Roadmap on optical security

Postprint (author's final draft

Single-random phase encoding architecture using a focus tunable lens

We propose a new nonlinear optical architecture based on a focus tunable lens and an iterative phase retrieval algorithm. It constitutes a compact encryption system that uses a single-random phase key to simultaneously encrypt (decrypt) amplitude and phase data. Summarily, the information encoded in a transmittance object (phase and amplitude) is randomly modulated by a diffuser when a laser beam illuminates it; once the beam reaches a focus tunable lens, different subjective speckle distributions are registered at some image plane as the focal length is tuned to different values. This set of speckle patterns constitutes a delocalized ciphertext, which is used in an iterative phase retrieval algorithm to reconstruct a complex ciphertext. The original data are decrypted propagating this ciphertext through a virtual optical system. In this system, amplitude data are straightforwardly decrypted while phase data can only be restored if the random modulation produced in the encryption process is compensated. Thus, an encryption-decryption process and authentication protocol can simultaneously be performed. We validate the feasibility of our proposal with simulated and experimental results.Fil: Mosso Solano, Edward Fabian. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina. Pontificia Universidad Católica de Valparaíso; ChileFil: Bolognini, Nestor Alberto. Universidad Nacional de La Plata. Facultad de Ciencias Exactas; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - La Plata. Centro de Investigaciones Ópticas. Provincia de Buenos Aires. Gobernación. Comisión de Investigaciones Científicas. Centro de Investigaciones Ópticas. Universidad Nacional de La Plata. Centro de Investigaciones Ópticas; ArgentinaFil: Pérez, D.G.. Pontificia Universidad Católica de Valparaíso; Chil

Some Potential Issues with the Security of HTML5 IndexedDB

The new HTML5 standard provides much more access to client resources, such as user location and local data storage. Unfortunately, this greater access may create new security risks that potentially can yield new threats to user privacy and web attacks. One of these security risks lies with the HTML5 client-side database. It appears that data stored on the client file system is unencrypted. Therefore, any stored data might be at risk of exposure. This paper explains and performs a security investigation into how the data is stored on client local file systems. The investigation was undertaken using Firefox and Chrome web browsers, and Encase (a computer forensic tool), was used to examine the stored data. This paper describes how the data can be retrieved after an application deletes the client side database. Finally, based on our findings, we propose a solution to correct any potential issues and security risks, and recommend ways to store data securely on local file systems