851 research outputs found
The ping-pong protocol can be attacked without eavesdropping
Attack the ping-pong protocol without eavesdropping.Comment: PACS: 03.67.H
Breaking a chaos-noise-based secure communication scheme
This paper studies the security of a secure communication scheme based on two
discrete-time intermittently-chaotic systems synchronized via a common random
driving signal. Some security defects of the scheme are revealed: 1) the key
space can be remarkably reduced; 2) the decryption is insensitive to the
mismatch of the secret key; 3) the key-generation process is insecure against
known/chosen-plaintext attacks. The first two defects mean that the scheme is
not secure enough against brute-force attacks, and the third one means that an
attacker can easily break the cryptosystem by approximately estimating the
secret key once he has a chance to access a fragment of the generated
keystream. Yet it remains to be clarified if intermittent chaos could be used
for designing secure chaotic cryptosystems.Comment: RevTeX4, 11 pages, 15 figure
Return-Map Cryptanalysis Revisited
As a powerful cryptanalysis tool, the method of return-map attacks can be
used to extract secret messages masked by chaos in secure communication
schemes. Recently, a simple defensive mechanism was presented to enhance the
security of chaotic parameter modulation schemes against return-map attacks.
Two techniques are combined in the proposed defensive mechanism: multistep
parameter modulation and alternative driving of two different transmitter
variables. This paper re-studies the security of this proposed defensive
mechanism against return-map attacks, and points out that the security was much
over-estimated in the original publication for both ciphertext-only attack and
known/chosen-plaintext attacks. It is found that a deterministic relationship
exists between the shape of the return map and the modulated parameter, and
that such a relationship can be used to dramatically enhance return-map attacks
thereby making them quite easy to break the defensive mechanism.Comment: 11 pages, 7 figure
Equivalence-based Security for Querying Encrypted Databases: Theory and Application to Privacy Policy Audits
Motivated by the problem of simultaneously preserving confidentiality and
usability of data outsourced to third-party clouds, we present two different
database encryption schemes that largely hide data but reveal enough
information to support a wide-range of relational queries. We provide a
security definition for database encryption that captures confidentiality based
on a notion of equivalence of databases from the adversary's perspective. As a
specific application, we adapt an existing algorithm for finding violations of
privacy policies to run on logs encrypted under our schemes and observe low to
moderate overheads.Comment: CCS 2015 paper technical report, in progres
Statistical distribution, host for encrypted information
The statistical distribution, when determined from an incomplete set of
constraints, is shown to be suitable as host for encrypted information. We
design an encoding/decoding scheme to embed such a distribution with hidden
information. The encryption security is based on the extreme instability of the
encoding procedure. The essential feature of the proposed system lies in the
fact that the key for retrieving the code is generated by random perturbations
of {\em {very small value}}. The security of the proposed encryption relies on
the security to interchange the secret key. Hence, it appears as a good
complement to the quantum key distribution protocol.Comment: Physica A, in press 200
Cryptanalysis of an MPEG-Video Encryption Scheme Based on Secret Huffman Tables
This paper studies the security of a recently-proposed MPEG-video encryption
scheme based on secret Huffman tables. Our cryptanalysis shows that: 1) the key
space of the encryption scheme is not sufficiently large against
divide-and-conquer (DAC) attack and known-plaintext attack; 2) it is possible
to decrypt a cipher-video with a partially-known key, thus dramatically
reducing the complexity of the DAC brute-force attack in some cases; 3) its
security against the chosen-plaintext attack is very weak. Some experimental
results are included to support the cryptanalytic results with a brief discuss
on how to improve this MPEG-video encryption scheme.Comment: 8 pages, 4 figure
Secure pseudo-random linear binary sequences generators based on arithmetic polynoms
We present a new approach to constructing of pseudo-random binary sequences
(PRS) generators for the purpose of cryptographic data protection, secured from
the perpetrator's attacks, caused by generation of masses of hardware errors
and faults. The new method is based on use of linear polynomial arithmetic for
the realization of systems of boolean characteristic functions of PRS'
generators. "Arithmetizatio" of systems of logic formulas has allowed to apply
mathematical apparatus of residue systems for multisequencing of the process of
PRS generation and organizing control of computing errors, caused by hardware
faults. This has guaranteed high security of PRS generator's functioning and,
consequently, security of tools for cryptographic data protection based on
those PRSs
MV3: A new word based stream cipher using rapid mixing and revolving buffers
MV3 is a new word based stream cipher for encrypting long streams of data. A
direct adaptation of a byte based cipher such as RC4 into a 32- or 64-bit word
version will obviously need vast amounts of memory. This scaling issue
necessitates a look for new components and principles, as well as mathematical
analysis to justify their use. Our approach, like RC4's, is based on rapidly
mixing random walks on directed graphs (that is, walks which reach a random
state quickly, from any starting point). We begin with some well understood
walks, and then introduce nonlinearity in their steps in order to improve
security and show long term statistical correlations are negligible. To
minimize the short term correlations, as well as to deter attacks using
equations involving successive outputs, we provide a method for sequencing the
outputs derived from the walk using three revolving buffers. The cipher is fast
-- it runs at a speed of less than 5 cycles per byte on a Pentium IV processor.
A word based cipher needs to output more bits per step, which exposes more
correlations for attacks. Moreover we seek simplicity of construction and
transparent analysis. To meet these requirements, we use a larger state and
claim security corresponding to only a fraction of it. Our design is for an
adequately secure word-based cipher; our very preliminary estimate puts the
security close to exhaustive search for keys of size < 256 bits.Comment: 27 pages, shortened version will appear in "Topics in Cryptology -
CT-RSA 2007
Efficient quantum direct communication with authentication
Two protocols of quantum direct communication with authentication [Phys. Rev.
A 73, 042305(2006)] were recently indicated to be insecure against the
authenticator Trent's attacks [Phys. Rev. A 75, 026301(2007)]. We present two
efficient protocols by using four Pauli operations, which are secure against
inner Trent's attacks as well as outer Eve's attacks. Finally, we generalize
them to multiparty quantum direction communication.Comment: 4 pages, 4 table
Markov modeling of moving target defense games
We introduce a Markov-model-based framework for Moving Target Defense (MTD) analysis. The framework allows modeling of broad range of MTD strategies, provides general theorems about how the probability of a successful adversary defeating an MTD strategy is related to the amount of time/cost spent by the adversary, and shows how a multi-level composition of MTD strategies can be analyzed by a straightforward combination of the analysis for each one of these strategies. Within the proposed framework we define the concept of security capacity which measures the strength or effectiveness of an MTD strategy: the security capacity depends on MTD specific parameters and more general system parameters. We apply our framework to two concrete MTD strategies
- …