Professional Documents
Culture Documents
Stream
Stream
Ex-or Ex-or
EX-Or Operation
0 0 0
0 1 1
1 0 1
1 1 0
Examples
Encryption
Plaintext = 1 0 1 0 1 1 0 1
Key = 0 1 0 1 0 1 0 1 Ex-Or
Cipher text =11111000
Decryption
Cipher text =11111000
Key = 0 1 0 1 0 1 0 1 Ex-Or
Plaintext = 1 0 1 0 1 1 0 1
One-Time Pad
• Provably secure
– Key generated independently and randomly
– Key as long as the plain text
C1i = M1i ⊕ Ki
C2i = M2i ⊕ Ki
C1i ⊕ C2i = M1i ⊕ Ki ⊕ M2i ⊕ Ki = M1i ⊕ M2i
Pseudo Random Generators (PRG)
• Compromise to computationally secure
– Instead of random, use pseudo
random sequence based on a short
key
– the generated stream must be:
• statistically random
(knowing part of seq not enough to
break)
PRG from a counter
PRG may be controlled
just by key influencing :
- Next-state function
(output feedback
mode)
- Output function
- (counter mode)
PRG output
feedback mode
PRG maybe controlled both by
data and key :
– output function
(cipher feedback mode)
Example : Pascal Source Code
1. Uses Crt;
2. Var
3. J, I, K : integer ;
4. Begin
5. Clrscr;
6. for J := 1 to 10 do
7. begin
8. randseed := j ;
9. writeln(‘Random seed = ‘ , randseed);
10. for I := 1 to 10 do
11. begin
12. x := random(100);
13. write(x, ‘ ‘);
14. end;
15. writeln;
16. end;
17. readln;
18. End.
The Output
• Random seed = 1
3 86 20 27 67 31 16 37 42 8
• Random seed = 2
6 69 54 34 7 96 0 58 47 73
• Random seed = 3
9 52 88 41 46 61 84 79 53 39
• Random seed = 4
12 35 22 48 86 25 69 0 58 5
• Random seed = 5
15 17 56 55 26 90 53 21 63 70
• Random seed = 6
18 0 91 62 66 55 37 42 69 36
• Random seed = 7
21 83 25 69 6 20 22 63 74 2
• Random seed = 8
25 66 59 76 46 84 6 84 79 67
• Random seed = 9
28 49 93 83 86 49 90 5 85 33
• Random seed = 10
31 32 27 90 26 14 74 26 90 98
Synchronous Stream Ciphers
• Keystream generated independently of plaintext and of ciphertext
si pi si ci
si+1 si+1
f f
zi zi
k g h ci k g h-1 pi
Synchronous Stream Ciphers
– Both sender and receiver must be synchronized using
same key and operating at the same position
• If synchonization is lost due to inserted or deleted
ciphertext, decryption fails
• No error propagation: A modified ciphertext during
transmission does not affect the decryption of
other ciphertext digits.
…
mi
zi
k g h ci
General SC Criteria
• Long period with no repetitions
• Statistically random
• Large linear complexity (based on size of
equiv LFSR)
• Correlation immunity (have tradeoff with
linear complexity)
• Confusion (output bits depend on all key bits)
• Diffusion
• Use of highly non-linear Boolean functions
Linear Feedback Shift Registers (LFSR)
....
bn b n-1 .... b4 b3 b2 b1
Feedback Function
Example LFSR 4 bits
State Bit 4 Bit 3 Bit 2 Bit 1
(MSB) (LSB)
1 1 1 1 1
Initialization = 1111 2
3
0
1
1
0
1
1
1
4 0 1 0 1
5 1 0 1 0
b4 b3 b2 b1 Output Bit 6 1 1 0 1
7 0 1 1 0
8 0 0 1 1
9 1 0 0 1
10 0 1 0 0
11 0 0 1 0
12 0 0 0 1
13 1 0 0 0
14 1 1 0 0
15 1 1 1 0
LFSRs (cont’d)
LFSR-L2 Nonlinear
Combiner output
Function
F
LFSR-Ln
RC4
256 byte
S-box
Generate
Pseudorandom byte
(Byte)
Ex-Or (Byte)
Plaintext / Ciphertext /
Ciphertext Plaintext
Encrypt / Decrypt
Ciphering Phase
1 [Define of array state]
S[0], S[1], ..., S[255].
2 [Initializing state array, each elemen of array is assign with index
number]
S[0] = 0; S[1] = 1; ...; S[255] = 255;
3 [Initializing key array, each elemen of array is assagn with the key].
S2[0] = K[0]; S2[1] = K[1]; ...
4 [Mixing process].
J = 0;
RC-4
REPEAT THRU STEP 4 FOR i = 0 TO 255
j = (j + S[i] + S2[i]) % 256;
temp = S[i];
Message CRC
XOR
Keystream = RC(IV,k)
IV Cipher Text
A5 Algorithm
• Stream cipher used to encrypt GSM phones
• Has several variants (A5, A5/1, A5/2)
• A5/1 uses 3 LFSRs of 19, 22 and 23 bits using
sparse feedback polys
– all have been broken (A5/2 in Aug99, A5/1 in Apr
2000) - basic attack has complexity 240
– guess state of LFSRs 1 & 2, try to determine 3
from keystream
– real problem is registers are too small & feedback
polys are sparse
End of Presentations