On the use of continued fraction for stream ciphers ver1
Transcript of On the use of continued fraction for stream ciphers ver1
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Presentation: On the use of continued fractionsfor stream cipher
Amadou Moctar Kane
May 4, 2015
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
1 Introduction
2 Continued Fractions
3 On the use of continued fractions for stream cipherContinued fraction cipherKhinchin’s AttackApplications
4 Questions
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Goals
After Diffie-Hellman: Fermat’s little theorem, LinearizationXL, graph theory. . .
Continued Fraction
How to use?Quadratic irrational?Γ?
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Goals
After Diffie-Hellman: Fermat’s little theorem, LinearizationXL, graph theory. . .
Continued Fraction
How to use?Quadratic irrational?Γ?
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Goals
After Diffie-Hellman: Fermat’s little theorem, LinearizationXL, graph theory. . .
Continued Fraction
How to use?
Quadratic irrational?Γ?
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Goals
After Diffie-Hellman: Fermat’s little theorem, LinearizationXL, graph theory. . .
Continued Fraction
How to use?Quadratic irrational?
Γ?
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Goals
After Diffie-Hellman: Fermat’s little theorem, LinearizationXL, graph theory. . .
Continued Fraction
How to use?Quadratic irrational?Γ?
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued Fractions
An expression of the form
α := a0 +b0
a1 +b1
a2 +b2
. . .
is called a generalized continued fraction. Typically, the numbersa1, . . . , b1, . . . may be real or complex, and the expansion may befinite or infinite.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Preliminaries
It is not possible to find an irrational number α simply on thebasis of knowledge of the partial quotients [am+1, . . . , am+n].
The knowledge of a = [am+1, . . . , am+n] does not allow toknow any other partial quotients of continued fractionexpansion.r√
log(A) is transcendental.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Preliminaries
It is not possible to find an irrational number α simply on thebasis of knowledge of the partial quotients [am+1, . . . , am+n].
The knowledge of a = [am+1, . . . , am+n] does not allow toknow any other partial quotients of continued fractionexpansion.
r√
log(A) is transcendental.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Preliminaries
It is not possible to find an irrational number α simply on thebasis of knowledge of the partial quotients [am+1, . . . , am+n].
The knowledge of a = [am+1, . . . , am+n] does not allow toknow any other partial quotients of continued fractionexpansion.r√
log(A) is transcendental.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Stream Ciphers
First Algorithm:Stream Cipher
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Stream Ciphers
One time pad.random key ⊕ plaintext
Unbreakable system.Easy to implement.
Stream Ciphers.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Stream Ciphers
One time pad.random key ⊕ plaintext
Unbreakable system.Easy to implement.
Stream Ciphers.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Continued fraction cipher
We suppose that z ∈R N , and m is the secret message.
Table: Continued fraction cipher.
Alice Bob
computes t ≡ ze mod nt
=⇒ computes z ≡ td mod n.
Computes X = e√
log(z) Computes X = e√
log(z)Computes the CFE of X Computes the CFE of X .Concatenates some PQ’s Concatenates some PQ’s.Produces the keystream k1 Produces the keystream k1.
Computes m1 := m ⊕ k1m1=⇒ receives m1.
Computes m := m1 ⊕ k1
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Efficiency analysis
Table: Comparison with Blum-Blum-Shub.
Number of bits producted Computing time in secondsBBS 150000 2.358Our algorithm 150000 0.007
We worked with an irrational X ∈ Γ, and the number of digits ofthe partial numerator (bi ’s) was around 5000. For BBS, n had 949digits, the results are listed below.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Khinchin
Aleksandr Khinchin proved in 1935 that for almost all real numbersx , the infinitely many partial quotients ai of the continued fractionexpansion of x have an astonishing property: their geometric meanis a constant, known as Khinchin’s constant, which is independentof the value of x . That is, for
x = a1 +1
a2 +1
. . .
limn→∞
(n∏
i=1
ai
)1/n
= K ≈ 2, 6854520010 . . .
where K is Khinchin’s constant.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Khinchin’s Attack
The attacker Eve needs the cipher only to find a part of themessage in these following steps:
Eve eavesdrops a long cipher text Tn, splits it in bytes andcomputes
K1 = limn→∞
(n∏
i=1
di
)1/n
.
where di is the integer corresponding to the byte i .
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Example of Khinchin’s Attack on π
The first partial quotients of π are :[3, 7, 15, 1, 292, 1, 1, 1, 2, 1, 3, 1, 14, 2, 1, 1, 2, 2...](
17∏i=1
ai
)1/17
≈ 2.6929721 . . .
let’s suppose that the plaintext is 11111111111111111.
keystream : 0111 1111 0001 100100100 .....0010 0010
plaintext : 0001 0001 0001 0001 .....0001 0001
cipher : 0110 1110 0000 100100101 ....0011 0011
In base 10, the cipher will be: 6 14 1 293 1 1 1 3 1 2 1 15 3 11 3 3.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Example of Khinchin’s Attack on π
The first partial quotients of π are :[3, 7, 15, 1, 292, 1, 1, 1, 2, 1, 3, 1, 14, 2, 1, 1, 2, 2...](
17∏i=1
ai
)1/17
≈ 2.6929721 . . .
