Novel pseudo random number generation using variant logic framework

Cyber Security requires cryptology for the basic protection. Among different ECRYPT technologies, stream cipher plays a central role in advanced network security applications; in addition, pseudo-random number generators are placed in the core position of the mechanism. In this paper, a novel method of pseudo-random number generation is proposed to take advantage of the large functional space described using variant logic, a new framework for binary logic. Using permutation and complementary operations on classical truth table to form relevant variant table, numbers can be selected from table entries having pseudo-random properties. A simple generation mechanism is described and shown and pseudo-random sequences are analyzed for their cycle property and complexity. Applying this novel method, it can play a useful role in future applications for higher performance of cyber security environments

Оценка асимметрии по автокорреляции

On example of the pseudorandom sequence of Fibonacci generator in detail described results of the experimental study to asymmetries by methods of autocorrelation.На примере псевдослучайной последовательности генератора Фибоначчи подробно описаны результаты экспериментального исследования асимметрии методами автокорреляции. Введенный в статье коэффициент ранговой упорядоченности двоичных слов из полезной длины периода последовательности в рассмотренном примере очень мал

О возможностях использования арифметики Фибоначчи для повышения эффективности криптографических преобразований

Abvisability of application the arithmetic of Fibonacci to cryptography is consider in the article. Perspective of this direction to improvement of the statistical properties of symmetric cryptography transformation is describe.В статье рассматривается целесообразность использования аппарата арифметики Фибоначчи в области криптографии. Показана перспективность этого направления исследований в рамках совершенствования статистических показателей симметричных криптографических преобразований информации

Physical Layer Securities in Wireless Communication Systems

Due to the tremendous advancement in the semiconductor and microelectronics technologies, wireless technologies have blossomed in the recent decades. The large scale deployment of wireless networks have revolutionized the way people live. They bring a great deal of convenience and enjoyment to us. Undoubtedly, we have become more and more dependent on these wireless technologies. These include cellular and radio frequency identification (RFID) technologies. However, with great technologies also come great risks and threats. Unlike wired transmissions, the nature of wireless transmissions result in the transmitted signals over the channel can be easily intercepted and eavesdropped by malicious adversaries. Therefore, security and privacy of the employed wireless communication system are easily compromised compared to the wired communication system. Consequently, securing wireless network has attracted a lot of attention in the recent years and it has huge practical implications. Securing wireless networks can be and indeed are performed at all layers of a network protocol stack. These include application, network, data link and physical (PHY) layers. The primary focus of our research is on the PHY layer approaches for securing and attacking wireless networks. In this thesis, we identify three research topics and present our results. They are: 1) PHY layer phase encryption (P-Enc) vs XOR encryption (XOR-Enc); 2) PHY layer signaling scheme to ensure the confidentiality of the transmitted messages from the tag to the reader in RFID systems. 3) Active eavesdropping attack framework under frequency hopping spread spectrum (FHSS) RFID systems. In the first work, we introduce a new OFDM encryption scheme which we call OFDM-Enc, different from convectional XOR-Enc, OFDM-Enc encrypts data by multiplying each of in-phase and quadrature component of the time domain OFDM symbol by a keystream bit. We then perform an initial investigation on the security of OFDM-Enc. We show it is secure against all attacks that are considered in this work. Moreover, depending on the modulation type, OFDM would potentially reduce the keystream size required for encryption, while still achieving the required security level. We also conduct simulations to compare OFDM-Enc with conventional XOR-Enc. We show indeed OFDM-Enc is viable and can achieve good performances. Then we extend OFDM-Enc to general communication systems. Since the encryption is essentially done by changing the phase of the data constellations, we just adopt the term P-Enc. In addition, we form mathematical formulations in order to compare between P-Enc and XOR-Enc in terms of efficiency, security and hardware complexity. Furthermore, we show P-Enc at the PHY layer can prevent traffic analysis attack, which cannot be prevented with the upper layer encryptions. Finally, simulations are conducted again to compare the performance of P-Enc and XOR-Enc. In the second work, we are interested in protecting tag's data from leaking or being compromised to malicious adversaries. As discussed earlier, due to the nature of wireless channels, communications between the tag and the reader is susceptible to eavesdropping. The conventional method uses encryption for confidentiality protection of transmitted messages. However, this requires to pre-share keys between the reader and the tag. As a result, a key management and distribution system needs to be put in place. This introduces heavy system overhead. In this work, we first propose a new PHY layer RFID privacy protection method which requires no pre-shared keys and would achieve the same goal. We also perform theoretical analysis to first validate of our proposed scheme. Finally, we conduct experiments to further verify the feasibility our proposed scheme under the passive eavesdropping attack model. In the third work, we present a new attack on the FHSS RFID system called active eavesdropping attack. In most semi-passive and passive RFID systems, tag to reader communications are accomplished via backscattering modulation. This implies the tag is not required to identify the frequency of the legitimate reader's transmitted signal, it simply responds to a reader's query by setting its impedance in the circuitry to low and high to represent bit 1 and 0. The attacker exploits this design weakness of the tag and broadcasts his own continuous wave (CW) at a different frequency. Consequently, the eavesdropper receives two copies of responses: one from his own broadcasted CW and one from reader's CW. We perform theoretical analysis to show the optimal strategy for the attacker in terms of the decoding error probability. Finally, we conduct simulations and experiments to verify with our theoretical results

