Accelerating NTRUEncrypt for in-browser cryptography utilising graphical processing units and WebGL

One of the challenges encryption faces is it is computationally intensive and therefore slow, it is vital to find faster methods to accelerate modern encryption algorithms to keep performance high whilst also preserving information security. Users often do not want to wait for applications to become responsive, applications on limited devices such as mobiles often compromise security in order to keep execution times quick. Often they use algorithms and key sizes which are not considered cryptographically secure in order to maintain a smooth user experience. Emerging approaches have begun using a devices Graphics Processing Unit (GPU) to offload some of the computational burden from the Central Processing Unit (CPU) in an effort to parallelize and accelerate the encryption algorithms. Programming for a GPU often involves the use of CUDA or OpenCL programming, however these approaches are platform dependant. This research focuses on utilizing a GPU to perform in-browser cryptography using WebGL and JavaScript. This allows any GPU-enabled device capable of launching an OpenGL compatible browser to perform GPU accelerated cryptography. A GPU based implementation of the NTRUEncrypt algorithm was created and tested against a CPU based version on a range of hardware devices with results, challenges and limitations discussed

Privacy-Preserving Ad-Hoc Equi-Join on Outsourced Data

In IT outsourcing, a user may delegate the data storage and query processing functions to a third-party server that is not completely trusted. This gives rise to the need to safeguard the privacy of the database as well as the user queries over it. In this article, we address the problem of running ad hoc equi-join queries directly on encrypted data in such a setting. Our contribution is the first solution that achieves constant complexity per pair of records that are evaluated for the join. After formalizing the privacy requirements pertaining to the database and user queries, we introduce a cryptographic construct for securely joining records across relations. The construct protects the database with a strong encryption scheme. Moreover, information disclosure after executing an equi-join is kept to the minimum—that two input records combine to form an output record if and only if they share common join attribute values. There is no disclosure on records that are not part of the join result. Building on this construct, we then present join algorithms that optimize the join execution by eliminating the need to match every record pair from the input relations. We provide a detailed analysis of the cost of the algorithms and confirm the analysis through extensive experiments with both synthetic and benchmark workloads. Through this evaluation, we tease out useful insights on how to configure the join algorithms to deliver acceptable execution time in practice.</jats:p

The Proceedings of 14th Australian Information Security Management Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

The annual Security Congress, run by the Security Research Institute at Edith Cowan University, includes the Australian Information Security and Management Conference. Now in its fourteenth year, the conference remains popular for its diverse content and mixture of technical research and discussion papers. The area of information security and management continues to be varied, as is reflected by the wide variety of subject matter covered by the papers this year. The conference has drawn interest and papers from within Australia and internationally. All submitted papers were subject to a double blind peer review process. Fifteen papers were submitted from Australia and overseas, of which ten were accepted for final presentation and publication. We wish to thank the reviewers for kindly volunteering their time and expertise in support of this event. We would also like to thank the conference committee who have organised yet another successful congress. Events such as this are impossible without the tireless efforts of such people in reviewing and editing the conference papers, and assisting with the planning, organisation and execution of the conferences. To our sponsors also a vote of thanks for both the financial and moral support provided to the conference. Finally, thank you to the administrative and technical staff, and students of the ECU Security Research Institute for their contributions to the running of the conference

