cryptanalysis reverse engineering and design of symmetric
play

Cryptanalysis, Reverse-Engineering and Design of Symmetric - PowerPoint PPT Presentation

Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Lo Perrin CSC & SnT, University of Luxembourg CryptoLUX Team ; supervised by Alex Biryukov July 5th 2018 Introduction What is cryptography?


  1. Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Léo Perrin CSC & SnT, University of Luxembourg CryptoLUX Team ; supervised by Alex Biryukov July 5th 2018

  2. Introduction What is cryptography? Cryptography? (1/3) Alice Bob 1 / 27

  3. Introduction What is cryptography? Cryptography? (1/3) Charlie Alice Bob 1 / 27

  4. Introduction What is cryptography? Cryptography? (1/3) 1 / 27

  5. Introduction What is cryptography? Cryptography? (2/3) Cryptography is everywhere! 2 / 27

  6. Introduction What is cryptography? Cryptography? (3/3) CRYPTO LUX 3 / 27

  7. Introduction What is cryptography? Cryptography? (3/3) Envelope: Confidentiality (nobody can read it) CRYPTO LUX 3 / 27

  8. Introduction What is cryptography? Cryptography? (3/3) Envelope: Confidentiality (nobody can read it) Seal: Integrity CRYPTO (nobody can modify it) LUX 3 / 27

  9. Introduction What is cryptography? Cryptography? (3/3) Envelope: Confidentiality (nobody can read it) Seal: Integrity CRYPTO (nobody can modify it) LUX Paul Signature: Authentication (it was wri  en by the right person) 3 / 27

  10. Introduction What is cryptography? Modern Cryptography Before Data encrypted Leters/Digits By hand/ Method machine Linguists Cryptographers inventors Example 4 / 27

  11. Introduction What is cryptography? Modern Cryptography Before Now Data encrypted Leters/Digits 0,1 (bits) By hand/ Method Computer program machine Linguists Mathematicians Cryptographers inventors Computer scientists Example 4 / 27

  12. Introduction How do we make cryptographic algorithms? How do we design such algorithms? 5 / 27

  13. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research 6 / 27

  14. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment time Publication Standardization 6 / 27

  15. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment Academic community Industry Small teams time Publication Standardization 6 / 27

  16. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment Academic community Industry Small teams Scope statement Algorithm specification Design choices justifications Security analysis time Publication Standardization 6 / 27

  17. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment Academic community Industry Small teams Scope statement Algorithm specification Design choices justifications Security analysis time Publication Standardization 6 / 27

  18. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment Academic community Industry Small teams Scope statement Try and break published algo- Algorithm specification rithms Design choices justifications Security analysis time Publication Standardization 6 / 27

  19. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment Academic community Industry Small teams Scope statement Try and break published algo- Algorithm specification rithms Design choices justifications Security analysis time Publication Standardization 6 / 27

  20. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment Academic community Industry Small teams Scope statement Try and break published algo- Algorithm specification rithms Design Unbroken algo- choices rithm are even- justifications tually trusted Security analysis time Publication Standardization 6 / 27

  21. Introduction How do we make cryptographic algorithms? “Cryptographic Pipeline” Fundamental Research Design Public Analysis Deployment Academic community Industry Small teams Scope statement Try and break published algo- Algorithm Implements al- specification rithms gorithm in ac- Design Unbroken algo- tual products choices rithm are even- justifications tually trusted Security analysis time Publication Standardization 6 / 27

  22. Introduction How do we make cryptographic algorithms? What about my thesis? 7 / 27

  23. Introduction How do we make cryptographic algorithms? What about my thesis? Funded by the FNR ( ACRYPT Project) 7 / 27

  24. Introduction How do we make cryptographic algorithms? 3 Different Directions Lightweight Cryptography 5 papers (FSE, ASIACRYPT, JoCEn), 2 invited talks 1 new block cipher 8 / 27

  25. Introduction How do we make cryptographic algorithms? 3 Different Directions Lightweight Cryptography 5 papers (FSE, ASIACRYPT, JoCEn), 2 invited talks 1 new block cipher S-Box Reverse-Engineering 8 conference papers (CRYPTO, EUROCRYPT...), 7 invited talks Discussions with ISO 8 / 27

