Founded by Comunidad Autónoma de Madrid. CIBERDINE. S2013/ICE-3095

Cofunded by the European Union FEDER funds

 

Libros:

L. Hernández Encinas, “La Criptografía”, Colección: ¿Qué sabemos de?, Editorial CSIC-Catarata, Madrid, 2016, 142 pp. ISBN: 978-84-00-10045-2.


  • Abstract:
    El objetivo de la obra es dar a conocer al público en general algunas de las herramientas más utilizadas en la Sociedad de la Información para lograr la confidencialidad, integridad y autenticidad de la información mediante los métodos de cifrado de la Criptografía. Los temas se abordan paralelamente al desarrollo de la historia de esta ciencia, comenzando con la época clásica griega, pasando por la Segunda Guerra Mundial, hasta llegar a la Criptografía empleada hoy en día; esbozándose, finalmente, algunas de sus líneas futuras. Los contenidos tratados se ilustran con ejemplos que los clarifican, de modo que puedan ser comprendidos por un público que no tenga, necesariamente, un amplio bagaje científico.


Capítulos de Libros:

R. Durán Díaz and L. Hernández Encinas, “Special Primes: Properties and Applications”, Geometry, Algebra and Applications: From Mechanics to Cryptography, Springer International Publishing Switzerland, 2016, 79-90, doi.org/10.3906/mat-1603-143.


  • Abstract:
    This note presents a short survey on current results about the density and methods to obtain several kinds of special primes, together with primality algorithms.

  • Keywords: Primality, safe primes, strong primes.


A. Fúster Sabater and F. Montoya Viniti, “Classes of Nonlinear Filters for Stream Ciphers”, Geometry, Algebra and Applications: From Mechanics to Cryptography, Springer International Publishing Switzerland, 2016, 107-119, doi.org/10.1007/978-3-319-32085-4_10.


  • Abstract:
    Long period, good statistical properties and large linear complexity are necessary conditions that every cryptographic sequence must satisfy. In this work, an algebraic method to compute classes of nonlinear filters with large linear complexity has been proposed. Two filter operations (addition and shifting operations) are performed to give rise to a complete class of nonlinear filters adequate for cryptographic purposes. The procedure here developed is simple, efficient and can be carried out at the price of minimal computational operations. Different filter representations have been systematically addressed.

  • Keywords: Linear complexity, Sequence generator, Filter function, Cryptography.


Revistas SCI:

S. D. Cardell, A. Fúster-Sabater. “Discrete linear models for the generalized self-shrunken sequences”. Finite Fields and Their Applications, vol. 47,1 (2017), 222-241), doi:10.1016/j.ffa.2017.06.010.


  • Abstract:
    In this work, different decimation-based sequence generators for cryptographic purposes have been analyzed in detail. In fact, the modified self-shrinking generator was first introduced as an improved version of the self-shrinking generator. However, it is here proven that the sequences produced by both generators belong to the same family of sequences, that is the class of the generalized self-shrinking sequences. Thus, both sequences have the same properties as well as the same weaknesses. Moreover, such sequences can be generated by linear structures based on one-dimensional cellular automata. The linearity inherent to the cellular automata-based models can be used to launch a cryptanalytic attack against such non-linear generators.

  • Keywords: Modified self-shrinking generator, Generalized self-shrinking generator, Characteristic polynomial, Cellular automata, Decimation.


S. D. Cardell, A. Fúster-Sabater, “Modelling the Shrinking Generator in Terms of CA", Advances in Mathematics of Communications, vol. 10,4 (2016), 797-809), doi:10.3934/amc.2016041.


  • Abstract:
    This work analyses the output sequence from a cryptographic non-linear generator, the so-called shrinking generator. This sequence, known as the shrunken sequence, can be built by interleaving a unique PN-sequence whose characteristic polynomial serves as basis for the shrunken sequence's characteristic polynomial. In addition, the shrunken sequence can be also generated from a linear model based on cellular automata. The cellular automata here proposed generate a family of sequences with the same properties, period and characteristic polynomial, as those of the shrunken sequence. Moreover, such sequences appear several times along the cellular automata shifted a fixed number. The use of discrete logarithms allows the computation of such a number. The linearity of these cellular automata can be advantageously employed to launch a cryptanalysis against the shrinking generator and recover its output sequence.

  • Keywords: Shrinking generator, shrunken sequence, cellular automata, rule 102, interleaved PN-sequences, characteristic polynomial.


V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz, M.A. Álvarez Mariño, D. Arroyo Guardeño, “A comparative study of three Spanish eGoverment smart cards”, Logic Journal of the IGPL, 25,1 (2017), 42-53), doi:10.1093/jigpal/jzw038.


  • Abstract:
    Smart cards are well-known tamper-resistant devices, and due to their portability and security they represent an excellent platform for implementing strong authentication services. This contribution analyses three Spanish smart card deployments intended to be used for eGoverment services, comparing their respective contents and capabilities. As a result of our analysis, we conclude that the current deployment of smart cards for the electronic prescription service being rolled out throughout Spain could be replaced by the use of the already consolidated Spanish National Identity card.

  • Keywords: Cryptography, digital signature, DNIe, electronic prescription, smart cards.


Sara D. Cardell and Amparo Fúster-Sabater, "Linear Models for the Self-Shrinking Generator Based on CA", Journal of Cellular Automata 11, 195-211 (2016).


  • Abstract:
    The self-shrinking generator is a non-linear cryptographic sequence generator designed to be used in stream cipher applications. In this work, its output sequence, the self-shrunken sequence, is computed as one of the output sequences of a linear model based on Cellular Automata. Such Automata are uniform, null, one-dimensional and use rules 102 or 60 for their computations. The linearity of these structures can be advantageous exploited to recover the complete self-shrunken sequence from a number of intercepted bits. Indeed, a Cellular Automata-based reconstruction procedure that is deterministic, does not need the knowledge of the LFSR characteristic polynomial and is performed exclusively by means of XOR operations has been proposed.

