Embed Size (px)
Citation preview
Supervisor: Mrs. Pomares
Mathematic HL
Portfolio
Analysis of the stream cipher
symmetrical cryptography
encryption technic
Saturnin Pugnet Session: May 2014
Candidate Number: 001386-0055 IBS of Provence
2 * : see bibliography
Index 1. Introduction------------------------------------------------------3
2. Rational-----------------------------------------------------------3
3. Definition----------------------------------------------------------4
3.1 Basic definitions--------------------------------------------------4
3.2 Introduction to matrix-------------------------------------------4
4. Foreword---------------------------------------------------------7
5. Stream cipher---------------------------------------------------9
5.1 Presentation------------------------------------------------------9
5.2 PNRG---------------------------------------------------------------9
5.3 LSFR-------------------------------------------------------------10
5.3.1 Explanation-------------------------------------------------------10
5.3.2 Example of breaking an LSFR-------------------------------13
5.4 Algebraic Normal Form---------------------------------------16
5.5 A5/1 encryptions-----------------------------------------------18
5.6 RC4 encryptions-----------------------------------------------19
5.6.1 KSA-----------------------------------------------------------------19
5.6.2 PRGA----------------------------------------------------------20
6. Conclusion------------------------------------------------------22
7. Bibliography----------------------------------------------------23
3 * : see bibliography
1. Introduction
Ever since the Roman Empire, man has been using encrypted messages to
communicate, becoming more and more complicated over time. Nowadays with the
development of computer technologies, encrypting data in an efficient way has
become more and more important. Thus the mathematical technic used to encrypt
the message has also become more and more complicated.
Today, there are two types of encryptions: symmetrical encryption and asymmetrical
encryption. We are only going to study symmetrical encryption during this
exploration. In symmetrical encryption, there are two ciphers types:
- The block cipher which consists in encoding a message by blocks of characters
- The stream cipher that consists of encrypting the message character by character.
The goal of this exploration is to understand how symmetrical encryption works, but it
is too vast to be entirely study therefore, we are going to analyze only some stream
cipher encryption types :A5/1, RC4, LSFR.
2. Rationale For many years I have been interested by the computer sciences and I saw this math
portfolio as a good opportunity to develop my knowledge in this subject. Although the
mathematics used in cryptography is not part of the IB program I did my own
research to be able to study it. This study was a really interesting and enriching
project which allows me to develop my understanding of security networks in
computers and the way it is link to mathematics.
4 * : see bibliography
3. Definitions 3.1 Basic definitions
Binary: It is the computer’s language; it is in base 2 using 0 and 1.
Bit: It is binary (0 or 1), it represents one figure. To convert from bit to number I have
used an online converter1.
Octet: It is a sequence of 8 bits.
Key: It is the series that is used to produce an encrypted message by making
operation between the message and the key; it can be numbers, letters, signs etc.
Hexadecimal: It is numbers in base 16 were the 10, 11, 12, 13, 14 and 15 are
represented by A, B, C, D, E and F.
Example: From 1 to 16 it is 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E and F.
⊕ (XOR): The XOR is a simple binary operation (addition or subtraction) without
taking into account the “borrow” or “carry” addition or subtraction
give the same result in this case, that is why it is considered as a
single operation in cryptography (XOR).
Ex: 1 + 1 = 10 => without the carry = 0 = 1 XOR 1,
1-1=0 it is the same as 1 XOR 1
⊗ (AND): The AND is a binary multiplication of one figure (1 or 0) with another.
Ex: 10101111
⊗ 11
= 010101111
⊕ 101011110
= 111110001
Modulo (mod): Considering A and B two integers, A mod B gives the remainder of an
Euclidian division of A with B. It is often used to set an upper limit for the results in
cryptography. For example when dealing with letters the upper limit must be 26
because there are only 26 letters in the alphabet.
Ex: 5 mod 2 = 5-2×2 = 1; 51 mod 26 = 51-26×1 = 25
: This represents the multiplication from i=1 to i=N of Ci.
Ex: =21 22 23 24 25 26 27 28 29 210
: Galois field9 (2) which is a finite field composed of two elements (0 and 1) where
the addition and subtraction are XOR and the multiplication are AND; most of the
calculi are done in this field as it is the one used in cryptography.
A B A XOR B
0 0 0
1 0 1
0 1 1
1 1 0
A B A AND B
0 0 0
1 0 0
0 1 0
1 1 1
5 * : see bibliography
3.2 Introduction to matrix2
Matrix: It is an array of number
this is an example of matrix with 2 columns and 2 rows.
