10,763 research outputs found
Applications of Key Recovery Cube-attack-like
In this paper, we describe a variant of the cube attack with much better-understood Preprocessing Phase, where complexity can be calculated without running the actual experiments and random-like search for the cubes. We apply our method to a few different cryptographic algorithms, showing that the method can be used against a wide range of cryptographic primitives, including hash functions and authenticated encryption schemes. We also show that our key-recovery approach could be a framework for side-channel attacks, where the attacker has to deal with random errors in measurements
A Security Analysis of IoT Encryption: Side-channel Cube Attack on Simeck32/64
Simeck, a lightweight block cipher has been proposed to be one of the
encryption that can be employed in the Internet of Things (IoT) applications.
Therefore, this paper presents the security of the Simeck32/64 block cipher
against side-channel cube attack. We exhibit our attack against Simeck32/64
using the Hamming weight leakage assumption to extract linearly independent
equations in key bits. We have been able to find 32 linearly independent
equations in 32 key variables by only considering the second bit from the LSB
of the Hamming weight leakage of the internal state on the fourth round of the
cipher. This enables our attack to improve previous attacks on Simeck32/64
within side-channel attack model with better time and data complexity of 2^35
and 2^11.29 respectively.Comment: 12 pages, 6 figures, 4 tables, International Journal of Computer
Networks & Communication
Algebraic analysis of Trivium-like ciphers
Trivium is a bit-based stream cipher in the final portfolio of the eSTREAM project. In this paper, we apply the approach of Berbain et al. to Trivium-like ciphers and perform new algebraic analyses on them, namely Trivium and its reduced versions: Trivium-N, Bivium-A and Bivium-B. In doing so, we answer an open question in the literature. We demonstrate a new algebraic attack on Bivium-A. This attack requires less time and memory than previous techniques which use the F4 algorithm to recover Bivium-A's initial state. Though our attacks on Bivium-B, Trivium and Trivium-N are worse than exhaustive keysearch, the systems of equations which are constructed are smaller and less complex compared to previous algebraic analysis. Factors which can affect the complexity of our attack on Trivium-like ciphers are discussed in detail
A Comprehensive Survey on the Implementations, Attacks, and Countermeasures of the Current NIST Lightweight Cryptography Standard
This survey is the first work on the current standard for lightweight
cryptography, standardized in 2023. Lightweight cryptography plays a vital role
in securing resource-constrained embedded systems such as deeply-embedded
systems (implantable and wearable medical devices, smart fabrics, smart homes,
and the like), radio frequency identification (RFID) tags, sensor networks, and
privacy-constrained usage models. National Institute of Standards and
Technology (NIST) initiated a standardization process for lightweight
cryptography and after a relatively-long multi-year effort, eventually, in Feb.
2023, the competition ended with ASCON as the winner. This lightweight
cryptographic standard will be used in deeply-embedded architectures to provide
security through confidentiality and integrity/authentication (the dual of the
legacy AES-GCM block cipher which is the NIST standard for symmetric key
cryptography). ASCON's lightweight design utilizes a 320-bit permutation which
is bit-sliced into five 64-bit register words, providing 128-bit level
security. This work summarizes the different implementations of ASCON on
field-programmable gate array (FPGA) and ASIC hardware platforms on the basis
of area, power, throughput, energy, and efficiency overheads. The presented
work also reviews various differential and side-channel analysis attacks (SCAs)
performed across variants of ASCON cipher suite in terms of algebraic,
cube/cube-like, forgery, fault injection, and power analysis attacks as well as
the countermeasures for these attacks. We also provide our insights and visions
throughout this survey to provide new future directions in different domains.
This survey is the first one in its kind and a step forward towards
scrutinizing the advantages and future directions of the NIST lightweight
cryptography standard introduced in 2023
Building Confidential and Efficient Query Services in the Cloud with RASP Data Perturbation
With the wide deployment of public cloud computing infrastructures, using
clouds to host data query services has become an appealing solution for the
advantages on scalability and cost-saving. However, some data might be
sensitive that the data owner does not want to move to the cloud unless the
data confidentiality and query privacy are guaranteed. On the other hand, a
secured query service should still provide efficient query processing and
significantly reduce the in-house workload to fully realize the benefits of
cloud computing. We propose the RASP data perturbation method to provide secure
and efficient range query and kNN query services for protected data in the
cloud. The RASP data perturbation method combines order preserving encryption,
dimensionality expansion, random noise injection, and random projection, to
provide strong resilience to attacks on the perturbed data and queries. It also
preserves multidimensional ranges, which allows existing indexing techniques to
be applied to speedup range query processing. The kNN-R algorithm is designed
to work with the RASP range query algorithm to process the kNN queries. We have
carefully analyzed the attacks on data and queries under a precisely defined
threat model and realistic security assumptions. Extensive experiments have
been conducted to show the advantages of this approach on efficiency and
security.Comment: 18 pages, to appear in IEEE TKDE, accepted in December 201
09031 Abstracts Collection -- Symmetric Cryptography
From 11.01.09 to 16.01.09, the Seminar 09031 in
``Symmetric Cryptography \u27\u27 was held
in Schloss Dagstuhl~--~Leibniz Center for Informatics.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
Security analysis of NIST-LWC contest finalists
Dissertação de mestrado integrado em Informatics EngineeringTraditional cryptographic standards are designed with a desktop and server environment in mind, so, with the
relatively recent proliferation of small, resource constrained devices in the Internet of Things, sensor networks,
embedded systems, and more, there has been a call for lightweight cryptographic standards with security,
performance and resource requirements tailored for the highly-constrained environments these devices find
themselves in.
In 2015 the National Institute of Standards and Technology began a Standardization Process in order to select
one or more Lightweight Cryptographic algorithms. Out of the original 57 submissions ten finalists remain, with
ASCON and Romulus being among the most scrutinized out of them.
In this dissertation I will introduce some concepts required for easy understanding of the body of work, do
an up-to-date revision on the current situation on the standardization process from a security and performance
standpoint, a description of ASCON and Romulus, and new best known analysis, and a comparison of the two,
with their advantages, drawbacks, and unique traits.Os padrões criptográficos tradicionais foram elaborados com um ambiente de computador e servidor em mente.
Com a proliferação de dispositivos de pequenas dimensões tanto na Internet of Things, redes de sensores e
sistemas embutidos, apareceu uma necessidade para se definir padrões para algoritmos de criptografia leve, com
prioridades de segurança, performance e gasto de recursos equilibrados para os ambientes altamente limitados
em que estes dispositivos operam.
Em 2015 o National Institute of Standards and Technology lançou um processo de estandardização com o
objectivo de escolher um ou mais algoritmos de criptografia leve. Das cinquenta e sete candidaturas originais
sobram apenas dez finalistas, sendo ASCON e Romulus dois desses finalistas mais examinados.
Nesta dissertação irei introduzir alguns conceitos necessários para uma fácil compreensão do corpo deste
trabalho, assim como uma revisão atualizada da situação atual do processo de estandardização de um ponto
de vista tanto de segurança como de performance, uma descrição do ASCON e do Romulus assim como as
suas melhores análises recentes e uma comparação entre os dois, frisando as suas vantagens, desvantagens e
aspectos únicos
- …