A Quantitative Study of Advanced Encryption Standard Performance as it Relates to Cryptographic Attack Feasibility

The advanced encryption standard (AES) is the premier symmetric key cryptosystem in use today. Given its prevalence, the security provided by AES is of utmost importance. Technology is advancing at an incredible rate, in both capability and popularity, much faster than its rate of advancement in the late 1990s when AES was selected as the replacement standard for DES. Although the literature surrounding AES is robust, most studies fall into either theoretical or practical yet infeasible. This research takes the unique approach drawn from the performance field and dual nature of AES performance. It uses benchmarks to assess the performance potential of computer systems for both general purpose and AES. Since general performance information is readily available, the ratio may be used as a predictor for AES performance and consequently attack potential. The design involved distributing USB drives to facilitators containing a bootable Linux operating system and the benchmark instruments. Upon boot, these devices conducted the benchmarks, gathered system specifications, and submitted them to a server for regression analysis. Although it is likely to be many years in the future, the results of this study may help better predict when attacks against AES key lengths will become feasible

Adaptive Encryption Techniques In Wireless Communication Channels With Tradeoffs Between Communication Reliability And Security

Encryption is a vital process to ensure the confidentiality of the information transmitted over an insecure wireless channel. However, the nature of the wireless channel tends to deteriorate because of noise, interference and fading. Therefore, a symmetrically encrypted transmitted signal will be received with some amount of error. Consequently, due to the strict avalanche criterion (sac), this error propagates during the decryption process, resulting in half the bits (on average) after decryption to be in error. In order to alleviate this amount of error, smart coding techniques and/or new encryption algorithms that take into account the nature of wireless channels are required. The solution for this problem could involve increasing the block and key lengths which might degrade the throughput of the channel. Moreover, these solutions might significantly increase the complexity of the encryption algorithms and hence to increase the cost of its implementation and use. Two main approaches have been folloto solve this problem, the first approach is based on developing an effective coding schemes and mechanisms, in order to minimize and correct the errors introduced by the channel. The second approach is more focused on inventing and implementing new encryption algorithms that encounter less error propagation, by alleviating the sac effect. Most of the research done using these two approaches lacked the comprehensiveness in their designs. Some of these works focused on improving the error performance and/or enhancing the security on the cost of complexity and throughput. In this work, we focus on solving the problem of encryption in wireless channels in a comprehensive way that considers all of the factors in its structure (error performance, security and complexity). New encryption algorithms are proposed, which are modifications to the standardized encryption algorithms and are shown to outperform the use of these algorithms in wireless channels in terms of security and error performance with a slight addition in the complexity. We introduce new modifications that improve the error performance for a certain required security level while achieving the highest possible throughput. We show how our proposed algorithm outperforms the use of other encryption algorithms in terms of the error performance, throughput, complexity, and is secure against all known encryption attacks. In addition, we study the effect of each round and s-box in symmetric encryption algorithms on the overall probability of correct reception at the receiver after encryption and the effect on the security is analyzed as well. Moreover, we perform a complete security, complexity and energy consumption analysis to evaluate the new developed encryption techniques and procedures. We use both analytical computations and computer simulations to evaluate the effectiveness of every modification we introduce in our proposed designs

Evaluation of Common Encryption Algorithm and Scope of Advanced Algorithm for Simulated Wireless Network

Abstract -Encryption algorithms play a vital role in information security systems. The study discovers the progress of Encryption algorithms in terms of their diversity of applications. Some of the Encryption algorithms have been developed to make transmission and storage of data more secured and confidential. Different levels of securities are offered by different algorithms depending on how difficult is to break them. If it is difficult to recover the plain text in spite of having substantial amount of cipher text then an algorithm is unconditionally secured. This study provides evaluation of eight of the most common encryption algorithms namely: DES, 3DES, AES (Rijndael), Blowfish, RSA, RC2, RC4, and RC6. From our analysis we came to conclusion that the best algorithm is the one which fulfills our need of security and speed. We come with new design of encryption algorithm based on AES or RSA or RC4, various scripts on NS2 or MATLAB or SCILAB, simulation environment of encrypted wireless network based on NS2 or MATLAB or SCILAB. We will implement newly proposed encryption algorithm on simulated environment and also test performance of proposed algorithm on wireless simulated network. We come with design and implement technique to store encrypted data on secondary storage device

