Sensor Data Integrity Verification for Real-time and Resource Constrained Systems

Sensors are used in multiple applications that touch our lives and have become an integral part of modern life. They are used in building intelligent control systems in various industries like healthcare, transportation, consumer electronics, military, etc. Many mission-critical applications require sensor data to be secure and authentic. Sensor data security can be achieved using traditional solutions like cryptography and digital signatures, but these techniques are computationally intensive and cannot be easily applied to resource constrained systems. Low complexity data hiding techniques, on the contrary, are easy to implement and do not need substantial processing power or memory. In this applied research, we use and configure the established low complexity data hiding techniques from the multimedia forensics domain. These techniques are used to secure the sensor data transmissions in resource constrained and real-time environments such as an autonomous vehicle. We identify the areas in an autonomous vehicle that require sensor data integrity and propose suitable water-marking techniques to verify the integrity of the data and evaluate the performance of the proposed method against different attack vectors. In our proposed method, sensor data is embedded with application specific metadata and this process introduces some distortion. We analyze this embedding induced distortion and its impact on the overall sensor data quality to conclude that watermarking techniques, when properly configured, can solve sensor data integrity verification problems in an autonomous vehicle.Ph.D.College of Engineering & Computer ScienceUniversity of Michigan-Dearbornhttp://deepblue.lib.umich.edu/bitstream/2027.42/167387/3/Raghavendar Changalvala Final Dissertation.pdfDescription of Raghavendar Changalvala Final Dissertation.pdf : Dissertatio

Decryption Failure Attacks on Post-Quantum Cryptography

This dissertation discusses mainly new cryptanalytical results related to issues of securely implementing the next generation of asymmetric cryptography, or Public-Key Cryptography (PKC).PKC, as it has been deployed until today, depends heavily on the integer factorization and the discrete logarithm problems.Unfortunately, it has been well-known since the mid-90s, that these mathematical problems can be solved due to Peter Shor's algorithm for quantum computers, which achieves the answers in polynomial time.The recently accelerated pace of R&D towards quantum computers, eventually of sufficient size and power to threaten cryptography, has led the crypto research community towards a major shift of focus.A project towards standardization of Post-quantum Cryptography (PQC) was launched by the US-based standardization organization, NIST. PQC is the name given to algorithms designed for running on classical hardware/software whilst being resistant to attacks from quantum computers.PQC is well suited for replacing the current asymmetric schemes.A primary motivation for the project is to guide publicly available research toward the singular goal of finding weaknesses in the proposed next generation of PKC.For public key encryption (PKE) or digital signature (DS) schemes to be considered secure they must be shown to rely heavily on well-known mathematical problems with theoretical proofs of security under established models, such as indistinguishability under chosen ciphertext attack (IND-CCA).Also, they must withstand serious attack attempts by well-renowned cryptographers both concerning theoretical security and the actual software/hardware instantiations.It is well-known that security models, such as IND-CCA, are not designed to capture the intricacies of inner-state leakages.Such leakages are named side-channels, which is currently a major topic of interest in the NIST PQC project.This dissertation focuses on two things, in general:1) how does the low but non-zero probability of decryption failures affect the cryptanalysis of these new PQC candidates?And 2) how might side-channel vulnerabilities inadvertently be introduced when going from theory to the practice of software/hardware implementations?Of main concern are PQC algorithms based on lattice theory and coding theory.The primary contributions are the discovery of novel decryption failure side-channel attacks, improvements on existing attacks, an alternative implementation to a part of a PQC scheme, and some more theoretical cryptanalytical results

