IET Information Security
Volume 13, Issue 2, March 2019
Volumes & issues:
Volume 13, Issue 2
March 2019
-
- Author(s): Wenying Zhang and Vincent Rijmen
- Source: IET Information Security, Volume 13, Issue 2, p. 87 –95
- DOI: 10.1049/iet-ifs.2018.5151
- Type: Article
- + Show details - Hide details
-
p.
87
–95
(9)
In this study, the authors propose an accurate approach to model the propagation of the division property of linear layers by the smallest amount of inequalities. The solutions of the inequalities are exactly the division trails of a linear transformation. Therefore, the description is compact and optimal. As applications of their results, they present a 7-round integral distinguisher for both Midori64 and Midori128. The designers of Midori only obtained a 3.5-round integral characteristic. For Skinny64, they find a 10-round integral distinguisher which was previously found by the designers. It is well to remind that their result proves that 7 rounds and 10 rounds are the upper bounds of Midori and Skinny64 correspondingly when searching for integral distinguishers based on division property. The significance of their result lies in that they shed light on how far division cryptanalysis can influence the security analysis of block ciphers with a binary diffusion layer, and their technique can be used to prove security against division cryptanalysis.
- Author(s): Sadhana Jha ; Shamik Sural ; Vijayalakshmi Atluri ; Jaideep Vaidya
- Source: IET Information Security, Volume 13, Issue 2, p. 96 –103
- DOI: 10.1049/iet-ifs.2018.5010
- Type: Article
- + Show details - Hide details
-
p.
96
–103
(8)
In the present-day computing environment, where access control decisions are often dependent on contextual information like the location of the requesting user and the time of access request, attribute-based access control (ABAC) has emerged as a suitable choice for expressing security policies. In an ABAC system, access decisions depend on the set of attribute values associated with the subjects, resources, and the environment in which an access request is made. In such systems, the task of managing the set of attributes associated with the entities as well as that of analysing and understanding the security implications of each attribute assignment is of paramount importance. Here, the authors first introduce a comprehensive attribute-based administrative model, named as AMABAC (Administrative Model for ABAC), for ABAC systems and then suggest a methodology for analysing the security properties of ABAC in the presence of the administrative model. For performing analysis, the authors use μZ, a satisfiability modulo theories-based model checking tool. The authors study the impact of the various components of ABAC and AMABAC on the time taken for security analysis.
- Author(s): Huawang Qin ; Raylin Tso ; Yuewei Dai
- Source: IET Information Security, Volume 13, Issue 2, p. 104 –108
- DOI: 10.1049/iet-ifs.2018.5149
- Type: Article
- + Show details - Hide details
-
p.
104
–108
(5)
A quantum secret sharing scheme based on orbital angular momentum (OAM) is proposed. The dealer generates single particles in OAM basis or angular position (ANG) basis randomly. The participants encode their private keys into the particles through performing quantum Fourier transforms. Then the dealer can use the single-particle measurements to get the shared secret. In the authors’ scheme, the secret is protected by the distinguishability of OAM basis and ANG basis. Compared to the traditional two-dimensional schemes, the authors’ scheme can use the higher dimension of OAM to increase the detecting rate of eavesdropping, and enhance the security in practice. Besides, only the single particles are needed in their scheme. Compared to the schemes based on entangled particles, the authors’ scheme will be more practical with the present technology.
- Author(s): Weijie Han ; Jingfeng Xue ; Hui Yan
- Source: IET Information Security, Volume 13, Issue 2, p. 109 –116
- DOI: 10.1049/iet-ifs.2018.5186
- Type: Article
- + Show details - Hide details
-
p.
109
–116
(8)
Network anomaly detection is an effective way for analysing and detecting malicious attacks. However, the typical anomaly detection techniques cannot perform the desired effect in the controlled network just as in the general network. In the circumstance of the controlled network, the detection performance will be lowered due to its special characteristics including the stronger regularity, higher dimensionality and subtler fluctuation of its traffic. On the motivation, the study proposes a novel classifier framework based on cross entropy and support vector machine (SVM). The technique first subtracts the representative traffic characteristics from the network traffic and defines a 7-tuple feature vector for the controlled network by extending the traditional 5-tuple representation of the usual network. Then the probability distributions and cross entropies of the 7 tuples are calculated during the defined statistical window so as to generate the 7-tuple cross-entropy feature vector for profiling the network traffic fluctuation in the controlled network. Finally, the multi-class SVM classifier is trained by importing the 7-tuple cross-entropy feature vectors. Experimental results show that the proposed classifier can achieve higher detection rates and is more suitable to be used in the controlled network than the typical detection techniques.
- Author(s): Yongzhuang Wei ; Fu Yao ; Enes Pasalic ; An Wang
- Source: IET Information Security, Volume 13, Issue 2, p. 117 –124
- DOI: 10.1049/iet-ifs.2018.5244
- Type: Article
- + Show details - Hide details
-
p.
