8,606 research outputs found
In search of mathematical primitives for deriving universal projective hash families
We provide some guidelines for deriving new projective hash families of cryptographic interest. Our main building blocks are so called group action systems; we explore what properties of this mathematical primitives may lead to the construction of cryptographically useful projective hash families. We point out different directions towards new constructions, deviating from known proposals arising from Cramer and Shoup's seminal work
A dynamical systems approach to the discrimination of the modes of operation of cryptographic systems
Evidence of signatures associated with cryptographic modes of operation is
established. Motivated by some analogies between cryptographic and dynamical
systems, in particular with chaos theory, we propose an algorithm based on
Lyapunov exponents of discrete dynamical systems to estimate the divergence
among ciphertexts as the encryption algorithm is applied iteratively. The
results allow to distinguish among six modes of operation, namely ECB, CBC,
OFB, CFB, CTR and PCBC using DES, IDEA, TEA and XTEA block ciphers of 64 bits,
as well as AES, RC6, Twofish, Seed, Serpent and Camellia block ciphers of 128
bits. Furthermore, the proposed methodology enables a classification of modes
of operation of cryptographic systems according to their strength.Comment: 14 pages, 10 figure
Computational Soundness for Dalvik Bytecode
Automatically analyzing information flow within Android applications that
rely on cryptographic operations with their computational security guarantees
imposes formidable challenges that existing approaches for understanding an
app's behavior struggle to meet. These approaches do not distinguish
cryptographic and non-cryptographic operations, and hence do not account for
cryptographic protections: f(m) is considered sensitive for a sensitive message
m irrespective of potential secrecy properties offered by a cryptographic
operation f. These approaches consequently provide a safe approximation of the
app's behavior, but they mistakenly classify a large fraction of apps as
potentially insecure and consequently yield overly pessimistic results.
In this paper, we show how cryptographic operations can be faithfully
included into existing approaches for automated app analysis. To this end, we
first show how cryptographic operations can be expressed as symbolic
abstractions within the comprehensive Dalvik bytecode language. These
abstractions are accessible to automated analysis, and they can be conveniently
added to existing app analysis tools using minor changes in their semantics.
Second, we show that our abstractions are faithful by providing the first
computational soundness result for Dalvik bytecode, i.e., the absence of
attacks against our symbolically abstracted program entails the absence of any
attacks against a suitable cryptographic program realization. We cast our
computational soundness result in the CoSP framework, which makes the result
modular and composable.Comment: Technical report for the ACM CCS 2016 conference pape
Platform for Testing and Evaluation of PUF and TRNG Implementations in FPGAs
Implementation of cryptographic primitives like
Physical Unclonable Functions (PUFs) and True Random Number
Generators (TRNGs) depends significantly on the underlying
hardware. Common evaluation boards offered by FPGA vendors
are not suitable for a fair benchmarking, since they have different
vendor dependent configuration and contain noisy switching
power supplies. The proposed hardware platform is primary
aimed at testing and evaluation of cryptographic primitives
across different FPGA and ASIC families. The modular platform
consists of a motherboard and exchangeable daughter board
modules. These are designed to be as simple as possible to
allow cheap and independent evaluation of cryptographic blocks
and namely PUFs. The motherboard is based on the Microsemi
SmartFusion 2 SoC FPGA. It features a low-noise power supply,
which simplifies evaluation of vulnerability to the side channel
attacks. It provides also means of communication between the
PC and the daughter module. Available software tools can be
easily customized, for example to collect data from the random
number generator located in the daughter module and to read it
via USB interface. The daughter module can be plugged into
the motherboard or connected using an HDMI cable to be
placed inside a Faraday cage or a temperature control chamber.
The whole platform was designed and optimized to fullfil the
European HECTOR project (H2020) requirements
Sound Computational Interpretation of Formal Encryption with Composed Keys
The formal and computational views of cryptography have been related by the seminal work of Abadi and Rogaway. In their work, a formal treatment of encryption that uses atomic keys is justified in the computational world. However, many proposed formal approaches allow the use of composed keys, where any arbitrary expression can be used as encryption key. We consider an extension of the formal model presented by Abadi and Rogaway, in which it is allowed to use composed keys in formal encryption. We then provide a computational interpretation for expressions that allow us to establish the computational soundness of formal encryption with composed keys
Transparent code authentication at the processor level
The authors present a lightweight authentication mechanism that verifies the authenticity of code and thereby addresses the virus and malicious code problems at the hardware level eliminating the need for trusted extensions in the operating system. The technique proposed tightly integrates the authentication mechanism into the processor core. The authentication latency is hidden behind the memory access latency, thereby allowing seamless on-the-fly authentication of instructions. In addition, the proposed authentication method supports seamless encryption of code (and static data). Consequently, while providing the software users with assurance for authenticity of programs executing on their hardware, the proposed technique also protects the software manufacturers’ intellectual property through encryption. The performance analysis shows that, under mild assumptions, the presented technique introduces negligible overhead for even moderate cache sizes
Applications of tripled chaotic maps in cryptography
Security of information has become a major issue during the last decades. New
algorithms based on chaotic maps were suggested for protection of different
types of multimedia data, especially digital images and videos in this period.
However, many of them fundamentally were flawed by a lack of robustness and
security. For getting higher security and higher complexity, in the current
paper, we introduce a new kind of symmetric key block cipher algorithm that is
based on \emph{tripled chaotic maps}. In this algorithm, the utilization of two
coupling parameters, as well as the increased complexity of the cryptosystem,
make a contribution to the development of cryptosystem with higher security. In
order to increase the security of the proposed algorithm, the size of key space
and the computational complexity of the coupling parameters should be increased
as well. Both the theoretical and experimental results state that the proposed
algorithm has many capabilities such as acceptable speed and complexity in the
algorithm due to the existence of two coupling parameter and high security.
Note that the ciphertext has a flat distribution and has the same size as the
plaintext. Therefore, it is suitable for practical use in secure
communications.Comment: 21 pages, 10 figure
- …