Some hints for the design of digital chaos-based cryptosystems: lessons learned from cryptanalysis

In this work we comment some conclusions derived from the analysis of recent proposals on the field of chaos-based cryptography. These observations remark the main problems detected in some of those schemes under examination. Therefore, this paper is a list of what to avoid when considering chaos as source of new strategies to conceal and protect information

Formal security analysis of registration protocols for interactive systems: a methodology and a case of study

In this work we present and formally analyze CHAT-SRP (CHAos based Tickets-Secure Registration Protocol), a protocol to provide interactive and collaborative platforms with a cryptographically robust solution to classical security issues. Namely, we focus on the secrecy and authenticity properties while keeping a high usability. In this sense, users are forced to blindly trust the system administrators and developers. Moreover, as far as we know, the use of formal methodologies for the verification of security properties of communication protocols isn't yet a common practice. We propose here a methodology to fill this gap, i.e., to analyse both the security of the proposed protocol and the pertinence of the underlying premises. In this concern, we propose the definition and formal evaluation of a protocol for the distribution of digital identities. Once distributed, these identities can be used to verify integrity and source of information. We base our security analysis on tools for automatic verification of security protocols widely accepted by the scientific community, and on the principles they are based upon. In addition, it is assumed perfect cryptographic primitives in order to focus the analysis on the exchange of protocol messages. The main property of our protocol is the incorporation of tickets, created using digests of chaos based nonces (numbers used only once) and users' personal data. Combined with a multichannel authentication scheme with some previous knowledge, these tickets provide security during the whole protocol by univocally linking each registering user with a single request. [..]Comment: 32 pages, 7 figures, 8 listings, 1 tabl

Crisis Across the Dog-Starred Verse: Tales of Heroism, Horror, and Apocalypse

Crisis Across the Dog-Starred Verse: Tales of Heroism, Horror, and Apocalypse is a collection of formal and free-verse poems. Although a few pieces are confessional in nature, many of the poems borrow from the genres of speculative fiction: horror and science fiction specifically. The thesis is not divided into sections, rather it alternates visions of a confessional real world and fantasy space. Many poems cover the death of my dog and our adventures in the multiverse, while others like “Together We Are Monsters” are meditations on monsters and pornography. Two longer pieces, however, “Campus of the 21st Century,” and “The Yellow House” push away from the contemporary short form model and towards long, narrative poetry in the mode of short stories

Breaking a Chaotic Cryptographic Scheme Based on Composition Maps

Recently, a chaotic cryptographic scheme based on composition maps was proposed. This paper studies the security of the scheme and reports the following findings: 1) the scheme can be broken by a differential attack with $6+\lceil\log_L(MN)\rceil$ chosen-plaintext, where $MN$ is the size of plaintext and $L$ is the number of different elements in plain-text; 2) the scheme is not sensitive to the changes of plaintext; 3) the two composition maps do not work well as a secure and efficient random number source.Comment: 9 pages, 7 figure

Cryptanalysis of a family of self-synchronizing chaotic stream ciphers

Unimodal maps have been broadly used as a base of new encryption strategies. Recently, a stream cipher has been proposed in the literature, whose keystream is basically a symbolic sequence of the (one-parameter) logistic map or of the tent map. In the present work a thorough analysis of the keystream is made which reveals the existence of some serious security problemsComment: 10 pages, 6 figure

Estimation of the control parameter from symbolic sequences: Unimodal maps with variable critical point

The work described in this paper can be interpreted as an application of the order patterns of symbolic dynamics when dealing with unimodal maps. Specifically, it is shown how Gray codes can be used to estimate the probability distribution functions (PDFs) of the order patterns of parametric unimodal maps. Furthermore, these PDFs depend on the value of the parameter, what eventually provides a handle to estimate the parameter value from symbolic sequences (in form of Gray codes), even when the critical point depends on the parameter.Comment: 10 pages, 14 figure

Mobile Application for Emergencies Management

The Bachelor Thesis presented in this document is based in the development of an application for Android devices oriented to everyone. The main objective of the application is to notify users about situations of emergency that happen near their location. The first of the principal functions of the application allows users to notify about situations witnessed considered as emergencies through an interface that allows the creation of voice messages that are sent to a server that will store them to notify other users. The second principal function of the application is being able to notify any emergency situation happening near the user. To do so, users are able to see a list of all emergencies near them, having the possibility to see in a map the exact location of each of the them. The server with which the communication is established has the responsibility to check that the emergencies sent by users are trustful by means of a sentimental analysis of the text sent through an external API provided by MeaningCloud. This analysis is carried out with the objective of assuring that the message is not sent with dishonest purposes. In addition, once the message truthfulness is verified, the text is analyzed in search of keywords with which it can be identified with a particular type of emergency. Moreover, all the data stored in the database is not only obtained from messages sent by users, it also includes emergencies sent directly from the official twitter account of the DGT (Dirección General de Tráfico) that are obtained by means of the Twitter API. The report includes an analysis of the tools and platforms used to develop the system. Some of these resources are the client-server paradigm, Android Studio, programming languages like Java for Android, Python or MySQL and, external APIs provided by MeaningCloud or Twitter. Finally, also the different parts in which the system is divided is described in depth, including the way in which they have been developed along with the decisions taken during their development.Ingeniería Informátic