  • Keywords: Self-shrinking generator, self-shrunken sequence, cellular automata, rule 102, cryptography.


R. Durán Díaz, L. Hernández Encinas, A. Martín Muñoz, J. Muñoz Masqué, Seok-Zun Song, “A characterization of non-prime powers”, Turkish Journal of Mathematics.


  • Abstract:
    A criterion is presented in order to decide whether a given integer is a prime power or not. The criterion associates to each positive integer $m$ a finite set of integers $\mathcal{S}(m)$, each of them $< m$, and the properties of this set are studied. The notion of complementary pairs in $\mathcal{S}(m)$ is introduced and it is proved that if one is able to determine a complementary pair $n,n^\prime $, then a partial factorization of the odd integer $m$ can be obtained in polynomial time. Some particular cases and examples of these results are given.

  • Keywords: Complementary pair, Partial factorization, Prime power.


L. González-Manzano, José M. de Fuentes, Sergio Pastrana, Pedro Peris-Lopez, Luis Hernández-Encinas, “PAgIoT -- Privacy-preserving Aggregation protocol for Internet of Things”, Journal of Network and Computer Applications, 71 (2016), 59-71, doi:10.1016/j.jnca.2016.06.001.


  • Abstract:
    Modern society highly relies on the use of cyberspace to perform a huge variety group of activities, such as social networking or e-commerce, and new technologies are continuously emerging. As such, computer systems may store a huge amount of information, which makes data analysis and storage a challenge. Information aggregation and correlation are two basic mechanisms to reduce the problem size, for example by filtering out redundant data or grouping similar one. These processes require high processing capabilities, and thus their application in Internet of Things (IoT) scenarios is not straightforward due to resource constraints. Furthermore, privacy issues may arise when the data at stake is personal. In this paper we propose PAgIoT, a Privacy-preserving Aggregation protocol suitable for IoT settings. It enables multi-attribute aggregation for groups of entities while allowing for privacy-preserving value correlation. Results show that PAgIoT is feasible in resource-constrained devices and for aggregations of up to 10 attributes in big networks, and it is resistant to security attacks.

  • Keywords: Aggregation, Privacy preservation, Cryptography, Internet-of-things (IoT).


G. Pastor, M. Romera, M.-F. Danca, A. Martin, A.B. Orue, F. Montoya, L. Hernández Encinas, "Hidden and non-standard bifurcation diagram of an alternate quadratic system", International Journal of Bifurcation and Chaos, 26, 2 (2016) 1550036 (14 pages), doi:10.1142/S021812741650036X.


  • Abstract:
    Alternate quadratic systems A: $x_{n+1}=\left\{\begin{array}{c} {1 - ax_n^2, {\rm \; if\; }n{\rm \; is\; even}}\\ {1 - {a_ * }x_n^2, {\rm \; if\; }n{\rm \; is\; odd}}\end{array}\right. $ and B: $x_{n+1} =\left\{\begin{array}{c} {1 - {a_ *}x_n^2, {\rm \; if\; }n{\rm \; is\; even}} \\ {1 - ax_n^2, {\rm \; if\; }n{\rm \; is\; odd}} \end{array},\right. $ where $a$ and $a_*$ are different parameters, seem to be interval maps in a range of the parameter values. However, after a careful graphical analysis of their bifurcation diagrams we conclude that this is true only for system B, but not for system A. In System A we find a hidden and non-standard bifurcation diagram (``hidden'' because it is not visible at normal resolution and ``non-standard'' because the bifurcation diagram is empty for some ranges of the parameter values). The different behavior of the underlying critical polynomial in the range of parameter values in both alternate quadratic systems explains why the hidden and non-standard bifurcation diagram is present in system A and not in system B. The analysis of the Lyapunov exponent also shows both the existence and the different behavior of the hidden bifurcation diagram of system A.

  • Keywords: Nonlinear dynamics; nonlinear discrete dynamical systems; quartic maps; alternate quadratic system; hidden and non-standard bifurcation diagrams.


V. Gayoso Martínez, L. Hernández Encinas, A. Queiruga Dios, "Security and practical considerations when implementing the elliptic curve integrated encryption scheme", Cryptologia, 39 , 3 (2015), 244-269. doi:10.1080/01611194.2014.988363.


  • Abstract:
    The most popular encryption scheme based on elliptic curves is the Elliptic Curve Integrated Encryption Scheme (ECIES), which is included in ANSI X9.63, IEEE 1363a, ISO/IEC 18033-2, and SECG SEC 1. These standards offer many ECIES options, not always compatible, making it difficult to decide what parameters and cryptographic elements to use in a specific deployment scenario. In this work, the authors show that a secure and practical implementation of ECIES can only be compatible with two of the four previously mentioned standards. They also provide the list of functions and options that must be used in such an implementation. Finally, they present the results obtained when testing this ECIES version implemented as a Java application, which allows them to offer some comments about the performance and feasibility of their proposed solution.

  • Keywords: Data encryption, elliptic curves, Java, public key cryptography, standards.


A. Fuentes, L. Hernández, A. Martín and B. Alarcos, "Design of a Set of Software Tools for Side-Channel Attacks", IEEE Latin America Transactions, 13, 6 (2015), 1966–1978. doi:10.1109/TLA.2015.7164224.


  • Abstract:
    This contribution presents the design and the first experimental results of a set of software tools to carry out side-channel attacks against cryptographic devices, especially smartcards. To this aim, the main attacks of this class are commented, with special emphasis in power analysis attacks. The final objective is to make this set of tools available to the scientific community, so that it can be improved and enlarged according to particular needs.

  • Keywords: Cryptography, security, side channels, software tools.


Revistas no SCI:

M. Mojica López, J.L. Luis Rodrigo Oliva, V. Gayoso Martínez, L. Hernández Encinas y A. Martín Muñoz, “Análisis de la Privacidad de WhatsApp Messenger”, Revista Iberoamericana de Sistemas, Cibernética e Informática, RISCI, vol. 14, num.23, pp 73-78, ISSN 1690-8627, (2017). http://www.iiisci.org/Journal/riSCI/FullText.asp?var=&id=CA890ED17.


