Cryptography & Algorithms
Theory and implementation of cryptographic algorithms...
56 files
-
Handbook of Applied Cryptography
By Teddy Rogers
Examines symmetric-key block ciphers, including both general concepts and details of specific algorithms.
94 downloads
0 comments
Updated
-
Hardening Registration Protection Schemes
By Teddy Rogers
This paper proposes a new technique for hardening registration number protections by using multithreaded Petri nets. Using this technique one is able to prevent reverse code engineering attacks, which consist of protection scheme analysis and reengineering. We come to the conclusion that using such a technique leads at minimum to an enormous reverse code engineering and analysis process for the attacker and that the proposed technique is therefore an amelioration in registration number protection.
79 downloads
0 comments
Updated
-
Hidden Field Equations Public Key Crypto System
By Teddy Rogers
HFE stands for Hidden Fields Equations.
It is a public key cryptosystem using polynomial operations over finite fields. It has been proposed by Jacques Patarin at Eurocrypt 96 [IP1] following the ideas of Matsumoto and Imai [MCL,MG,MI,OBS]. It has long been regarded as the most promising cryptosystem of the kind. Recently Shamir with Kipnis and independently Courtois showed several advanced attacks on HFE. (later studied by Faugère and Joux, see below). Still, it is a promising public key cryptosystem with many practical applications: very fast or very short digital signatures, fast public key encryption, etc.
The principle of HFE is the following:
1. It is possible to find a solution of a univariate polynomial over a big finite field provided the degree d of the polynomial is not too big.
2. For some polynomial functions it is possible to represent them as n quadratic equations with n variables which hide the polynomial structure and makes it look quite as (almost) any other polynomial of any degree. In addition we make an initial and final affine variable changes. This idea is called ``Obscure Representation'' [OBS,DEA]. In follows the principle of ``disguising'' known from the Merkle and Hellman knapsacks and McEliece cryptosystem [MOV,SCH].
77 downloads
0 comments
Updated
-
How Safe is Your Security Software?
By Teddy Rogers
Discussion on the potential security threats against security software, and specifically, file encryption software.
73 downloads
0 comments
Updated
-
How to Break MD5 and Other Hash Functions
By Teddy Rogers
In this paper we present a new powerful attack that can efficiently find a collision of MD5.
103 downloads
0 comments
Updated
-
Improved Cryptanalysis of Rijndael
By Teddy Rogers
A paper covering various techniques that can dramatically reduce the complexity on Rijndael.
85 downloads
0 comments
Updated
-
In the Blink of an Eye: There Goes Your AES Key
By Teddy Rogers
This paper is a short summary of a real world AES key extraction performed on a military grade FPGA marketed as 'virtually unbreakable' and 'highly secure'. We demonstrated that it is possible to extract the AES key from the Actel/Microsemi ProASIC3 chip in a time of 0.01 seconds using a new side-channel analysis technique called Pipeline Emission Analysis (PEA). This new technique does not introduce a new form of side-channel attacks (SCA), it introduces a substantially improved method of waveform analysis over conventional attack technology. It could be used to improve upon the speed at which all SCA can be performed, on any device and especially against devices previously thought to be unfeasible to break because of the time and equipment cost. Possessing the AES key for the ProASIC3 would allow an attacker to decrypt the bitstream or authenticate himself as a legitimate user and extract the bitstream from the device where no read back facility exists. This means the device is wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan. We show that with a very low cost hardware setup made with parts obtained from a local electronics distributor you can improve upon existing SCA up to a factor of x1,000,000 in time and at a fraction of the cost of existing SCA equipment.
89 downloads
0 comments
Updated
-
Key Iterations & Crypto Salts
By Teddy Rogers
The following document discusses the use of key iterations and cryptographic salts to stop dictionary attacks in password based encryption (symmetric cryptography).
77 downloads
0 comments
Updated
-
Lightweight Cryptographic Algorithms
By Teddy Rogers
In this report, we survey the latest developments, including work-in-progress, on lightweight cryptographic algorithms, such as block ciphers and cryptographic protocols aimed at resource-constrained devices such as RFID tags and sensor networks. This is a multidisciplinary topic with contributions from researchers in Computer Science, Mathematics, Engineering and Microelectronics.
Our overview includes a brief description of some designs, a history of their cryptanalysis, an extensive bibliographic survey and comparative hardware performance figures of some of the most prominent lightweight cryptographic algorithms known to date.
