Crypto-test-lab for security validation of ECC co-processor test infrastructure

© 20xx IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting /republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other worksElliptic Curve Cryptography (ECC) is a technology for public-key cryptography that is becoming increasingly popular because it provides greater speed and implementation compactness than other public-key technologies. Calculations, however, may not be executed by software, since it would be so time consuming, thus an ECC co-processor is commonly included to accelerate the speed. Test infrastructure in crypto co-processors is often avoided because it poses serious security holes against adversaries. However, ECC co-processors include complex modules for which only functional test methodologies are unsuitable, because they would take an unacceptably long time during the production test. Therefore, some internal test infrastructure is always included to permit the application of structural test techniques. Designing a secure test infrastructure is quite a complex task that relies on the designer's experience and on trial & error iterations over a series of different types of attacks. Most of the severe attacks cannot be simulated because of the demanding computational effort and the lack of proper attack models. Therefore, prototypes are prepared using FPGAs. In this paper, a Crypto-Test-Lab is presented that includes an ECC co-processor with flexible test infrastructure. Its purpose is to facilitate the design and validation of secure strategies for testing in this type of co-processor.Postprint (author's final draft

Randomized Symmetric Crypto Spatial Fusion Steganographic System

The image fusion steganographic system embeds encrypted messages in decomposed multimedia carriers using a pseudorandom generator but it fails to evaluate the contents of the cover image. This results in the secret data being embedded in smooth regions, which leads to visible distortion that affects the imperceptibility and confidentiality. To solve this issue, as well as to improve the quality and robustness of the system, the Randomized Symmetric Crypto Spatial Fusion Steganography System is proposed in this study. It comprises three-subsystem bitwise encryption, spatial fusion, and bitwise embedding. First, bitwise encryption encrypts the message using bitwise operation to improve the confidentiality. Then, spatial fusion decomposes and evaluates the region of embedding on the basis of sharp intensity and capacity. This restricts the visibility of distortion and provides a high embedding capacity. Finally, the bitwise embedding system embeds the encrypted message through differencing the pixels in the region by 1, checking even or odd options and not equal to zero constraints. This reduces the modification rate to avoid distortion. The proposed heuristic algorithm is implemented in the blue channel, to which the human visual system is less sensitive. It was tested using standard IST natural images with steganalysis algorithms and resulted in better quality, imperceptibility, embedding capacity and invulnerability to various attacks compared to other steganographic systems

Computer-aided proofs for multiparty computation with active security

Secure multi-party computation (MPC) is a general cryptographic technique that allows distrusting parties to compute a function of their individual inputs, while only revealing the output of the function. It has found applications in areas such as auctioning, email filtering, and secure teleconference. Given its importance, it is crucial that the protocols are specified and implemented correctly. In the programming language community it has become good practice to use computer proof assistants to verify correctness proofs. In the field of cryptography, EasyCrypt is the state of the art proof assistant. It provides an embedded language for probabilistic programming, together with a specialized logic, embedded into an ambient general purpose higher-order logic. It allows us to conveniently express cryptographic properties. EasyCrypt has been used successfully on many applications, including public-key encryption, signatures, garbled circuits and differential privacy. Here we show for the first time that it can also be used to prove security of MPC against a malicious adversary. We formalize additive and replicated secret sharing schemes and apply them to Maurer's MPC protocol for secure addition and multiplication. Our method extends to general polynomial functions. We follow the insights from EasyCrypt that security proofs can be often be reduced to proofs about program equivalence, a topic that is well understood in the verification of programming languages. In particular, we show that in the passive case the non-interference-based definition is equivalent to a standard game-based security definition. For the active case we provide a new NI definition, which we call input independence

Quasi group based crypto-system

For electronic commerce and other applications it is required to encrypt data that is transmitted over an unsecured channel. The data is encrypted/randomized using a key. Algorithms such as DES and ECC randomize the data such that un-authorized user cannot decrypt it .This thesis presents a practical implementation of a quasi group based multilevel, indexed scrambling transformation for use in signal encryption. Results of experiments with text and speech scrambling are presented. It is shown that the quasi group transformation maximizes the entropy at the output, which is desirable for a good system. This system provides extremely large group of keys that ensures enhanced security. It can work in either the chain mode or the block mode. Block mode is more tolerant to errors compared to the chain mode

Defining a sample template for governmental procurements of cryptographic products

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2006Includes bibliographical references (leaves: 46-47)Text in English; Abstract: Turkish and Englishxi, 47 leavesIt is a well-known truth that nobody can easily find a law, act, directive, code or a publicly available technical specification which describe crytopgraphic-based security systems and/or cryptographic modules in Turkey. Besides that, from the international aspect, the only government released standarts take place in the "Federal Information Standarts Publication (FIPS) 140-2", published by United States "National Institute of Standarts and Technology (NIST)" on May 25th, 2001 (which became the international standart after Final Commitee Document accepted as "ISO/IEC 19790:2006" on March 9th, 2006) which specifies the security requirements that should be satisfied by a cryptographic module.Since the protection of sensitive and valuable (sometimes lifecritical) data transfered via critical governmental cryptographic systems is very important and requires high confidentiality, the need for defining a sample template technical specification of those cryptographic systems is that much high.The sample template specification which is made up in this study aims to be a starting point or initiative for preparing a cryptographic module specification in governmental procurements