Sistema de arquivos criptográfico com aceleração especulativa em GPU

Orientador: Dr. Wagner Machado Nunan ZolaCoorientador: Dr. Luis Carlos Erpen de BonaDissertação (mestrado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa : Curitiba, 03/09/2018Inclui referênciasÁrea de concentração: Ciência da ComputaçãoResumo: A informação pode assumir um caráter valioso em diversas situações, inclusive ao ser armazenada em formato digital. É comum encontrar diversos sistemas de armazenamento de dados que se preocupam em cumprir com algumas propriedades básicas da segurança da informação. Geralmente utilizam técnicas de criptografia, principalmente a da cifragem simétrica. A utilização de criptografia pode exigir quantidades significativas de processamento em CPUs. Consequentemente, sistemas de armazenamento criptográficos podem se tornar grandes consumidores de recursos de processamento e ser impactados por outras aplicações ao concorrer pelo uso da CPU. Uma forma alternativa ao processamento em CPUs é o processamento paralelo utilizando múltiplos processadores de placas gráficas (GPUs). Um dos algoritmos de cifragem simétrica mais utilizados é o AES e sua aceleração em GPUs foi amplamente estudada. Um desses estudos resultou na criação do WAES e de sua biblioteca WAESlib, que permite executar funções de cifragem do AES em GPUs. O funcionamento do WAES está baseado no modo de operação CTR, o qual consiste em regras que orientam como devem ser aplicados os algoritmos de cifragem visando manter o processo de cifragem seguro. As principais vantagens do modo CTR são ser totalmente paralelizável e permitir realizar a etapa inicial do processo de cifragem de forma antecipada, gerando máscaras de cifragem. Procurando se beneficiar dessas vantagens, este trabalho explora a utilização do modo CTR, aplicando-o na implementação do sistema de arquivos criptográfico EncFS++. A biblioteca WAESlib foi utilizada para auxiliar no processo de implementação. Na primeira etapa deste trabalho foi implementado o modo CTR, onde foram tratadas questões relacionadas a um componente essencial do modo CTR denominado nonce. Foram criadas e implementadas técnicas que lidam com a geração, armazenamento e gerenciamento de nonces. Na segunda etapa foram criadas e implementadas técnicas relacionadas ao gerenciamento dos contextos de cifragem, procurando realizar a cifragem especulativa de forma eficiente, gerando as máscaras de cifragem na GPU com o tempo de antecedência adequado. Foram realizadas análises de desempenho envolvendo vazão, tempo de execução e latência na implementação resultante da primeira etapa, bem como vazão e utilização de CPU na implementação da segunda. Os resultados da primeira etapa demonstram que a simples utilização do modo CTR traz ganhos significativos de desempenho principalmente nas operações de escrita. Os resultados da segunda etapa demonstram que os ganhos podem ser ampliados, inclusive nas operações de leitura sequencial, com a produção especulativa das máscaras de cifragem e seu processamento em GPU. Em ambientes que não utilizam processadores com aceleração das funções criptográficas do AES, os ganhos são bem significativos, inclusive resultando em utilização mais eficiente da CPU.Abstract: Information can be valuable in many situations, including when is stored in digital format. It is common to find several storage systems that try to comply with some basic information security properties. For those purposes, they use cryptographic techniques, mainly symmetric encryption. The use of cryptography may require significant amounts of processing on CPUs. As a result, cryptographic storage systems can become large consumers of processing resources and be impacted by other applications when competing for CPU usage. An alternative to CPU processing is parallel processing using multiple graphics processing units (GPUs). One of the most widely used symmetric encryption algorithms is AES and its acceleration in GPUs has been extensively studied. One of these studies resulted in the creation of WAES and its library named WAESlib, which allows execution of AES encryption functions on GPUs. The operation of WAES is based on CTR operation mode, which consists of rules that guide how encryption algorithms should be applied in order to keep the encryption process safe.The main advantages of CTR mode are to be fully parallelizable and allow to carry out the initial step of the encryption process in advance, generating encryption masks. In order to benefit from these features, this work explores the use of CTR mode, applying it in the implementation of a cryptographic filesystem named EncFS++. TheWAESlib library was used to aid in the implementation process. In the first part of this work, CTR mode was implemented and issues related to an essential component of CTR mode known as nonce were addressed. Techniques have been created and implemented to deal with the generation, storage and management of nonces. In the second part, techniques related to the management of the encryption contexts have been created and implemented, aiming to perform the speculative encryption in an efficient way, generating the encryption masks in the GPU with adequate time in advance. Performance analysis were conducted measuring throughput, execution time and latency in the implementation resulting from the first part, as well as throughput and CPU utilization in the implementation of the second one. The performance analysis results of the first part demonstrate that the simple use of CTR mode brings significant performance gains, mainly in write operations. The performance analysis results of the second part demonstrate that gains can be enhanced, including in sequential read operations, with the speculative encryption of masks and its processing in GPU. In environments that do not use processors with accelerated AES cryptographic functions, gains in throughput were quite significant and a more efficient CPU utilization were obtained