102 research outputs found
Оцінка рівня безпеки операцій, виконуваних засобами захисту інформації
Розвинуто методику оцінки рівня безпеки виконуваних засобами захисту інформації
базових операцій алгоритмів криптографічних перетворень над даними у маскованому
представленні.A methodology for estimation of security level of basic operations execution on masked data for cryptographic transformations algorithms by information protection means was further developed
A MAC Mode for Lightweight Block Ciphers
status: accepte
Identity Based Threshold Ring Signature
In threshold ring signature schemes, any group of entities spontaneously conscripting arbitrarily entities to generate a publicly verifiable -out-of- signature on behalf of the whole group, yet the actual signers remain anonymous. The spontaneity of these schemes is desirable for ad-hoc groups such as mobile ad-hoc networks. In this paper, we present an identity based (ID-based) threshold ring signature scheme. The scheme is provably secure in the
random oracle model and provides trusted authority compatibility. To the best of authors\u27 knowledge, our scheme is the first ID-based threshold ring signature scheme which is also the most efficient (in terms of number of pairing operations required) ID-based ring signature scheme (when ) and threshold ring signature scheme from pairings
Innovative Method of the Power Analysis
This paper describes an innovative method of the power analysis which presents the typical example of successful attacks against trusted cryptographic devices such as RFID (Radio-Frequency IDentifications) and contact smart cards. The proposed method analyzes power consumption of the AES (Advanced Encryption Standard) algorithm with neural network, which successively classifies the first byte of the secret key. This way of the power analysis is an entirely new approach and it is designed to combine the advantages of simple and differential power analysis. In the extreme case, this feature allows to determine the whole secret key of a cryptographic module only from one measured power trace. This attribute makes the proposed method very attractive for potential attackers. Besides theoretical design of the method, we also provide the first implementation results. We assume that the method will be certainly optimized to obtain more accurate classification results in the future
A new trapdoorindistinguishable public key encryption with keyword search
Abstract The public key encryption with keyword search (PEKS) provides a way for users to search data which are encrypted under the users' public key on a storage system. However, the original schemes are based on the unrealistic assumption of a secure channel between the receiver and the server. Baek et al. [1] first proposed a secure channel-free public key encryption with keyword search (SCF-PEKS) to remove the assumption. However, Rhee et al
Comparison of Online Platforms for the Review Process of Conference Paper
[EN] Organizing conferences requires the consideration
of several aspects, such as the choice of the most appropriate
platform to manage the received papers or the conference
location, among others. To this goal, we are going to compare
some of the most important review platforms, which allow us
to host our conferences. In recent years,new systems based on
software applications have emerged. This software can be
downloaded from the developer websites. These give us more
options to choose from. Keeping in mind some of the most
important review platforms, we are going to compare the
services that each one offers, as well as their advantages and
disadvantages. In addition, we are going to show several
statistics about the use of these platforms during recent years.
This work can help the conference organizers choose the most
appropriate platform to manage their conference.Parra, L.; Sendra, S.; Ficarelli, S.; Lloret, J. (2013). Comparison of Online Platforms for the Review Process of Conference Paper. IARIA XPS Press. 16-22. http://hdl.handle.net/10251/191354162
A Modular and Adaptive System for Business Email Compromise Detection
The growing sophistication of Business Email Compromise (BEC) and spear
phishing attacks poses significant challenges to organizations worldwide. The
techniques featured in traditional spam and phishing detection are insufficient
due to the tailored nature of modern BEC attacks as they often blend in with
the regular benign traffic. Recent advances in machine learning, particularly
in Natural Language Understanding (NLU), offer a promising avenue for combating
such attacks but in a practical system, due to limitations such as data
availability, operational costs, verdict explainability requirements or a need
to robustly evolve the system, it is essential to combine multiple approaches
together. We present CAPE, a comprehensive and efficient system for BEC
detection that has been proven in a production environment for a period of over
two years. Rather than being a single model, CAPE is a system that combines
independent ML models and algorithms detecting BEC-related behaviors across
various email modalities such as text, images, metadata and the email's
communication context. This decomposition makes CAPE's verdicts naturally
explainable. In the paper, we describe the design principles and constraints
behind its architecture, as well as the challenges of model design, evaluation
and adapting the system continuously through a Bayesian approach that combines
limited data with domain knowledge. Furthermore, we elaborate on several
specific behavioral detectors, such as those based on Transformer neural
architectures
Fortress: Securing IoT Peripherals with Trusted Execution Environments
With the increasing popularity of Internet of Things (IoT) devices, securing
sensitive user data has emerged as a major challenge. These devices often
collect confidential information, such as audio and visual data, through
peripheral inputs like microphones and cameras. Such sensitive information is
then exposed to potential threats, either from malicious software with
high-level access rights or transmitted (sometimes inadvertently) to untrusted
cloud services. In this paper, we propose a generic design to enhance the
privacy in IoT-based systems by isolating peripheral I/O memory regions in a
secure kernel space of a trusted execution environment (TEE). Only a minimal
set of peripheral driver code, resident within the secure kernel, can access
this protected memory area.
This design effectively restricts any unauthorised access by system software,
including the operating system and hypervisor. The sensitive peripheral data is
then securely transferred to a user-space TEE, where obfuscation mechanisms can
be applied before it is relayed to third parties, e.g., the cloud. To validate
our architectural approach, we provide a proof-of-concept implementation of our
design by securing an audio peripheral based on inter-IC sound (I2S), a serial
bus to interconnect audio devices. The experimental results show that our
design offers a robust security solution with an acceptable computational
overhead.Comment: 8 page
- …