Design, Implementation and Cryptanalysis of Modern Symmetric Ciphers

Henricksen, Matthew (2005) Design, Implementation and Cryptanalysis of Modern Symmetric Ciphers. PhD thesis, Queensland University of Technology.


The main objective of this thesis is to examine the trade-offs between security and

efficiency within symmetric ciphers. This includes the influence that block ciphers

have on the new generation of word-based stream ciphers. By incorporating

block-cipher like components into their designs, word-based stream ciphers have

experienced hundreds-fold improvement in speed over bit-based stream ciphers,

without any observable security degradation. The thesis also emphasizes the importance of keying issues in block and stream ciphers, showing that by reusing components of the principal cipher algorithm in the keying algorithm, security

can be enhanced without loss of key-agility or expanding footprint in software memory.

Firstly, modern block ciphers from four recent cipher competitions are surveyed and categorized according to criteria that includes the high-level structure of the block cipher, the method in which non-linearity is instilled into each round, and the strength of the key schedule. In assessing the last criterion, a classification

by Carter [45] is adopted and modified to improve its consistency.

The classification is used to demonstrate that the key schedule of the Advanced Encryption Standard (AES) [62] is surprisingly flimsy for a national standard. The claim is supported with statistical evidence that shows the key schedule suffers from bit leakage and lacks sufficient diffusion. The thesis contains a replacement key schedule that reuses components from the cipher algorithm, leveraging existing analysis to improve security, and reducing the cipher's implementation footprint while maintaining key agility. The key schedule is analyzed from the perspective of an efficiency-security tradeoff, showing that the new schedule rectifies an imbalance towards e±ciency present in the original.

The thesis contains a discussion of the evolution of stream ciphers, focusing on

the migration from bit-based to word-based stream ciphers, from which follows a commensurate improvement in design flexibility and software performance. It examines the influence that block ciphers, and in particular the AES, have had upon the development of word-based stream ciphers. The thesis includes a concise literature review of recent styles of cryptanalytic attack upon stream ciphers.

Also, claims are refuted that one prominent word-based stream cipher, RC4, suffers from a bias in the first byte of each keystream.

The thesis presents a divide and conquer attack against Alpha1, an irregularly clocked bit-based stream cipher with a 128-bit state. The dominating aspect of the divide and conquer attack is a correlation attack on the longest register. The internal state of the remaining registers is determined by utilizing biases in the clocking taps and launching a guess and determine attack. The overall complexity of the attack is 261 operations with text requirements of 35,000 bits and memory requirements of 2 29.8 bits.

MUGI is a 64-bit word-based cipher with a large Non-linear Feedback Shift Register (NLFSR) and an additional non-linear state. In standard benchmarks, MUGI appears to su®er from poor key agility because it is implemented on an

architecture for which it is not designed, and because its NLFSR is too large relative to the size of its master key. An unusual feature of its key initialization algorithm is described. A variant of MUGI, entitled MUGI-M, is proposed to

enhance key agility, ostensibly without any loss of security.

The thesis presents a new word-based stream cipher called Dragon. This cipher uses a large internal NLFSR in conjunction with a non-linear filter to produce 64 bits of keystream in one round. The non-linear filter looks very

much like the round function of a typical modern block cipher. Dragon has a native word size of 32 bits, and uses very simple operations, including addition, exclusive-or and s-boxes. Together these ensure high performance on modern day processors such as the Intel Pentium family.

Finally, a set of guidelines is provided for designing and implementing symmetric ciphers on modern processors, using the Intel Pentium 4 as a case study. Particular attention is given to understanding the architecture of the processor,

including features such as its register set and size, the throughput and latencies of its instruction set, and the memory layouts and speeds. General optimization rules are given, including how to choose fast primitives for use within the cipher. The thesis describes design decisions that were made for the Dragon cipher with respect to implementation on the Intel Pentium 4.

Block Ciphers, Word-based Stream Ciphers, Cipher Design, Cipher Implementa-

tion, -

Impact and interest:

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

Full-text downloads:

3,885 since deposited on 03 Dec 2008
156 in the past twelve months

Full-text downloads displays the total number of times this work’s files (e.g., a PDF) have been downloaded from QUT ePrints as well as the number of downloads in the previous 365 days. The count includes downloads for all files if a work has more than one.

ID Code: 16055
Item Type: QUT Thesis (PhD)
Supervisor: Dawson, Edward, Millan, William, & Simpson, Leonie
Keywords: Block Ciphers, Word-based Stream Ciphers, Cipher Design, Cipher Implementation, Cryptanalysis, Key Schedule Classifcation, Key Agility, Advanced Encryption Standard, RC4, Alpha1, MUGI, Dragon, Correlation Attacks, Divide and Conquer Attacks, Intel Pentium 4
Divisions: Past > QUT Faculties & Divisions > Faculty of Science and Technology
Past > Institutes > Information Security Institute
Department: Faculty of Information Technology
Institution: Queensland University of Technology
Copyright Owner: Copyright Matthew Henricksen
Deposited On: 03 Dec 2008 03:55
Last Modified: 28 Oct 2011 19:42

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page