31 research outputs found
An Administrative Model for Role-Based Access Control Using Hierarchical Namespace
Access Control is an important mechanism of information security. Role-Based Access Control is a famous access control approach with good flexibility. RBAC96 and ARBAC97 are classical RBAC models. The ARBAC97 model facilitates decentralized administration of RBAC. However, ARBAC97 has some shortcomings in the case of being used in an organization with autonomous subsidiaries. The member of an administrative role can operate directly in the role range of a junior administrative role, which violates the autonomy of subsidiaries. We propose a new model named N-RBAC to overcome this weakness. In NRBAC, roles are arranged according to a hierarchical namespace structure. Thus the role hierarchy is constructed in a local space instead of in a global space. The N-RBAC model does a better work in decentralized role administration in those organizations composed of autonomous subsidiaries
Replicating Persistent Memory Key-Value Stores with Efficient RDMA Abstraction
Combining persistent memory (PM) with RDMA is a promising approach to
performant replicated distributed key-value stores (KVSs). However, existing
replication approaches do not work well when applied to PM KVSs: 1) Using RPC
induces software queueing and execution at backups, increasing request latency;
2) Using one-sided RDMA WRITE causes many streams of small PM writes, leading
to severe device-level write amplification (DLWA) on PM. In this paper, we
propose Rowan, an efficient RDMA abstraction to handle replication writes in PM
KVSs; it aggregates concurrent remote writes from different servers, and lands
these writes to PM in a sequential (thus low DLWA) and one-sided (thus low
latency) manner. We realize Rowan with off-the-shelf RDMA NICs. Further, we
build Rowan-KV, a log-structured PM KVS using Rowan for replication. Evaluation
shows that under write-intensive workloads, compared with PM KVSs using RPC and
RDMA WRITE for replication, Rowan-KV boosts throughput by 1.22X and 1.39X as
well as lowers median PUT latency by 1.77X and 2.11X, respectively, while
largely eliminating DLWA.Comment: Accepted to OSDI 202
On the Entropy of Oscillator-Based True Random Number Generators
True random number generators (TRNGs) are essential for cryptographic systems, and they are usually evaluated by the concept of entropy. In general, the entropy of a TRNG is estimated from its stochastic model, and reflected in the statistical results of the generated raw bits. Oscillator-based TRNGs are widely used in practical cryptographic systems due to its elegant structure, and its stochastic model has been studied in different aspects. In this paper, we investigate the applicability of the different entropy estimation methods for oscillator-based TRNGs, including the bit-rate entropy, the lower bound and the approx imate entropy. Particularly, we firstly analyze the two existing stochastic models (one of which is phase-based and the other is time-based), and deduce consistent bit-rate entropy results from these two models. Then, we design an approximate entropy calculation method on the output raw bits of a simulated oscillator-based TRNG, and this statistical calculation result well matches the bit-rate entropy from stochastic models. In addition, we discuss the extreme case of tiny randomness where some methods are inapplicable, and provide the recommendations for these entropy evaluation methods. Finally, we design a hardware verification method in a real oscillator-based TRNG, and validate these estimation methods in the hardware platform
Utilizing the Double-Precision Floating-Point Computing Power of GPUs for RSA Acceleration
Asymmetric cryptographic algorithm (e.g., RSA and Elliptic Curve Cryptography) implementations on Graphics Processing Units (GPUs) have been researched for over a decade. The basic idea of most previous contributions is exploiting the highly parallel GPU architecture and porting the integer-based algorithms from general-purpose CPUs to GPUs, to offer high performance. However, the great potential cryptographic computing power of GPUs, especially by the more powerful floating-point instructions, has not been comprehensively investigated in fact. In this paper, we fully exploit the floating-point computing power of GPUs, by various designs, including the floating-point-based Montgomery multiplication/exponentiation algorithm and Chinese Remainder Theorem (CRT) implementation in GPU. And for practical usage of the proposed algorithm, a new method is performed to convert the input/output between octet strings and floating-point numbers, fully utilizing GPUs and further promoting the overall performance by about 5%. The performance of RSA-2048/3072/4096 decryption on NVIDIA GeForce GTX TITAN reaches 42,211/12,151/5,790 operations per second, respectively, which achieves 13 times the performance of the previous fastest floating-point-based implementation (published in Eurocrypt 2009). The RSA-4096 decryption precedes the existing fastest integer-based result by 23%
HPAZ: a High-throughput Pipeline Architecture of ZUC in Hardware
