INTRODUCTION TO THE APPLICATIONS OF EVOLUTIONARY COMPUTATION IN COMPUTER SECURITY AND CRYPTOGRAPHY



Similar documents
Cryptography and Network Security

Enhancing Advanced Encryption Standard S-Box Generation Based on Round Key

How To Encrypt With A 64 Bit Block Cipher

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Split Based Encryption in Secure File Transfer

The Misuse of RC4 in Microsoft Word and Excel

Cryptography & Network Security

{(i,j) 1 < i,j < n} pairs, X and X i, such that X and X i differ. exclusive-or sums. ( ) ( i ) V = f x f x

Block encryption. CS-4920: Lecture 7 Secret key cryptography. Determining the plaintext ciphertext mapping. CS4920-Lecture 7 4/1/2015

Cryptography and Network Security Chapter 3

A PPENDIX H RITERIA FOR AES E VALUATION C RITERIA FOR

How To Understand And Understand The History Of Cryptography

Effective Secure Encryption Scheme [One Time Pad] Using Complement Approach Sharad Patil 1 Ajay Kumar 2

A Comparative Study Of Two Symmetric Encryption Algorithms Across Different Platforms.

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Security for Computer Networks

Application of cube attack to block and stream ciphers

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

FAREY FRACTION BASED VECTOR PROCESSING FOR SECURE DATA TRANSMISSION

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Lecture Note 8 ATTACKS ON CRYPTOSYSTEMS I. Sourav Mukhopadhyay

1 Data Encryption Algorithm

A NEW DNA BASED APPROACH OF GENERATING KEY-DEPENDENT SHIFTROWS TRANSFORMATION

Bit-Level Encryption and Decryption of Images Using Genetic Algorithm: A New Approach

VALLIAMMAI ENGINEERING COLLEGE

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Chapter 2 Cryptanalysis of Multilanguage Encryption Techniques

CIS433/533 - Computer and Network Security Cryptography

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Cryptography and Network Security Block Cipher

Keywords Web Service, security, DES, cryptography.

Symmetric Key cryptosystem

Sandeep Mahapatra Department of Computer Science and Engineering PEC, University of Technology

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

Table of Contents. Bibliografische Informationen digitalisiert durch


The 128-bit Blockcipher CLEFIA Design Rationale

ICOM 5018 Network Security and Cryptography

Implementation of Full -Parallelism AES Encryption and Decryption

EXAM questions for the course TTM Information Security May Part 1

Teaching Computer Security

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

FPGA BASED HARDWARE KEY FOR TEMPORAL ENCRYPTION

Common Pitfalls in Cryptography for Software Developers. OWASP AppSec Israel July The OWASP Foundation

Lecture 4 Data Encryption Standard (DES)

Lecture 9 - Network Security TDTS (ht1)

A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS)

AStudyofEncryptionAlgorithmsAESDESandRSAforSecurity

CRYPTOGRAPHY IN NETWORK SECURITY

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Karagpur

Network Security. Chapter 3 Symmetric Cryptography. Symmetric Encryption. Modes of Encryption. Symmetric Block Ciphers - Modes of Encryption ECB (1)

Course Outline Department of Computing Science Faculty of Science. COMP Applied Artificial Intelligence (3,1,0) Fall 2015

IT Networks & Security CERT Luncheon Series: Cryptography

A Practical Attack on Broadcast RC4

CSCE 465 Computer & Network Security

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CPSC 467b: Cryptography and Computer Security

A STUDY OF DES ALGORITHM WITH CELLULAR AUTOMATA

International Journal of Information Technology, Modeling and Computing (IJITMC) Vol.1, No.3,August 2013

SCAN-CA Based Image Security System

CS 758: Cryptography / Network Security

SECURITY EVALUATION OF ENCRYPTION USING RANDOM NOISE GENERATED BY LCG

Lecture Notes in Computer Science

A Study of New Trends in Blowfish Algorithm

The Stream Cipher HC-128

The Advanced Encryption Standard: Four Years On

Ky Vu DeVry University, Atlanta Georgia College of Arts & Science

Cryptographic mechanisms

Multi-Layered Cryptographic Processor for Network Security

Encryption Quality Analysis and Security Evaluation of CAST-128 Algorithm and its Modified Version using Digital Images

