BoolTest: The Fast Randomness Testing Strategy Based on Boolean Functions with Application to DES, 3-DES, MD5, MD6 and SHA-256

Yousaf

Security and Communication Networks

et al. 2020

Key schedule algorithms play an important role in modern encryption algorithms, and their security is as crucial as the security of the encryption algorithms themselves. Many studies have been performed on the cryptographic strength evaluation of the encryption algorithms; however, strength evaluation of the key schedule algorithms often obtains less attention that can lead towards the possible loophole in the overall encryption process. In this paper, a criterion is proposed to evaluate the cryptographic strength of the key schedule algorithms. This criterion includes different methods of data generation from subkeys and a suitable set of statistical tests. The statistical tests are used to explore the cryptographic properties such as diffusion, confusion, independence, and randomness in the subkeys generated by the key schedule algorithm. The proposed criterion has been applied to some of the key schedule algorithms of different block ciphers. The results confirm that the proposed criterion can effectively differentiate between strong- and weak-key schedule algorithms.

Section: Introductionmentioning

confidence: 99%

Cryptographic Strength Evaluation of Key Schedule Algorithms

Yousaf

Security and Communication Networks

et al. 2020

“…It is well known that statistical tests are not enough to withstand attacks, yet an algorithm that does not pass this test is more vulnerable to attacks [55,56]. In this section, a detailed comparison of the KSA PRESENT and the improved version is performed.For a fair comparison of these algorithms, the parameter values, the inputs, and the implementation environment are kept the same.…”

Section: Resultsmentioning

confidence: 99%

An Enhanced Key Schedule Algorithm of PRESENT-128 Block Cipher for Random and Non-Random Secret Keys

2022

The key schedule algorithm (KSA) is a crucial element of symmetric block ciphers with a direct security impact. Despite its undeniable significance, the KSA is still a less focused area in the design of an encryption algorithm. PRESENT is a symmetric lightweight block cipher that provides the optimal balance between security, performance, and minimal cost in IoT. However, the linear functions in KSA lead to a slow and predictable bit transition, indicating the relationship between round keys. A robust KSA should produce random and independent round keys irrespective of the secret key. Therefore, this research aims to improve the KSA PRESENT-128 block cipher with enhanced randomness, round key bit difference, and the avalanche effect. The experiments on round keys and ciphertext with random, low density and high-density secret key datasets endorse the expected improvements. Moreover, the results show that the improved KSA produces random round keys that successfully pass the NIST randomness test. The bit transition from one round key to another is increased from 20% to 40%, where a greater inclination of the avalanche effect has an increased effect with 50% bit change. On the other hand, the improved KSA PRESENT requires an additional 0.001871 s to generate round keys, as a security cost trade-off.

“…Typical randomness testing tools like NIST STS [BRS + 10], Dieharder [BEB18], and TestU01 [LS07] are primarily designed for analyzing large amounts of data, but they do not work well with limited data sources like ours. Therefore, to identify static biases present in the generated keys and nonces, we used the booltest tool [SKKS19], which is more suitable for performing statistical tests on a low amount of data. The tool was run on concatenations of all generated keys and nonces 13 in the default configuration, in which we only adjusted the block size to correspond to the bit-length of analyzed keys and nonces.…”

Section: Ecc Secret's Randomnessmentioning

confidence: 99%

TPMScan: A wide-scale study of security-relevant properties of TPM 2.0 chips

Svenda,

Dufka,

Broz

et al. 2024

TCHES

The Trusted Platform Module (TPM) is a widely deployed computer component that provides increased protection of key material during cryptographic operations, secure storage, and support for a secure boot with a remotely attestable state of the target machine. A systematic study of the TPM ecosystem, its cryptographic properties, and the orderliness of vulnerability mitigation is missing despite its pervasive deployment – likely due to the black-box nature of the implementations. We collected metadata, RSA and ECC cryptographic keys, and performance characteristics from 78 different TPM versions manufactured by 6 vendors, including recent Pluton-based iTPMs, to systematically analyze TPM implementations.Surprisingly, a high rate of changes with a detectable impact on generated secrets, the timing of cryptographic operations, and frequent off-chip generation of Endorsement Keys were observed. Our analysis of public artifacts for TPM-related products certified under Common Criteria (CC) and FIPS 140 showed relatively high popularity of TPMs but without explanation for these changes in cryptographic implementations. Despite TPMs being commonly certified to CC EAL4+, serious vulnerabilities like ROCA or TPM-Fail were discovered in the past. We found a range of additional unreported nonce leakages in ECDSA, ECSCHNORR, and ECDAA algorithms in dTPMs and fTPMs of three vendors. The most serious discovered leakage allows extraction of the private key of certain Intel’s fTPM versions using only nine signatures with no need for any side-channel information, making the vulnerability retrospectively exploitable despite a subsequent firmware update. Unreported timing leakages were discovered in the implementations of ECC algorithms on multiple Nuvoton TPMs, and other previously reported leakages were confirmed. The analysis also unveiled incompleteness of vulnerability reporting and subsequent mitigation with missing clear information about the affected versions and inconsistent fixes.