3,751 research outputs found
AES-CBC Software Execution Optimization
With the proliferation of high-speed wireless networking, the necessity for
efficient, robust and secure encryption modes is ever increasing. But,
cryptography is primarily a computationally intensive process. This paper
investigates the performance and efficiency of IEEE 802.11i approved Advanced
Encryption Standard (AES)-Rijndael ciphering/deciphering software in Cipher
Block Chaining (CBC) mode. Simulations are used to analyse the speed, resource
consumption and robustness of AES-CBC to investigate its viability for image
encryption usage on common low power devices. The detailed results presented in
this paper provide a basis for performance estimation of AES cryptosystems
implemented on wireless devices. The use of optimized AES-CBC software
implementation gives a superior encryption speed performance by 12 - 30%, but
at the cost of twice more memory for code size.Comment: 8 pages, IEEE 200
Graphs, Matrices, and the GraphBLAS: Seven Good Reasons
The analysis of graphs has become increasingly important to a wide range of
applications. Graph analysis presents a number of unique challenges in the
areas of (1) software complexity, (2) data complexity, (3) security, (4)
mathematical complexity, (5) theoretical analysis, (6) serial performance, and
(7) parallel performance. Implementing graph algorithms using matrix-based
approaches provides a number of promising solutions to these challenges. The
GraphBLAS standard (istc- bigdata.org/GraphBlas) is being developed to bring
the potential of matrix based graph algorithms to the broadest possible
audience. The GraphBLAS mathematically defines a core set of matrix-based graph
operations that can be used to implement a wide class of graph algorithms in a
wide range of programming environments. This paper provides an introduction to
the GraphBLAS and describes how the GraphBLAS can be used to address many of
the challenges associated with analysis of graphs.Comment: 10 pages; International Conference on Computational Science workshop
on the Applications of Matrix Computational Methods in the Analysis of Modern
Dat
Comparative Analysis of Cryptography Library in IoT
The paper aims to do a survey along with a comparative analysis of the
various cryptography libraries that are applicable in the field of Internet of
Things (IoT). The first half of the paper briefly introduces the various
cryptography libraries available in the field of cryptography along with a list
of all the algorithms contained within the libraries. The second half of the
paper deals with cryptography libraries specifically aimed for application in
the field of Internet of Things. The various libraries and their performance
analysis listed down in this paper are consolidated from various sources with
the aim of providing a single comprehensive repository for reference to the
various cryptography libraries and the comparative analysis of their features
in IoT.Comment: 5 pages, 14 table
Scalable secure multi-party network vulnerability analysis via symbolic optimization
Threat propagation analysis is a valuable tool in improving the cyber resilience of enterprise networks. As
these networks are interconnected and threats can propagate not only within but also across networks, a holistic view of the entire network can reveal threat propagation trajectories unobservable from within a single enterprise. However, companies are reluctant to share internal vulnerability measurement data as it is highly sensitive and (if leaked) possibly damaging. Secure Multi-Party Computation (MPC) addresses this concern. MPC is a cryptographic technique that allows distrusting parties to compute analytics over their joint data while protecting its confidentiality. In this work we apply MPC to threat propagation analysis on large, federated networks. To address the prohibitively high performance cost of general-purpose MPC we develop two novel applications of optimizations that can be leveraged to execute many relevant graph algorithms under MPC more efficiently: (1) dividing the computation into separate stages such that the first stage is executed privately by each party without MPC and the second stage is an MPC computation dealing with a much smaller shared network, and (2) optimizing the second stage by
treating the execution of the analysis algorithm as a symbolic expression that can be optimized to reduce the number of costly operations and subsequently executed under MPC.We evaluate the scalability of this technique by analyzing the potential for threat propagation on examples of network graphs and propose several directions along which this work can be expanded
The KISS principle in Software-Defined Networking: a framework for secure communications
Security is an increasingly fundamental requirement in Software-Defined Networking (SDN). However, the pace of adoption of secure mechanisms has been slow, which we estimate to be a consequence of the performance overhead of traditional solutions and of the complexity of their support infrastructure. To address these challenges we propose KISS, a secure SDN control plane communications architecture that includes innovative solutions in the context of key distribution and secure channel support. Core to our contribution is the integrated device verification value (iDVV), a deterministic but indistinguishablefrom-random secret code generation protocol that allows local but synchronized generation/verification of keys at both ends of the control channel, even on a per-message basis. We show that our solution, while offering the same security properties, outperforms reference alternatives, with performance improvements up to 30% over OpenSSL, and improvement in robustness based on a code footprint one order of magnitude smaller
Sequential Circuit Design for Embedded Cryptographic Applications Resilient to Adversarial Faults
In the relatively young field of fault-tolerant cryptography, the main research effort has focused exclusively on the protection of the data path of cryptographic circuits. To date, however, we have not found any work that aims at protecting the control logic of these circuits against fault attacks, which thus remains the proverbial Achilles’ heel. Motivated by a hypothetical yet realistic fault analysis attack that, in principle, could be mounted against any modular exponentiation engine, even one with appropriate data path protection, we set out to close this remaining gap. In this paper, we present guidelines for the design of multifault-resilient sequential control logic based on standard Error-Detecting Codes (EDCs) with large minimum distance. We introduce a metric that measures the effectiveness of the error detection technique in terms of the effort the attacker has to make in relation to the area overhead spent in
implementing the EDC. Our comparison shows that the proposed EDC-based technique provides superior performance when compared against regular N-modular redundancy techniques. Furthermore, our technique scales well and does not affect the critical path delay
- …