A low-cost Alternative for OAEP

A Secure Software Implementation of Nonlinear Advanced Encryption Standard

SD12 REPLACES: N19780

One Time Password Generation for Multifactor Authentication using Graphical Password

Statistical weakness in Spritz against VMPC-R: in search for the RC4 replacement

Non-Black-Box Techniques In Crytpography. Thesis for the Ph.D degree Boaz Barak

Security Analysis of DRBG Using HMAC in NIST SP

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring

AN RC4 BASED LIGHT WEIGHT SECURE PROTOCOL FOR SENSOR NETWORKS

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Advanced Cryptography

TELECOMMUNICATION NETWORKS

HASH CODE BASED SECURITY IN CLOUD COMPUTING

A NEW DNA BASED APPROACH OF GENERATING KEY- DEPENDENTMIXCOLUMNS TRANSFORMATION

Network Security: Cryptography CS/SS G513 S.K. Sahay

Secure Key Exchange for Cloud Environment Using Cellular Automata with Triple-DES and Error-Detection

SCADA System Security, Complexity, and Security Proof

NETWORK ADMINISTRATION AND SECURITY

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

CSC384 Intro to Artificial Intelligence

Evaluating The Performance of Symmetric Encryption Algorithms

The Future of Cryptography Under Quantum Computers

ECE 297:11 - Lecture 1. Security Services. Basic Concepts of Cryptology. Security Threats and Security Services. Need for information security

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Vulnerabilities in WEP Christopher Hoffman Cryptography

Keywords : complexity, dictionary, compression, frequency, retrieval, occurrence, coded file. GJCST-C Classification : E.3

Analysis of Non-fortuitous Predictive States of the RC4 Keystream Generator

Security Aspects of. Database Outsourcing. Vahid Khodabakhshi Hadi Halvachi. Dec, 2012

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

Transcription:

INTRODUCTION TO THE APPLICATIONS OF EVOLUTIONARY COMPUTATION IN COMPUTER SECURITY AND CRYPTOGRAPHY PEDRO ISASI AND JULIO C. HERNANDEZ Computer Science Department, Carlos III University, 28911 Legans, Madrid, Spain 1. INTRODUCTION Techniques taken from the field of Artificial Intelligence, especially Evolutionary Computation (Genetic Algorithms and Genetic Programming, but also others) are steadily becoming more and more present in the area of computer security, both in network/host security and in the very demanding area of cryptology. In recent years, many algorithms that take advantage of approaches based on Evolutionary Computation have been proposed, for example, in the design and analysis of a number of new cryptographic primitives, ranging from pseudo-random number generators to block ciphers, in the cryptanalysis of state-of-the-art cryptosystems, and in the detection of network attacking patterns, to name a few. There is a growing interest from the computer security community toward Evolutionary Computation techniques, as a result of these recent successes, but there still are a number of open problems in the field that should be addressed. 2. OPEN PROBLEMS When using Evolutionary Computation in the field of cryptanalysis, the main issue is how to define fitness functions for the various heuristic methods (say genetic algorithms, simulated annealing, etc.) that avoid the problem of the deceptive fitness landscape. The landscape associated with modern cryptosystems is almost invariably delta-shaped, and straightforwardly applying heuristics to a search in such a space does not necessarily produce results better than random search. While the classical cryptosystems, nowadays totally broken, have the property that, in general, keys close to the real key produce encryptions/decryptions close to the original ciphertext/plaintext, thus significantly aiding in defining fitness functions (that measure the proximity of a certain given text to English, for example) modern ciphers do not exhibit this property. That is a major problem and the reason behind the relative lack of applications of these heuristics techniques to modern cryptosystems, where while testing a key that has 255 right bits out of 256 (99.61% correct), the resulting plaintext would appear completely random due to a property that has been named the Avalanche Effect. In cryptology, two main applications of evolutionary computation techniques have been deeply investigated: the design of good pseudorandom number generators and the design of block cipher s-boxes. The first problem is quite deceptive because all the examined approaches are based in evolving generators whose fitness is measured by observing the pseudorandom properties of part of their output. This is quite a difficult method for measuring Address correspondence to Pedro Isasi at the Computer Science Department, Carlos III University, 28911 Legans, Madrid, Spain; e-mail: isasi@ia.uc3m.es 1

