Chaves mais pequenas para criptossistemas de McEliece usando codificadores convolucionais

The arrival of the quantum computing era is a real threat to the confidentiality and integrity of digital communications. So, it is urgent to develop alternative cryptographic techniques that are resilient to quantum computing. This is the goal of pos-quantum cryptography. The code-based cryptosystem called Classical McEliece Cryptosystem remains one of the most promising postquantum alternatives. However, the main drawback of this system is that the public key is much larger than in the other alternatives. In this thesis we study the algebraic properties of this type of cryptosystems and present a new variant that uses a convolutional encoder to mask the so-called Generalized Reed- Solomon code. We conduct a cryptanalysis of this new variant to show that high levels of security can be achieved using significant smaller keys than in the existing variants of the McEliece scheme. We illustrate the advantages of the proposed cryptosystem by presenting several practical examples.A chegada da era da computação quântica é uma ameaça real à confidencialidade e integridade das comunicações digitais. É, por isso, urgente desenvolver técnicas criptográficas alternativas que sejam resilientes à computação quântica. Este é o objetivo da criptografia pós-quântica. O Criptossistema de McEliece continua a ser uma das alternativas pós-quânticas mais promissora, contudo, a sua principal desvantagem é o tamanho da chave pública, uma vez que é muito maior do que o das outras alternativas. Nesta tese estudamos as propriedades algébricas deste tipo de criptossistemas e apresentamos uma nova variante que usa um codificador convolucional para mascarar o código de Generalized Reed-Solomon. Conduzimos uma criptoanálise dessa nova variante para mostrar que altos níveis de segurança podem ser alcançados usando uma chave significativamente menor do que as variantes existentes do esquema de McEliece. Ilustramos, assim, as vantagens do criptossistema proposto apresentando vários exemplos práticos.Programa Doutoral em Matemátic

A tiny public key scheme based on Niederreiter Cryptosystem

Due to the weakness of public key cryptosystems encounter of quantum computers, the need to provide a solution was emerged. The McEliece cryptosystem and its security equivalent, the Niederreiter cryptosystem, which are based on Goppa codes, are one of the solutions, but they are not practical due to their long key length. Several prior attempts to decrease the length of the public key in code-based cryptosystems involved substituting the Goppa code family with other code families. However, these efforts ultimately proved to be insecure. In 2016, the National Institute of Standards and Technology (NIST) called for proposals from around the world to standardize post-quantum cryptography (PQC) schemes to solve this issue. After receiving of various proposals in this field, the Classic McEliece cryptosystem, as well as the Hamming Quasi-Cyclic (HQC) and Bit Flipping Key Encapsulation (BIKE), chosen as code-based encryption category cryptosystems that successfully progressed to the final stage. This article proposes a method for developing a code-based public key cryptography scheme that is both simple and implementable. The proposed scheme has a much shorter public key length compared to the NIST finalist cryptosystems. The key length for the primary parameters of the McEliece cryptosystem (n=1024, k=524, t=50) ranges from 18 to 500 bits. The security of this system is at least as strong as the security of the Niederreiter cryptosystem. The proposed structure is based on the Niederreiter cryptosystem which exhibits a set of highly advantageous properties that make it a suitable candidate for implementation in all extant systems

A Side-Channel Assisted Cryptanalytic Attack Against QcBits

International audienceQcBits is a code-based public key algorithm based on a problem thought to be resistant to quantum computer attacks. It is a constant-time implementation for a quasi-cyclic moderate density parity check (QC-MDPC) Niederreiter encryption scheme, and has excellent performance and small key sizes. In this paper, we present a key recovery attack against QcBits. We first used differential power analysis (DPA) against the syndrome computation of the decoding algorithm to recover partial information about one half of the private key. We then used the recovered information to set up a system of noisy binary linear equations. Solving this system of equations gave us the entire key. Finally, we propose a simple but effective countermeasure against the power analysis used during the syndrome calculation

Towards Green Computing Oriented Security: A Lightweight Postquantum Signature for IoE

