A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding
-
Upload
elaine-blair -
Category
Documents
-
view
30 -
download
2
description
Transcript of A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding
![Page 1: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/1.jpg)
1
A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and
Error-Correcting Coding
Miodrag Mihaljevic
Enhancing Crypto-Primitives with Techniques from Coding Theory
NATO Advanced Research Workshop6 - 9 October 2008
Veliko Tarnovo, Bulgaria
![Page 2: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/2.jpg)
2
Roadmap
• Introduction • Underlying Ideas and Novel Framework• Particular Novel Stream Ciphering Approaches Based
on Employment of Pure Randomness • A Model of Certain Stream Ciphers Based on Pure
Randomness• LPN Problem and a Security Evaluation Approach• Framework for the Security Evaluation• Concluding Remarks
![Page 3: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/3.jpg)
3
I. Introduction
Certain References on Cryptographic Primitives
Based on Pure Randomness
![Page 4: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/4.jpg)
4
Some Initial References
• R.J. McEliece, “A public key cryptosystem based on algebraic coding theory”, DSN progress report, 42-44:114-116, 1978. (well known reference)
• M. Willett, “Deliberate noise in a modern cryptographic system”, IEEE Transactions on Information Theory, vol. 26, no. 1, pp.102-104, Jan. 1980. (almost forgotten reference)
• A. Blum, M. Furst, M. Kearns and R. Lipton, “Cryptographic Primitives Based on Hard Learning Problems”, CRYPTO 1993, Lecture Notes in Computer Science, vol. 773, pp. 278–291, 1994.
• N. Hopper and M. Blum, ``Secure Human Identification Protocols'', ASIACRYPT 2001, Lecture Notes in Computer Science, vol. 2248, pp. 52-66, 2001.
![Page 5: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/5.jpg)
5
A.D. Wyner, “The wire-tap channel”, Bell Systems
Technical Journal, vol. 54, pp. 1355-1387, 1975. • A different approach for achieving secrecy of
communication based on the noise has been reported by Wyner in 1975 assuming that the channel between the legitimate parties is with a lower noise in comparison with the channel via which a wire-tapper has access to the ciphertext.
• The proposed method does not require any secret. It is based on a specific coding scheme which provides a reliably communications within the legitimate parties and prevents, at the same time, the wire-tapper from learning the communication's contents.
![Page 6: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/6.jpg)
6
Some Recent References
• J. Katz and J. Shin, “Parallel and Concurrent Security of the HB and HB+ Protocols”, EUROCRYPT 2006, Lecture Notes in Computer Science, vol. 4004, pp. 73–87, 2006.
• J.-P. Aumasson, M. Finiasz, W. Meier and S. Vaudenay, “TCHo: A Hardware-Oriented Trapdoor Cipher”, ACISP 2007, Lecture Notes in Computer Science, vol. 4586, pp. 184–199, 2007.
• H. Gilbert, M.J.B. Robshaw and Y. Seurin, “HB#: Increasing the Security and Efficiency of HB+”, EUROCRYPT2008, Lecture Notes in Computer Science, vol. 4965, pp. 361-378, 2008.
• H. Gilbert, M.J.B. Robshaw, and Y. Seurin, “How to Encrypt with the LPN Problem”, ICALP 2008, Part II, Lecture Notes in Computer Science, vol. 5126, pp. 679-690, 2008.
![Page 7: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/7.jpg)
7
Certain Origins for Our Work
• M. Mihaljevic, “Generic framework for secure Yuen 2000 quantum-encryption employing the wire-tap channel approach”, Physical Review A, vol. 75, no. 5, pp. 052334-1-5, May 2007.
• M. Fossorier, M. Mihaljevic and H. Imai, “Modeling Block Encoding Approaches for Fast Correlation Attack”, IEEE Transactions on Information Theory, vol. 53, no. 12, pp. 4728-4737, Dec. 2007.
• M. Mihaljevic, M. Fossorier and H. Imai, “Security Evaluation of Certain Broadcast Encryption Schemes Employing a Generalized Time-Memory-Data Trade-Off”, IEEE Communications Letters, vol. 11, no. 12, pp. 988-990, Dec. 2007.
![Page 8: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/8.jpg)
8
II. Underlying Ideas and the Framework
![Page 9: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/9.jpg)
9
Novelties of Our Designs in Comparison with the Reported ones
Employment of two different binary pure randomness within a cryptographic primitive:
• one Berunolli distributed with the parameter <<1/2
• another with Uniform distribution and the parameter equal to 1/2
Dedicated encoding for providing the attacker confusion employing:
• Homophonic coding approaches
• Wire-tap Channel coding approaches
![Page 10: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/10.jpg)
10
General Underlying Ideas in Our Designs
Enhancing cryptographic primitives employing
- pure randomness and
- coding theory
• Particularly: Employment of the concept of the binary channels with insertion and complementation (and deletion).
