Visible to the public Theoretical Cryptography 2015

SoS Newsletter- Advanced Book Block


SoS Logo

Theoretical Cryptography


Cryptography can only exist if there is a mathematical hardness to it so constructed as to be able to maintain a desired functionality, even under malicious attempts to change or destroy the prescribed functionality. Hence, the foundations of theoretical cryptography are the paradigms, approaches, and techniques used to conceptualize, define, and provide solutions to natural security concerns mathematically using probability-based definitions, various constructions, complexity theoretic primitives, and proofs of security. Research into theoretical cryptography addresses the question of how to get from X to Z without allowing the adversary to go backwards from Z to X. The work presented here covers a range of approaches and methods, including block ciphers, random grids, obfuscation, and provable security. The work cited here was presented in 2015.

Martins, P.; Sousa, L.; Eynard, J.; Bajard, J.-C., “Programmable RNS Lattice-Based Parallel Cryptographic Decryption,” in Application-specific Systems, Architectures and Processors (ASAP), 2015 IEEE 26th International Conference on, vol., no.,
pp. 149–153, 27–29 July 2015. doi:10.1109/ASAP.2015.7245723
Abstract: Should quantum computing become viable, current public-key cryptographic schemes will no longer be valid. Since cryptosystems take many years to mature, research on post-quantum cryptography is now more important than ever. Herein, lattice-based cryptography is focused on, as an alternative post-quantum cryptosystem, to improve its efficiency. We put together several theoretical developments so as to produce an efficient implementation that solves the Closest Vector Problem (CVP) on Goldreich-Goldwasser-Halevi (GGH)-like cryptosystems based on the Residue Number System (RNS). We were able to produce speed-ups of up to 5.9 and 11.2 on the GTX 780 Ti and i7 4770K devices, respectively, when compared to a single-core optimized implementation. Finally, we show that the proposed implementation is a competitive alternative to the Rivest-Shamir-Adleman (RSA).
Keywords: lattice theory; public key cryptography; quantum computing; quantum cryptography; residue number systems; vectors; CVP; GGH-like cryptosystems; GTX 780 Ti devices; Goldreich-Goldwasser-Halevi-like cryptosystems; closest vector problem; i7 4770K devices; lattice-based cryptography; post-quantum cryptography; programmable RNS lattice-based parallel cryptographic decryption; public-key cryptographic schemes; residue number system; Graphics processing units; Lattices; Parallel processing; Public key cryptography; Random access memory; Zinc (ID#: 15-7227)


Koziol, Fryderyk; Borowik, Grzegorz; Wozniak, Marcin; Chaczko, Zenon, “Toward Dynamic Signal Coding for Safe Communication Technology,” in Computer Aided System Engineering (APCASE), 2015 Asia-Pacific Conference on, vol., no.,
pp. 246–251, 14–16 July 2015. doi:10.1109/APCASE.2015.50
Abstract: This paper gives a theoretical background to dynamic generation of primitive polynomials, their usage in many fields including cryptography for a mobile communication systems. Presented polynomials and their generation over a Galois field is discussed. Additionally, the basic properties and arithmetic methods over finite fields of characteristic 3 are presented. The main objective of this paper is to outline the mathematical background for design and implementation for dynamic coding in mobile communication technology widely applied in telephones, computers and any device communicating over TCP/IP protocol.
Keywords: Ciphers; Encryption; Generators; Polynomials; Registers; dynamic coding; encryption; stream ciphers (ID#: 15-7228)


Chaohui Du; Guoqiang Bai, “Towards Efficient Discrete Gaussian Sampling for Lattice-Based Cryptography,” in Field Programmable Logic and Applications (FPL), 2015 25th International Conference on, vol., no., pp. 1–6, 2–4 Sept. 2015. doi:10.1109/FPL.2015.7293949
Abstract: Modern lattice-based public key cryptosystems usually require sampling from discrete Gaussian distributions. In this paper, we propose a novel implementation of cumulative distribution function (CDF) inversion sampler with high precision and large tail bound. It has maximum statistical distance of 2−90 to a theoretical discrete Gaussian distribution. Our CDF inversion sampler exploits piecewise comparison to save more than 90% random bits and reduce the required large comparators to two small comparators. We speed up the sampler by using a small lookup table, and the hit rate of the lookup table is as high as 94%. With these optimizations, our sampler takes on average 9.44 random bits and 2.28 clock cycles to generate a sample. It consumes 1 block RAM and 17 slices on a Spartan-6 FPGA. With additional 13 slices, our sampler is able to generate n samples within around 1.14n clock cycles.
Keywords: FPGA; Ring-LWE; discrete Gaussian sampler; inverse CDF; lattice-based cryptography; learning with errors
(ID#: 15-7229)


