Weak key analysis for chaotic cipher based on randomness properties
|
|
- Roberta Spencer
- 6 years ago
- Views:
Transcription
1 . RESEARCH PAPER. SCIENCE CHINA Information Sciences May 01 Vol. 55 No. 5: doi: /s x Weak key analysis for chaotic cipher based on randomness properties YIN RuMing, WANG Jian, YUAN Jian, SHAN XiuMing & WANG XiQin Department of Electronic Engineering, Tsinghua University, Beijing , China Received January 14, 010; accepted July 1, 010; published online February 8, 01 Abstract Weak key analysis is a key issue in the design of chaotic ciphers. While most of the existing research focusing on the degradation of the chaotic sequences which causes weak keys, we point out that the parameters for which the chaotic sequences do not degrade are still possible to be weak keys. In this paper, we propose a new approach based on the rigorous statistical test to improve the weak key analysis. The weak keys of a specific chaotic cipher are investigated by using our method and a large number of new weak keys are detected. These results verify that our method is more effective. On the other hand, although statistical tests are now widely adopted to test the chaos-based bit sequences, there are few reports of analysis results on the weak keys or weak sequences of chaotic cipher. Thus our work may be helpful for current research on statistical tests of chaotic cipher. Keywords chaos, cryptography, statistical test, weak keys, sequence randomness Citation Yin R M, Wang J, Yuan J, et al. Weak key analysis for chaotic cipher based on randomness properties. Sci China Inf Sci, 01, 55: , doi: /s x 1 Introduction Chaos is characterized by sensitive dependence on initial conditions and parameters. By selecting the parameters as the keys, chaos can be used to design cryptosystem [1 3]. In cryptosystem, the plaintexts are transformed into the ciphertexts under the control of the secret keys. For enhanced security, the cryptosystem should be very sensitive to the keys, which makes it difficult to determine the encryption transformation without the right keys. Weak key analysis is a key issue in the design of chaotic ciphers [3 8]. Generally a key is considered weak if it is relatively easy to break the cipher with this key in comparison with some other keys [9]. The strength of chaotic cipher is usually determined by the properties of the sequence generated by the cipher. The period of chaotic sequence is extremely short with some parameters, which cause weak keys [10]. These kinds of weak keys were investigated in [3, 8]. On the other hand, the parameters with which chaotic sequence has a very long period can still be weak. In most chaotic ciphers, the chaotic sequence is transformed to bit sequence to encrypt the plaintext. The strength of the cipher is thus determined by the properties of the bit sequence. While the chaotic sequence has good properties, the produced bit sequence can be far from random and thus cause weak keys [11, 1]. To avoid this kind of weak keys, Corresponding author ( jyuan@tsinghua.edu.cn) c Science China Press and Springer-Verlag Berlin Heidelberg 01 info.scichina.com
2 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No statistical tests can be used to analyze the bit sequence. There have been some research papers on using statistical tests to investigate the properties of chaotic bit sequence. However some problems still exist. Some statistical tests used in chaotic cipher design are not rigorous such that they can not effectively detect the weak keys, e.g., the correlation function between bit sequences and the tests specified in FIPS 140- [1 16]. The correlation function is just an intuitive measure of the randomness of the bit sequence and the tests specified in FIPS 140- have not been recommended for use [17]. Recently some rigorous tests, e.g., the NIST statistical tests, have been used to ensure the good randomness properties of chaotic bit sequence [11, 18]. However, there are few reports on using these rigorous tests to detect the weak keys or weak sequences of chaotic cipher [11]. In this paper, we propose a new approach to improve the weak key analysis of chaotic ciphers. Our new approach uses the rigorous statistical tests to detect the weak randomness of chaotic bit sequence and thus the weak keys of chaotic ciphers. The weak keys of a specific chaotic cipher are investigated by using our method. We find a large number of new weak keys and carefully analyze the reasons that these weak keys are caused. These results verify that our new method is more effective in comparison with the existing method, which is based on analyzing the properties of chaotic sequence. On the other hand, since there are few research reports on using the rigorous tests to analyze the weak keys of chaotic ciphers, our work may also be helpful for current research on statistical tests of chaotic ciphers. The rests of our papers are organized as follows. Section first briefly describes the existing weak keys analysis and then proposes our new approach. Section 3 investigates the weak keys of a specific chaotic cipher by using our method. In section 4, we discuss the current research on statistical tests of chaotic ciphers and highlight the importance of rigorous statistical tests in chaotic cipher design. Section 5 concludes the paper. A new approach to analyze the weak keys.1 Existing method For chaotic systems, some given parameter originates very short periodic orbits. These parameters may cause weak keys [5]. Alvarez et al. investigate these kinds of weak keys of chaotic ciphers and provide two suggestions to avoid the weak keys [3]. The first suggestion is to avoid using the parameters which give rise to the short periodic windows. As a second suggestion, it is preferred to select the chaotic map for which all parameter values can retain complete chaoticity. A simple map satisfying this expectation is the skew tent map.. New weak key analysis The existing method can avoid some obvious weak keys of chaotic ciphers. However some potential weak keys may still exist. In most chaotic ciphers, the chaotic sequence is transformed to bit sequence to encrypt the plaintext. The strength of the cipher is thus determined by the properties of the bit sequence. While the chaotic sequence has good properties, the produced bit sequence can be far from random and thus cause weak keys [11, 1]. In this paper, we propose a new approach based on the rigorous statistical test to improve the weak key analysis. For a specific key of chaotic cipher, we test the randomness of the produced bit sequence by using statistical tests. If the bit sequence is far from random, then the corresponding key is considered to be weak. After finding the weak keys, we can theoretically analyze the reasons that these weak keys are produced and propose some methods to avoid the weak keys. In statistical tests, some predefined randomness statistics are first computed and then compared with their theoretical distributions. If a systematic deviation is observed, the sequence is assumed to nonrandom. For enhanced security, the sequence produced by chaotic ciphers must pass the statistical tests. The statistical tests play a very important role in the modern stream cipher design. They are adopted to evaluate the candidate algorithms of the famous AES (advanced encryption standard) and the estream project [19 1]. To avoid missing the potential weak keys, we should select rigorous statistical tests. In
