10,988 research outputs found

    Computational and Energy Costs of Cryptographic Algorithms on Handheld Devices

    Get PDF
    Networks are evolving toward a ubiquitous model in which heterogeneous devices are interconnected. Cryptographic algorithms are required for developing security solutions that protect network activity. However, the computational and energy limitations of network devices jeopardize the actual implementation of such mechanisms. In this paper, we perform a wide analysis on the expenses of launching symmetric and asymmetric cryptographic algorithms, hash chain functions, elliptic curves cryptography and pairing based cryptography on personal agendas, and compare them with the costs of basic operating system functions. Results show that although cryptographic power costs are high and such operations shall be restricted in time, they are not the main limiting factor of the autonomy of a device

    I2PA : An Efficient ABC for IoT

    Get PDF
    Internet of Things (IoT) is very attractive because of its promises. However, it brings many challenges, mainly issues about privacy preserving and lightweight cryptography. Many schemes have been designed so far but none of them simultaneously takes into account these aspects. In this paper, we propose an efficient ABC scheme for IoT devices. We use ECC without pairing, blind signing and zero knowledge proof. Our scheme supports block signing, selective disclosure and randomization. It provides data minimization and transactions' unlinkability. Our construction is efficient since smaller key size can be used and computing time can be reduced. As a result, it is a suitable solution for IoT devices characterized by three major constraints namely low energy power, small storage capacity and low computing power

    Year 2010 Issues on Cryptographic Algorithms

    Get PDF
    In the financial sector, cryptographic algorithms are used as fundamental techniques for assuring confidentiality and integrity of data used in financial transactions and for authenticating entities involved in the transactions. Currently, the most widely used algorithms appear to be two-key triple DES and RC4 for symmetric ciphers, RSA with a 1024-bit key for an asymmetric cipher and a digital signature, and SHA-1 for a hash function according to international standards and guidelines related to the financial transactions. However, according to academic papers and reports regarding the security evaluation for such algorithms, it is difficult to ensure enough security by using the algorithms for a long time period, such as 10 or 15 years, due to advances in cryptanalysis techniques, improvement of computing power, and so on. To enhance the transition to more secure ones, National Institute of Standards and Technology (NIST) of the United States describes in various guidelines that NIST will no longer approve two-key triple DES, RSA with a 1024-bit key, and SHA-1 as the algorithms suitable for IT systems of the U.S. Federal Government after 2010. It is an important issue how to advance the transition of the algorithms in the financial sector. This paper refers to issues regarding the transition as Year 2010 issues in cryptographic algorithms. To successfully complete the transition by 2010, the deadline set by NIST, it is necessary for financial institutions to begin discussing the issues at the earliest possible date. This paper summarizes security evaluation results of the current algorithms, and describes Year 2010 issues, their impact on the financial industry, and the transition plan announced by NIST. This paper also shows several points to be discussed when dealing with Year 2010 issues.Cryptographic algorithm; Symmetric cipher; Asymmetric cipher; Security; Year 2010 issues; Hash function

    A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

    Get PDF
    The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity. This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure crypto-coprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added

    Denial-of-Service Resistance in Key Establishment

    Get PDF
    Denial of Service (DoS) attacks are an increasing problem for network connected systems. Key establishment protocols are applications that are particularly vulnerable to DoS attack as they are typically required to perform computationally expensive cryptographic operations in order to authenticate the protocol initiator and to generate the cryptographic keying material that will subsequently be used to secure the communications between initiator and responder. The goal of DoS resistance in key establishment protocols is to ensure that attackers cannot prevent a legitimate initiator and responder deriving cryptographic keys without expending resources beyond a responder-determined threshold. In this work we review the strategies and techniques used to improve resistance to DoS attacks. Three key establishment protocols implementing DoS resistance techniques are critically reviewed and the impact of misapplication of the techniques on DoS resistance is discussed. Recommendations on effectively applying resistance techniques to key establishment protocols are made

    On the security of digital signature schemes based on error-correcting codes

    Get PDF
    We discuss the security of digital signature schemes based on error-correcting codes. Several attacks to the Xinmei scheme are surveyed, and some reasons given to explain why the Xinmei scheme failed, such as the linearity of the signature and the redundancy of public keys. Another weakness is found in the Alabbadi-Wicker scheme, which results in a universal forgery attack against it. This attack shows that the Alabbadi-Wicker scheme fails to implement the necessary property of a digital signature scheme: it is infeasible to find a false signature algorithm D from the public verification algorithm E such that E(D*(m)) = m for all messages m. Further analysis shows that this new weakness also applies to the Xinmei scheme
    corecore