  • Abstract:
    El uso de aplicaciones de mensajería instantánea se ha vuelto cada vez más cotidiano para una gran parte de la población, donde la aplicación WhatsApp Messenger es una de las más populares a nivel mundial. Los datos asociados a cada cuenta de usuario de WhatsApp, como las fotos de perfil, los estados o el número de teléfono, son información personal que es visible para cualquier tercero con la configuración por defecto establecida tras la instalación. En este trabajo se ha desarrollado una aplicación para Android que escanea un rango de números de teléfono y obtiene, para cada número que tenga cuenta de WhatsApp, los cambios de los estados y las imágenes de perfil que el usuario haya introducido. El objetivo de esta contribución es evaluar el nivel de privacidad que WhatsApp Messenger presenta con este modelo de configuración por defecto, analizando para ello un grupo de usuarios de gran tamaño.

  • Keywords: Android, Mensajería instantánea, Privacidad, Smartphones, WhatsApp.


S. D. Cardell, A. Fúster-Sabater, “Cryptanalysing the shrinking generator”, Procedia Computer Science, Elsevier B.V., vol 51, 2893-2897, (2015). doi:10.1016/j.procs.2015.05.454.


  • Abstract:
    In this work, we propose a cryptanalysis of the nonlinear sequence generator called the shrinking generator. The output sequence of this cryptographic generator, the shrunken sequence, can be modelled as one of the output sequences of linear cellular automata (CA). The shrunken sequence and the other sequences generated by the CA can be reduced to a combination of PN-sequences generated by the same characteristic polynomial. Therefore, all these PN-sequences are the same but shifted. We propose an efficient cryptanalysis that takes advantage of the linearity of these PN-sequences and the CA.

  • Keywords: Shrinking generator, Shrunken sequence, Cryptanalysis, Characteristic polynomial.


Sara D. Cardell and Amparo Fúster-Sabater, “Recovering the MSS-sequence via CA”, Procedia Computer Science 80, 599-606 (2016), The International Conference on Computational Science (ICCS 2016), San Diego, 6-8 de junio de 2015. doi:10.1016/j.procs.2016.05.346.


  • Abstract:
    A cryptographic sequence generator, the modified self-shrinking generator (MSSG), was recently designed as a novel version of the self-shrinking generator. Taking advantage of the cryptographic properties of the irregularly decimated generator class, the MSSG was mainly created to be used in stream cipher applications and hardware implementations. Nevertheless, in this work it is shown that the MSSG output sequence, the so-called modified self-shrunken sequence, is generated as one of the output sequences of a linear model based on Cellular Automata that use rule 60 for their computations. Thus, the linearity of these structures can be advantageous exploited to recover the complete modified self-shrunken sequence from a number of intercepted bits.

  • Keywords: Modified Self-Shrinking Generator, Cellular Automata, Rule 60, Cryptography.


Sara D. Cardell and Amparo Fúster-Sabater, “Cryptographic Properties of Equivalent Ciphers”, Procedia Computer Science 80, 2236-2240 (2016), The International Conference on Computational Science (ICCS 2016), San Diego, 6-8 de junio de 2015. doi:10.1016/j.procs.2016.05.391.


  • Abstract:
    In this work the use of nonlinear filtering functions applied to Linear Feedback Shift Registers (LFSRs) to generate cryptographic sequences has been studied. Emphasis is on the class of equivalent nonlinear filter generators whose elements produce exactly the same sequence. Given a pair (filtering function, LFSR), the work develops a method of computing equivalent filtering functions applied to different LFSRs, where all these filters generate exactly the same cryptographic sequence. The security of a cipher is that of its weakest equivalent. Thus this article allows one to compute weaker equivalents of apparently secure generators.

  • Keywords: Nonlinear filter, equivalence, sequence, stream cipher, cryptanalysis.


Congresos internacionales:

D. Arroyo, J. Díaz y V. Gayoso. “On the difficult trade-off between security and privacy: challenges for the management of digital identities”, 8th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2015), pp. 455-462, Burgos, ISBN 978-3-319-19712-5. doi:10.1007/978-3-319-19713-5_39.

  • Abstract:
    The deployment of security measures can lead in many occasions to an infringement of users’ privacy. Indeed, nowadays we have many examples about surveillance programs or personal data breaches in online service providers. In order to avoid the latter problem, we need to establish security measures that do not involve a violation of privacy rights. In this communication we discuss the main challenges when conciliating information security and users’ privacy.

  • Keywords: Cloud Computing, Digital Right Management, Homomorphic Encryption, Secure Multi Party Computation, Information Asset.


S. D. Cardell, A. Fúster-Sabater, Li Bin. “A New Simple Attack on a Wide Class of Cryptographic Sequence Generators”, Proceedings of the International Joint Conference SOCO’17-CISIS’17-ICEUTE’17, León, Spain, September 6–8, 2017. H. Pérez García et al. (Eds.), Advances in Intelligent Systems and Computing, 649, pp. 533-543, 2017. ISBN: 978-3-319-67179-6. doi:10.1007/978-3-319-67180-2_52.

  • Abstract:
    The class of decimation-based sequence generators attempts to obtain an implicit non-linearity from the decimation process, as nonlinearity is a required property for the use of such generators in cryptography. In this work, it is shown that the output sequence of a well- known member of this generator class, the shrinking generator, is composed of PN-sequences generated by Linear feedback Shift Registers. Furthermore, these PN-sequences are shifted versions of a unique sequence whose initial positions can be determined using discrete logarithms. Taking advantage of the linearity of the PN-sequences, a method of recovering the whole output sequence from a small number of intercepted bits is proposed. The algorithm is deterministic, always finds the cryptosystem key and is very adequate for parallelization. The basic ideas of this work can be generalized to other elements in the same class of sequence generators.

