From Quantum Cheating to Quantum Security

For thousands of years, code-makers and code-breakers have been competing for supremacy. Their arsenals may soon include a powerful new weapon: quantum mechanics. We give an overview of quantum cryptology as of November 2000.Comment: 14 pages, 4 figures. Originally appeared in Physics Today: . This article may be downloaded for personal use only. Any other use requires prior permission of both the author and the American Institute of Physic

The Elgamal Cryptosystem is better than Th RSA Cryptosystem for Mental Poker

Cryptosystems are one of the most important parts of secure online poker card games. However, there is no research comparing the RSA Cryptosystem (RC) and Elgamal Cryptosystem (EC) for mental poker card games. This paper compares the RSA Cryptosystem and Elgamal Cryptosystem implementations of mental poker card games using distributed key generation schemes. Each implementation is based on a joint encryption/decryption of individual cards. Both implementations use shared private key encryption/decryption schemes and neither uses a trusted third party (TTP). The comparison criteria will be concentrated on the security and computational complexity of the game, collusions among the players and the debate between the discrete logarithm problem (DLP) and the factoring problem (FP) for the encryption/decryption schemes. Under these criteria, the comparison results demonstrate that the Elgamal Cryptosystem has better efficiency and effectiveness than RSA for mental poker card games

Report on BCTCS 2016: The 32nd British Colloquium for Theoretical Computer Science 22–24 March 2016, Queen’s University Belfast

Report on BCTCS 2016: The 32nd British Colloquium for Theoretical Computer Science 22–24 March 2016, Queen’s University Belfas

Jamming Attack Detection and Evaluating Using Wireless Application

When data is transferred from one host to another host,attacker may try to attack the packet or data which is in transit.Inorder to avoid such kind of attack in time critical wireless application and delivery message securely in wireless application. In this paper, we aim at modeling and detecting jamming attacks against time-critical wireless networks.To measure network performance ,packet loss and throughput metrics are used . To quantify the performance of time-critical applications,message invalidation ratio metric are used. This approach is inspired by the similarity between the behavior of a jammer who attempts to disrupt the delivery of a message and the behavior of a gambler who intends to win a gambling game. By gambling-based modeling and real-time modules, we can successful delivery time-critical message under a variety of jamming attacks. DOI: 10.17762/ijritcc2321-8169.15038

DSTC: DNS-based Strict TLS Configurations

Most TLS clients such as modern web browsers enforce coarse-grained TLS security configurations. They support legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees (e.g. non Forward-Secrecy), mainly to provide backward compatibility. This opens doors to downgrade attacks, as is the case of the POODLE attack [18], which exploits the client's silent fallback to downgrade the protocol version to exploit the legacy version's flaws. To achieve a better balance between security and backward compatibility, we propose a DNS-based mechanism that enables TLS servers to advertise their support for the latest version of the protocol and strong ciphersuites (that provide Forward-Secrecy and Authenticated-Encryption simultaneously). This enables clients to consider prior knowledge about the servers' TLS configurations to enforce a fine-grained TLS configurations policy. That is, the client enforces strict TLS configurations for connections going to the advertising servers, while enforcing default configurations for the rest of the connections. We implement and evaluate the proposed mechanism and show that it is feasible, and incurs minimal overhead. Furthermore, we conduct a TLS scan for the top 10,000 most visited websites globally, and show that most of the websites can benefit from our mechanism

Improving random number generators by chaotic iterations. Application in data hiding

In this paper, a new pseudo-random number generator (PRNG) based on chaotic iterations is proposed. This method also combines the digits of two XORshifts PRNGs. The statistical properties of this new generator are improved: the generated sequences can pass all the DieHARD statistical test suite. In addition, this generator behaves chaotically, as defined by Devaney. This makes our generator suitable for cryptographic applications. An illustration in the field of data hiding is presented and the robustness of the obtained data hiding algorithm against attacks is evaluated.Comment: 6 pages, 8 figures, In ICCASM 2010, Int. Conf. on Computer Application and System Modeling, Taiyuan, China, pages ***--***, October 201

ROYALE: A Framework for Universally Composable Card Games with Financial Rewards and Penalties Enforcement

While many tailor made card game protocols are known, the vast majority of those suffer from three main issues: lack of mechanisms for distributing financial rewards and punishing cheaters, lack of composability guarantees and little flexibility, focusing on the specific game of poker. Even though folklore holds that poker protocols can be used to play any card game, this conjecture remains unproven and, in fact, does not hold for a number of protocols (including recent results). We both tackle the problem of constructing protocols for general card games and initiate a treatment of such protocols in the Universal Composability (UC) framework, introducing an ideal functionality that captures general card games constructed from a set of core card operations. Based on this formalism, we introduce Royale, the first UC-secure general card games which supports financial rewards/penalties enforcement. We remark that Royale also yields the first UC-secure poker protocol. Interestingly, Royale performs better than most previous works (that do not have composability guarantees), which we highlight through a detailed concrete complexity analysis and benchmarks from a prototype implementation

A Broad Evaluation of the Tor English Content Ecosystem

Tor is among most well-known dark net in the world. It has noble uses, including as a platform for free speech and information dissemination under the guise of true anonymity, but may be culturally better known as a conduit for criminal activity and as a platform to market illicit goods and data. Past studies on the content of Tor support this notion, but were carried out by targeting popular domains likely to contain illicit content. A survey of past studies may thus not yield a complete evaluation of the content and use of Tor. This work addresses this gap by presenting a broad evaluation of the content of the English Tor ecosystem. We perform a comprehensive crawl of the Tor dark web and, through topic and network analysis, characterize the types of information and services hosted across a broad swath of Tor domains and their hyperlink relational structure. We recover nine domain types defined by the information or service they host and, among other findings, unveil how some types of domains intentionally silo themselves from the rest of Tor. We also present measurements that (regrettably) suggest how marketplaces of illegal drugs and services do emerge as the dominant type of Tor domain. Our study is the product of crawling over 1 million pages from 20,000 Tor seed addresses, yielding a collection of over 150,000 Tor pages. We make a dataset of the intend to make the domain structure publicly available as a dataset at https://github.com/wsu-wacs/TorEnglishContent.Comment: 11 page