Large-scale randomness study of security margins for 100+ cryptographic functions

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F22%3A00126488" target="_blank" >RIV/00216224:14330/22:00126488 - isvavai.cz</a>

Výsledek na webu

<a href="http://dx.doi.org/10.5220/0011267600003283" target="_blank" >http://dx.doi.org/10.5220/0011267600003283</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.5220/0011267600003283" target="_blank" >10.5220/0011267600003283</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Large-scale randomness study of security margins for 100+ cryptographic functions

Popis výsledku v původním jazyce

The output of cryptographic functions, be it encryption routines or hash functions, should be statistically indistinguishable from a truly random data for an external observer. The property can be partially tested automatically using batteries of statistical tests. However, it is not easy in practice: multiple incompatible test suites exist, with possibly overlapping and correlated tests, making the statistically robust interpretation of results difficult. Additionally, a significant amount of data processing is required to test every separate cryptographic function. Due to these obstacles, no large-scale systematic analysis of the the round-reduced cryptographic functions w.r.t their input mixing capability, which would provide an insight into the behaviour of the whole classes of functions rather than few selected ones, was yet published. We created a framework to consistently run 414 statistical tests and their variants from the commonly used statistical testing batteries (NIST STS, Dieharder, TestU01, and BoolTest). Using the distributed computational cluster providing required significant processing power, we analyzed the output of 109 round-reduced cryptographic functions (hash, lightweight, and block-based encryption functions) in the multiple configurations, scrutinizing the mixing property of each one. As a result, we established the fraction of a function’s rounds with still detectable bias (a.k.a. security margin) when analyzed by randomness statistical tests.

Název v anglickém jazyce

Large-scale randomness study of security margins for 100+ cryptographic functions

Popis výsledku anglicky

The output of cryptographic functions, be it encryption routines or hash functions, should be statistically indistinguishable from a truly random data for an external observer. The property can be partially tested automatically using batteries of statistical tests. However, it is not easy in practice: multiple incompatible test suites exist, with possibly overlapping and correlated tests, making the statistically robust interpretation of results difficult. Additionally, a significant amount of data processing is required to test every separate cryptographic function. Due to these obstacles, no large-scale systematic analysis of the the round-reduced cryptographic functions w.r.t their input mixing capability, which would provide an insight into the behaviour of the whole classes of functions rather than few selected ones, was yet published. We created a framework to consistently run 414 statistical tests and their variants from the commonly used statistical testing batteries (NIST STS, Dieharder, TestU01, and BoolTest). Using the distributed computational cluster providing required significant processing power, we analyzed the output of 109 round-reduced cryptographic functions (hash, lightweight, and block-based encryption functions) in the multiple configurations, scrutinizing the mixing property of each one. As a result, we established the fraction of a function’s rounds with still detectable bias (a.k.a. security margin) when analyzed by randomness statistical tests.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

Výsledek vznikl pri realizaci vícero projektů. Více informací v záložce Projekty.

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2022

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 19th International Conference on Security and Cryptography

ISBN

9789897585906

ISSN

2184-7711

e-ISSN

—

Počet stran výsledku

13

Strana od-do

134-146

Název nakladatele

Scitepress

Místo vydání

Lisbon, Portugal

Místo konání akce

Lisbon, Portugal

Datum konání akce

1. 1. 2022

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

000853004900011