A matrix can be multiplied by a scalar. Every number in the matrix is multiplied to the
scalar.
X ×
=
where X
A matrix can be added or subtracted to another matrix but it must have exactly the
same number of rows and columns. When you add them together the number in the
first row, first column of the first matrix will be added to the number first row and first
column of the second matrix.
+
=
A matrix can be multiplied to another matrix but the number of column of the first
matrix must be equal to the number of rows of the second one. You multiplied each
rows of the first matrix by the columns of the second matrix. The first number of the
first row of the first matrix is multiplied with the first number of the first column of the
second matrix, the second number with the second number…etc. and they are finally
added together to give the number at the position of the row of the first one and the
column of the second one.
×
=
Ex:
× =
=
Finally, the identity matrix is a matrix I such as A × I = I × A = A and it is characterize
by the diagonal from the top left to the bottom right of the number 1 and 0 in all other
positions. An identity matrix is always a square matrix (same numbers of rows than
columns). We usually write In where n is the number of rows and column.
Example: I2 =
, I3 =
and I4 =
Inverse matrix: The inverse Matrix of a matrix A is A-1 such as A× A-1 = I = A-1 × A
to find the inverse matrix of a 2×2 matrix you must use this formula
A-1 =
×
where A =
Example: A =
A-1 =
×
=
×
=
6 * : see bibliography
For bigger matrix we can find the inverse by using an equation system as we know I
and A, during my analysis I won’t show my calculations to find inverse matrix but I
calculated it myself using equations.
7 * : see bibliography
4. Foreword 4.1 Caesar
3 cipher
The use of cryptography is really old and has become more and more complex over
time. At the beginning it was simple mathematic technic such as the Caesar cipher,
used by Caesar during war time. It was not really secure but most of Caesar’s
enemies were illiterate and would assume that the message was written in an
unknown language. But as it is a simple mathematical model it had quickly become
obsolete.
Caesar cipher works on the principle that each letter correspond to a number (A=0
B=1 C=2 D=3 E=4 F=5 G=6 H=7 I=8 J=9 K=10 L=11 M=12 N=13 O=14 P=15 Q=16
R=17 S=18…) and that you change the value of each letter according to the key with
a maximum value of 26 as there is 26 letters in the alphabet.
Assuming Sn is the series of letters corresponding to the message, Cn is the series
corresponding to the encoded message and K is the key: Cn = (Sn+K) mod 26
Ex: message=HELLO with key=4:
(H+4) mod 26 = (7+4) mod 26 = 11 = L
(E+4) mod 26 = (4+4) mod 26 = 8 = I
(L+4) mod 26 = (11+4) mod 26 = 15 = P
(L+4) mod 26 = (11+4) mod 26 = 15 = P
(O+4) mod 26 = (14+4) mod 26 = 18 = S
LIPPS is the encrypted message of HELLO using Caesar cipher with a key of 4 in the
Caesar cipher.
4.2 Vinegère3 cipher
The Vinegère cipher has been the first one to introduce keys of more than one
character into the encryption. It was created at the 16th century and was known as
the strongest encryption technic. Nevertheless, it was broken by skilled cryptanalyst
during the 17th century but declared officially broken at the 19th century only and out-
of-date.
The key is not as long as the message but is repeated to get the same length (key
abc for a message of 7 letters the key becomes abc abc a). To find the cipher
number you associate the letters to number (A=0, B=1, C=2…) like for the Caesar
cipher and then you add them to the key:
Assuming Sn is the series of letters corresponding to the message, Cn is the series
corresponding to the encoded message, Kn is a series representing the key and L is
the length of the key: Cn = (Sn + (Kn mod L )) mod 26
8 * : see bibliography
Ex: message=HELLO key=ABC
(H+A) mod 26 = (7+0) mod 26 = 7 = H
(E+B) mod 26 = (4+1) mod 26 = 5 = F
(L+C) mod 26 = (11+2) mod 26 = 13 = N
(L+A) mod 26 = (11+0) mod 26 = 11 = L
(O+B) mod 26 = (14+1) mod 26 = 15 = P
therefore the encrypted message would be HFNLP for HELLO using Vinegère cipher
with the key ABC.
