Improved Framework for Blockchain Application Using Lattice Based Key Agreement Protocol

One of the most recent challenges in communicationsystem and network system is the privacy and security ofinformation and communication session. Blockchain is one oftechnologies that use in sensing application in different importantenvironments such as healthcare. In healthcare the patient privacyshould be protected use high security system. Key agreementprotocol based on lattice ensure the authentication and highprotection against different types of attack especiallyimpersonation and man in the middle attack where the latticebased protocol is quantum-withstand protocol. Proposed improvedframework using lattice based key agreement protocol forapplication of block chain, with security analysis of manyliteratures that proposed different protocols has been presentedwith comparative study. The resultant new framework based onlattice overcome the latency limitation of block chain in the oldframework and lowered the computation cost that depend onElliptic curve Diffie-Hellman. Also, it ensures high privacy andprotection of patient’s informatio

Attacking (EC)DSA With Partially Known Multiples of Nonces

In this paper, we improve the theoretical background of the attacks on the DSA schemes given in [1, 29], and we present some new more practical attacks

PERFORMANCE OF HYBRID SIGNATURES FOR PUBLIC KEY INFRASTRUCTURE CERTIFICATES

The modern public key infrastructure (PKI) model relies on digital signature algorithms to provide message authentication, data integrity, and non-repudiation. To provide this, digital signature algorithms, like most cryptographic schemes, rely on a mathematical hardness assumption for provable security. As we transition into a post-quantum era, the hardness assumptions used by traditional digital signature algorithms are increasingly at risk of being solvable in polynomial time. This renders the entirety of public key cryptography, including digital signatures, vulnerable to being broken. Hybrid digital signature schemes represent a potential solution to this problem. In this thesis, we provide the first test implementation of true hybrid signature algorithms. We evaluate the viability and performance of several hybrid signature schemes against traditional hybridization techniques via standalone cryptographic operations. Finally, we explore how hybrid signatures can be integrated into existing X.509 digital certificates and examine their performance by integrating both into the Transport Layer Security 1.3 protocol.Outstanding ThesisGunnery Sergeant, United States Marine CorpsApproved for public release; distribution is unlimited

On the Security of Lattice-based Fiat-Shamir Signatures in the Presence of Randomness Leakage

Leakages during the signing process, including partial key exposure and partial (or complete) randomness exposure, may be devastating for the security of digital signatures. In this work, we investigate the security of lattice-based Fiat-Shamir signatures in the presence of randomness leakage. To this end, we present a generic key recovery attack that relies on minimum leakage of randomness, and then theoretically connect it to a variant of Integer-LWE (ILWE) problem. The ILWE problem, introduced by Bootle et al. at Asiacrypt 2018, is to recover the secret vector ${\bf s}$ given polynomially many samples of the form $({\bf a}, \langle {\bf a}, {\bf s} \rangle + e) {\color{black}\in \mathbb{Z}^{n+1}}$, and it is solvable if the error $e {\color{black}\in \mathbb{Z}}$ is not superpolynomially larger than the inner product $\langle {\bf a}, {\bf s} \rangle$. However, in our variant (we call the variant FS-ILWE problem in this paper), ${\bf a}{\color{black}\in \mathbb{Z}^{n}}$ is a sparse vector whose coefficients are NOT independent any more, and $e$ is related to ${\bf a}$ and ${\bf s}$ as well. We prove that the FS-ILWE problem can be solved in polynomial time, and present an efficient algorithm to solve it. Our generic key recovery method directly implies that many lattice-based Fiat-Shamir signatures will be totally broken with one (deterministic or probabilistic) bit of randomness leakage per signature. Our attack has been validated by experiments on two NIST PQC signatures Dilithium and qTESLA. For example, as to Dilithium-III of $125$-bit quantum security, the secret key will be recovered within $10$ seconds over an ordinary PC desktop, with about one million signatures. Similarly, key recovery attacks on Dilithium under other parameters and qTESLA will be completed within $20$ seconds and $31$ minutes respectively. In addition, we also present a non-profiled attack to show how to obtain the required randomness bit in practice through power analysis attacks on a proof-of-concept implementation of polynomial addition. The experimental results confirm the practical feasibility of our method

