The document discusses the stream cipher ISSAC (Indirection, Shift, Accumulate, Add, and Count). ISSAC was designed by Robert Jenkins Jr. in 1996 as an improvement over RC4 by addressing biases and short cycles. It uses a 256-element state array that is initialized with a key then modified using indirection, accumulation, addition, and a counter to generate cryptographically secure pseudorandom numbers. The document covers ISSAC's design, cryptanalysis showing it remains secure, and applications for encryption where fast random number generation is needed.

1. Activity-ISAAC
Submitted By A18
Anoop Betigeri 2BV11CS014
Chaitra Besthar 2BV11CS024
Megha Byali 2BV11CS045
Radhika patil 2BV11CS073

2. WHAT IS STREAM CIPHER !!!
Key + Nounce =
Keystream
Plaintext Xor'd
With Keystream =
Ciphertext
Ciphertext Xor'd
With same
keystream=Plaintext

3. What is ISSAC is….
 ISSAC stands for Indirection, Shift,
Accumulate, Add, and Count.
 It is a cryptographically secure
pseudorandom number generator.
 It is stream cipher designed by Robert
J. Jenkins Jr in 1996.
 ISAAC is fast especially when
optimised and portable to most
architectures in nearly all
programming and scripting languages.

4. How ISSAC came up!!
● Based on the RC4 stream cipher
● Basic structure of RC4:
○ Starts with a 256-byte array, filled
with the golden ratio, then modified
with bytes of the key.
○ Each keystream bit modifies the
array

5. Issues addresssed
RC4 has a few issues, namely dealing with
bias.
● Some sequences are more likely to
occur than others- bias.
○ This is due to initialization of RC4 to
avoid short cycles: sequences that will
result in the keystream repeating earlier
than expected.
● First few bytes of the keystream are
significantly less random and give
information about the key.

6. How Expansion Happened!!
● Robert Jenkins produced a number of
ciphers attempting to expand on RC4
○ IA- gives values based on sum of
values in array rather than individual
values. Still prone to bias.
○ IBAA- adds an accumulator (rotating
value based off array value) to deal with
bias issues. Does not appear to have
bias, and short cycles are significantly
reduced from what would be expected in
RC4.

7. ISSAC origin
The IBAA implementation is taken by
Robert and he adds a counter
incremented once per call.
○ This removes any chance of short
cycles, as even if the sequence would
normally cycle, the counter is different
and thus the sequence is different.
○ Estimated cycle length is 2^8287
calls.

8. Operation..
 The ISAAC algorithm has similarities
with RC4.
 It uses an array of 256 four-octet integers as
the internal state, writing the results to
another 256 four-octet integer array, from
which they are read one at a time until empty,
at which point they are recomputed.
 The computation consists of altering i-element
with (i⊕128)-element, two elements
of the state array found by indirection, an
accumulator, and a counter, for all values of i
from 0 to 255.
 Since it only takes about 19 32-bit operations
for each 32-bit output word, it is very fast on
32-bit computers.

9. Cryptanalysis on ISSAC
 It has been undertaken by Marina
Pudovkina
 Her attack can recover the initial state
with a complexity that is approximated to
be less than the time needed for
searching through the square root of all
possible initial states.
 In practice this means that the attack
needs 4.67×10^1240 instead
of 10^2466. This result has had no
practical impact on the security of
ISAAC.

10. Cryptanalysis contd…
 In 2006 Jean-Philippe Aumasson discovered
several sets of weak states.
 It is not clear if an attacker can tell from just
the output whether the generator is in one of
these weak states or not.
 There was error in last attack made after
Aumason and the reason was errorneous
algorithm rather than the real ISAAC.
 An improved version of ISAAC is proposed,
called ISAAC+.

11. Practical usage..
Many implementations of ISAAC are so fast that they
can compete with other high speed PRNGs, even with
those designed primarily for speed not for security.
 Only a few other generators of such high quality and
speed exist in usage.
ISAAC is used in the Unix tool ”shred” to securely
overwrite data.
This makes it suitable for applications where a
significant amount of random data needs to be
produced quickly, such solving using the Monte Carlo
method or for games.

12. How It happens…
 The RNG should then be seeded with
the string "this is my secret key" and
finally the message "a Top Secret
secret" should be encrypted on that
key.
 Your program's output ciphertext will
be a string of hexadecimal digits.
 . Optional: Include a decryption check
by re-initializing ISAAC and
performing the same encryption pass
on the ciphertext.

