Tweaking cryptographic primitives with moderate state space by direct manipulation

Cryptographic primitives such as hash chains or pseudo-random number generators (PRNGs) work for some time without input. State space in embedded applications is often moderate because of resource restrictions, so that state repetitions might occur too soon and may compromise security. We investigate the question whether it is possible to change the transition function of such a primitive only for a very small number of states and still achieve a notable increase in cycle length. We present a greedy algorithm that searches those states, and give an implementation that only marginally increases the effort per state transition. We evaluate the algorithm with a chaotic PRNG and hash chains based on MD5 and SHA-3 with promising results.

[1]  J. Keller Parallel Exploration of the Structure of Random Functions , 2002 .

[2]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[3]  Elaine B. Barker,et al.  A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications , 2000 .

[4]  W. Marsden I and J , 2012 .

[5]  Honorio Martín,et al.  AKARI-X: A pseudorandom number generator for secure lightweight systems , 2011, 2011 IEEE 17th International On-Line Testing Symposium.

[6]  Anand Desai,et al.  A Practice-Oriented Treatment of Pseudorandom Number Generators , 2002, EUROCRYPT.

[7]  Jörg Keller,et al.  Period lengths of chaotic pseudo-random number generators , 2007 .

[8]  Jörg Keller,et al.  Parallel-External Computation of the Cycle Structure of Invertible Cryptographic Functions , 2007, 15th EUROMICRO International Conference on Parallel, Distributed and Network-Based Processing (PDP'07).

[9]  Alex Biryukov,et al.  Real Time Cryptanalysis of theAlleged A 5 / 1 on a PC ( preliminary draft ) , 1999 .

[10]  Jörg Keller,et al.  Structural improvements of chaotic PRNG implementations , 2016, 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST).

[11]  Jovan Dj. Golic,et al.  Cryptanalysis of Alleged A5 Stream Cipher , 1997, EUROCRYPT.

[12]  Donald E. Knuth,et al.  Mathematical Analysis of Algorithms , 1971, IFIP Congress.

[13]  Philippe Flajolet,et al.  Random Mapping Statistics , 1990, EUROCRYPT.

[14]  P ? ? ? ? ? ? ? % ? ? ? ? , 1991 .

[15]  David Pointcheval,et al.  Security analysis of pseudo-random number generators with input: /dev/random is not robust , 2013, CCS.

[16]  Ulrich Meyer,et al.  A structural analysis of the A5/1 state transition graph , 2012, GRAPHITE.