pseudorandomness because, for being good, the generator should usually have an extremely long period and thus one can only observe a short part of it efficiently. On the other hand, the use of test batteries for randomness as part of the fitness function is an approach that is increasingly recognized as very limited, mainly because randomness is a very elusive concept which has no single, efficiently measurable, definition. That is the reason why these research line is focusing on the last years on developing good pseudorandom numbers for particular applications, where the required properties are well known and easily measurable, abandoning the idealistic idea of creating good pseudorandom generators for all purposes. The second problem has reached, contrarily to many expectations, a great success. The design of substitution boxes (s-boxes) is a critical phase in the development of a block cipher. When designing a new block cipher, many researchers follow Feistel s recommendations. If so done, the problem is essentially reduced to the design of good s-boxes. Feistel type block ciphers abound, proving the overall scheme, while not optimum, is robust enough. From the ancient DES to the recent CAST-256, many block cipher designers opt for following this scheme due to its simplicity, good properties and robustness, guaranteed by exhaustive testing along the years. So having good algorithms for the automatic generation of s-boxes imply being able of automatically generating good new block ciphers, and that is the reason behind the increasing interest in the field, especially after the many successes obtained by different researchers in the area. It is foreseeable that in the future, these research trends will be further explored and some of the described open problems will get imaginative and brilliant solutions. It is quite probable, also, that new fields and applications will emerge. The articles presented in this special issue clearly contribute to this effort in both directions. 3. STATE OF THE ART Many researchers in the past have brilliantly worked in the field of artificial intelligence applications to computer security and cryptology. We will very briefly present their most important achievements. It all started with the pioneer work of Peleg and Rosenfeld (1979). Along these lines it followed the works of Hunter and McKenzie (1983), Carroll and Martin (1986), and King and Bahler (1992), which proposed breaking a simple substitution cipher by means of different relaxation algorithms. Also worth mentioning are the articles by Ganesan and Sherman (1993), which proposed new probability distributions to help in automatically distinguishing between a given language and random text, very useful for key exhaustion, and the paper by Cain and Sherman (1994), where the authors broke the Gifford stream cipher. Ramesh, Athithan, and Thiruvengadam (1993) proposed a very original patterns-based attack against simple substitution ciphers. Wagner and Bellovin (1994) designed a very efficient plaintext recognizer to allow for speed-ups in brute force attacks. Also in 1994, King showed the first attack on polyalphabetic substitution ciphers, an idea that was later extended and improved by Clark and Dawson (1997) with the help of a parallel genetic algorithm. We should also mention some other works that had a direct and deep influence over the approaches that many researchers still use today. The work of Spillman et al. (1993), which first introduced genetic algorithms in the cryptanalysis of simple substitution and transposition ciphers; the article by Forsyth and Safavi-Naini (1993) proposed the use of simulated annealing for solving the same problem, and the paper by Jakobsen (1995) showed that simpler and more efficient hill-climbing techniques were also able to break substitution ciphers. 2

