Breaking NLM-MAC Generator

NLM generator, designed by HoonJae Lee, SangMin Sung, HyeongRag Kim, is the strengthened version of the LM-type summation generator with two memory bits; which uses non-linear combination of linear feedback shift register and non-linear feedback shift register. Recently, the cipher along with a massage authenticate function have been proposed for a lightweight communication framework in wireless sensor networks. Also, the generator has been used in two different RFID mutual authentication protocols and a protocol to secure access in internet. This paper indicates some critical cryptographic weak points leading to the key recovery and forgery attack. We prove the internal state of NLM-n can be recovered with time complexity about $n^{log7\times2}$ where the total length of internal state is $2\cdot n+2$ bits. The attack needs about $n^2$ key-stream bits. We also show attacker is able forge any MAC tag in real time by having only one pair (MAC tag, cipher-text). The proposed attacks are completely practical and break the scheme with negligible error probability

Gen-acceleration: Pioneering work for hardware accelerator generation using large language models

Optimizing computational power is critical in the age of data-intensive applications and Artificial Intelligence (AI)/Machine Learning (ML). While facing challenging bottlenecks, conventional Von-Neumann architecture with implementing such huge tasks looks seemingly impossible. Hardware Accelerators are critical in efficiently deploying these technologies and have been vastly explored in edge devices. This study explores a state-of-the-art hardware accelerator; Gemmini is studied; we leveraged the open-sourced tool. Furthermore, we developed a Hardware Accelerator in the study we compared with the Non-Von-Neumann architecture. Gemmini is renowned for efficient matrix multiplication, but configuring it for specific tasks requires manual effort and expertise. We propose implementing it by reducing manual intervention and domain expertise, making it easy to develop and deploy hardware accelerators that are time-consuming and need expertise in the field; by leveraging the Large Language Models (LLMs), they enable data-informed decision-making, enhancing performance. This work introduces an innovative method for hardware accelerator generation by undertaking the Gemmini to generate optimizing hardware accelerators for AI/ML applications and paving the way for automation and customization in the field

A Novel Physical Layer Secure Key Generation and Refreshment Scheme for Wireless Sensor Networks

Physical Layer Secure Key Generation (PL-SKG) schemes have received a lot of attention from the wireless security community in recent years because of the potential benefits that they could bring to the security landscape. These schemes aim to strengthen current security protocols by reducing the amount of key material that devices need for deployment. They do this by harnessing the common source of randomness provided by the wireless channel that the physical layer is communicating over. This is of particular importance in Wireless Sensor Networks (WSNs) where resources are particularly scarce and where issues such as key revocation and recovery make the design of efficient key management schemes extremely difficult. This paper discusses the issues and challenges encountered in the design and implementation of PL-SKG schemes on off-the-shelf wireless sensor networks. It then proposes a novel key generation scheme that takes advantage of both the power and simplicity of classic error correcting codes and also the diversity of frequency channels available on 802.15.4 compliant nodes to generate keys from received signal strength (RSS) readings. This paper shows that our key generation and refreshment scheme can achieve a near 100% key reconciliation rate whilst also providing perfect forward and backward security

A Survey on Lightweight Entity Authentication with Strong PUFs

Physically unclonable functions (PUFs) exploit the unavoidable manufacturing variations of an integrated circuit (IC). Their input-output behavior serves as a unique IC \u27fingerprint\u27. Therefore, they have been envisioned as an IC authentication mechanism, in particular the subclass of so-called strong PUFs. The protocol proposals are typically accompanied with two PUF promises: lightweight and an increased resistance against physical attacks. In this work, we review nineteen proposals in chronological order: from the original strong PUF proposal (2001) to the more complicated noise bifurcation and system of PUFs proposals (2014). The assessment is aided by a unied notation and a transparent framework of PUF protocol requirements

Secrecy Spectrum and Energy Efficiency Analysis in Massive MIMO-enabled Multi-Tier Hybrid HetNets

Massive multiple antenna systems in conjunction with millimeter (mmWave) communication have gained tremendous attention in the recent years owing to their high speed data delivery. However, security in these networks has been overlooked; thereby necessitating a comprehensive study. This paper analyzes the physical layer security performance of the downlink of a massive multiple-input multiple-output (MIMO)-based hybrid heterogeneous network (HetNet) where both mmWave and sub-6 GHz small cells coexist. Specifically, a tractable approach using stochastic geometry is proposed to analyze the secrecy outage probability, secrecy energy efficiency (SEE) and secrecy spectrum efficiency (SSE) of the hybrid HetNets. Our study further characterizes the impact of large antenna arrays, directional beamforming gains, transmit power, and cell density on the above mentioned secrecy performance measures. The results show that at low transmit power operation, the secrecy performance enhances for higher small cell density. It has also been observed that the higher directivity gains at mmWave cells lead to a drop in secrecy performance of the network; thus a tradeoff exists between better coverage or secrecy

The BG News November 23, 1982

The BGSU campus student newspaper November 23, 1982.https://scholarworks.bgsu.edu/bg-news/5069/thumbnail.jp

An Insider Misuse Threat Detection and Prediction Language

Numerous studies indicate that amongst the various types of security threats, the problem of insider misuse of IT systems can have serious consequences for the health of computing infrastructures. Although incidents of external origin are also dangerous, the insider IT misuse problem is difficult to address for a number of reasons. A fundamental reason that makes the problem mitigation difficult relates to the level of trust legitimate users possess inside the organization. The trust factor makes it difficult to detect threats originating from the actions and credentials of individual users. An equally important difficulty in the process of mitigating insider IT threats is based on the variability of the problem. The nature of Insider IT misuse varies amongst organizations. Hence, the problem of expressing what constitutes a threat, as well as the process of detecting and predicting it are non trivial tasks that add up to the multi- factorial nature of insider IT misuse. This thesis is concerned with the process of systematizing the specification of insider threats, focusing on their system-level detection and prediction. The design of suitable user audit mechanisms and semantics form a Domain Specific Language to detect and predict insider misuse incidents. As a result, the thesis proposes in detail ways to construct standardized descriptions (signatures) of insider threat incidents, as means of aiding researchers and IT system experts mitigate the problem of insider IT misuse. The produced audit engine (LUARM – Logging User Actions in Relational Mode) and the Insider Threat Prediction and Specification Language (ITPSL) are two utilities that can be added to the IT insider misuse mitigation arsenal. LUARM is a novel audit engine designed specifically to address the needs of monitoring insider actions. These needs cannot be met by traditional open source audit utilities. ITPSL is an XML based markup that can standardize the description of incidents and threats and thus make use of the LUARM audit data. Its novelty lies on the fact that it can be used to detect as well as predict instances of threats, a task that has not been achieved to this date by a domain specific language to address threats. The research project evaluated the produced language using a cyber-misuse experiment approach derived from real world misuse incident data. The results of the experiment showed that the ITPSL and its associated audit engine LUARM provide a good foundation for insider threat specification and prediction. Some language deficiencies relate to the fact that the insider threat specification process requires a good knowledge of the software applications used in a computer system. As the language is easily expandable, future developments to improve the language towards this direction are suggested

Volume 20, Issue 2 (1947)

https://digitalcommons.osgoode.yorku.ca/obiter_dicta/1096/thumbnail.jp