Design and Analysis of Security Schemes for Low-cost RFID Systems

With the remarkable progress in microelectronics and low-power semiconductor technologies, Radio Frequency IDentification technology (RFID) has moved from obscurity into mainstream applications, which essentially provides an indispensable foundation to realize ubiquitous computing and machine perception. However, the catching and exclusive characteristics of RFID systems introduce growing security and privacy concerns. To address these issues are particularly challenging for low-cost RFID systems, where tags are extremely constrained in resources, power and cost. The primary reasons are: (1) the security requirements of low-cost RFID systems are even more rigorous due to large operation range and mass deployment; and (2) the passive tags' modest capabilities and the necessity to keep their prices low present a novel problem that goes beyond the well-studied problems of traditional cryptography. This thesis presents our research results on the design and the analysis of security schemes for low-cost RFID systems. Motivated by the recent attention on exploiting physical layer resources in the design of security schemes, we investigate how to solve the eavesdropping, modification and one particular type of relay attacks toward the tag-to-reader communication in passive RFID systems without requiring lightweight ciphers. To this end, we propose a novel physical layer scheme, called Backscatter modulation- and Uncoordinated frequency hopping-assisted Physical Layer Enhancement (BUPLE). The idea behind it is to use the amplitude of the carrier to transmit messages as normal, while to utilize its periodically varied frequency to hide the transmission from the eavesdropper/relayer and to exploit a random sequence modulated to the carrier's phase to defeat malicious modifications. We further improve its eavesdropping resistance through the coding in the physical layer, since BUPLE ensures that the tag-to-eavesdropper channel is strictly noisier than the tag-to-reader channel. Three practical Wiretap Channel Codes (WCCs) for passive tags are then proposed: two of them are constructed from linear error correcting codes, and the other one is constructed from a resilient vector Boolean function. The security and usability of BUPLE in conjunction with WCCs are further confirmed by our proof-of-concept implementation and testing. Eavesdropping the communication between a legitimate reader and a victim tag to obtain raw data is a basic tool for the adversary. However, given the fundamentality of eavesdropping attacks, there are limited prior work investigating its intension and extension for passive RFID systems. To this end, we firstly identified a brand-new attack, working at physical layer, against backscattered RFID communications, called unidirectional active eavesdropping, which defeats the customary impression that eavesdropping is a ``passive" attack. To launch this attack, the adversary transmits an un-modulated carrier (called blank carrier) at a certain frequency while a valid reader and a tag interacts at another frequency channel. Once the tag modulates the amplitude of reader's signal, it causes fluctuations on the blank carrier as well. By carefully examining the amplitude of the backscattered versions of the blank carrier and the reader's carrier, the adversary could intercept the ongoing reader-tag communication with either significantly lower bit error rate or from a significantly greater distance away. Our concept is demonstrated and empirically analyzed towards a popular low-cost RFID system, i.e., EPC Gen2. Although active eavesdropping in general is not trivial to be prohibited, for a particular type of active eavesdropper, namely a greedy proactive eavesdropper, we propose a simple countermeasure without introducing extra cost to current RFID systems. The needs of cryptographic primitives on constraint devices keep increasing with the growing pervasiveness of these devices. One recent design of the lightweight block cipher is Hummingbird-2. We study its cryptographic strength under a novel technique we developed, called Differential Sequence Attack (DSA), and present the first cryptanalytic result on this cipher. In particular, our full attack can be divided into two phases: preparation phase and key recovery phase. During the key recovery phase, we exploit the fact that the differential sequence for the last round of Hummingbird-2 can be retrieved by querying the full cipher, due to which, the search space of the secret key can be significantly reduced. Thus, by attacking the encryption (decryption resp.) of Hummingbird-2, our algorithm recovers 36-bit (another 28-bit resp.) out of 128-bit key with $2^{68}$ ($2^{60}$ resp.) time complexity if particular differential conditions of the internal states and of the keys at one round can be imposed. Additionally, the rest 64-bit of the key can be exhaustively searched and the overall time complexity is dominated by $2^{68}$. During the preparation phase, by investing $2^{81}$ effort in time, the adversary is able to create the differential conditions required in the key recovery phase with at least 0.5 probability. As an additional effort, we examine the cryptanalytic strength of another lightweight candidate known as A2U2, which is the most lightweight cryptographic primitive proposed so far for low-cost tags. Our chosen-plaintext-attack fully breaks this cipher by recovering its secret key with only querying the encryption twice on the victim tag and solving 32 sparse systems of linear equations (where each system has 56 unknowns and around 28 unknowns can be directly obtained without computation) in the worst case, which takes around 0.16 second on a Thinkpad T410 laptop