Applications of Artificial Intelligence to Cryptography

This paper considers some recent advances in the field of Cryptography using Artificial Intelligence (AI). It specifically considers the applications of Machine Learning (ML) and Evolutionary Computing (EC) to analyze and encrypt data. A short overview is given on Artificial Neural Networks (ANNs) and the principles of Deep Learning using Deep ANNs. In this context, the paper considers: (i) the implementation of EC and ANNs for generating unique and unclonable ciphers; (ii) ML strategies for detecting the genuine randomness (or otherwise) of finite binary strings for applications in Cryptanalysis. The aim of the paper is to provide an overview on how AI can be applied for encrypting data and undertaking cryptanalysis of such data and other data types in order to assess the cryptographic strength of an encryption algorithm, e.g. to detect patterns of intercepted data streams that are signatures of encrypted data. This includes some of the authors’ prior contributions to the field which is referenced throughout. Applications are presented which include the authentication of high-value documents such as bank notes with a smartphone. This involves using the antenna of a smartphone to read (in the near field) a flexible radio frequency tag that couples to an integrated circuit with a non-programmable coprocessor. The coprocessor retains ultra-strong encrypted information generated using EC that can be decrypted on-line, thereby validating the authenticity of the document through the Internet of Things with a smartphone. The application of optical authentication methods using a smartphone and optical ciphers is also briefly explored

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Dynamic key scheduling algorithm for block ciphers using quasigroup string transformation

Cryptographic ciphers depend on how quickly the key affects the output of the ciphers (ciphertext). Keys are traditionally generated from small size input (seed) to a bigger size random key(s). Key scheduling algorithm (KSA) is the mechanism that generates and schedules all sub-keys for each round of encryption. Researches have suggested that sub-keys should be generated separately to avoid related-key attack. Similarly, the key space should be disproportionately large to resist any attack on the secret key. To archive that, some algorithms adopt the use of matrixes such as quasigroup, Hybrid cubes and substitution box (S-box) to generate the encryption keys. Quasigroup has other algebraic property called “Isotophism”, which literally means Different quasigroups that has the same order of elements but different arrangements can be generated from the existing one. This research proposed a Dynamic Key Scheduling Algorithm (KSA) using isotope of a quasigroup as the dynamic substitution table. A method of generating isotope from a non-associative quasigroup using one permutation with full inheritance is achieved. The generic quasigroup string transformation has been analyzed and it is found to be vulnerable to ciphertext only attack which eventually led to the proposal of a new quasigroup string transformation in this research to assess its strength as it has never been analyzed nor properly implemented before. Based on the dynamic shapeless quasigroup and the proposed new string transformation, a Dynamic Key Scheduling Algorithm (DKSA) is developed. To validate the findings, non-associativity of the generated isotopes has been tested and the generated isotopes appeared to be non-associative. Furthermore, the proposed KSA algorithm has been validated using the randomness test proposed and recommended by NIST, avalanche test and has achieved remarkable result of 94%, brute force and correlation assessment test with -0.000449 correlations. It was fully implemented in a modified Rijndael block cipher to validate it performance and it has produced a remarkable result of 3.35332 entropy

Unpredictable popular music : history, praxis, perception : cryptography, serialism, pseudorandom generation, chance, improvisation and infinite monkeys.

EThOS - Electronic Theses Online ServiceGBUnited Kingdo

The Proceedings of 14th Australian Information Security Management Conference, 5-6 December 2016, Edith Cowan University, Perth, Australia

The annual Security Congress, run by the Security Research Institute at Edith Cowan University, includes the Australian Information Security and Management Conference. Now in its fourteenth year, the conference remains popular for its diverse content and mixture of technical research and discussion papers. The area of information security and management continues to be varied, as is reflected by the wide variety of subject matter covered by the papers this year. The conference has drawn interest and papers from within Australia and internationally. All submitted papers were subject to a double blind peer review process. Fifteen papers were submitted from Australia and overseas, of which ten were accepted for final presentation and publication. We wish to thank the reviewers for kindly volunteering their time and expertise in support of this event. We would also like to thank the conference committee who have organised yet another successful congress. Events such as this are impossible without the tireless efforts of such people in reviewing and editing the conference papers, and assisting with the planning, organisation and execution of the conferences. To our sponsors also a vote of thanks for both the financial and moral support provided to the conference. Finally, thank you to the administrative and technical staff, and students of the ECU Security Research Institute for their contributions to the running of the conference