Chen, Dajiang; Jiang, Shaoquan; Qin, Zhiguang, “Message Authentication Code over a Wiretap Channel,” in Information Theory (ISIT), 2015 IEEE International Symposium on, vol., no., pp. 2301–2305, 14–19 June 2015. doi:10.1109/ISIT.2015.7282866
Abstract: Message Authentication Code (MAC) is a keyed function fK such that when Alice, who shares the secret K with Bob, sends fK(M) to the latter, Bob will be assured of the integrity and authenticity of M. Traditionally, it is assumed that the channel is noiseless. Unfortunately, Maurer showed that in this case an attacker can succeed with probability equation after authenticating ∓ messages, where H(K) is the entropy of K. In this paper, we consider the setting where the channel is noisy. Specifically, Alice and Bob are connected by a discrete memoryless channel (DMC) W1 and a noiseless but insecure channel. In addition, there is a DMC W2 between Alice and attacker Oscar. We regard the noisy channel as an expensive resource and define the authentication rate ρauth as the ratio of message length to the number n of channel W1 uses. The security of this model depends on the channel coding for fK(M). A natural coding scheme is to use the secrecy capacity achieving code of Csiszár and Körner. Intuitively, this is also the optimal strategy. However, we propose a coding scheme that achieves a higher ρauth. Our crucial point is that under a secrecy capacity code, Bob can fully recover fK(M) while in our model this is not necessary as we only need to detect the existence of the modification. How to detect the malicious modification without recovering fK(M) is the main contribution of this work. We achieve this through random coding techniques.
Keywords: Authentication; Channel coding; Computational modeling; Cryptography; Message authentication; Noise measurement; information theoretical security; wiretap channel (ID#: 15-7230)


Shu-Di Bao; Yang Lu; Yan-Kai Yang; Chun-Yan Wang; Meng Chen; Guang-Zhong Yang, “A Data Partitioning and Scrambling Method to Secure Cloud Storage with Healthcare Applications,” in Communications (ICC), 2015 IEEE International Conference on, vol., no., pp. 478–482, 8–12 June 2015. doi:10.1109/ICC.2015.7248367
Abstract: With increasing use of cloud storage for healthcare applications, potential security risks and the need for enhanced security solutions are becoming a pressing issue for clinical adoption. In this paper, a data partitioning and scrambling method at the application layer is proposed for healthcare data, where a tiny part of the original data is used to scramble the remaining data without any cryptographic key, and the former is kept locally while the latter under extra protection is sent to cloud platforms. Theoretical and experimental analyses have been carried out to demonstrate the security performance of the proposed method, which can be easily deployed in any existing communication systems as an add-on for security.
Keywords: cloud computing; cryptography; health care; security of data; cloud storage; data partitioning and scrambling method; healthcare; Cloud computing; Databases; Encryption; Medical services; Wireless communication; Wireless sensor networks; Healthcare; cloud; data partitioning; data scrambling (ID#: 15- 7231)


Liwei Zhang; Ding, A.A.; Yunsi Fei; Pei Luo, “Efficient 2nd-Order Power Analysis on Masked Devices Utilizing Multiple Leakage,” in Hardware Oriented Security and Trust (HOST), 2015 IEEE International Symposium on, vol., no., pp. 118–123,
5–7 May 2015. doi:10.1109/HST.2015.7140249
Abstract: A common algorithm-level effective countermeasure against side-channel attacks is random masking. However, second-order attack can break first-order masked devices by utilizing power values at two time points. Normally 2nd-order attacks require the exact temporal locations of the two leakage points. Without profiling, the attacker may only have an educated guessing window of size nw for each potential leakage point. An attack with exhaustive search over combinations of the two leakage points will lead to computational complexity of O(n2w). Waddle and Wagner introduced FFT-based attack with a complexity of O(nw log(nw)) in CHES 2004 [1]. Recently Belgarric et al. proposed five preprocessing techniques using time-frequency conversion tools basing on FFT in [2]. We propose a novel efficient 2nd-order power analysis attack, which pre-processes power traces with FFT to find multiple candidate leakage point pairs and then combines the attacks at multiple candidate pairs into one single attack. We derive the theoretical conditions for two different combination methods to be successful. The resulting attacks retain computational complexity of O(nw log(nw)) and are applied on two data sets, one set of power measurements of an FPGA implementation of masked AES scheme and the other set of measurements from DPA Contest V4 for a software implementation of masked AES. Our attacks improve over the previous FFT-based attacks, particularly when the window size nw is large. Each of the two attacks works better respectively on different data sets, confirming the theoretical conditions.
Keywords: computational complexity; cryptography; fast Fourier transforms; AES scheme; DPA contest V4; FFT-based attack; FPGA implementation; O(n2w); computational complexity; exhaustive search; first-order masked devices; novel efficient 2nd-order power analysis attack; random masking; second-order attack; side-channel attacks; time-frequency conversion tools; Computational complexity; Correlation; Hardware; Noise; Power measurement; Security; Software; Maximum attack; majority vote attack; statistical model (ID#: 15-7232)


