EHANCEMENT OF LIGHTWEIGHT BLOCK CIPHER ALGORITHMS BY SUFYAN SALIM MAHMOOD AL-DABBAGH A thesis submitted in fulfilment of the requirement for the degree of Doctor of Philosophy (Information Technology) Kulliyyah of Information and Communication Technology International Islamic University of Malaysia APRIL 2015
24
Embed
EHANCEMENT OF LIGHTWEIGHT BLOCK CIPHER ALGORITHMS …
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
EHANCEMENT OF LIGHTWEIGHT BLOCK CIPHER
ALGORITHMS
BY
SUFYAN SALIM MAHMOOD AL-DABBAGH
A thesis submitted in fulfilment of the requirement for the
degree of Doctor of Philosophy
(Information Technology)
Kulliyyah of Information and Communication Technology
International Islamic University of Malaysia
APRIL 2015
ii
ABSTRACT
Although the Advanced Encryption Standard (AES) is an excellent and preferred
choice for almost all block cipher applications, it is not suitable for extremely
constrained environments such as Radio-Frequency IDentification (RFID) tags and
sensor networks. Therefore, the demand for lightweight algorithms is very strong and
vital. Lightweight block ciphers are new and important branch of cryptography and
they are the best way to secure the information in constrained devices. This research
dealt with three problems; First, it is difficult to optimized three factors at same time.
Second, there are many researches still trying to find an algorithm that has the highest
level of security. Third, there is lack knowledge on key dependent S-box within
lightweight algorithms. All these problems solved in three directions. The first
direction proposed lightweight block cipher algorithm called OLBCA (Optimized
Lightweight Block Cipher Algorithm) that it outperformed PRESENT, which is one
of the famous lightweight algorithm through three factors security, performance and
cost. The results showed that OLBCA is more secure than PRESENT in terms of
(differential cryptanalysis, integral cryptanalysis and boomerang attack). Also, the
cost of OLBCA is less than PRESENT and the OLBCA is faster than PRESENT. The
second direction proposed another lightweight block cipher algorithm called HISEC
(Highest Security lightweight block cipher algorithm). The results showed that
HISEC has the higher security than many existing lightweight algorithms especially
in the resistance of (differential cryptanalysis, integral cryptanalysis and boomerang
attack) while the cost of HISEC still reasonable. The third direction proposed five
novel methods for generating key dependent S-box in lightweight block cipher
algorithms and we did intensive analysis regarding to the security and cost. To the
best of our knowledge, this is the first study that analyse the methods for generating
key dependent S-box with lightweight block cipher algorithms.
iii
خلاصة البحثABSTRACT IN ARABIC
عمم طبييقا هو خيار ممتاز ومفضل لم (AES) على الرغم من أن معيار التشفير المتقدم Block cipher الاداء، : مقيدة او محددة في كل من العوامل التاليةلييئا ا، فإنه ليس مناسي
وبالتالي، فإن البلب على .sensor networksو RFIDلهذه الييئا ل امثالكلفة و الامن وك Lightweight Blockخوارزمية. قوي جدا وحيوي Lightweight Block Cipher خوارزميا
Cipher أفضل طريقة لتأمين المعلوما في الأجهزة وفرع جديد ومهم من التشفير وأنه ه هو سيينتح، من الصعب المشكلة الاولى. في هذا اليحث، طعاملنا مع ثلاث مشاكل. قيدةالم
ثانيا، هناك العديد من اليحوث لا طزال تحاول العثور على . ثلاثة عوامل في نفس الوقت dependent S-box المعرفة نقص فيثالثا، هناك . الخوارزمية التي لديها أعلى مسيتوى من الأمن
Key مع خوارزمية lightweight. الاتجاه الأول . في ثلاثة اتجاها حلتكل هذه المشاكلعلى OLBCAالخوارزمية المقترحة طفوقت .OLBCA جديدة اطلق عليها اقترح خوارزمية تم
الشهيرة من خلال ثلاثة عوامل الأمن ا التي طعد واحدة من الخوارزميو PRESENTخوارزمية طبييق من حيث PRESENTهو أكثر أمانا من OLBCA أظهر النتائج أن. والأداء والكلفة
Differential cryptanalysis, Integral cryptanalysis and Boomerang)الثلاثة الهجوميا
cryptanalysis) .أيضا، فإن طكلفة OLBCA أقل منPRESENT وOLBCA كذلك هو. HISEC جديدة ايضا اطلق عليهااقترح خوارزمية تم في الاتجاه الثاني . PRESENTأسرع من
حاليا منن العديد من الخوارزميا الموجودة لديه أمان أعلى م HISEC أظهر النتائج أن Differential cryptanalysis, Integral cryptanalysis and)الثلاثة الهجوميامقاومة حيث
Boomerang cryptanalysis.) في حين أن طكلفة HISEC تم في الاتجاه الثالث . طزال معقولةتحليل مكثف فيما يتعلق وتم عمل Key Dependent S-boxاقترح خمس طرق جديدة لتوليد
Keyطرق لتوليد حللت الدراسة الأولى التي يهه على حد علمنا، هذ. من والتكلفةلاب
Dependent S-box مع خوارزمياLightweight Block Cipher.
iv
APPROVAL PAGE
The thesis of Sufyan Salim Mahmood Al-Dabbagh has been approved by the
following:
_____________________________________
Imad Fakhri Alshaikhli
Supervisor
_____________________________________
Muhammad Reza Zaba
Co-Supervisor
_____________________________________
Akram M. Zeki
Internal Examiner
_____________________________________
Alaa Al-Hamami
External Examiner
_____________________________________
Aziza Binti Abdul Manaf
External Examiner
_____________________________________
Radwan Jamal Yousef Elatrash
