Safe abstractions of data encodings in formal security protocol models

When using formal methods, security protocols are usually modeled at a high level of abstraction. In particular, data encoding and decoding transformations are often abstracted away. However, if no assumptions at all are made on the behavior of such transformations, they could trivially lead to security faults, for example leaking secrets or breaking freshness by collapsing nonces into constants. In order to address this issue, this paper formally states sufficient conditions, checkable on sequential code, such that if an abstract protocol model is secure under a Dolev-Yao adversary, then a refined model, which takes into account a wide class of possible implementations of the encoding/decoding operations, is implied to be secure too under the same adversary model. The paper also indicates possible exploitations of this result in the context of methods based on formal model extraction from implementation code and of methods based on automated code generation from formally verified model

Physical-Layer Security Enhancement in Wireless Communication Systems

Without any doubt, wireless infrastructures and services have fundamental impacts on every aspect of our lives. Despite of their popularities, wireless communications are vulnerable to various attacks due to the open nature of radio propagation. In fact, communication security in wireless networks is becoming more critical than ever. As a solution, conventional cryptographic techniques are deployed on upper layers of network protocols. Along with direct attacks from lower layer, wireless security challenges come with the rapid evolution of sophisticated decipher techniques. Conventional security mechanisms are not necessarily effective against potential attacks from the open wireless environment anymore. As an alternative, physical-layer(PHY) security, utilizing unique features from lower layer, becomes a new research focus for many wireless communication systems. In this thesis, three mechanisms for PHY security enhancement are investigated. Beginning with a discussion on the security vulnerability in highly standardized infrastructures, the thesis proposed a time domain scrambling scheme of orthogonal frequency division multiplexing (OFDM) system to improve the PHY security. The method relies on secretly scrambling each OFDM symbol in time domain, resulting in constellation transformation in frequency domain, to hide transmission features. As a complement to existing secrecy capacity maximization based optimal cooperative jamming systems, a security strategy based on the compromised secrecy region (CSR) minimization in cooperative jamming is then proposed when instantaneous channel state information(CSI) is not available. The optimal parameters of the jammer are derived to minimize the CSR which exhibits high secrecy outage probability. At last, security enhancement of OFDM system in cooperative networks is also investigated. The function selection strategies of cooperative nodes are studied. Our approach is capable of enhancing the security of broadband communications by selecting the proper function of each cooperative node. Numerical results demonstrate the feasibility of three proposed physical layer security mechanisms by examining the communication reliability, achievable CSR and secrecy capacity respectively

On the Secrecy Capacity of Fading Channels

We consider the secure transmission of information over an ergodic fading channel in the presence of an eavesdropper. Our eavesdropper can be viewed as the wireless counterpart of Wyner's wiretapper. The secrecy capacity of such a system is characterized under the assumption of asymptotically long coherence intervals. We first consider the full Channel State Information (CSI) case, where the transmitter has access to the channel gains of the legitimate receiver and the eavesdropper. The secrecy capacity under this full CSI assumption serves as an upper bound for the secrecy capacity when only the CSI of the legitimate receiver is known at the transmitter, which is characterized next. In each scenario, the perfect secrecy capacity is obtained along with the optimal power and rate allocation strategies. We then propose a low-complexity on/off power allocation strategy that achieves near-optimal performance with only the main channel CSI. More specifically, this scheme is shown to be asymptotically optimal as the average SNR goes to infinity, and interestingly, is shown to attain the secrecy capacity under the full CSI assumption. Remarkably, our results reveal the positive impact of fading on the secrecy capacity and establish the critical role of rate adaptation, based on the main channel CSI, in facilitating secure communications over slow fading channels.Comment: 18 pages, 3 figures, Submitted to the IEEE Trans. on Information Theor

Intrinsic secrecy of EGT and MRT precoders for proper and improper modulations

This paper makes an information theoretical analysis of the intrinsic secrecy level of M-QAM and M-PSK modulation schemes considering the use of equal gain transmission and maximum ratio transmission precoding techniques. In addition to the analysis of the conventional proper M-QAM and M-PSK constellations, a recently proposed family of improper versions of the M-QAM and M-PSK modulation schemes is also evaluated. With the exception of proper M-PSK, which verifies always full secrecy for the considered precoders, the main results show that for low order constellations, the amount of intrinsic secrecy provided by the combination of the precoder and modulation scheme is significant and, therefore, can be exploited in the design of a full secrecy solution. The theoretical derivations provided in this paper can be directly applied to quantify the minimal entropy that a secret key must have to fully secure the exchange of information for these transmission schemes.publishe

Hiding Text in Audio Using LSB Based Steganography

A Steganographic method for embedding  textual information in WAV audio  is discussed here. In the proposed method each audio sample is converted into bits and then the textual information is embedded in it. In embedding process , first the message character is converted into its equivalent binary. The last 4 bits of this binary is taken into consideration and applying redundancy of the binary code the prefix either 0 or 1 is used. To identify the uppercase, lower case, space ,and number the control symbols in the form of binary is used. By using proposed LSB based algorithm, the capacity of stego system to hide the text increases. The performance evaluation is done on the basis of MOS by taking 20 samples and comparison of  SNR values with some known and proposed algorithm. Keywords: LSB, WAV, MOS , control symbols, stego system , SNR

Coding for Cryptographic Security Enhancement using Stopping Sets

In this paper we discuss the ability of channel codes to enhance cryptographic secrecy. Toward that end, we present the secrecy metric of degrees of freedom in an attacker's knowledge of the cryptogram, which is similar to equivocation. Using this notion of secrecy, we show how a specific practical channel coding system can be used to hide information about the ciphertext, thus increasing the difficulty of cryptographic attacks. The system setup is the wiretap channel model where transmitted data traverse through independent packet erasure channels with public feedback for authenticated ARQ (Automatic Repeat reQuest). The code design relies on puncturing nonsystematic low-density parity-check codes with the intent of inflicting an eavesdropper with stopping sets in the decoder. Furthermore, the design amplifies errors when stopping sets occur such that a receiver must guess all the channel-erased bits correctly to avoid an expected error rate of one half in the ciphertext. We extend previous results on the coding scheme by giving design criteria that reduces the effectiveness of a maximum-likelihood attack to that of a message-passing attack. We further extend security analysis to models with multiple receivers and collaborative attackers. Cryptographic security is enhanced in all these cases by exploiting properties of the physical-layer. The enhancement is accurately presented as a function of the degrees of freedom in the eavesdropper's knowledge of the ciphertext, and is even shown to be present when eavesdroppers have better channel quality than legitimate receivers.Comment: 13 pages, 8 figure