3 1164 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No. 5 this paper, we choose the NIST tests suite which is widely used in cipher design []. The NIST tests suite requires m sequences successively produced by the cipher, each of which consists of n bits. For each sequence, a test result P -value is obtained. Thus we can get m P-values corresponding to all the m sequences. With these mp-values, two approaches can be adopted to determine whether or not the sequences finally pass the test. The first one is to calculate the proportion of sequences passing the test, which is denoted by Proportion. Assume that the significance level is α. A sequence is considered to pass the test when P -value> α. Then if Proportion> T, the sequences finally pass the test. Where T is a threshold value, which is determined by the significance level α and the number of sequence m. Inthis paper, we select α =0.01, m=100, then T = The second approach is to examine the distribution of P -values to obtain a new test result P -value T.IfP -value T >0.0001, then the sequences are considered to finally pass the test. The NIST tests suite consists of fifteen effective tests. For compactness, we just list the results of the following four tests: frequency test, frequency test within a block, runs test and test for the longest run of ones in a block. In fact, we have used all the fifteen tests to examine the randomness of binary sequences produced by chaotic ciphers in this paper. The results show that the above four tests can represent the total fifteen tests. That is to say, on one hand, if the sequence can not pass these four tests, it can not pass most of other tests either. On the other hand, the sequence passing these four tests can pass all the other eleven tests. 3 Weak key analysis of a specific chaotic cipher In this section, the weak keys of a specific chaotic cipher are investigated by using our method. We find a large number of new weak keys, which were not detected by using the original lax tests. These results verify that our method is more effective. We also make some improvements to the cipher to avoid the new weak keys. 3.1 The chaotic pseudorandom sequence generator This section briefly describes the pseudorandom sequence generator to be analyzed, which was proposed in [13]. This generator consists of three parts: the discretized piecewise linear chaotic map, module addition and bit extraction scheme. Here we briefly describe these three parts respectively. For more details, the reader is referred to [13]. The original piecewise linear chaotic map is defined as x(k)/p, 0 x(k) <p; (x(k) p)/(0.5 p), p x(k) < 0.5; x(k +1)=f(x(k),p)= (1 p x(k))/(0.5 p), 0.5 x(k) < 1 p; (1 x(k))/p, 1 p x(k) < 1; where the parameter p (0, 0.5) and the initial value x(0) [0, 1]. By discretizing this map, we obtain the discretized map as follows: n0 X(k), 0 X(k) <P; P n0 (X(k) P ) n0 1, P X(k) < n0 1 ; P X(k +1)=F (X(k),P)= () n0 ( n0 X(k) P ) n0 1, n0 1 x(k) < n0 P ; P n0 ( n0 X(k)), n0 P x(k) < n0 ; P where x denotes the floor of x, X(k) [0, n0 1] is the discretized state. P is the discretized parameter satisfying P (0, n0 1 ), n 0 = 3 denotes the computer word length. The relationships between the (1)
4 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No discretized parameters X(k), P and the original continuous parameters x(k), p are as follows: x(k) = X(k), p = P. (3) n0 n0 1 In the generator, two different discretized chaotic maps are adopted to generate two different state variables X 1 (k) andx (k). The initial conditions of these two discretized maps are denoted by X 1 (0) and X (0), the parameters are denoted by P 1 and P respectively. Then X 1 (k) andx (k) are added module n0 to obtain Y (k): Y (k) =(X 1 (k)+x (k)) mod n0. (4) Finally several bits are extracted from the integer Y (k) according to the following equation, which means that the l = 4 most significant bits and l = 4 least significant bits in Y (k) are discarded. S(k) =b l b l+1 b n0 l 1, if Y (k) =b 0 b 1 b n0 1. (5) The keys of the generator are composed of the initial values and the control parameters, i.e., [P 1 P X 1 (0) X (0)]. The discretized chaotic maps in the generator make it difficult to theoretically analyze the weak keys. To facilitate the analysis of weak keys, we give a generator with the continuous chaotic maps, which is equivalent to the original generator. The equivalent generator with the continuous chaotic maps is shown in Figure 1. In the figure, f(x, p) is the original piecewise linear chaotic map. The bit extraction scheme is as follows: S(k) =b l b l+1 b n0 l 1, if y(k) =0.b 0 b 1 b n0 1. (6) In the following descriptions, to avoid confusion, we call x(0) and p the continuous key parameters. X(0) and P are called the discretized key parameters. 3. Weak key analysis of the generator The generator proposed in [13] has two kinds of weak keys. One kind of weak keys is generated because of the strong correlation between consecutive bits, and the other kind is due to the extremely short period length of the chaotic sequence. In the following section, we analyze these two kinds of weak keys respectively Weak keys due to strong correlation between consecutive bits With some selected keys, the bit sequences produced by the generator have been tested in [13]. The results show that the produced binary sequence has good randomness properties. However by using our method to test the sequence, we find that the keys with which the bit sequence is proved to be of good randomness are weak keys. By further analysis, we find a large number of similar weak keys, which are due to the strong correlation between consecutive bits. We make some improvements to the cipher to avoid these weak keys. The bit sequence of the chaotic generator is tested by using the NIST tests suite. The results are shown in Table 1. In the tables * denotes that the sequence has failed the corresponding test. The keys are chosen as [P 1 P X 1 (0) X (0)] = [ ], which are the original test parameters adopted in [13]. The corresponding continuous key parameters are p 1 p Our test results in the table show that the sequence with these parameters fail to pass most of the NIST tests. Therefore these parameters are weak keys. We theoretically analyze the cause of the weak keys with the continuous equivalent generator shown in Figure 1. The continuous key parameters adopted in Table 1 are p 1 p ,which 3 are close to zero. In this case the continuous piecewise linear map is very close to the standard tent map, which can be formulated as follows. Therefore, to facilitate analysis, we can use the tent map to theoretically investigate the weak keys of the generator. { x(k), 0 x(k) < 0.5; x(k +1)=f tent (x(k)) = (1 x(k)), 0.5 x(k) < 1. (7)
5 1166 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No. 5 Figure 1 The equivalent generator with the continuous chaotic maps. Table 1 The test results for the generator with the parameters [ ] Test name Proportion P -value T Frequency Block-Frequency * Runs * * Longest-Run * * denotes that the sequence has failed the corresponding test. For the continuous equivalent generator, assume that the two state variables at time k are x 1 (k) and x (k), then x 1 (k) andx (k) are added module 1 to obtain y(k) =x 1 (k) +x (k) mod1. Considerthe state variables at time k+1, according to (7), we can get Consequently we have (x 1 (k)+x (k)) mod 1, 0 x 1 (k),x (k) < 0.5; (1 + x 1 (k) x (k)) mod 1, 0 x 1 (k) < 0.5, 0.5 x (k) < 1; y(k +1)= (1 + x (k) x 1 (k)) mod 1, 0.5 x 1 (k) < 1, 0 x (k) < 0.05; (1 (x 1 k)+x (k)) mod 1, 0.5 x 1 (k),x (k) < 1. (8) { y(k) mod1, 0 x1 (k),x (k) < 0.5; y(k +1)= ( y(k)) mod 1, 0.5 x 1 (k),x (k) < 1. (9) Assume that y(k) can be approximately represented as a binary sequence y(k) =0.b k 0b k 1 b k n 1, where n stands for a certain precision. Similarly, y(k +1)=0.b k+1 0 b k+1 1 b k+1 n 1.Whenx 1(k)x (k) [0, 0.5) or x 1 (k)x (k) [0.5, 1), according to (9), we obtain b k+1 i = b k i+1, 0 i n, b k+1 n 1 =0, if 0 x 1 (k),x (k) < 0.5; (10) b k+1 i = b k i+1, 0 i<i, b k+1 i = b k i+1,i i n, if 0.5 x 1 (k),x (k) < 1. (11) b k+1 n 1 =0, where I denotes the last bit position in y(k) = 0.b k 0b k 1 b k n 1 having the value 1. That is to say, b k I =1,bk i =0,I <i n 1. After obtaining the relations between bits in y(k) andy(k + 1), the bit extraction scheme has to be considered to analyze the correlation between consecutive bits. According to equation (6), Figure intuitively describes the bit extraction scheme adopted in the continuous generator. In the figure, y(k),y(k + 1),...,y(k + t) arethet + 1 consecutive results obtained after the module addition operation. S(k),S(k +1),...,S(k +t) denote the corresponding extracted bit sequences. The generatorconcatenates these t + 1 bit sequences to get the final bit sequence S. According to the results in equation (10) and (11), the bit sequence S(k) ands(k + 1) in the sequence S are strong correlated. A large number of