Energy Efficient Security Framework for Wireless Local Area Networks

Wireless networks are susceptible to network attacks due to their inherentvulnerabilities. The radio signal used in wireless transmission canarbitrarily propagate through walls and windows; thus a wireless networkperimeter is not exactly known. This leads them to be more vulnerable toattacks such as eavesdropping, message interception and modifications comparedto wired-line networks. Security services have been used as countermeasures toprevent such attacks, but they are used at the expense of resources that arescarce especially, where wireless devices have a very limited power budget.Hence, there is a need to provide security services that are energy efficient.In this dissertation, we propose an energy efficient security framework. Theframework aims at providing security services that take into account energyconsumption. We suggest three approaches to reduce the energy consumption ofsecurity protocols: replacement of standard security protocol primitives thatconsume high energy while maintaining the same security level, modification ofstandard security protocols appropriately, and a totally new design ofsecurity protocol where energy efficiency is the main focus. From ourobservation and study, we hypothesize that a higher level of energy savings isachievable if security services are provided in an adjustable manner. Wepropose an example tunable security or TuneSec system, which allows areasonably fine-grained security tuning to provide security services at thewireless link level in an adjustable manner.We apply the framework to several standard security protocols in wirelesslocal area networks and also evaluate their energy consumption performance.The first and second methods show improvements of up to 70% and 57% inenergy consumption compared to plain standard security protocols,respectively. The standard protocols can only offer fixed-level securityservices, and the methods applied do not change the security level. The thirdmethod shows further improvement compared to fixed-level security by reducing(about 6% to 40%) the energy consumed. This amount of energy saving can bevaried depending on the configuration and security requirements

On What to Learn: Train or Adapt a Deeply Learned Profile?

In recent years, many papers have shown that deep learning can be beneficial for profiled side-channel analysis. However, in order to obtain good performances with deep learning, an attacker needs a lot of data for training. The training data should be as similar as possible to the data that will be obtained during the attack, a condition that may not be easily met in real-world scenarios. It is thus of interest to analyse different scenarios where the attack makes use of ``imperfect training data. The typical situation in side-channel is that the attacker has access to an unlabelled dataset of measurements from the target device (obtained with the key he actually wants to recover) and, depending on the context, he may also take profit of a labelled dataset (say profiling data) obtained on the same device (with known or chosen key(s)). In this paper, we extend the attacker models and investigate the situation where an attacker additionally has access to a neural network that has been pre-trained on some other dataset not fully corresponding to the attack one. The attacker can then either directly use the pre-trained network to attack, or if profiling data is available, train a new network, or adapt a pre-trained one using transfer learning. We made many experiments to compare the attack metrics obtained in both cases on various setups (different probe positions, channels, devices, size of datasets). Our results show that in many cases, a lack of training data can be counterbalanced by additional imperfect data coming from another setup

Toward Lightweight Cryptography: A Survey

The main problem in Internet of Things (IoT) security is how to find lightweight cryptosystems that are suitable for devices with limited capabilities. In this paper, a comprehensive literature survey that discusses the most prominent encryption algorithms used in device security in general and IoT devices in specific has been conducted. Many studies related to this field have been discussed to identify the most technical requirements of lightweight encryption systems to be compatible with variances in IoT devices. Also, we explored the results of security and performance of the AES algorithm in an attempt to study the algorithm performance for keeping an acceptable security level which makes it more adaptable to IoT devices as a lightweight encryption system

Novel reversible text data de-identification techniques based on native data structures