If one should draw a temporal line between the so-called classical and modern techniques this would be the year 1997, with the paper of Bagnall, McKeown, and Rayward- Smith (1997), where the authors presented a ciphertext-only attack over a simplified version of an ENIGMA rotor machine based on the use of a genetic algorithm. Also crucial for the field was the research carried on by the Australian group at QUT, Brisbane, which included the Ph.D. Thesis of Clark, published in 1998. That was a major advance in the area. It introduced the tabu search technique in cryptanalysis, compared different heuristic techniques (genetic algorithms, simulated annealing, and tabu search) at breaking classical cryptosystems and proposed the use of simulated annealing in the cryptanalysis of a certain class of stream ciphers. Millan, Clark, and Dawson additionally proposed a model for the generation of Boolean functions with excellent cryptographic applications, thus starting a very fruitful research line and showing these techniques could also help in cryptography, not only cryptanalysis. Examples of other successful research directions are, for example, the use of cellular automata. The first papers were those by Wolfram (1986), proposing their use for pseudorandom number generation and for the design of block ciphers. Daamgard also used them in 1991 for designing hash functions, a work which was later cryptanalyzed by Daemen, Govaerts and Vandewalle (1993). Meier and Staffelbach (1991) pointed out many deficiencies of the generator proposed by Wolfram, and later on Daemen, Govaerts and Vandewalle described a new algorithm that solved these problems. Although forgotten during some time, this research line is recently living a renaissance and in the last years many important works have been published in the area, notably by Slipper and Tomassini (1996), who coined the term cellular programming, and more recently by Sheng-Uei and Shu Zhang (2003), which designed a pseudorandom cellular automata based number generator with excellent random properties. Another very fruitful research area, although not strictly based in the evolutionary computation paradigm, is the application of neural networks to cryptology, where the team was formed by Kinzel. Kanter has produced very interesting results from 2002 that prove neural networks could be used in pseudorandom number generation and public key exchange. Unfortunately, this latter proposal, by far the most interesting, was quickly broken by Klimov, Mityaguine, and Shamir who, curiously, used various techniques based on genetic algorithms and simulated annealing to cryptanalyze it. More recently, various important contributions to the field have been published by Clark and Jacob, of which we should mention the 2002 article where they propose a totally new way of attacking implementations of cryptographic primitives based on fault injection and timing analysis, which they also show is powerful enough to break the Permuted Perceptron Problem identification schemes by means of simulated annealing. Another interesting research line is that developed by Hernandez et al. (2002), on the analysis of the weaknesses of the modern block cipher TEA, including the automatic construction of distinguishers. Also worth mentioning is the continuation of the work of Bill Millan and Ed Dawson on the generation of good Boolean functions for cryptographic uses. Some of the latest achievements of these works are included in this Special Issue. 4. ABOUT THIS ISSUE This special issue is an exceptional occasion to present the topic and give interested researchers an opportunity to review the current state-of-art of the area by a selection of excellent contributions which show new methodologies, novel applications, and explore promising new directions. 3

