Fully Secure Cipertext-Policy Hiding CP-ABE

Lecture Notes in Computer Science, 2011, Volume 6672/2011, 24-39</p

Lightweight Delegated Subset Test with Privacy Protection

Singapore Management Universit

Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data

In a traditional cloud storage system, users benefit from the convenience it provides but also take the risk of certain security and privacy issues. To ensure confidentiality while maintaining data sharing capabilities, the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme can be used to achieve fine-grained access control in cloud services. However, existing approaches are impaired by three critical concerns: illegal authorization, key disclosure, and privacy leakage. To address these, we propose a blockchain-based data governance system that employs blockchain technology and attribute-based encryption to prevent privacy leakage and credential misuse. First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy, which also protects data sharing against corrupt authorities. Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions. Furthermore, the encrypted data is stored in a decentralized storage system such as IPFS, which does not rely on any centralized service provider and is, therefore, resilient against single-point failures. Third, illegal authorization activity can be readily identified through the logged on-chain data. Besides the system design, we also provide security proofs to demonstrate the robustness of the proposed system.Comment: 23 pages, 19 algorithms, 1 figur

Dynamic Searchable Encryption with Access Control

We present a searchable encryption scheme for dynamic document collections in a multi-user scenario. Our scheme features fine-grained access control to search results, as well as access control to operations such as adding documents to the document collection, or changing individual documents. The scheme features verifiability of search results. Our scheme also satisfies the forward privacy notion crucial for the security of dynamic searchable encryption schemes

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Application of Power Electronics Converters in Smart Grids and Renewable Energy Systems

This book focuses on the applications of Power Electronics Converters in smart grids and renewable energy systems. The topics covered include methods to CO2 emission control, schemes for electric vehicle charging, reliable renewable energy forecasting methods, and various power electronics converters. The converters include the quasi neutral point clamped inverter, MPPT algorithms, the bidirectional DC-DC converter, and the push–pull converter with a fuzzy logic controller

Algoritmos criptográficos e o seu desempenho no Arduíno

O Arduíno é uma plataforma muito robusta e multifacetada utilizada em diversas situações e, cada vez mais, um elemento relevante na arquitetura da Internet das Coisas. Ao disponibilizar várias interfaces de comunicação sem fios, pode ser utilizado para controlar eletrodomésticos, portas, sensores de temperatura, etc. permitindo implementar facilmente a comunicação entre estas “coisas”. Nesta tese foram estudadas as principais redes sem fios utilizadas pelo Arduíno (Bluetooth Low Energy [BLE], Wi-Fi e ZigBee) para tentar perceber qual a que tem o melhor desempenho, vantagens e desvantagens de cada uma, quais os módulos necessários para permitir ao Arduíno utilizar esse tipo de rede sem fios, quais as principais funções para que foram projetadas quando criadas e qual o sistema de segurança utilizado nestas redes. Estas diferentes tecnologias sem fios permitem uma maior mobilidade e uma maior flexibilidade no desenho das estruturas de rede do que as redes com fios convencionais. Porém, este tipo de redes têm uma grande desvantagem já que qualquer um dentro do alcance da rede sem fios consegue intercetar o sinal que está a ser transmitido. Para solucionar e proteger a informação que é transmitida por estas redes foram desenvolvidos vários algoritmos de criptografia. Estes dados encriptados só podem ser lidos por dispositivos que tenham uma determinada chave. Os algoritmos de criptografia Data Encryption Standard (DES), Triple DES (TDES), Advanced Encryption Standard (AES), eXtended TEA (XTEA) Corrected Block TEA (XXTEA) estão entre as técnicas mais conhecidos e usadas tualmente. Nesta tese foram analisados estes algoritmos e as suas vulnerabilidades, tendo também sido feito um levantamento dos principais ataques existentes para avaliar se ainda são seguros atualmente. De forma a avaliar a possibilidade de utilizar o Arduíno em aplicações que utilizem comunicações sem fios com segurança, foram realizados testes de desempenho com os algoritmos de criptografia estudados, usando bibliotecas já existentes. Nos testes de desempenho implementados verificou-se que o AES é bastante mais rápido do que as outras soluções, oferecendo ainda uma maior segurança. Já o TDES verificou-se ser bastante lento, justificando o porquê de o algoritmo ser pouco usado, sendo ao longo dos anos substituído pelo AES. O XXTEA ficou em posição intermédia no teste de desempenho, tendo uma relação segurança/desempenho interessante e revelando-se assim uma escolha melhor do que o TDES.The Arduino is a very robust and multifaceted platform used in many situations and, increasingly, a relevant element in the Internet of Things. By providing several wireless communication interfaces, it can be used to control household appliances, doors, temperature sensors, etc. Allowing easy implementation of communication between these "things". In this thesis the main wireless networks used by Arduino (Bluetooth Low Energy [BLE], Wi-Fi and ZigBee) were studied to try to understand which one has the best performance, the advantages and disadvantages of each one, the modules needed to implement each wireless network and what security system are used. These different wireless technologies allow for greater mobility and greater flexibility in the design of network structures than conventional wired networks. However, such networks have a major disadvantage since anyone within the range of the wireless network can intercept the signal being transmitted. Several cryptographic algorithms have been developed to solve and protect the information that is transmitted by these networks. This encrypted data can only be read by devices that have a certain key. Triple Encryption Standard (DES), Advanced Encryption Standard (AES), eXtended TEA (XTEA) and Corrected Block TEA (XXTEA) encryption algorithms are among the best known and currently used algorithms. In this thesis these algorithms have been analyzed to compare their vulnerabilities and to identify the main existing attacks. In order to evaluate the possibility of using Arduino in applications that use wireless communications with security, performance tests were implemented using existing libraries. The results show that the AES is much faster than the other algorithms, offering even greater security. TDES was found to be quite slow, justifying why the algorithm has little used, and why over the years has been replaced by AES. The XXTEA was ranked in the middle of the performance test, having an interesting safety/performance ratio proving it to be a better choice than TDES

