Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
A2U2: A Stream Cipher for Printed Electronics RFID Tags
Transcript of A2U2: A Stream Cipher for Printed Electronics RFID Tags
In the order of 100 kbps at 13.56 MHz Area Computer
20,000+ GE EPC Class 1 Gen 2 RFID Tag
> 2,000 GE Printed Electronics RFID Tags
> 200 GE Mathieu David Modern
Cryptography (Triple) DES
... A5/1 - A5/2 (GSM)
Electronics? New Technology
Need for Security Protocols to gain customer acceptance KATAN Family Underexplored
Field Inspired by the KATAN Cipher.
Period of 2 -1 with the polynomial function.
5 bits initialised with 2 Pseudo-Random Numbers and the Secret Key (2 remaining bits set to 1 and 0).
Determines when the output sequence starts. Inspired by the KATAN Cipher.
Initialised with 2 Pseudo-Random Numbers and the Secret Key
Updated with 2 Boolean Functions, 80-bits key.
5 new key-bits loaded to the buffer each clock cycle, with 1 input bit from the NFSR.
k1 injected as an irregular bit into the nonlinear Boolean Function Inspired by the Shrinking Generator.
Input (I) & Selector (S) bits are the result of the nonlinear Boolean functions
Approximately half the ciphertext contains relevant information (plaintext) A2U2 in Figures Throughput (Estimates) Area Security Simulated in C programming language.
The generated Keystream sequences succeed in all the randomness tests of the NIST Suite.
Resistant to the commonly known "transmission" attacks.
Target of Linear Complexity ~ 2 70 Replay attack
Mafia fraud attack
A2U2 Thank You ! Damith Ranasinghe at 100 kHz in Gates Equivalent Torben Larsen Why a
Stream Cipher? rather than
a Block Cipher... Faster / On the Fly Encryption
More Compact GRAIN (~1300 GE) Why
A2U2? Lack of suitable ciphers for Printed Electronics RFID Tags PRINT Cipher
Lack of Stream Ciphers TRIVIUM (~2600 GE) of an RFID Cryptosystem Security Needs are dependent on the application.
No better attack than a brute force attack. Motivations State of the Art Stream
Ciphers 7 Reduction to 7 bits to save Gates. Reduction to 17 and 9 bits NFSR to save Gates. Balanced, High Nonlinear degree with algebraic degree 3. Increases considerably the period of k1 Remove "buffer" and "interleaved sequence" issues.
Irregular lenghts of ciphertexts for identical plaintext.
Plaintexts bits uniformly and randomly distributed in ciphertext. 1,000,000 bits recommended,
10,000,000 bits tested. Methodology Learning from previous designs and reuse of good concepts
Use of maximal lengths primitive polynomial function
Use of well designed nonlinear Boolean functions
Use of Shannon's concepts on Confusion and Diffusion
Use of short-lenghts elements to optimize area. KATAN
Shrinking Generator Currently in progress: Implementation
Cryptanalysis Possible Extensions: A2U2 family of Stream Ciphers
Larger Throughput (compromise with cost)
Shorter registers (compromise with security) Area
Power Consumption Future of
A2U2 Key Results: Throughput of at Area of 300 % faster than KATAN.
700 % faster than PRINT. 30 % less than PRINT.
39 % less than KATAN.
78 % less than GRAIN. 50 kbps 100 kHz. 284 GEs. Strenghts: Weaknesses: Extremely low area: Implementable in resources-constrained devices.
Security improved by the lack of long sequences of ciphertext.
> 200 GEs
Not suitable for all applications