1,977 research outputs found
Malicious cryptography techniques for unreversable (malicious or not) binaries
Fighting against computer malware require a mandatory step of reverse
engineering. As soon as the code has been disassemblied/decompiled (including a
dynamic analysis step), there is a hope to understand what the malware actually
does and to implement a detection mean. This also applies to protection of
software whenever one wishes to analyze them. In this paper, we show how to
amour code in such a way that reserse engineering techniques (static and
dymanic) are absolutely impossible by combining malicious cryptography
techniques developped in our laboratory and new types of programming (k-ary
codes). Suitable encryption algorithms combined with new cryptanalytic
approaches to ease the protection of (malicious or not) binaries, enable to
provide both total code armouring and large scale polymorphic features at the
same time. A simple 400 Kb of executable code enables to produce a binary code
and around mutated forms natively while going far beyond the old
concept of decryptor.Comment: 17 pages, 2 figures, accepted for presentation at H2HC'1
Revisiting Shared Data Protection Against Key Exposure
This paper puts a new light on secure data storage inside distributed
systems. Specifically, it revisits computational secret sharing in a situation
where the encryption key is exposed to an attacker. It comes with several
contributions: First, it defines a security model for encryption schemes, where
we ask for additional resilience against exposure of the encryption key.
Precisely we ask for (1) indistinguishability of plaintexts under full
ciphertext knowledge, (2) indistinguishability for an adversary who learns: the
encryption key, plus all but one share of the ciphertext. (2) relaxes the
"all-or-nothing" property to a more realistic setting, where the ciphertext is
transformed into a number of shares, such that the adversary can't access one
of them. (1) asks that, unless the user's key is disclosed, noone else than the
user can retrieve information about the plaintext. Second, it introduces a new
computationally secure encryption-then-sharing scheme, that protects the data
in the previously defined attacker model. It consists in data encryption
followed by a linear transformation of the ciphertext, then its fragmentation
into shares, along with secret sharing of the randomness used for encryption.
The computational overhead in addition to data encryption is reduced by half
with respect to state of the art. Third, it provides for the first time
cryptographic proofs in this context of key exposure. It emphasizes that the
security of our scheme relies only on a simple cryptanalysis resilience
assumption for blockciphers in public key mode: indistinguishability from
random, of the sequence of diferentials of a random value. Fourth, it provides
an alternative scheme relying on the more theoretical random permutation model.
It consists in encrypting with sponge functions in duplex mode then, as before,
secret-sharing the randomness
Survey and Benchmark of Block Ciphers for Wireless Sensor Networks
Cryptographic algorithms play an important role in the security architecture of wireless sensor networks (WSNs). Choosing the most storage- and energy-efficient block cipher is essential, due to the facts that these networks are meant to operate without human intervention for a long period of time with little energy supply, and that available storage is scarce on these sensor nodes. However, to our knowledge, no systematic work has been done in this area so far.We construct an evaluation framework in which we first identify the candidates of block ciphers suitable for WSNs, based on existing literature and authoritative recommendations. For evaluating and assessing these candidates, we not only consider the security properties but also the storage- and energy-efficiency of the candidates. Finally, based on the evaluation results, we select the most suitable ciphers for WSNs, namely Skipjack, MISTY1, and Rijndael, depending on the combination of available memory and required security (energy efficiency being implicit). In terms of operation mode, we recommend Output Feedback Mode for pairwise links but Cipher Block Chaining for group communications
Year 2010 Issues on Cryptographic Algorithms
In the financial sector, cryptographic algorithms are used as fundamental techniques for assuring confidentiality and integrity of data used in financial transactions and for authenticating entities involved in the transactions. Currently, the most widely used algorithms appear to be two-key triple DES and RC4 for symmetric ciphers, RSA with a 1024-bit key for an asymmetric cipher and a digital signature, and SHA-1 for a hash function according to international standards and guidelines related to the financial transactions. However, according to academic papers and reports regarding the security evaluation for such algorithms, it is difficult to ensure enough security by using the algorithms for a long time period, such as 10 or 15 years, due to advances in cryptanalysis techniques, improvement of computing power, and so on. To enhance the transition to more secure ones, National Institute of Standards and Technology (NIST) of the United States describes in various guidelines that NIST will no longer approve two-key triple DES, RSA with a 1024-bit key, and SHA-1 as the algorithms suitable for IT systems of the U.S. Federal Government after 2010. It is an important issue how to advance the transition of the algorithms in the financial sector. This paper refers to issues regarding the transition as Year 2010 issues in cryptographic algorithms. To successfully complete the transition by 2010, the deadline set by NIST, it is necessary for financial institutions to begin discussing the issues at the earliest possible date. This paper summarizes security evaluation results of the current algorithms, and describes Year 2010 issues, their impact on the financial industry, and the transition plan announced by NIST. This paper also shows several points to be discussed when dealing with Year 2010 issues.Cryptographic algorithm; Symmetric cipher; Asymmetric cipher; Security; Year 2010 issues; Hash function
Translation of Algorithmic Descriptions of Discrete Functions to SAT with Applications to Cryptanalysis Problems
In the present paper, we propose a technology for translating algorithmic
descriptions of discrete functions to SAT. The proposed technology is aimed at
applications in algebraic cryptanalysis. We describe how cryptanalysis problems
are reduced to SAT in such a way that it should be perceived as natural by the
cryptographic community. In~the theoretical part of the paper we justify the
main principles of general reduction to SAT for discrete functions from a class
containing the majority of functions employed in cryptography. Then, we
describe the Transalg software tool developed based on these principles with
SAT-based cryptanalysis specifics in mind. We demonstrate the results of
applications of Transalg to construction of a number of attacks on various
cryptographic functions. Some of the corresponding attacks are state of the
art. We compare the functional capabilities of the proposed tool with that of
other domain-specific software tools which can be used to reduce cryptanalysis
problems to SAT, and also with the CBMC system widely employed in symbolic
verification. The paper also presents vast experimental data, obtained using
the SAT solvers that took first places at the SAT competitions in the recent
several years
Slide Attacks on a Class of Hash Functions
Abstract. This paper studies the application of slide attacks to hash functions. Slide attacks have mostly been used for block cipher cryptanalysis. But, as shown in the current paper, they also form a potential threat for hash functions, namely for sponge-function like structures. As it turns out, certain constructions for hash-function-based MACs can be vulnerable to forgery and even to key recovery attacks. In other cases, we can at least distinguish a given hash function from a random oracle. To illustrate our results, we describe attacks against the Grindahl-256 and Grindahl-512 hash functions. To the best of our knowledge, this is the first cryptanalytic result on Grindahl-512. Furthermore, we point out a slide-based distinguisher attack on a slightly modified version of RadioGatún. We finally discuss simple countermeasures as a defense against slide attacks. Key words: slide attacks, hash function, Grindahl, RadioGatún, MAC, sponge function.
- …