On The Design And Chosen ? Statistical Cryptanalysis Of Lightweight Stream Ciphers

The thesis is structured in two main parts.The first part,chapter 2,is related to design ultra-lightweight stream ciphers.A new family of stream ciphers,Fruit,is introduced that is currently the lightest in ASIC hardware implementation.Fruit family is based upon a new idea(i.e.the design of stream ciphers with the smaller internal state by using a secret key,not only in the initialization but also in the keystream generation)which it was presented in Fast Software Encryption 2015.In our designs,the size of the internal state is equal to the length of secret key and security level,while for resistance to the classical time-memory-data trade-off attack,the internal state size should be at least twice of the security level.To satisfy this rule and to design a concrete cipher,some new design ideas are used.A new round key function,a new scheme in the initialization procedure,a new idea for preventing that LFSR becomes all zeros after the initialization,increasing the size of LFSR(while decreasing the size of NFSR)to achieve longer keystream in each loading and involving the secret key bits directly in output function are used for the first time in the proposed designs.The second part,chapter 3,is related to a new chosen IV statistical distinguishing framework to attack symmetric ciphers.The framework is based upon cube testers and d-monomial test.In the d-monomial test,the focus is on the frequency of the special monomial in the ANF of Boolean functions,but in the proposed framework,the focus is on the truth table.We attack ACORN-v3 and Grain-128a and demonstrate the efficiency of our framework.We show how it is possible to apply a distinguishing attack for up to 670 initialization rounds of ACORN-v3 and 171 initialization rounds of Grain-128a using our framework.There is only one passive attack on ACORN-v3 that its time complexity is high,thus the proposed attack on ACORN-v3 is the best practical attack.The only passive single-key attack on Grain-128a is the conditional differential attack.As there are some conditions on IV and secret key in this attack and secret key and IV are free on the proposed attack,it seems that in some applications proposed attack against Grain-128a is the best attack.One can apply distinguishing attacks to black box of symmetric ciphers by the proposed framework,and we suggest some guidelines to make it possible to improve the attack by analyzing the internal structure of the ciphers.The framework is applicable to all symmetric ciphers and hash functions.We discuss how it can reveal weaknesses that are not possible to find by other statistical tests.The attacks were practically implemented and verified.