Analysing the IOBC Authenticated Encryption Mode

Abstract. The idea of combining a very simple form of added plaintext redundancy with a special mode of data encryption to provide data in-tegrity is an old one; however, despite its wide deployment in protocols such as Kerberos, it has largely been superseded by provably secure au-thenticated encryption techniques. In this paper we cryptanalyse a block cipher mode of operation called IOBC, possibly the only remaining en-cryption mode designed for such use that has not previously been ana-lyzed. We show that IOBC is subject to known-plaintext-based forgery attacks with a complexity of around 2n=3, where n is the block cipher block length.

CARD: Concealed and remote discovery of IoT devices in victims\u27 home networks

Smart devices are becoming more common in the standard households. They range from lights to refrigerators and their functionality and applications continues to grow with consumer demand. This increase in networked, complex devices has also brought an increase in vulnerabilities in the average consumer\u27s home. There now exists an Internet of Things (IoT) ecosystem that creates new attack vectors for adversaries to spread malware, build botnets, and participate in other malicious activities. We will overview some of these new attack vectors as well as go over a framework that would allow an adversary to target a user\u27s home network and any other networks that user may join --Abstract, page iii

Authenticated Encryption: How Reordering can Impact Performance

In this work, we look at authenticated encryption schemes from a new perspective. As opposed to focusing solely on the {\em ``security\u27\u27} implications of the different methods for constructing authenticated encryption schemes, we investigate the effect of the method used to construct an authenticated encryption scheme on the {\em ``performance\u27\u27} of the construction. We show that, as opposed to the current NIST standard, by performing the authentication operation before the encryption operation, the computational efficiency of the construction can be increased, without affecting the security of the overall construction. In fact, we show that the proposed construction is even more secure than standard authentication based on universal hashing in the sense that the hashing key is resilient to key recovery attacks

Encryption Modes with Almost Free Message Integrity

We define a new mode of operation for block ciphers which in addition to providing confidentiality also ensures message integrity. In contrast, previously for message integrity a separate pass was required to compute a cryptographic message authentication code (MAC). The new mode of operation, called Integrity Aware Parallelizable Mode (IAPM), requires a total of m+1 block cipher evaluations on a plain-text of length m blocks. For comparison, the well known CBC (cipher block chaining) encryption mode requires m block cipher evaluations, and the second pass of computing the CBC-MAC essentially requires additional m+1 block cipher evaluations. As the name suggests, the new mode is also highly parallelizable

Journal of Telecommunications and Information Technology, 2012, nr 3

kwartalni

Security in community sensor networks

In this Master thesis, I will introduce CommSensum, a community sensor network developed by CompNet research group. I will explain what are the needs that led to creating the platform, how is the platform until now and I will focus on the analysis and development of the security issue

Ongoing Research Areas in Symmetric Cryptography

This report is a deliverable for the ECRYPT European network of excellence in cryptology. It gives a brief summary of some of the research trends in symmetric cryptography at the time of writing. The following aspects of symmetric cryptography are investigated in this report: • the status of work with regards to different types of symmetric algorithms, including block ciphers, stream ciphers, hash functions and MAC algorithms (Section 1); • the recently proposed algebraic attacks on symmetric primitives (Section 2); • the design criteria for symmetric ciphers (Section 3); • the provable properties of symmetric primitives (Section 4); • the major industrial needs in the area of symmetric cryptography (Section 5)