Cryptanalysis of Some Block Cipher Constructions

When the public-key cryptography was introduced in the 1970s, symmetric-key cryptography was believed to soon become outdated. Nevertheless, we still heavily rely on symmetric-key primitives as they give high-speed performance. They are used to secure mobile communication, e-commerce transactions, communication through virtual private networks and sending electronic tax returns, among many other everyday activities. However, the security of symmetric-key primitives does not depend on a well-known hard mathematical problem such as the factoring problem, which is the basis of the RSA public-key cryptosystem. Instead, the security of symmetric-key primitives is evaluated against known cryptanalytic techniques. Accordingly, the topic of furthering the state-of-the-art of cryptanalysis of symmetric-key primitives is an ever-evolving topic. Therefore, this thesis is dedicated to the cryptanalysis of symmetric-key cryptographic primitives. Our focus is on block ciphers as well as hash functions that are built using block ciphers. Our contributions can be summarized as follows: First, we tackle the limitation of the current Mixed Integer Linear Programming (MILP) approaches to represent the differential propagation through large S-boxes. Indeed, we present a novel approach that can efficiently model the Difference Distribution Table (DDT) of large S-boxes, i.e., 8-bit S-boxes. As a proof of the validity and efficiency of our approach, we apply it on two out of the seven AES-round based constructions that were recently proposed in FSE 2016. Using our approach, we improve the lower bound on the number of active S-boxes of one construction and the upper bound on the best differential characteristic of the other. Then, we propose meet-in-the-middle attacks using the idea of efficient differential enumeration against two Japanese block ciphers, i.e., Hierocrypt-L1 and Hierocrypt-3. Both block ciphers were submitted to the New European Schemes for Signatures, Integrity, and Encryption (NESSIE) project, selected as one of the Japanese e-Government recommended ciphers in 2003 and reselected in the candidate recommended ciphers list in 2013. We construct five S-box layer distinguishers that we use to recover the master keys of reduced 8 S-box layer versions of both block ciphers. In addition, we present another meet-in-the-middle attack on Hierocrypt-3 with slightly higher time and memory complexities but with much less data complexity. Afterwards, we shift focus to another equally important cryptanalytic attack, i.e., impossible differential attack. SPARX-64/128 is selected among the SPARX family that was recently proposed to provide ARX based block cipher whose security against differential and linear cryptanalysis can be proven. We assess the security of SPARX-64/128 against impossible differential attack and show that it can reach the same number of rounds the division-based integral attack, proposed by the designers, can reach. Then, we pick Kiasu-BC as an example of a tweakable block cipher and prove that, on contrary to its designers’ claim, the freedom in choosing the publicly known tweak decreases its security margin. Lastly, we study the impossible differential properties of the underlying block cipher of the Russian hash standard Streebog and point out the potential risk in using it as a MAC scheme in the secret-IV mode

A Salad of Block Ciphers

This book is a survey on the state of the art in block cipher design and analysis. It is work in progress, and it has been for the good part of the last three years -- sadly, for various reasons no significant change has been made during the last twelve months. However, it is also in a self-contained, useable, and relatively polished state, and for this reason I have decided to release this \textit{snapshot} onto the public as a service to the cryptographic community, both in order to obtain feedback, and also as a means to give something back to the community from which I have learned much. At some point I will produce a final version -- whatever being a ``final version\u27\u27 means in the constantly evolving field of block cipher design -- and I will publish it. In the meantime I hope the material contained here will be useful to other people