Add to collection(s) Add to saved
  1. Science
  2. Biology
  3. Biochemistry
  4. Genetics

Document 12919310

advertisement 
Lec 10 : Data Security
Stream Cipher Systems
1
3.8 MEASURE OF RUNDOMNESS:
3.9.1 DEFINITION:
Run: sequence of identical bits (0 or 1)
Ex.01110000111
Runs are 0,111, 0000, 111
Gap: runs of zeroes
1000011 contain the gap 0000
Block: runs of ones
1111001110 contain blocks 1111,111 For with period P , Sm + p = Sm
Auto correlation function:
For any constant d, if we compare the sequence of S with Sd (after shifting d
displacement), then Auto correlation function C(t) = (A - D) / P Where :
A = no. Of identical bits.
P = period of the sequence
D = period of different bits
d = displacement 0 <= d < p
 RANDOMNESS CHARACTERISTICS:
1. If p is even then ones equal zeros, other wise they differ by one only.
i
2. 1/2 of runs with length of 1 , 1/4 of runs with length of 2 , generally l / 2 = i.
3. Auto correlation function (for d < > 0 out of phase) has constant value. Where d is
the displacement.
1. FREQUENCY TEST:
used to ensure that there is roughly the same number of O's and 1's using the
following formula:
X2 =(n0 – n1)2 / n
X2 = 0 if n0 = n1
For good sequence 0 < X2 < 3.84
Lec 10 : Data Security
Stream Cipher Systems
2
2. SERIAL TEST:
The serial test is used to ensure that the transition probabilities are reasonable.
This will give as some level of confidence that each bit is independent of its
predecessor suppose .01 occurs n 01, 10 occurs n0, 00 occurs n00…and 11 occurs
n11 times.
N01+n10=n0 or n0-1 , n10+n11 = n01 or n1-1 and
N10 + N01 + N00 + N11 = N-1 AND
X2 = 4/n - 1 Σ(nij)2 - 2/n Σ(ni)2 + 1
For good sequence X2 <= 5.99.
Ideally we wont:
n01 = n10 = n00 = n11 ≈ n-1/4
3. POKER TEST:
For any binary sequence of length m, there are 2^ different possibilities. In this test
we partition our sequence into blocks of size m (sequence of ones), and then we
count the frequency of each type of sections of length m in the sequence. If the
frequencies are
f0, f1,.. fm-1 We compute:
X2 = 2m / F Σ (Xi)2 / mi) – F
Where F = Σ fi = n/m
4. AUTO CORRELATION TEST:
For a given sequence of n bits S1,..Sn then
A (d) = ∑ai ai+d
0 <= d <= n-1
A (o) =∑ai = ni
If the sequence has ni of zeros and n1 of ones then
µ= n12 (n-d) / n2
The test will pass if
X2 = (A(d)- µ)2 /µ
X2 <=3.841 for all values of d
Lec 10 : Data Security
Stream Cipher Systems
3
5. RUNS TEST:
Devide the sequence into blocks and gaps, let r0i be the number of gaps of length i
and r1i be the number of blocks of length i. If r0 and r1 are number of gaps and
blocks respectively then:
r0 = ∑roi and r1 = ∑ r11
This test applied after the sequence had passed the serial test, then we would expect
about 1/2 the gaps with length 1 , 1/4 of gaps of length 2, and so on.
Ideally 1/2i of runs having length i.
Example:
Given
the
following
sequence
of
minimal
length
0101011101100011111001101001000
1. Frequency test
n0=15
n1=31-15=16
X2 = (15-16)2 / n = (-1)2 /31 = 1/31 = 0.0322 0.322 < 3.841
2.Serial test:
n00=6
n01=8
n10=8
n11=8
X2 = 4/n-l (n002 + n012 + n102 + n112 ) - 2/n (n02+n12) + 1
= 4/30 (36 + 64 + 64 + 64) - 2/31(152 +162) + 1
=30.4 - 31.032 + 1 = 0.368 0.368 < 5.99
Pass
Pass
of
31.
