On the origin of yet another channel
Petr Svenda and Vashek Matyas
{svenda,matyas}@fi.muni.cz
Masaryk University, Faculty of Informatics, Czech Republic
Abstract: Cryptanalysis of a cryptographic function like stream, block or hash function usually requires human cryptanalytical skills and labour. However, some automation is possible -- e.g., by randomness testing suites like NIST/Diehard that can be applied to test statistical properties of cryptographic function outputs. Yet such testing suites are limited only to predefined statistical functions. We propose more open approach based on combination of software circuits and evolutionary algorithms to search for unwanted statistical properties like next bit predictability or random data non-distinguishability. Design of a software circuit acting as a testing function is automatically evolved by a stochastic optimization algorithm and uses the potentially unknown ``other channel'' leaking information during cryptographic function evaluation.
We tested this approach on candidate algorithms for SHA-3 and eStream competitions with comparable (but slightly worse) results as STS NIST and Diehard tests w.r.t. the number of rounds of the inspected algorithm, where tests are still able to detect unwanted statistical properties in output. Additionally, the proposed approach is not limited only to assess randomness-like properties in function output, but can be also used for other tests like whether a function is invertible or how does its avalanche effect degrade.
Paper download: Svenda_SPW_2013.pdf
Slides download: SPW2013_EACirc_20130318_final.pdf
@inproceedings{Svenda13_spw,
title={On the origin of yet another channel},
author={\v{S}}venda and Maty{\'a}{\v{s}}, V.},
booktitle={Proceedings of the 21th International Workshop on Security Protocols, SPW 2013, LNCS ??},
pages={??--??},
year={2013},
organization={Springer}
}
Software circuit emulator - EACirc, source codes: https://github.com/petrs/EACirc
|