4.3 Vernam3 cipher
A more recent encryption technic is the Vernam cipher. The main characteristic of the
Vernam cipher is that the key has the same length than the message. It was created
in 1917, and it was used during the war. The new thing about this kind of cipher is
that it is unbreakable if the key is generated randomly and if it is used only once. It is
the ancestor of stream cipher that we are going to study.
The principle is that each letter of the message corresponds to one character of the
key as in the Caesar cipher the message is modify by adding the value of the
message and the key.
Assuming Sn is the series of figure corresponding to the message, Cn is the series
corresponding to the coded message, Kn is the series corresponding to the key: Cn =
(Sn + Kn) mod 26
Ex: message=HELLO key=18654
(H+1) mod 26 = (7+1) mod 26 = 8 = I
(E+8) mod 26 = (4+8) mod 26 = 12 = M
(L+6) mod 26 = (11+6) mod 26 = 17 = R
(L+5) mod 26 = (11+5) mod 26 = 16 = Q
(O+4) mod 26 = (14+4) mod 26 = 18 = S
At the end you get IMRQS with the message HELLO using the Vernam cipher and
the key 18654.
We are often going to use binary during this study as the computer work with it. The
binary numbers after it has been encrypted by the computer sending the message
and decrypted by the computer receiving the message, are converted into letters,
informations or instruction. Moreover the binary model is just one way of studying it,
that is why sometimes number in base 10, 15, 64 or 264 are used.
9 * : see bibliography
5. Stream Cipher 5.1 Presentation
A scheme of how the streams cipher4,6 work
(⊕=XOR)
Fig 1: Scheme of a stream cipher
We define K as the series representing the key that is known by both the one that
sends the message and the one that receives it.
The Initialization Vector is a series that is changed between each encryption to avoid
that the PRNG (Pseudo Random Number Generator) is found as it is not completely
cryptographically sure (we are going to demonstrate this after). The initialization
vector can be added in several ways. For example it could use the function XOR with
the key as a parameter.
5.2 PNRG
The PRNG is a function that creates random numbers (0 or 1), it works according to
the Golomb’s criteria5 of randomness which are:
For the series , ….
1) The number of 1 and 0 must be almost equal:
0
2) A series is a suite of identical bit next to each other between two opposite bits
(example of series 1 10 01; ). There are as much series of 0
as 1.
There is S/2 series of length 1
Initialization
Vector Pseudo Random
Number
Generator
Encrypted
message
0 or 1
0 or 1
K
Message
10 * : see bibliography
There is S/4 series of length 2
There is S/8 series of length 3
…
There is S/ series of length k
3) And finally there must be no correlation between two bits.
5.3 LSFR5
The PNRG can be an LSFR (Linear Feedback Shift Register) which is a function that
follows the Golomb’s criteria. 5.3.1 Explanation
LSFR (Linear Feedback Shift Register) are used in many stream ciphers such as
A5/1(part 5.5 of the explorations) or GSM(Global System Of Mobile Communication).
It can be represented by a series where the first bit is the output and the n last bit of
the series are used to define the next term of the series, by using the function XOR to
them. Each time an output is defined a new number is added to the series. The
following diagram is a scheme of how a LFSR work :
We defined S the series that represent the LSFR where the initial state is =0, =1,
=0, =1, =1, =1, =0 and the coefficients that represents which number are
going to be used to create the new number of the series S (1 means that they are
used, 0 means they are not used) are =1, =0, =1, =0, =1, =1, =0.
Output: GREEN
Bit used to define the new bits of the series S: RED
Result of the XOR operation of the RED bits: BLUE
EXAMPLE 1
Time
1
0
1
1
1
0
1
0/0
Output
11 * : see bibliography
Time
2
Time 3
The relation between the bits can be represented by that equation in the Galois Field
(2), the matrix is called the multiplication matrix6 where t is the number of round done
(number of output), S the series created by the LSFR, I a positive integer and C is the
series representing the bits used to create the next bits in S (coefficients):
=
.
1
0
0
1
1
1
0/0
Output 10
0
0
1
1
1
0
1/1
Output 0
12 * : see bibliography
For the EXAMPLE 1:
=
.
=
.
-Period of an LSFR
For a series of n terms we know that there are different possibilities as there are
only 2 figures (0 and 1); therefore the series S must be periodic. We also know
according to the formulae above that if everything is initialized at 0 it is going to stay
at zero: = 0. Therefore the maximum length of a period of an LSFR is -1.
