IET Information Security
Volume 12, Issue 6, November 2018
Volumes & issues:
Volume 12, Issue 6
November 2018
-
- Author(s): Frédéric Lafitte
- Source: IET Information Security, Volume 12, Issue 6, p. 463 –474
- DOI: 10.1049/iet-ifs.2017.0176
- Type: Article
- + Show details - Hide details
-
p.
463
–474
(12)
The security of symmetric key primitives comes from their exposure to public scrutiny in the context of competitions such as Advanced Encryption Standard, Secure Hash Algorithm 3, or currently CAESAR. However, due to the increasing number of primitives subjected to these competitions, the quality of the scrutiny relies on the availability of automated tools. Although SAT solvers have already proved useful for the automated analysis of these primitives, there is a lack of practical software tools for this purpose. This study describes a framework that aims to make SAT-based analyses accessible to cryptographers. The framework is implemented in a free open-source tool called CryptoSAT which is available in the public domain.
- Author(s): Mingxing Hu ; Qing Ye ; Yongli Tang
- Source: IET Information Security, Volume 12, Issue 6, p. 475 –483
- DOI: 10.1049/iet-ifs.2017.0567
- Type: Article
- + Show details - Hide details
-
p.
475
–483
(9)
Identity-based fully homomorphic encryption (IBFHE) provided a fundamental solution to the problem of huge public key size that exposed in fully homomorphic encryption (FHE) schemes, thus it is significant to make FHE become more practical. In recent years, the construction of IBFHE schemes were mainly based on lattices due to their conjectured resistance against quantum cryptanalysis, however, which makes these cryptosystems further unpractical. The main reason is the trapdoor function on which the scheme was based is rather complex for practical and the ciphertext size is too large. In this study, the authors propose an efficient batch IBFHE scheme, which can be proven secure from the standard LWE assumption in the standard model. The first contribution of this work is that the authors construct an efficient batch version of MP12 preimage sampling algorithm, which can efficiently generate identity keys for multi-bit IBE schemes. Based on that, the authors construct an asymptotically-faster multi-bit IBE scheme as the second contribution. The third contribution is that the authors transform the multi-bit IBE scheme to batch IBFHE scheme which supports to encrypt any message in . Compared with the similar schemes, the authors show their schemes are essentially improved.
- Author(s): Lin Jiao ; Yongqiang Li ; Yonglin Hao
- Source: IET Information Security, Volume 12, Issue 6, p. 484 –497
- DOI: 10.1049/iet-ifs.2017.0553
- Type: Article
- + Show details - Hide details
-
p.
484
–497
(14)
Guess-and-determine attack is a cryptanalysis method that has been applied to various stream ciphers. In this study, the authors study the guess-and-determine attacks on two ISO standardised, Panama-like stream ciphers: MUGI and Enocoro. Utilising the word-oriented structure of the two ciphers, they are able to launch heuristic guess-and-determine attacks in a more efficient manner. Their first target MUGI is both an ISO standard and a Japanese-government-selected CRYPTREC standard. By splitting its basic 64-bit words into 16-bit quarter-words, they are able to conduct a guess-and-determine attack with complexity 2388, much lower than its 1216-bit internal state size. Enocoro is a lightweight stream cipher family. It has two versions named according to key-length as Enocoro-80 and Enocoro-128v2. They provide the specific guessing paths and they are able to launch guess-and-determine attacks on Enocoro-80 and Enocoro-128v2 with complexities 288 and 2144, respectively. In addition to specific attacking results, they also find some generic rules that may help to improve the efficiency of guess-and-determine attacks in the future.
- Author(s): Jiayang Liu and Jingguo Bi
- Source: IET Information Security, Volume 12, Issue 6, p. 498 –501
- DOI: 10.1049/iet-ifs.2018.0041
- Type: Article
- + Show details - Hide details
-
p.
498
–501
(4)
The decisional version and computational version of the subset sum problem are known to be NP-complete and NP-hard. At International Symposium on Information Theory and its Applications 2012, Yasuyuki Murakami, Shinsuke Hamasho and Masao Kasahara presented a knapsack scheme based on the decisional version of the odd order subset sum problem. They claimed that the public sequence is indistinguishable from uniformly distributed sequences. In this study, the authors present an equivalent key attack against this scheme. More precisely, they firstly observe that there are many groups of equivalent keys, which satisfy several necessary conditions. Subsequently, they show that one can recover a group of equivalent keys by using the orthogonal lattice technique. The feasibility of the attack is validated by the experimental data when the bit length of secret keys is not too large. Hence, the security of the proposed scheme is overestimated.
- Author(s): Khundrakpam Johnson Singh ; Khelchandra Thongam ; Tanmay De
- Source: IET Information Security, Volume 12, Issue 6, p. 502 –512
- DOI: 10.1049/iet-ifs.2017.0500
- Type: Article
- + Show details - Hide details
-
p.
