Publications

Analysis of entropy associated with a fuzzy extraction scheme

Abstract not provided.

Abstract not provided.

We illustrate a theoretical side-channel analysis on the intermediate rounds of AES, using only the Hamming weights of the bytes registered after the S-box operation. Input and output state values are unknown. Simulations and a blind test were used to show the feasibility of the analysis under ideal conditions. General applicability of the idea and possible extensions are discussed, as well as limiting assumptions. Some implementation approaches are described in Appendix A, in the case of constrained computing capabilities (desktop or laptop).

For strong cryptologic algorithms, it is often assumed that exhaustive search (AKA "brute force) will take 2^b trials, where b is the number of bits of the secret key. What happens, though, if an adversary gains partial knowledge of the secret key? Perhaps he has intercepted a garbled transmission of the key, where he knows the maximum number of garbles, but not where they occur, or perhaps he knows the probability of each bit being correct. How much does this help him?

For factoring an integer N, the complexity of the General Number Field Sieve (GNFS) is explored.

Abstract not provided.

For AES-256, the entire key schedule, including the original secret key, can be recovered easily from a 32 consecutive byte portion of the key schedule.