Tena-Sánchez, E.; Acosta, A.J., “DPA Vulnerability Analysis on Trivium Stream Cipher Using an Optimized Power Model,” in Circuits and Systems (ISCAS), 2015 IEEE International Symposium on, vol., no., pp. 1846–1849, 24–27 May 2015. doi:10.1109/ISCAS.2015.7169016
Abstract: In this paper, a Differential Power Analysis (DPA) vulnerability analysis on Trivium stream cipher is presented. Compared to the two previously presented DPA attacks on Trivium, we retrieve the whole key without making any hypothesis during the attack. An optimized power model is proposed allowing the power trace acquisition without making any algorithmic-noise removement thus simplifying the attack strategy considerably. The theoretical vulnerability analysis is presented and then checked developing a simulation-based DPA attack on a standard CMOS Trivium implementation in a 90nm TSMC technology. The results show that our attack is successful for random keys, saving in computer resources and time respecting to previously-reported attacks. The attack is independent on technology used for the implementation of Trivium and can be used to measure the security of novel Trivium implementations.
Keywords: CMOS integrated circuits; cryptography; 90nm TSMC technology; DPA vulnerability analysis; Trivium stream cipher; differential power analysis vulnerability analysis; optimized power model; power trace acquisition; random keys; simulation-based DPA attack; standard CMOS Trivium implementation; Algorithm design and analysis; Ciphers; Logic gates; Mathematical model; Power demand; Power measurement (ID#: 15-7233)


Hassan, Firas; Limbird, Michael; Ullagaddi, Vishwanath; Devabhaktuni, Vijay, “A New Image Stream Encryption Technique,” in Circuits and Systems (MWSCAS), 2015 IEEE 58th International Midwest Symposium on, vol., no., pp. 1–4, 2–5 Aug. 2015. doi:10.1109/MWSCAS.2015.7282064
Abstract: This paper introduces a self-synchronous stream cipher with a considerable key space. In the proposed technique, the parity bit plane of a public image is used to encrypt the message. Simulation results showed that the histogram of the ciphered image is uniform representing almost equivalent probability of occurrence of each intensity level. The entropy of the ciphered image is almost equal to the theoretical value of 8, indicating that the information leakage in the proposed encryption process is negligible. The correlation coefficients of the ciphered image prove that there exists almost zero correlation between its pixels. The simulation results also showed that the proposed technique is highly sensitive to the four different parts of its password. Also, the plain-text attack analysis gave NPCR and UACI values that are close to ideal. The proposed technique is computationally simpler than other image encryption techniques in the literature. Finally, a high PSMSE of 83 dB in the decoded image was achieved at a ciphered bit error rate of 10−4. Therefore, the proposed stream cipher can be efficiently used in real time multimedia and wireless applications.
Keywords: Adaptive optics; Correlation coefficient; Cryptography; Histograms; Optical imaging; Optical sensors; Real-time systems (ID#: 15-7234)


Hui Peng; Xiaoying Zhang; Hong Chen; Yao Wu; Juru Zeng; Deying Li, “Enable Privacy Preservation for k-NN Query in Two-Tiered Wireless Sensor Networks,” in Communications (ICC), 2015 IEEE International Conference on, vol., no., pp. 6289–6294, 8–12 June 2015. doi:10.1109/ICC.2015.7249326
Abstract: Wireless sensor network is an important part of the Internet of Things. Preservation of privacy and integrity in wireless sensor networks is extremely urgent and challenging. To address this problem, we propose PPKN, an efficient and privacy-preserving k-NN query protocol in two-tiered wireless sensor networks. Our proposal prevents adversaries from gaining sensitive information of both queries issued by users and data collected by sensor nodes while allows the sink to verify whether results are valid. It offers confidentiality of queries and data by constructing a special code, provides integrity verification by the correlation among data. Moreover, by the implementation of KNQ query framework, PPKN also achieves high efficient in query response and energy consumption. Finally, the theoretical analysis and experiment results show the high performance of PPKN in terms of privacy preservation and query efficiency.
Keywords: data integrity; data privacy; protocols; wireless sensor networks; Internet of Things; KNQ query framework; PPKN; data integrity; energy consumption; privacy-preserving k-NN query protocol; two-tiered wireless sensor network; Cryptography; Data privacy; Energy consumption; Privacy; Protocols; Storage management; Wireless sensor networks (ID#: 15-7235)


