Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
public:papers:infocomm2016 [2016-02-06 21:46] – [New results on reduced-round Tiny Encryption Algorithm using genetic programming] mukrop | public:papers:infocomm2016 [2018-03-31 15:00] (current) – [New results on reduced-round Tiny Encryption Algorithm using genetic programming] xkubice8 | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== New results on reduced-round Tiny Encryption Algorithm using genetic programming ====== | ====== New results on reduced-round Tiny Encryption Algorithm using genetic programming ====== | ||
- | **Authors: Karel Kubicek, Jiri Novotny, Petr Svenda, Martin Ukrop** | + | **Authors: Karel Kubíček, Jiří Novotný, Petr Švenda, and Martin Ukrop** |
- | <note tip>This paper is not published yet, therefore page is not yet finalzed</ | ||
**Abstract: | **Abstract: | ||
work of a skilled cryptanalyst. Some automation is possible, | work of a skilled cryptanalyst. Some automation is possible, | ||
Line 25: | Line 24: | ||
randomness distinguisher.// | randomness distinguisher.// | ||
- | * Journal page: [[http:// | + | * Journal page: [[http:// |
- | * Download author pre-print of the paper: {{: | + | * Download author pre-print of the paper: {{: |
* Download used version of EACirc tool and configuration files: {{: | * Download used version of EACirc tool and configuration files: {{: | ||
Line 34: | Line 33: | ||
author = {Karel Kubíček and Jiří Novotný and Petr Švenda and Martin Ukrop}, | author = {Karel Kubíček and Jiří Novotný and Petr Švenda and Martin Ukrop}, | ||
journal = {IEEE Infocommunications}, | journal = {IEEE Infocommunications}, | ||
+ | volume = {8}, | ||
+ | number = {1}, | ||
+ | pages = {2--9}, | ||
year = {2016}, | year = {2016}, | ||
- | | + | |
} | } | ||
Line 44: | Line 46: | ||
Automatized randomness testing is useful for checking one of the expected cipher properties – output ciphertext should be indistinguishable from a stream of truly random data. The common way to automate testing of randomness is using statistical batteries. But the limitation of the standard batteries for randomness testing is the fact they implement a fixed set of tests and can detect only a limited set of patterns and statistical irregularities. | Automatized randomness testing is useful for checking one of the expected cipher properties – output ciphertext should be indistinguishable from a stream of truly random data. The common way to automate testing of randomness is using statistical batteries. But the limitation of the standard batteries for randomness testing is the fact they implement a fixed set of tests and can detect only a limited set of patterns and statistical irregularities. | ||
- | In this work we use EACirc | + | In this work we use EACirc |
//EACirc consistently performs better than NIST STS. Dieharder is able to detect small deviances in one additional round. But analysis of EACirc output can provide information valuable for the cipher’s designer. We analyzed successful randomness tests and found the weak byte of limited TEA output.// | //EACirc consistently performs better than NIST STS. Dieharder is able to detect small deviances in one additional round. But analysis of EACirc output can provide information valuable for the cipher’s designer. We analyzed successful randomness tests and found the weak byte of limited TEA output.// | ||
**In this we paper, we:** | **In this we paper, we:** | ||
- | * Gave motivation for randomness testing and provided comparison of available tools. | + | * Give motivation for randomness testing and provided comparison of available tools. |
- | * Summarized | + | * Summarize |
- | * Analyzed | + | * Analyze |
- | * Interpreted | + | * Interprete |
- | * Compared | + | * Compare |
- | * Analyzed | + | * Analyze |
- | {{: | + | {{: |
//In the case of 4-round TEA on counter plaintexts (type 1), we analyzed several distinguishers with the fitness over 98%. In all of these circuits (see for example figure above) the distinguisher decision is based on the fourth byte of TEA ciphertext. The fourth byte is usually almost unchanged (operations affect only some bits).// | //In the case of 4-round TEA on counter plaintexts (type 1), we analyzed several distinguishers with the fitness over 98%. In all of these circuits (see for example figure above) the distinguisher decision is based on the fourth byte of TEA ciphertext. The fourth byte is usually almost unchanged (operations affect only some bits).// | ||
- | {{: | + | {{: |
//We also analyzed 4-round TEA on plaintexts suitable for strict avalanche criterion testing (type 3). In this case, the input layer had 16 input nodes, capable of processing two blocks of TEA ciphertext at once. Analyzed distinguishers (for example figure above) commonly combine the fourth byte of the first ciphertext block with the fourth byte of the second ciphertext block.// | //We also analyzed 4-round TEA on plaintexts suitable for strict avalanche criterion testing (type 3). In this case, the input layer had 16 input nodes, capable of processing two blocks of TEA ciphertext at once. Analyzed distinguishers (for example figure above) commonly combine the fourth byte of the first ciphertext block with the fourth byte of the second ciphertext block.// | ||