let’s suppose that the plaintext is 11111111111111111.
keystream : 0111 1111 0001 100100100 .....0010 0010
plaintext : 0001 0001 0001 0001 .....0001 0001
cipher : 0110 1110 0000 100100101 ....0011 0011
In base 10, the cipher will be: 6 14 1 293 1 1 1 3 1 2 1 15 3 11 3 3.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Example of Khinchin’s Attack on π
The first partial quotients of π are :[3, 7, 15, 1, 292, 1, 1, 1, 2, 1, 3, 1, 14, 2, 1, 1, 2, 2...](
17∏i=1
ai
)1/17
≈ 2.6929721 . . .
let’s suppose that the plaintext is 11111111111111111.
keystream : 0111 1111 0001 100100100 .....0010 0010
plaintext : 0001 0001 0001 0001 .....0001 0001
cipher : 0110 1110 0000 100100101 ....0011 0011
In base 10, the cipher will be: 6 14 1 293 1 1 1 3 1 2 1 15 3 11 3 3.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Khinchin’s Attack
Eve computes the geometric mean of the cipher:
(6∗14∗1∗293∗1∗1∗1∗3∗1∗2∗1∗15∗3∗1∗1∗3∗3)(1/17) = 2.867
Eve Makes a conclusion, for example there are a lot of zerosin the plain text.
She modifies the cipher and computes the geometric mean ofthe new cipher
K2 = (6 ∗ 14 ∗ 1 ∗ 292 ∗ · · · ∗ 2)(1/17) = 2.595
. . .
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Khinchin’s Attack
Eve computes the geometric mean of the cipher:
(6∗14∗1∗293∗1∗1∗1∗3∗1∗2∗1∗15∗3∗1∗1∗3∗3)(1/17) = 2.867
Eve Makes a conclusion, for example there are a lot of zerosin the plain text.
She modifies the cipher and computes the geometric mean ofthe new cipher
K2 = (6 ∗ 14 ∗ 1 ∗ 292 ∗ · · · ∗ 2)(1/17) = 2.595
. . .
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Khinchin’s Attack
Eve computes the geometric mean of the cipher:
(6∗14∗1∗293∗1∗1∗1∗3∗1∗2∗1∗15∗3∗1∗1∗3∗3)(1/17) = 2.867
Eve Makes a conclusion, for example there are a lot of zerosin the plain text.
She modifies the cipher and computes the geometric mean ofthe new cipher
K2 = (6 ∗ 14 ∗ 1 ∗ 292 ∗ · · · ∗ 2)(1/17) = 2.595
. . .
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Khinchin’s Attack
Eve computes the geometric mean of the cipher:
(6∗14∗1∗293∗1∗1∗1∗3∗1∗2∗1∗15∗3∗1∗1∗3∗3)(1/17) = 2.867
Eve Makes a conclusion, for example there are a lot of zerosin the plain text.
She modifies the cipher and computes the geometric mean ofthe new cipher
K2 = (6 ∗ 14 ∗ 1 ∗ 292 ∗ · · · ∗ 2)(1/17) = 2.595
. . .
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Applications
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Applications
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Conclusion
1 Goal 1: I tried to find new techniques using continuedfraction in cryptography.
Result: I designed a new pseudo random generatorstatistically tested.
2 Goal 2: I was interested in finding new methods ofcryptanalysis.
Result: I designed a weak version which can be attacked bythe Khinchin constant.
3 Goal 3: I tried to create a renewal of interest aroundcontinued fractions.
Result: I introduced the works of Khinchin, Kuzmin, Levy, andLochs in cryptology.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Conclusion
1 Goal 1: I tried to find new techniques using continuedfraction in cryptography.
Result: I designed a new pseudo random generatorstatistically tested.
2 Goal 2: I was interested in finding new methods ofcryptanalysis.
Result: I designed a weak version which can be attacked bythe Khinchin constant.
3 Goal 3: I tried to create a renewal of interest aroundcontinued fractions.
Result: I introduced the works of Khinchin, Kuzmin, Levy, andLochs in cryptology.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Conclusion
1 Goal 1: I tried to find new techniques using continuedfraction in cryptography.
Result: I designed a new pseudo random generatorstatistically tested.
2 Goal 2: I was interested in finding new methods ofcryptanalysis.
Result: I designed a weak version which can be attacked bythe Khinchin constant.
3 Goal 3: I tried to create a renewal of interest aroundcontinued fractions.
Result: I introduced the works of Khinchin, Kuzmin, Levy, andLochs in cryptology.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
Continued fraction cipherKhinchin’s AttackApplications
Conclusion
1 Goal 1: I tried to find new techniques using continuedfraction in cryptography.
Result: I designed a new pseudo random generatorstatistically tested.
2 Goal 2: I was interested in finding new methods ofcryptanalysis.
Result: I designed a weak version which can be attacked bythe Khinchin constant.
3 Goal 3: I tried to create a renewal of interest aroundcontinued fractions.
Result: I introduced the works of Khinchin, Kuzmin, Levy, andLochs in cryptology.
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher
OutlineIntroduction
Continued FractionsOn the use of continued fractions for stream cipher
Questions
For your attention
Thank you!
Amadou Moctar Kane Presentation: On the use of continued fractions for stream cipher