Chairman
v
DECLARATION
I hereby declare that this dissertation is the result of my own investigations, except
where otherwise stated. I also declare that it has not been previously or concurrently
submitted as a whole for any other degrees at IIUM or other institutions.
This thesis would have been impossible to complete without the help and
encouragement of several people. First of all, I wish to express my deepest gratitude
and sincere appreciation to my supervisors Dr. Imad Fakhri Alshaikhli and Dr.
Muhammad Reza Za’ba for their continues support all the time. Secondly, I am
grateful to my lovely parent, my father Prof. Salim, my wife Alyaa, my brother Ph.D
candidate Marwan, my sisters (Sura and Dr. Marwa) for their unshakable believe in
me since my childhood to achieve my life goals. Last, but not the least, I thank my
colleagues (Mustafa Abuzaraida, Rabiul Awal and Fardous Eljadi) for their continues
administration help toward my PhD achievement.
ix
TABLE OF CONTENTS
Abstract .................................................................................................................... ii Abstract in Arabic .................................................................................................... iii Approval Page .......................................................................................................... iv
Declaration ............................................................................................................... v Copyright Page ......................................................................................................... vi Dedication ................................................................................................................ vii Acknowledgements .................................................................................................. viii List of Tables ........................................................................................................... xiii
List of Figures .......................................................................................................... xvi List of Abbreviations ............................................................................................... xviii
CHAPTER ONE: INTRODUCTION ................................................................. 1 1.1 Background ............................................................................................. 1 1.2 Problem Statement .................................................................................. 3 1.3 Research Questions ................................................................................ 5
1.4 Research Objectives ............................................................................... 6 1.5 Scope of the Study .................................................................................. 6
1.6 Research Significance ............................................................................. 7 1.7 Research Plan ......................................................................................... 8
1.7.1 Study and analyse existing lightweight block cipher
algorithms ..................................................................................... 9 1.7.2 Study and analyse the characteristics of a good S-box. ................ 9
1.7.3 Study and analyse existing key dependent s-box methods ........... 9 1.7.4 Propose and analyse two lightweight block cipher algorithms ..... 10
1.7.5 Propose and analyse novel methods of a key dependent S-box ... 10 1.7.6 Conclusion and suggestions for further research .......................... 11
3.3.4 Non Repudiation ........................................................................... 26 3.3.5 Access Control .............................................................................. 27
3.6.2 Substitution and Permutation Network......................................... 33
A. Substitution box ....................................................................... 33 B. Permutation .............................................................................. 36
3.7.1 Attack Scenarios ........................................................................... 38 A. Ciphertext-Only ....................................................................... 39 B. Known Plaintext....................................................................... 39
C. Chosen Plaintext ...................................................................... 39 D. Chosen Ciphertext ................................................................... 39 E. Adaptive Chosen Plaintext or Ciphertext ................................. 39 F. Related Key .............................................................................. 40
A. Linear Cryptanalysis ................................................................ 40 1. Approximation of Components ................................................ 41