502
–512
(11)
Distributed Denial-of-Service (DDoS) attacks are serious threats in the data center application, mainly affecting the web server. Even though there are various techniques to detect and mitigate such attacks so far they fail to meet in the case of application layer attack and Flash Events (FE). In the paper, we aim at detecting application layer DDoS attacks and distinguish it from FE. We have considered a DDoS attack model and selected the parameters in the incoming packets that correspond in causing the attack. Based on the attack model we have analysed the statistical parameters of the incoming packets such as inter-arrival time, the probability of uniqueness of an IP address in given time frame and the unavailability of HTTP (Hyper Text Transfer Protocol) GET acknowledgment bit in the header field. These parameters are the input to the Fuzzy classification model. We have used Genetic Algorithm (GA) to provide an optimised value range for the input parameters. The optimised values are now applied to Fuzzy logic to identify whether the web accessing clients shows the behavior of attack, normal or FE. The experimental results show that Fuzzy-GA model provides an accuracy of 98.4% in detecting DDoS attack and 97.3% in detecting FE..
- Author(s): Zhihui Chu ; Huaifeng Chen ; Xiaoyun Wang ; Lu Li ; Xiaoyang Dong ; Yaoling Ding ; Yonglin Hao
- Source: IET Information Security, Volume 12, Issue 6, p. 513 –520
- DOI: 10.1049/iet-ifs.2017.0388
- Type: Article
- + Show details - Hide details
-
p.
513
–520
(8)
The integral attack, exploits the balanced property of the output in the distinguisher. Usually, adversaries append some rounds after the distinguisher, guess the corresponding key bits and check whether the target bits are balanced. Few works add rounds before the distinguisher to make the key recovery attack. In the first full-round attack on MISTY1, Todo adds one FL layer (key-dependent linear function) before the distinguisher. In this study, the authors extend his method and give a general method, which they can use to extend some rounds (non-linear) before the distinguisher to attack more rounds with data complexity smaller than the whole space and little extra time consumption. The basic idea is that for different subkeys guessed in the forward rounds, they set different constant values for the input of the distinguisher. Finally, the selected data space is not full. For substitution permutation network (SPN) (Feistel with SPN round function) structures with 4 bit S-box and bit permutation, they estimate the data complexity when adding one round before the distinguishers for all 4 bit S-boxes. Using the method, they improve the integral attacks on PRESENT, RECTANGLE, TWINE and LBlock, and their results could cover one more round.
- Author(s): Amor Gueddana and Vasudevan Lakshminarayanan
- Source: IET Information Security, Volume 12, Issue 6, p. 521 –526
- DOI: 10.1049/iet-ifs.2017.0375
- Type: Article
- + Show details - Hide details
-
p.
521
–526
(6)
The authors present a comparison between the basic BB84 Quantum Key Distribution (QKD) and its optimised version based on Quantum Dense Coding, in terms of theoretical modelling and feasibility of circuits implementations. These circuits are mainly composed of probabilistic quantum gates, single photon sources, beam splitters (BSs), polarising BS and single photon detectors. They assume that the photonic devices composing the circuits are not perfect. They assess the average success probabilities of the two protocols depending on the success probability of the photonic sources used and the distance between Alice and Bob. They demonstrate that typical real-world photonic devices permit the implementation of secure communication with 0.65 of success probability over 120 km, while it could reach more than 0.9 over 148 km if just deterministic sources are provided.
- Author(s): Jian Zou ; Le Dong ; Wenling Wu
- Source: IET Information Security, Volume 12, Issue 6, p. 527 –533
- DOI: 10.1049/iet-ifs.2017.0495
- Type: Article
- + Show details - Hide details
-
p.
527
–533
(7)
In this study, the authors present some new algorithms for the unbalanced generalised birthday problem (UGBP), which was proposed by Nikolić and Sasaki in their attacks on the generalised birthday problem (GBP). The authors’ first idea is simple, which uses some precomputing to convert UGBP into GBP. After the precomputing, they just adopt Wagner's k-tree algorithm or the algorithms of Bernstein et al. to solve UGBP. Their second idea combines the technique for the unbalanced meet-in-the-middle problem with the improved time–memory trade-off algorithm for GBP to solve UGBP. Besides, they will utilise the inactive technique and the rearrangement technique to improve the time complexities of their algorithms. The inactive technique is used to neglect the effect of some costly functions, and the rearrangement technique is adopted to balance the time costs between different functions. When k is not a power of 2, the time complexity of their algorithms for UGBP can also be improved by using the multicollision technique.
- Author(s): Guangliang Xu ; Wei Yang ; Liusheng Huang
- Source: IET Information Security, Volume 12, Issue 6, p. 534 –542
- DOI: 10.1049/iet-ifs.2017.0394
- Type: Article
- + Show details - Hide details
-
p.
