Scribd Logo
Upload

Welcome to Scribd!

  • Stresm Cipher Lecture

    Uploaded by

    mortezanova3
    6 views10 pages
    The document discusses stream ciphers and linear feedback shift registers (LFSRs) used in stream cipher algorithms. It provides details about the RC4 stream cipher, including its initialization procedure and use of a state vector and temporary vector to generate keystream bytes through systematic selection and permutation of vector entries. RC4 was widely used due to its simplicity and speed but is prone to producing biased keystream outputs, especially in early bytes. LFSRs generate pseudorandom numbers periodically using feedback, and a 5-bit example LFSR with a maximum period of 31 bits is provided.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses stream ciphers and linear feedback shift registers (LFSRs) used in stream cipher algorithms. It provides details about the RC4 stream cipher, including its initialization procedure and use of a state vector and temporary vector to generate keystream bytes through systematic selection and permutation of vector entries. RC4 was widely used due to its simplicity and speed but is prone to producing biased keystream outputs, especially in early bytes. LFSRs generate pseudorandom numbers periodically using feedback, and a 5-bit example LFSR with a maximum period of 31 bits is provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views10 pages

    Stresm Cipher Lecture

    Uploaded by

    mortezanova3
    The document discusses stream ciphers and linear feedback shift registers (LFSRs) used in stream cipher algorithms. It provides details about the RC4 stream cipher, including its initialization procedure and use of a state vector and temporary vector to generate keystream bytes through systematic selection and permutation of vector entries. RC4 was widely used due to its simplicity and speed but is prone to producing biased keystream outputs, especially in early bytes. LFSRs generate pseudorandom numbers periodically using feedback, and a 5-bit example LFSR with a maximum period of 31 bits is provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    Mustansiriyah University Symmetric Cryptography Class: Third Year

    Faculty of Engineering Stream Cipher Course name: Data Encryption


    Computer Engineering Dep. Lecturer: Fatimah Al-Ubaidy

    Stream Cipher
    Stream ciphers operate on a single bit or byte at a time and implement some form of feedback
    mechanism so that the key is constantly changing.
     In stream cipher, a key is input to a pseudorandom bit/number generator that produces a stream
    of n-bit numbers that are apparently random.
     The output of the generator, called a keystream, is combined one byte at a time with the plaintext
    stream using the bitwise exclusive-OR (XOR) operation.
     The general formula of the stream cipher:
    Ci = Ek(Pi) = Pi ⊕ Ki for encryption
    Pi = Dk(Ci) = Ci ⊕ Ki for decryption
     A stream cipher generates successive elements of the keystream based on an internal state. This
    state is updated in essentially two ways: if the state changes independently of the plaintext or
    ciphertext messages, the cipher is classified as a synchronous stream cipher. By contrast, self-
    synchronising (asynchronous) stream ciphers update their state based on previous ciphertext
    digits.

    1
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Lecturer: Fatimah Al-Ubaidy

    Stream Cipher
     The following important design considerations for a stream cipher:
    (1) The encryption sequence should have a large period. The longer the period of repeat the more
    difficult it will be to do cryptanalysis. A pseudorandom number generator uses a function that
    produces a deterministic stream of bits that eventually repeat. The longer the period of repeat, the
    more difficult it will be to do cryptanalysis.
    (2) The keystream should approximate the properties of a true random number stream. For example,
    there should be an approximately equal number of 1s and 0s.
    (3) the output of the pseudorandom number generator is conditioned on the value of the input key. To
    guard against brute-force attacks, the key needs to be sufficiently long.

    Stream Cipher Usage:


    Stream ciphers are often used for their speed and simplicity of implementation in hardware, and in
    applications where plaintext comes in quantities of unknowable length like a
    secure wireless connection. Another advantage of stream ciphers in military cryptography is that the
    cipher stream can be generated in a separate box that is subject to strict security measures

    2
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Lecturer: Fatimah Al-Ubaidy

    One Time Pad


    Similar to stream cipher, one-time pad uses a keystream of completely random digits. This scheme
    uses a random key that is as long as the message, so that the key need not be repeated. In addition,
    the key is to be used to encrypt and decrypt a single message, and then is discarded. Each new
    message requires a new key of the same length as the new message. Such a scheme is unbreakable.
    It produces random output that bears no statistical relationship to the plaintext.
    Example: Decrypt the following ciphertext using one-time key and Vigenère scheme with 27
    characters in which the twenty-seventh character is the space character,
    ciphertext: ANKYODKYUREPFJBYOJDSPLREYIUNOFDOIUERFPLUYTS
    key: pxlmvmsydofuyrvzwc tnlebnecvgdupahfzzlmnyih
    plaintext: mr mustard with the candlestick in the hall
    In theory, we need look no further for a cipher. The one-time pad offers complete security (perfect
    secrecy) but, in practice, has two fundamental difficulties:
    1. There is the practical problem of making large quantities of random keys.
    2. There is a problem of key distribution and protection. For every message to be sent, a key of equal
    length is needed by both sender and receiver.
    Because of these difficulties, the one-time pad is of limited utility and is useful primarily for low-
    bandwidth channels requiring very high security.
    3
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Linear Feedback Shift Register Lecturer: Fatimah Al-Ubaidy

    Stream Cipher
    Pseudorandom number generator (PRNG):
    It is an algorithm that generates apparently random sequences using (1) an initial seed value and (2)
    feedback mechanism.