-Feedback Polynomial
We define the feedback polynomial of an LFSR of length L and with the coefficient C
= , … as: feedback polynomial = +
, It is what represents an
LSFR.
For example the feedback polynomial of the EXAMPLE 1 ( =1, =0, =1, =0,
=1, =1, =0) L=6:
+
= + 1× + 0× + 1× + 0× + 1× + 1× + 0×
= + + + + 1
13 * : see bibliography
5.3.2 Example of breaking an LSFR6
A LFSR (which is a PRNG) is not cryptographically sure. Assuming L is the number
of bits when it initialized, we can find the complete series knowing only 2L bits
consecutive. I propose a demonstration:
(All the multiplications and additions are made in F2)
The series created by the LSFR initialized with 4 bits:
???? ???? ???? ???? 0111 1011
The goal is to find the inverse matrix of the multiplication matrix A, the matrix to
create the next bit of the serie, to be able to go back in the series
1. First we want to find the coefficients.
We define M a matrix representing the 8 bits M =
If we multiply M by the coefficients we get the bit following each rows of M:
M .
=
= M-1 .
M . M-1 = I4
.
=
M-1 =
Therefore the coefficients are
=
.
=
Now, we know that C1=1, C2=1, C3=1, C4=1
And thus the Feedback Polynomial of that LSFR is X4+ X3+ X2 +X+1 (explanation
feedback polynomial part 5.3.1)
14 * : see bibliography
2. Now we want to find the multiplication matrix A.
We consider A the multiplication matrix of the LSFR and Sn the series created by it:
. A = .
And we know that S5 is the XOR operation of the term of the series which are
selected by the coefficient
S5 = .
= .
= ×S1 + ×S2 + ×S3 + ×S4
= S1 + S2 + S3 + S4
We consider A =
and we know that . A =
For the first column of the matrix ×S1+ ×S2+ ×S3+ ×S4 = S2 therefore =0, =1,
=0, =0
For the second column of the matrix ×S1+ ×S2+ ×S3+ ×S4 = S3 therefore =0,
=0, =1, =0
On the third column of the matrix ×S1+ ×S2+ ×S3+ ×S4 = S4 therefore =0,
=0, =0, =1
On the last column of the matrix ×S1+ ×S2+ ×S3+ ×S4 = S5 = S4 + S3 + S2 + S1
therefore =1, =1, =1, =1
Therefore A=
3. Thirdly we find the inverse matrix A-1 from A.
A . A-1 = I4
.
=
15 * : see bibliography
A-1 =
4. And finally we use the inverse matrix A-1 to find the preceding bits.
We consider x a positive integer
. A =
. A-1 =
We multiply by the inverse matrix to go back in the LSFR
. A-1 =
. A-1 =
. A-1 =
. A-1 =
???? ???? ???? 1111 0111 1011
To break the code further you simply have to continue to multiply the four last digits
by the inverse matrix A-1 that we have found.
To conclude, we have proved that it is possible to break an LSFR knowing 2L bits
where L is the number of bits when initialized, which is why it is never used alone
because it would be too easy to break.
We are now going to analyze how it is used to overcome that problem.
16 * : see bibliography
5.4 Algebraic Normal Form
A way to use LSFR is to combine them by using the following technic
Fig 2: Scheme of an algebraic normal form function
To be able to explain F(x) we have to first of all define f(x1,x2,…xn) and Mb1b2…bn(x1,
x2… xn), two functions.
Note: do not confound F(x) and f(x)
We consider x1, x2… xn a series representing the output of the LSFR L1, L2… Ln (on
Fig 2) and we define the function f(x1, x2…xn) as a function defined by a table that
can vary depending on the encrypting method.
For this example we consider three LSFRs L1, L2, L3 and the three outputs x1, x2, x3s
The function f(x1, x2, x3) can be represented by the following table:
x1x2x3 000 001 010 100 011 101 110 111
f(x1, x2, x3) 1 0 1 1 0 0 0 1
Remember that the calculus are done in F2 (+XOR and ×AND)
For the second function which composes the Algebraic Normal Form we define the
function Mb1b2…bn (x1, x2… xn) that can be defined by the following equation:
Mb1b2…bn(x1, x2… xn) =
LSFR L1
LSFR L2
LSFR Ln
F(x) Output
17 * : see bibliography
Where we define b1, b2… bn as a series of bits and x1, x2… xn as the bits given by the
LSFRs
For the example we consider again three LSFRs L1, L2, L3 and the three outputs x1,
x2, x3
The function M010(x1, x2, x3) can be represented by the following table:
x1x2x3 000 001 010 100 011 101 110 111
M010(x1x2x3) 0 0 1 0 0 0 0 0
The algebraic normal form F(x) corresponds to the sum of the function Mb1b2…bn for
which f(b0, b1…bn) = 1.
