Analyzing SNOW and ZUC Security Algorithms Using NIST SP 800-22 and Enhancing their Randomness
Confidentiality and Integrity algorithms are based on SNOW / ZUC stream cipher algorithms. These standardized algorithms are designed by the 3rd Generation Partnership Project (3GPP) for advanced mobile communication systems (4G-LTE Advanced, LTE Advanced Pro, and 5G-Next Generation). In this paper, twenty configurations of SNOW/ZUC algorithms are studied and analyzed to select the one with the best randomness properties. Each configuration has two different S-boxes in the Finite State Machine (FSM) layer of the SNOW algorithm and Nonlinear Function (NLF) layer of the ZUC algorithm. The two S-boxes are selected from the best five S-boxes published in kinds of literature (Rijndael, Dickson, Feistel structure, New Rijndael, and Improved New Rijndael S-boxes). The NIST SP 800-22 statistical test suite involves 15 tests that are used to assess the randomness properties of each configuration. A complete simulation of each configuration SNOW/ZUC with two different S-boxes is applied using C- language. Test results showed that the best pair arrangement of S-boxes in the SNOW algorithm is the configuration (Feistel structure - Rijndael S-boxes) although the standard configuration by 3GPP is (Rijndael - Dickson S-boxes). Also, the best configuration in the ZUC algorithm is (New Rijndael - Rijndael S-boxes) although the standard configuration by 3GPP is (Feistel structure - New Rijndael S-boxes). The best configurations passed all the NIST SP 800-22 suite randomness tests successfully.
3GPP TS 35.501, Third Generation Partnership Project, Technical Specification Group Services and System Aspects, Security architecture and procedures for 5G system, March 2020.
3GPP TS 35.401, Third Generation Partnership Project, Technical Specification Group Services and System Aspects, 3GPP System Architecture Evolution (SAE), and security architecture for 4G, March 2020.
3GPP TS 35.216, Specification of the 3GPP Confidentiality and Integrity algorithms UEA2 and UIA2, Document 2: SNOW 3G specification, June 2018.
3GPP TS 35.222, Specification of the 3GPP Confidentiality and Integrity algorithms EEA3 and EIA3, Document 2: ZUC specification, June 2018.
Patrick Bohm, ‘Statistical Evaluation of Stream Cipher SNOW 3G’, In Constantin Brancusi University of Targu Jiu Engineering Faculty Scientific Conference with international participation, 13th edition, pp. 363–366, Targu Jiu, 7–8 Nov., 2008.
Mahdi Madani, Ilyas Benkhaddra, Camel Tanougast, Salim Chitroub, and Loic Sieler, ‘FPGA Implementation of an enhanced SNOW-3G Stream Cipher based on a Hyper-Chaotic System’, In the 4th international conference on Control, Decision and Information Technologies, IEEE, pp. 1168–1173, Barcelona, Spain, 5–7 April 2017.
Mahdi Madani, Ilyas Benkhaddra, Camel Tanougast, Salim Chitroub, and Loic Sieler, ‘Digital Implementation of an Improved LTE Stream Cipher Snow-3G Based on Hyperchaotic PRNG’, Security and Communication Networks, Wiley and Hindawi, 15 pages, 2017.
Mahdi Madani, Ilyas Benkhaddra, Camel Tanougast, Salim Chitroub, and Loic Sieler, ‘Enhanced ZUC Stream Cipher Based on a Hyperchaotic Controller System’, In the Euromicro Conference on Digital System Design (DSD), Vienna, Austria, 30 Aug.–1 Sept.2017.
Aleksandar Kircanski and Amr M. Youssef, ‘On the sliding property of SNOW 3G and SNOW 2.0’, IET Information Security, Vol. 5(4), pp. 199–206, 2011.
3GPP TS 35.919, Specification of the 3GPP Confidentiality and Integrity algorithms UEA2 and UIA2, Document 5: Design and Evaluation report, June 2018.
Alex Biryukov, Deike Priemuth-Schmid, and Bin Zhang, ‘Fault Analysis of the Stream Cipher Snow 3G’, In 6th
International Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), IEEE, pp. 103–110, Lausanne, Switzerland, Sept., 2010.
Alex Biryukov, Deike Priemuth-Schmid, and Bin Zhang: “A Timing Attack on SNOW 3G,” In International Conference on Information and Communications Security, pp. 171–185, Spain, Dec., 2010.
Alex Biryukov, Deike Priemuth-Schmid, and Bin Zhang, ‘Multiset Collision Attacks on Reduced-Round SNOW 3G and SNOW 3G⊕
’, In International Conference on Applied Cryptography and Network Security, pp. 191–198, China, Dec., 2010.
Mohammad Sadegh Nemati Nia and Malek e Ashtar, ‘Improved Heuristic guess and determine attack on SNOW 3G stream cipher’, In 7th International Symposium on Telecommunications (IST), IEEE, pp. 972–976, Iran, Sept., 2014.
Mufeed Juma AlMashrafi, ‘A different algebraic analysis of the ZUC stream cipher’, In Proceedings of the 4th International Conference on Security of Information and Networks (SIN), pp. 191–198, Australia, Nov., 2011.
3GPP TR 35.924, Specification of the 3GPP Confidentiality and Integrity Algorithms EEA3 & EIA3, Document 4: Design and Evaluation report, June 2018.
Wu Hongjun, Huang Tao, Ha.Nguyen Phuong, Wang Huaxiong, and Ling San, ‘Differential Attacks against Stream Cipher ZUC’, In 18th International Conference on the Theory and Application of Cryptology and Information Security, Springer, pp. 262–277, China, 2–6 Dec., 2012.
National Institute of Standards and Technology, A statistical test suite for random and pseudorandom number generators for cryptographic applications, NIST Special publication 800-22, April 2010.
Carmina Georgescu, Emil Simion, Alina Petrescu Nita, Antonela Toma, ‘A view on NIST randomness tests independence’, Proc. 9th International Conference on Electronics, Computers, and Artificial Intelligence, IEEE, Romania, 29 June–1 July 2017.
Jie Cui, Hong Zhong, Jiankai Wang, Runhua Shi, ‘Generation and optimization of Rijndael S-box equation system’, Information Technology Journal, Vol. 13(15), pp. 2482–2488, 2014.
Jie Cui, Liusheng Huang, Hong Zhong, Chinchen Chang, Wei Yang: ‘An improved AES S-box and its performance analysis’, International Journal of Innovative Computing, Information, and Control, Vol. 75(A), pp. 2291–2302, 2011.
3GPP TS 35.217, Specification of the 3GPP Confidentiality and Integrity algorithms UEA2 and UIA2, Document 3: Implementer test data, June 2018.
3GPP TS 35.223, Specification of the 3GPP Confidentiality and Integrity algorithms EEA3 & EIA3, Document 3: Implementer test data, June 2018.
Copyright (c) 2020 Journal of Cyber Security and Mobility
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.