Lightweight MACs from Universal Hash Functions

International audienceLightweight cryptography is a topic of growing importance, with the goal to secure the communication of low-end devices that are not powerful enough to use conventional cryptography. There have been many recent proposals of lightweight block ciphers, but comparatively few results on lightweight Message Authentication Codes (MACs). Therefore, this paper focuses on lightweight MACs. We review some existing constructions, and revisit the choices made in mainstream MACs with a focus on lightweight cryptography. We consider MACs based on universal hash functions, because they offer information theoretic security , can be implemented efficiently and are widely used in conventional cryptography. However, many constructions used in practice (such as GMAC or Poly1305-AES) follow the Wegman-Carter-Shoup construction , which is only secure up to 2 64 queries with a 128-bit state. We point out that there are simple solutions to reach security beyond the birthday bound, and we propose a concrete instantiation, MAC611, reaching 61-bit security with a 61-bit universal hash function. We wrote an optimized implementation on two ARM micro-controllers, and we obtain very good performances on the Cortex-M4, at only 3.7 c/B for long messages, and less than one thousand cycles for short messages

Construction of Lightweight S-Boxes using Feistel and MISTY structures (Full Version)

The aim of this work is to find large S-Boxes, typically operating on 8 bits, having both good cryptographic properties and a low implementation cost. Such S-Boxes are suitable building-blocks in many lightweight block ciphers since they may achieve a better security level than designs based directly on smaller S-Boxes. We focus on S-Boxes corresponding to three rounds of a balanced Feistel and of a balanced MISTY structure, and generalize the recent results by Li and Wang on the best differential uniformity and linearity offered by such a construction. Most notably, we prove that Feistel networks supersede MISTY networks for the construction of 8-bit permutations. Based on these results, we also provide a particular instantiation of an 8-bit permutation with better properties than the S-Boxes used in several ciphers, including Robin, Fantomas or CRYPTON

A generalisation of Dillon's APN permutation with the best known differential and linear properties for all fields of size 24k+22^{4k+2}

The existence of Almost Perfect Nonlinear (APN) permutations operating on an even number of variables was a long-standing open problem, until an example with six variables was exhibited by Dillon et al. in 2009. However it is still unknown whether this example can be generalised to any even number of inputs. In a recent work, Perrin et al. described an infinite family of permutations, named butterflies, operating on (4k+2) variables and with differential uniformity at most 4, which contains the Dillon APN permutation. In this paper, we generalise this family, and we completely solve the two open problems raised by Perrin et al.. Indeed we prove that all functions in this larger family have the best known non-linearity. We also show that this family does not contain any APN permutation besides the Dillon permutation, implying that all other functions have differential uniformity exactly four

Cryptanalysis of the FLIP Family of Stream Ciphers

International audienceAt Eurocrypt 2016, Méaux et al. proposed FLIP, a new family of stream ciphers intended for use in Fully Homomorphic Encryption systems. Unlike its competitors which either have a low initial noise that grows at each successive encryption, or a high constant noise, the FLIP family of ciphers achieves a low constant noise thanks to a new construction called filter permutator. In this paper, we present an attack on the early version of FLIP that exploits the structure of the filter function and the constant internal state of the cipher. Applying this attack to the two instantiations proposed by Méaux et al. allows for a key recovery in 2 54 basic operations (resp. 2 68), compared to the claimed security of 2 80 (resp. 2 128)

Toward an Enhanced Mutual Awareness in Asymmetric CVE

International audience—Collaborative Virtual Environments (CVEs) aim at providing several users with a consistent shared virtual world. In this work, we focus on the lack of mutual awareness that may appear in many situations and we evaluate different ways to present the distant user and his actions in the Virtual Environment (VE) in order to understand his perception and cognitive process. Indeed, an efficient collaboration involves not only the good perception of some objects but their meaning too. This second criterion introduces the concept of distant analysis that could be a great help in improving the understanding of distant activities. For this work, we focus on a common case consisting in estimating accurately the time at which a distant user analyzed the meaning of a remotely pointed object. Thus, we conduct some experiments to evaluate the concept and compare different techniques for implementing this new awareness feature in a CVE. Amongst others, results show that expertise of the users influences on how they estimate the distant activity and the type of applied strategies

Cardiomyocytes and Macrophages Discourse on the Method to Govern Cardiac Repair

In response to pathophysiological stress, the cardiac tissue undergoes profound remodeling process that incorporates the elimination of dying resident cells, compensatory hypertrophy of functional cardiomyocytes, growth and remodeling of the vascular compartment and formation of a fibrotic scar. Accumulating evidences indicate that cardiac remodeling is, at least in part, controlled by a complex crosstalk between cardiomyocytes and macrophages. The strategic location of abundant macrophages to the proximity of cardiomyocytes suggest that they could regulate the fate of cardiomyocytes in the injured heart. As such, macrophages appear as critical support cells for cardiomyocytes and play central roles in cardiac hypertrophy, fibrosis and remodeling. Notably, the cardiac tissue expands heterogeneous population of cardiac macrophages through local proliferation of resident macrophage as well as recruitment and differentiation of blood-derived monocytes. It has also been suggested that cardiac-resident macrophages display distinct functional properties from that of monocyte-derived macrophages in cardiac tissue. Furthermore, macrophages are an overflowing source of biological entities with non-canonical roles on cardiac conduction or cardiomyocyte proliferation by regulating action potential diffusion or cardiac cell cycle reentry. Alternatively, stressed cardiomyocytes can trigger the release of a broad repertoire of instructive signals that can regulate macrophage number, skew their phenotype and therefore direct their beneficial or deleterious actions. In this review, we highlight recent discoveries describing how the intricate dialogue between cardiomyocytes and macrophages can shape the deleterious or healing signaling mechanisms in the injured cardiac tissue