Lightweight cryptography represents a very active area of cryptographic research. Its importance is related to the current trend of pervasive/ubiquitous computing, which means an ever increasing demand for computing capabilities in diverse, wireless and low-resource scenarios, in both civilian and military applications, including mobile phones, smart cards, toll collection, animal and cargo tracking and electronic passports, to name a few.
79 downloads
0 comments
Updated
-
MD5 Collisions on GPU's
By Teddy Rogers
In December 2008, an MD5 chosen-prefix collision attack was performed on a cluster of 215 PlayStation 3 consoles to create a rogue CA certificate. A new implementation of this attack has been researched and developed to run an order of magnitude faster and more efficiently on video card GPUs. This paper gives an overview of the GPGPU technology. It then describes the most computing intensive part of the MD5 chosen-prefix collision attack, known as birthdaying. Finally it demonstrates how a breakthrough performance gain can be achieved by carefully implementing the MD5 birthdaying stage on ATI R700 family GPUs (HD4000 series).
75 downloads
0 comments
Updated
-
State of the Art in Symmetric Cryptanalysis
By Teddy Rogers
Cryptography is the science of hiding information. It is now a part of the computer science formally, though first cryptographers appeared thousands years before the computer. The art of recovery of the hidden information, or cryptanalysis, appeared in the very beginning, and is still one of the most intriguing part of cryptography.
Cryptanalysis starts with a search for a weakness in a cryptosystem, for a flaw that was missed by its designer. An encrypted message must not reveal any information about its origin, so the cryptosystem must make it look as random as possible. Any mistake, any missed property may become a target for a cryptanalyst and a starting point for a compromise of the cryptosystem's security - a break.
This survey is devoted to the cryptanalysis of symmetric primitives. Historically, by a symmetric encryption we understand that all the parties have the same information needed for encryption and decryption, with block and stream ciphers as the most famous examples. A block cipher transforms a large block of data with an algorithm parametrized by a secret key. A stream cipher expands a secret key into arbitrarily long sequence, which is mixed with a data stream.
Hash functions convert a data string to a fixed-length hash value, which serves as an integrity certificate. Though hash functions do not encrypt, they are designed similarly to block ciphers. Message authentication codes (MAC) produce a hash value using a secret key, so they are between ciphers and hash functions. As a result, the cryptanalysis of hash functions and MACs employs methods that were initially developed for the analysis of block ciphers. Ciphers, hash functions and MACs process arbitrarily long data streams, the access to which is sequential. This leads to the principle of an iterative design, where data is divided into blocks, and each block is processed by an algorithm with a fixed-length input. Such algorithms for hash functions are called compression functions. In contrast, by a block cipher we mean a primitive with a fixed-length input, which is used to encrypt arbitrary long data in a mode of operation.
We are primarily interested in the methods that are used in attacks on at least two different primitives. Cryptanalysis is often described as a cloud of non-related and dedicated attacks, which can be used only once. We introduce it in a more structured way.
80 downloads
0 comments
Updated
-
Non-Black-Box Techniques in Cryptography
By Teddy Rogers
The American Heritage dictionary defines the term "Black-Box' as a device or theoretical construct with known or specified performance characteristics but unknown or unspecified constituents and means of operation.
In the context of Computer Science, to use a program as a black-box means to use only its input/output relation by executing the program on chosen inputs, without examining the actual code (i.e., representation as a sequence of symbols) of the program.
Since learning properties of a program from its code is a notoriously hard problem, in most cases both in applied and theoretical computer science, only black-box techniques are used. In fact, there are specific cases in which it has been either proved (e.g., the Halting Problem) or is widely conjectured (e.g., the Satisfiability Problem) that there is no advantage for non-black-box techniques over black-box techniques.
In this thesis, we consider several settings in cryptography, and ask whether there actually is an advantage in using non-black-box techniques over black-box techniques in these settings. Somewhat surprisingly, our answer is mainly positive. That is, we show that in several contexts in cryptography, there is a difference between the power of black-box and non-black-box techniques. Using non-black-box techniques we are able to solve some problems in cryptography that were previously unsolved. In fact, some of these problems were previously proven to be unsolvable using black-box techniques.