We assume b is a series of bits, n is a positive integer (ex: b=001) and x is the series
representing the LSFRs outputs.
F(x) =
=
Example:
We consider the following truth table for three LSFRs:
x1x2x3 000 001 010 100 011 101 110 111
f(x1x2x3) 1 0 1 1 0 0 0 1
F(x) = 1 × M000(x1x2x3) + 0 × M001(x1x2x3) + 1 × M010(x1x2x3) + 1 × M100(x1x2x3) + 0 ×
M011(x1x2x3) + 0 × M110(x1x2x3) + 0 × M101(x1x2x3) + 1 × M111(x1x2x3)
F(x) = M000(x1x2x3) + M010(x1x2x3) + M100(x1x2x3) + M111(x1x2x3)
Therefore,
F(x) = (x1+1)(x2+1)(x3+1) + (x1+1)x2(x3+1) + x1(x2+1)(x3+1) + x1x2x3
That we can simplify by
F(x) = (x1x2x3 + x1x2 + x2x3 + x1x3 + x1+x2 + x3 + 1) + (x1x2x3 + x1x2 + x2x3 + x2) + (x1x2x3
+ x1x2 + x1x3 + x1) + x1x2x3
= x1x2 + x3 + 1
= x1 × x2 + x3 + 1
If three LSFRs where added using the Algebraic Normal Form with the table of truth
above the results would be x1 × x2 + x3 + 1
For example for the output of LSFR1 = 10111, LSFR2 = 11010, LSFR3 = 10100 the
total output (after the use of the algebraic normal form) would be:
x1 × x2 + x3 + 1
1×1+1+1=1
0×1+0+1=1
1×0+1+1=0
18 * : see bibliography
1×1+0+1=0
1×0+0+1=1
If we had the following outputs values LSFR1 = 10111, LSFR2 = 11010, LSFR3 =
10100, the total output of those three LSFRs would be 11001 with the table of truth
above and the Algebraic Normal Form x1x2+x3+1.
19 * : see bibliography
5.5 A5/17
A5/1 is a recent method of encryption which is another example of how to use the
LSFR in a secure way. It is used for phone (GSM).
This is a scheme of how does A5/1 works
This scheme represent three LSFR (each line of cells) with feedback polynomials
(explain in part 5.3) X18+X17+X16+X13+1, X21+X20+1, X22+ X21+X20+X7+1. Those are
represented by the numbers which are the cells of the coefficients (defined part 5.3) .
Those LSFRs are arranged in this way, adding the outputs together to make one
single output. That increases the difficulty to break the LSFRs.
A series of steps are done before using the output to encrypt the message in order to
include the key in the LSFRs and to randomize the three LSFRs. Those steps are too
long to be explained in this study. However, this technique is another way to increase
the complexity of the result making it more difficult to solve.
1 19 18 17 14
1 22 21
8 1 23 22 21
Output
20 * : see bibliography
5.6 RC48
RC4 (rivest cipher 4) is a recent encryption technic which is composed of two
algorithms: the KSA and the PRGA. This type of encryption is one example of stream
cipher that doesn’t use the LSFR. It is used for the WEP (Wi-Fi Encryption Technic)
or SSL (Secure Sockets Layer).
5.6.1 KSA
KSA works as following:
We assume that:
- L is the length of the key
- K is a series representing the key such as K1=1st term of the key
- n is a positive integer representing the number of round done (it starts at 2)
- S is a series of 256 octets where S1=0, S2=1, S3=2… S256=255 (each number is one
octet which is 8 bits)
- j is a series used with the first number of the series j1 = 1.
jn= ((jn-1 + + Kn-1 mod L-1) mod 256)+ 1, the nth term of the series j is defined by
the precedent term, the n-1th value of the key series and the jn-1th value of the S
series
Sn-1 , we exchange the two values of the numbers Sn-1 and the jn number of S
These operations are made 256 times for n=2, n=3 … n=257
To simplify in this example we put only 8 octets therefore it is mod 8 and not mod 256
and the key K values are [K1=5, K2=5, K3=6, K4=2, K5=7, K6=0, K7=6, K8=3] (the
binary values are converted into decimal number to simplify) S would be S1=0, S2=1,
S3=2, S4=3, S5=4, S6=5, S7=6, S8=7
First round:
1. j2 = ((1+0+5-1) mod 8) +1 = 6, We define j2 the second number of the series j by
adding the value of j1 which is one, the value of the last term of the series S which
was exchanged (as it is the first step this value is 0) and the first value of the key
series . Then we do “-1) mod 8)+1” at the end in order to have a result which is
always between 1 and 8, it is just a mathematical trick.
