Bit-pattern based integral attack

Integral attacks are well-known to be effective against byte-based block ciphers. In this document, we outline how to launch integral attacks against bit-based block ciphers. This new type of integral attack traces the propagation of the plaintext structure at bit-level by incorporating bit-pattern based notations. The new notation gives the attacker more details about the properties of a structure of cipher blocks. The main difference from ordinary integral attacks is that we look at the pattern the bits in a specific position in the cipher block has through the structure. The bit-pattern based integral attack is applied to Noekeon, Serpent and present reduced up to 5, 6 and 7 rounds, respectively. This includes the first attacks on Noekeon and present using integral cryptanalysis. All attacks manage to recover the full subkey of the final round.

Analysis of linear relationships in block ciphers

This thesis is devoted to the study of linear relationships in symmetric block ciphers. A block cipher is designed so that the ciphertext is produced as a nonlinear function of the plaintext and secret master key. However, linear relationships within the cipher can still exist if the texts and components of the cipher are manipulated in a number of ways, as shown in this thesis. There are four main contributions of this thesis. The first contribution is the extension of the applicability of integral attacks from word-based to bitbased block ciphers. Integral attacks exploit the linear relationship between texts at intermediate stages of encryption. This relationship can be used to recover subkey bits in a key recovery attack. In principle, integral attacks can be applied to bit-based block ciphers. However, specific tools to define the attack on these ciphers are not available. This problem is addressed in this thesis by introducing a refined set of notations to describe the attack. The bit patternbased integral attack is successfully demonstrated on reduced-round variants of the block ciphers Noekeon, Present and Serpent. The second contribution is the discovery of a very small system of equations that describe the LEX-AES stream cipher. LEX-AES is based heavily on the 128-bit-key (16-byte) Advanced Encryption Standard (AES) block cipher. In one instance, the system contains 21 equations and 17 unknown bytes. This is very close to the upper limit for an exhaustive key search, which is 16 bytes. One only needs to acquire 36 bytes of keystream to generate the equations. Therefore, the security of this cipher depends on the difficulty of solving this small system of equations. The third contribution is the proposal of an alternative method to measure diffusion in the linear transformation of Substitution-Permutation-Network (SPN) block ciphers. Currently, the branch number is widely used for this purpose. It is useful for estimating the possible success of differential and linear attacks on a particular SPN cipher. However, the measure does not give information on the number of input bits that are left unchanged by the transformation when producing the output bits. The new measure introduced in this thesis is intended to complement the current branch number technique. The measure is based on fixed points and simple linear relationships between the input and output words of the linear transformation. The measure represents the average fraction of input words to a linear diffusion transformation that are not effectively changed by the transformation. This measure is applied to the block ciphers AES, ARIA, Serpent and Present. It is shown that except for Serpent, the linear transformations used in the block ciphers examined do not behave as expected for a random linear transformation. The fourth contribution is the identification of linear paths in the nonlinear round function of the SMS4 block cipher. The SMS4 block cipher is used as a standard in the Chinese Wireless LAN Wired Authentication and Privacy Infrastructure (WAPI) and hence, the round function should exhibit a high level of nonlinearity. However, the findings in this thesis on the existence of linear relationships show that this is not the case. It is shown that in some exceptional cases, the first four rounds of SMS4 are effectively linear. In these cases, the effective number of rounds for SMS4 is reduced by four, from 32 to 28. The findings raise questions about the security provided by SMS4, and might provide clues on the existence of a flaw in the design of the cipher.

