KLEIN: A New Family of Lightweight Block Ciphers

Resource-efficient cryptographic primitives become fundamental for realizing both security and efficiency in embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a major role as a building block for security protocols. In this paper, we describe a new family of lightweight block ciphers named KLEIN, which is designed for resource-constrained devices such as wireless sensors and RFID tags. Compared to the related proposals, KLEIN has advantage in the software performance on legacy sensor platforms, while in the same time its hardware implementation can also be compact

Symmetric block ciphers with a block length of 32 bit

Subject of the thesis at hand is the analysis of symmetric block ciphers with a block length of 32 bit. It is meant to give a comprising overview over the topic of 32 bit block ciphers. The topic is divided in the examination of three questions. It contains a list of state of the art block ciphers with a block length of 32 bit. The block ciphers are being described, focussing on the encryption function. An SPN-based cipher with 32 bit block length is being proposed by rescaling the AES cipher. The 32 bit block length results in certain security issues. These so called risk factors are analysed and mitigating measures are proposed. The result of the thesis is, that 32 bit block ciphers can be implemented in a secure manner. The use of 32 bit ciphers should be limited to specific use-cases and with a profound risk analysis, to determine the protection class of the data to be encrypted

Towards assessing information privacy in microblogging online social networks. The IPAM framework

Les xarxes socials en línia incorporen diferents formes de comunicació interactiva com serveis de microblogs, compartició de fitxers multimèdia o xarxes de contactes professionals. En els últims anys han augmentat els escàndols públics en relació amb pràctiques qüestionables de la indústria de les xarxes socials pel que fa a la privacitat. Així, doncs, cal una avaluació efectiva i eficient del nivell de privacitat en les xarxes socials en línia. El focus de la present tesi és la construcció d'un esquema (IPAM) per a identificar i avaluar el nivell de privacitat proporcionat per les xarxes socials en línia, en particular per als serveis de microblogs. L'objectiu d'IPAM és ajudar els usuaris a identificar els riscos relacionats amb les seves dades. L'esquema també permet comparar el nivell de protecció de la privacitat entre diferents sistemes analitzats, de manera que pugui ser també utilitzat per proveïdors de servei i desenvolupadors per a provar i avaluar els seus sistemes i si les tècniques de privacitat usades són eficaces i suficients.Las redes sociales en línea incorporan diferentes formas de comunicación interactiva como servicios de microblogueo, compartición de ficheros multimedia o redes de contactos profesionales. En los últimos años han aumentado los escándalos públicos relacionados con prácticas cuestionables de la industria de las redes sociales en relación con la privacidad. Así pues, es necesaria una evaluación efectiva y eficiente del nivel de privacidad en las redes sociales en línea. El foco de la presente tesis es la construcción de un esquema (IPAM) para identificar y evaluar el nivel de privacidad proporcionado por las redes sociales en línea, en particular para los servicios de microblogueo. El objetivo de IPAM es ayudar a los usuarios a identificar los riesgos relacionados con sus datos. El esquema también permite comparar el nivel de protección de la privacidad entre diferentes sistemas analizados, de modo que pueda ser también utilizado por proveedores de servicio y desarrolladores para probar y evaluar sus sistemas y si las técnicas de privacidad usadas son eficaces y suficientes.Online social networks (OSNs) incorporate different forms of interactive communication, including microblogging services, multimedia sharing and business networking, among others. In recent years there has been an increase in the number of privacy-related public scandals involving questionable data handling practices in OSNs. This situation calls for an effective and efficient evaluation of the privacy level provided by such services. In this thesis, we take initial steps towards developing an information privacy assessment framework (IPAM framework) to compute privacy scores for online social networks in general, and microblogging OSNs in particular. The aim of the proposed framework is to help users identify personal data-related risks and how their privacy is protected when using one OSN or another. The IPAM framework also allows for a comparison between different systems' privacy protection level. This gives system providers, not only an idea of how they are positioned in the market vis-à-vis their competitors, but also recommendations on how to enhance their services