2. Approximation of a Complete Cipher ...................................... 41 3. Piling–Up Lemma..................................................................... 42 4. How does the attack Work? ...................................................... 42 5. Attack Complexity .................................................................... 43
6. Security against Linear Cryptanalysis ...................................... 43 B. Differential Cryptanalysis ........................................................ 44
1. Analysis of Components ........................................................... 44 2. Construction of Differential Characteristic ............................... 44 3. How does the attack Work? ....................................................... 45
4. Complexity of the Attack ......................................................... 45 5. Security against Differential Cryptanalysis .............................. 46
C. Square Attack ........................................................................... 46 1. How does the attack Work? ...................................................... 46
2. Security against Square Attack .................................................. 48 D. Boomerang Attack ................................................................... 48 1. How does the attack Work? ...................................................... 49
2. Security against Boomerang Attacks ......................................... 50
3.8 Block Cipher Algorithms ........................................................................ 50 3.8.1 DES Algorithm ............................................................................. 50 3.8.2 Advanced Encryption Standard (AES) ......................................... 52
3.9 Lightweight Block Cipher Algorithm: Background and Criteria
4.2.1 SIMON and SPECK...................................................................... 71 4.2.2 TWINE .......................................................................................... 73
4.2.3 PRINCE ........................................................................................ 73 4.2.4 KLEIN ........................................................................................... 74 4.2.5 LED ............................................................................................... 75 4.2.6 LBLOCK ....................................................................................... 76 4.2.7 PRINT ........................................................................................... 77
4.4 Cost ...................................................................................................... 85 4.4.1 SIMON and SPECK...................................................................... 85
4.4.2 PRINCE Algorithm ....................................................................... 86 4.4.3 Cost of the other Existing Lightweight Algorithms ...................... 86
4.5 Cryptanalysis .......................................................................................... 87 4.5.1 SIMON and SPECK...................................................................... 88 4.5.2 TWINE Algorithm ........................................................................ 89
4.5.3 PRINCE Algorithm ....................................................................... 90
4.5.4 KLEIN Algorithm ......................................................................... 90 4.5.5 LED Algorithm ............................................................................. 91 4.5.6 Lblock Algorithm .......................................................................... 91 4.5.7 PRINT Algorithm ......................................................................... 92 4.5.8 KATAN AND KTANTAN Algorithms ....................................... 92
5.2.1 F function ...................................................................................... 101 5.2.2 Key Schedule ................................................................................ 103
7.3 Security Analysis .................................................................................... 163 7.3.1 First case one bit as key dependent S-box: ................................... 165
7.3.2 Second case two bits as key dependent S-box: ............................. 165 7.3.3 Third case four bits as key dependent S-box: ............................... 166
7.3.4 Fourth case more than four bits as key dependent S-box: ............ 166 7.4 Cost Analysis .......................................................................................... 166
7.4.1 First case one bit as key dependent S-box: ................................... 167
7.4.2 Second case two bits as key dependent S-box: ............................. 168
7.4.3 Third case four bits as key dependent S-box: ............................... 169 7.4.4 Fourth case more than four bits as key dependent S-box: ............ 170