Malay Kingship in Kedah : Religion, Trade, and Society

The book probes and examines traditional sources of royal power and control, as well as indigenous socio-political systems in the Malay world. It is focused on the north-western Malaysian Sultanate of Kedah which is acknowledged as the oldest unbroken independent kingship line in the ‘Malay and Islamic world’ with 1,000 years of history. Little scholarly attention has been paid to its pre-modern history, society, religion, system of government and unique geographic situation, potentially controlling both land and sea lines of communication into the remainder of Southeast Asia. It will thus provide the first comprehensive treatment in English, or other languages, on Kedah’s pre-modern and nineteenth century historiography and can provide a foundation for comparative studies of the various Malay states which is presently lacking. The proposed book also sheds much needed light on a range of important topics in Malay history including: Kedah and the northern Melaka Straits history, colonial expansion and rivalry, Southeast Asian history and politics, interregional migration and the influence of the sea peoples or orang laut, traditional Malay socio-political and economic life, Islamic influences and the course of Thai-Malay relations. The book attempts to offer a new understanding, not only of Kedah, but of the political and cultural development of the entire Malay world and of its relationships with the broader forces in both its continental and maritime settings. It argues that Kedah does not seem to follow, and in fact, often seems to contradict what has been commonly been accepted as the “typical model” of the traditional Malay state. Thus it concludes that the ruling dynasty has historically exploited a wide range of unique environmental conditions, local traditions, global spiritual trends and economic forces to preserve and strengthen its political position. The scope and theme of book The Kedah Sultanate is the oldest unbroken independent kingship lines in the “Malay world” with 1,000 years of history, and arguably one of the oldest in the Islamic world. In this study I examine key geopolitical and spiritual attributes of Malay kingship that have traditionally cemented the ruler, the peoples, and the environment. Brief description of the primary audience for the book: There is little written in English or Malay on Kedah’s pre twentieth century history. The available sources only look at certain aspects of Kedah’s history, are outdated or are confined to a specific period often outside the scope of the book. It is therefore anticipated that the readership and market for the book includes: • Scholars of Southeast Asian history, Islam, kingship, trade. • Academics & Historians (including: Asian, Thai history, Islamic, Maritime, Persian, South Asian, Southeast Asian and Colonial) • Libraries • Students, particularly those in Malaysia (especially the states of Kedah, Perlis and Penang), Thailand and Singapore. • Universities • Scholars and students in Political Science & International Relations

Cryptanalysis of block ciphers with overdefined systems of equations

Several recently proposed ciphers, for example Rijndael and Serpent, are built with layers of small S-boxes interconnected by linear key-dependent layers. Their security relies on the fact, that the classical methods of cryptanalysis (e.g. linear or differential attacks) are based on probabilistic characteristics, which makes their security grow exponentially with the number of rounds N r r. In this paper we study the security of such ciphers under an additional hypothesis: the S-box can be described by an overdefined system of algebraic equations (true with probability 1). We show that this is true for both Serpent (due to a small size of S-boxes) and Rijndael (due to unexpected algebraic properties). We study general methods known for solving overdefined systems of equations, such as XL from Eurocrypt’00, and show their inefficiency. Then we introduce a new method called XSL that uses the sparsity of the equations and their specific structure. The XSL attack uses only relations true with probability 1, and thus the security does not have to grow exponentially in the number of rounds. XSL has a parameter P, and from our estimations is seems that P should be a constant or grow very slowly with the number of rounds. The XSL attack would then be polynomial (or subexponential) in N r> , with a huge constant that is double-exponential in the size of the S-box. The exact complexity of such attacks is not known due to the redundant equations. Though the presented version of the XSL attack always gives always more than the exhaustive search for Rijndael, it seems to (marginally) break 256-bit Serpent. We suggest a new criterion for design of S-boxes in block ciphers: they should not be describable by a system of polynomial equations that is too small or too overdefined.

Spinning in the NAPLAN ether: 'Postscript on the Control Societies' and the seduction of education in Australia

This paper applies concepts Deleuze developed in his ‘Postscript on the Societies of Control’, especially those relating to modulatory power, dividuation and control, to aspects of Australian schooling to explore how this transition is manifesting itself. Two modulatory machines of assessment, NAPLAN and My Schools, are examined as a means to better understand how the disciplinary institution is changing as a result of modulation. This transition from discipline to modulation is visible in the declining importance of the disciplinary teacher–student relationship as a measure of the success of the educative process. The transition occurs through seduction because that which purports to measure classroom quality is in fact a serpent of modulation that produces simulacra of the disciplinary classroom. The effect is to sever what happens in the disciplinary space from its representations in a luminiferous ether that overlays the classroom.