655 research outputs found

    Theoretical differential fault attacks on FLIP and FiLIP

    Get PDF
    In this article, we examine Differential Fault Attacks (DFA) targeting two stream ciphers, FLIP and FiLIP. We explore the fault model where an adversary flips a single bit of the key at an unknown position. Our analysis involves establishing complexity bounds for these attacks, contingent upon the cryptographic parameters of the Boolean functions employed as filters and the key size. Initially, we demonstrate how the concept of sensitivity enables the detection of the fault position using only a few keystream bits. This represents an enhancement over previous DFA methodologies applied to these ciphers. Subsequently, we leverage the properties of the filter\u27s derivatives to execute attacks. This approach is universally applicable to any filter, and we delineate specific attack strategies for the two function families previously implemented in these ciphers

    Theoretical differential fault attacks on FLIP and FiLIP

    Get PDF
    In this article, we examine Differential Fault Attacks (DFA) targeting two stream ciphers, FLIP and FiLIP. We explore the fault model where an adversary flips a single bit of the key at an unknown position. Our analysis involves establishing complexity bounds for these attacks, contingent upon the cryptographic parameters of the Boolean functions employed as filters and the key size. Initially, we demonstrate how the concept of sensitivity enables the detection of the fault position using only a few keystream bits. This represents an enhancement over previous DFA methodologies applied to these ciphers. Subsequently, we leverage the properties of the filter's derivatives to execute attacks. This approach is universally applicable to any filter, and we delineate specific attack strategies for the two function families previously implemented in these ciphers

    Computer Science Principles with Python

    Get PDF
    This textbook is intended to be used for a first course in computer science, such as the College Board’s Advanced Placement course known as AP Computer Science Principles (CSP). This book includes all the topics on the CSP exam, plus some additional topics. It takes a breadth-first approach, with an emphasis on the principles which form the foundation for hardware and software. No prior experience with programming should be required to use this book. This version of the book uses the Python programming language.https://rdw.rowan.edu/oer/1024/thumbnail.jp

    Enhanced cryptographic approaches for SCADA network security.

    Get PDF
    Due to the overwhelming increase in open source code, off-the-shelf software packages, third party and vendor codes, along with the ease of getting information about hacking network security systems and attacking the well known holes in security systems, the problem of having a secure network system is much more difficult than before this boom in technology and information broadcast. What makes the problem even worse is trying to secure a network for real time control, such as a network using supervisory control and data acquisition (SCADA) systems, because now the problem has two faces: securing the real time control system and at the same time keeping the response time of the system in the acceptable range for the transactions\u27 level of service. There is a strong trend to chose security frameworks that have been popular in the e-commerce sites of the web, particularly because they proven to be very mature and secure for more than one and half decades. Examples include the transport level security (TLS) and its predecessor secured socket layer (SSL) framework that is based on the very popular public key cryptography and key distribution algorithms, such as Rivest, Shamir and Adleman (RSA), elliptic curve cryptography (ECC), and Diffie-Hellman. Despite the fact that these algorithms proved to be very powerful against most types of attacks, they are not tailored to secure SCADA networks, and consequently cause a significant degradation in the performance time of real time transactions. This dissertation offers two novel encryption algorithms for securing a SCADA network, the N-Secrecy and the Security Spectrum algorithms. N-Secrecy gave very good results when compared with the SSL; with N-Secrecy performance time in the range of one thousandth of the SSL. The Security Spectrum approach moved the encryption methodology from using numerical representations into using a physical representation based on modeling the conditions of the two communicating parties with a system of non-linear polynomials and then using computer algebra techniques. Both approaches have the potential to significantly enhance the security of commercial SCADA installations

    Quantum boolean functions

    Full text link
    In this paper we introduce the study of quantum boolean functions, which are unitary operators f whose square is the identity: f^2 = I. We describe several generalisations of well-known results in the theory of boolean functions, including quantum property testing; a quantum version of the Goldreich-Levin algorithm for finding the large Fourier coefficients of boolean functions; and two quantum versions of a theorem of Friedgut, Kalai and Naor on the Fourier spectra of boolean functions. In order to obtain one of these generalisations, we prove a quantum extension of the hypercontractive inequality of Bonami, Gross and Beckner.Comment: 47 pages; v5: fixes previously corrupt fil

    Computer Science Principles with C++

    Get PDF
    This textbook is intended to be used for a first course in computer science, such as the College Board’s Advanced Placement course known as AP Computer Science Principles (CSP). This book includes all the topics on the CSP exam, plus some additional topics. It takes a breadth-first approach, with an emphasis on the principles which form the foundation for hardware and software. No prior experience with programming should be required to use this book. This version of the book uses the C++ programming language.https://rdw.rowan.edu/oer/1025/thumbnail.jp

    Risk driven models & security framework for drone operation in GNSS-denied environments

    Get PDF
    Flying machines in the air without human inhabitation has moved from abstracts to reality and the concept of unmanned aerial vehicles continues to evolve. Drones are popularly known to use GPS and other forms of GNSS for navigation, but this has unfortunately opened them up to spoofing and other forms of cybersecurity threats. The use of computer vision to find location through pre-stored satellite images has become a suggested solution but this gives rise to security challenges in the form of spoofing, tampering, denial of service and other forms of attacks. These security challenges are reviewed with appropriate requirements recommended. This research uses the STRIDE threat analysis model to analyse threats in drone operation in GNSS-denied environment. Other threat models were considered including DREAD and PASTA, but STRIDE is chosen because of its suitability and the complementary ability it serves to other analytical methods used in this work. Research work is taken further to divide the drone system into units based in similarities in functions and architecture. They are then subjected to Failure Mode and Effects Analysis (FMEA), and Fault Tree Analysis (FTA). The STRIDE threat model is used as base events for the FTA and an FMEA is conducted based on adaptations from IEC 62443-1-1, Network and System Security- Terminology, concepts, and models and IEC 62443-3-2, security risk assessment for system design. The FTA and FMEA are widely known for functional safety purposes but there is a divergent use for the tools where we consider cybersecurity vulnerabilities specifically, instead of faults. The IEC 62443 series has become synonymous with Industrial Automation and Control Systems. However, inspiration is drawn from that series for this work because, drones, as much as any technological gadget in play recently, falls under a growing umbrella of quickly evolving devices, known as Internet of Things (IoT). These IoT devices can be principally considered as part of Industrial Automation and Control Systems. Results from the analysis are used to recommend security standards & requirements that can be applied in drone operation in GNSS-denied environments. The framework recommended in this research is consistent with IEC 62443-3-3, System security requirements and security levels and has the following categorization from IEC 62443-1-1, identification, and authentication control, use control, system integrity, data confidentiality, restricted data flow, timely response to events and resource availability. The recommended framework is applicable and relevant to military, private and commercial drone deployment because the framework can be adapted and further tweaked to suit the context which it is intended for. Application of this framework in drone operation in GNSS denied environment will greatly improve upon the cyber resilience of the drone network system
    • …
    corecore