Security strategies in genomic files

There are new mechanisms to sequence and process the genomic code, discovering thus diagnostic tools and treatments. The file for a sequenced genome can reach hundreds of gigabytes. Thus, for further studies, we need new means to compress the information and a standardized representation to simplify the development of new tools. The ISO standardization group MPEG has used its expertise in compressing multimedia content to compress genomic information and develop its ´MPEG-G standard’. Given the sensitivity of the data, security is a major identified requirement. This thesis proposes novel technologies that assure the security of both the sequenced data and its metadata. We define a container-based file format to group data, metadata, and security information at the syntactical level. It includes new features like grouping multiple results in a same file to simplify the transport of whole studies. We use the granularity of the encoder’s output to enhance security. The information is represented in units, each dedicated to a specific region of the genome, which allows to provide encryption and signature features on a region base. We analyze the trade-off between security and an even more fine-grained approach and prove that apparently secure settings can be insecure: if the file creator may encrypt only specific elements of a unit, cross-checking unencrypted information permits to infer encrypted content. Most of the proposals for MPEG-G coming from other research groups and companies focused on data compression and representation. However, the need was recognized to find a solution for metadata encoding. Our proposal was included in the standard: an XML-based solution, separated in a core specification and extensions. It permits to adapt the metadata schema to the different genomic repositories' frameworks, without importing requirements from one framework to another. To simplify the handling of the resulting metadata, we define profiles, i.e. lists of extensions that must be present in a given framework. We use XML signature and XML encryption for metadata security. The MPEG requirements also concern access rules. Our privacy solutions limit the range of persons with access and we propose access rules represented with XACML to convey under which circumstances a user is granted access to a specific action among the ones specified in MPEG-G's API, e.g. filtering data by attributes. We also specify algorithms to combine multiple rules by defining default behaviors and exceptions. The standard’s security mechanisms protect the information only during transport and access. Once the data is obtained, the user could publish it. In order to identify leakers, we propose an algorithm that generates unique, virtually undetectable variations. Our solution is novel as the marking can be undone (and the utility of the data preserved) if the corresponding secret key is revealed. We also show how to combine multiple secret keys to avoid collusion. The API retained for MPEG-G considers search criteria not present in the indexing tables, which highlights shortcomings. Based on the proposed MPEG-G API we have developed a solution. It is based on a collaboration framework where the different users' needs and the patient's privacy settings result in a purpose-built file format that optimizes query times and provides privacy and authenticity on the patient-defined genomic regions. The encrypted output units are created and indexed to optimize query times and avoid rarely used indexing fields. Our approach resolves the shortcomings of MPEG-G's indexing strategy. We have submitted our technologies to the MPEG standardization committee. Many have been included in the final standard, via merging with other proposals (e.g. file format), discussion (e.g. security mechanisms), or direct acceptance (e.g. privacy rules).Hi han nous mètodes per la seqüenciació i el processament del codi genòmic, permetent descobrir eines de diagnòstic i tractaments en l’àmbit mèdic. El resultat de la seqüenciació d’un genoma es representa en un fitxer, que pot ocupar centenars de gigabytes. Degut a això, hi ha una necessitat d’una representació estandarditzada on la informació és comprimida. Dins de la ISO, el grup MPEG ha fet servir la seva experiència en compressió de dades multimèdia per comprimir dades genòmiques i desenvolupar l'estàndard MPEG-G, sent la seguretat un dels requeriments principals. L'objectiu de la tesi és garantir aquesta seguretat (encriptant, firmant i definint regles d¿ accés) tan per les dades seqüenciades com per les seves metadades. El primer pas és definir com transportar les dades, metadades i paràmetres de seguretat. Especifiquem un format de fitxer basat en contenidors per tal d'agrupar aquets elements a nivell sintàctic. La nostra solució proposa noves funcionalitats com agrupar múltiples resultats en un mateix fitxer. Pel que fa la seguretat de dades, la nostra proposta utilitza les propietats de la sortida del codificador. Aquesta sortida és estructurada en unitats, cadascuna dedicada a una regió concreta del genoma, permetent una encriptació i firma de dades específica a la unitat. Analitzem el compromís entre seguretat i un enfocament de gra més fi demostrant que configuracions aparentment vàlides poden no ser-ho: si es permet encriptar sols certes sub-unitats d'informació, creuant els continguts no encriptats, podem inferir el contingut encriptat. Quant a metadades, proposem una solució basada en XML separada en una especificació bàsica i en extensions. Podem adaptar l'esquema de metadades als diferents marcs de repositoris genòmics, sense imposar requeriments d’un marc a un altre. Per simplificar l'ús, plantegem la definició de perfils, és a dir, una llista de les extensions que han de ser present per un marc concret. Fem servir firmes XML i encriptació XML per implementar la seguretat de les metadades. Les nostres solucions per la privacitat limiten qui té accés a les dades, però no en limita l’ús. Proposem regles d’accés representades amb XACML per indicar en quines circumstàncies un usuari té dret d'executar una de les accions especificades a l'API de MPEG-G (per exemple, filtrar les dades per atributs). Presentem algoritmes per combinar regles, per tal de poder definir casos per defecte i excepcions. Els mecanismes de seguretat de MPEG-G protegeixen la informació durant el transport i l'accés. Una vegada l’usuari ha accedit a les dades, les podria publicar. Per tal d'identificar qui és l'origen del filtratge de dades, proposem un algoritme que genera modificacions úniques i virtualment no detectables. La nostra solució és pionera, ja que els canvis es poden desfer si el secret corresponent és publicat. Per tant, la utilitat de les dades és mantinguda. Demostrem que combinant varis secrets, podem evitar col·lusions. L'API seleccionada per MPEG-G, considera criteris de cerca que no són presents en les taules d’indexació. Basant-nos en aquesta API, hem desenvolupat una solució. És basada en un marc de col·laboració, on la combinació de les necessitats dels diferents usuaris i els requeriments de privacitat del pacient, es combinen en una representació ad-hoc que optimitza temps d’accessos tot i garantint la privacitat i autenticitat de les dades. La majoria de les nostres propostes s’han inclòs a la versió final de l'estàndard, fusionant-les amb altres proposes (com amb el format del fitxer), demostrant la seva superioritat (com amb els mecanismes de seguretat), i fins i tot sent acceptades directament (com amb les regles de privacitat).Postprint (published version