77 downloads
0 comments
Updated
-
OCC Checksum Checking
By Teddy Rogers
Well i've been brushing up on my mathmatics seeing as how my Algebra II teacher taught me nothing useful. At any rate I really found some of the Checksuming algorithms like CRC32 intresting. However I really didn't like the over-head that they carried. In Billy Belcebu Virus Writing Guide for Win32 he discusses briefly CRC32 and using it for API strings however even at its most optimized for by Vecna & Billy its oftley large and thats why I created OCC (OkChecksumChecking). OCC is not as accurate as CRC32 however its ideal for File Integrity checking and for API strings (why i created it..). I didn't really take the time to optimize the shit out of it but at its most optimized for I believe you could get it under 15 bytes which is alot better than 26 if you ask me.
79 downloads
0 comments
Updated
-
On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks
By Teddy Rogers
Over the last two decades FPGAs have become central components for many advanced digital systems, e.g., video signal processing, network routers, data acquisition and military systems. In order to protect the intellectual property and to prevent fraud, e.g., by cloning an FPGA or manipulating its content, many current FPGAs employ a bitstream encryption feature. We develop a successful attack on the bitstream encryption engine integrated in the widespread Virtex-II Pro FPGAs from Xilinx, using side-channel analysis. After measuring the power consumption of a single power-up of the device and a modest amount of off-line computation, we are able to recover all three different keys used by its triple DES module. Our method allows extracting secret keys from any real-world device where the bitstream encryption feature of Virtex-II Pro is enabled. As a consequence, the target product can be cloned and manipulated at will of the attacker. Also, more advanced attacks such as reverse engineering or the introduction of hardware Trojans become potential threats. As part of the side-channel attack, we were able to deduce certain internals of the hardware encryption engine. To our knowledge, this is the first attack against the bitstream encryption of a commercial FPGA reported in the open literature.
82 downloads
0 comments
Updated
-
Password Based Cryptography
By Teddy Rogers
The following document provides a guideline for implementation of password-based (symmetric) cryptography. The goal of this guideline is to provide a relatively simple and secure implementation. The document follows the PKCS#5 v2 standard in all aspects except for the message format. The message is instead stored in XML rather then ASN.1.
81 downloads
0 comments
Updated
-
Product Keys Based on Elliptic Curve Cryptography
By Teddy Rogers
A popular method of product validation is using keys similar to VJJJBX-H2BBCC-68CF7F-2BXD4R-3XP7FB-JDVQBC. These compact keys can be derived using Public Key Cryptosystems such as Elliptic Curve Cryptography.
Other Public Key Cryptosystems are available such as RSA. However, these systems generally produce larger keys (which the user will eventually have to enter into the program to unlock functionality). Smaller producing Cryptosystems exist, but it is the author's opinion that they are highly encumbered with patents. Quartz is one such example. It is a Public Key Encryption System that produces a smaller cipher text based on Hidden Field Equations (HFEs). The Quartz website is littered with phrases such as "must license" and "pay royalties".
The reader is also encouraged to investigate Signature Schemes (with Recovery) as an alternative method to producing Product Keys. An example is PSS-R, a Message Recovery Signature Scheme based on RSA. PSS-R is not suitable for product keys due to the size of the resulting key. However, cryptosystems such as a Weil Pairing system should be of interest. Once Weil Pairing is finalized in committee, it will be added to the Crypto++ library.
Finally, the reader should also visit Product Keys Based on the Advanced Encryption Standard to familiarize themselves with basic concepts of Product Keys in the domain of Public Key Cryptography; and Product Activation Based on RSA Signatures.
This article will discuss in detail the following topics:
Elliptic Curve Cryptography Implementation in Crypto++
Using Elliptic Curves with User Defined Domain Parameters In Crypto++
Base Encoding a cipher text String in Crypto++
Working Demo which Exercises Product Keys based on ECC
Bulk Product Key Generation
Product Key Validation
Product Activation
Securely Saving Key or Activation State to the Registry
This article is based on the Visual C++ 6.0 Environment in hopes that it reaches the largest audience.
Finally, there are 16 downloads available with this article. They are presented at the end of the article.
95 downloads
0 comments
Updated
-
Product Keys Based on the Advanced Encryption Standard (AES)
By Teddy Rogers
A popular method of product validation is using keys similar to VJJJBX-H2BBCC-68CF7F-2BXD4R-3XP7FB-JDVQBC. These compact keys can be derived using Symmetric Key Cryptosystems such as the Advanced Encryption Standard (AES).