6 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No Figure The bit extraction scheme adopted in the generator. consecutive bits in S(k) are equal or complemented to the consecutive bits in S(k + 1) with very high probability. Therefore the bit sequence S are far from random and fail to pass most of the NIST tests. A specific bit sequence produced by the original generator is computed to confirm our analysis. In the computation, the discretized key parameters are selected as [P 1 P X 1 (0) X (0)] = [ ] and the corresponding continuous key parameters are p 1 p ,whicharecloseto 3 zero. This is just the case considered in the theoretical analysis. We can find that a large number of consecutive bits in S(k) are equal or complemented to the consecutive bits in S(k + 1). These results confirm our theoretical analysis. We have analyzed the cause of the weak keys, which are close to zero. In fact many similar weak keys exist. When the continuous key parameters p 1 and p are both close to 1 (m>1), the bits in the m sequence can still be correlated with some large probability. Therefore these parameters may still be the weak keys. We give some improvements to avoid the above weak keys. On one hand, we can avoid using these weak parameters as the keys in the generator. Since this method will decrease the total number of possible keys that can be used, the security of the generator may be weakened. Additionally it is not convenient to detect these weak keys in the practical use of the generator. On the other hand, we can improve the design of the generator to remove the weak keys. Since many consecutive bits are extracted each time from the results of the module addition operation, the bits in the final sequence are strong correlated and thus cause weak keys. With this consideration, we can decrease the number of the extracted bits each time to remove the high correlation between consecutive bits. Assume this number is denoted by L. With different values of L, the produced bit sequences are tested by using the NIST tests. We find that the produced bit sequence can not pass some tests for some key values when L>1. Therefore to remove weak keys we can just extract one bit each time, i.e., the value of L can just be selected as 1. With L=1, the produced bit sequence is tested. For the discretized chaotic map shown in Eq. (), the parameters are chosen as X(0) = 1000,P = 33. The bit b k r,r [0,n 0 1] is extracted from the state variable X(k) =b k 0 bk 1 bk n 0 1 each time to form the bit sequence. We test the sequence with the parameter r = 16. We find that the bit sequence can pass the NIST tests. Therefore the original weak keys are removed for the improved generator. 3.. Weak keys due to the short period of chaotic orbit The discretized chaotic map can generate orbit with extremely short period length or even a fixed point for some parameters, which cause weak keys. Two different chaotic maps are added in the generator in order to increase the period length. While this design improves the period properties to some degree, the period length of some generator sequences are still extremely short. (1) Fixed points. The possible fixed points of the discretized chaotic map are computed. In Eq. (), we select X(k+1) = X(k) and omit the floor function. Thus the possible nonzero fixed points can be obtained as follows: P X fix1 = n0 0.5 n0 +P, X fix = (P n0 ) n0 P 1.5, and X n0 fix3 = n0 n0 +P. When the state variable of discretized chaotic map takes the value close to one of the above three values, the chaotic orbit may fall to a fixed point. For example, for the discretized parameter P =34, two fixed point of discretized chaotic map can be obtained: X fix1 = 68, X fix = For the discretized parameter P =33, one fixed point can be obtained: X fix1 = 66. Therefore when the discretized key parameters of the generator
7 1168 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No. 5 [P 1 P X 1 (0) X (0)] = [ ] or [ ], the generator will produce one fixed state value all the time. These two key parameters are obviously the weak keys. With the similar analysis, for all possible values of P 1 and P, the weak keys due to the fixed point may exist. These kinds of weak keys can be calculated by using the above equations. In addition, another kind of weak keys can be caused by the fixed point of the chaotic map. Since computers can just represent numbers with limited precision, the chaotic orbits of the piecewise linear chaotic maps will converge to zero within a few number of iterations for all initial values when the parameter p = 1 4 [3]. Therefore when [P 1 P ]=[ ], the generator will produce sequence consisting of only zero bits for all possible X 1 (0) and X (0) values. Thus these key parameters are also the weak keys. Note that the weak keys due to the fixed points can be computed in advance. Therefore we can examine these weak keys and avoid using them in the practical use of the generator. () Short period of chaotic orbit. The discretized chaotic map in Eq. () can generate sequence with extremely short period [4]. The typical values of the period length of the chaotic map are shown in Table. In the table, we randomly select the parameter and initial value for the discretized chaotic map, and calculate the period length of the chaotic orbit. We find that the period length is less than 10 5 for about 40 percent of the key parameters. Since two different chaotic maps are added in the generator, the period length of the sequence produced by the generator will be less than for about 16 percent of the key parameters. Note that the period length of about is too small to satisfy most cryptographic use [9]. The short period of bit sequence obviously suggests that the sequence is far from random. It can also be detected by using proper statistical tests. We examine a bit sequence of short period by using the NIST tests. The results are shown in Table 3. In the table, the key of the generator are selected as [P 1 P X 1 (0) X (0)] = [ ]. With this key, the period length of the two discretized chaotic maps are both less than 100. Additionally, we adopt the improved bit extraction scheme discussed in subsection This is to remove the correlation between consecutive bits, which makes the sequence fail to pass the test. We find that in this case the sequence can not pass most of the tests. In this way, the nonrandom properties caused by the short period length are effectively detected by using the NIST tests. As is shown Table 3, when the two chaotic maps adopted in the generator simultaneously produce short period orbits, the short period sequence of the generator may be caused. To solve this problem, we can use a pseudorandom sequence with a fixed long period to perturb the chaotic orbit. This method can guarantee the lower bound of the extended cycle length [5]. Here, we use the perturbing algorithm in [5] to expand the period length of the generator. The improved generator is shown in Figure 3. Note that the improved bit extraction scheme is also adopted. That is to say, the bit b k r(r = 16) is extracted from the state variable Y (k) =b k 0b k 1 b k n 0 1 each time to form the bit sequence. In the improved generator, the linear congruential generator (LCG) is used to produce the perturbing sequence. The linear congruential generator is as follows: Z(m +1)=A Z(m) modm, m =0, 1,,..., (1) where the parameters A = 16807,M = Z(0) [1,M 1] is the initial value of the LCG. The sequence produced by LCG has a fixed lower bound of cycle length M 1 [6]. In Figure 3, the LCG sequence is used to perturb the chaotic orbit every Δ iterations, where Δ is a positive integer. The perturbing operation is the modular addition function. The perturbing algorithm can be formulated as follows: Y (k) =X(k), k mδ,m=0, 1,,...; Y (k) =(X(k)+Z(m)) mod n0, k = mδ,m=0, 1,,... (13) With this perturbing algorithm, the lower bound of the cycle length of the improved generator can be proved to be (M 1) Δ [5]. Here we select Δ = 500, then the cycle length of the improved generator is at least M Δ =( 31 ) , which is much larger than the cycle length of the original generator. The improved generator is also examined by using the NIST tests. For the parameters selected as P =33,