  • Keywords: Decimation, Shrinking generator, Shrunken sequence, Cryptanalysis, Zech logarithm.


S. D. Cardell, A. Fúster-Sabater. “Linear Models for High-Complexity Sequences”, Proceedings of the 17th International Conference on Computational Science and Its Applications, ICCSA 2017, Trieste, Italy, July 3-6, 2017. Gervasi O. et al. (Eds.): ICCSA 2017, Part I, LNCS 10404, pp. 314-324, 2017. ISBN: 978-3-319-62391-7. doi: 10.1007/978-3-319-62392-4_23.

  • Abstract:
    Different binary sequence generators produce sequences whose period is a power of 2. Although these sequences exhibit good cryptographic properties, in this work it is proved that such sequences can be obtained as output sequences from simple linear structures. More precisely, every one of these sequences is a particular solution of a linear difference equation with binary coefficients. This fact allows one to analyze the structural properties of the sequences with such a period from the point of view of the linear difference equations. In addition, a new application of the Pascal's triangle to the cryptographic sequences has been introduced. In fact, it is shown that all these binary sequences can be obtained by XOR-ing a finite number of binomial sequences that correspond to the diagonals of the Pascal's triangle reduced modulo 2.

  • Keywords: Binary sequence, period, linear complexity, difference linear equation, binomial sequence, Pascal's triangle.


V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz, and R. Durán Díaz, “A Proposal for Using a Cryptographic National Identity Card in Social Networks”, International Workshop on Computational Intelligence in Security for Information Systems (CISIS'17), Advances in Intelligent Systems and Computing 649, 651-660, ISBN: 978-3-319-67179-6, León (Spain), September 6-8, 2017. Core B. doi:10.1007/978-3-319-67180-2_63.

  • Abstract:
    The distinctive security features of the Spanish electronic national identity card allow us to propose the usage of this cryptographic smart card in an authentication framework that can be used during the registration and login phases of certain internet services, including popular social networks. Using this mechanism with NFC-capable devices, the identity and age of the potential user can be determined, allowing or denying the access to the service based on that information.

  • Keywords: Authentication, DNIe, smart cards, social networks.


A. Beatriz Orúe, L. Hernández Encinas, V. Fernández, F. Montoya, “A Review of Cryptographically Secure PRNGs in Constrained Devices for the IoT”, International Workshop on Computational Intelligence in Security for Information Systems (CISIS'17), Advances in Intelligent Systems and Computing 649, 672-682, ISBN: 978-3-319-67179-6, León (Spain), September 6-8, 2017. Core B. doi:10.1007/978-3-319-67180-2_65.

  • Abstract:
    In this work we show a deep review of lightweight random and pseudorandom number generators designed for constrained devices such as wireless sensor networks and RFID tags along with a study of Trifork pseudorandom number generator for constrained devices.

  • Keywords: Internet of things, lightweight cryptography, pseudorandom number generator, constrained devices.


M. Mójica López, J. L. Rodrigo Oliva, V. Gayoso Martínez, L. Hernández Encinas y A. Martín Muñoz, “Análisis de la privacidad de WhatsApp Messenger”, Décima sexta Conferencia Iberoamericana en Sistemas, Cibernética e Informática (CISCI 2017), Actas 109-114, ISBN: 978-1-941763-63-6, Orlando (Florida, USA), July 8-11, 2017.

  • Abstract:
    El uso de aplicaciones de mensajería instantánea se ha vuelto cada vez más cotidiano para una gran parte de la población, donde la aplicación WhatsApp Messenger es una de las más populares a nivel mundial. Los datos asociados a cada cuenta de usuario de WhatsApp, como las fotos de perfil, los estados o el número de teléfono, son información personal que es visible para cualquier tercero con la configuración por defecto establecida tras la instalación.
    En este trabajo se ha desarrollado una aplicación para Android que escanea un rango de números de teléfono y obtiene, para cada número que tenga cuenta de WhatsApp, los cambios de los estados y las imágenes de perfil que el usuario haya introducido. El objetivo de esta contribución es evaluar el nivel de privacidad que WhatsApp Messenger presenta con este modelo de configuración por defecto, analizando para ello un grupo de usuarios de gran tamaño.

  • Keywords: Android, Mensajería instantánea, Privacidad, Smartphones, WhatsApp.


D. Arroyo Guardeño, V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz, "Using smart cards for authenticating in public services: A comparative study", Advances in Intelligent Systems and Computing, 369 (2015), 437–446, doi:10.1007/978-3-319-19713-5_37.

  • Abstract:
    Smart cards are well-known tamper-resistant devices, and as such they represent an excellent platform for implementing strong authentication. Many services requesting high levels of security rely on smart cards, which provide a convenient security token due to their portability. This contribution analyses two Spanish smart card deployments intended to be used for accessing eGoverment services, comparing their respective contents and capabilities.

  • Keywords: Cryptography, digital signature, electronic prescription, smart cards.


V. Gayoso Martínez, L. Hernández Encinas and Seok-Zun Song, "Group signatures in practice", Advances in Intelligent Systems and Computing, 369 (2015), 413–423, doi:10.1007/978-3-319-19713-5_35.


  • Abstract:
    Group signature schemes allow a user to sign a message in an anonymous way on behalf of a group. In general, these schemes need the collaboration of a Key Generation Center or a Trusted Third Party, which can disclose the identity of the actual signer if necessary (for example, in order to settle a dispute). This paper presents the results obtained after implementing a group signature scheme using the Integer Factorization Problem and the Subgroup Discrete Logarithm Problem, which has allowed us to check the feasibility of the scheme when using big numbers.

  • Keywords: Cryptography, Digital signature, Group signature, Java.


S. D. Cardell, A. Fúster-Sabater. “Cryptanalysing the shrinking generator”, Proceedings of the 15th International Conference on Computational Science, ICCS 2015, Computational Science at the Gates of Nature, Reykjavík, Iceland, 1-3 June, 2015, pp. 2893-2897.

