A combined approach for hiding partial information in RSA

Partial information leakage in deterministic public-key cryptosystems refers to a problem that arises when information about either the plaintext or the key is leaked in subtle ways. Quite a common case is where there are a small number of possible messages that may be sent. An attacker may be able to crack the scheme simply by enumerating all the possible ciphertexts. Two methods are proposed for facing the partial information leakage problem in RSA that incorporate a random element into the encrypted message to increase the number of possible ciphertexts. The resulting scheme is, effectively, an RSA-like cryptosystem which exhibits probabilistic encryption. The first method involves encrypting several similar messages with RSA and then using the Quadratic Residuosity Problem (QRP) to mark the intended one. In this way, an adversary who has correctly guessed two or more of the ciphertexts is still in doubt about which message is the intended one. The cryptographic strength of the combined system is equal to the computational difficulty of factorising a large integer; ideally, this should be feasible. The second scheme uses error-correcting codes for accommodating the random component. The plaintext is processed with an error-correcting code and deliberately corrupted before encryption. The introduced corruption lies within the error-correcting ability of the code, so as to enable the recovery of the original message. The random corruption offers a vast number of possible ciphertexts corresponding to a given plaintext; hence an attacker cannot deduce any useful information from it. The proposed systems are compared to other cryptosystems sharing similar characteristics, in terms of execution time and ciphertext size, so as to determine their practical utility. Finally, parameters which determine the characteristics of the proposed schemes are also examined

Secure Data Provenance in Home Energy Monitoring Networks

Smart grid empowers home owners to efficiently manage their smart home appliances within a Home Area Network (HAN), by real time monitoring and fine-grained control. However, it offers the possibility for a malicious user to intrude into the HAN and deceive the smart metering system with fraudulent energy usage report. While most of the existing works have focused on how to prevent data tampering in HAN's communication channel, this paper looks into a relatively less studied security aspect namely data provenance. We propose a novel solution based on Shamir's secret sharing and threshold cryptography to guarantee that the reported energy usage is collected from the specific appliance as claimed at a particular location, and that it reflects the real consumption of the energy. A byproduct of the proposed security solution is a guarantee of data integrity. A prototype implementation is presented to demonstrate the feasibility and practicality of the proposed solution

RSA Power Analysis Obfuscation: A Dynamic FPGA Architecture

The modular exponentiation operation used in popular public key encryption schemes, such as RSA, has been the focus of many side channel analysis (SCA) attacks in recent years. Current SCA attack countermeasures are largely static. Given sufficient signal-to-noise ratio and a number of power traces, static countermeasures can be defeated, as they merely attempt to hide the power consumption of the system under attack. This research develops a dynamic countermeasure which constantly varies the timing and power consumption of each operation, making correlation between traces more difficult than for static countermeasures. By randomizing the radix of encoding for Booth multiplication and randomizing the window size in exponentiation, this research produces a SCA countermeasure capable of increasing RSA SCA attack protection

Exploring the association between social camouflaging and self- versus caregiver-report discrepancies in anxiety and depressive symptoms in autistic and non-autistic socially-anxious adolescents

Social camouflaging in autism involves hiding social differences and autistic traits to fit in with neurotypical settings and is associated with poorer mental health in both autistic adolescents and adults. This study explored the association between self-reported social camouflaging behaviours and adolescents’ self-report of generalised anxiety disorder (GAD) and depressive symptoms compared to caregiver reports. A clinical sample of 43 autistic and 39 non-autistic adolescents (14-19 years) without intellectual disability and matched on social anxiety, and their primary caregiver completed questionnaires reporting the young person’s autistic traits, GAD, and depression symptoms. Using Response Surface Analysis (RSA), congruence between adolescent and caregiver rated autistic traits, GAD, and depression symptoms were not associated with greater camouflaging scores. RSA parameters showed that camouflaging was greater when both adolescent and caregivers rated high levels of autistic traits and GAD symptoms, and when adolescents exceeded caregiver ratings on autistic traits, GAD, and depression symptoms. Adolescents who experience greater anxiety and autistic traits may engage in more (though less effective) social camouflaging behaviours, which in turn may contribute towards poorer mental health outcomes. Clinicians may benefit from collaboratively creating with adolescents a person-centred formulation that considers the associations between autistic traits, mental health outcomes

Literature Study On Cloud Based Healthcare File Protection Algorithms

There is a huge development in Computers and Cloud computing technology, the trend in recent years is to outsource information storage on Cloud-based services. The cloud provides  large storage space. Cloud-based service providers such as Dropbox, Google Drive, are providing users with infinite and low-cost storage. In this project we aim at presenting a protection method through by encrypting and decrypting the files to provide enhanced level of protection. To encrypt the file that we upload in cloud, we make use of double encryption technique. The file is been encrypted twice one followed by the other using two algorithms. The order in which the algorithms are used is that, the file is first encrypted using AES algorithm, now this file will be in the encrypted format and this encrypted file is again encrypted using RSA algorithm. The corresponding keys are been generated during the execution of the algorithm. This is done in order to increase the security level. The various parameters that we have considered here are security level, speed, data confidentiality, data integrity and cipher text size. Our project is more efficient as it satisfies all the parameters whereas the conventional methods failed to do so. The Cloud we used is Dropbox to store the content of the file which is in the encrypted format using AES and RSA algorithms and corresponding key is generated which can be used to decrypt the file. While uploading the file the double encryption technique is been implemented

07381 Abstracts Collection -- Cryptography

From 16.09.2007 to 21.09.2007 the Dagstuhl Seminar 07381 ``Cryptography\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available

Power Side Channels in Security ICs: Hardware Countermeasures

Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring the power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic devices have in response developed various countermeasures for protection. Attacking methods have also evolved to counteract resistant implementations. This paper reviews foundational power analysis attack techniques and examines a variety of hardware design mitigations. The aim is to highlight exposed vulnerabilities in hardware-based countermeasures for future more secure implementations