Geri Dön

Des ve des benzeri şifreleme sistemlerinin diferansiyel kripto analizi

Başlık çevirisi mevcut değil.

  1. Tez No: 46311
  2. Yazar: MUZAFFER YILDIRIM
  3. Danışmanlar: PROF.DR. AHMET DERVİŞOĞLU
  4. Tez Türü: Yüksek Lisans
  5. Konular: Elektrik ve Elektronik Mühendisliği, Electrical and Electronics Engineering
  6. Anahtar Kelimeler: Belirtilmemiş.
  7. Yıl: 1995
  8. Dil: Türkçe
  9. Üniversite: İstanbul Teknik Üniversitesi
  10. Enstitü: Fen Bilimleri Enstitüsü
  11. Ana Bilim Dalı: Belirtilmemiş.
  12. Bilim Dalı: Belirtilmemiş.
  13. Sayfa Sayısı: 73

Özet

ÖZET Günümüzde, ülkeler arasında, teknoloji ve güvenli bir hayatın sağlanması açısından rekabetin artması nedeniyle, bilginin aktarılmasının gizlilik ve güvenilirliği önem kazanmıştır. Geliştirilen hızlı bilgisayarlar ve güçlü sistemler sayesinde veriler, oldukça hızlı ve iyi şifrelenerek iletilebilmektedir. Verilerin hızlı bir şekilde iletilmesi kadar, kullanılan şifreleme algoritmalarının güvenilirliğinin test edilmesi de oldukça büyük önem taşımaktadır. Şifrelenmiş mesajların kırılması ve şifreleme algoritmalarının test edilmesi için birçok yöntem kullanılır. Şifrelemenin hızlı ve güçlü olmasını sağlayan, yüksek teknoloji ve üstün hesaplama gücüne sahip bilgisayarlar, şifrelerin kırılması işlemlerini de kolaylaştırırlar. Elde edilen bilgi miktarına, anahtarın geçerlilik süresine ve şifrelemede kullanılan algoritmaya göre, şifrelerin kırılması için kullanılan yöntem değişir. Bu çalışmada, günümüzde oldukça yaygın kullanılan DES (Data Encryption Standard) ve DES-benzeri yinelemeli sistemlerin diferansiyel kripto-analizi incelenmiştir. Diferansiyel kripto-analiz oldukça yeni (1990) bir şifre kırma ve test yöntemi olmasına rağmen kriptolojideki önemi büyüktür. Bu yöntem, özellikle DES ve DES-benzeri yinelemeli kripto-sistemleri için uygundur. Bu nedenle bu çalışmada, önce bu tür sistemler kısaca incelenmiş ve daha sonra bu sistemler için diferansiyel kripto-analiz yönteminin nasıl kullanılacağı gösterilmiştir. Çeşitli sayıda çevrime sahip DES sistemlerinin diferansiyel analizi açıklanmış ve analiz sonuçlan verilmiştir. DES algoritmasının programlan, C programlama dili kullanılarak yazılmıştır. Ayrıca diferansiyel kripto-analizde kullanılan iki teknik için (uygun çiftler ve sayma teknikleri), iki çevrimli DES 'in analiz programı verilmiştir. Bu programlar da C programlama dilinde yazılmıştır. DES algoritması saldırılara karşı güçlülüğünü koruduğu sürece, verilen programlar da güncelliğini koruyacaktır.

Özet (Çeviri)

