Geri Dön

Blok şifrelemeli sistemlerde kullanılan S kutularının sağlamlık ölçütlerinin incelenmesi

Başlık çevirisi mevcut değil.

  1. Tez No: 46375
  2. Yazar: ESİN YÜZBAŞİÇ
  3. Danışmanlar: DOÇ.DR. BÜLENT ÖRENCİK
  4. Tez Türü: Yüksek Lisans
  5. Konular: Elektrik ve Elektronik Mühendisliği, Electrical and Electronics Engineering
  6. Anahtar Kelimeler: Belirtilmemiş.
  7. Yıl: 1995
  8. Dil: Türkçe
  9. Üniversite: İstanbul Teknik Üniversitesi
  10. Enstitü: Fen Bilimleri Enstitüsü
  11. Ana Bilim Dalı: Belirtilmemiş.
  12. Bilim Dalı: Belirtilmemiş.
  13. Sayfa Sayısı: 122

Özet

ÖZET Günümüzde, büyük miktarlarda verilerin uygun bir iletişim ortamı kullanılarak bir noktadan başka bir noktaya ulaşımı sağlanmaktadır. Bu işlem sırasında bilginin güvenli bir şekilde bozulmadan ve değiştirilmeden iletilmesi şifreleme ile gerçekleştirilir. Şifreleme, klasik anlamda diplomatik,askeri ve devlet kademelerinde bilgi güvenliği için kullanılmakta iken bugün artık bankacılık sektöründe,iletişimde (telecommunications) kişisel bilgi güvenliğinin sağlanabilmesi için bir zorunluluk haline gelmiştir. Günümüzde kullanılan şifreleme algoritmaları, teknolojinin hızla gelişmesi ve kullanılan bilgisayarların ve iş istasyonlarının işlem hızlarının sürekli artması ile çok kısa bir süre içinde geçerliliğini ve güvenilirliğini kaybetme durumuna gelmektedirler. Genel olarak iki tip şifreleme vardır: Blok Şifreleme ve Dizi Şifreleme. Bu çalışmada blok şifrelemeli sistemlerde kullanılan s-kutularının sağlamlık ölçütleri incelenmiştir. Non-lineer yapıda olan s-kutulan, eğer algoritmada gizli anahtar bilinmiyorsa, algoritmanın çözümünü oldukça zorlaştırmaktadırlar. Bu yüzden S-kutularının hangi kriterler göre nasıl inşa edildiği ve eğer s-kutulan inşa edilecek olursa bunların sağlamlık ölçütlerinin ne olacağı büyük önem taşımaktadır. S-kutularının sağlamlık ölçütlerinin incelenmesi DES S-kutulan üzerinde gerçekleştirilmiş ve C dilinde programlan yapılmıştır. Ayrıca blok şifrelemeli algoritmalarda kullanılabilen verilen açık mesaj bitlerinin şifreli mesaj bitleri ile olan giriş - çıkış bit bağımlılıkları DES benzeri algoritmalar için incelenmiş ve C dilinde programlar yapılmıştır. DES-benzeri şifreleme ve şifre çözme algoritmalalarının programlan C dilinde yazılmıştır. Şifrelemede S-kutulan kullanıldığı sürece bu ölçütler geçerliliklerini koruyacakladır.

Özet (Çeviri)