Diversité des cheptels et diversification des morphotypes bovins dans le tiers nord-ouest des Gaules entre la fin de l’âge du Fer et la période romaine

International audienceIt is assumed that in the Roman West we see the development of taller and more robust domestic animals than during Iron Age but great uncertainties remain concerning the process that led to these transformations. This paper is a contribution to a better understanding of these modifications. From a large bone assemblage (about 12,000 pieces, that is to say more than 50,000 measurements) taken from 85 towns in Belgium and in the third north-western France, an osteometric research has been conducted on one species (essentially based on the Log Size Index method): cattle. Results highlighted new features in the characteristics of Celtic and Roman herds. The first one shows the heterogeneity of the indigenous livestock with strong variations according to geographical areas. Some civitates have herds of high stature animals while others raised smaller ones. The other information lies in the diversity of the dynamics of appearance and diffusion of large bovids. Each territory acted differently to these transformations, according to its degree of assimilation, resources at its disposal, soil quality or agrarian culture, showing distinct evolutions in the size of the animals as in their morphology.S'il est admis que, dans les provinces occidentales de l'Empire, la période romaine est le théâtre du développement d'animaux domestiques plus grands et plus robustes qu'à l'époque gauloise, de fortes incertitudes persistent quant aux processus ayant amené les changements observés. Cet article se propose donc de contribuer à mieux les comprendre. À partir d'un important corpus d'os (près de 12 000 pièces, soit plus de 50 000 mesures), tiré de 85 communes de Belgique et du tiers nord-ouest de la France, un travail ostéométrique (basé essentiellement sur la méthode du Log Size Index) a été mené sur une espèce : le boeuf. Les résultats mettent en lumière des aspects inédits des caractéristiques des troupeaux gaulois et romains. Le premier enseignement de cette étude est la mise en évidence de l'hétérogénéité du cheptel indigène qui présente de fortes variations selon les zones géographiques. Certaines cités présentent des troupeaux constitués d'animaux de hautes statures, tandis que d'autres utilisent des bêtes plus petites. L'autre information réside dans la diversité des dynamiques d'apparition et de diffusion des grands bovins. Chaque territoire, selon son degré d'assimilation des nouvelles techniques, selon les ressources disponibles, la qualité de son sol, ou sa culture agraire, a réagi de manière différente à ces transformations, révélant des évolutions distinctes tant du point de vue de la taille des bêtes que de leur morphologie

Coopérer pour se découvrir et développer ses compétences sociales

Les compétences sociales se travaillent tout au long de la vie et doivent s’apprendre au plus tôt car elles sont indispensables dans la vie professionnelle. La coopération notamment est une compétence essentielle dans une entreprise et c’est pour cela qu’elle est utilisée comme moyen pédagogique dans la formation proposée par les deux programmes Initiatives d’Excellences en Formations Innovantes (IDEFI). Ceux-ci se sont associés pour proposer aux étudiants en L2 Sciences pour la Santé de l’Université de Lorraine de « booster leur réussite » par le développement des compétences sociales. Grâce à une semaine de formation basée sur la coopération, les étudiants ont pu travailler leurs compétences sociales et augmenter leur confiance en eux

Saturnin: a suite of lightweight symmetric algorithms for post-quantum security

Soumission à la compétition "Lightweight Cryptography" du NISTThe cryptographic algorithms needed to ensure the security of our communications have a cost. For devices with little computing power, whose number is expected to grow significantly with the spread of the Internet of Things (IoT), this cost can be a problem. A simple answer to this problem is a compromise on the security level: through a weaker round function or a smaller number of rounds, the security level can be decreased in order to cheapen the implementation of the cipher. At the same time, quantum computers are expected to disrupt the state of the art in cryptography in the near future. For public key cryptography, the NIST has organized a dedicated process to standardize new algorithms. The impact of quantum computing is harder to assess in the symmetric case but its study is an active research area. In this document, we specify a new block cipher, Saturnin, and its usage in different modes to provide hashing and authenticated encryption in such a way that we can rigorously argue its security in the post-quantum setting. Its security analysis follows naturally from that of the AES, while our use of components that are easily implemented in a bitsliced fashion ensures a low cost for our primitives. Our aim is to provide a new lightweight suite of algorithms that performs well on small devices, in particular micro-controllers, while providing a high security level even in the presence of quantum computers. Saturnin is a 256-bit block cipher with a 256-bit key and an additional 9-bit parameter for domain separation. Using it, we built two authenticated ciphers and a hash function. • Saturnin-CTR-Cascade is an authenticated cipher using the counter mode and a separate MAC. It requires two passes over the data but its implementation does not require the inverse block cipher. • Saturnin-Short is an authenticated cipher intended for messages with a length strictly smaller than 128 bits which uses only one call to Saturnin to provide confidentiality and integrity. • Saturnin-Hash is a 256-bit hash function. In this document, we specify this suite of algorithms and argue about their security in both the classical and the post-quantum setting