Routing protocols for next generation mobile wireless sensor networks

The recent research interest in wireless sensor networks has caused the development of many new applications and subsequently, these emerging applications have ever increasing requirements. One such requirement is that of mobility, which has inspired an entirely new array of applications in the form of mobile wireless sensor networks (MWSNs). In terms of communications, MWSNs present a challenging environment due to the high rate at which the topology may be changing. As such, the motivation of this work is to investigate potential communications solutions, in order to satisfy the performance demands of new and future MWSN applications. As such this work begins by characterising and evaluating the requirement of a large variety of these emerging applications. This thesis focuses on the area of routing, which is concerned with the reliable and timely delivery of data from multiple, mobile sensor nodes to a data sink. For this purpose the technique of gradient routing was identified as a suitable solution, since data can quickly be passed down a known gradient that is anchored at the sink. However, in a mobile network, keeping the gradient up-to-date is a key issue. This work proposes the novel use of a global time division multiple access (GTDMA) MAC as a solution to this problem, which mitigates the need for regularly flooding the network. Additionally, the concept of blind forwarding is utilised for its low overhead and high reliability through its inherent route diversity. The key contribution of this thesis is in three novel routing protocols, which use the aforementioned principles. The first protocol, PHASeR, uses a hop-count metric and encapsulates data from multiple nodes in its packets. The hop-count metric was chosen because it is simple and requires no additional hardware. The inclusion of encapsulation is intended to enable the protocol to cope with network congestion. The second protocol, LASeR, utilises location awareness to maintain a gradient and performs no encapsulation. Since many applications require location awareness, the communications systems may also take advantage of this readily available information and it can be used as a gradient metric. This protocol uses no encapsulation in order to reduce delay times. The third protocol, RASeR, uses the hop-count metric as a gradient and also does not perform encapsulation. The reduced delay time and the relaxed requirement for any existing method of location awareness makes this the most widely applicable of the three protocols. In addition to analytical expressions being derived, all three protocols are thoroughly tested through simulation. Results show the protocols to improve on the state-of-the-art and yield excellent performance over varying speeds, node numbers and data generation rates. LASeR shows the lowest overhead and delay, which comes from the advantage of having available location information. Alternatively, at the expense of increased overhead, RASeR gives comparatively high performance metrics without the need for location information. Overall, RASeR can be suitably deployed in the widest range of applications, which is taken further by including four additional modes of operation. These include a supersede mode for applications in which the timely delivery of the most recent data is prioritised. A reverse flooding mechanism, to enable the sink to broadcast control messages to the sensor nodes. An energy saving mode, which uses sleep cycles to reduce the networks power consumption, and finally a pseudo acknowledgement scheme to increase the reliability of the protocol. These additions enable RASeR to satisfy the needs of some of the most demanding MWSN applications. In order to assess the practicality of implementation, RASeR was also evaluated using a small testbed of mobile nodes. The successful results display the protocols feasibility to be implemented on commercially available hardware and its potential to be deployed in the real world. Furthermore, a key issue in the real world deployment of networks, is security and for this reason a fourth routing protocol was designed called RASeR-S. RASeR-S is based on RASeR, but introduces the use of encryption and suggests a security framework that should be followed in order to significantly reduce the possibility of a security threat. Whilst the main focus of this work is routing, alternative MAC layers are assessed for LASeR. Unlike the other two protocols, LASeR uses available location information to determine its gradient and as such, it is not reliant on the GTDMA MAC. For this reason several MAC layers are tested and the novel idea of dedicated sensing slots is introduced, as well as a network division multiple access scheme. The selected and proposed MACs are simulated and the GTDMA and two proposed protocols are shown to give the best results in certain scenarios. This work demonstrates the high levels of performance that can be achieved using gradient orientated routing in a mobile network. It has also shown that the use of a GTDMA MAC is an efficient solution to the gradient maintenance problem. The high impact of this work comes from the versatility and reliability of the presented routing protocols, which means they are able to meet the requirements of a large number of MWSN applications. Additionally, given the importance of security, RASeR-S has been designed to provide a secure and adaptable routing solution for vulnerable or sensitive applications

D.STVL.9 - Ongoing Research Areas in Symmetric Cryptography

This report gives a brief summary of some of the research trends in symmetric cryptography at the time of writing (2008). The following aspects of symmetric cryptography are investigated in this report: • the status of work with regards to different types of symmetric algorithms, including block ciphers, stream ciphers, hash functions and MAC algorithms (Section 1); • the algebraic attacks on symmetric primitives (Section 2); • the design criteria for symmetric ciphers (Section 3); • the provable properties of symmetric primitives (Section 4); • the major industrial needs in the area of symmetric cryptography (Section 5)