Spurious Features Everywhere -- Large-Scale Detection of Harmful Spurious Features in ImageNet

Benchmark performance of deep learning classifiers alone is not a reliable predictor for the performance of a deployed model. In particular, if the image classifier has picked up spurious features in the training data, its predictions can fail in unexpected ways. In this paper, we develop a framework that allows us to systematically identify spurious features in large datasets like ImageNet. It is based on our neural PCA components and their visualization. Previous work on spurious features of image classifiers often operates in toy settings or requires costly pixel-wise annotations. In contrast, we validate our results by checking that presence of the harmful spurious feature of a class is sufficient to trigger the prediction of that class. We introduce a novel dataset "Spurious ImageNet" and check how much existing classifiers rely on spurious features

Approximating ReLU on a Reduced Ring for Efficient MPC-based Private Inference

Secure multi-party computation (MPC) allows users to offload machine learning inference on untrusted servers without having to share their privacy-sensitive data. Despite their strong security properties, MPC-based private inference has not been widely adopted in the real world due to their high communication overhead. When evaluating ReLU layers, MPC protocols incur a significant amount of communication between the parties, making the end-to-end execution time multiple orders slower than its non-private counterpart. This paper presents HummingBird, an MPC framework that reduces the ReLU communication overhead significantly by using only a subset of the bits to evaluate ReLU on a smaller ring. Based on theoretical analyses, HummingBird identifies bits in the secret share that are not crucial for accuracy and excludes them during ReLU evaluation to reduce communication. With its efficient search engine, HummingBird discards 87--91% of the bits during ReLU and still maintains high accuracy. On a real MPC setup involving multiple servers, HummingBird achieves on average 2.03--2.67x end-to-end speedup without introducing any errors, and up to 8.64x average speedup when some amount of accuracy degradation can be tolerated, due to its up to 8.76x communication reduction

