294 research outputs found
A fast and light stream cipher for smartphones
We present a stream cipher based on a chaotic dynamical system. Using a
chaotic trajectory sampled under certain rules in order to avoid any attempt to
reconstruct the original one, we create a binary pseudo-random keystream that
can only be exactly reproduced by someone that has fully knowledge of the
communication system parameters formed by a transmitter and a receiver and
sharing the same initial conditions. The plaintext is XORed with the keystream
creating the ciphertext, the encrypted message. This keystream passes the NISTs
randomness test and has been implemented in a videoconference App for
smartphones, in order to show the fast and light nature of the proposed
encryption system
Attacks Only Get Better:Password Recovery Attacks Against RC4 in TLS
Despite recent high-profile attacks on the RC4 algorithm in TLS, its usage is still running at about 30 % of all TLS traffic. This is attributable to the lack of practicality of the existing attacks, the desire to support legacy implementations, and resistance to change. We provide new attacks against RC4 in TLS that are focussed on recovering user passwords, still the pre-eminent means of user authentication on the Web today. Our attacks enhance the statistical techniques used in the existing attacks and exploit specific features of the password setting to produce attacks that are much closer to being practical. We report on extensive simulations that illustrate this. We also report on two “proof of concept ” implementations of the attacks for specific application layer protocols, namely BasicAuth and IMAP. Our work validates the truism that attacks only get better with time: we obtain good success rates in recovering user passwords with around 226 encryptions, whereas the previous generation of attacks required 234 encryptions to recover a
Fast and Accurate Machine Learning-based Malware Detection via RC4 Ciphertext Analysis
Malware is dramatically increasing its viability while hiding its malicious intent and/or behavior by employing ciphers. So far, many efforts have been made to detect malware and prevent it from damaging users by monitoring network packets. However, conventional detection schemes analyzing network packets directly are hardly applicable to detect the advanced malware that encrypts the communication. Cryptoanalysis of each packet flowing over a network might be one feasible solution for the problem. However, the approach is computationally expensive and lacks accuracy, which is consequently not a practical solution. To tackle these problems, in this paper, we propose novel schemes that can accurately detect malware packets encrypted by RC4 without decryption in a timely manner. First, we discovered that a fixed encryption key generates unique statistical patterns on RC4 ciphertexts. Then, we detect malware packets of RC4 ciphertexts efficiently and accurately by utilizing the discovered statistical patterns of RC4 ciphertext given encryption key. Our proposed schemes directly analyze network packets without decrypting ciphertexts. Moreover, our analysis can be effectively executed with only a very small subset of the network packet. To the best of our knowledge, the unique signature has never been discussed in any previous research. Our intensive experimental results with both simulation data and actual malware show that our proposed schemes are extremely fast (23.06±1.52 milliseconds) and highly accurate (100%) on detecting a DarkComet malware with only a network packet of 36 bytes
Wi-Fi Security Analysis
AbstractIn recent years, a significant increasing in development of Wireless networks is noticed; they become an entire part of the Internet and demonstrate effectiveness in handling communication for reduced public LAN and military applications. This is mainly due to their mobility and low cost solutions; nevertheless, they are also prone to several attacks related to data integrity, Deni of Service and eavesdropping. This paper discusses wireless security protocols, their limitations and weakness. We present also an overview of the FMS (Fluhrer, Mantin, Shamir), a recovery key attack and demonstrate its effectiveness in reducing the average number of intercept packets based on a well choice of IV (initialization vectors). Some comparative experiments on ciphertext-only attacks were performed in order to study the efficiency of such technique and underline encountered difficulties
Security and Authentication for 802.11 Wireless Networks
Wireless Networks is a very growing market. However, the security measures are not strong enough; the WEP security protocol is flawed. The 802.11 Task Group I is working on new security measures in order to strengthen the access control of users, the privacy and the integrity of data. We will describe the WEP flaws and the new security measures of 802.11 Task Group I. Finally, we will propose a new architecture to improve user identification for the wireless network of our department
Elastic Block Ciphers: Method, Security and Instantiations
We introduce the concept of an elastic block cipher which refers to stretching the supported block size of a block cipher to any length up to twice the original block size while incurring a computational workload that is proportional to the block size. Our method uses the round function of an existing block cipher as a black box and inserts it into a substitution- permutation network. Our method is designed to enable us to form a reduction between the elastic and the original versions of the cipher. Using this reduction, we prove that the elastic version of a cipher is secure against key-recovery attacks if the original cipher is secure against such attacks. We note that while reduction-based proofs of security are a cornerstone of cryptographic analysis, they are typical when complete components are used as sub-components in a larger design. We are not aware of the use of such techniques in the case of concrete block cipher designs. We demonstrate the general applicability of the elastic block cipher method by constructing examples from existing block ciphers: AES, Camellia, MISTY1, and RC6. We compare the performance of the elastic versions to that of the original versions and evaluate the elastic versions using statistical tests measuring the randomness of the ciphertext. We also use our examples to demonstrate the concept of a generic key schedule for block ciphers
Design And Hardware Implementation Of A Novel Scrambling Security Algorithm For Robust Wireless Local Area Networks
The IEEE802.11 standard for wireless networks includes a Wired Equivalent Privacy (WEP) protocol, which is a popular wireless secure communication stream cipher protocol approach to network security used to protect link-layer communications from eavesdropping and other attacks. It allows user to communicate with the user; sharing the public key over a network. It provides authentication and encrypted communications over unsecured channels. However, WEP protocol has an inherent security flaw. It is vulnerable to the various attacks, various experiments has proved that WEP fails to achieve its security goals. This thesis entails designing, evaluating and prototyping a wireless security infrastructure that can be used with the WEP protocol optionally, thus reducing the security vulnerabilities. We have studied the flaws of WEP and the reasons for their occurrence, and we provide the design and implementation of a novel scheme in Matlab and VHDL to improve the security of WEP in all aspects by a degree of 1000. The architecture was designed with a consideration for least increment in hardware, thus achieving power and cost efficiency. It also provides flexibility for optional implementation with the available technology by being able to be bypassed by the technology, which allows for non-replacement of existing hardware, common on both, the WEP and the proposed protocols, on the fly
- …