On the security of a new image encryption scheme based on chaotic map lattices

This paper reports a detailed cryptanalysis of a recently proposed encryption scheme based on the logistic map. Some problems are emphasized concerning the key space definition and the implementation of the cryptosystem using floating-point operations. It is also shown how it is possible to reduce considerably the key space through a ciphertext-only attack. Moreover, a timing attack allows the estimation of part of the key due to the existent relationship between this part of the key and the encryption/decryption time. As a result, the main features of the cryptosystem do not satisfy the demands of secure communications. Some hints are offered to improve the cryptosystem under study according to those requirements.Comment: 8 pages, 8 Figure

HardIDX: Practical and Secure Index with SGX

Software-based approaches for search over encrypted data are still either challenged by lack of proper, low-leakage encryption or slow performance. Existing hardware-based approaches do not scale well due to hardware limitations and software designs that are not specifically tailored to the hardware architecture, and are rarely well analyzed for their security (e.g., the impact of side channels). Additionally, existing hardware-based solutions often have a large code footprint in the trusted environment susceptible to software compromises. In this paper we present HardIDX: a hardware-based approach, leveraging Intel's SGX, for search over encrypted data. It implements only the security critical core, i.e., the search functionality, in the trusted environment and resorts to untrusted software for the remainder. HardIDX is deployable as a highly performant encrypted database index: it is logarithmic in the size of the index and searches are performed within a few milliseconds rather than seconds. We formally model and prove the security of our scheme showing that its leakage is equivalent to the best known searchable encryption schemes. Our implementation has a very small code and memory footprint yet still scales to virtually unlimited search index sizes, i.e., size is limited only by the general - non-secure - hardware resources

CacheZoom: How SGX Amplifies The Power of Cache Attacks

In modern computing environments, hardware resources are commonly shared, and parallel computation is widely used. Parallel tasks can cause privacy and security problems if proper isolation is not enforced. Intel proposed SGX to create a trusted execution environment within the processor. SGX relies on the hardware, and claims runtime protection even if the OS and other software components are malicious. However, SGX disregards side-channel attacks. We introduce a powerful cache side-channel attack that provides system adversaries a high resolution channel. Our attack tool named CacheZoom is able to virtually track all memory accesses of SGX enclaves with high spatial and temporal precision. As proof of concept, we demonstrate AES key recovery attacks on commonly used implementations including those that were believed to be resistant in previous scenarios. Our results show that SGX cannot protect critical data sensitive computations, and efficient AES key recovery is possible in a practical environment. In contrast to previous works which require hundreds of measurements, this is the first cache side-channel attack on a real system that can recover AES keys with a minimal number of measurements. We can successfully recover AES keys from T-Table based implementations with as few as ten measurements.Comment: Accepted at Conference on Cryptographic Hardware and Embedded Systems (CHES '17

A rapid non-destructive DNA extraction method for insects and other arthropods

Preparation of arthropods for morphological identification often damages or destroys DNA within the specimen. Conversely, DNA extraction methods often destroy the external physical characteristics essential for morphological identification. We have developed a rapid, simple and non-destructive DNA extraction technique for arthropod specimens. This technique was tested on four arthropod orders, using specimens that were fresh, preserved by air drying, stored in ethanol, or collected with sticky or propylene glycol traps. The technique could be completed in twenty minutes for Coleoptera, Diptera and Hemiptera, and two minutes for the subclass Acarina, without significant distortion, discolouration, or other damage to the specimens

Output-sensitive Information flow analysis

Part 1: Full PapersInternational audienceConstant-time programming is a countermeasure to prevent cache based attacks where programs should not perform memory accesses that depend on secrets. In some cases this policy can be safely relaxed if one can prove that the program does not leak more information than the public outputs of the computation. We propose a novel approach for verifying constant-time programming based on a new information flow property, called output-sensitive non-interference. Noninterference states that a public observer cannot learn anything about the private data. Since real systems need to intentionally declassify some information, this property is too strong in practice. In order to take into account public outputs we proceed as follows: instead of using complex explicit declassification policies, we partition variables in three sets: input, output and leakage variables. Then, we propose a typing system to statically check that leakage variables do not leak more information about the secret inputs than the public normal output. The novelty of our approach is that we track the dependence of leakage variables with respect not only to the initial values of input variables (as in classical approaches for noninterference), but taking also into account the final values of output variables. We adapted this approach to LLVM IR and we developed a prototype to verify LLVM implementations

Inter- and intralimb adaptations to a sensory perturbation during activation of the serotonin system after a low spinal cord transection in neonatal rats

Activation of the serotonin system has been shown to induce locomotor activity following a spinal cord transection. This study examines how the isolated spinal cord adapts to a sensory perturbation during activation of the serotonergic system. Real-time and persistent effects of a perturbation were examined in intact and spinal transected newborn rats. Rats received a spinal surgery (sham or low thoracic transection) on postnatal day 1 and were tested 9 days later. At test, subjects were treated with the serotonergic receptor agonist quipazine (3.0 mg/kg) to induce stepping behavior. Half of the subjects experienced range of motion (ROM) restriction during stepping, while the other half did not. Differences in stepping behavior (interlimb coordination) and limb trajectories (intralimb coordination) were found to occur in both intact and spinal subjects. Adaptations were seen in the forelimbs and hindlimbs. Also, real-time and persistent effects of ROM restriction (following removal of the perturbation) were seen in ROM-restricted subjects. This study demonstrates the sensitivity of the isolated spinal cord to sensory feedback in conjunction with serotonin modulation

Inter- and intralimb adaptations to a sensory perturbation during activation of the serotonin system after a low spinal cord transection in neonatal rats

Activation of the serotonin system has been shown to induce locomotor activity following a spinal cord transection. This study examines how the isolated spinal cord adapts to a sensory perturbation during activation of the serotonergic system. Real-time and persistent effects of a perturbation were examined in intact and spinal transected newborn rats. Rats received a spinal surgery (sham or low thoracic transection) on postnatal day 1 and were tested 9 days later. At test, subjects were treated with the serotonergic receptor agonist quipazine (3.0 mg/kg) to induce stepping behavior. Half of the subjects experienced range of motion (ROM) restriction during stepping, while the other half did not. Differences in stepping behavior (interlimb coordination) and limb trajectories (intralimb coordination) were found to occur in both intact and spinal subjects. Adaptations were seen in the forelimbs and hindlimbs. Also, real-time and persistent effects of ROM restriction (following removal of the perturbation) were seen in ROM-restricted subjects. This study demonstrates the sensitivity of the isolated spinal cord to sensory feedback in conjunction with serotonin modulation