![Page 11: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/11.jpg)
11
Main Goals
• A framework for design of stream ciphers which provides opportunity for design the security as high as possible based on the employed secret key, i.e. complexity of recovering the key as close as possible to O(2K)
• A trade-off between the security and the communications rate: Increase the security up to the upper limit at the expense of a moderate decrease of the communications rate.
![Page 12: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/12.jpg)
12
Underlying Ideas for Novel Stream Ciphers Paradigm
A Happy Merge (Marriage) of Pseudo-randomness and Randomness
![Page 13: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/13.jpg)
13
The Main Underlying Ideas
• Employ physical noise which an attacker must face, in order to strengthen the stream cipher.
• Strengthen the stream cipher employing a dedicated encoding following the homophonic or wire-tap channel encoding approaches.
![Page 14: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/14.jpg)
14
A Framework of Stream Ciphering Employing Randomness
a related traditional stream cipher and a novel particular one based on
deliberate randomness
![Page 15: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/15.jpg)
15
A Traditional Stream Cipher based on Encode+Encrypt Paradigm
in order to cope with an inherent noise in the public communication channel employ
“encode+encrypt” (the paradigm employed in GSM)
![Page 16: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/16.jpg)
16
Error-CorrectionEncoding
KeystreamGenerator
+PublicComm.Channel
Error-CorrectionDecoding
KeystreamGenerator
+
plaintext
secret key
plaintext
secret key
Encryption
Decryption
(b.s.c or erasure channel, for example)
![Page 17: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/17.jpg)
17
Novel Framework
Based on Employment of Randomness and Dedicated
Coding&Ciphering
![Page 18: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/18.jpg)
18
Error-CorrectionEncoding
KeystreamGenerator
PublicComm.Channel
Error-CorrectionDecoding
plaintext
secret key
plaintext
secret key
Encryption
Decryption
Dedicated Encoding&Encryption
Source of Randomness
KeystreamGenerator
Dedicated Decoding&Decryption
![Page 19: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/19.jpg)
19
Notes (1): Novel Paradigm
• Traditional stream ciphers do not include any randomness: Basically, they are based on the deterministic operations which expand a short secret seed into a long pseudorandom sequence.
• This talk proposes an alternative approach yielding a novel paradigm for design of stream ciphers.
• The proposed framework employs a dedicated coding and a deliberate noise which, assuming the appropriate code and noise level, at the attacker's side provides increased confusion up to the limit determined by the secret key length.
• Decoding complexities with and without the secret key are extremely different
![Page 20: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/20.jpg)
20
Notes (2): Security-Overhead Trade-Off
In order to achieve the main security goal, the proposed stream ciphering approach includes the following two encoding schemes with impacts on the communications overhead:
• error-correction encoding of the messages;
• dedicated homophonic/wire-tap channel coding which performs expansion of the initial ciphertext..
• Both of these issues imply the communications overhead: Accordingly, the proposed stream ciphers framework includes certain trade-off between the security and the communications overhead which in a number of scenarios can be considered as very appropriate.
![Page 21: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/21.jpg)
21
III. Particular Novel Stream Ciphering Approaches Employing Randomness
Homophonic and Wire-Tap Channel Like
Coding
![Page 22: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/22.jpg)
22
III.1 Two Variants of a Simple Construction
embed random bits +
enforce a binary symmetric noise channel
![Page 23: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/23.jpg)
23
Variant A
![Page 24: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/24.jpg)
24
Error-CorrectionEncoding
KeystreamGenerator
+
PublicComm.Channel
Error-CorrectionDecoding
KeystreamGenerator
+
plaintext
secret key
plaintext
secret key
Encryption
Decryption
Embedding
Decimation
+
Source of Randomness
![Page 25: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/25.jpg)
25
Variant B
![Page 26: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/26.jpg)
26
Error-CorrectionEncoding
KeystreamGenerator
+
PublicComm.Channel
Error-CorrectionDecoding
KeystreamGenerator
+
plaintext
secret key
plaintext
secret key
Encryption
Decryption
Embedding
Decimation
+
Source of Randomness
![Page 27: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/27.jpg)
27
III.2 Stream Ciphering Employing Wire-Tap Channel Coding
- a generic scheme and its discussion -
![Page 28: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/28.jpg)
28
Wire-Tap Channel
A. D. Wyner, “The wire-tap channel”,
Bell Systems Technical Journal, vol. 54, pp. 1355-1387, 1975.
![Page 29: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/29.jpg)
29
Alice Bob
Eve
Channel C1
Channel C2
UX
Z
Y
![Page 30: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/30.jpg)
30
Coding Strategy for the Wire-Tap Channel
• Goal of encoding paradigm for the wire-tap channel is to make the noisy data available to Eve (across the wire tap channel) useless and achieving this goal is based on adding the randomness in encoding algorithm.