    Linear Feedback Shift Register (LFSR):


    It is a shift register whose input bit is a linear function (e.g. XOR) of some bits of the overall shift
    register value. The initial value of the LFSR is called the seed. The register has a finite number of
    possible states (i.e. period). For n-bit LFSR, its maximum period is 2n-1.
    Note that, not all LFSRs can produce a maximum number of states. This depends on (1) the initial
    value of the LFSR and (2) the taps connections.

    1
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Linear Feedback Shift Register Lecturer: Fatimah Al-Ubaidy

    Stream Cipher
    LFSR Example:
    let’s look at a 5-bit LFSR with the tap coefficients of the register given by 00101. In order to guarantee
    that this shift register has a maximum period. For a register with five internal bits within it, bits that
    can never all be equal to zero, the maximum length is 25-1 or 31. Hence, this register has an output
    sequence of 31 pseudorandom bits.
    Solution: X5 X4 X3 X2 X1
    If the initial state of this LFSR is 00001, the
    following sequences will be produced.

    2
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering RC4 Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Lecturer: Fatimah Al-Ubaidy

    Stream Cipher
    The RC4 Stream Cipher:
    RC4 is a stream cipher designed in 1987 by Ron Rivest. It is a variable key-size stream cipher with
    byte-oriented operations. The algorithm is based on the use of a random permutation.
     The period of the cipher is likely to be greater than 10100 .
     The cipher can be expected to run very quickly in software.
     RC4 is used in WEP (Wired Equivalent Privacy) and WPA (WiFi Protected Access ), which are
    encryption protocols commonly used on wireless routers. RC4 was originally very widely used
    due to its simplicity and speed.
     The main issue in this type of cipher is not with RC4 itself but the way in which keys are
    generated for use as input to RC4. Over time this code was shown to produce biased outputs
    towards certain sequences, mostly in first few bytes of the keystream generated.

    1
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering RC4 Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Lecturer: Fatimah Al-Ubaidy

    RC4 Procedure
    The RC4 algorithm:
    A variable-length key from 1 to 256 bytes (8 to 2048 bits) is used to initialize a 256-byte state vector
    S, with elements S[0], S[1],..., S[255]. For encryption and decryption, a byte K is generated from S
    by selecting one of the 255 entries in a systematic fashion. As each a new generated value of K, the
    entries in S are once again permuted.

    Step 1: Initialization of S
    To begin, (a) the entries of S are set equal to
    the values from 0 through 255 in ascending
    order; that is; S[0] = 0, S[1] = 1,...,S[255] = 255.
    (b) A temporary vector, T, is also created.
    If the length of the key K is 256 bytes,
    then K is transferred to T. Otherwise, for
    a key of length keylen bytes,
    the first keylen elements of T are copied from K
    and then K is repeated as many times as necessary to fill out T.
    T K(0) K(1) …. K(keylen) S 0 1 ….. 255

    2
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering RC4 Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Lecturer: Fatimah Al-Ubaidy

    RC4 Algorithm
    The preliminary operations can be summarized as follows:
    for i = 0 to 255 do
    S[i] = i;
    T[i] = K[i mod keylen];

    Step 2: Initial Permutation of S


    Next we use T to produce the initial permutation of S. This involves starting with S[0] and going
    through to S[255], and, for each S[i], swapping S[i] with another byte in S according to a scheme
    dictated by T[i]:
    j = 0;
    for i = 0 to 255 do
    j = (j + S[i] + T[i]) mod 256;
    Swap (S[i], S[j]);

    Because the only operation on S is a swap, the only effect is a permutation. S still contains all the
    numbers from 0 through 255.

    3
    Mustansiriyah University Symmetric Cryptography Class: Third Year
    Faculty of Engineering RC4 Stream Cipher Course name: Data Encryption
    Computer Engineering Dep. Lecturer: Fatimah Al-Ubaidy

    RC4 Algorithm
    Step3: Stream Generation
    Once the S vector is initialized, the input key is no longer used. Stream generation involves cycling
    through all the elements of S[i], and, for each S[i], swapping S[i] with another byte in S according to
    a scheme dictated by the current configuration of S. After S[255] is reached, the process continues,
    starting over again at S[0]:
    i, j = 0;
    while (true)
    i = (i + 1) mod 256;
    j = (j + S[i]) mod 256;
    Swap (S[i], S[j]);
    t = (S[i] + S[j]) mod 256;
    K = S[t];

    Step 4: Encryption
    To encrypt, XOR the value Ki with the next byte of plaintext (Pi). To decrypt, XOR the value Ki with
    the next byte of ciphertext (Ci).
    Ci = Pi ⊕ Ki

    You might also like