EVALUATION OF CRYPTOGRAPHIC ALGORITHMS

This article represents a synthesis of the evaluation methods for cryptographic algorithms and of their efficiency within practical applications. It approaches also the main operations carried out in cryptanalysis and the main categories and methods of attack in order to clarify the differences between evaluation concept and crypto algorithm cracking.cryptology, cryptanalysis, evaluation and cracking cryptographic algorithms

Enhancement of seismic resistance of buildings

The objectives of the paper are both seismic instrumentation for damage assessment and enhancing of seismic resistance of buildings. In according with seismic design codes in force the buildings are designed to resist at seismic actions. Due to the time evolution of these design provisions, there are buildings that were designed decades ago, under the less stringent provisions. The conceptual conformation is nowadays provided in all Codes of seismic design. According to the Code of seismic design P100-1:2006 the asymmetric structures do not have an appropriate seismic configuration; they have disadvantageous distribution of volumes, mass and stiffness. Using results of temporary seismic instrumentation the safety condition of the building may be assessed in different phases of work. Based on this method, the strengthening solutions may be identified and the need of seismic joints may be emphasised. All the aforementioned ideas are illustrated through a case study. Therefore it will be analysed the dynamic parameter evolution of an educational building obtained in different periods. Also, structural intervention scenarios to enhance seismic resistance will be presented

A note on the correlations between NIST cryptographic statistical tests suite

This paper is focused on an open question regarding the correlation and the power of the NIST statistical test suite. If we found some correlation between these statistical tests, then we can improve the testing strategy by executing only one of the tests that are correlated. Using the Galton-Pearson “product-moment correlation coefficient”, by simulation, we found a high correlation between five couples of this statistical tests: (frequency, cumulative sums forward), (frequency, cumulative sums reverse), (cumulative sums forward, cumulative sums reverse), (random excursions, random excursions variant), and (serial 1, serial 2)

FPGA Offloading for Diffie-Hellman Key Exchangeusing Elliptic Curves

Cryptographic offloading to hardware is a hot research topic promising accelerated execution time and improved security compared to the software counterpart. However, hardware design and production is a lengthy process which enquires significant financial resources and technical expertise. Our research paper focuses on elliptic curve cryptography, specifically Diffie-Hellman, and on minimizing these deficiencies by highlighting solutions to map this class of algorithms to hardware description. The insights are not limitative and can be equally applied to other cryptographic primitives. The resulting design uses few hardware resources, has low power consumption, is easy to interface with the software and can be implemented on cheap FPGAs. Index Terms—elliptic curves, cryptography, diffie-hellman, FPGA, hardware security, high level synthesi

A Scalable Simulation of the BB84 Protocol Involving Eavesdropping

In this article we present the BB84 quantum key distribution scheme from two perspectives. First, we provide a theoretical discussion of the steps Alice and Bob take to reach a shared secret using this protocol, while an eavesdropper Eve is either involved or not. Then, we offer and discuss two distinct implementations that simulate BB84 using IBM’s Qiskit framework, the first being an exercise solved during the “IBM Quantum Challenge” event in early May 2020, while the other was developed independently to showcase the intercept-resend attack strategy in detail. We note the latter’s scalability and increased output verbosity, which allow for a statistical analysis to determine the probability of detecting the act of eavesdropping

Information Security in the Quantum Era. Threats to modern cryptography: Grover’s algorithm

Information security plays a major role in the dynamics of today’s interconnected world. Despite the successful implementation and effectiveness of modern cryptographic techniques, their inherent limitations can be exploited by quantum computers. In this article we discuss Grover’s quantum searching algorithm and its impact on the security of modern symmetric ciphers. More specifically, we present its formal description and give an implementation of the algorithm using IBM’s Qiskit framework, which allows us to simulate and run the program on a real device

Challenges in cyber security - Ransomware Phenomenon

Ransomware has become one of the major threats nowadays due to its huge impact and increased rate of infections around the world. CryptoWall 3, was responsible for damages of over 325 millions of dollars, since its discovery in 2015. Recently, another family of ransomware appeared in the cyber space which is called WannaCry over 230.000 computers around the world, in over 150 countries were infected. Ransomware usually uses the RSA algorithm to protect the encryption key and AES for encrypting the files. If these algorithms are correctly implemented then it is impossible to recover the encrypted information. Some attacks, nonetheless, work against the implementation of RSA. These attacks are not against the basic algorithm, but against the protocol. In the following sections we present the fully analysis on three representative ransomware: Spora, DMA Locker and WannaCry

New Results on Identity-based Encryption from Quadratic Residuosity

This paper surveys the results obtained so far in designing identity-based encryption (IBE) schemes based on the quadratic residuosity assumption (QRA). We begin by describing the first such scheme due to Cocks, and then we advance to the novel idea of Boneh, Gentry and Hamburg. Major improvements of the Boneh-Gentry-Hamburg scheme are then recalled. The recently revealed algebraic torus structures of the Cocks scheme allows for a better understanding of this scheme, as well as for new applications of it such as homomorphic and anonymous variants of it

A Note on IBE Performance of a Practical Application

Every user can be identified online by a unique string used for email or nickname on some of the many platforms out there. IBE systems propose a simple cryptosystem in which the public key system can be omitted by using the unique string as public identification. In this paper we present a minimal email application that uses Clifford Cocks’ proposed IBE scheme. We analyze the impact of using it inside our application and how it can be improved to better fit the need of nowadays applications

A way of decrypting particular malware payloads found in MZPE files

Back in the 90s when the notion of malware first appeared, it was clear that the behaviour and purpose of such software should be closely analysed, such that systems all over the world should be patched, secured and ready to prevent other malicious activities to be happening in the future. Thus, malware analysis was born. In recent years, the rise of malware of all types, for example trojan, ransowmare, adware, spyware and so on, implies that deeper understanding of operating systems, attention to the details and perseverance are just some of the traits any malware analyst should have in their bag. With Windows being the worldwide go-to operating system, Windows\u27 executable files represent the perfect way in which malware can be disguised to later be loaded and produce damage. In this paper we highlight how ciphers like Vigen\`ere cipher or Caesar cipher can be extended to more complex classes, such that, when later broken, ways of decrypting malware payloads, that are disguised in Windows executable files, are found. Alongside the theoretical information present in this paper, based on a dataset provided by our team at Bitdefender, we describe our implementation on how the key to decryption of such payloads can be found, what techniques are present in our approach, how optimization can be done, what are the pitfalls of this implementation and, lastly, open a discussion on how to tackle these pitfalls