Efficient Cryptographic Algorithms and Protocols for Mobile Ad Hoc Networks

As the next evolutionary step in digital communication systems, mobile ad hoc networks (MANETs) and their specialization like wireless sensor networks (WSNs) have been attracting much interest in both research and industry communities. In MANETs, network nodes can come together and form a network without depending on any pre-existing infrastructure and human intervention. Unfortunately, the salient characteristics of MANETs, in particular the absence of infrastructure and the constrained resources of mobile devices, present enormous challenges when designing security mechanisms in this environment. Without necessary measures, wireless communications are easy to be intercepted and activities of users can be easily traced. This thesis presents our solutions for two important aspects of securing MANETs, namely efficient key management protocols and fast implementations of cryptographic primitives on constrained devices. Due to the tight cost and constrained resources of high-volume mobile devices used in MANETs, it is desirable to employ lightweight and specialized cryptographic primitives for many security applications. Motivated by the design of the well-known Enigma machine, we present a novel ultra-lightweight cryptographic algorithm, referred to as Hummingbird, for resource-constrained devices. Hummingbird can provide the designed security with small block size and is resistant to the most common attacks such as linear and differential cryptanalysis. Furthermore, we also present efficient software implementations of Hummingbird on 4-, 8- and 16-bit microcontrollers from Atmel and Texas Instruments as well as efficient hardware implementations on the low-cost field programmable gate arrays (FPGAs) from Xilinx, respectively. Our experimental results show that after a system initialization phase Hummingbird can achieve up to 147 and 4.7 times faster throughput for a size-optimized and a speed-optimized software implementation, respectively, when compared to the state-of-the-art ultra-lightweight block cipher PRESENT on the similar platforms. In addition, the speed optimized Hummingbird encryption core can achieve a throughput of 160.4 Mbps and the area optimized encryption core only occupies 253 slices on a Spartan-3 XC3S200 FPGA device. Bilinear pairings on the Jacobians of (hyper-)elliptic curves have received considerable attention as a building block for constructing cryptographic schemes in MANETs with new and novel properties. Motivated by the work of Scott, we investigate how to use efficiently computable automorphisms to speed up pairing computations on two families of non-supersingular genus 2 hyperelliptic curves over prime fields. Our findings lead to new variants of Miller's algorithm in which the length of the main loop can be up to 4 times shorter than that of the original Miller's algorithm in the best case. We also generalize Chatterjee et al.'s idea of encapsulating the computation of the line function with the group operations to genus 2 hyperelliptic curves, and derive new explicit formulae for the group operations in projective and new coordinates in the context of pairing computations. Efficient software implementation of computing the Tate pairing on both a supersingular and a non-supersingular genus 2 curve with the same embedding degree of k = 4 is investigated. Combining the new algorithm with known optimization techniques, we show that pairing computations on non-supersingular genus 2 curves over prime fields use up to 55.8% fewer field operations and run about 10% faster than supersingular genus 2 curves for the same security level. As an important part of a key management mechanism, efficient key revocation protocol, which revokes the cryptographic keys of malicious nodes and isolates them from the network, is crucial for the security and robustness of MANETs. We propose a novel self-organized key revocation scheme for MANETs based on the Dirichlet multinomial model and identity-based cryptography. Firmly rooted in statistics, our key revocation scheme provides a theoretically sound basis for nodes analyzing and predicting peers' behavior based on their own observations and other nodes' reports. Considering the difference of malicious behaviors, we proposed to classify the nodes' behavior into three categories, namely good behavior, suspicious behavior and malicious behavior. Each node in the network keeps track of three categories of behavior and updates its knowledge about other nodes' behavior with 3-dimension Dirichlet distribution. Based on its own analysis, each node is able to protect itself from malicious attacks by either revoking the keys of the nodes with malicious behavior or ceasing the communication with the nodes showing suspicious behavior for some time. The attack-resistant properties of the resulting scheme against false accusation attacks launched by independent and collusive adversaries are also analyzed through extensive simulations. In WSNs, broadcast authentication is a crucial security mechanism that allows a multitude of legitimate users to join in and disseminate messages into the networks in a dynamic and authenticated way. During the past few years, several public-key based multi-user broadcast authentication schemes have been proposed in the literature to achieve immediate authentication and to address the security vulnerability intrinsic to μTESLA-like schemes. Unfortunately, the relatively slow signature verification in signature-based broadcast authentication has also incurred a series of problems such as high energy consumption and long verification delay. We propose an efficient technique to accelerate the signature verification in WSNs through the cooperation among sensor nodes. By allowing some sensor nodes to release the intermediate computation results to their neighbors during the signature verification, a large number of sensor nodes can accelerate their signature verification process significantly. When applying our faster signature verification technique to the broadcast authentication in a 4×4 grid-based WSN, a quantitative performance analysis shows that our scheme needs 17.7%~34.5% less energy and runs about 50% faster than the traditional signature verification method

Black-Box Dissector: Towards Erasing-based Hard-Label Model Stealing Attack

Previous studies have verified that the functionality of black-box models can be stolen with full probability outputs. However, under the more practical hard-label setting, we observe that existing methods suffer from catastrophic performance degradation. We argue this is due to the lack of rich information in the probability prediction and the overfitting caused by hard labels. To this end, we propose a novel hard-label model stealing method termed \emph{black-box dissector}, which consists of two erasing-based modules. One is a CAM-driven erasing strategy that is designed to increase the information capacity hidden in hard labels from the victim model. The other is a random-erasing-based self-knowledge distillation module that utilizes soft labels from the substitute model to mitigate overfitting. Extensive experiments on four widely-used datasets consistently demonstrate that our method outperforms state-of-the-art methods, with an improvement of at most $8.27\%$. We also validate the effectiveness and practical potential of our method on real-world APIs and defense methods. Furthermore, our method promotes other downstream tasks, \emph{i.e.}, transfer adversarial attacks