Security of Ubiquitous Computing Systems

The chapters in this open access book arise out of the EU Cost Action project Cryptacus, the objective of which was to improve and adapt existent cryptanalysis methodologies and tools to the ubiquitous computing framework. The cryptanalysis implemented lies along four axes: cryptographic models, cryptanalysis of building blocks, hardware and software security engineering, and security assessment of real-world systems. The authors are top-class researchers in security and cryptography, and the contributions are of value to researchers and practitioners in these domains. This book is open access under a CC BY license

Investigations in the design and analysis of key-stream generators

iv+113hlm.;24c

A framework for cryptography algorithms on mobile devices

Mobile communication devices have become a popular tool for gathering and disseminating information and data. With the evidence of the growth of wireless technology and a need for more flexible, customizable and better-optimised security schemes, it is evident that connection-based security such as HTTPS may not be sufficient. In order to provide sufficient security at the application layer, developers need access to a cryptography package. Such packages are available as third party mobile cryptographic toolkits or are supported natively on the mobile device. Typically mobile cryptographic packages have reduced their number of API methods to keep the package lightweight in size, but consequently making it quite complex to use. As a result developers could easily misuse a method which can weaken the entire security of a system without knowing it. Aside from the complexities in the API, mobile cryptography packages often do not apply sound cryptography within the implementation of the algorithms thus causing vulnerabilities in its utilization and initialization. Although FIPS 140-2 and CAPI suggest guidelines on how cryptographic algorithms should be implemented, they do not define the guidelines for implementing and using cryptography in a mobile environment. In our study, we do not define new cryptographic algorithms, instead, we investigate how sound cryptography can be applied practically in a mobile application environment and developed a framework called Linca (which stands for Logical Integration of Cryptographic Architectures) that can be used as a mobile cryptographic package to demonstrate our findings. The benefit that Linca has is that it hides the complexity of making incorrect cryptographic algorithm decisions, cryptographic algorithm initialization and utilization and key management, while maintaining a small size. Linca also applies sound cryptographic fundamentals internally within the framework, which radiates these benefits outwards at the API. Because Linca is a framework, certain architecture and design patterns are applied internally so that the cryptographic mechanisms and algorithms can be easily maintained. Linca showed better results when evaluated against two mobile cryptography API packages namely Bouncy Castle API and Secure and Trust Service API in terms of security and design. We demonstrate the applicability of Linca on using two realistic examples that cover securing network channels and on-device data.Dissertation (MSc (Computer Science))--University of Pretoria, 2007.Computer ScienceMScunrestricte

Trusted execution: applications and verification

Useful security properties arise from sealing data to specific units of code. Modern processors featuring Intel’s TXT and AMD’s SVM achieve this by a process of measured and trusted execution. Only code which has the correct measurement can access the data, and this code runs in an environment trusted from observation and interference. We discuss the history of attempts to provide security for hardware platforms, and review the literature in the field. We propose some applications which would benefit from use of trusted execution, and discuss functionality enabled by trusted execution. We present in more detail a novel variation on Diffie-Hellman key exchange which removes some reliance on random number generation. We present a modelling language with primitives for trusted execution, along with its semantics. We characterise an attacker who has access to all the capabilities of the hardware. In order to achieve automatic analysis of systems using trusted execution without attempting to search a potentially infinite state space, we define transformations that reduce the number of times the attacker needs to use trusted execution to a pre-determined bound. Given reasonable assumptions we prove the soundness of the transformation: no secrecy attacks are lost by applying it. We then describe using the StatVerif extensions to ProVerif to model the bounded invocations of trusted execution. We show the analysis of realistic systems, for which we provide case studies