The Impact of Quantum Computing on Present Cryptography

The aim of this paper is to elucidate the implications of quantum computing in present cryptography and to introduce the reader to basic post-quantum algorithms. In particular the reader can delve into the following subjects: present cryptographic schemes (symmetric and asymmetric), differences between quantum and classical computing, challenges in quantum computing, quantum algorithms (Shor's and Grover's), public key encryption schemes affected, symmetric schemes affected, the impact on hash functions, and post quantum cryptography. Specifically, the section of Post-Quantum Cryptography deals with different quantum key distribution methods and mathematicalbased solutions, such as the BB84 protocol, lattice-based cryptography, multivariate-based cryptography, hash-based signatures and code-based cryptography.Comment: 10 pages, 1 figure, 3 tables, journal article - IJACS

Cyber Security of Critical Infrastructures

Critical infrastructures are vital assets for public safety, economic welfare, and the national security of countries. The vulnerabilities of critical infrastructures have increased with the widespread use of information technologies. As Critical National Infrastructures are becoming more vulnerable to cyber-attacks, their protection becomes a significant issue for organizations as well as nations. The risks to continued operations, from failing to upgrade aging infrastructure or not meeting mandated regulatory regimes, are considered highly significant, given the demonstrable impact of such circumstances. Due to the rapid increase of sophisticated cyber threats targeting critical infrastructures with significant destructive effects, the cybersecurity of critical infrastructures has become an agenda item for academics, practitioners, and policy makers. A holistic view which covers technical, policy, human, and behavioural aspects is essential to handle cyber security of critical infrastructures effectively. Moreover, the ability to attribute crimes to criminals is a vital element of avoiding impunity in cyberspace. In this book, both research and practical aspects of cyber security considerations in critical infrastructures are presented. Aligned with the interdisciplinary nature of cyber security, authors from academia, government, and industry have contributed 13 chapters. The issues that are discussed and analysed include cybersecurity training, maturity assessment frameworks, malware analysis techniques, ransomware attacks, security solutions for industrial control systems, and privacy preservation methods

Cache-Timing Techniques: Exploiting the DSA Algorithm

Side-channel information is any type of information leaked through unexpected channels due to physical features of a system dealing with data. The memory cache can be used as a side-channel, leakage and exploitation of side-channel information from the executing processes is possible, leading to the recovery of secret information. Cache-based side-channel attacks represent a serious threat to implementations of several cryptographic primitives, especially in shared libraries. This work explains some of the cache-timing techniques commonly used to exploit vulnerable software. Using a particular combination of techniques and exploiting a vulnerability found in the implementation of the DSA signature scheme in the OpenSSL shared library, a cache-timing attack is performed against the DSA’s sliding window exponentiation algorithm. Moreover, the attack is expanded to show that it is possible to perform cache-timing attacks against protocols relying on the DSA signature scheme. SSH and TLS are attacked, leading to a key-recovery attack: 260 SSH-2 handshakes to extract a 1024/160-bit DSA hostkey from an OpenSSH server, and 580 TLS 1.2 handshakes to extract a 2048/256-bit DSA key from an stunnel server

Spectrum Sensing Security in Cognitive Radio Networks

This thesis explores the use of unsupervised machine learning for spectrum sensing in cognitive radio (CR) networks from a security perspective. CR is an enabling technology for dynamic spectrum access (DSA) because of a CR's ability to reconfigure itself in a smart way. CR can adapt and use unoccupied spectrum with the help of spectrum sensing and DSA. DSA is an efficient way to dynamically allocate white spaces (unutilized spectrum) to other CR users in order to tackle the spectrum scarcity problem and improve spectral efficiency. So far various techniques have been developed to efficiently detect and classify signals in a DSA environment. Neural network techniques, especially those using unsupervised learning have some key advantages over other methods mainly because of the fact that minimal preconfiguration is required to sense the spectrum. However, recent results have shown some possible security vulnerabilities, which can be exploited by adversarial users to gain unrestricted access to spectrum by fooling signal classifiers. It is very important to address these new classes of security threats and challenges in order to make CR a long-term commercially viable concept. This thesis identifies some key security vulnerabilities when unsupervised machine learning is used for spectrum sensing and also proposes mitigation techniques to counter the security threats. The simulation work demonstrates the ability of malicious user to manipulate signals in such a way to confuse signal classifier. The signal classifier is forced by the malicious user to draw incorrect decision boundaries by presenting signal features which are akin to a primary user. Hence, a malicious user is able to classify itself as a primary user and thus gains unrivaled access to the spectrum. First, performance of various classification algorithms are evaluated. K-means and weighted classification algorithms are selected because of their robustness against proposed attacks as compared to other classification algorithm. Second, connection attack, point cluster attack, and random noise attack are shown to have an adverse effect on classification algorithms. In the end, some mitigation techniques are proposed to counter the effect of these attacks