Theses
Permanent URI for this collectionhttp://164.52.219.250:4000/handle/10263/2744
Browse
4 results
Search Results
Item Provable Security in Idealised Models(Indian Statistical Institute, Kolkata, 2024-07) Dhar, ChandrananThis thesis is a compilation of provable security analyses of various cryptographic constructions in idealised models. The first construction examined is the ABR hash. We revisit the existing proof of the ABR hash in the random oracle model and identify significant errors in the proof. Although we are unable to correct the original proof, we establish the security of the ABR tree of height 3 from scratch, addressing the first non-trivial case. As our second contribution, we conduct a tight and comprehensive security analysis of the Ascon AEAD mode in the random permutation model. We show that the efficiency of Ascon can be increased by 50%, and the tag size can be halved without losing any security. In the third contribution, we extend our security analysis of Ascon to the multiuser setting, providing tight security bounds for both nonce-respecting and noncemisuse adversaries. Additionally, we propose LK-Ascon, a variant of Ascon with a key size of up to 256 bits, offering improved multi-user security compared to Ascon. As the final contribution, we introduce PACT, a transform that converts any authenticated encryption mode into a context-committing one without any output length expansion. PACT achieves this with a single call to a collision-resistant unkeyed hash function and one call to a block cipher, with the analysis performed in the ideal cipher model. We also propose comPACT, a faster version of PACT which gives a nonce-respecting committing authenticated encryption scheme.Item Cryptanalysis of Selected SPN and NLFSR-based Symmetric-Key Ciphers(Indian Statistical Institute, Kolkata, 2023-06) Jana, AmitThe thesis focuses on the cryptanalysis of private-key ciphers, which are widely used encryption methods due to their fast encryption/decryption computing ability and low memory requirements. The thesis covers two different aspects of cryptanalysis: traditional attack techniques and physical attacks. For physical attacks, the thesis presents a differential fault attack on the CAESAR scheme NORX with parallelism levels of 2 and 4. By introducing faults in NORX in parallel mode, the state collides with the internal branches to produce an all-zero state, which can be replayed despite different nonces and messages. The secret key of NORX is recovered using secondary faults and faulty tags, utilizing both internal and classical differentials. The attack strategy is demonstrated using different fault models to showcase its versatility. Additionally, the thesis identifies and solves a new variant of the coupon collector problem called the Non-circular Consecutive Coupon Collector Problem, which estimates the expected faults for the consecutive bit-fault model. The problem is extended to the circular variant and validated using hypothesis testing. The outcomes of this study may hold significance and relevance to the research community as a standalone contribution. Furthermore, the thesis investigates the faulty forgery attack on the decryption query to recover the state, leading to key recovery, for sponge-based authentication schemes with internal permutations following the SPN-based GFN structure. The attack is then extended to retrieve the secret key of any SPN-based sponge/SIV-like schemes. For traditional cryptanalysis, the thesis analyzes differential cryptanalysis of single or multiple AND-based NLFSR-like ciphers. Recent trends in automated cryptanalysis involve modeling classical cryptanalysis tools as optimization problems to leverage state-of-the-art solvers and improving existing models to make them more efficient and accurate. The thesis contributes to this trend by devising a general MILP model referred to as “DEEPAND” that captures the correlations among multiple AND gates in NLFSR-based lightweight block ciphers. The DEEPAND model builds upon and generalizes the idea of joint propagation of differences through AND gates, captured using refined MILP modeling of TinyJAMBU by Saha et al. in FSE 2020. The proposed model has been applied to TinyJAMBU and KATAN and can detect correlations that were missed by earlier models. This leads to more accurate differential bounds for both ciphers.Item Design and Analysis of Authenticated Encryption Modes(Indian Statistical Institute, Kolkata, 2024-09) Bhattacharjee, ArghyaThis thesis proposes and analyses the security of a few symmetric key modes. The first three of them are NAEAD modes, named Oribatida, ISAP+ and OCB+. Oribatida is lightweight, sponge-based, INT-RUP secure and achieves better than the default PRF security of a keyed sponge. ISAP+ is an instance of a generic EtHM involving a PRF and a hash, a generalisation of ISAP-type modes. The generic sponge hash of ISAP is replaced with a feed-forward variant of it in ISAP+, which results in better security. OCB+ uses OTBC-3 (a nonce-respecting BBB secure offset-based tweakable block-cipher) in an OCB-like mode to achieve BBB privacy. We conclude with a BBB secure NE mode named CENCPP*, which is a public permutation-based variant of the block-cipher-based mode CENC as well as a variable output length version of SoEM. All the relevant security proofs have been done using a method named Coefficients H Technique.Item Design and Analysis of Lightweight Authenticated Encryption with Associated Data(Indian Statistical Institute, Kolkata, 2023-01) Chakraborty, BishwajitThe demand for lightweight cryptographic protocols has skyrocketed in the previous decade, especially for many resource-constrained devices such as IoT end nodes and RFID tags. The goal of lightweight cryptography is to use less memory, processing resources, and power to create a less secure but adequate security solution on devices with limited resources. As a result, lightweight cryptographic protocols should be easier and faster to use than traditional ones. The National Institute of Standards and Technology (NIST) began a standardization process in 2018 for lightweight cryptographic (LWC) encryption schemes that have at least one scheme with a key length of 128 bits and can achieve security against adversaries capable of making 2^{50}- 1 byte queries and 2^{112} computations. Running a good feedback loop on a specified lightweight primitive is a typical approach to designing such schemes. In more technical terms, such approaches process data input into fixed-sized chunks. Following initialization, the primitive output is passed through a suitable function with one of these partial data inputs to provide acceptable output and feedback for the primitive's subsequent execution. In this thesis, we start by looking at existing schemes that use pseudo-random permutations as the underlying primitive and can be thought of as different variations of the Sponge scheme. We give all such structures a new name Transform-then-Permute and do a security analysis. We show that we can reduce the security of such schemes to a graph theoretic security game called the "multi-chain security game," based on the underlying feedback function of the Transform-then-Permute design. Then, for various feedback functions, we employ various techniques to limit an adversary's advantage against this game. As a result, we developed some novel or significantly enhanced security bounds for popular permutation-based authenticated encryption techniques. Finally, we aim to design authenticated encryption techniques to process the most data possible in each protocol iteration. We construct and examine two generalized systems, Full-rate Transform-then-Permute and mF, which use a pseudo-random permutation and a tweakable block cipher as their underlying primitives, respectively. We illustrate how to instantiate these general structures to meet the NIST LwC requirement.