534
–542
(9)
Covert channels transmit secret information by using the existing resources which were not designed for communication. As a major approach to information leakage, covert channels are rapidly gaining popularity with the exponentially growth of cloud and network resources. Long Term Evolution Advance (LTE-A) has dominated the mobile telecommunication networks, which brings an elevation of the risk of covert channels. In this study, the authors propose a supervised learning scheme based on support vector machine (SVM) for the covert channel detection in LTE-A. Based on the fact that the covert channel using the header fields of LTE-A protocol would change the regularity, goodness of fit or correlation of the data traffic, they present behaviour characteristics statistics index (CSI) in the LTE-A protocol to evaluate the changes. According to CSI, they extract the classification feature vectors from the data traffic stream, based on which an SVM classifier used for classifying the channel as covert or overt is trained for testing on the channel under investigation. Experiment results show that the authors' proposed detection scheme is high-efficiency in terms of detection accuracy, sensitivity and specificity, which has great potential to serve as a new idea for the detection of covert channel in LTE-A.
- Author(s): Mohammad Taherifard ; Ahmad Patooghy ; Mahdi Fazeli
- Source: IET Information Security, Volume 12, Issue 6, p. 543 –550
- DOI: 10.1049/iet-ifs.2017.0440
- Type: Article
- + Show details - Hide details
-
p.
543
–550
(8)
In this study, a gate-level vulnerability model is proposed to detect the potential security holes of crypto-chips against scan-based attacks. The proposed model offers a relative measure so-called vulnerability factor (VF) for each net of a given crypto-chip. Nets with the highest VFs are considered as the most vulnerable nets of the crypto-chip. The VF of each gate output is calculated considering (i) VFs of the gate inputs, and (ii) the probability of having a signal transition at the gate output. In order to validate the proposed model, the authors implemented the iterative and pipelined AES, as well as the iterative DES encryption algorithms to find their most vulnerable nets. Then the most vulnerable nets of each design, have been masked by a simple mechanism to explore the accuracy of the proposed model. Results of scan-based attacks which are done by ModelSim simulations show that by masking only 32, 64 and 32 nets in iterative Advanced Encryption Standard (AES), pipelined AES and iterative Data Encryption Standard(DES) designs, respectively, all of the done attacks are failed. Achieved results of the proposed model in comparison with the signal activity and random approaches demonstrate the superiority of the proposed model.
- Author(s): Md. Mokammel Haque and Josef Pieprzyk
- Source: IET Information Security, Volume 12, Issue 6, p. 551 –557
- DOI: 10.1049/iet-ifs.2017.0400
- Type: Article
- + Show details - Hide details
-
p.
551
–557
(7)
Preprocessing is applied to certain lattice reduction algorithms such as block Korkine–Zolotarev (BKZ) variants to reduce the search time in the enumeration tree for a shortest vector. The most classical form of preprocessing the authors observe is with polynomial time Lenstra–Lenstra–Lovász algorithm to work with a slow enumeration-based algorithm like BKZ. The trade-off between the preprocessing and the enumeration stages in the context of time complexity of the whole algorithm is not well studied and explored. The main goal of this study is to re-investigate the preprocessing approach presented by Chen and Nguyen and improve its performance through optimisation. They extend the numeral results published by Haque et al. in IET Inf. Secur. for larger block sizes and report a comparison.
- Author(s): Mina Sadat Khazaei ; Hossein Homaei ; Hamid Reza Shahriari
- Source: IET Information Security, Volume 12, Issue 6, p. 558 –565
- DOI: 10.1049/iet-ifs.2017.0652
- Type: Article
- + Show details - Hide details
-
p.
558
–565
(8)
Web browsers are enticing attack vectors because they provide an interface to the Internet. Extensions add capabilities to the browsers, and therefore are attractive to attackers. These capabilities are obtained through extension privileges. Some of these privileges are necessary for extensions to perform their claimed functionalities. However, an extension may have some unrequired privileges. Over-privileged extensions may be misused to compromise systems. The authors propose an Over-Privileged EXtension Analyser (OPEXA), to assist security experts in detecting suspicious extensions. OPEXA predicts the intended privileges of extensions based on their descriptions, which are stated by developers in natural language. They utilise this method because real users decide whether to install extensions based on descriptions. They use a supervised machine learning method to train a multi-label classifier that predicts the desired privileges. The extension is assumed to be suspicious if there exists at least one privilege in the extension that is not considered necessary by OPEXA. They evaluate their method on two datasets that consist of real extensions developed in new and old architectures of Firefox. According to the results, they can detect all of over-privileged extensions in these datasets. Their approach can minimise security expert's workload by automating the extension checking process.
CryptoSAT: a tool for SAT-based cryptanalysis
Efficient batch identity-based fully homomorphic encryption scheme in the standard model
Guess-and-determine attacks on PANAMA-like stream ciphers
Equivalent key attack against a public-key cryptosystem based on subset sum problem
Detection and differentiation of application layer DDoS attack from flash events using fuzzy-GA computation
Improved integral attacks without full codebook
Physical feasibility of QKD based on probabilistic quantum circuits
New algorithms for the unbalanced generalised birthday problem
Supervised learning framework for covert channel detection in LTE-A
Vulnerability modelling of crypto-chips against scan-based attacks
Preprocessing optimisation: revisiting recursive-BKZ lattice reduction algorithm
OPEXA: analyser assistant for detecting over-privileged extensions
Most viewed content
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article