0

I've been implementing a paper that is targeting IoT encryption using a 64-bit block cipher via elementary cellular automata. The paper is in the repository/linked in the README.

I am trying to verify that an implementation of this algorithm actually works.

Current state

The first and third segments do not decrypt properly, I believe this is due to rule 153 being used.

P: deadbeefcafebabe
K: f6c78663f3578746
E: ce09ac834be8ba8d
D: df8cbeefcbcbbabe

Things I've verified

  • The CA works like Wolfram's and the specified rules in the paper
  • Splitting/concatenating segments works as expected

Errata I've noticed in the paper

  • There are unspecified CA boundaries (implementation should be correct as I'm getting half the plaintext out)
  • Selected rule 204 is essentially a NOP
  • 16x4 bit split in decryption should be 4x6
    • Correct in diagram (figure 3), not in algorithm listing
  • Decryption needs to invert the even/odd segment check

Question

Does rule 153 actually work for reversing the automata during decryption? Rule 51 is essentially a NOT on the previous epoch, so I would expect rule 153's inverse to be in use during decryption, but doesn't appear to be reversible.

If anyone could take a look and provide feedback on where I went wrong I'd greatly appreciate it. I've already mailed the author and have yet to receive a response.

Code

https://github.com/optimisticninja/caencryption

Duderus Smith
  • 29
  • 3
  • On a tangent, the paper you reference has not been published in a cryptography journal / conference and none of the authors has a degree in cryptography. Usually that's a bad sign. I'm not saying their cipher is necessarily bad… but it's probably bad. – Ilmari Karonen Jan 31 '22 at 22:24
  • (For that matter, as someone interested in both cellular automata and cryptography and following both fields for decades, I've yet to see an efficient and credibly secure cipher design based on CA. I've seen a *lot* of bad ones designed by people with limited experience in cryptography, though.) – Ilmari Karonen Jan 31 '22 at 22:26
  • I appreciate the input. I can already tell you... it's bad and doesn't work as described. Aside from PRNGs, I haven't seen much promise either - especially with neighborhoods this small. Hardware implementations are the only way I would imagine efficiency. Would you mind linking one or two CA-based ciphers you find interesting? I've only looked at a handful. – Duderus Smith Jan 31 '22 at 23:51

1 Answers1

0

After iterating through all automata rules, only linear rules work in place of 153 for alternating segments. Rule 29 appears to be the best alternate for diffusion of the plaintext.

RULE 29
P: deadbeefcafebabe
K: f6c78663f3578746
E: ce09bfd34be8a898
D: deadbeefcafebabe
RULE 51
P: deadbeefcafebabe
K: f6c78663f3578746
E: ce09bfd34be8a898
D: deadbeefcafebabe
RULE 204
P: deadbeefcafebabe
K: f6c78663f3578746
E: ce09bfd34be8a898
D: deadbeefcafebabe
RULE 205
P: deadbeefcafebabe
K: f6c78663f3578746
E: ce09bfd34be8a898
D: deadbeefcafebabe
Duderus Smith
  • 29
  • 3