  • Abstract:
    In this work, we propose a cryptanalysis of the nonlinear sequence generator called the shrinking generator. The output sequence of this cryptographic generator, the shrunken sequence, can be modelled as one of the output sequences of linear cellular automata (CA). The shrunken sequence and the other sequences generated by the CA can be reduced to a combination of PNsequences generated by the same characteristic polynomial. Therefore, all these PN-sequences are the same but shifted. We propose an efficient cryptanalysis that takes advantage of the linearity of these PN-sequences and the CA.

  • Keywords: Shrinking generator, Shrunken sequence, Cryptanalysis, Characteristic polynomial.


S. D. Cardell, A. Fúster-Sabater. “Modelización lineal de generadores basados en decimación”. Memorias del VIII Congreso Iberoamericano de Seguridad Informática CIBSI 2015, pp. 102-107. Sesión 4: Criptografía. Sangolqui, Quito, Ecuador, 10–12 Noviembre, 2015, ISBN: 978-9978-301

  • Abstract:
    The self-shrinking generator was created to be used in stream cipher applications in order to protect secret information. It is a non-linear cryptographic sequence generator, whose output sequence, the self-shrunken sequence, has good cryptographic properties, such as, large period and linear complexity. However, this sequence can be obtained as the output sequence of linear models based on uniform cellular automata. In this work, we present a family of null, uniform, linear cellular automata that generate this sequence. The linearity of these structures can be used for future attacks and cryptanalysis.

  • Keywords: Auto-shrinking generator, auto-shrunken sequen-ce, cellular automata, rule 60, stream cipher, cryptography.


V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz and J. Zhang, "Breaking a Hitga2 Protocol with Low Cost Technology". 3rd International Conference on Information Systems Security and Privacy (ICISSP'2017) Proceedings 579-584, P.Mori, S. Furnell and O. Camp (Ed.), ISBN: 978-989-758-209-7. Porto (Portugal), February 19-21, 2017.

  • Abstract:
    Hitag2 is an encryption algorithm designed by NXP Semiconductors that is used in electronic vehicle immobilizers and anti-theft devices. Hitag2 uses 48-bit keys for authentication and confidentiality, and due to that feature it is considered an insecure cipher. In this contribution we present a comparison of low cost technologies able to break a known protocol based on this cipher in a reasonable amount of time. Building on top of these solutions, it is possible to create an environment able to obtain Hitag2 keys in almost negligible time. The procedure can be easily expanded in order to consider other protocols based on the same cipher.

  • Keywords:


R. Durán Díaz, V. Gayoso Martínez, L. Hernández Encinas, and A. Martín Muñoz, “A study on the performance of secure elliptic curves for cryptographic purposes”, International Workshop on Computational Intelligence in Security for Information Systems (CISIS'16). International Joint Conference SOCO'16-CISIS'16-ICEUTE'16, M. Graña, J.M. López-Guede, O. Etxaniz, Á. Herrero, H. Quintián, E. Corchado (Eds.), ISBN: 978-3-319-47363-5. doi:10.1007/978-3-319-47364-2_64. Advances in Intelligent Systems and Computing 527, 658-667.
San Sebastián (Spain), october 19-21, 2016.

  • Abstract:
    Elliptic Curve Cryptography (ECC) is a branch of public-key cryptography based on the arithmetic of elliptic curves. In the short life of ECC, most standards have proposed curves defined over prime finite fields satisfying the curve equation in the short Weierstrass form. However, some researchers have started to propose as a securer alternative the use of Edwards and Montgomery elliptic curves, which could have an impact in current ECC deployments. This contribution evaluates the performance of the three types of elliptic curves using some of the examples provided by the initiative SafeCurves and a Java implementation developed by the authors, which allows us to offer some conclusions about this topic.

  • Keywords: Edwards curves, Elliptic Curve Cryptography, Java, Montgomery curves, point arithmetic, Weierstrass curves.


S. D. Cardell, A. Fúster. “Performance of the Cryptanalysis over the Shrinking Generator”, Advances in Intelligent Systems and Computing, Proceedings of the 8th International Joint Conference CISIS’15 and ICEUTE’15, Burgos, Spain, June 15–17, 2015. Álvaro Herrero et al. (Eds.), 369, pp. 111-121, 2015. ISBN: 978-3-319-19712-8.

  • Abstract:
    The shrinking generator is a decimation-based nonlinear sequence generator with cryptographic application. Its output sequence can be modelled as one of the sequences generated by a linear cellular automata. Taking advantage of this linear structure, in this work a cryptanalysis of the shrinking generator has been introduced. The algorithm here developed recovers the secret key of the shrinking generator.

  • Keywords: Shrinking generator, Cellular automata, Linearity, Security, Cryptanalysis.


S. D. Cardell, A. Fúster-Sabater. “Modelling the MSSG in Terms of Cellular Automata”, doi:10.1007/978-3-319-42085-1 40, Proceedings of the 16th International Conference on Computational Science and Its Applications, ICCSA 2016, Beijing, China, July 4-7, 2016. Gervasi O. et al. (Eds.): ICCSA 2016, Part I, LNCS 9786, pp. 514-520, 2016. ISBN: 978-3-319-42084-4.

  • Abstract:
    The modified self-shrinking generator is a non-linear cryptographic sequence generator designed to be used in hardware implementations. In this work, the output sequence of such a generator is obtained as one of the output sequences of a linear model based on Cellular Automata. Although irregularly decimated generators have been conceived and designed as non-linear sequence generators, in practice they can be easy modelled in terms of simple linear structures.

  • Keywords: Modified self-shrinking generator, cellular automata, rule 102, rule 60, stream cipher, cryptography.


S. D. Cardell, A. Fúster-Sabater. “The modified self-shrinking generator via the generalized self-shrinking generator”, Proceedings of the 16th International Conference on Computational and Mathematical Methods in Science and Engineering, CMMSE 2016, Costa Ballena (Rota), Cadiz, Spain, July 4-8, 2016. J. Vigo-Aguiar. (Ed): CMMSE 2016, pp. 326-328, 2016. ISBN: 978-84-608-6082-2.