[EN] Postquantum cryptography for elevating security against attacks by quantum computers in the Internet of Everything (IoE) is still in its infancy. Most postquantum based cryptosystems have longer keys and signature sizes and require more computations that span several orders of magnitude in energy consumption and computation time, hence the sizes of the keys and signature are considered as another aspect of security by green design. To address these issues, the security solutions should migrate to the advanced and potent methods for protection against quantum attacks and offer energy efficient and faster cryptocomputations. In this context, a novel security framework Lightweight Postquantum ID-based Signature (LPQS) for secure communication in the IoE environment is presented. The proposed LPQS framework incorporates a supersingular isogeny curve to present a digital signature with small key sizes which is quantum-resistant. To reduce the size of the keys, compressed curves are used and the validation of the signature depends on the commutative property of the curves. The unforgeability of LPQS under an adaptively chosen message attack is proved. Security analysis and the experimental validation of LPQS are performed under a realistic software simulation environment to assess its lightweight performance considering embedded nodes. It is evident that the size of keys and the signature of LPQS is smaller than that of existing signature-based postquantum security techniques for IoE. It is robust in the postquantum environment and efficient in terms of energy and computations.This project was funded by the Deanship of Scientific Research (DSR), King Abdulaziz University. Jeddah. under grant No. (DF-457-156-1441).Rani, R.; Kumar, S.; Kaiwartya, O.; Khasawneh, AM.; Lloret, J.; Al-Khasawneh, MA.; Mahmoud, M.... (2021). Towards Green Computing Oriented Security: A Lightweight Postquantum Signature for IoE. Sensors. 21(5):1-20. https://doi.org/10.3390/s2105188312021

Towards green computing oriented security: a lightweight postquantum signature for IoE

Postquantum cryptography for elevating security against attacks by quantum computers in the Internet of Everything (IoE) is still in its infancy. Most postquantum based cryptosystems have longer keys and signature sizes and require more computations that span several orders of magnitude in energy consumption and computation time, hence the sizes of the keys and signature are considered as another aspect of security by green design. To address these issues, the security solutions should migrate to the advanced and potent methods for protection against quantum attacks and offer energy efficient and faster cryptocomputations. In this context, a novel security framework Lightweight Postquantum ID-based Signature (LPQS) for secure communication in the IoE environment is presented. The proposed LPQS framework incorporates a supersingular isogeny curve to present a digital signature with small key sizes which is quantum-resistant. To reduce the size of the keys, compressed curves are used and the validation of the signature depends on the commutative property of the curves. The unforgeability of LPQS under an adaptively chosen message attack is proved. Security analysis and the experimental validation of LPQS are performed under a realistic software simulation environment to assess its lightweight performance considering embedded nodes. It is evident that the size of keys and the signature of LPQS is smaller than that of existing signature-based postquantum security techniques for IoE. It is robust in the postquantum environment and efficient in terms of energy and computations

Cyber Security of Critical Infrastructures

Critical infrastructures are vital assets for public safety, economic welfare, and the national security of countries. The vulnerabilities of critical infrastructures have increased with the widespread use of information technologies. As Critical National Infrastructures are becoming more vulnerable to cyber-attacks, their protection becomes a significant issue for organizations as well as nations. The risks to continued operations, from failing to upgrade aging infrastructure or not meeting mandated regulatory regimes, are considered highly significant, given the demonstrable impact of such circumstances. Due to the rapid increase of sophisticated cyber threats targeting critical infrastructures with significant destructive effects, the cybersecurity of critical infrastructures has become an agenda item for academics, practitioners, and policy makers. A holistic view which covers technical, policy, human, and behavioural aspects is essential to handle cyber security of critical infrastructures effectively. Moreover, the ability to attribute crimes to criminals is a vital element of avoiding impunity in cyberspace. In this book, both research and practical aspects of cyber security considerations in critical infrastructures are presented. Aligned with the interdisciplinary nature of cyber security, authors from academia, government, and industry have contributed 13 chapters. The issues that are discussed and analysed include cybersecurity training, maturity assessment frameworks, malware analysis techniques, ransomware attacks, security solutions for industrial control systems, and privacy preservation methods