21 * : see bibliography
2. S1 S6, The value of the S series at the first place is then replaced by the value of
the number we found, 6th place.
3. We then repeat these steps 8 times.
n values jn= (jn-1 + + Kn-1 mod L) mod 8 Sn-1 S(0 1 2 3 4 5 6 7)
2 j2 = ((j2-1+ + K2-1 mod 8-1) mod 8)+1
j2 = ((1+0+5-1) mod 8) +1 = 6
S2-1
S1 S6
S6 S2 S3 S4 S5 S1 S7 S8 5 1 2 3 4 0 6 7
3 j3 = ((6+0+5-1) mod 8) +1 = 3 S2 S3 5 2 1 3 4 0 6 7
4 j4 = ((3+1+6-1) mod 8) +1 = 2 S3 S2 5 1 2 3 4 0 6 7
5 j5 = ((2+1+2-1) mod 8) +1 = 5 S4 S5 5 1 2 4 3 0 6 7
6 j6 = ((5+3+7-1) mod 8) +1 = 7 S5 S7 5 1 2 4 6 0 3 7
7 j7 = ((7+3+0-1) mod 8) +1 = 2 S6 S2 5 0 2 4 6 1 3 7
8 j8 = ((2+0+6-1) mod 8) +1 = 8 S7 S8 5 0 2 4 6 1 7 3
9 j9 = ((8+3+3-1) mod 8) +1 = 6 S8 S6 5 0 2 4 6 3 7 1
The final value of S after 8 round will be S1=5, S2=0, S3=2, S4=4, S5=6, S6=3, S7=7,
S8=1 with the key values [K1=5, K2=5, K3=6, K4=2, K5=7, K6=0, K7=6, K8=3]
5.6.2 PRGA (pseudo random generation algorithm)
We assume that:
- n is a positive integer representing the number of round done (starting at 2)
- S is the series from the KSA
- A is a series with the first number of the series A1 equal to 1
- O is a series which represent the output
- M is the series that represent the initial message
- E is a series representing the encrypted message.
An = ((An-1 + Sn -1) mod 256) + 1, the nth term of the series A is defined by the
precedent term and the nth term of the series from the KSA
Sn , the nth is exchanged with the Anth term of the S series
On = +1 , the output is defined by the value of the “Sn + mod
256”th term of the S series
On-1⊕Mn-1 = En-1 , The encrypted series is define by the function XOR of the “n-1”th
term of the output and the message series
To simplify the example we put only 8 octet therefore it is also mod 8 and we use the
result of the KSA example as S (S1=5, S2=0, S3=2, S4=4, S5=6, S6=3, S7=7, S8=1)
22 * : see bibliography
and the message M=101, 111, 110, 011, 000 (as it is one octet it should be 8 bits but
101 = 00000101)
First round:
1. A2 = ((1+0-1) mod 8)+1 = 1, We define the value of A2 the second number of the
series A by adding the first number of the series A, the value of the last term of the
series S that was exchanged. Then we do “-1) mod 8 )+1” at the end in order to have
a result which is always between 1 and 8, it is the same mathematical trick as before.
2. S1 S1, The value of the S series at the first place is then replaced by the value of
the number we found (which is also the 1th place this time).
3. O2-1 = S((0+5-1) mod 8)+1 = S5 = 6 = 110, We define the value of the first term of the O by
adding the two values of the number which were exchanged and then doing the “-1)
mod 8)+1” in order to have a result between 0 and 8. Finally we take the number in
the S series at this value.
4. The last step is to use the XOR function with the first octet of the message and add
it to the value of the first term of the series O.