8 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No Table Typical values of the period length of the discretized chaotic map Period length Less than 10 3 Less than 10 4 Less than 10 5 Percentage of keys Table 3 The test results for a short period sequence produced by the generator Test name Proportion P -value T Frequency * Block-Frequency * Runs * * Longest-Run * * denotes that the sequence has failed the corresponding test. Figure 3 The improved chaotic sequence generator. X 0 = 1000, Δ = 500 and Z 0 = 3, we find that the improved generator can pass the NIST tests and has good randomness properties. 4 Discussion of statistical analysis of chaotic ciphers In this paper, we use the rigorous statistical tests to improve the weak key analysis of chaotic ciphers. Some research works have already used the statistical methods to investigate the properties of chaotic bit sequence. In this section, we discuss the current research on statistical analysis of chaotic ciphers. We first consider the theoretical analysis and then discuss the application of statistical tests. The real-valued states of chaotic systems can be properly quantified to generate binary sequence. Currently the randomness properties of this kind of chaotic sequence have been theoretically analyzed [7 30]. The existing theoretical analysis focuses on using the invariant measures to investigate the correlation function of the chaotic bit sequence. For the ergodic chaotic map with some symmetric property, Kohda first gave a sufficient condition to produce a sequence of independent and identically distributed (i.i.d.) binary random variables [7]. After that, in the extended work [8], he gave the applications of such sequence to the stream cipher and the CDMA communication systems. Recently the run statistics of the chaotic bit sequence were theoretically analyzed in [9]. Note that the ergodic property and invariant measures are the basis of this kind of theoretical analysis. However they may be affected by the parameter perturbations in the implementation of chaotic systems. This problem was theoretically studied in [30]. While the above theoretical analysis guarantees some good randomness properties of chaotic bit sequence, it is of limited use in chaotic cipher design [8]. The reasons are as follows. First, while the good correlation property is the main quantity that the existing analysis focuses on, it is just a basic requirement for the chaotic bit sequence to be used in cryptography. More rigorous requirements need to be satisfied. For example, the large period length, the low linear complexity. Second, the good properties of real-valued chaotic systems may be seriously degraded when the systems are realized with finite precision in digital computers [3, 4]. Typically for the tent map and the Bernoulli shift map, all chaotic orbits will converge to zero within a limited number of iterations due to finite precision. In addition, the bit sequence obtained by quantifying the real-valued states of chaotic systems has some more disadvantages in practical use. The operations on real numbers are usually realized by using floating
9 1170 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No. 5 point arithmetic, which may decrease the efficiency of cryptosystems. Some chaotic cryptosystems may be incapable of fully utilizing the sensitive dependence on initial conditions property due to the analog circuit implementation. While the existing theoretical statistical analysis is of limited use in chaotic cipher design, the statistical tests can be adopted to extensively examine the randomness property of the chaotic bit sequence. The commonly used tests include the tests specified in FIPS 140-, the NIST tests suite and the DIEHARD statistical tests. These tests have already been well used in the design of chaotic true random bit generator [31 33]. Recently they are also adopted to examine the chaotic pseudorandom bit generator [11, 13, 14, 16, 18]. However some problem still exists in the use of these statistical tests. On one hand, since some statistical tests used in chaotic cipher design are not rigorous, they may lead to some incorrect test results. In this paper, our analysis of the chaotic sequence generator in Section 3 has given an example. Another example can be found in [1, 15]. While the chaotic bit sequence proposed in [15] has passed a simple test named information entropy, its randomness is shown to be insufficient when the rigorous NIST tests are employed [1]. On the other hand, although some rigorous statistical tests have been adopted to examine pseudorandom chaotic sequence, they are still not well used. The control parameters of the chaotic bit generator are usually randomly selected when the generator are tested [11, 18]. This makes that the produced sequence can easily pass the rigorous statistical tests. However this kind of test method can not improve the chaotic bit generator effectively, since the chaotic bit sequence is required to have good randomness properties for all the possible values of control parameters. Some weak control parameters may still exist. In addition, most current research works use the rigorous tests to ensure the good randomness of chaotic bit sequence. There are few reports on using these rigorous tests to detect the weak keys or weak sequences of chaotic ciphers. As far as we know, the insufficient randomness properties of chaotic sequence were just briefly mentioned in [11, 1]. This means that the rigorous statistical tests are still not well used to improve the design of chaotic cipher. Note that the rigorous statistical tests have effectively improved the conventional cipher design [19 1]. Therefore the use of statistical tests in chaotic cipher design should be further explored. In this paper, we investigate a specific chaotic cipher by using the rigorous NIST tests and detect a large number of new weak keys, which were not found by using the lax tests [13]. Additionally from the results in Table 1, it is found that the weak keys may not be detected if the NIST tests are inappropriately used. For example, when the control parameter is randomly selected, the chaotic sequence can always easily pass the tests. In this way we highlight the importance of rigorous statistical tests in chaotic cipher design. Our work may be helpful for current research on statistical tests of chaotic cipher. 5 Conclusions In this paper, we propose a new approach based on the rigorous statistical test to improve the weak key analysis of chaotic ciphers. The weak keys of a specific chaotic cipher are investigated by using our method and a large number of new weak keys are detected. These results verify that our method is more effective. Since there are few research reports on using the rigorous tests to analyze the weak keys of chaotic ciphers, our work may also be helpful for current research on statistical tests of chaotic cipher. On the other hand, we should also realize the limitation of the weak key analysis by using statistical tests. Since the key space of chaotic cryptosystem is usually very large, we can not exhaustively examine all the possible keys. Therefore some theoretical methods are needed to guarantee the good properties of chaotic sequence, e.g., the fixed large period length, the high linear complexity, and so on. Additionally we think that more theoretical analysis should be performed for the discretized chaotic cryptosystems, which have many advantages in practical implementation. These problems will be the subject of our future work. Acknowledgements This work was supported by National Natural Science Foundation of China (Grant No ).
