Cryptography Reference
In-Depth Information
v2 and Trivium . Note that all of these are relatively new ciphers and only time
will tell whether they are really cryptographically strong. The algorithm descrip-
tion, source code and the results of the four-year evaluation process are available
online [69], and the official topic provides more detailed information [146].
It is important to keep in mind that ECRYPT is not a standardization body, so the
status of the eSTREAM finalist ciphers cannot be compared to that of AES at the
end of its selection process (cf. Sect. 4.1).
True Random Number Generation We introduced in this chapter different classes
of RNGs, and found that cryptographically secure pseudorandom number genera-
tors are of central importance for stream ciphers. For other cryptographic appli-
cations, true random number generators are important. For instance, true random
numbers are needed for the generation of cryptographic keys which are then to be
distributed. Many ciphers and modes of operation rely on initial values that are of-
ten generated from TRNGs. Also, many protocols require nonces (numbers used
only once), which may stem from a TRNG. All TRNGs need to exploit some en-
tropy source, i.e., some process which behaves truly randomly. Many TRNG designs
have been proposed over the years. They can coarsely be classified as approaches
that use specially designed hardware as an entropy source or as TRNGs that exploit
external sources of randomness. Examples of the former are circuits with random
behavior, e.g., that are based on semiconductor noise or on several uncorrelated os-
cillators. Reference [104, Chap. 5] contains a good survey. Examples of the latter
ones are computer systems which measure the times between key strokes or the
arrival times of packets at a network interface. In all these cases, one has to be ex-
tremely careful to make sure that the noise source in fact has enough entropy. There
are many examples of TRNG designs which turned out to have poor random behav-
ior and which constitute a serious security weakness, depending on how they are
used. There are tools available that test the statistical properties of TRNG output
sequences [56, 125]. There are also standards with which TRNGs can be formally
evaluated [80].
2.5 Lessons Learned
Stream ciphers are less popular than block ciphers in most domains such as Inter-
net security. There are exceptions, for instance, the popular stream cipher RC4.
Stream ciphers sometimes require fewer resources, e.g., code size or chip area,
for implementation than block ciphers, and they are attractive for use in con-
strained environments such as cell phones.
The requirements for a cryptographically secure pseudorandom number gener-
ator are far more demanding than the requirements for pseudorandom number
generators used in other applications such as testing or simulation.
Search WWH ::




Custom Search