Security Analysis Techniques Using Differential Relationships For Block Ciphers

The uses of block cipher has become crucial in nowadays’ computing era as well as the information security. Information must be available only for authenticated and authorized users.However,flaws and weaknesses in the cryptosystem can breach the security of stored and transmitted information.A weak key in the key schedule is well-known issues which may affect several round keys have same bits in common.Besides,information leaked from the implementation also affects the security of block ciphers.Based on the flaws and leakage,the adversary is able to assess the differential relationships in block cipher using differential cryptanalysis technique. Firstly,the existing differential cryptanalysis techniques have been evaluated.Secondly,based on the gaps that have to be filled in the existing differential cryptanalysis techniques,new frameworks of differential cryptanalysis techniques have been proposed and designed by using Pearson correlation coefficient,Hamming-weight leakage assumption and reference point.The Pearson correlation coefficient is used to determine the repeated differential properties in the key schedules.Meanwhile, reference point and Hamming-weight leakage assumption are used to assess the security of the implementation of block ciphers against side-channel cube attack and differential fault analysis.Thirdly,all proposed frameworks have been assessed.The results show that the repeated differential properties are found for AES, PRESENT and Simeck key schedules.However,AES key schedule is definitely ideal to be adopted in the design for the future cryptographic algorithm.In addition,the newly designed frameworks for side-channel differential analysis techniques have been able to reduce the attack complexities for Simeck32/64,KATAN32 and KTANTAN32 compared to previous work.In conclusion,the proposed frameworks are effective in analyzing the security of block ciphers using differential cryptanalysis techniques

A Security Analysis of IoT Encryption: Side-channel Cube Attack on Simeck32/64

Simeck, a lightweight block cipher has been proposed to be one of the encryption that can be employed in the Internet of Things (IoT) applications. Therefore, this paper presents the security of the Simeck32/64 block cipher against side-channel cube attack. We exhibit our attack against Simeck32/64 using the Hamming weight leakage assumption to extract linearly independent equations in key bits. We have been able to find 32 linearly independent equations in 32 key variables by only considering the second bit from the LSB of the Hamming weight leakage of the internal state on the fourth round of the cipher. This enables our attack to improve previous attacks on Simeck32/64 within side-channel attack model with better time and data complexity of 2^35 and 2^11.29 respectively.Comment: 12 pages, 6 figures, 4 tables, International Journal of Computer Networks & Communication

The Direction of Lightweight Ciphers in Mobile Big Data Computing

AbstractIt is too fast. The advances of the computing technology are moving very fast and far from the era of gigantic machine. This advanced technology offers easy, fast and wide range of computing activities particularly users who want to use the Internet, regardless of time and place. In addition, this advanced technology can also connect more communication tool. At the same time, greater storage platform is also available as mobile computing cloud computing architecture adopted to carry out computer activities. However, the larger the network which is connected to a computer, the more susceptible the computer to the outside threats. Indirectly, the communication system and the information stored in the computer are also exposed. Therefore, in this paper, we has discussed on the evolution of the computing which begin with the distributed system until recent computing technology which we called Mobile Big Data Computing. Besides, in this paper, we define the term Mobile Big Data Computing. Our discussion focuses on the information security aspects for the security of storage and transmitted data. Ultimately, this paper discusses the direction of the lightweight cipher design consideration towards Mobile Big Data Computing

Fault Analysis of the KTANTAN Family of Block Ciphers: A Revisited Work of Fault Analysis of the KATAN Family of Block Ciphers

This paper investigates the security of the KTANTAN block cipher against differential fault analysis. This attack is considered to be first side channel analysis of KTANTAN in the literature. KTANTAN is a relative to the KATAN block cipher. Therefore, the previous fault analysis on KATAN family of block cipher is revisited. Similar to KATAN, KTANTAN has three variants namely KTANTAN32, KTANTAN48 and KTANTAN64. The inner structure of KTANTAN is similar to KATAN except the key schedule algorithms. KATAN has been practically broken by using fault analysis, employing a transient single-bit fault model, with the assumption is that the attacker is able to inject faults randomly into the internal state of the cipher. The attack is empowerd by extended cube method similarly as applied on KATAN. The complexity of this attack is $2^{74}$ for KTANTAN32 and $2^{76}$ for both KTANTAN48 and KTANTAN64. Furthermore, based on the obtained results, this paper concludes that KTANTAN is more robust against fault analysis compared to KATAN

