Poremskyi M. Methods for security evaluation of SNOW 2.0-like stream ciphers against correlation attacks over a finite fields of order 2^r

Poremskyi M. Methods for security evaluation of SNOW 2.0-like stream ciphers against correlation attacks over a finite fields of order 2^r . – Qualifying scientific work as a manuscript. Thesis for a Candidate of Technical Science degree in specialty 125 «Cybersecurity». – Institute of Special Communication and Information Protection of National technical university of Ukraine «Igor Sikorsky Kyiv Polytechnic Institute», Kyiv, 2018. This thesis is devoted to solving actual scientific problem of development the methods for security evaluation of SNOW 2.0-like stream ciphers against correlation attacks. With the advancement of information and computer technologies, significant attention has been drawn to word-based SC that are software-oriented and can run efficiently on modern processors. Comparative studies of stream encryption algorithms show that one of the best among current SC is SNOW 2.0, which is currently the international standard. In turn, using SNOW 2.0 cipher as a prototype, an important class of SNOW 2.0-like ciphers was created. This class includes the recently created in Ukraine cipher "STRUMOK", adopted as the national standard DSTU 8845: 2019. An important part of the process of developing such ciphers, which determines the choice of individual components and parameters for their construction, is their security evaluatin against all known attacks. The analytical estimation of information complexity of correlation attacks on stream ciphers is improved in thesis. Unlike the previously known (heuristic) estimate, the analytical estimate obtained has a scientific basis, contains a clear dependence on the probability of an error of attack and is valid for any correlation attacks on stream ciphers, regardless of the method of creation or solving the system of equations with right parts corrupted by noise, which is creating on the first stage of the attack. For the first time, an analytical relation was obtained for the quadratic Euclidean imbalance of the probability distribution of corruptions in the right part of the equations that are used to construct correlation attacks on SNOW 2.0-like ciphers. Unlike the known correlations that determine the quadratic Euclidean imbalance, the obtained relation determines the expression of this parameter in terms of the Fourier coefficients of the corruption in the right part of the equations of a single system that does not dependent on particular attack. This allows us to obtain lower bounds of the complexity and amount of material required to SNOW 2.0-like correlation attack on SNOW 2.0-like ciphers and to compare the complexity and amount of material for different correlation attacks that are built over fields of different orders. For the first time a method of security evaluation of binary SNOW 2.0-like ciphers against correlation attacks over finite fields of characteristic 2 was developed. In contrast to the known approaches of creating correlation attacks over a field of two elements, the developed method is based on the analytic correlation obtained by researcher for the parameter that characterize the attack efficiency and allows to evaluate the security of binary SNOW 2.0-like stream ciphers directly by the parameters of their components. A method of security evaluation of modular SNOW 2.0-like ciphers against correlation attacks over finite fields of characteristic 2 was further developed. In contrast to the known approaches of creating SNOW 2.0 correlation attacks, the developed method is based on analytical correlations obtained by the thesis, which summarize a number of separate results on matrix representations that are implementing by finite state machines. The developed method is applicable to modular SNOW 2.0-like ciphers and allows to obtain lower bounds of the efficiency of known correlation attacks directly by the parameters of the components of the encryption algorithm. The practical significance of the obtained results consists in developing the software implementations that allow in real time to calculate the values of the lower bounds of the complexity and amount of material required to process any of the known correlative attacks on an arbitrary binary or modular SNOW 2.0-like cipher with 8 bit s-boxes. The developed programs are used to evaluate ofsecurity of the cipher "Strumok", as well as its binary version. They can be used in practice to evaluate the security of other SNOW 2.0-like stream ciphers in SITS of Ukraine. The scientific and practical results of the thesis were implemented at the Foreign Intelligence Service of Ukraine (in the research scientific work «Korifena») and in the scientific and technical developments of CJSC «Institute of Information Technologies».