Zhicong Huang; Ayday, E.; Fellay, J.; Hubaux, J.-P.; Juels, A., “GenoGuard: Protecting Genomic Data against Brute-Force Attacks,” in Security and Privacy (SP), 2015 IEEE Symposium on, vol., no., pp. 447–462, 17–21 May 2015. doi:10.1109/SP.2015.34
Abstract: Secure storage of genomic data is of great and increasing importance. The scientific community’s improving ability to interpret individuals’ genetic materials and the growing size of genetic database populations have been aggravating the potential consequences of data breaches. The prevalent use of passwords to generate encryption keys thus poses an especially serious problem when applied to genetic data. Weak passwords can jeopardize genetic data in the short term, but given the multi-decade lifespan of genetic data, even the use of strong passwords with conventional encryption can lead to compromise. We present a tool, called Geno Guard, for providing strong protection for genomic data both today and in the long term. Geno Guard incorporates a new theoretical framework for encryption called honey encryption (HE): it can provide information-theoretic confidentiality guarantees for encrypted data. Previously proposed HE schemes, however, can be applied to messages from, unfortunately, a very restricted set of probability distributions. Therefore, Geno Guard addresses the open problem of applying HE techniques to the highly non-uniform probability distributions that characterize sequences of genetic data. In Geno Guard, a potential adversary can attempt exhaustively to guess keys or passwords and decrypt via a brute-force attack. We prove that decryption under any key will yield a plausible genome sequence, and that Geno Guard offers an information-theoretic security guarantee against message-recovery attacks. We also explore attacks that use side information. Finally, we present an efficient and parallelized software implementation of Geno Guard.
Keywords: biology computing; cryptography; data privacy; genetics; statistical distributions; storage management; GenoGuard; HE; brute-force attacks; data breaches; encryption keys; genetic database populations; genetic materials; genomic data protection; honey encryption; information-theoretic confidentiality; parallelized software implementation; passwords; probability distributions; storage security; Bioinformatics; Encoding; Encryption; Genomics; brute-force attack; distribution-transforming encoder; genomic privacy (ID#: 15-7236)


dos Santos, C.E.; Kijak, E.; Gravier, G.; Schwartz, W.R., “Learning to Hash Faces Using Large Feature Vectors,” in Content-Based Multimedia Indexing (CBMI), 2015 13th International Workshop on, vol., no., pp. 1–6, 10–12 June 2015. doi:10.1109/CBMI.2015.7153611
Abstract: Face recognition has been largely studied in past years. However, most of the related work focus on increasing accuracy and/or speed to test a single pair probe-subject. In this work, we present a novel method inspired by the success of locality sensing hashing (LSH) applied to large general purpose datasets and by the robustness provided by partial least squares (PLS) analysis when applied to large sets of feature vectors for face recognition. The result is a robust hashing method compatible with feature combination for fast computation of a short list of candidates in a large gallery of subjects. We provide theoretical support and practical principles for the proposed method that may be reused in further development of hash functions applied to face galleries. The proposed method is evaluated on the FERET and FRGCv1 datasets and compared to other methods in the literature. Experimental results show that the proposed approach is able to speedup 16 times compared to scanning all subjects in the face gallery.
Keywords: cryptography; face recognition; least squares approximations; LSH; PLS analysis; face gallery; feature vector; hash function; locality sensing hashing; partial least squares analysis; robust hashing method; Accuracy; Face recognition; Feature extraction; Image retrieval; Probes; Robustness; Training (ID#: 15-7237)


Weize Yu; Uzun, O.A.; Köse, S., “Leveraging On-Chip Voltage Regulators as a Countermeasure Against Side-Channel Attacks,” in Design Automation Conference (DAC), 2015 52nd ACM/EDAC/IEEE, vol., no., pp. 1–6, 8–12 June 2015. doi:10.1145/2744769.2744866
Abstract: Side-channel attacks have become a significant threat to the integrated circuit security. Circuit level techniques are proposed in this paper as a countermeasure against side-channel attacks. A distributed on-chip power delivery system consisting of multi-level switched capacitor (SC) voltage converters is proposed where the individual interleaved stages are turned on and turned off either based on the workload information or pseudo-randomly to scramble the power consumption profile. In the case that the changes in the workload demand do not trigger the power delivery system to turn on or off individual stages, the active stages are reshuffled with so called converter-reshuffling to insert random spikes in the power consumption profile. An entropy based metric is developed to evaluate the security-performance of the proposed converter-reshuffling technique as compared to three other existing on-chip power delivery schemes. The increase in the power trace entropy with CoRe scheme is also demonstrated with simulation results to further verify the theoretical analysis.
Keywords: convertors; cryptography; integrated circuit interconnections; power consumption; switched capacitor networks; voltage regulators; circuit level techniques; converter-reshuffling technique; countermeasure against side-channel attacks; integrated circuit security; leveraging on-chip voltage regulators; multi-level switched capacitor voltage converters; on-chip power delivery system; power consumption; power trace entropy; Entropy; Monitoring; Power demand; Regulators; Security; System-on-chip; Voltage control; Side-channel attacks; on-chip voltage regulation; power efficiency (ID#: 15-7238)