The articles included are extended and improved versions of the best papers presented to the special session organized by the authors at the 2003 IEEE Congress on Evolutionary Computation. An outstanding panel of reviewers considered these articles the best ones, and also made some comments and suggestions to improve their attractiveness and readability, followed by authors. The final result is this Special Issue. ACKNOWLEDGMENTS We finally want to acknowledge the help of the extraordinary panel of reviewers that worked quite hard in the selection of the papers to be included in this special issue: John Clark, from York University, UK; Bill Millan from Queensland University, Australia; Richard Spillman, from the Pacific Lutheran University at Tacoma, Washington, USA; Tony Bagnall, from the School of Information Systems of the University of East Anglia, UK; Nicholas Hopper from the CMU Computer Science Department, Pittsburgh, USA; Jungwon Kim, from King s College London, UK; Lisa Strite from IBM Raleigh, USA; Carlos A. Coello Coello from CINVESTAV-IPN, México; Jun He, from the University of Birmingham, UK; Hari V. Sahasrabuddhe from the Kanwal Rekhi School of Information Technology at the Indian Institute of Technology, Bombay. Thanks to all of them. Thanks also to the Editors of Computational Intelligence, Randy Goebel, Russell Greiner, and Dekang Lin for their confidence and help, and to Keri Ann Reid, the Editorial Assistant, for her valuable assistance and patience. REFERENCES BAGNALL, A. J., G. P. MC KEOWN, and V. J. RAYWARD-SMITH. 1997. The cryptanalysis of a three rotor machine using a genetic algorithm. In Proceedings of the 7th International Conference on Genetics Algorithms ICGA 97. Morgan-Kaufmann. CAIN, T. R., and A. T. SHERMAN. 1994. How to break Gifford s Cipher. In Proceedings of the ACM Conference on Computer and Communications Security, pp. 198 209. CARROLL, J. M., and S. MARTIN. 1986. The automated cryptanalysis of substitution ciphers. Cryptologia, X(4):193 209. CLARK, A., and E. DAWSON. 1997. A parallel genetic algorithm for cryptanalysis of the polyalphabetic substitution cipher. Cryptologia, 21(2):129 138. CLARK, A. J. 1998. Optimization Heuristics for Cryptology. Ph.D. Thesis, Information Security Research Center, Faculty of Information Technology, Queensland University of Technology. CLARK, J. A., and J. L. JACOB. 2002. Fault injection and a timing channel on an analysis technique. In Proceedings of Eurocrypt 2002, pp. 181 197. DAEMEN, J., R. GOVAERTS, and J. VANDEWALLE. 1993. A framework for the design of one-way hash functions including cryptanalysis of Damgaard s one way function based on cellular automaton. Advances in Cryptology: Proceedings of Asiacrypt 91, LNCS v. 739, pp. 82 96. FORSYTH, W. S., and R. SAFAVI-NAINI. 1993. Automated cryptanalysis of substitution ciphers. Cryptologia, XVII(4):407 418. GANESAN, R., and A. T. SHERMAN. 1993. Statistical Techniques for Language Recognition: An introduction and guide for cryptanalysts. Cryptologia, XVII(4):321 366. HERNANDEZ, J., J. M. SIERRA, P. ISASI, and A. RIBAGORDA. 2002. Genetic cryptoanalysis of two rounds TEA. Lecture Notes in Computer Science, 2331:1024 1031. HUNTER, D. G. N., and A. R. MCKENZIE. 1983. Experiments with relaxation algorithms for breaking simple substitution ciphers. The Computer Journal, 26(1):68 71. 4

KANTER I., W. KINZEL, and E. KANTER. 2002. Secure exchange of information by synchronization of neural networks. Europhyses Letters, 57:141. KING, J. C. 1994. An algorithm for the complete cryptanalysis of periodic polyalphabetic substitution ciphers. Cryptologia, XVIII(4):332 355. KING, J. C., and D. R. BAHLER. 1992. An implementation of probabilistic relaxation in the cryptanalysis of simple substitution ciphers. Cryptologia, XVI(3):215 225. MEIER, W., and O. STAFFELBACH. 1991. Analysis of Pseudo Random Sequences Generated by Cellular Automata. Advances in Cryptology. In Proceedings of Eurocrypt 91, Springer-Verlag LNCS v. 547, pp. 186 199. PELEG, S., and A. ROSENFELD. 1979. Breaking substitution ciphers using a relaxation algorithm. Communications of the ACM, 22(11):598 605. RAMESH, R. S., G. ATHITHAN, and K. THIRUVENGADAM. 1993. An automated approach to solve simple substitution ciphers. Cryptologia, XVII(2):202 218. SLIPPER, M., and M. TOMASSINI. 1996. Co-evolving parallel random number generators. In Proceedings of the Parallel problem solving from Nature-PPSN IV, pp. 950 959. Springer-Verlag. SPILLMA, R., M. JANSSEN,B.NELSON, and M. KEPNER. 1993. Use of a genetic algorithm in the cryptanalysis of simple substitution ciphers. Cryptologia, XVII(1):31 44. SHENG-UEI, and S. ZHANG. 2003. An evolutionary approach to the design of controllable cellular automata structure for random number generation. IEEE Transactions on Evolutionary Computation, 7(1). WAGNER, D., and S. M. BELLOVIN. 1994. A programmable plaintext recognizer. Unpublished manuscript. Available at http://www.cs.berkeley.edu/ daw/papers/recog.ps. WOLFRAM, S. 1986. Random sequence generation by cellular automata. Advances in Applied Mathematics, 7:123. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information