  • Abstract:
    In this work, we propose a cryptanalysis of the nonlinear sequence generator called the shrinking generator. The output sequence of this cryptographic generator, the shrunken sequence, can be modelled as one of the output sequences of linear cellular automata (CA). The shrunken sequence and the other sequences generated by the CA can be reduced to a combination of PNsequences generated by the same characteristic polynomial. Therefore, all these PN-sequences are the same but shifted. We propose an efficient cryptanalysis that takes advantage of the linearity of these PN-sequences and the CA.

  • Keywords: Shrinking generator, Shrunken sequence, Cryptanalysis, Characteristic polynomial.


S. D. Cardell, A. Fúster-Sabater. “Linear models for the modified self-shrinking generator”, Extended Abstracts of the 16th International Conference on Computer Aided Systems Theory, EUROCAST 2017, Las Palmas de Gran Canaria, Canary Islands, Spain, February 19-24, 2017. R. Moreno-Díaz et al. (Eds.): EUROCAST 2017, pp. 9-11, 2017. ISBN: 978-84-617-8087-7.

  • Abstract:
    Decimation was introduced in order to break the linearity of the m-sequences generated by LFSRs. However, in this work we see that the sequence generated by a modified self-shrinking generator (MSS-sequence) can be modelled as the output sequence of two different linear structures: one based on linear cellular automata (CA) and the other one based on linear difference equations. Previous results imply that MSS-sequences are sensitive to suffer a cryptanalysis that takes advantage of their linearity.

  • Keywords: Modified self-shrinking generator, linear cellular automata, linear difference equation, stream cipher.


Sara D. Cardell and Amparo Fúster-Sabater. “The modified self-shrinking generator via the generalized self-shrinking generator”. Proceedings of the 16th International Conference on Computational and Mathematical Methods in Science and Engineering, CMMSE 2016, 4-8 Julio, 2016, pp. 326-328. ISBN: 978-84-608-6082-2.

  • Abstract:
    The modified self-shrinking generator was recently designed for stream cipher applications. This cryptographic keystream generator is a new and improved version of the self-shrinking generator. However, it is possible to see that the sequences produced by both generators are also obtained as output sequences of the generalized self-shrinking generator.

  • Keywords: Modified self-shrinking generator, generalized self-shrinking generator, characteristic polynomial.


Sara D. Cardell and Amparo Fúster-Sabater, "O gerador self-shrinking modificado via o gerador self-shrinking generalizado", Anais da V Jornada da Informação, 13-14 de octubre de 2016, São José do Rio Preto-SP, 2 pp.

  • Abstract:
    O gerador self-shrinking modificado foi criado recentemente para aplicaçoes de cifras de fluxo. Este gerador de sequências cifrantes é uma versão nova e melhorada do gerador self-shrinking. Entretanto, podemos provar que as sequências produzidas por ambos os geradores podem ser obtidas como sequências de saída do gerador self-shrinking generalizado.

  • Keywords:


S. D. Cardell and Amparo Fúster-Sabater, “Modelización lineal de generadores de secuencias basados en decimación”, Actas del Congreso Iberoamericano de Seguridad Informática, 102-107, 10-12 de noviembre de 2015, Quito, 2015.

  • Abstract:
    Entre los generadores de secuencia basados en decimación se encuentra el generador auto-shrinking, un generador criptográfico no lineal de secuencia binaria que se utiliza principalmente en aplicaciones de cifrado en flujo para protección de la información. En este trabajo, la secuencia de salida de dicho generador, llamada secuencia auto-shrunken, se puede obtener como una de las secuencias de salida de un modelo lineal basado en autómatas celulares. Estos autómatas son lineales, uniformes, nulos y usan la ley 60 como función de transición. La linealidad de estas estructuras puede aprovecharse ventajosamente para llevar a cabo un criptoanálisis del generador auto-shrinking.

  • Keywords: Generador auto-shrinking, secuencia auto-shrunken, autómata celular, ley 60, cifrado en flujo, criptografía


Sara D. Cardell and Amparo Fúster-Sabater, "A Simple Linearisation of the Self-shrinking Generator", R. Moreno-Díaz, F.Pichler and A. Quesada-Arencibia (Eds.), Computer Aided Systems Theory (EUROCAST 2015), Lecture Notes in Computer Science 9520, 10-17 (2015), doi:10.1007/978-3-319-27340-2_2 2, 8-13 de febrero de 2015, Las Palmas de Gran Canaria.

  • Abstract:
    Nowadays stream ciphers are the fastest among the encryption procedures, thus they are performed in many practical applications. Irregularly decimated generators are very simple sequence generators to be used as keystream generators in stream ciphers. In this paper, a linearisation method for the self-shrinking generator has been developed. The proposal defines linear structures based on cellular automata (rules 102 or 60) able to generate the self-shrunken sequence. The obtained cellular automata are simple, easy to be implemented and can be extended to other sequence generators in a range of cryptographic interest.

  • Keywords: Self-shrinking generator, Self-shrunken sequence, Cellular automata, Rule 102, Rule 60, Stream cipher, Cryptography.


V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz, O. Martínez-Graullera, J. Villazón-Terrazas, “A comparison of computer-based technologies suitable for cryptographic attacks”, International Workshop on Computational Intelligence in Security for Information Systems (CISIS'16). International Joint Conference SOCO'16-CISIS'16-ICEUTE'16, M. Graña, J.M. López-Guede, O. Etxaniz, Á. Herrero, H. Quintián, E. Corchado (Eds.), ISBN: 978-3-319-47363-5.
Advances in Intelligent Systems and Computing 527, 622-630.
San Sebastián (Spain), October 19-21, 2016. doi:10.1007/978-3-319-47364-2_60.

