KLINEC, Dušan, Marek SÝS, Karel KUBÍČEK, Petr ŠVENDA and Václav MATYÁŠ. Large-scale randomness study of security margins for 100+ cryptographic functions. In Sabrina De Capitani di Vimercati, Pierangela Samarati. Proceedings of the 19th International Conference on Security and Cryptography. Lisbon, Portugal: Scitepress, 2022, p. 134-146. ISBN 978-989-758-590-6. Available from: https://dx.doi.org/10.5220/0011267600003283.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Large-scale randomness study of security margins for 100+ cryptographic functions
Name in Czech Rozsáhlá studie náhodnosti bezpečnostních rezerv pro 100+ kryptografických funkcí
Authors KLINEC, Dušan (703 Slovakia, guarantor, belonging to the institution), Marek SÝS (703 Slovakia, belonging to the institution), Karel KUBÍČEK (203 Czech Republic), Petr ŠVENDA (203 Czech Republic, belonging to the institution) and Václav MATYÁŠ (203 Czech Republic, belonging to the institution).
Edition Lisbon, Portugal, Proceedings of the 19th International Conference on Security and Cryptography, p. 134-146, 13 pp. 2022.
Publisher Scitepress
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10200 1.2 Computer and information sciences
Country of publisher Portugal
Confidentiality degree is not subject to a state or trade secret
Publication form printed version "print"
RIV identification code RIV/00216224:14330/22:00126488
Organization unit Faculty of Informatics
ISBN 978-989-758-590-6
ISSN 2184-7711
Doi http://dx.doi.org/10.5220/0011267600003283
UT WoS 000853004900011
Keywords in English randomness analysis; cryptographic function; security-margin
Tags best6, firank_B
Tags International impact, Reviewed
Changed by Changed by: RNDr. Pavel Šmerk, Ph.D., učo 3880. Changed: 28/3/2023 11:51.
Abstract
The output of cryptographic functions, be it encryption routines or hash functions, should be statistically indistinguishable from a truly random data for an external observer. The property can be partially tested automatically using batteries of statistical tests. However, it is not easy in practice: multiple incompatible test suites exist, with possibly overlapping and correlated tests, making the statistically robust interpretation of results difficult. Additionally, a significant amount of data processing is required to test every separate cryptographic function. Due to these obstacles, no large-scale systematic analysis of the the round-reduced cryptographic functions w.r.t their input mixing capability, which would provide an insight into the behaviour of the whole classes of functions rather than few selected ones, was yet published. We created a framework to consistently run 414 statistical tests and their variants from the commonly used statistical testing batteries (NIST STS, Dieharder, TestU01, and BoolTest). Using the distributed computational cluster providing required significant processing power, we analyzed the output of 109 round-reduced cryptographic functions (hash, lightweight, and block-based encryption functions) in the multiple configurations, scrutinizing the mixing property of each one. As a result, we established the fraction of a function’s rounds with still detectable bias (a.k.a. security margin) when analyzed by randomness statistical tests.
Links
GA20-03426S, research and development projectName: Ověření a zlepšení bezpečnosti kryptografie eliptických křivek
Investor: Czech Science Foundation
LM2018131, research and development projectName: Česká národní infrastruktura pro biologická data (Acronym: ELIXIR-CZ)
Investor: Ministry of Education, Youth and Sports of the CR, Czech National Infrastructure for Biological Data
LM2018140, research and development projectName: e-Infrastruktura CZ (Acronym: e-INFRA CZ)
Investor: Ministry of Education, Youth and Sports of the CR
PrintDisplayed: 13/5/2024 00:59