Abstract.In this paper, we propose a high-throughput pipeline architecture of the stream cipher ZUC which has been included in the security portfolio of 3GPP LTE-Advanced. In the literature, the schema with the highest throughput only implements the working stage of ZUC. The schemas which implement ZUC completely can only achieve a much lower throughput, since a self-feedback loop in the critical path significantly reduces operating frequency. In this paper we design a mixed two-stage pipeline architecture which not only completely implements ZUC but also significantly raises the throughput. We have imple-mented our architecture on FPGA and ASIC. On FPGA platform, the new architecture increases the throughput by 45%, compared with the latest work, and particularly the new architecture also saves nearly 12% of hardware resource. On 65nm ASIC technology, the throughput of the new design can up to 80Gbps, which is 2.7 times faster than the fastest one in the literature, in particularly, it also saves at least 40% of hardware resource. In addition to the academic design, compared with the fastest commercial design, the new architecture doubles the throughput of that. To the best of our knowledge, this evaluation
result is so far the best outcome. It can be assumed that hardware implementations of ZUC following our architecture will fit in future LTE equipments bette
Launching Return-Oriented Programming Attacks against Randomized Relocatable Executables
Abstract—Since the day it was proposed, return-oriented programming has shown to be an effective and powerful attack technique against the write or execute only (W ⊕ X) protection. However, a general belief in the previous research is, systems deployed with address space randomization where the executables are also randomized at run-time are able to defend against return-oriented programming, as the addresses of all instructions are randomized. In this paper, we show that due to the weakness of current address space randomization technique, there are still ways of launching return-oriented programming attacks against those well-protected systems efficiently. We demonstrate and evaluate our attacks with existing typical web server applications and discuss possible methods of mitigating such threats. Keywords-return-oriented programming; address space randomization; position independent executable; I
UPPRESSO: Untraceable and Unlinkable Privacy-PREserving Single Sign-On Services
Single sign-on (SSO) allows a user to maintain only the credential at the
identity provider (IdP), to login to numerous RPs. However, SSO introduces
extra privacy threats, compared with traditional authentication mechanisms, as
(a) the IdP could track all RPs which a user is visiting, and (b) collusive RPs
could learn a user's online profile by linking his identities across these RPs.
This paper proposes a privacypreserving SSO system, called UPPRESSO, to protect
a user's login activities against both the curious IdP and collusive RPs. We
analyze the identity dilemma between the security requirements and these
privacy concerns, and convert the SSO privacy problems into an identity
transformation challenge. In each login instance, an ephemeral pseudo-identity
(denoted as PID_RP ) of the RP, is firstly negotiated between the user and the
RP. PID_RP is sent to the IdP and designated in the identity token, so the IdP
is not aware of the visited RP. Meanwhile, PID_RP is used by the IdP to
transform the permanent user identity ID_U into an ephemeral user
pseudo-identity (denoted as PID_U ) in the identity token. On receiving the
identity token, the RP transforms PID_U into a permanent account (denoted as
Acct) of the user, by an ephemeral trapdoor in the negotiation. Given a user,
the account at each RP is unique and different from ID_U, so collusive RPs
cannot link his identities across these RPs. We build the UPPRESSO prototype on
top of MITREid Connect, an open-source implementation of OIDC. The extensive
evaluation shows that UPPRESSO fulfills the requirements of both security and
privacy and introduces reasonable overheads
FROPUF: How to Extract More Entropy from Two Ring Oscillators in FPGA-Based PUFs
Ring oscillator (RO) based physically unclonable function
(PUF) on FPGAs is crucial and popular for its nice properties and easy
implementation. The compensated measurement based on the ratio of
two ring oscillators’ frequencies proves to be particularly effective to extract
entropy of process variations. However from two ring oscillators
only one bit entropy is extracted and RO PUFs will occupy numerous
resource with the size of private information increasing. Motivated by this
inefficient resource usage, we propose an elegant and efficient method to
extract at least 31 bits entropy from two ring oscillators on FPGAs by
utilizing the fine control of programmable delay lines (PDL). We call this
construction Further ROPUF (FROPUF). In this paper, we present in
detail how to take advantage of the underlying random process variation
which derives from the lookup tables (LUT) of two ring oscillators,
and show that the in-depth variation can be extracted by a similar second
order difference calculation. In addition, we reveal the consistency
of the evaluation results from Xilinx FPGAs (e.g. Virtex-5, Virtex-6,
Kintex-7) and those by simulation of FROPUF. The responses of our
new construction have a nominal bit-error-rate (BER) of 1.85% at 27
◦
C
and FROPUF greatly promotes the number of entropy with equivalent
reliability of the general ROPUF
LMS-SM3 and HSS-SM3: Instantiating Hash-based Post-Quantum Signature Schemes with SM3
We instantiate the hash-based post-quantum stateful signature schemes LMS and HSS described in RFC 8554 and NIST SP 800-208 with SM3, and report on the results of the preliminary performance test
XMSS-SM3 and MT-XMSS-SM3: Instantiating Extended Merkle Signature Schemes with SM3
We instantiate the hash-based post-quantum stateful signature schemes XMSS and its multi-tree version described in RFC 8391 and NIST SP 800-208 with SM3, and report on the results of the preliminary performance test