13. Encryption method..
 Two encryption schemes are possible:
 XOR (Vernam)
 Caesar-shift mod 95
 Alternative sample view.
Message: a Top Secret secret
Key : this is my secret key
XOR :
1C0636190B1260233B35125F1E1D0E2F4C
542
MOD :
734270227D36772A783B4A5F20626623697
8
XOR dcr: a Top Secret secret
MOD dcr: a Top Secret secret

14. About Isaac
 No official seeding method for ISAAC has
been published, but for this task we may
as well just inject the bytes of our key into
the randrsl array, padding with zeroes
before mixing, like so.
 ISAAC can of course also be initialized
with a single 32-bit unsigned integer in the
manner of traditional RNGs, and indeed
used as such for research and gaming
purposes.

15. PROGRAM ELEMENTS …
1.MIX FUNCTION
Used with eight integers that will contain
traces of the key: designed to ensure
array
elements will not reflect key.
mix(a,b,c,d,e,f,g,h)
{
a^=b<<11; d+=a; b+=c;
b^=c>>2; e+=b; c+=d;
c^=d<<8; f+=c; d+=e;
d^=e>>16; g+=d; e+=f;
e^=f<<10; h+=e; f+=g;
f^=g>>4; a+=f; g+=h;
g^=h<<8; b+=g; h+=a;
h^=a>>9; c+=h; a+=b;
}

16. PROGRAM ELEMENTS..
2.INITIALIZATION 1
Loads eight elements of the key
into integers, runs the mix()
function to randomize them, then
loads them into eight elements of
the array. Repeats until key is
exhausted.
for (i=0; i<RANDSIZ; i+=8)
{
a+=r[i ]; b+=r[i+1]; c+=r[i+2];
d+=r[i+3];
e+=r[i+4]; f+=r[i+5]; g+=r[i+6];
h+=r[i+7];
mix(a,b,c,d,e,f,g,h);
m[i ]=a; m[i+1]=b; m[i+2]=c;
m[i+3]=d;
m[i+4]=e; m[i+5]=f; m[i+6]=g;
m[i+7]=h;
}

17. PROGRAM ELEMENTS-
3.INITIALIZATION 2
Routine then runs a second pass
to mix more thoroughly,
loading elements of the array
instead of elements of the key
into the integers this time.
for (i=0; i<RANDSIZ; i+=8)
{
a+=m[i ]; b+=m[i+1];
c+=m[i+2]; d+=m[i+3];
e+=m[i+4]; f+=m[i+5];
g+=m[i+6]; h+=m[i+7];
mix(a,b,c,d,e,f,g,h);
m[i ]=a; m[i+1]=b;
m[i+2]=c; m[i+3]=d;
m[i+4]=e; m[i+5]=f;
m[i+6]=g; m[i+7]=h;
}

18. Program Elements
4.Generation
The rngstep function is the main
function for the the ISAAC key
generator.
rngstep(mix,a,b,mm,m,m2,r,x){
x = *m;
a = (a^(mix)) + *(m2++);
*(m++) = y = ind(mm,x) + a + b;
*(r++) = b = ind(mm,y>>8) + x;
}
What this essentially does is
stores the current memory into a
register
set the new value of accumulator
set the next bit of memory to the
addition of the 2-9 bits of x or the
current memory with the
accumulator and previous result
Lastly the results array is
incremented and set to the addition
of x and the 10-17 bits of y bit
shifted right by 8

19. Program Elements
5. Main Loop 1
 b = ctx->randb + (++ctx-
>randc);
for (m = mm, mend = m2 =
m+(RANDSIZ/2); m<mend; )
{
rngstep( a<<13, a, b, mm, m,
m2, r, x);
rngstep( a>>6 , a, b, mm, m,
m2, r, x);
rngstep( a<<2 , a, b, mm, m,
m2, r, x);
rngstep( a>>16, a, b, mm, m,
m2, r, x);
}
 Adds the counter to element
B, then calls rngstep()
 function four times with
different bitshifts of A for
 the mix.

20. Program Elements:
6.Main Loop 2
 Second loop just
iterates with M2
going from first
element to mend,
calling rngstep
four times
eachiteration.
 Designed to
ensure that m2 is
at each array
index for at least
one rngstep.

21. ISSAC+
 To fix some of weaknesses, we modify
ISAAC’s algorithm,
 We call the corresponding pseudo-random
generator ISAAC+. The
modifications: we add ⊕a to avoid
the biases observed, perform rotations
(symbols ≪, ≫) instead of shifts, so as
to get more diffusion from the state
bits, and replace an addition by a XOR
to reduce the linearity

22. CONCLUSION and FUTURE PLAN
 Its possible to understand the
thoroughly as stream cipher was
introduced in course.
 ISSAC applications in real life can be
mapped with the learnt concept.
 Its implementation can also be made
easily using C

23. “For every lock there is a Key…
It is better to KEEP SAFE YOUR LOCK THAN THE KEY”