Despite the fact that we evidently have very good block ciphers at hand today, some fundamental questions on their security are still unsolved. One such fundamental problem is to precisely assess the security of a given block cipher with respect to linear cryptanalysis. In by far most of the cases we have to make (clearly wrong) assumptions, e.g., assume independent round-keys. Besides being un...

This document describes the RC5 encryption algorithm, a fast symmetric block cipher suitable for hardware or software implementations. A novel feature of RC5 is the heavy use of data-dependent rotations. RC5 has a variable word size, a variable number of rounds, and a variable-length secret key. The encryption and decryption algorithms are exceptionally simple.

Abstract. PRIDE is one of the most efficient lightweight block cipher proposed so far for connected objects with high performance and lowresource constraints. In this paper we describe the first ever complete Differential Fault Analysis against PRIDE. We describe how fault attacks can be used against implementations of PRIDE to recover the entire encryption key. Our attack has been validated fi...

This paper describes a data mixing method for encrypting a plaintext block using a block encryption algorithm (such as Elliptic Curve, RSA, etc.) having a block size smaller than that of the plaintext block. The process of encrypting a plaintext block consists of first mixing the plaintext block and then encrypting a portion or all of the mixed plaintext block. The mixing method is a reversible...

In this paper we apply the cryptographic finite state machine approach as introduced in [1] to the design of symmetric key block ciphers.

The absolute indicator is one of the measures used to determine the resistance offered by a Boolean function when used in the design of a symmetric cryptosystem. It was proposed along with the sum of square indicator to evaluate the quality of the diffusion property of block ciphers and hash functions. While the behaviour of the sum of square of random Boolean functions was already known, what ...

The concept of Glu2kov product was introduced by V. M. Glu2kov in 1961. It was intensively studied by several scientists since the middle of 60's. Contrary of the large number of excellent publications, application of Glu2kov-type products of automata in cryptography did not arise until recent past, when in [1] and [2] the authors introduced novel block ciphers based on the composition of abstr...

We investigate applying an error correcting code of small block size to enhance the performance of key generation from wireless channels. A trade-off between performance and secrecy is then studied. Preliminary results show that using a simple lower quantization approach achieves better performance than applying a small block size BCH code.

While PKI applications differ in how they use keys, all applications share one assumption: users have keypairs. In previous work, we established that desktop keystores are not safe places to store private keys, because the TCB is too large. These keystores are also immobile, difficult to use, and make it impossible for relying parties to make reasonable trust judgments. Since we would like to u...