Sensor Network Security - Networked Embedded Systems

Image Processing Reference

In-Depth Information

// Algorithm: RC5-Encryption

// Input:

A, B

= plaintext stored in two words

S[0, 2r+1] = an array filled by a key setup

procedure

// Ouput:

A, B

= ciphertext stored in two words

A := A + S[0];

B := B + S[1];

for i := 1 to r

A := ( (A B) <<< B) + s[2i];

B := ( (B A) <<< A) + s[2i + 1];

FIGURE .

RC encryption algorithm.

TABLE .

Plaintext Requirements for Differential

Attacks on RC

Number of Rounds















 

 

 

 

 

 

 

Differential attack

(chosen plaintext)

Differential attack

 

 

 

 

 

 

 

(known plaintext)

RegardingthesecurityoftheRCalgorithm,KaliskiandYinreportinthatthebest-known

attacks against RC with a blocklength of  bit have plaintext requirements as listed in Table .

[KY]. According to the information given in [PST + ] (RAM requirements, etc.), Perrig et al. seem

to plan for RC with  rounds and  bit words (leading to a blocklength of  bit), so that a diferential

cryptanalysis attack would require about   chosen plaintexts and about   known plaintexts and

CPUefortinthesameorderofmagnitude.TakingintoaccountprogressinPCtechnology,this

should be considered on the edge of being secure (if an attacker can collect that many plaintexts).

Nevertheless, by increasing the number of rounds the required effort could be raised to   or   ,

respectively. Even higher security requirements can by principle only be ensured by using a block

cipher with a larger block size.

In SNEP, encryption of messages is performed by using the RC algorithm in an operational mode

called “counter mode” that XORs the plaintext with a pseudo-random bit sequence, which is gener-

ated by encrypting increasing counter values (see also Figure .). .).The encryption of message Ms g

with key K and counter value “ Counter ” is denoted as

For computing message authentication codes (MACs), SNEP uses the well established cipher block

chaining MAC (CBC-MAC) construction. his mode encrypts each plaintext block P  , ..., P n with an

integrity key IK , XORing the ciphertext of the last encryption result C i

{

} <

K ,Counter

 with the plaintext block P i

prior to the encryption step. he result of the last encryption step is then taken as the MAC (see also

Figure .).

−

Counter

Counter + 1

Counter + 2

CK A , B

RC5

P 1

C 1

P 2

C 2

P 3

C 3

FIGURE .

Encryption in counter mode.

Networked Embedded Systems

Search WWH ::

Custom Search

Home