Other Public Key Cryptosystems are available such as RSA. However, these systems generally produce larger keys (which the user will eventually have to enter into the program to unlock functionality). Smaller producing Cryptosystems exist, but it is the author's opinion that they are highly encumbered with patents. Quartz is one such example. It is a Public Key Encryption System that produces a smaller cipher text based on Hidden Field Equations (HFEs). The Quartz website is littered with phrases such as "must license" and "pay royalties".
The reader is also encouraged to investigate Signature Schemes (with Recovery) as an alternative method to producing Product Keys. An example is PSS-R, a Message Recovery Signature Scheme based on RSA. PSS-R is not suitable for product keys due to the size of the resulting key. However, cryptosystems such as a Weil Pairing system should be of interest. Once Weil Pairing is finalized in committee, it will be added to the Crypto++ library.
Finally, the reader should also visit Product Keys Based on Elliptic Curve Cryptography to familiarize themselves with basic concepts of Product Keys in the domain of Public Key Cryptography; and Product Activation Based on RSA Signatures.
This article will use AES (specified in FIPS 197) as the Cryptosystem, and Wei Dai's Crypto++ for AES operations. AES will produce compact keys with the additional benefit that the cryptosystem is not burdened with patent compliance. However, should a binary fall to Reverse Engineering, the key will become compromised (note that AES is a Symmetric Cipher - not an Asymmetric Cipher which has Public and Private keys).
This article will discuss the following topics:
Advanced Encryption Standard
Compiling and Integrating Crypto++ into the Visual C++ Environment
AES Implementation in Crypto++
Base Encoding a Cipher Text String in Crypto++
Bulk Product Key Generation
Product Key Validation
Securely Saving Key or Activation State to the Registry
This article is based on the Visual C++ 6.0 Environment in hopes that it reaches the largest audience.
101 downloads
0 comments
Updated
-
Reverse Engineering of Strong Crypto Signatures Schemes (ECC)
By Teddy Rogers
This paper will have the usual classical style of a CryptoReversing Approach, what we are going to talk about is ECC also known as Elliptic Curve Cryptography. After a theorial study we will fly to the most common Secured Software Applications with a touch of Hardware Securityware.
84 downloads
0 comments
Updated
-
Reversing CRC - Theory and Practice
By Teddy Rogers
The Cyclic Redundancy Check (CRC) was developed as a checksum algorithm for the detection of data corruption in the process of datatransmission or storage. However, in some scenarios there's a CRC given which a set of data is expected to have, so the data itself has to be modified (at the end or at some chosen position) in away that it computes to the given CRC checksum afterwards. We present methods providing solutions to this problem. Each algorithm is explained in theory and accompanied by an implementation for the CRC32 in the C programming language.
122 downloads
0 comments
Updated
-
RSA - Studying and Reversing
By Teddy Rogers
This article is derived from a fusion of my experience and some other articles on the web.
101 downloads
0 comments
Updated
-
Stronger Key Derivation via Sequential Memory-Hard Functions
By Teddy Rogers
We introduce the concepts of memory-hard algorithms and sequential memory-hard functions, and argue that in order for key derivation functions to be maximally secure against attacks using custom hardware, they should be constructed from sequential memory-hard functions. We present a family of key derivation functions which, under the random oracle model of cryptographic hash functions, are provably sequential memory-hard, and a variation which appears to be marginally stronger at the expense of lacking provable strength. Finally, we provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.
75 downloads
0 comments
Updated
-
Taming the XOR Encryption
By Teddy Rogers
In this tutorial, I'll discuss one of the most common encryption - XOR. You won't require any particular tools for this stuff.
XOR is the acronym for "eXclusive OR". It is a bitwise operator, i.e a operator which manipulates data at the bit level. You may be familiar with other bitwise operators like AND and OR. I'll revise the functioning of those for your reference.
96 downloads
0 comments
Updated
-
The Laws of Cryptography with Java Code
By Teddy Rogers
Demonstrations and implementations to understand the concept of cryptography in Java code.
79 downloads
0 comments
Updated
-
The Rijndael Block Cipher
By Teddy Rogers
In this document we describe the cipher Rijndael.
84 downloads
0 comments
Updated
-
Tropical Cryptography
By Teddy Rogers
We employ tropical algebras as platforms for several cryptographic schemes that would be vulnerable to linear algebra attacks were they based on usual algebras as platforms.
72 downloads
0 comments
Updated
-
Download Statistics