ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Freestyle, a randomized version of ChaCha for resisting offline brute-force and dictionary attacks

Puthuparambil, Arun Babu and Thomas, Jithin Jose (2019) Freestyle, a randomized version of ChaCha for resisting offline brute-force and dictionary attacks. In: JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 49 .

[img] PDF
jou_inf_sec_app_49_2019.pdf - Published Version
Restricted to Registered users only
Download (6MB) | Request a copy
Official URL: https://dx.doi.org/10.1016/j.jisa.2019.102396

Abstract

This paper introduces Freestyle, a randomized, and variable round version of the ChaCha cipher. Freestyle demonstrates the concept of hash based halting condition, where a decryption attempt with an incorrect key is likely to take longer time to halt. This makes it resistant to key-guessing attacks i.e. brute-force and dictionary based attacks. Freestyle uses a novel approach for ciphertext randomization by using random number of rounds for each block of message, where the exact number of rounds are unknown to the receiver in advance. Due to its inherent random behavior, Freestyle provides the possibility of generating up to 2(256) different ciphertexts for a given key, nonce, and message; thus resisting key and nonce reuse attacks. This also makes cryptanalysis through known-plaintext, chosen-plaintext, and chosen-ciphertext attacks difficult in practice. Freestyle is highly customizable, making it suitable for both low-powered devices and security-critical applications. It is ideal for: (i) applications that favor ciphertext randomization and resistance to key-guessing and key reuse attacks; and (ii) situations where ciphertext is in full control of an adversary for carrying out an offline key-guessing attack.

Item Type: Journal Article
Publication: JOURNAL OF INFORMATION SECURITY AND APPLICATIONS
Publisher: ELSEVIER
Additional Information: Copyright of this article belongs to ELSEVIER
Keywords: Brute-force resistant ciphers; Dictionary based attacks; Key-guessing penalty; Probabilistic encryption; Freestyle; ChaCha
Department/Centre: Division of Interdisciplinary Sciences > Robert Bosch Centre for Cyber Physical Systems
Date Deposited: 23 Jan 2020 07:55
Last Modified: 23 Jan 2020 07:55
URI: http://eprints.iisc.ac.in/id/eprint/64259

Actions (login required)

View Item View Item
Powered by EPrints A service from The J.R.D. Tata Memorial Library Indian Institute of Science, Bengaluru-560012, India