Into the Look: Security Issues, Crypto-Hygiene, and Future Direction of Blockchain and Cryptocurrency for Beginners in Malaysia

This paper presents a brief overview of blockchain and cryptocurrency for beginners in Malaysia. Cryptocurrency is an innovation for financial technology (also called FinTech) which has been innovated based on the blockchain technology. The presence of several properties provided by blockchain allows cryptocurrency to be traded and exchanged in a virtual environment; just like the common currencies used today. However, as the processes for exchanging and managing blockchain and cryptocurrency are carried out over the Internet, users are vulnerable to several cyber-attacks. Besides, the existence of cryptocurrency may lead to other crimes such as money-laundering and online gambling. Therefore, this paper discusses security issues and crimes related to cryptocurrency. Furthermore, this paper proposes an improved crypto-hygiene as the guideline to mitigate and minimize the risk of cyber-attack which may also assist beginners who wish to involve with cryptocurrency or any blockchain applications in gaining some insights and opinions regarding blockchain and cryptocurrency

C19-SmartQ: Applying Real-Time Multi-Organization Queuing Management System Using Predictive Model to Maintain Social Distancing

COVID-19 is a pandemic crisis that has introduced new norm to the world where we are not encouraged to be in 3C areas, namely crowded place, confined space, and close conservation. We must also ensure that we are at least one meter apart from one another at all time even while queuing. The queuing process can be seen at any organization that offer services. Adhering to the new norm can be a challenge for organization such as banks, hospitals, and government offices when the number of clients waiting in queue increases while in confined space.  On the client’s side, they must go through the queue process of obtaining a queue number ticket and then wait to be served in confined and sometimes crowded space every time they require a service.  Thequeue process will be repeated at different premise. This study proposes real-time multi-organizationsC19-SmartQ system which use predictive modelling to generate single or consecutive queue number tickets for any client requiring services from two different organizations located within the same building.  C19-SmartQsystemmanages queues thus administer social distancing and streamline queues to reduce waiting periods and improve service efficiency. To ensure operability of C19-SmartQ system, itwas tested on the functionality and web server speed performance. The web server speed performance results show that data transfer and web loading were stable since there was only an increase of 0.2 seconds or 0.08% as the number of users per session increases. In the future, the system can be designed to accommodate queuing for more organizations located within the same building.  Machine learning can also be integrated in the system to improve the predictive modelling based on current environment at each organization

C19-SmartQ: Applying Real-Time Multi-Organization Queuing Management System Using Predictive Model to Maintain Social Distancing

COVID-19 is a pandemic crisis that has introduced new norm to the world where we are not encouraged to be in 3C areas, namely crowded place, confined space, and close conservation. We must also ensure that we are at least one meter apart from one another at all time even while queuing. The queuing process can be seen at any organization that offer services. Adhering to the new norm can be a challenge for organization such as banks, hospitals, and government offices when the number of clients waiting in queue increases while in confined space.  On the client’s side, they must go through the queue process of obtaining a queue number ticket and then wait to be served in confined and sometimes crowded space every time they require a service.  Thequeue process will be repeated at different premise. This study proposes real-time multi-organizationsC19-SmartQ system which use predictive modelling to generate single or consecutive queue number tickets for any client requiring services from two different organizations located within the same building.  C19-SmartQsystemmanages queues thus administer social distancing and streamline queues to reduce waiting periods and improve service efficiency. To ensure operability of C19-SmartQ system, itwas tested on the functionality and web server speed performance. The web server speed performance results show that data transfer and web loading were stable since there was only an increase of 0.2 seconds or 0.08% as the number of users per session increases. In the future, the system can be designed to accommodate queuing for more organizations located within the same building.  Machine learning can also be integrated in the system to improve the predictive modelling based on current environment at each organization.</p