5. Those steps are then repeated as long as there is a message to encrypt.
n
An=(An-1+Sn-1)mod 8+1 Sn S(5 0 2 4 6 3 7 1) On-1= +1 On–1⊕Mn-1
2 A2 = (A2-1+S2-1)mod 8+1 A2 = ((1+0-1)mod8)+1 = 1
S2
S2 S1
S2S1S3S4S5S6S7S8 0 5 2 4 6 3 7 1
O2-1= +1
S((0+5-1) mod 8)+1 = S5 = 6 = 110
O2–1⊕M2-1
110⊕101=011
3 A3 =((1+2-1) mod 8)+1= 3 S3 S3 0 5 2 4 6 3 7 1 S((2+2-1) mod 8)+1 = S4 = 4 = 100 100⊕111=011
4 A4 =((3+4-1) mod 8)+1= 7 S4 S7 0 5 2 7 6 3 4 1 S((7+4-1) mod 8)+1 = S3 = 2 = 010 010⊕110=100
5 A5 =((7+6-1) mod 8)+1= 5 S5 S5 0 5 2 7 6 3 4 1 S((6+6-1) mod 8)+1 = S4 = 7 = 111 111⊕011=100
6 A6 =((5+3-1) mod 8)+1= 8 S6 S8 0 5 2 7 6 1 4 3 S((1+3-1) mod 8)+1 = S4 = 7 = 111 111⊕000=111
To conclude, if your input in a RC4 is 101 111 110 011 000 and your key 5 5 6 2 7 0
6 3 you would obtain 011 011 100 100 111 if it uses 8 octets and not 256.
23 * : see bibliography
6. Conclusion Nowadays cryptography is used everywhere and the techniques that we have seen
during this study are used in many different domains: WEP, WPA, Bluetooth and
many other transmission systems. Therefore cryptography techniques are changed
regularly in order to avoid way to break the algorithm to be found. As we are
increasingly using transmission of information since the beginning of the internet and
as the encryption techniques are known by everyone the technique must be more
complicated and re-actualize really often in order to be up-to-date. The fact that the
technic of encryption can be known by anyone makes the algorithm even harder to
make, which is why mathematicians are employed to create such complex
algorithms. During this portfolio we have seen a fraction of the encryption technique
which itself is a small part of the computer security system. This domain has many
possibilities and there are still plenty of things to discover and analyze.
To conclude, we have seen that for symmetrical encryption by stream cipher
mathematic is really present. It allows creating technic to encrypt message as well as
technic to break the encrypted message such as for LSFR. During our exploration,
we used matrix, however, it is only one way to represent the encryption making it
easier to solve as equations with unknown numbers however it is not the only
mathematical way to do it. We have also seen that the main difference with other
areas of mathematic is that the operations are done in F2 (galois field (2)) which
make the calculus different. Overall, this exploration allowed me to discover a vast
new field of mathematic.
24 * : see bibliography
7. Bibliography
1Convertissor :
http://sebastienguillon.com/test/javascript/convertisseur.html
2Matrix :
Book: Mathematics for the IB diploma Higher Level 2 Cambridge Hugh Neill and Douglas
Quadling page from page 385 to 404
http://www.unilim.fr/pages_perso/jean.debord/math/matrices/matrices.htm
3Caesar, Vinegère and Vernam:
http://fr.openclassrooms.com/informatique/cours/les-premiers-algorithmes-de-
chiffrement/exemples-d-algorithmes-de-chiffrement
4Basis on stream cipher :
http://www.di.ens.fr/~bresson/P12-M1/P12-M1-Crypto_8.pdf
5LSFR :
http://fr.wikipedia.org/wiki/Registre_%C3%A0_d%C3%A9calage_%C3%A0_r%C3%A9troa
ction_lin%C3%A9aire
http://iml.univ-mrs.fr/~rodier/Cours/LFSR.pdf
http://www.academia.edu/1613421/An_analysis_of_linear_feedback_shift_register_in_stream
_ciphers
http://comsec.uwaterloo.ca/~ece493t/A1.pdf (Golomb randomness criteria)
6General stream cipher + breaking LSFR :
http://perso.univ-perp.fr/christophe.negre/Enseignements/Cryptographie/Master1/slide-stream-
cipher1.pdf
7A5/1 :
http://en.wikipedia.org/wiki/A5/1
http://www.youtube.com/watch?v=LgZAI3DdUA4
8RC4 :
http://www.math.washington.edu/~nichifor/310_2008_Spring/Pres_RC4%20Encryption.pdf
9Galois field :
http://en.wikipedia.org/wiki/Finite_field#F2
