|
|
Security Proofs in Symmetric Cryptography
Švarcová, Marie ; Rudolf, Bohuslav (advisor) ; Hlaváč, Martin (referee)
In the present work we investigate into security proofs techniques in symmetric cryptography with aim at authenticated encryption schemes. The results of this area are in each chapter shown and proven. We begin with studying security notions of symmetric cryptography and relations among them. Then we analyze security of authenticated encryption schemes designed by generic composition and introduce keyed hash functions and the NMAC scheme. The last topic we study is an authenticated encryption with associated data. Finally, we describe presented proofs generally and unify the methods used.
|
|
|
Advanced methods of Linear Cryptanalysis
Říha, Jan ; Rudolf, Bohuslav (advisor) ; Hojsík, Michal (referee)
In the present work we study advanced methods of linear cryptanalysis. At the beginning, we describe the principle of Matsui's linear cryptanalysis, the two basic algorithms - Algorithm 1 and Algorithm 2, against DES cipher. Further it is described a generalization of linear cryptanalysis and consequently partitioning and statistical cryptanalysis. Then it is followed by a look on the linear approximations over the correlation matrices. Furthermore, we study an improvement of Matsui's Algorithm 2 using Fast Fourier transform, based on circulant matrices theory. Finally we deal multidimensional linear cryptanalysis that uses multiple linear approximations and in the very end we propose an own design of improvement of multidimensional extension of Algorithm 2 by using Fast Fourier transform.
|
|
|
Attacks against bit-oriented stream ciphers with LFSRs
Jureček, Martin ; Rudolf, Bohuslav (advisor) ; Hojsík, Michal (referee)
In this work we study cryptanalysis one of the most current stream ciphers A5/1. The cipher is used to provide mobile communication privacy in the GSM cellular telephone standard. An essential element of the cipher A5/1 is LFSR( Linear feedback shift register) which is used in stream ciphers because it produces a sequence of bits with high periodicity, has good statistical properties and is easily analyzed using various algebraic methods. At work, we describe and implement three known-plaintext attacks on the cipher. The first two attacks are of the type Guess and Determine and the last one is correlation attack. The focus of the work is cryptanalysis by Golić, which assumes only 64 bits of plaintext. The character of implementation allows to split the work and use parallel-computing, making it possible to use the program in practice. At the end of the work we devote to correlation attack, that is considerably faster, but it assumes knowledge of the relatively large amount of plaintext.
|
|
|
One-Pass Authenticated Encryption
Homer, Miloslav ; Rudolf, Bohuslav (advisor) ; Hajný, Jan (referee)
The topic of this thesis are mask based one-pass authenticated encryption schemes with associated data. Formal security requirements (AUTH and PRIV), scheme requirements as well as mask system requirements are specified. The- orems regarding fulfillment of security requirements are proven given specified scheme assumptions. The proof utilizes the game-hopping technique. The the- sis contains enumeration of masking systems as well as a selection of schemes with verification that requirements are fulfilled. Last but not least, this thesis presents an attack on the OPP scheme. Recommendation on fixing this scheme is also provided. 1
|
|
|
Concrete Security of the IPSec Protocol
Švarcová, Marie ; Rudolf, Bohuslav (advisor) ; Joščák, Daniel (referee)
The main goal of this thesis is to articulate and to prove security properties of the key exchange protocol IKE, through which the IPSec protocol establishes agreement on keys used for securing internet traffic. It also covers the description of differences between asymptotic and concrete security treatments and the notions of key exchange security and the security of underlying primitives used by key exchange protocols, in the context of concrete security. A general description of IPSec and its main functionalities follows, accompanied by detailed descriptions of both versions of IKE (IKEv1, IKEv2). A general introduction to key exchange is also included and a representative of signature-based version of IKE is introduced and its security is analysed. Powered by TCPDF (www.tcpdf.org)
|
|
|
Attacks against bit-oriented stream ciphers with LFSRs
Jureček, Martin ; Rudolf, Bohuslav (advisor) ; Hojsík, Michal (referee)
In this work we study cryptanalysis one of the most current stream ciphers A5/1. The cipher is used to provide mobile communication privacy in the GSM cellular telephone standard. An essential element of the cipher A5/1 is LFSR( Linear feedback shift register) which is used in stream ciphers because it produces a sequence of bits with high periodicity, has good statistical properties and is easily analyzed using various algebraic methods. At work, we describe and implement three known-plaintext attacks on the cipher. The first two attacks are of the type Guess and Determine and the last one is correlation attack. The focus of the work is cryptanalysis by Golić, which assumes only 64 bits of plaintext. The character of implementation allows to split the work and use parallel-computing, making it possible to use the program in practice. At the end of the work we devote to correlation attack, that is considerably faster, but it assumes knowledge of the relatively large amount of plaintext.
|
|
|
Advanced methods of Linear Cryptanalysis
Říha, Jan ; Rudolf, Bohuslav (advisor) ; Hojsík, Michal (referee)
In the present work we study advanced methods of linear cryptanalysis. At the beginning, we describe the principle of Matsui's linear cryptanalysis, the two basic algorithms - Algorithm 1 and Algorithm 2, against DES cipher. Further it is described a generalization of linear cryptanalysis and consequently partitioning and statistical cryptanalysis. Then it is followed by a look on the linear approximations over the correlation matrices. Furthermore, we study an improvement of Matsui's Algorithm 2 using Fast Fourier transform, based on circulant matrices theory. Finally we deal multidimensional linear cryptanalysis that uses multiple linear approximations and in the very end we propose an own design of improvement of multidimensional extension of Algorithm 2 by using Fast Fourier transform.
|
|
|
Trustworthiness (credibility) of provably secure cryptography
Barczi, Rudolf ; Rudolf, Bohuslav (advisor) ; Joščák, Daniel (referee)
In the present work we study provable security in the random oracle model and the standard model using the OAEP cryptosystem as an example. We begin with general introduction to public-key cryptography. In the next chapter we trace the evolution of RSA-OAEP cryptosystem security proofs in the random oracle model from the original controversial proof of security from 1994 to the correct and technically challenging one from 2004. The third chapter is dedicated to the selected problematic aspects of RSA-OAEP practical security. The goal of the extensive fourth chapter is to present some of the most recent results regarding the security of RSA-OAEP in the standard model. The rst result from 2009 shows the fundamental impossibility of security proof construction in the sense of CCA2. The result from 2006, despite being positive (weak non-malleability of fully-instantiated OAEP), is of an arguable signi cance. In the end we mention some comments on the state-of-the-art provable security of RSA-OAEP.
|
|
|
Security Proofs in Symmetric Cryptography
Švarcová, Marie ; Hlaváč, Martin (referee) ; Rudolf, Bohuslav (advisor)
In the present work we investigate into security proofs techniques in symmetric cryptography with aim at authenticated encryption schemes. The results of this area are in each chapter shown and proven. We begin with studying security notions of symmetric cryptography and relations among them. Then we analyze security of authenticated encryption schemes designed by generic composition and introduce keyed hash functions and the NMAC scheme. The last topic we study is an authenticated encryption with associated data. Finally, we describe presented proofs generally and unify the methods used.
|
guest ::
RSS feed.