SAAC - Kriptosistemlerin analizi için istatistiksel mutlak çığ-etkisi kriter testi

Abstract

İkilik sayı tabanı (bit) dizilerini kullanan kriptosistemler başta farksal saldırılara karşı koyabilmek için giriş ve çıkış değerleri arasında ilişki kurulabilmesini engelleyen katı çığ-etkisi kriterini yerine getirmelidir. Yaygın literatürde dağınım/yayınım ve kelebek-etkisi olarak da adlandırılan bu kriter için, birbirinden yalnızca bir bit farklılık taşıyan iki girişin, çıkış bitlerinde toplam bit sayısının yarısı kadar farklılığa yol açması beklenir. Literatür çıkış bitlerinin en az yarısının farklılığına yer vermekteyken, bütün bitlerin değişmesinin ikilik tabandaki tümleyenine ve dolayısıyla istenmeyen bir diğer sonuca neden olacağına yer vermemektedir. Bu çalışma ile önerilen İstatistiksel Mutlak Çığ Kriteri (SAAC - Statistical Absolute Avalanche Criterion) testi, bir alt sınırın istatistiksel olarak belirlenmesine ve hipotezlerin kurulmasına imkan vermektedir. SAAC testi şifreleme yöntemleri ve mesaj özetleme fonksiyonları başta olmak üzere kriptosistemlerin analizinde kolaylıkla kullanılabilir bir araçtır.

Keywords

• kripto
• kriptanaliz
• dağınım
• yayınım
• çığ-etkisi

SAAC – Statistical absolute avalanche criterion test for analysis of cryptosystems

Abstract

Cryptosystems using binary radix (bit) arrays must first meet the strict avalanche criterion, which prevents correlation between input and output values in order to resist differential attacks. For this criterion, which is also called confusion/diffusion and butterfly-effect in the common literature, it is expected that two inputs with only one-bit difference from each other will cause half the total number of bits to differ in the output bits. While the literature includes the difference of at least half of the output bits, it does not include that changing all the bits will cause the binary complement and thus another undesirable result. The Statistical Absolute Avalanche Criterion (SAAC) test proposed in this study allows the statistical determination of a lower limit and the establishment of hypotheses. The SAAC test is a tool that can be easily used in the analysis of cryptosystems, especially encryption methods and message hash functions.

Keywords

• crypto
• cryptanalysis
• confusion
• diffusion
• avalanche-effect

References

1. C.E. Shannon, "A mathematical theory of communication.," Bell System Technical Journal, no. 27, pp. 379–423, 623–656, 1948.
2. C.E. Shannon, "Communication theory of secrecy," Bell System Technical Journal, no. 28, pp. 656-715, 1949.
3. A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography., 1996.
4. H. Feistel, "Cryptography and Computer Privacy," Scientific American, vol. 5, no. 228, 1973.
5. A. F. Webster and Stafford E. Tavares, "On the design of S-boxes," Advances in Cryptology - Crypto '85, no. 218, pp. 523–534, 1985.
6. Y. Wu, J.P. Noonan, and S. Agaian, "NPCR an UACI Randomness Tests for Image Encryption," Journal of Selected Areas in Telecommunications (JSAT), April 2011.
7. J.C.H. Castro, J.M. Sierra, and A. Seznec, "The strict avalanche criterion randomness test," Inform. Process. Lett., no. 68, pp. 1-7, 2005.
8. M. Ahmad, S. Khurana, S. Singh, and H. AlSharari, "A Simple Secure Hash Function Scheme Using Multiple Chaotic Maps," 3DR EXPRESS, vol. 8, no. 13, pp. 13-18, 2017.

9. Y. Li, G. Ge, and D. Xia, "Chaotic hash function based on the dynamic S-Box with variable parameters," Nonlinear Dyn., vol. 84, pp. 2387-2402, 2016.
10. H. Liu, A. Kadir, X. Sun, and Y. Li, "Improving the efficiency of quantum hash function by dense coding of coin operators in discrete-time quantum walk," Sci. China-Phys. Mech. Astron., vol. 030312, no. 61, 2018.
11. Y. Yang et al., "Simple hash function using discrete-time quantum walks," Quantum Inf Process, vol. 189, no. 17, 2018. [Online]. https://doi.org/10.1007/s11128-018-1954-2
12. Z. Cao, F. Chen, B. Chen, and X. Zhang, "Research on the Balanced Boolean Functions Satisfying Strict Avalanche Criterion," in 2015 International Conference on Computational Science and Computational Intelligence, 2015.
13. Alamsyah, "A Novel Construction of Perfect Strict Avalanche Criterion S-box using Simple Irreducible Polynomials," Sci. J. Informatics, vol. 7, no. 1, pp. 10-22, 2020.
14. C.K. Gupta and P. Sarkar, "Construction of Perfect Nonlinear and Maximally Nonlinear Multiple-Output Boolean Functions Satisfying Higher Order Strict Avalanche Criteria," IEEE transactions on information theory, vol. 50, no. 11, 2004.
15. L. Li, J. Liu, Y. Guo, and B. Liu, "A new S-box construction method meeting strict avalanche criterion," Journal of Information Security and Applications, no. 66, pp. 2214-2126, 2022.
16. E. Weisstein, “Bernoulli Distribution” from MathWorld-A Wolfram Web Source. http://mathworld.wolfram.com/BernoulliDistribution.html
17. E. Weisstein, “Binomial Distribution” from MathWorld-A Wolfram Web Source. http://mathworld.wolfram.com/BinomialDistribution.html
18. E. Weisstein, “Normal Distribution” from MathWorld-A Wolfram Web Source. http://mathworld.wolfram.com/NormalDistribution.html