10 Yin R M, et al. Sci China Inf Sci May 01 Vol. 55 No References 1 Kocarev L. Chaos-based cryptography: a brief overview. IEEE Circ Syst Mag, 001, 1: 6 1 Zhang Y W, Wang Y M, Shen X B. Chaos-based image encryption algorithm using alternate structure. Sci China Ser F-Inf Sci, 007, 50: Alvarez G, Li S. Some basic cryptographic requirements for chaos-based cryptosystems. Int J Bifurcat Chaos, 006, 16: Biham E. Cryptanalysis of the chaotic-map cryptosystem suggested at EuroCrypt 91. In: Advances in Cryptology - EuroCrypt 91. Berlin: Springer, Alvarez G, Montoya F, Romera M, et al. Cryptanalysis of a discrete chaotic cryptosystem using external key. Phys Lett A, 003, 319: Skrobek A. Cryptanalysis of chaotic stream cipher. Phys Lett A, 007, 363: Li S, Alvarez G, Chen G, et al. Breaking a chaos-noise-based secure communication scheme. Chaos, 005, 15: Li C, Li S, Alvarez G, et al. Cryptanalysis of a chaotic block cipher with external key and its improved version. Chaos Soliton Fract, 008, 37: Schneier B. Applied Cryptography: Protocols, Algorithms, and Source Code in C. nd ed. Brisbane: John Wiley and Sons, Robinson R C. An introduction to Dynamical Systems: Continuous and Discrete. New Jersey: Pearson Prentice Hall, Tang K W, Tang K S, Man K F. A chaos-based pseudo-random number generator and its application in voice communications. Int J Bifurcat Chaos, 007, 17: Li C, Li S, Alvarez G, et al. Cryptanalysis of two chaotic encryption schemes based on circular bit shift and XOR operations. Phys Lett A, 007, 369: Lian S, Sun J, Wang J, et al. A chaotic stream cipher and the usage in video protection. Chaos Soliton Fract, 007, 34: Li P, Li Z, Halang W A, et al. Analysis of a multiple-output pseudo-random-bit generator based on a spatiotemporal chaotic system. Int J Bifurcat Chaos, 006, 16: Xiang T, Liao X, Tang G, et al. A novel block cryptosystem based on iterating a chaotic map. Phys Lett A, 006, 349: Li P, Li Z, Halang W A, et al. A multiple pseudorandom-bit generator based on a spatiotemporal chaotic map. Phys Lett A, 006, 349: National Institute of Standards and Technology (NIST). Security Requirements for Cryptographic Modules. Federal Information Processing Standards Publication Patidar V, Sud K K, Pareek N K. A pseudo random bit generator based on chaotic logistic map and its statistical testing. Informatica, 009, 33: Soto J. Randomness Testing of the AES Candidate Algorithms. NIST Interagency Reports Soto J, Bassham L. Randomness Testing of the Advanced Encryption Standard Finalist Candidates. NIST Interagency Reports Turan M S, Doganaksoy A, Calik C. Detailed Statistical Analysis of Synchronous Stream Ciphers. estream report 006/ Rukhin A, Soto J, Nechvatal J, et al. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST Special Publication Li S. When chaos meets computers. arxiv: nlin.cd/ Li S, Chen G, Mou X. On the dynamical degradation of digital piecewise linear chaotic maps. Int J Bifurcat Chaos, 005, 15: Sang T, Wang R, Yan Y. Perturbance-based algorithm to expand cycle length of chaotic key stream. Electron Lett, 1998, 34: Park S K, Miller K W. Random number generators: good ones are hard to find. Commun ACM, 1988, 31: Kohda T, Tsuneda A. Statistics of chaotic binary sequences. IEEE Trans Inform Theory, 1997, 43: Kohda T. Information sources using chaotic dynamics. Proc IEEE, 00, 90: Tsuneda A. Design of binary sequences with tunable exponential autocorrelations and run statistics based on onedimensional chaotic maps. IEEE Trans Circ Syst-I, 005, 5: Addabbo T, Fort A, Papini D, et al. Invariant measures of tunable chaotic sources: robustness analysis and efficient estimation. IEEE Trans Circ Syst-I, 009, 56: Ergun S, Ozoguz S. Truly random number generators based on a non-autonomous chaotic oscillator. Int J Electron Commun, 007, 61: Tomassini M, Sipper M, Perrenoud M. On the generation of high-quality random numbers by two-dimensional cellular automata. IEEE Trans Comput, 000, 49: Addabbo T, Alioto M, Fort A, et al. A feedback strategy to improve the entropy of a chaos-based random bit generator. IEEE Trans Circ Syst-I, 006, 53:
Cryptanalysis of a computer cryptography scheme based on a filter bank
NOTICE: This is the author s version of a work that was accepted by Chaos, Solitons & Fractals in August 2007. Changes resulting from the publishing process, such as peer review, editing, corrections,
More informationAn efficient parallel pseudorandom bit generator based on an asymmetric coupled chaotic map lattice
PRAMANA c Indian Academy of Sciences Vol. 85, No. 4 journal of October 215 physics pp. 617 627 An efficient parallel pseudorandom bit generator based on an asymmetric coupled chaotic map lattice RENFU
More informationCryptanalysis of a Multistage Encryption System
Cryptanalysis of a Multistage Encryption System Chengqing Li, Xinxiao Li, Shujun Li and Guanrong Chen Department of Mathematics, Zhejiang University, Hangzhou, Zhejiang 310027, China Software Engineering
More informationarxiv: v1 [cs.cr] 18 Jul 2009
Breaking a Chaotic Cryptographic Scheme Based on Composition Maps Chengqing Li 1, David Arroyo 2, and Kwok-Tung Lo 1 1 Department of Electronic and Information Engineering, The Hong Kong Polytechnic University,
More informationMulti-Map Orbit Hopping Chaotic Stream Cipher
Multi-Map Orbit Hopping Chaotic Stream Cipher Xiaowen Zhang 1, Li Shu 2, Ke Tang 1 Abstract In this paper we propose a multi-map orbit hopping chaotic stream cipher that utilizes the idea of spread spectrum
More informationarxiv:nlin/ v1 [nlin.cd] 10 Aug 2006
Cryptanalysis of a chaotic block cipher with external key and its improved version arxiv:nlin/0608020v1 [nlin.cd] 10 Aug 2006 Chengqing Li a,, Shujun Li b,, Gonzalo Álvarezc, Guanrong Chen a and Kwok-Tung
More informationOn the security of a chaotic encryption scheme: problems with computerized chaos in finite computing precision
On the security of a chaotic encryption scheme: problems with computerized chaos in finite computing precision Shujun Li a,, Xuanqin Mou a, Yuanlong Cai a, Zhen Ji b and Jihong Zhang b a School of Electronics
More informationA novel pseudo-random number generator based on discrete chaotic iterations
A novel pseudo-random number generator based on discrete chaotic iterations Qianxue Wang, Christophe Guyeux and Jacques M. Bahi University of Franche-Comte Computer Science Laboratory LIFC, Belfort, France
More informationConstruction of Pseudorandom Binary Sequences Using Chaotic Maps
Applied Mathematical Sciences, Vol. 9, 2015, no. 78, 3847-3853 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/ams.2015.52149 Construction of Pseudorandom Binary Sequences Using Chaotic Maps Dimo
More informationBreaking an encryption scheme based on chaotic Baker map
Breaking an encryption scheme based on chaotic Baker map Gonzalo Alvarez a, and Shujun Li b a Instituto de Física Aplicada, Consejo Superior de Investigaciones Científicas, Serrano 144 28006 Madrid, Spain
More informationNew Dynamical Key Dependent S-Box based on chaotic maps
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 17, Issue 4, Ver. IV (July Aug. 2015), PP 91-101 www.iosrjournals.org New Dynamical Key Dependent S-Box based
More informationarxiv:cs/ v1 [cs.cr] 2 Feb 2004
Problems of Baptista s chaotic cryptosystems and countermeasures for enhancement of their overall performances arxiv:cs/0402004v1 [cs.cr] 2 Feb 2004 Shujun Li, Guanrong Chen Department of Electronic Engineering,
More informationSignature Attractor Based Pseudorandom Generation Algorithm
Advanced Studies in Theoretical Physics Vol. 9, 2015, no. 6, 287-293 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/astp.2015.517 Signature Attractor Based Pseudorandom Generation Algorithm Krasimir
More informationDesign and Hardware Implementation of a Chaotic Encryption Scheme for Real-time Embedded Systems
Design and Hardware Implementation of a Chaotic Encryption Scheme for Real-time Embedded Systems Amit Pande and Joseph Zambreno Department of Electrical and Computer Engineering Iowa State University,
More informationarxiv: v2 [cs.cr] 13 Oct 2016
Nonlinear Dynamics manuscript No. (will be inserted by the editor) Cryptanalyzing image encryption scheme using chaotic logistic map Chengqing Li Tao Xie Qi Liu Ge Cheng arxiv:3.489v2 [cs.cr] 3 Oct 26
More informationSecure Communication Using H Chaotic Synchronization and International Data Encryption Algorithm