Sachdeva, E.; Mishra, S.P., “Improving Method of Correcting AES Keys Obtained from Coldboot Attack,” in Electrical, Computer and Communication Technologies (ICECCT), 2015 IEEE International Conference on, vol., no., pp. 1–8, 5–7 March 2015. doi:10.1109/ICECCT.2015.7226024
Abstract: Extraction of cryptographic keys, passwords and other sensitive information from the memory, has been made possible by the data remanence property of DRAM. According to it, DRAM can retain its data for several seconds to minutes without power [1]. Cold boot attack proposed in [1] tries to exploit memory remanence property, for extracting probable cryptographic secrets from DRAM. However, extracted information is degraded and needs to be corrected before being used for decrypting the encrypted files. Various methods for correcting this distorted data for different cryptosystems have been proposed [1, 6]. However, it has not been reported much in literature regarding efficacy of these methods. This paper contains results and observations of extensive experiments carried out for correcting AES keys, by varying timings of cold rebooting the PC that varies the % of distorted data. These observations suggest that the proposed methods are theoretical in nature and not effective practically (for cold boot attack) as they could correct keys corresponding to up to 2% of erroneous round key schedules of AES-128 and AES-256. In this paper, an improved algorithm has been proposed for correcting up to 15% of errors in cold boot attack generated as well as randomly generated distorted round key schedules. The proposed algorithm has been successfully implemented to mount the volumes encrypted by popular disk encryption system ‘TrueCrypt’.
Keywords: DRAM chips; cryptography; AES keys; AES-128; AES-256; DRAM; TrueCrypt; coldboot attack; cryptographic keys; data remanence property; disk encryption system; encrypted files; passwords; sensitive information; Capacitors; Cryptography; Distortion; Lead; Random access memory; AES; Cold boot attack; Data remanence; True Crypt (ID#: 15-7239)


Jinglong Zuo; Delong Cui; Yunfeng Gong; Mei Liu, “A Novel Image Encryption Algorithm Based on Lifting-Based Wavelet Transform,” in Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, vol., no., pp. 33–36, 24–26 April 2015. doi:10.1109/ICISCE.2015.16
Abstract: In order to trade-off between computational effects and computational cost of present image encryption algorithm, a novel image encryption algorithm based on lifting-based wavelet transform is proposed in this paper. The image encryption process includes three steps: first the original image was divided into blocks, which were transformed by lifting based wavelet, secondly the wavelet domain coefficients were encryption by random mask which generated by user key, and finally employing Arnold scrambling to encrypt the coefficients. The security of proposed scheme is depended on the levels of wavelet transform, user key, and the times of Arnold scrambling. Theoretical analysis and experimental results demonstrate that the algorithm is favourable.
Keywords: cryptography; image processing; random processes; wavelet transforms; Arnold scrambling; computational cost; computational effects; image encryption algorithm; lifting-based wavelet transform; random mask; user key; wavelet domain coefficients; Correlation; Encryption; Entropy; Filter banks; Wavelet transforms; block-based transformation; fractional Fourier transform; image encryption; information security; random phase mask (ID#: 15-7240)


Fei Chen; Tao Xiang; Yuanyuan Yang; Cong Wang; Shengyu Zhang, “Secure Cloud Storage Hits Distributed String Equality Checking: More Efficient, Conceptually Simpler, and Provably Secure,” in Computer Communications (INFOCOM), 2015 IEEE Conference on, vol., no., pp. 2389–2397, April 26 2015–May 1 2015. doi:10.1109/INFOCOM.2015.7218627
Abstract: Cloud storage has gained a remarkable success in recent years with an increasing number of consumers and enterprises outsourcing their data to the cloud. To assure the availability and integrity of the outsourced data, several protocols have been proposed to audit cloud storage. Despite the formally guaranteed security, the constructions employed heavy cryptographic operations as well as advanced concepts (e.g., bilinear maps over elliptic curves and digital signatures), and thus are inefficient to admit wide applicability in practice. In this paper, we design a novel secure cloud storage protocol, which is conceptually and technically simpler and significantly more efficient than previous constructions. Inspired by a classic string equality checking protocol in distributed computing, our protocol uses only basic integer arithmetic (without advanced techniques and concepts). As simple as the protocol is, it supports both randomized and deterministic auditing to fit different applications. We further extend the proposed protocol to support data dynamics, i.e., adding, deleting and modifying data, using a novel technique. As a further contribution, we find a systematic way to design secure cloud storage protocols based on verifiable computation protocols. Theoretical and experimental analyses validate the efficacy of our protocol.
Keywords: cloud computing; cryptography; data integrity; digital signatures; distributed processing; protocols; cloud storage protocol; cloud storage security; computation protocol; cryptographic operation; digital signature; distributed computing; string equality checking protocol; Cloud computing; Computational modeling; Computers; Conferences; Protocols; Secure storage; Security (ID#: 15-7241)


Young-Jin Kang; Hyun Ho Kim; Ndibanje Bruce; Younggoo Park; HoonJae Lee, “Correlation Power Analysis Attack on the Ping Pong-128 Key Stream Generator,” in Advanced Information Networking and Applications (AINA), 2015 IEEE 29th International Conference on, vol., no., pp. 506–509, 24–27 March 2015. doi:10.1109/AINA.2015.228
Abstract: Power analysis attack on cryptographic hardware device aims to study the power consumption while performing operations using secrets keys. Power analysis is a form of Side Channel Attack (SCA) which allows an attacker to compute the key encryption from algorithm using Simple Power Analysis (SPA), Differential Power Analysis (DPA) or Correlation Power Analysis (CPA). The theoretical weaknesses in algorithms or leaked information from physical implementation of a cryptosystem are usually used to break the system. In this paper proved the weakness of PingPong-128 key stream generator which increased outputs key stream of specific non-linearity by adding mutual clock-control structure to previous summation generator through Correlation power analysis attack.
Keywords: cryptography; CPA; DPA; Ping Pong-128 key stream generator; SCA; SPA; correlation power analysis; correlation power analysis attack; cryptographic hardware device; cryptosystem; differential power analysis; key encryption; mutual clock control structure; power consumption; secrets keys; side channel attack; simple power analysis; Algorithm design and analysis; Correlation; Correlation coefficient; Cryptography; Generators; Mathematical model; Power measurement; Correlation Power Analysis; Crypto; PingPong-128 Key Stream Generator; Secrete intermediate Key; Side Channel Attacks (ID#: 15-7242)