Technological development in today's digital world has resulted in the collection and storage of large amounts of personal data. These data enable both direct services and non-direct activities, known as secondary use. The secondary use of data can improve decision-making, service experiences, and healthcare systems. However, the widespread reuse of personal data raises significant privacy and policy issues, especially for health- related information; these data may contain sensitive data, leading to privacy breaches if compromised. Legal systems establish laws to protect the privacy of personal data disclosed for secondary use. A well-known example is the General Data Protection Regulation (GDPR), which outlines a specific set of rules for sharing and storing personal data to protect individual privacy. The GDPR explicitly points to data de-identification, especially pseudonymization, as one measure that can help meet the requirements for the processing of personal data. The literature on privacy preservation approaches has largely been developed in the field of data anonymization, where personal data are irreversibly removed or obfuscated and there is no means by which to recover an individual's identity if needed. By contrast, pseudonymization is a promising technique to protect privacy while enabling the recovery of de-identified data. Significantly, many existing approaches for pseudonymization were developed long before the GDPR requirements were established, and so they may fail to satisfy its provisions. Therefore, it is worthwhile to offer technical solutions to preserve privacy while supporting the legitimate use of data. This thesis proposes a novel de-identification system for unstructured textual data, known as ARTPHIL, that generates de-identified data in compliance with the GDPR requirement for strong pseudonymization. The system was evaluated using 2014 i2b2 testing data. The proposed system achieved a recall of 96.93% in terms of detecting and encrypting personal health information, as specified under guidelines provided by the Health Insurance Portability and Accountability Act (HIPAA). The system used a novel and lightweight cryptography algorithm E-ART to encrypt personal data cost-effectively and without compromising security. The main novelty of the E-ART algorithm is the use of the reflection property of a balanced binary tree data structure as substitution method instead of complex and multiple iterations. The performance and security of the proposed algorithm were compared to two symmetric encryption algorithms: The Advanced Encryption Standard and Data Encryption Standard. The security analysis showed comparable results, but the performance analysis indicated that E‐ART had the shortest ciphertext and running time with comparable memory usage, which indicates the feasibility of using ARTPHIL for delay-sensitive or data-intensive application

MedLAN: Compact mobile computing system for wireless information access in emergency hospital wards

This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.As the need for faster, safer and more efficient healthcare delivery increases, medical consultants seek new ways of implementing a high quality telemedical system, using innovative technology. Until today, teleconsultation (the most common application of Telemedicine) was performed by transferring the patient from the Accidents and Emergency ward, to a specially equipped room, or by moving large and heavy machinery to the place where the patient resided. Both these solutions were unpractical, uneconomical and potentially dangerous. At the same time wireless networks became increasingly useful in point-of-care areas such as hospitals, because of their ease of use, low cost of installation and increased flexibility. This thesis presents an integrated system called MedLAN dedicated for use inside the A&E hospital wards. Its purpose is to wirelessly support high-quality live video, audio, high-resolution still images and networks support from anywhere there is WLAN coverage. It is capable of transmitting all of the above to a consultant residing either inside or outside the hospital, or even to an external place, thorough the use of the Internet. To implement that, it makes use of the existing IEEE 802.11b wireless technology. Initially, this thesis demonstrates that for specific scenarios (such as when using WLANs), DICOM specifications should be adjusted to accommodate for the reduced WLAN bandwidth. Near lossless compression has been used to send still images through the WLANs and the results have been evaluated by a number of consultants to decide whether they retain their diagnostic value. The thesis further suggests improvements on the existing 802.11b protocol. In particular, as the typical hospital environment suffers from heavy RF reflections, it suggests that an alternative method of modulation (OFDM) can be embedded in the 802.11b hardware to reduce the multipath effect, increase the throughput and thus the video quality sent by the MedLAN system. Finally, realising that the trust between a patient and a doctor is fundamental this thesis proposes a series of simple actions aiming at securing the MedLAN system. Additionally, a concrete security system is suggested, that encapsulates the existing WEP security protocol, over IPSec