Secure Communication Using H Chaotic Synchronization and International Data Encryption Algorithm Gwo-Ruey Yu Department of Electrical Engineering I-Shou University aohsiung County 840, Taiwan gwoyu@isu.edu.tw
More informationA new simple technique for improving the random properties of chaos-based cryptosystems
AIP ADVANCES 8, 035004 (2018) A new simple technique for improving the random properties of chaos-based cryptosystems M. Garcia-Bosque, a A. Pérez-Resa, a C. Sánchez-Azqueta, a and S. Celma a Group of
More informationOne-way Hash Function Based on Neural Network
One-way Hash Function Based on Neural Network Shiguo Lian, Jinsheng Sun, Zhiquan Wang Department of Automation, Nanjing University of Science & echnology, Nanjing, 294, China, sg_lian@63.com Abstract A
More informationInformation and Communications Security: Encryption and Information Hiding
Short Course on Information and Communications Security: Encryption and Information Hiding Tuesday, 10 March Friday, 13 March, 2015 Lecture 9: Encryption using Chaos Contents Chaos and Cryptography Iteration
More informationA Fast Digital Chaotic Generator for Secure Communication
A Fast Digital Chaotic Generator for Secure Communication Shih-Liang Chen TingTing Hwang Shu-Ming Chang Wen-Wei Lin Abstract In this paper, we propose a digitalized chaotic map, Variational Logistic Map
More informationCHAPTER 3 CHAOTIC MAPS BASED PSEUDO RANDOM NUMBER GENERATORS
24 CHAPTER 3 CHAOTIC MAPS BASED PSEUDO RANDOM NUMBER GENERATORS 3.1 INTRODUCTION Pseudo Random Number Generators (PRNGs) are widely used in many applications, such as numerical analysis, probabilistic
More informationDesign of S-Box using Combination of Chaotic Functions
129 Design of S-Box using Combination of Chaotic Functions Tanu Wadhera 1, Gurmeet Kaur 2 1 Department of Electronics and Communication Engineering, Punjabi University, Patiala, India 2 Department of Electronics
More information-Cryptosystem: A Chaos Based Public Key Cryptosystem
International Journal of Cryptology Research 1(2): 149-163 (2009) -Cryptosystem: A Chaos Based Public Key Cryptosystem 1 M.R.K. Ariffin and 2 N.A. Abu 1 Al-Kindi Cryptography Research Laboratory, Laboratory
More informationAnalysis of FIPS Test and Chaos-Based Pseudorandom Number Generator
Chaotic Modeling and Simulation (CMSIM) : 73 80, 013 Analysis of FIPS 140- Test and Chaos-Based Pseudorandom Number Generator Lequan Min, Tianyu Chen, and Hongyan Zang Mathematics and Physics School, University
More informationPseudo-Random Bit Generator Based on Couple Chaotic Systems and its Applications in Stream-Cipher Cryptography
Pseudo-Random Bit Generator Based on Couple Chaotic Systems and its Applications in Stream-Cipher Cryptography Li Shujun a, Mou Xuanqin b, and Cai Yuanlong c Institute of Image Processing, School of Electronics
More informationWeak Key Analysis and Micro-controller Implementation of CA Stream Ciphers
Weak Key Analysis and Micro-controller Implementation of CA Stream Ciphers Pascal Bouvry 1, Gilbert Klein 1, and Franciszek Seredynski 2,3 1 Luxembourg University Faculty of Sciences, Communication and
More informationA Pseudo Random Bit Generator Based on Chaotic Logistic Map and its Statistical Testing
Informatica 33 (29) 441 452 441 A Pseudo Random Bit Generator Based on Chaotic Logistic Map and its Statistical Testing Vinod Patidar and K. K. Sud Department of Basic Sciences, School of Engineering,
More informationA Chaotic Encryption System Using PCA Neural Networks
A Chaotic Encryption System Using PCA Neural Networks Xiao Fei, Guisong Liu, Bochuan Zheng Computational Intelligence Laboratory, School of Computer Science and Engineering, University of Electronic Science
More informationA new pseudorandom number generator based on complex number chaotic equation
A new pseudorandom number generator based on complex number chaotic equation Liu Yang( 刘杨 ) and Tong Xiao-Jun( 佟晓筠 ) School of Computer Science and Technology, Harbin Institute of Technology, Weihai 264209,
More informationResearch Article A Novel True Random Number Generator Based on Mouse Movement and a One-Dimensional Chaotic Map
Hindawi Publishing Corporation Mathematical Problems in Engineering Volume 22, Article ID 9382, 9 pages doi:.55/22/9382 Research Article A Novel True Random Number Generator Based on Mouse Movement and
More informationNew Chaotic Permutation Methods for Image Encryption
IAENG International Journal of Computer Science, 37:4, IJCS_37_4_ New Chaotic Permutation Methods for Image Encryption Abir Awad, Abdelhakim Saadane 2 Abstract Since two decades, and in order to reach
More informationCryptanalysis on An ElGamal-Like Cryptosystem for Encrypting Large Messages
Cryptanalysis on An ElGamal-Like Cryptosystem for Encrypting Large Messages MEI-NA WANG Institute for Information Industry Networks and Multimedia Institute TAIWAN, R.O.C. myrawang@iii.org.tw SUNG-MING
More informationChaotic Based Secure Hash Algorithm
Chaotic Based Secure Hash Algorithm Mazen Tawfik Mohammed 1, Alaa Eldin Rohiem 2, Ali El-moghazy 3 and A. Z. Ghalwash 4 1,2 Military technical College, Cairo, Egypt 3 Higher Technological Institute, Cairo,
More informationA Very Efficient Pseudo-Random Number Generator Based On Chaotic Maps and S-Box Tables M. Hamdi, R. Rhouma, S. Belghith
A Very Efficient Pseudo-Random Number Generator Based On Chaotic Maps and S-Box Tables M. Hamdi, R. Rhouma, S. Belghith Abstract Generating random numbers are mainly used to create secret keys or random
More informationSOBER Cryptanalysis. Daniel Bleichenbacher and Sarvar Patel Bell Laboratories Lucent Technologies
SOBER Cryptanalysis Daniel Bleichenbacher and Sarvar Patel {bleichen,sarvar}@lucent.com Bell Laboratories Lucent Technologies Abstract. SOBER is a new stream cipher that has recently been developed by
More informationIEOR SEMINAR SERIES Cryptanalysis: Fast Correlation Attacks on LFSR-based Stream Ciphers
IEOR SEMINAR SERIES Cryptanalysis: Fast Correlation Attacks on LFSR-based Stream Ciphers presented by Goutam Sen Research Scholar IITB Monash Research Academy. 1 Agenda: Introduction to Stream Ciphers
More informationNew communication schemes based on adaptive synchronization
CHAOS 17, 0114 2007 New communication schemes based on adaptive synchronization Wenwu Yu a Department of Mathematics, Southeast University, Nanjing 210096, China, Department of Electrical Engineering,
More informationCRYPTANALYSIS OF FRIDRICH S CHAOTIC IMAGE ENCRYPTION
International Journal of Bifurcation and Chaos, Vol. 20, No. 5 (2010) 1405 1413 c World Scientific Publishing Company DOI: 10.1142/S0218127410026563 CRYPTANALYSIS OF FRIDRICH S CHAOTIC IMAGE ENCRYPTION
More informationChaotic Random Bit Generator Realized with a Microcontroller
Journal of Computations & Modelling, vol.3, no.4, 2013, 115-136 ISSN: 1792-7625 (print), 1792-8850 (online) Scienpress Ltd, 2013 Chaotic Random Bit Generator Realized with a Microcontroller Christos K.
More informationA Novel Image Encryption Scheme Using the Composite Discrete Chaotic System
entropy Article A Novel Image Encryption Scheme Using the Composite Discrete Chaotic System Hegui Zhu 1, *, Xiangde Zhang 1, Hai Yu 2, Cheng Zhao 3 and Zhiliang Zhu 2 1 College of Sciences, Northeastern
More informationImproved Cascaded Stream Ciphers Using Feedback
Improved Cascaded Stream Ciphers Using Feedback Lu Xiao 1, Stafford Tavares 1, Amr Youssef 2, and Guang Gong 3 1 Department of Electrical and Computer Engineering, Queen s University, {xiaolu, tavares}@ee.queensu.ca
More informationPERIOD LENGTHS OF CHAOTIC PSEUDO-RANDOM NUMBER GENERATORS
PERIOD LENGTHS OF CHAOTIC PSEUDO-RANDOM NUMBER GENERATORS Jörg Keller Hanno Wiese FernUniversität in Hagen LG Parallelität und VLSI 58084 Hagen, Germany joerg.keller@fernuni-hagen.de ABSTRACT Cryptographic
More informationLinear Approximations for 2-round Trivium
Linear Approximations for 2-round Trivium Meltem Sönmez Turan 1, Orhun Kara 2 1 Institute of Applied Mathematics, Middle East Technical University Ankara, Turkey msonmez@metu.edu.tr 2 TUBITAK-UEKAE, Gebze,
More informationFast Algebraic Immunity of 2 m + 2 & 2 m + 3 variables Majority Function