SUMMARY In this work (The Differential Cryptanalysis of DES and DES-like cryptosystems), the differential cryptanalysis method is studied. Some results are obtained about the analysis of DES and DES-like iterated cryptosystems. The detailed abstract on this subject is given in the following paragraphs. The security of iterated cryptosystems and hash functions has been an active research area for many years. The best known and most widely used function of this type is the Data Encryption Standard (DES). It was developed by IBM researchers and adopted by the National Bureau of Standards in the mid 70's. After DES was published, many other iterated cryptosystems were developed. Iterated cryptosystems are a family of cryptographically strong functions based on iterating a weaker function n times. Each iteration is called a round and the cryptosystem is called an n-round cryptosystem. The round function is a function of the output of the previous round and of a subkey which is a key dependent value calculated via a key scheduling algorithm. The round-function is usually based on S-boxes (lookup tables), bit permutations, arithmetic operations and the exclusive-or (©, XOR) operation. In most applications the encryption algorithm is assumed to be known and the secrecy of the data depends only on the secrecy of the randomly chosen key. An early proposal for an iterated cryptosystems was Lucifer. The round function of Lucifer has combinations of non-linear S-boxes and a bit permutation. The input bits are divided into groups of four consecutive bits. Each group is translated by a reversible S-box giving a four bit result. The output bits of all the S-boxes are permuted in order to mix them when they become the input to the following round. In Lucifer, only two fixed S-boxes (So and Si) were chosen. Each S-box can be used at any S-box location and the choice is key dependent For a block size of 128 bits and a 16-round XIcryptosy stems there are 512 S-box entries for which 512 key bits are needed. A key expansion algorithm that repeats each key bit four times reduces the key size to 128 bits. The Data Encryption Standard (DES) which is a well known and widely used cryptosystem is an improved version of Lucifer. The key size of DES is 56 bits and the block size is 64 bits. This block is permuted using initial permutation and divided into two halves of 32 bits each. The main part of the round-function is the F function. The F function works on the right half of the data using a subkey of 48 bits and eight S-boxes. The 32 output bits of the F function are XORed with the left half of the data and the two halves are exchanged. At the end of DES two halves are concatenated and this block is permuted via final permutation which is the inverse of initial permutation. In the F function, the 32-bit right half is expanded to 48 bits by a E expansion and the result is XORed with the 48-bit subkey. Then, the resultant 48-bit value is subjected to eight S-boxes (called SI, S2, S8). The 32 output bits of the S-boxes are concatenated and permuted by a P permutation. In the key scheduling algorithm, the values of the 16 48-bit subkeys (Kl, K2,....,K16) are calculated from the 56-bit key. These subkeys are used as inputs to the F functions in the various rounds of the encryption algorithm. In the first part of the key scheduling algorithm, the 56 key bits are permuted by a PC-1 permutation and then divided into two 28-bit key registers (C register and D register). In each round, the register C and D are rotated one or two bits to the left. Then, 48 bits are selected from the concatenated value of the C and D registers, and these bits are permuted to form the 48-bit subkey of the corresponding round via a PC-2 permutation. All expansion and permutation tables, S-boxes and the diagram of DES algorithm will be given in the following sections. During the last decade, several cryptosystems which are variant of DES have been suggested. One of the is the Fast Data Encryption Algorithm (FEAL). FEAL was designed to be efficiently implementable on an eight-bit microprocessor. The structure of FEAL is similar to that of DES with a new F function and new initial and final transformations. The basic operations of XUFEAL are exclusive-or, byte additions and byte rotations. The first version of FEAL, called FEAL-4, has four rounds. FEAL-4 was broken by Den-Boer. The designers of FEAL reacted by introducing a new version with eight rounds, called FEAL-8. Later, two new versions have been added to the family: FEAL-N with any even number of rounds and FEAL-NX with extended 128 bit keys. One of the DES-like cryptosystems is REDOC-II. REDOC-II is a high speed confusion/diffusion/arithmetic cryptosystem. It has ten rounds, but even the one-round variant is claimed to be sufficiently strong since the round function is very complicated. LOKI is a 64-bit key/64-bit block cryptosystem similar to DES which uses one twelve-bit to eight-bit S-box based on irreducible polynomials in four S-box entries. Two new modes of operation which convert LOKI into a hash function are defined. Functions which map arbitrarily long messages into fixed length values are called Hash Functions. A hash function is called cryptographically strong if it is difficult to find any message that maps to a given value or any pair of messages that map to the same value. Many cryptographic hash functions are designed using the same building blocks as iterated cryptosystems, like the XOR operation, S-boxes and iteration of a simple round-function many times. The open cryptographic literature contains very few examples of universal methods of cryptanalysis, which can be successfully applied to a wide variety of encryption and hash functions. Differential Cryptanalysis is a powerful new technique of this type. It is a chosen plaintext attack which can often be converted into known plaintext attack. Differential cryptanalysis is a method which analyses the effect of particular differences in plaintext pairs on the differences of the resultant ciphertext pairs. These differences can be used to assign probabilities to the possible keys and to locate the most probable key. This method usually works on many pairs of plaintext with the same particular difference using only the XUlresultant ciphertext pairs. For DES-like cryptosystems the difference is chosen as a fixed XORed value of the two plaintexts. Although DES seems to be very non-linear in its input bits, when particular combinations of input bits are modified simultaneously, particular intermediate bits are modified in a usable way with a relatively high probability after several rounds. This property can be described by means of the particular XOR value of the two plaintexts, the particular XOR value of the intermediate round and the corresponding probability. Two such encryptions are called a pair. The XOR of pairs is invariant in the XORing of the key and is linear in the E expansion, the P permutation and the XOR operation between the left half of the data and the output of the F function. Therefore, it is very easy to push the knowledge of such a XOR in the input over these operations. DES contains also S-boxes which are non-linear tables. Knowledge of the input XOR of a pair cannot guarantee knowledge of its output XOR. However, every input XOR of an S-box suggests a probabilistic distribution of the possible output XORs. In this distribution several output XORs have a relatively high probability. This property can be used as a tool to identify key bits. Before the summary of this method, the informal definition of 'characteristic' can be given like this: Associated with any pair of encryptions are the XOR value of its two plaintexts, the XOR of its ciphertexts, the XORs of the inputs of each round in the two executions and the XORs of the outputs of each round in the two executions. These XOR values form an n-round characteristic. A characteristic has a probability which is the probability that a random pair with the chosen plaintext XOR has the round and ciphertext XORs specified in the characteristic. The summary of mis technique can be given as in the following way : Observe the difference between the two ciphertexts as a function of the difference between the corresponding plaintexts. XIVFind the highest probability differential input (called characteristic) which can be traced through several rounds. Assign probabilities to the possible keys and locate the most probable key. This attack can be applied to a wide variety of DES-like substitution/permutation cryptosystems, and it demonstrates the crucial role of each element in their design. In particular, it can be shown that almost any structural modification of DES leads to a much weaker cryptosystems. The results of the attacks on variants of DES with reduced numbers of round are as follows. DES reduced to six rounds can be broken by a chosen plaintext attack in less than 0.3 seconds on a personal computer using 240 ciphertexts. Its known plaintext variant needs about 236 ciphertexts. DES reduced to eight rounds can be broken by a chosen plaintext attack in less than two minutes on a computer by analyzing about 214 ciphertexts. Its conversion to a known plaintext attack needs about 239 ciphertexts. Any reduced variant of DES is breakable by a chosen plaintext attack faster than via exhaustive search. The known plaintext variants of the attacks are faster than exhaustive search for up to 14 rounds. An advanced form of differential cryptanalysis can also break the full 16-round DES. The data analysis phase requires 237 time and negligible space by analyzing 236 ciphertexts obtained from a larger pool of 247 chosen plaintexts. An interesting feature of the new attack is that it can be applied with the same complexity and success probability even if the key is frequently changed and thus the collected ciphertexts are derived from many different keys. The FEAL-8 cryptosystem can be broken with about 128 chosen plaintexts or with about 236 known plaintexts. Khafre with 16 rounds is breakable by a differential cryptanalytic chosen plaintext attack using about 1500 encryptions within about an hour on a personal computer. By a differential cryptanalytic known plaintext attack it is breakable using about 238 encryptions. REDOC-II with one round is breakable by a differential cryptanalytic chosen plaintext attack using about 2300 encryptions within less than a minute on a personal computer. LOKI with up to eleven rounds is XVbreakable faster than via exhaustive search by a differential cryptanalytic attack. Lucifer with eight rounds is breakable within 221 steps using 24 ciphertext pairs. The other variant of Lucifer reduced to eight rounds is even weaker. XVI