Jianhua Yang; Yongzhong Zhang, “RTT-Based Random Walk Approach to Detect Stepping-Stone Intrusion,” in Advanced Information Networking and Applications (AINA), 2015 IEEE 29th International Conference on, vol., no., pp. 558–563, 24–27 March 2015. doi:10.1109/AINA.2015.236
Abstract: Detecting Stepping-stone intrusion, especially resisting in intruders evasion has been widely and deeply studied and explored since 1995. In this paper, we propose a method by counting matched TCP/IP packets to detect stepping-stone intrusion. Our study shows that this approach not only can detect stepping-stone intrusion with an improved performance, but also can resist in intruders’ evasion, such as time-jittering, and chaff-perturbation. We model stepping-stone intrusion detection as a one dimensional random-walk process. Theoretical analysis shows that in order to obtain the same false positive rate, this approach needs less number of packets monitored than Blum’s approach which is considered state-of-the-art method. The simulation results show that this approach can resist in intruders chaff-perturbation up to 50%.
Keywords: IP networks; computer network security; security of data; RTT based random walk; chaff perturbation; counting matched TCP/IP packet; intruders evasion; one dimensional random walk process; stepping stone intrusion detection; time jittering; Computers; Cryptography; IP networks; Intrusion detection; Monitoring; Resists; intrusion detection; packet matching; random-walk; round-trip time; stepping-stone intrusion; time-jittering (ID#: 15-7243)


Capotą, M.; Pouwelse, J.; Epema, D., “Decentralized Credit Mining in P2P Systems,” in IFIP Networking Conference (IFIP Networking), 2015, pp. 1–9, 20–22 May 2015. doi:10.1109/IFIPNetworking.2015.7145334
Abstract: Accounting mechanisms based on credit are used in peer-to-peer systems to track the contribution of peers to the community for the purpose of deterring freeriding and rewarding good behavior. Most often, peers earn credit for uploading files, but other activities might be rewarded in the future as well, such as making useful comments or reporting spam. Credit earned can be used for accessing new content, or for receiving preferential treatment in case of network congestion. We define credit mining as the activity performed by peers for the purpose of earning credit. In this paper, we design, implement, and evaluate a system for decentralized credit mining that maximizes the contribution of idle peers to the community by automatically uploading popular files. Building on previous theoretical insights into the economics of communities, we select autonomous algorithms for bandwidth investment as the basis of our credit mining system. Additionally, we describe our experience with important challenges arising from Internet deployment, that are frequently neglected in emulation, including duplicate content avoidance, spam prevention, and the cost of keeping peer information updated. Furthermore, we implement an archival mode of operation, which prevents the disappearance of old content from the community. We show the feasibility and usefulness of our credit mining system through measurements from our implementation on top of Tribler, an Internet-deployed peer-to-peer system.
Keywords: bandwidth allocation; data mining; investment; peer-to-peer computing; unsolicited e-mail; Internet deployment; Internet-deployed peer-to-peer system; P2P systems; Tribler; accounting mechanisms; archival mode; autonomous algorithms; bandwidth investment; decentralized credit mining; duplicate content avoidance; network congestion; peer-to-peer systems; popular file uploading; preferential treatment; spam prevention; Bandwidth; Collaboration; Communities; Cryptography; Feeds; Internet; Peer-to-peer computing (ID#: 15-7244)


Jingjing Huang; Ting Jiang, “Dynamic Secret Key Generation Exploiting Ultra-Wideband Wireless Channel Characteristics,” in Wireless Communications and Networking Conference (WCNC), 2015 IEEE, vol., no., pp. 1701–1706, 9–12 March 2015. doi:10.1109/WCNC.2015.7127724
Abstract: To guarantee a secure wireless communication between any two transceivers, the shared secret key is a requirement. Communication parties need to encrypt the message with the key to impede an adversary’s eavesdropping. By exploiting Ultra-wideband (UWB) wireless fading channels as a source of common randomness, two transceivers with correlated observations can generate secret keys with information-theoretical security. The state of the art of existing works, however, has neglected to consider efficient channel probing. In this paper, we define a channel probing factor to adaptively change probing interval for obtaining more correlated measurements at the endpoints of wireless communicating link. We use multipath relative delay of UWB channel to generate secret keys. Simulation results show that this dynamic secret key generation mechanism extracting multipath relative delay can achieve good performance in terms of secret key generation rate, key randomness and key-mismatch probability, especially key-mismatch probability compared with received signal strength (RSS)-based method and our prior approach. Furthermore, security analysis is also provided to validate feasibility of the scheme.
Keywords: cryptography; fading channels; probability; radio transceivers; telecommunication security; ultra wideband communication; RSS-based method; UWB wireless fading channels; adversary eavesdropping; channel probing factor; dynamic secret key generation mechanism; information-theoretical security; key randomness; key-mismatch probability; message encryption; multipath relative delay; received signal strength-based method; secret key generation rate; shared secret key; transceivers; ultrawideband wireless channel characteristics; wireless communicating link; wireless communication security; Coherence; Delays; Signal to noise ratio; Training; Transceivers; Wireless networks; UWB; dynamic channel probing; reciprocity; secret key generation (ID#: 15-7245)