Fast Algebraic Immunity of 2 m + 2 & 2 m + 3 variables Majority Function Yindong Chen a,, Fei Guo a, Liu Zhang a a College of Engineering, Shantou University, Shantou 515063, China Abstract Boolean functions
More informationSelf-shrinking Bit Generation Algorithm Based on Feedback with Carry Shift Register
Advanced Studies in Theoretical Physics Vol. 8, 2014, no. 24, 1057-1061 HIKARI Ltd, www.m-hikari.com http://dx.doi.org/10.12988/astp.2014.49132 Self-shrinking Bit Generation Algorithm Based on Feedback
More informationComputers and Mathematics with Applications
Computers and Mathematics with Applications 61 (2011) 1261 1265 Contents lists available at ScienceDirect Computers and Mathematics with Applications journal homepage: wwwelseviercom/locate/camwa Cryptanalysis
More informationAnalysis and Comparison of One Dimensional Chaotic Map Functions
Analysis and Comparison of One Dimensional Chaotic Map Functions Tanu Wadhera 1, Gurmeet Kaur 2 1,2 ( Punjabi University, Patiala, Punjab, India) Abstract : Chaotic functions because of their complexity
More informationMaximum Correlation Analysis of Nonlinear S-boxes in Stream Ciphers
Maximum Correlation Analysis of Nonlinear S-boxes in Stream Ciphers Muxiang Zhang 1 and Agnes Chan 2 1 GTE Laboratories Inc., 40 Sylvan Road LA0MS59, Waltham, MA 02451 mzhang@gte.com 2 College of Computer
More informationOn the Big Gap Between p and q in DSA
On the Big Gap Between p and in DSA Zhengjun Cao Department of Mathematics, Shanghai University, Shanghai, China, 200444. caozhj@shu.edu.cn Abstract We introduce a message attack against DSA and show that
More informationA NOVEL MULTIPLE PSEUDO RANDOM BITS GENERATOR BASED ON SPATIOTEMPORAL CHAOS. Ping Li,1 Zhong Li Wolfgang. A. Halang Guanrong Chen
A OVEL MULTIPLE PSEUDO RADOM BITS GEERATOR BASED O SPATIOTEMPORAL CHAOS Ping Li, Zhong Li Wolfgang. A. Halang Guanrong Chen Faculty of Electrical and Computer Engineering, FernUniversität in Hagen, 884
More informationTowards Provable Security of Substitution-Permutation Encryption Networks
Towards Provable Security of Substitution-Permutation Encryption Networks Zhi-Guo Chen and Stafford E. Tavares Department of Electrical and Computer Engineering Queen s University at Kingston, Ontario,
More informationImpossible Differential-Linear Cryptanalysis of Reduced-Round CLEFIA-128
Impossible Differential-Linear Cryptanalysis of Reduced-Round CLEFIA-8 Zheng Yuan,,, ian Li, Beijing Electronic Science & Technology Institute, Beijing 7, P.R. China zyuan@tsinghua.edu.cn, sharonlee95@6.com
More informationLow-weight Pseudo Collision Attack on Shabal and Preimage Attack on Reduced Shabal-512
Low-weight Pseudo Collision Attack on Shabal and Preimage Attack on Reduced Shabal-512 Takanori Isobe and Taizo Shirai Sony Corporation 1-7-1 Konan, Minato-ku, Tokyo 108-0075, Japan {Takanori.Isobe,Taizo.Shirai}@jp.sony.com
More informationarxiv: v1 [cs.cr] 5 Dec 2007
Cryptanalysis of an image encryption scheme based on the Hill cipher Chengqing Li a,, Dan Zhang b, and Guanrong Chen a arxiv:07120693v1 [cscr] 5 Dec 2007 a Department of Electronic Engineering, City University
More informationChair for Network Architectures and Services Institute of Informatics TU München Prof. Carle. Network Security. Chapter 2 Basics
Chair for Network Architectures and Services Institute of Informatics TU München Prof. Carle Network Security Chapter 2 Basics 2.4 Random Number Generation for Cryptographic Protocols Motivation It is
More informationNew Construction of Single Cycle T-function Families
New Construction of Single Cycle T-function Families Shiyi ZHANG 1, Yongjuan WANG, Guangpu GAO Luoyang Foreign Language University, Luoyang, Henan Province, China Abstract The single cycle T-function is
More informationA Five-Round Algebraic Property of the Advanced Encryption Standard
A Five-Round Algebraic Property of the Advanced Encryption Standard Jianyong Huang, Jennifer Seberry and Willy Susilo Centre for Computer and Information Security Research (CCI) School of Computer Science
More informationFurther improving security of Vector Stream Cipher
NOLTA, IEICE Paper Further improving security of Vector Stream Cipher Atsushi Iwasaki 1a) and Ken Umeno 2 1 Fukuoka Institute of Technology Wajiro-higashi, Higashiku, Fukuoka 811-0295, Japan 2 Graduate
More informationDigital Secure-Communication Using Robust Hyper-Chaotic Systems
Digital Secure-Communication Using Robust Hyper-Chaotic Systems Shih-Liang Chen Shu-Ming Chang Wen-Wei Lin Ting-Ting Hwang Abstract In this paper, we propose a robust hyper-chaotic system that is practically
More informationHYBRID CHAOS SYNCHRONIZATION OF HYPERCHAOTIC LIU AND HYPERCHAOTIC CHEN SYSTEMS BY ACTIVE NONLINEAR CONTROL
HYBRID CHAOS SYNCHRONIZATION OF HYPERCHAOTIC LIU AND HYPERCHAOTIC CHEN SYSTEMS BY ACTIVE NONLINEAR CONTROL Sundarapandian Vaidyanathan 1 1 Research and Development Centre, Vel Tech Dr. RR & Dr. SR Technical
More informationChaos and Cryptography
Chaos and Cryptography Vishaal Kapoor December 4, 2003 In his paper on chaos and cryptography, Baptista says It is possible to encrypt a message (a text composed by some alphabet) using the ergodic property
More informationStream ciphers I. Thomas Johansson. May 16, Dept. of EIT, Lund University, P.O. Box 118, Lund, Sweden
Dept. of EIT, Lund University, P.O. Box 118, 221 00 Lund, Sweden thomas@eit.lth.se May 16, 2011 Outline: Introduction to stream ciphers Distinguishers Basic constructions of distinguishers Various types
More informationImproved Linear (hull) Cryptanalysis of Round-reduced Versions of SIMON
Improved Linear (hull) Cryptanalysis of Round-reduced Versions of SIMON Danping Shi 1,2, Lei Hu 1,2, Siwei Sun 1,2, Ling Song 1,2, Kexin Qiao 1,2, Xiaoshuang Ma 1,2 1 State Key Laboratory of Information
More informationU.C. Berkeley CS276: Cryptography Luca Trevisan February 5, Notes for Lecture 6
U.C. Berkeley CS276: Cryptography Handout N6 Luca Trevisan February 5, 2009 Notes for Lecture 6 Scribed by Ian Haken, posted February 8, 2009 Summary The encryption scheme we saw last time, based on pseudorandom
More informationSmart Hill Climbing Finds Better Boolean Functions
Smart Hill Climbing Finds Better Boolean Functions William Millan, Andrew Clark and Ed Dawson Information Security Research Centre Queensland University of Technology GPO Box 2434, Brisbane, Queensland,
More informationComputing the RSA Secret Key is Deterministic Polynomial Time Equivalent to Factoring
Computing the RSA Secret Key is Deterministic Polynomial Time Equivalent to Factoring Alexander May Faculty of Computer Science, Electrical Engineering and Mathematics University of Paderborn 33102 Paderborn,
More informationConcurrent Error Detection in S-boxes 1
International Journal of Computer Science & Applications Vol. 4, No. 1, pp. 27 32 2007 Technomathematics Research Foundation Concurrent Error Detection in S-boxes 1 Ewa Idzikowska, Krzysztof Bucholc Poznan
More informationClassical Cryptography
Classical Cryptography CSG 252 Fall 2006 Riccardo Pucella Goals of Cryptography Alice wants to send message X to Bob Oscar is on the wire, listening to communications Alice and Bob share a key K Alice
More informationCryptanalysis of Patarin s 2-Round Public Key System with S Boxes (2R)
Cryptanalysis of Patarin s 2-Round Public Key System with S Boxes (2R) Eli Biham Computer Science Department Technion Israel Institute of Technology Haifa 32000, Israel biham@cs.technion.ac.il http://www.cs.technion.ac.il/~biham/
More informationCryptographic Hash Functions
Cryptographic Hash Functions Çetin Kaya Koç koc@ece.orst.edu Electrical & Computer Engineering Oregon State University Corvallis, Oregon 97331 Technical Report December 9, 2002 Version 1.5 1 1 Introduction
More informationSuccess Probability of the Hellman Trade-off
This is the accepted version of Information Processing Letters 109(7 pp.347-351 (2009. https://doi.org/10.1016/j.ipl.2008.12.002 Abstract Success Probability of the Hellman Trade-off Daegun Ma 1 and Jin
More informationA Color Image Encryption Scheme Based on Arnold Scrambling and Quantum Chaotic
