5,135 research outputs found
Interpolation Cryptanalysis of Unbalanced Feistel Networks with Low Degree Round Functions
Arithmetisierungs-Orientierte Symmetrische Primitive (AOSPs) sprechen das bestehende Optimierungspotential bei der Auswertung von Blockchiffren und Hashfunktionen als Bestandteil von sicherer Mehrparteienberechnung, voll-homomorpher Verschlüsselung und Zero-Knowledge-Beweisen an. Die Konstruktionsweise von AOSPs unterscheidet sich von traditionellen Primitiven durch die Verwendung von algebraisch simplen Elementen. Zusätzlich sind viele Entwürfe über Primkörpern statt über Bits definiert. Aufgrund der Neuheit der Vorschläge sind eingehendes Verständnis und ausgiebige Analyse erforderlich um ihre Sicherheit zu etablieren. Algebraische Analysetechniken wie zum Beispiel Interpolationsangriffe sind die erfolgreichsten Angriffsvektoren gegen AOSPs. In dieser Arbeit generalisieren wir eine existierende Analyse, die einen Interpolationsangriff mit geringer Speicherkomplexität verwendet, um das Entwurfsmuster der neuen Chiffre GMiMC und ihrer zugehörigen Hashfunktion GMiMCHash zu untersuchen. Wir stellen eine neue Methode zur Berechnung des Schlüssels basierend auf Nullstellen eines Polynoms vor, demonstrieren Verbesserungen für die Komplexität des Angriffs durch Kombinierung mehrere Ausgaben, und wenden manche der entwickelten Techniken in einem algebraischen Korrigierender-Letzter-Block
Angriff der Schwamm-Konstruktion an. Wir beantworten die offene Frage einer früheren Arbeit, ob die verwendete Art von Interpolationsangriffen generalisierbar ist, positiv. Wir nennen konkrete empfohlene untere Schranken für Parameter in den betrachteten Szenarien. Außerdem kommen wir zu dem Schluss dass GMiMC und GMiMCHash gegen die in dieser Arbeit betrachteten Interpolationsangriffe sicher sind. Weitere kryptanalytische Anstrengungen sind erforderlich um die Sicherheitsgarantien von AOSPs zu festigen
On Mitigation of Side-Channel Attacks in 3D ICs: Decorrelating Thermal Patterns from Power and Activity
Various side-channel attacks (SCAs) on ICs have been successfully
demonstrated and also mitigated to some degree. In the context of 3D ICs,
however, prior art has mainly focused on efficient implementations of classical
SCA countermeasures. That is, SCAs tailored for up-and-coming 3D ICs have been
overlooked so far. In this paper, we conduct such a novel study and focus on
one of the most accessible and critical side channels: thermal leakage of
activity and power patterns. We address the thermal leakage in 3D ICs early on
during floorplanning, along with tailored extensions for power and thermal
management. Our key idea is to carefully exploit the specifics of material and
structural properties in 3D ICs, thereby decorrelating the thermal behaviour
from underlying power and activity patterns. Most importantly, we discuss
powerful SCAs and demonstrate how our open-source tool helps to mitigate them.Comment: Published in Proc. Design Automation Conference, 201
Arion: Arithmetization-Oriented Permutation and Hashing from Generalized Triangular Dynamical Systems
In this paper we propose the (keyed) permutation Arion and the hash function
ArionHash over for odd and particularly large primes. The design
of Arion is based on the newly introduced Generalized Triangular Dynamical
System (GTDS), which provides a new algebraic framework for constructing
(keyed) permutation using polynomials over a finite field. At round level Arion
is the first design which is instantiated using the new GTDS. We provide
extensive security analysis of our construction including algebraic
cryptanalysis (e.g. interpolation and Groebner basis attacks) that are
particularly decisive in assessing the security of permutations and hash
functions over . From a application perspective, ArionHash is
aimed for efficient implementation in zkSNARK protocols and Zero-Knowledge
proof systems. For this purpose, we exploit that CCZ-equivalence of graphs can
lead to a more efficient implementation of Arithmetization-Oriented primitives.
We compare the efficiency of ArionHash in R1CS and Plonk settings with other
hash functions such as Poseidon, Anemoi and Griffin. For demonstrating the
practical efficiency of ArionHash we implemented it with the zkSNARK libraries
libsnark and Dusk Network Plonk. Our result shows that ArionHash is
significantly faster than Poseidon - a hash function designed for
zero-knowledge proof systems. We also found that an aggressive version of
ArionHash is considerably faster than Anemoi and Griffin in a practical zkSNARK
setting
SecMon: End-to-End Quality and Security Monitoring System
The Voice over Internet Protocol (VoIP) is becoming a more available and
popular way of communicating for Internet users. This also applies to
Peer-to-Peer (P2P) systems and merging these two have already proven to be
successful (e.g. Skype). Even the existing standards of VoIP provide an
assurance of security and Quality of Service (QoS), however, these features are
usually optional and supported by limited number of implementations. As a
result, the lack of mandatory and widely applicable QoS and security guaranties
makes the contemporary VoIP systems vulnerable to attacks and network
disturbances. In this paper we are facing these issues and propose the SecMon
system, which simultaneously provides a lightweight security mechanism and
improves quality parameters of the call. SecMon is intended specially for VoIP
service over P2P networks and its main advantage is that it provides
authentication, data integrity services, adaptive QoS and (D)DoS attack
detection. Moreover, the SecMon approach represents a low-bandwidth consumption
solution that is transparent to the users and possesses a self-organizing
capability. The above-mentioned features are accomplished mainly by utilizing
two information hiding techniques: digital audio watermarking and network
steganography. These techniques are used to create covert channels that serve
as transport channels for lightweight QoS measurement's results. Furthermore,
these metrics are aggregated in a reputation system that enables best route
path selection in the P2P network. The reputation system helps also to mitigate
(D)DoS attacks, maximize performance and increase transmission efficiency in
the network.Comment: Paper was presented at 7th international conference IBIZA 2008: On
Computer Science - Research And Applications, Poland, Kazimierz Dolny
31.01-2.02 2008; 14 pages, 5 figure
- …