Lec 10 : Data Security
Stream Cipher Systems
also
n00+ n01 = n0 -1 =6+8 =14 = n0 - 1
n11+n10=n11 =8+8=16=n1
n00+n01+n10+n11 = 6+8+8+8= 30 = n-l
n-1/4 = 30/4 = 7.5 = 8
3.Poker test
m=5 F=n/m=31/5=6 Then we have 6 blocks of 5 digit each
01010 11101 10001 11110 01101 00100 0
We count Xi where i is number of ones in each block
X 0=0
X1=1
X2=2
X3=1
X4=2
-.
X5 = 0
X2 = 25/6 ∑ (Xi)2 /5i - 6
= 5.33(0 + 1/5 + 4/10 + 1/10 + 4/5 + 0) - 6
=5.33(2 + 4 + 1 + 8/10) – 6
=5.33*15/10 - 6 =1.995
Checking x2 table with degree of freedom of 22 - 1 = 31 then the test is pass
4.runs test
r0=9
r1=8
n01=8= r0-1
n10=8= r1
n11 =n1 –r1 = 16 - 8 = 8
4
Lec 10 : Data Security
Stream Cipher Systems
n00 = 6= n0-r0 = 15-9 = 6
r01=5
r11=4
r02=2
r12=2
r03=2
r13=1
r14=0
r15=1
5• Auto correlation test
n0= 15 n1=16
µ= (16)2 (31-l) / (31)2 =7.99 for d=l
µ = 7.72
d=2
µ = 7.45
d=3
010101110110001111100110100100
101011101100011111001101001000
A(l)=8
X2 = (8 - 7.99)2 / 7.99 = 0.0000125
010101110110001111100110100100
010111011000111110011010010000
A(2)=8
X2=(8-7.72)2/ 7.72= 0.01
010101110110001111100110100100
101110110001111100110100100000
A(3)=8
X2 = (8-7.45)2 / 7.45 = 0.04 And so on
X2 <= 3.84 for all value of d
5
Lec 10 : Data Security
Stream Cipher Systems
6
3.9 STREAM CIPHER CRYPTANALYSIS:
Stream ciphers have a wide variety of design choices, and hence, a large
number of complex stream generators have been designed with different periods and
linear complexities. On the other hand different approaches have been used by many
researchers to analyze stream ciphers, and have successfully cracked many of such
systems.
One of the earliest approaches are the matrix approach,and the Berlekamp
Massey approach. Both methods used a known-plaintext attack to determine the
linear equivalence and the primitive polynomial of the shift register.
Thomas Siegenthler presented a divide-and-conquer approach, which often called
correlation~attack, and shown that correlation immunity can be precisely defined.
The basic idea behind correlation attack is to identify some correlation between the
output of the generator and the output of one of its internal pieces, then by observing
the output sequence, information can be obtainer' about the internal output. Using
the collected information and other correlation about other internal output until the
entire generator is broken. More efficient correlation attack based on using algebraic
tools to determine the LFSR instead of the exhaustive search, this is called fast
correction attack. Artificial neural networks is been used in a known-plaintext attack
against linear feedback shift registers to obtain the linear equivalence, characteristic
polynomial, and restore missing bits in the output sequences of the shift register.
More recently, two ciphertext-only attack researches has been introduced; the first
one
uses Genetic Algorithms while the seco nd one
uses Adaptive Genetic
Programming. Both researches use the statistical properties of the natural language
heavily in formulating the fitness function. These language features make the
ciphertext-only attack possible, since it is used for measuring the fitness of the
individual programs in a population of the genetic programming.
Related documents
Lec 10: Ch 3(Stream Cipher Systems) ……... 3.8 MEASURE OF RUNDOMNESS:
Lec 10: Ch 3(Stream Cipher Systems) ……... 3.8 MEASURE OF RUNDOMNESS:
Borrowed from Study Guide for Woolfolk Educational Psychology
Borrowed from Study Guide for Woolfolk Educational Psychology
Engineering Economy Problems
Engineering Economy Problems
RNA Polymerase Chromatin Immunoprecipitation on chip (RPCC): a
RNA Polymerase Chromatin Immunoprecipitation on chip (RPCC): a
Reliability = true score + measurement error
Reliability = true score + measurement error
12.6 Number of Orders and Shipping Cost ($) (a) Make a scatter plot
12.6 Number of Orders and Shipping Cost ($) (a) Make a scatter plot
Download
advertisement