Abozaid, G.; El-Mahdy, A., “Design Space Exploration for a Co-designed Accelerator Supporting Homomorphic Encryption,” in Control Systems and Computer Science (CSCS), 2015 20th International Conference on, vol., no.,
pp. 431–438, 27–29 May 2015. doi:10.1109/CSCS.2015.14
Abstract: Fully Homomorphic Encryption is currently a sound theoretical approach for cloud security, it is currently not practically used due to the tremendous computation requirements of multiplying very large, million-bit, operands. In this paper, we explore the design space of software/hardware (SW/HW) co-designed accelerator relying on integrating fast software multiplication algorithms with a configurable hardware multiplier. The multiplier is based on a modified serial-parallel multiplier design, in which School-Book is a special case. The paper conducts an analytic performance study, exploring key design space parameters as well as comparing with other design approaches in the literature. Based on an actual FPGA implementation, we estimate a power consumption of 10, Watt, and area-time-power of 20.20 billion transistor-sec-Watt, potentially allowing for promising scalability.
Keywords: cloud computing; cryptography; field programmable gate arrays; hardware-software codesign; logic design; multiplying circuits; reconfigurable architectures; FPGA; SW-HW codesign; School-Book; cloud security; codesigned accelerator supporting homomorphic encryption; configurable hardware multiplier; design space exploration; design space parameter; fast software multiplication algorithm; modified serial-parallel multiplier design; power consumption; software-hardware codesign; Algorithm design and analysis; Hardware; Mathematical model; Parallel processing; Software; Software algorithms; Space exploration; FHE; SW/HW; co-design; large numbers; low-power; multiplication (ID#: 15-7246)


Yuehua Zhang; Jian Zhang; Guannan Liu, “Design and Implementation of AES Based on ARM920T Processor,” in Information Science and Control Engineering (ICISCE), 2015 2nd International Conference on, vol., no., pp. 189–193, 24–26 April 2015. doi:10.1109/ICISCE.2015.49
Abstract: This paper presents an optimization of the Irondale algorithm which can speed up execution on ARM920T microprocessor. Irondale was selected as the Advanced Encryption Standard (AES) by the National Institute of Standards and Technology (NIST). First we present a theoretical analysis of the Irondale algorithm and code optimization, and then simulation results of the optimized algorithm on ARM920T microprocessor are presented. The cycles of key schedule for decryption are more than the cycles of key schedule for encryption. Key schedule for decryption has larger memory than key schedule for encryption. Decryption (including decryption key schedule) is slower than encryption (including encryption key schedule). The experiment shows the algorithm can be executed on ARM920T microprocessor efficiently.
Keywords: cryptography; microprocessor chips; AES; ARM920T microprocessor; NIST; Rijndael algorithm; advanced encryption standard; code optimization; decryption; key schedule cycle; national institute of standards and technology; Algorithm design and analysis; Ciphers; Encryption; Niobium; Optimization; Schedules; Standards; ARM microprocessor; advanced encryption standard (AES); key schedule; optimization; rijndael (ID#: 15-7247)


Amutha, A.; Angel, D., “Structural Analysis of Invertible Graphs,” in Intelligent Systems and Control (ISCO), 2015 IEEE 9th International Conference on, vol., no., pp. 1–4, 9–10 Jan. 2015. doi:10.1109/ISCO.2015.7282329
Abstract: Reliability is an important issue in systems architecture. This paper focuses on a new class of invertible networks which are more reliable in the sense that if there is a failure in the physical components of the system then there always exists an alternate set of nodes to carry out the job in the complement. A graph G is said to be invertible if there exists an inverse vertex cover in G. The contribution of this paper is a new algorithm for recognizing invertible graphs. Our algorithm runs in linear time and is computationally very simple. We present a characterization for invertible graphs in terms of the breadth first search tree and thereby study their theoretical properties.
Keywords: Computers; Cryptography; Edge cover; Invertible graphs; Vertex cover (ID#: 15-7248)