International Journal of Network Security, Vol.19, No.3, PP.347-357, May 2017 (DOI: 10.6633/IJNS.201703.19(3).04) 347 A Color Image Encryption Scheme Based on Arnold Scrambling and Quantum Chaotic Hui
More informationPermutation Generators Based on Unbalanced Feistel Network: Analysis of the Conditions of Pseudorandomness 1
Permutation Generators Based on Unbalanced Feistel Network: Analysis of the Conditions of Pseudorandomness 1 Kwangsu Lee A Thesis for the Degree of Master of Science Division of Computer Science, Department
More informationOn Lempel-Ziv Complexity of Sequences
On Lempel-Ziv Complexity of Sequences Ali Doğanaksoy 1,2,4 and Faruk Göloğlu 2,3 1 Department of Mathematics, Middle East Technical University Ankara, Turkey aldoks@metu.edu.tr 2 Institute of Applied Mathematics,
More informationRevisit and Cryptanalysis of a CAST Cipher
2017 3rd International Conference on Electronic Information Technology and Intellectualization (ICEITI 2017) ISBN: 978-1-60595-512-4 Revisit and Cryptanalysis of a CAST Cipher Xiao Zhou, Jingwei Li, Xuejia
More informationA chaotic encryption scheme for real-time embedded systems: design and implementation
Telecommun Syst DOI 10.1007/s11235-011-9460-1 A chaotic encryption scheme for real-time embedded systems: design and implementation Amit Pande Joseph Zambreno Springer Science+Business Media, LLC 2011
More informationStream Ciphers. Çetin Kaya Koç Winter / 20
Çetin Kaya Koç http://koclab.cs.ucsb.edu Winter 2016 1 / 20 Linear Congruential Generators A linear congruential generator produces a sequence of integers x i for i = 1,2,... starting with the given initial
More informationBinary GH Sequences for Multiparty Communication. Krishnamurthy Kirthi
Binary GH Sequences for Multiparty Communication Krishnamurthy Kirthi Abstract This paper investigates cross correlation properties of sequences derived from GH sequences modulo p, where p is a prime number
More informationA Fast Chaos-Based Pseudo-Random Bit Generator Using Binary64 Floating-Point Arithmetic
A Fast Chaos-Based Pseudo-Random Bit Generator Using Binary64 Floating-Point Arithmetic Michael François, David Defour, Christophe Negre To cite this version: Michael François, David Defour, Christophe
More informationLecture 4: DES and block ciphers
Lecture 4: DES and block ciphers Johan Håstad, transcribed by Ernir Erlingsson 2006-01-25 1 DES DES is a 64 bit block cipher with a 56 bit key. It selects a 64 bit block and modifies it depending on the
More informationComplexity Analysis of a Fast Modular Multiexponentiation Algorithm
Complexity Analysis of a Fast Modular Multiexponentiation Algorithm Haimin Jin 1,, Duncan S. Wong, Yinlong Xu 1 1 Department of Computer Science University of Science and Technology of China China jhm113@mail.ustc.edu.cn,
More informationTraversing a n-cube without Balanced Hamiltonian Cycle to Generate Pseudorandom Numbers
Traversing a n-cube without Balanced Hamiltonian Cycle to Generate Pseudorandom Numbers J.-F. Couchot, P.-C. Heam, C. Guyeux, Q. Wang, and J. M. Bahi FEMTO-ST Institute, University of Franche-Comté, France
More informationCryptanalysis of Achterbahn
Cryptanalysis of Achterbahn Thomas Johansson 1, Willi Meier 2, and Frédéric Muller 3 1 Department of Information Technology, Lund University P.O. Box 118, 221 00 Lund, Sweden thomas@it.lth.se 2 FH Aargau,
More informationImpossible Differential Attacks on 13-Round CLEFIA-128
Mala H, Dakhilalian M, Shakiba M. Impossible differential attacks on 13-round CLEFIA-128. JOURNAL OF COMPUTER SCIENCE AND TECHNOLOGY 26(4): 744 750 July 2011. DOI 10.1007/s11390-011-1173-0 Impossible Differential
More informationImage encryption based on a delayed fractional-order chaotic logistic system
Chin. Phys. B Vol. 21 No. 5 (212) 556 Image encryption based on a delayed fractional-order chaotic logistic system Wang Zhen( 王震 ) a) Huang Xia( 黄霞 ) b) Li Ning( 李宁 ) a) and Song Xiao-Na( 宋晓娜 ) c) a) College
More informationA Grey Pseudo Random Number Generator
A Grey Pseudo Random Numer Generator Yi-Fung Huang 1 Kun-Li Wen 2 Chu-Hsing Lin 3 Jen-Chieh Chang 4 1, 3, 4 Department of Computer Science and Information Engineering Tunghai University, Taichung, Taiwan
More informationUniform Random Number Generators
JHU 553.633/433: Monte Carlo Methods J. C. Spall 25 September 2017 CHAPTER 2 RANDOM NUMBER GENERATION Motivation and criteria for generators Linear generators (e.g., linear congruential generators) Multiple
More informationCPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems
CPE 776:DATA SECURITY & CRYPTOGRAPHY Some Number Theory and Classical Crypto Systems Dr. Lo ai Tawalbeh Computer Engineering Department Jordan University of Science and Technology Jordan Some Number Theory
More informationLow complexity bit-parallel GF (2 m ) multiplier for all-one polynomials
Low complexity bit-parallel GF (2 m ) multiplier for all-one polynomials Yin Li 1, Gong-liang Chen 2, and Xiao-ning Xie 1 Xinyang local taxation bureau, Henan, China. Email:yunfeiyangli@gmail.com, 2 School
More informationDifferential properties of power functions
Differential properties of power functions Céline Blondeau, Anne Canteaut and Pascale Charpin SECRET Project-Team - INRIA Paris-Rocquencourt Domaine de Voluceau - B.P. 105-8153 Le Chesnay Cedex - France
More informationImage Encryption Algorithm Using Natural Interval Extensions
Image Encryption Algorithm Using Natural Interval Extensions Lucas Giovani Nardo Control and Modelling Group (GCOM) Federal University of São João del-ei São João del-ei, Brazil gnlucas@gmail.com Arthur
More informationDistinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network
Distinguishing Attacks on a Kind of Generalized Unbalanced Feistel Network Ruilin Li, Bing Sun, and Chao Li Department of Mathematics and System Science, Science College, National University of Defense
More informationA Byte-Based Guess and Determine Attack on SOSEMANUK
A Byte-Based Guess and Determine Attack on SOSEMANUK Xiutao Feng, Jun Liu, Zhaocun Zhou, Chuankun Wu and Dengguo Feng State Key Laboratory of Information Security, Institute of Software, Chinese Academy
More informationSynchronization of a General Delayed Complex Dynamical Network via Adaptive Feedback
Synchronization of a General Delayed Complex Dynamical Network via Adaptive Feedback Qunjiao Zhang and Junan Lu College of Mathematics and Statistics State Key Laboratory of Software Engineering Wuhan
More informationTransform Domain Analysis of DES. Guang Gong and Solomon W. Golomb. University of Southern California. Tels and
Transform Domain Analysis of DES Guang Gong and Solomon W. Golomb Communication Sciences Institute University of Southern California Electrical Engineering-Systems, EEB # 500 Los Angeles, California 90089-2565
More informationPipelined Pseudo-Random Number Generator with the Efficient Post-Processing Method
Pipelined Pseudo-Random Number Generator with the Efficient Post-Processing Method Paweł D bal Abstract This brief proposes a novel architecture of the chaotic pseudo-random bit generators (PRBGs) based
More informationAPPLYING QUANTUM SEARCH TO A KNOWN- PLAINTEXT ATTACK ON TWO-KEY TRIPLE ENCRYPTION
APPLYING QUANTUM SEARCH TO A KNOWN- PLAINTEXT ATTACK ON TWO-KEY TRIPLE ENCRYPTION Phaneendra HD, Vidya Raj C, Dr MS Shivakumar Assistant Professor, Department of Computer Science and Engineering, The National
More informationCryptanalysis of a data security protection scheme for VoIP
Cryptanalysis of a data security protection scheme for VoIP Chengqing Li, Shujun Li, Dan Zhang 3 and Guanrong Chen Department of Mathematics, Zhejiang University, Hangzhou 37, P.R. China Department of
More informationDefinition: For a positive integer n, if 0<a<n and gcd(a,n)=1, a is relatively prime to n. Ahmet Burak Can Hacettepe University
Number Theory, Public Key Cryptography, RSA Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr The Euler Phi Function For a positive integer n, if 0
More informationHaar Spectrum of Bent Boolean Functions
Malaysian Journal of Mathematical Sciences 1(S) February: 9 21 (216) Special Issue: The 3 rd International Conference on Mathematical Applications in Engineering 21 (ICMAE 1) MALAYSIAN JOURNAL OF MATHEMATICAL
More information