![Page 31: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/31.jpg)
31
Groups of the codewords: Same symbol denote different codewords belonging to the same group
*
x
Codewords and N-dim Sphere
x x x x x
* * * * *
x
*
*x
*x
*
*
*x
*
*x
*
![Page 32: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/32.jpg)
32
Error-CorrectionEncoding
KeystreamGenerator
+
Mapping
PublicComm.Channel
Error-CorrectionDecoding
KeystreamGenerator
+
plaintext
secret key
plaintext
secret key
Encryption
Decryption
Wire-Tap Channel
Encoding
Wire-TapChannel
Decoding
+
Source of Randomness
Mapping
+
![Page 33: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/33.jpg)
33
IV. A Model of Certain Stream Ciphers Based on Pure Randomness
- a model suitable for security analysis -
![Page 34: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/34.jpg)
34
Error-CorrectionEncoding
KeystreamGenerator
+
PublicComm.Channel
Error-CorrectionDecoding
KeystreamGenerator
+
plaintext
secret key
plaintext
secret key
Encryption
Decryption
Embedding
Decimation
+
Source of Randomness
![Page 35: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/35.jpg)
35
Error-CorrectionEncoding
KeystreamGenerator
+plaintext
secret key
Encryption
Channel with Insertion
of Random Bits
Security as a Decoding Problem after Two Noisy Channels
Binary Symmetric
Channel
![Page 36: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/36.jpg)
36
Error-CorrectionEncoding
KeystreamGenerator
plaintext
secret key
Encryption
Homophonic Encoding
Security Consideration via Implications of the Coding and the LPN Problem
LPN Problem Based
Encryption
![Page 37: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/37.jpg)
37
Analytical Specification
![Page 38: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/38.jpg)
38
Simplified Model of a Stream Cipher
![Page 39: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/39.jpg)
39
V. LPN Problem and a Security Evaluation Approach
(LPN – Learning from Parity with Noise)
![Page 40: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/40.jpg)
40
LPN Problem
• Problem of decoding of a general random linear block code after a binary symmetric channel with given crossover probability.
• More formal formulations of the problem as well as its solutions are possible.
![Page 41: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/41.jpg)
41
Underlying Problem of the LPN
linear-f1(x1, x2, …, xK) = z1
linear-f2(x1, x2, …, xK) = z2
linear-fN(x1, x2, …, xK) = zN
…
O SV YE SR TD EE MFINED
noisy variables
K << N
![Page 42: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/42.jpg)
42
Notations (1)
![Page 43: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/43.jpg)
43
Notations (2)
![Page 44: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/44.jpg)
44
Notations (3) - Oracles
![Page 45: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/45.jpg)
45
The LPN Problem and its Solution
![Page 46: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/46.jpg)
46
Hardness of the LPN Problem
• M. Fossorier, M. Mihaljevic, H. Imai, Y. Cui and K. Matsuura, “An Algorithm for Solving the LPN Problem and its Application to Security Evaluation of the HB Protocols for RFID Authentication”, INDOCRYPT 2006, LNCS, vol. 4329, pp. 48-62, Dec. 2006.
![Page 47: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/47.jpg)
47
A Technical Lemma
![Page 48: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/48.jpg)
48
Security Evaluation Approaches and a Security Model
![Page 49: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/49.jpg)
49
Two Particular Security Evaluation Approaches
• Security evaluation via consideration of the underlying decoding problem.
• Security evaluation via a formal security model and an evaluation game.
• Further on, this approach will be discussed.
![Page 50: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/50.jpg)
50
A Security Evaluation Approach
![Page 51: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/51.jpg)
51
A Security Evaluation Game
![Page 52: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/52.jpg)
52
![Page 53: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/53.jpg)
53
![Page 54: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/54.jpg)
54
VI. Framework for Security Evaluation
![Page 55: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/55.jpg)
55
![Page 56: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/56.jpg)
56
![Page 57: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/57.jpg)
57
Proof. Recall that non-adaptive CPA-security (P1) implies adaptive CPA-security (P2), hence we may restrict ourselves to adversaries accessing the encryption oracle
only during the first phase of the attack (before seeing the challenge ciphertext).
![Page 58: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/58.jpg)
58
![Page 59: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/59.jpg)
59
![Page 60: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/60.jpg)
60
![Page 61: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/61.jpg)
61
![Page 62: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/62.jpg)
62
![Page 63: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/63.jpg)
63
![Page 64: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/64.jpg)
64
VII. Concluding Notes
Framework, Instantiations and Security Evaluation Elements
![Page 65: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/65.jpg)
65
Main messages• A general framework and certain particular
incarnations of stream ciphers based on randomness and dedicated coding are proposed.
• The dedicated coding employs homophonic and wire-tap channel like coding approaches.
• A security evaluation has been performed implying that security under certain attacking scenarios appears as a consequence of hardness of the LPN problem.
![Page 66: A Framework for Stream Ciphers Based on Pseudorandomness, Randomness and Error-Correcting Coding](https://reader038.fdocuments.in/reader038/viewer/2022110211/56813350550346895d9a5a4b/html5/thumbnails/66.jpg)
66
Thank You Very Much for the Attention,
and
QUESTIONS Please!