My research interests lie in the field of information security and include:
- Cryptology, especially design and cryptanalysis of symmetric-key ciphers
- Malicious software (malware) analysis
- Software copy protection and digital watermarking
- Network security
- Digital forensics and investigation
I am the co-ordinator of the Information Security Research Group (ISRG).
- F. Mirza and S. Murphy, “An Observation on the Key Schedule of Twofish”, 2nd Advanced Encryption Standard (AES) Workshop Proceedings, Rome, 1999. [slides from my presentation at the University of Bergen, Norway]
The 16-byte block cipher Twofish was proposed as a candidate for the Advanced Encryption Standard (AES). This paper notes the following two properties of the Twofish key schedule. Firstly, there is a non-uniform distribution of 16-byte whitening subkeys. Secondly, in a reduced (fixed Feistel round function) Twofish with an 8-byte key, there is a non-uniform distribution of any 8-byte round subkey. An example of two distinct 8-byte keys giving the same round subkey is given.
- S. R. Blackburn, K. Brincat, F. Mirza, and S. Murphy, “Cryptanalysis of ‘Labyrinth’ Stream Cipher”, IEE Electronics Letters, 38(12):1220-1221, 1998.
The paper cryptanalyses the stream cipher Labyrinth, a cipher recently proposed by Bo Lin and Simon Shepherd. Given only 230 known bits of keystream, the 119-bit key of Labyrinth is recovered in under a second of computation using a DEC Alpha.
- F. Mirza, “Block Ciphers and Cryptanalysis”, March 1998.
This report gives a basic introduction to block cipher design and analysis. The concepts and design principles of block ciphers are explained, particularly the class of block ciphers known as Feistel ciphers. Some modern block cipher cryptanalysis methods are demonstrated by applying them to variants of a weak Feistel cipher called Simplified TEA (STEA), which is based on the Tiny Encryption Algorithm (TEA).
- F. Mirza, “Linear and S-Box Pairs Cryptanalysis of the Data Encryption Standard”, April 1997.
DES was developed by IBM in the early 1970's, and is currently the most widely-used data encryption algorithm. However, for over 12 years since its standardisation in 1977, nobody had found a method of breaking DES. Now, 20 years later, there are three published methods of finding the key in less time than exhaustive key-search. In this report, we provide descriptions of DES and two of the most recent attacks on DES. We will show how DES can be implemented in the C programming language, and optimised to run efficiently on 32-bit computers. We also implement algorithms from the two cryptanalysis methods, and provide experimental proof that the attacks work.