k 1
z=
n
One of the essential critical evaluation metrics/criteria for designing a key that
involves bit independency tests whose primary goal is to evaluate and take care
of the bit confusion and diffusion properties; this property ensures that the
secret key and generated keys are intricate, guaranteeing that a modification in a
single bit of the private key will affect all bits of the subkeys. The objective of
these properties within the KSA is to enhance the cypher's resilience against
statistical and cryptanalysis attacks, such as related-key attacks and slide
attacks.
In this context, the avalanche effect can be quantified by measuring the extent
of change in the output of the Boolean function f when a single bit in the input
is flipped. More formally, let x and x′ be two n-bit input strings that differ only
in one bit position. Then, the avalanche effect can be defined as:
m
1
f = ∑ ¿ f ( x)i−f ( x ' )i ∨¿
m i=1
f(x)i represents the i-th bit of the output of f for input x.
f(x′)i represents the i-th bit of the output of f for input x′.
∣⋅∣ denotes the absolute value.
The sum is taken over all m bits of the output of the Boolean function f.
The average is computed by dividing the sum by m, the total number of
output bits.
This formula captures the average proportion of output bits that differ between
the outputs of f for inputs x and x′, providing a quantitative measure of the
avalanche effect of the Boolean function f. A higher value indicates a stronger
avalanche effect, implying that small changes in the input propagate widely
throughout the output.
Example:
Input Key: 1010101010101010
Output Key: 1100101001000010
Changing the first bit of the input key results in 9 out of 16 bits changing
in the output key, indicating a good avalanche effect.
2. Completeness
Completeness refers to the degree to which a change in the secret key
propagates through the subkeys.
|S ( K ) Δ S ( K ' )|
Completeness ( C )=
|S ( K )|
C represents completeness.
S(K) and S(K′) are the sets of subkeys generated from the original key K
and the modified key K′, respectively.
∣S(K)ΔS(K′)∣ denotes the size of the symmetric difference between the
sets of subkeys generated from K and K′. This represents the number of
subkey bits that differ between the two sets.
∣S(K)∣ represents the total number of subkey bits generated from the
original key K.
This formula computes the ratio of the number of altered subkey bits to the total
number of subkey bits generated from the original key. A completeness value
close to 1 indicates that a change in a single bit of the secret key significantly
impacts a large proportion of the subkeys, reflecting a high level of
completeness in the key scheduling algorithm.
Example: In a cryptographic algorithm, each output bit depends on all input
bits. For instance, if changing any input bit affects all output bits, the
completeness requirement is satisfied.
Bitwise-Uncorrelation Tests (BUCT)
Frequency Test
This metric quantifies the degree of correlation between the bits of subkeys. A
correlation coefficient close to zero indicates low correlation, which is desirable
for cryptographic strength. It involves performing XOR operations between all
possible combinations of bits within subkeys and analyzing the resulting
sequences
To illustrate the connection between each bit of Ki and Kj, conduct XOR
operations on all potential combinations of their respective bits. Then, combine
the resulting bit strings through concatenation to form the necessary sequence,
as detailed below:
Key1: 10101100
Key2: 11001010
XOR Result: 01100110
In the XORed sequence, if there are 4 occurrences of 1s and 4
occurrences of 0s, it meets the frequency test requirement.
Runs Test
The runs test evaluates the presence of consecutive sequences (runs) of identical
bits within a key sequence. It examines the distribution of run lengths to
determine if the sequence displays randomness or exhibits patterns. Deviations
from expected run lengths can indicate potential vulnerabilities to cryptographic
attacks, highlighting the importance of assessing the unpredictability of key
sequences.
The poker test partitions the key sequence into blocks and treats each block as a
poker hand. By analyzing the distribution of different types of poker hands
within these blocks, it assesses the entropy and randomness of the sequence. A
uniform distribution of poker hands across blocks indicates randomness,
whereas skewed distributions suggest biases or non-randomness. This test
provides further insights into the cryptographic strength of key sequences by
examining their diversity and uniformity.
Till now we have discussed various methods but these methods are generally
use in the software level but we also want to know about hardware , so now we
are discussing Security Metrics for hardware security and it uses in various
devices such as IOT