Improve the Onion Routing Performance and Security with Cryptographic Algorithms

Onion Routing and Cryptographic Algorithms are two essential components of online privacy and secure data transmission. Onion Routing is a technique used to protect internet users' anonymity by routing their communication through a network of servers, while Cryptographic Algorithms are used to encrypt and decrypt data to ensure its confidentiality. As technology advances, there is a need to consider the development of new cryptographic algorithms for TOR to ensure its continued effectiveness. The combination of Onion Routing and Cryptographic Algorithms has proven to be an effective way to protect online privacy and security. This paper aims to explore the benefits of combining Onion Routing and Cryptographic Algorithms and to propose a hybrid symmetric and hashing algorithm technique to transmit data securely. By the end of this paper, researchers will have a comprehensive understanding of the Onion Routing and Cryptographic Algorithms, their implementation in TOR, and the limitations and risks associated with using such tools

Social Closeness Based Private Coordinating Conventions for Online Informal Organizations

The hazardous development of Online Interpersonal organizations in the course of recent years has re-imagined the way individuals collaborate with existing companions and particularly make new companions. A few works propose to give individuals a chance to wind up companions on the off chance that they have comparative profile attributes. In any case, profile coordinating includes a natural protection danger of uncovering private profile data to outsiders in the internet. The current answers for the issue endeavor to ensure clients' protection by secretly figuring the convergence or crossing point cardinality of the profile quality arrangements of two clients. These plans have a few impediments can in any case uncover clients' protection. In this project, we influence group structures to reclassify the Online Social Networks(OSN) display and propose a practical awry social closeness measure between two clients. At that point, in light of the proposed hilter kilter social nearness, along with AES algorithm we outline three private coordinating conventions, which give diverse security levels and can ensure clients' protection superior to the past works. At long last, we approve our proposed unbalanced closeness measure utilizing genuine interpersonal organization information and lead broad reenactments to assess the execution of the proposed conventions regarding calculation cost, correspondence cost, add up to running time, and vitality utilization

A MAC Mode for Lightweight Block Ciphers

status: accepte

Quantum Circuit Implementation and Resource Analysis of LBlock and LiCi

Due to Grover's algorithm, any exhaustive search attack of block ciphers can achieve a quadratic speed-up. To implement Grover,s exhaustive search and accurately estimate the required resources, one needs to implement the target ciphers as quantum circuits. Recently, there has been increasing interest in quantum circuits implementing lightweight ciphers. In this paper we present the quantum implementations and resource estimates of the lightweight ciphers LBlock and LiCi. We optimize the quantum circuit implementations in the number of gates, required qubits and the circuit depth, and simulate the quantum circuits on ProjectQ. Furthermore, based on the quantum implementations, we analyze the resources required for exhaustive key search attacks of LBlock and LiCi with Grover's algorithm. Finally, we compare the resources for implementing LBlock and LiCi with those of other lightweight ciphers.Comment: 29 pages,21 figure

Integrating OAuth with Information Card Systems

We propose a novel scheme to provide client-based interoperation between OAuth and an Information Card system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain a security token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and describe an implementation of a proof-of-concept prototype. Security and operational analyses are also provided

Side-channel Attacks on Blinded Scalar Multiplications Revisited

In a series of recent articles (from 2011 to 2017), Schindler et al. show that exponent/scalar blinding is not as effective a countermeasure as expected against side-channel attacks targeting RSA modular exponentiation and ECC scalar multiplication. Precisely, these works demonstrate that if an attacker is able to retrieve many randomizations of the same secret, this secret can be fully recovered even when a significative proportion of the blinded secret bits are erroneous. With a focus on ECC, this paper improves the best results of Schindler et al. in the specific case of structured-order elliptic curves. Our results show that larger blinding material and higher error rates can be successfully handled by an attacker in practice. This study also opens new directions in this line of work by the proposal of a three-steps attack process that isolates the attack critical path (in terms of complexity and success rate) and hence eases the development of future solutions

Secure Key-Alternating Feistel Ciphers Without Key Schedule

Light key schedule has found many applications in lightweight blockciphers, e.g. LED, PRINTcipher and LBlock. In this paper, we study an interesting question of how to design a as light as possible key schedule from the view of provable security and revisit the four-round key-alternating Feistel cipher by Guo and Wang in Asiacrypt 18. We optimize the construction by Guo and Wang and propose a four-round key-alternating Feistel cipher with an ultra-light (in fact non-existent) key schedule. We prove our construction retain the same security level as that of Guo and Wang\u27s construction. To the best of our knowledge, this is the first provably secure key-alternating Feistel cipher using identical round function and one n-bit master key but with ultra-light (non-existent) key schedule. We also investigate whether the same refinement works for the three-round key-alternating Feistel cipher. This time we show a distinguishing attack on such three-round construction with only four encryption queries. On the positive side, we prove that three-round key-alternating Feistel cipher with a suitable key schedule is a pseudorandom permutation. This is also the first provable-security result for three-round key-alternating Feistel cipher

Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios

Conclave: secure multi-party computation on big data (extended TR)

Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale poorly with data size, which makes MPC on "big data" prohibitively slow and inhibits its practical use. Many relational analytics queries can maintain MPC's end-to-end security guarantee without using cryptographic MPC techniques for all operations. Conclave is a query compiler that accelerates such queries by transforming them into a combination of data-parallel, local cleartext processing and small MPC steps. When parties trust others with specific subsets of the data, Conclave applies new hybrid MPC-cleartext protocols to run additional steps outside of MPC and improve scalability further. Our Conclave prototype generates code for cleartext processing in Python and Spark, and for secure MPC using the Sharemind and Obliv-C frameworks. Conclave scales to data sets between three and six orders of magnitude larger than state-of-the-art MPC frameworks support on their own. Thanks to its hybrid protocols, Conclave also substantially outperforms SMCQL, the most similar existing system.Comment: Extended technical report for EuroSys 2019 pape