Benzer Tezler

  1. Tez No

    46228

    Wind: A Knowledge based system for the synthesis of window parts

    Başlık çevirisi yok

    MANOLYA KAVAKLI

    Yüksek Lisans

    İngilizce

    İngilizce

    1995

    Mimarlıkİstanbul Teknik Üniversitesi

    PROF.DR. NİGAN BEYAZIT

  2. Tez No

    46375

    Blok şifrelemeli sistemlerde kullanılan S kutularının sağlamlık ölçütlerinin incelenmesi

    Başlık çevirisi yok

    ESİN YÜZBAŞİÇ

    Yüksek Lisans

    Türkçe

    Türkçe

    1995

    Elektrik ve Elektronik Mühendisliğiİstanbul Teknik Üniversitesi

    DOÇ.DR. BÜLENT ÖRENCİK

  3. Tez No

    444364

    A robust encryption and data hiding technique by using hybrid des and lsb algorithm

    Hibrid des ve lsb algoritma kullanarak sağlam şifreleme ve veri gizleme tekniği

    AHMED NASHAAT SHAKIR SHAKIR

    Yüksek Lisans

    İngilizce

    İngilizce

    2016

    Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve KontrolÇankaya Üniversitesi

    Bilgisayar Mühendisliği Ana Bilim Dalı

    YRD. DOÇ. DR. SİBEL TARIYAN ÖZYER

  4. Tez No

    68705

    Implementation of on RSA based cryptosystem

    RSA tabanlı halka açıkanahtarlı kriptosisteminin uygulanması

    SADIK SEMİH GÜL

    Yüksek Lisans

    İngilizce

    İngilizce

    1997

    Elektrik ve Elektronik MühendisliğiOrta Doğu Teknik Üniversitesi

    Elektrik-Elektronik Mühendisliği Ana Bilim Dalı

  5. Tez No

    183288

    Modern şifreleme yöntemlerinin gücünün incelenmesi

    Examining the strenght of modern encryption techniques

    MUHARREM TOLGA SAKALLI

    Doktora

    Türkçe

    Türkçe

    2006

    Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve KontrolTrakya Üniversitesi

    Bilgisayar Mühendisliği Ana Bilim Dalı

    YRD. DOÇ. DR. ERCAN BULUŞ

Geri Dön