  • Abstract:
    Developed initially for tasks related to computer graphics, GPUs are increasingly being used for general purpose processing, including scientific and engineering applications. In this contribution, we have analysed the performance of three graphics cards that belong to the parallel computing CUDA platform with two C++ and Java multi-threading implementations, using as an example of computation a brute-force attack on KeeLoq, one of the best known remote keyless entry applications. As it was expected, these implementations are not able to break algorithms with 64-bit keys, but the results allow us to provide valuable information regarding the compared capabilities of the tested platforms.

  • Keywords: Cryptography, CUDA, C++, Encryption, Java, OpenMP.


V. Gayoso Martínez, F. Hernández Álvarez, L. Hernández Encinas, C. Sánchez Ávila, “A new edit distance for fuzzy hashing applications”, The 2015 International Conference on Security and Management (SAM’15), Worldcomp 2015, Proc. 326–332, K. Daimi and H.R. Arabnia (Eds.), ISBN 1-60132-412-X, Las Vegas (USA), July 2015.

  • Abstract:
    Similarity preserving hashing applications, also known as fuzzy hashing functions, help to analyse the content of digital devices by performing a resemblance comparison between different files. In practice, the similarity matching procedure is a two-step process, where first a signature associated to the files under comparison is generated, and then a comparison of the signatures themselves is performed. Even though ssdeep is the best-known application in this field, the edit distance algorithm that ssdeep uses for performing the signature comparison is not well-suited for certain scenarios. In this contribution we present a new edit distance algorithm that better reflects the similarity of two strings, and that can be used by fuzzy hashing applications in order to improve their results.

  • Keywords: Edit distance, fuzzy hashing, similarity preserving hashing.


V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz, M. A. Álvarez Mariño, “A Java Implementation of a Multisignature Scheme”, The 2015 International Conference on Security and Management (SAM’15), Worldcomp 2015, Proc. 333–339, K. Daimi and H.R. Arabnia (Eds.), ISBN 1-60132-412-X, Las Vegas (USA), July 2015.

  • Abstract:
    Multisignature protocols are digital signature schemes that allow a group of users to sign a message so that the signature thus produced is valid only if all the members of the group participate in the signature process. In general, these schemes need the collaboration of a Trusted Third Party, which computes and securely stores some of the parameters associated to the scheme. In this work, we present our results and conclusions after implementing as a Java application a multisignature scheme based on the Integer Factorization Problem and the Subgroup Discrete Logarithm Problem.

  • Keywords: Digital Authentication, Java, Multisignatures.


Congresos nacionales:

S. D. Cardell, A. Fúster Sabater. “Linealización del generador auto-shrinking a través de autómatas celulares”. Libro de resúmenes de Conferencias y Pósteres del Congreso bienal RSME, 2015. Sesión S16 Matemáticas de la Teoría de la Información, pp. 107-108, Granada, 2–6 de Febrero de 2015.

  • Abstract:
    Algunos autómatas celulares de una dimensión generan exactamente las mismas PN-secuencias que un LFSR de longitud máxima. Por lo tanto, un autómata celular puede ser considerado como un generador alternativo a estos LFSRs. Además, algunos generadores de secuencias cifrantes pueden ser modelizados como estructuras lineales basadas en autómatas celulares lineales. En este trabajo, modelizamos el generador auto-shrinking usando la regla 102.

  • Keywords: Generador auto-shrinking, automata cellular, ley 102, cifrado en flujo.


S. D. Cardell, A. Fúster Sabater. “Modelos lineales basados en CA para las secuencias auto-shrinking”. Actas de la XIV Reunión Española sobre Criptología y Seguridad de la Información, RECSI XIV, 2016. Pep Lluís Ferrer Gomila, M. Francisca Hinarejos Campos (Eds): pp. 30-35, Maó, Menorca, Illes Balears, 26–28 Octubre 2016. ISBN: 978-84-608-9470-4.

  • Abstract:
    El generador de secuencias cifrante, denominado generador auto-shrinking modificado, ha sido recientemente diseñado como una nueva versión mejorada del generador auto-shrinking. Aprovechando las ventajas criptográficas de la clase de generadores basados en decimación irregular, este generador fue creado básicamente para su uso en aplicaciones de cifrado en flujo e implementaciones hardware. En este trabajo, se muestra cómo las secuencias obtenidas a partir de este generador forman parte de la familia de secuencias producidas por otro generador, que también utiliza la decimación irregular, el generador auto-shrinking generalizado. Al mismo tiempo, las secuencias producidas por ambos generadores pueden asimismo obtenerse por medio de un modelo lineal basado en autómatas celulares. De este modo, la linealidad de estas estructuras celulares puede aplicarse a la recuperación completa de las secuencias criptográficas, dada una cierta cantidad de bits interceptados.

  • Keywords: Generador auto-shrinking generalizado, Secuencia auto-shrunken generalizada, Generador auto-shrinking modificado, Secuencia auto-shrunken modificada, Autómata Celular.


Raúl Durán Díaz, Víctor Gayoso Martínez, Luis Hernández Encinas, “Generación de primos demostrables: implementación y resultados”, XIV Reunión Española de Criptología y Seguridad de la Información (RECSI 2016). Actas 58-63-46, P.L. Ferrer Gomila y M.F. Hinarejos Campos (Eds.), ISBN: 978-84-608-9470-4, Mahón, octubre 26-28, 2016.

  • Abstract:
    En este trabajo se presentan los resultados derivados de la implementación real del método de Maurer para obtener primos demostrables de tamaños grandes. Se resumen las experiencias adquiridas a lo largo del proceso y se muestran los resultados de la experimentación. El método funciona correctamente pero ciertas dificultades de implementación provocan que el porcentaje de primos alcanzables para un tamaño fijado sea excesivamente pequeño lo que podría justificar su poco extendido uso.

  • Keywords: Generación de primos; Primos demostrables; Tests de primalidad.