Chan, V.W.S., “Classical Optical Cryptography,” in Transparent Optical Networks (ICTON), 2015 17th International Conference on, vol., no., pp. 1–4, 5–9 July 2015. doi:10.1109/ICTON.2015.7193389
Abstract: This paper describes a cryptographic technique based on coherent optical communication for fiber or free space networks. A pseudo-random cipher-stream is used to band-spread an optical carrier with coded data. The legitimate receiver uses the agreed upon key to modulate its local oscillator and the resulting beat signal will uncover the band-spread signal. An eavesdropper who does not have the key will find the spread signal with too low signal-to-noise ratio to perform any useful determination of the message sequence. Theoretical bounds based on Shannon’s Theory of Secrecy is used to show the strength of the encoding scheme which is expected to be superior.
Keywords: cryptography; information theory; optical fibre networks; telecommunication security; Shannon theory; band spread signal; classical optical cryptography; coherent optical communication; cryptographic technique; fiber space networks; free space networks; message sequence; optical carrier; signal-to-noise ratio; spread signal; Cryptography; Noise; Optical amplifiers; Optical mixing; Optical receivers; Optical transmitters; optical network security (ID#: 15-7249)


Hammami, S.; Djemaï, M.; Busawon, K., “On the Use of the Unified Chaotic System in the Field of Secure Communication,” in Control, Engineering & Information Technology (CEIT), 2015 3rd International Conference on, vol., no., pp. 1–6, 25–27 May 2015. doi:10.1109/CEIT.2015.7233114
Abstract: The synchronization of a unified chaotic system, used to encrypt different types of information signals, is investigated in this paper. In the outset, it is proven that such a system possesses three different types of chaos characterizations depending on a system’s parameter, which guarantees a high degree of communication security. Then, the asymptotic convergence of the errors between the states of the master system and those of the slave one is deduced by means of Lyapunov theory. Finally, computer simulations are done to verify the feasibility as well as the efficiency of the proposed theoretical approaches.
Keywords: Lyapunov methods; chaotic communication; convergence; cryptography; image coding; synchronisation; telecommunication security; Lyapunov theory; chaos characterizations; communication security; information signals; unified chaotic system; Chaotic communication; Convergence; Cryptography; Receivers; Synchronization; Transmitters; secure transmission (ID#: 15-7250)


Huijie Zhang; Mani Soma.; Shulin Tian, “Power Attacks on DAC Architectures: A Susceptibility Comparison,” in Signals, Circuits and Systems (ISSCS), 2015 International Symposium on, vol., no., pp. 1–4, 9–10 July 2015. doi:10.1109/ISSCS.2015.7203935
Abstract: Hardware security is a significant issue today and has received much attention regarding side-channel attacks, including power attacks. We present a theoretical comparison of power-attack susceptibility of two common DAC architectures using metrics derived from information theory. Simulation results demonstrate the computation method.
Keywords: cryptography; digital-analogue conversion; information theory; security; DAC architecture; digital-to-analog converter; hardware security; information theory; power attack susceptibility; side-channel attack; susceptibility comparison; Capacitors; Computer architecture; Correlation; Hardware; Mutual information; Power demand; Security; differential power attack; mixed-signal circuit; mutual information (ID#: 15-7251)


Emmart, N.; Weems, C., “Pushing the Performance Envelope of Modular Exponentiation Across Multiple Generations of GPUs,” in Parallel and Distributed Processing Symposium (IPDPS), 2015 IEEE International, pp.166–176, 25–29 May 2015. doi:10.1109/IPDPS.2015.69
Abstract: Multiprecision modular exponentiation is a key operation in popular encryption schemes such as RSA, but is computationally expensive. Contexts such as handling many secure web connections in a server can demand higher rates of exponent operations than a traditional multicore can support. Graphics processors offer an opportunity to accelerate batches of exponent calculations both by executing them in parallel as well as through parallelizing the operations within the multiprecision arithmetic itself. However, obtaining performance close to the theoretical peak can be extremely challenging. Furthermore, each new generation of GPU architecture can require a substantially different approach to achieve maximum performance. In this paper we show how we improve modular exponentiation performance over prior results by at factors ranging from 2.6 to 24, across generations of NVIDIA GPU, from compute capability 1.1 onward. Of particular interest is the parameter space that must be searched to find the optimal configuration of memory layout, launch geometry, and algorithm for each architecture at different problem sizes. Our efforts have resulted in a set of tools for generating library functions in the PTX assembly language and searching to find these optima. From our experience it can be argued that a new programming paradigm is needed to achieve full performance potential on core library components as GPUs evolve through multiple generations.
Keywords: assembly language; graphics processing units; software libraries; GPU architecture; NVIDIA GPU; PTX assembly language; RSA; compute capability; core library components; encryption schemes; exponent operations; graphics processing unit; graphics processors; launch geometry; library functions; memory layout; multiprecision modular exponentiation performance; multiprocessing arithmetic; optimal configuration; secure Web connections; Computational modeling; Computer architecture; Generators; Graphics processing units; Load modeling; Message systems; Registers; GPU accelerated modular exponentiation; SSL acceleration with GPUs; asymmetric cryptography on GPUs; modular exponentiation (ID#: 15-7252)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.