Security concerns for battery-operated wireless systems require the development of energy-efficient data-encryption techniques that can adapt to the time-varying data rates and quality-of-service requirements inherent in a wireless application. This work describes the design and implementation of a configurable encryption processor that allows the security provided to be traded off with respect to the energy that is dissipated to encrypt a bit. The processor features an embedded high-efficiency variable-output DC/DC converter that allows the supply voltage to be dynamically varied to match the time-varying throughput and quality requirements of the data stream being encrypted. The resulting processor consumes 134 mW at 2.5 V when encrypting data at a rate of 1 Mb/s using a maximum bit width of 512 bits. The converter efficiency is 96% at the peak load of 134 mW. A comparison of our processor to a software implementation running on a low-power programmable processor shows that our implementation is two to three orders of magnitude more energy efficient.

matt�rsa.com

All cryptosystems currently m use are symmetrm m the sense that they require the transmitter and receiver to share, m secret, either the same pmce of reformation (key) or one of a paLr of related keys easdy computed from each other, the key is used m the encryption process to introduce uncertainty to an unauthorized receiver. Not only is an

: A number of keystream generators can be attacked by guessing the contents of one shift register and then checking to see whether this guess is consistent with the observed keystream. Where the target register is n bits long, this gives an attack of complexity 2 n\GammaO(1) . We present a further optimisation which appears to reduce the complexity to about 2 n=2 in many cases of practical interest. Introduction: Many stream cipher systems work by combining each successive bit of plaintext with a pseudo-random bit derived from a keystream generator, which will typically use a nonlinear function of one or more linear feedback shift register sequences to generate these pseudo-random bits. Examples are the multiplexer generator [1], the self-multiplexed generator [2], Geffe's generator [3] and the clock controlled or stop-and-go family of generators [4]. Such stream cipher algorithms are usually faster than block ciphers such as DES [5] and are often used in devices such as line encr...

Abstract. This paper presents an operational reconstruction technique of most stream ciphers. We primarily expose it for key-stream generators which consist of several linear feedback shift registers combined by a nonlinear Boolean function. It is shown how to completely recover the different feedback polynomials and the combining function, when the algorithm is totally unknown. This attack only requires the knowledge of some ciphertexts, which may be generated from different secret keys. Estimates of necessary ciphertext length and experimental results are detailed.

S(ubstitution)-boxes are quite important components of modern symmetric cryptosystems (in particular, block ciphers) in the sense that S-boxes bring nonlinearity to block ciphers and strengthen their cryptographic security. An S-box is said to satisfy the strict avalanche criterion (SAC), if and only if for any single input bit of the S-box, the inversion of it changes each output bit with probability one half. In this thesis, with the concrete proof of cryptographical properties of S-boxes satisfying the SAC, we propose a variety of provable construction methods for S-boxes satisfying the SAC. For Boolean S-boxes satisfying the SAC, we can construct and enlarge them by using concatenation, Kronecker (or direct) product, and dyadic shift. For bijective S-boxes satisfying the SAC, when an n-bit input Boolean function and an n-bit input bijective function satisfying the SAC are given, the combined function is proved to become an (n+1)-bit bijective function satisfying the SAC as well. A...

Abstract — In this paper, feedback with carry shift registers (FCSRs) are analyzed with main focus on the general case of FCSRs with arbitrary connection integer and on maximum-period FCSRs. Moreover, a keystream generator that employs the structure of the linear feedback shift register (LFSR)-based Geffegenerator is studied in connection with FCSRs as a special nonlinear combining generator. The considered generators are investigated by means of analysis and simulation with respect to period, pattern distribution, and in particular concerning the important property of the linear complexity. The results are a first basis to design and analyze FCSR-based stream ciphers. Keywords — Feedback with carry shift register (FCSR), binary pseudorandom sequences, stream ciphers, nonlinear keystream generator. I.

Abstract. Pseudorandom generators based on linear feedback shift registers (LFSR) are a traditional building block for cryptographic stream ciphers. In this report, we review the general idea for such generators, as well as the most important techniques of cryptanalysis. 1 Security Model 1.1 Shannon’s model Basic setting: The most basic task of cryptography is encryption. The setting was captured by Shannon in [47] as a modification of his well-known communication model, proposed in [46]. Consider two entities, named sender and receiver, who want to transmit an arbitrary message at an arbitrary point in time in complete privacy. There are two communication channels available: – The secret channel is completely confidential. No information that is transmitted using this channel can be observed by a third party. However, the secret channel has the disadvantage of being available only at fixed points in time (e.g., when sender and receiver meet in person).

Pseudorandom bit generators play an essential role in high-security audio/video scrambling and addressing systems which allow pay-TV programs to be viewed only by authorized subscribers. This paper evaluated cryptographic strength of the bit generators proposed by the European Broadcast Unit and the Japan's Ministry of Posts and Telecommunications and some security weakness was found on the generators. Subsequently we proposed a new sequence generator which is free from any known cryptologic weakness. 1. INTRODUCTION Since the advent of pay-TV in the 1950s, scrambled transmission of television signals has generated a great deal of interest. In a typical conditional-access control system[1-4], a group of channels is transmitted in the scrambled form and all the decoders in each subscriber's home receive the same signal consisting of scrambled components and access control parameter. Descrambling occurs only in the homes of those who have been authorized. Fig. 1 shows the security arch...