A.B. Orúe, A. Fúster, V. Fernández, F. Montoya, L.Hernández, A. Martín, “Herramientas visuales usadas en criptografía caótica útiles para el análisis de secuencias pseudoaleatorias”, XIV Reunión Española de Criptología y Seguridad de la Información (RECSI 2016). Actas 180-185, P.L. Ferrer Gomila y M.F. Hinarejos Campos (Eds.), ISBN: 978-84-608-9470-4, Mahón, octubre 26-28, 2016.

  • Abstract:
    En este artículo se presentan tres herramientas gráficas muy utilizadas en el entorno de los sistemas dinámicos caóticos: el juego del caos, la aplicación de retorno y el exponente de Lyapunov, que pueden utilizarse igualmente en el proceso de validación de los generadores aleatorios y pseudoaleatorios. Específicamente se ilustra la utilidad de estos métodos como herramientas para el análisis de la calidad de varias secuencias pseudoaleatorias procedentes de cuatro generadores pseudoaleatorios conocidos, con vistas a su aplicación criptográfica.

  • Keywords: Criptografía, generadores pseudoaleatorios, pruebas de aleatoriedad visuales, sistemas dinámicos caóticos.


V. Gayoso Martínez, L. Hernández Encinas, A. Martín del Rey and R. Durán Díaz, “Análisis de los métodos de generación de curvas elípticas seguras”, Segundas Jornadas Nacionales de Investigación en Ciberseguridad (JNIC), Actas 87-93, ISBN: ISBN: 978-84-608-8070-7. Granada, Junio 2016.

  • Abstract:
    La criptografía basada en curvas elípticas fue propuesta hace 30 años, y desde entonces su popularidad y utilización han ido en aumento. Sin embargo, a pesar de la estandarización de diferentes protocolos y algoritmos para su aplicación en distintos escenarios (firmas digitales, cifrado de datos, factorización de números enteros, etc.) todavía existe un problema que limita su despliegue, y es el de la selección de la curva más adecuada para cada uso particular. En esta contribución se analizan las dos propuestas más completas disponibles actualmente relacionadas con la generación y selección de curvas elípticas seguras para su uso en aplicaciones de ciberseguridad: Brainpool y SafeCurves. La comparación realizada representa la primera fase de una investigación cuyo objetivo es determinar el conjunto de curvas más seguras y eficientes para su empleo en distintos tipos de dispositivos.

  • Keywords: Criptografía, Curvas elípticas, Brainpool, SafeCurves.


Lorena González Manzano, José María de Fuentes, V. Gayoso Martínez, "Aplicacion del cifrado con preservacion del formato para eventos de ciberseguridad", Primeras Jornadas Nacionales de Investigación en Ciberseguridad (JNIC), Actas 88-89, ISBN:978-84-9773-742-5. León, Septiembre 2015.

  • Abstract:
    La compartición de información sobre eventos de ciberseguridad presenta múltiples retos. Uno de ellos es la ocultación de la información transmitida, de forma que pase inadvertida a un observador. Además de la esteganografía, se han propuesto mecanismos de cifrado que persiguen un fin similar. Uno de ellos es el cifrado con preservación del formato (format preserving encryption). En este artículo se describe el trabajo en curso sobre su uso en el contexto de la ciberseguridad.

  • Keywords: Ciberseguridad, cifrado con preservación del formato, compartición de información.


V. Gayoso Martínez, L. Hernández Encinas, A. Martín Muñoz, J.M. de Fuentes, L. González Manzano, "Cifrado de datos con preservación del formato", Primeras Jornadas Nacionales de Investigación en Ciberseguridad (JNIC), Actas 110–115, ISBN: 978-84-9773-742-5. León, Septiembre 2015.

  • Abstract:
    En esta contribución se introducen las técnicas de cifrado con preservación del formato, las cuales tienen una importancia fundamental en el cifrado de bases de datos en las que, por motivos de compatibilidad, no se desea realizar modificaciones en el formato de los tipos de datos. De manera adicional, se presentan los detalles de implementación de uno de los algoritmos más conocidos sobre este tema, aportando un ejemplo completo de cifrado y descifrado que permitirá comprobar sus propias implementaciones al lector interesado.

  • Keywords: Ciberseguridad, cifrado con preservación del formato.


Actividades de Formación:

Conferencias y Divulgación científica:

A. Fúster Sabater, “Master en Ingeniería Matemática: Especialista en criptografía”, Facultad de C.C. Matemáticas, Universidad Complutense de Madrid. Madrid, mayo 2017.


A. Fúster Sabater, “XXVIII Curso de Especialidades Criptológicas”, Centro Nacional de Inteligencia (CNI), Madrid mayo-junio 2017.


A. Fúster Sabater, “Máster Propio en Ciberseguridad, II Edición”, Escuela Técnica Superior de Ingenierías Informática y de Telecomunicación, Universidad de Granada, Granada, octubre 2017.


A. Fúster Sabater, “Master en Ingeniería Matemática: Especialista en criptografía”, Facultad de C.C. Matemáticas, Universidad Complutense de Madrid. Madrid, mayo 2016.


A. Fúster Sabater, “XXVII Curso de Especialidades Criptológicas”, Centro Nacional de Inteligencia (CNI), Madrid mayo-junio 2016.


A. Fúster Sabater, “Máster Propio en Ciberseguridad, I Edición”, Escuela Técnica Superior de Ingenierías Informática y de Telecomunicación, Universidad de Granada, Granada, octubre 2016.


Tesis Doctorales:

Autenticación biométrica de usuarios a través del iris mediante la ocultación de claves y funciones resumen que preservan la similitud (Biometric authentication of users through iris by using key binding and similarity preserving hash functions)

  • Doctorando: Fernando Hernández Álvarez.
  • Directores: C. Sánchez Ávila y L. Hernández Encinas.
  • Calificación: Sobresaliente "cum laude".
  • Departamento de Matemática Aplicada a las Tecnologías de la Información, Escuela Técnica Superior de Ingenieros de Telecomunicaciones, Universidad Politécnica de Madrid, 2013.
  • Resumen