SUMMARY A basic problem in cryptography is devising procedures to transform messages (plaintext) into cryptograms (ciphertext). These procedures withstand intense cryptoanalysis ~ the techniques used by the opponents to penetrate encrypted communications and recover the original information. The procedures used to accomplish such transformations involve either a code system or a cipher system. Code systems require a code book or dictionary which translates a plaintext into its equivalent code groups. Management of these code books is cumbersome. This limits the versatility of these systems. On the other hand, cipher systems are more versatile. They require two basic elements: A cryptographic algorithm, and a key. Cryptographic algorithms are made of procedures, rules or steps that are constant. Cipher systems come in two kinds; block and stream ciphers. In a block cipher system, data are encrypted and decrypted in blocks, and the length of the blocks are defined by the designer. In a stream cipher system, the length of the data to be encrypted or decrypted is determined by the user. In stream cipher systems, there are three parameters: the algorithm, the key, and an initialization vector. A cryptographic algorithm requires an extremely large number of transformations, in which a particular transformation depends on the cryptographic key that is used. Each transformation changes sequences of regular data (plaintext) into sequences of seemingly random data (ciphertext). Transformation from plaintext to ciphertext is known as encryption (encipherment). The reverse transformation from ciphertext to plaintext is called decryption (decipherment). The main aim of cryptograhic algorithms is to provide security and secrecy. The cryptographic key is a parameter which provides security. To implement a cryptographic algorithm conventionally, the key must be fixed in length, relatively short and capable of being used repeatedly without weakening the security. Theoretically, most algorithms can always be broken. The problem is that how much work, resources and time is needed to break the algorithm. If this work factor is high, breaking an algorithm requires such a long time, too much work and resources, that the opponent has to give up attacking. The work factor can be determined by cryptoanalyst hours, number of mathematical or logical operations, computing resources (e.g. data storage and processing requirements), special hardware and calendar time. It is possible to design unbreakable ciphers. In this case the key must be selected randomly, (e.g. each key have the same probability to be selected). In addition, the length of the key must be the same or longer than the plaintext's. These XIVsystems are called one time pads. The key must be transported in a secure channel before the communication is established. A strong cryptographic algorithm can be designed in two ways : 1) An algorithm is known by cryptoanalysts who try a set of methods to break it. The algorithm is enhanced to thwart these methods. The algorithm must resist all known attacks. DES algorithm is an example for this. 2) An algorithm can be strongly designed so that breaking it amounts to solving some known difficult problems. RSA algorithm is an example for this. To attack an algorithm (cryptanalysis), some information such as ciphertext, and maybe the corresponding plaintext is required. Therefore, the amount of information which the opponent has, is important. Ciphertext can be intercepted by wiretapping during transmission; encrypted data files can be copied or stolen from their storage device. Physical security and access control procedures are important to prevent unauthorized use of cryptographic devices. While an algorithm is being designed, it is assumed that the opponent has a wide range of information. This information can be useful to attack the algorithm. It is also assumed that the opponent has knowledge of wide range of attacks. So the algorithm must be designed to resist all known attacks. To design a strong cryptographic algorithm two conditions must be satisfied:. Those mathematical equations which describe the algorithm's operation must be too complex to be solved by analythical methods.. The required time or cost to obtain the message or key must be too great if mathematical methods which are used are not that complex. The above conditions are important, but in addition the opponent may have the following advantages:. The opponent can have all the details of the algorithm, (the strength of the algorithm does not depend on its secrecy).. The opponent can learn a large amount of plaintext and the corresponding ciphertext.. The opponent can specify a large amount of plaintext and learn the corresponding ciphertext.. The opponent can specify a large amount of ciphertext and learn the corresponding plaintext. The opponent can have Supercomputers with a very high speed to be used for cryptanalysis. In theory, a strong algorithm can always be broken but an unbreakable algorithm can never be broken even with unlimited amount of computational power, data storage and time. Strong algorithms can be broken in theory, but not in practice. Block ciphers and stream ciphers are two fundamentally different approaches to obtain strong cryptographic algorithm. In this work, we are mostly concerned with block ciphers. XVBLOCK CIPHERS A block cipher transforms a string of input bits (input block) into a string of output bits (output block). Input and output blocks are fixed in length. Every bit in output block depends on every bit on input block and on every key bit. This situation is valid for both encryption and decryption processes. The blocksize of the algorithm must be large enough not to be cryptanalyzed easily. ATTACK TYPES We can describe two kind of attacks : Exhaustive attack and analytical attack. Exhaustive attack is an attempt to recover the plaintext or key by direct search methods. To recover a key, all possible key values are tried one by one. If only ciphertext is known, when trying key values the recovered plaintext is inspected to see whether it has any significance. Mathematical equations are obtained from the definition of the cryptographic algorithm. Unknown mesage or key is assumed as variables of these mathematical equations. In analythical attack, these variables are solved. To prevent this kind of direct mathematical attack, the algorithm must be constructed so that each bit of the ciphertext is a sufficiently complex mathematical function of the plaintext and key. If mathematical equations are that complicated, analytical attack can not be succesful. In this situation the work factor is said to be very large. DES is a block cipher algorithm. In 1977, National Bureau of Standards (NBS) has accepted DES algorithm as federal standard. DES has iterated rounds which are identical. A“round”is the core of the algorithm. It has simple operations (e.g. XOR, permutation). But when they are repeated many times, the algorithm becomes very complex. DES rounds have three main steps:. Plaintext or input block is divided into two equal parts as left and right halves.. The right half is operated with an internal key in f -function.. The output of f -function is combined (by XOR operation) with left half. The f -function of DES has 8“S-boxes”which are nonlinear by construction. If the key is unknown, nonlinearity of S-boxes makes breaking DES very difficult. To analyze nonlinear S-boxes, different ways are attempted. It is assumed that the complexity of S-boxes is very large. This way, analytical attack becomes too complicated to be accomplished. In this work, strength of S-boxes which are used in DES and DES like block cipher systems is examined and the corresponding C language programs are written while constructing S-boxes or investigating the strength of S-boxes what kind of criteria must be used. Mathematicians and other scientists try to determine the answer to this question by proposed criteria. Some of these criteria are the XVIfollowing. Also input output bit dependencies in any algorithm may be used to weaken it. SAC (Strict Avalanche Criterion) If a cryptographic function satisfies the Strict Avalanche Criterion, it means each output bit should change with a probability of one half when each single input bit is complemented.“Cryptographic function”here, can be an algorithm or an S- box. To calculate changes of output bits, two different inputs is taken that differ in only one bit. The SAC is one of the most important requirements for cryptographic functions. If a function has SAC it makes cryptanalysis harder by making the relation of input and output more complex. BALANCEDNESS If a function is balanced, from all over input values, number of zero (0) and one (1) values of output should be equal. If, for any change in input bits, the change in output bits is balanced, then the cryptographic function is harder to analyze. This provides another strength criterion. PROPAGATION CRITERION Propagation Criterion is a generalization of Strict Avalanche Criterion. In SAC, a difference of one bit in input is analyzed for balancedness in output change. In Propagation Criterion, all values of input changes (of a fixed hamming weight w(ct)) is examined. In this work a method for constructing highly nonlinear balanced Boolean functions on V2k+i satisfying the Propagation Criteria with respect to all but one vectors in V2k+i is examined. Also, this is generalized onto functions on V2k, but for all but three vectors. Balancedness, SAC and Nonlinearity are very important criteria for cryptographic functions. Bent functions has maximum degree of nonlinearity. That is why bent functions is used to construct highly nonlinear cryptographic functions. But these three criteria should be provided together when cryptographic functions are created. There are 0-1 Balanced boolean functions on V21C+1 and V2İC+2 which have nonlinearity £ 22k- 2k and £ 22k+1- 2k+1 respectively, which also satisfy propagation criteria. A boolean function is said to be m-bit correlation immune if its output bit and any m input bits are statistically independent. Balanced correlation immune XVHfunctions can be constructed. Nonlinearity of these functions can be calculated and the propagation characteristics of these functions can be discussed. In DES and DES like block cipher algorithms, information about input and output bit dependencies is very important. These dependencies give us a good idea about strength or weakness of the algorithm. So in this work for DES and DES like algorithms input-output bit dependencies (Ri-Ro, Li-Lo) are examined. Also same programs on C are written, in which the expansions, permutations and substitutions of DES are made parametric and can be changed easily. xvm