  26. Introduction How do we make cryptographic algorithms? 3 Different Directions Lightweight Cryptography 5 papers (FSE, ASIACRYPT, JoCEn), 2 invited talks 1 new block cipher S-Box Reverse-Engineering 8 conference papers (CRYPTO, EUROCRYPT...), 7 invited talks Discussions with ISO Purposefully Hard Cryptography 1 paper (ASIACRYPT) 1 patent (+1 paper under submission) 8 / 27

  27. Introduction How do we make cryptographic algorithms? Outline 1 Introduction 2 Lightweight Cryptography 3 S-Box Reverse-Engineering 4 Conclusion 9 / 27

  28. Lightweight Cryptography Outline 1 Introduction 2 Lightweight Cryptography 3 S-Box Reverse-Engineering 4 Conclusion 9 / 27

  29. Lightweight Cryptography What is it? Internet of Things Everything is being connected to the internet. 10 / 27

  30. Lightweight Cryptography What is it? Internet of Things Everything 10 / 27

  31. Lightweight Cryptography What is it? Internet of Things Everything 10 / 27

  32. Lightweight Cryptography What is it? Internet of Things Everything 10 / 27

  33. Lightweight Cryptography What is it? Security “In IoT, the S is for Security.” Internet-enabled devices have security flaws. Security is an aferthought (at best). 11 / 27

  34. Lightweight Cryptography What is it? Security “In IoT, the S is for Security.” Internet-enabled devices have security flaws. Security is an aferthought (at best). Security has a cost in terms of engineering... ... and computationnal resources! 11 / 27

  35. Lightweight Cryptography What is it? Lightweight Cryptography Lightweight cryptography uses litle resources. 12 / 27

  36. Lightweight Cryptography What is it? Lightweight Cryptography Lightweight cryptography uses litle resources. LWC is a very active research area! 12 / 27

  37. Lightweight Cryptography Our Contributions Overview Fundamental Research Design Public Analysis Deployment 13 / 27

  38. Lightweight Cryptography Our Contributions Overview Fundamental Research • Extensive survey of the state of the art Design Public Analysis Deployment 13 / 27

  39. Lightweight Cryptography Our Contributions Overview Fundamental Research • Extensive survey of the state of the art • Invention of a new design strategy Design Public Analysis Deployment • Block cipher Sparx 13 / 27

  40. Lightweight Cryptography Our Contributions Overview Fundamental Research • Extensive survey of the state of the art • Invention of a new design strategy Design Public Analysis Deployment • Atacks on Gluon • Block cipher Sparx • Results on Prince • Results on Twine 13 / 27

  41. Lightweight Cryptography Our Contributions Highlights Atacks on Prince We won round 1 of the “PRINCE challenge” The corresponding paper was selected in the top 3 papers at FSE’15; 14 / 27

  42. Lightweight Cryptography Our Contributions Highlights Atacks on Prince We won round 1 of the “PRINCE challenge” The corresponding paper was selected in the top 3 papers at FSE’15; Sparx First ARX-based block cipher proven secure against some atacks. Design strategy re-used by third parties from Waterloo (Canada) to build sLiSCP 14 / 27

  43. Lightweight Cryptography Our Contributions Highlights Atacks on Prince We won round 1 of the “PRINCE challenge” The corresponding paper was selected in the top 3 papers at FSE’15; Sparx First ARX-based block cipher proven secure against some atacks. Design strategy re-used by third parties from Waterloo (Canada) to build sLiSCP NIST Survey greatly appreciated (and cited) by NIST in their ongoing standardization effort I presented Sparx at a NIST workshop 14 / 27

  44. S-Box Reverse-Engineering Outline 1 Introduction 2 Lightweight Cryptography 3 S-Box Reverse-Engineering 4 Conclusion 14 / 27

  45. S-Box Reverse-Engineering What is it? What is an S-Box? The “S-Box” of the last Russian standards 15 / 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend


More recommend