Number Not Used Once - Practical fault attack on pqm4 implementations of NIST candidates

In this paper, we demonstrate practical fault attacks over a number of lattice based schemes, in particular NewHope, Kyber, Frodo, Dilithium which are based on the hardness of the Learning with Errors (LWE) problem. One of the common traits of all the considered LWE schemes is the use of nonces as domain separators to sample the secret components of the LWE instance. We show that simple faults targeting the usage of nonce can result in a nonce-reuse scenario which allows key recovery and message recovery attacks. To the best of our knowledge, we propose the first practical fault attack on lattice-based Key encapsulation schemes secure in the CCA model. We perform experimental validation of our attack using Electromagnetic fault injection on reference implementations of the aforementioned schemes taken from the pqm4 library, a benchmarking and testing framework for post quantum cryptographic implementations for the ARM Cortex-M4. We use the instruction skip fault model, which is very practical and popular in microcontroller based implementations. Our attack requires to inject a very few number of faults (numbering less than 10 for recommended parameter sets) and can be repeated with a 100% accuracy with our Electromagnetic fault injection setup

LizarMong: Excellent Key Encapsulation Mechanism based on RLWE and RLWR

The RLWE family algorithms submitted to the NIST post-quantum cryptography standardization process have each merit in terms of security, correctness, performance, and bandwidth. However, there is no splendid algorithm in all respects. Besides, various recent studies have been published that affect security and correctness, such as side-channel attacks and error dependencies. To date, though, no algorithm has fully considered all the aspects. We propose a novel Key Encapsulation Mechanism scheme called LizarMong, which is based on RLizard. LizarMong combines the merit of each algorithm and state-of-the-art studies. As a result, it achieves up to 85% smaller bandwidth and 3.3 times faster performance compared to RLizard. Compared to the NIST\u27s candidate algorithms with a similar security, the bandwidth is about 5-42% smaller, and the performance is about 1.2-4.1 times faster. Also, our scheme resists the known side-channel attacks

A survey on security threats and authentication approaches in wireless sensor networks

IEEE Society6th International Symposium on Digital Forensic and Security, ISDFS 2018 -- 22 March 2018 through 25 March 2018 -- -- 136277Wireless sensor networks (WSN) are networks in which data obtained by observing the environment by a large number of sensors deployed in a specific area are sent securely to other sensors or centers in the network. These networks have the abilities of being not connected to a central node, self-managing and healing, not being connected to a specific network topology, multi-way routing, preserving the integrity and confidentiality of data, and being robust. Today's ongoing work: designing sensors that are resistant to harsh weather conditions, reducing energy consumption, designing low-cost sensors with high capacities, and making data flow faster and safer. The data obtained from the sensors must be transmitted safely to the target. Wireless sensor networks have a large number of attack types (Sybil, Wormhole, Sinkhole, etc.) that threaten data flow. While designing security policies, a general structure is aimed at eliminating some or all of the attacks. For this reason, policies based on information security principles such as privacy, integrity, availability, authentication and non-repudiation have been developed. In this paper, current problems are assessed in the security of wireless sensor networks, and authentication security policies are discussed. © 2018 IEEE

Steganography and new implementation of steganography [Steganografi ve steganografinin yeni bir uygulamasi]

IEEE 13th Signal Processing and Communications Applications Conference, SIU 2005 -- 16 May 2005 through 18 May 2005 -- Kayseri -- 69003This paper about steganography, a branch of cryptography, includes some problems and solutions about cryptography. Moreover, it involves a new algorithm definition which encryptes a document into any format of the picture. This algorithm takes advantages of asymmetric and symmetric crypto systems. © 2005 IEEE

A New Short Signature Scheme with Random Oracle from Bilinear Pairings

In this paper, we propose a new and efficient short signature scheme from the bilinear pairings. Our scheme is constructed by bilinear inverse-square Diffie-Hellman problem (BISDHP) and does not require any special hash function. The exact security proofs are also explained in the random Oracle model. We give the implementation and comparison results of our proposed signature scheme with the signature scheme proposed by Boneh, Lynn, Shacham (BLS) and Zhang, Safavi, Susilo (ZSS). Furthermore, we use this signature scheme to construct a ring signature scheme

The Lattice-Based Digital Signature Scheme qTESLA

We present qTESLA, a family of post-quantum digital signature schemes that exhibits several attractive features such as simplicity and strong security guarantees against quantum adversaries, and built-in protection against certain side-channel and fault attacks. qTESLA---selected for round 2 of NIST\u27s post-quantum cryptography standardization project---consolidates a series of recent schemes originating in works by Lyubashevsky, and Bai and Galbraith. We provide full-fledged, constant-time portable C implementations that showcase the code compactness of the proposed scheme, e.g., our code requires only about 300 lines of C code. Finally, we also provide AVX2-optimized assembly implementations that achieve a factor-1.5 speedup

On the Efficiency of Polynomial Multiplication for Lattice-Based Cryptography on GPUs Using CUDA

Polynomial multiplication is the most time-consuming part of cryptographic schemes whose security is based on ideal lattices. Thus, any efficiency improvement on this building block has great impact on the practicability of lattice-based cryptography. In this work, we investigate several algorithms for polynomial multiplication on a graphical processing unit (GPU), and implement them in both serial and parallel way on the GPU using the compute unified device architecture (CUDA) platform. Moreover, we focus on the quotient ring (Z/pZ)[x]/(xn+1), where p is a prime number and n is a power of 2. We stress that this ring constitutes the most common setting in lattice-based cryptography for efficiency reasons. As an application we integrate the different implementations of polynomial multiplications into a lattice-based signature scheme proposed by Güneysu et al. (CHES 2012) and identify which algorithm is the preferable choice with respect to the ring of degree n