Benzer Tezler

  1. Tez No

    753630

    Hibrit veri sıkıştırma algoritmalarının geliştirilmesi ve pratik uygulamaları

    Improvement of hybrid data compression algorithms and practical applications

    FIRAT ARTUĞER

    Doktora

    Türkçe

    Türkçe

    2022

    Mühendislik BilimleriFırat Üniversitesi

    Yazılım Mühendisliği Ana Bilim Dalı

    DOÇ. DR. FATİH ÖZKAYNAK

  2. Tez No

    671938

    Mobil ödeme sistemlerinde kişisel verilerin güvenli saklanması için model tasarımı ve performans analizi

    Model design and performance analysis for secure storage of personal data in mobile payment systems

    ÖZNUR ŞENGEL

    Doktora

    Türkçe

    Türkçe

    2020

    Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve Kontrolİstanbul Üniversitesi-Cerrahpaşa

    Bilgisayar Mühendisliği Ana Bilim Dalı

    PROF. DR. AHMET SERTBAŞ

    DOÇ. DR. MUHAMMED ALİ AYDIN

  3. Tez No

    557795

    Blok zincir tabanlı elektronik seçim sistemi tasarımı ve kısmi uygulaması

    Blockchain based electronic voting system design and partial application

    BİLAL GÜLTEKİN

    Yüksek Lisans

    Türkçe

    Türkçe

    2019

    Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve Kontrolİstanbul Teknik Üniversitesi

    Bilişim Uygulamaları Ana Bilim Dalı

    PROF. DR. ERTUĞRUL KARAÇUHA

  4. Tez No

    139143

    Çok kullanıcılı sistemlerde veri güvenliğinin sağlanması amacıyla başarım değerlendirilmesi

    Performance evaluation of data security algorithms in multiuser systems

    ASUMAN GÜNAY

    Yüksek Lisans

    Türkçe

    Türkçe

    2003

    Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve KontrolKaradeniz Teknik Üniversitesi

    Bilgisayar Mühendisliği Ana Bilim Dalı

    DOÇ. DR. VASİF NABİYEV

  5. Tez No

    316015

    AES algoritmasının bir gerçeklemesine güç analizi saldırıları

    Power analysis attacks on an implementation of AES algorithm

    MUHAMMET ÖZTEMÜR

    Yüksek Lisans

    Türkçe

    Türkçe

    2012

    Elektrik ve Elektronik MühendisliğiYıldız Teknik Üniversitesi

    Elektronik ve Haberleşme Mühendisliği Ana Bilim Dalı

    PROF. DR. TÜLAY YILDIRIM

Geri Dön