117
–124
(8)
In this work, the authors propose some alternative hardware efficient masking schemes dedicated to protect the Advanced Encryption Standard (AES) against higher order differential power analysis (DPA). In general, the existing masking schemes all have in common an intrinsic trade-off between the two main parameters of interest, namely the generation of fresh random masking values and the cost of hardware implementation. The design of efficient masking schemes which are non-expensive in both aspects appears to be a difficult task. In this study, the authors propose a second-order threshold implementation of AES, which is characterised by a beneficial trade-off between the two parameters. More precisely, compared to the masking scheme of De Cnudde et al. at CHES 2016, which currently attains the best practical trade-off, the proposed masking scheme requires 28.4% less random masking bits, whereas the implementation cost is slightly increased for about 13.7% (thus the chip area is 1.4 kGE larger). This masking scheme has been used to implement AES on an field-programmable gate array (FPGA) platform and its resistance against the second-order DPA in a simulated attack environment has been confirmed.
- Author(s): Yafei Zheng and Wenling Wu
- Source: IET Information Security, Volume 13, Issue 2, p. 125 –132
- DOI: 10.1049/iet-ifs.2018.5291
- Type: Article
- + Show details - Hide details
-
p.
125
–132
(8)
A type of simple key schedule especially suitable for lightweight block ciphers is defined as straightforward key schedule in this study. As a typical example, GOST-type key schedule, which is an extension of the key schedules of Russian Standard GOST and its newly modified version GOST2, is introduced and classified. GOST2 is designed based on the GOST encryption structure with different but the same type of key schedule to overcome the weakness of GOST against self-similarity properties-based attacks. However, it has been shown in Fast Software Encryption 2017, the simple change in the key schedule is insufficient to offer 256-bit security. By constructing an evaluation framework combining self-similarity properties and meet-in-the-middle attack, properties of GOST-type key schedules are evaluated, and candidate key schedules are provided in this work. These candidate key schedules are able to provide much better security for GOST and GOST2 ciphers than their original key schedules, and the pre-existing self-similarity properties-based attacks of full round GOST and GOST2 can be avoided. The designers of GOST and GOST2 should have been more cautious choosing the parameters of key schedules. The evaluation framework proposed can be used for reference in the design of other Feistel ciphers with straightforward key schedules.
- Author(s): Aniket Bhadane and Sunil B. Mane
- Source: IET Information Security, Volume 13, Issue 2, p. 133 –140
- DOI: 10.1049/iet-ifs.2018.5090
- Type: Article
- + Show details - Hide details
-
p.
133
–140
(8)
Lateral spear phishing attack is a powerful type of social engineering attack carried out using compromised email account(s) within the target organisation. Spear phishing attacks are difficult to detect due to the nature of these attacks. The inclusion of a lateral attack vector makes detection more challenging. The authors present an approach to detect lateral spear phishing attacks in organisations in real-time. Their approach uses features derived from domain knowledge and analysis of characteristics pertaining to such attacks, combined with their scoring technique which works on non-labelled dataset. They evaluate the approach on several years’ worth of real-world email dataset collected from volunteers in their institute. They were able to achieve false positive rate of below 1%, and also detected two instances of compromised accounts which were not known earlier. A comparison of their scoring technique with machine learning based anomaly detection techniques shows the proposed technique to be more suited for practical use. The proposed approach is primarily aimed at complementing existing detection techniques on email servers. However, they also developed a Chrome browser extension to demonstrate that such a system can also be used independently by organisations within their network.
- Author(s): Jun-Zhi Li and Jie Guan
- Source: IET Information Security, Volume 13, Issue 2, p. 141 –148
- DOI: 10.1049/iet-ifs.2018.5180
- Type: Article
- + Show details - Hide details
-
p.
141
–148
(8)
Conditional differential attacks against non-linear feedback shift register based cryptosystems were proposed by Knellwolf et al. at Asiacrypt 2010. In this study, the authors propose an advanced conditional differential attack on Grain-like stream cipher. They trace propagations of a single bit difference of internal states both inversely and forward. Methods of both searching for the longest inverse difference characteristic with probability one and deriving initial value (IV) conditions with the max inverse round are introduced. When tracing forward, conditions are imposed to limit the propagation of difference to obtain a high bias. Conditions of the proposed method are only imposed on IV bits and the proposed attack works in the single-key setting. Moreover, a method of recovering key expressions as well as bias-complexity-success probability target is presented in this study. Using the proposed method, the authors conduct a key recovery attack on 114-round Grain v1, recovering 6 key expressions with the time complexity of 232, which is also verified by experiments. With more conditions imposed, this attack can be improved to Grain v1 of 120 rounds, recovering 12 key expressions with the time complexity of 242.75 and theoretical success probability of about 93%, which is ten rounds longer than the longest previous result of Grain v1 in the single-key setting.
- Author(s): Xi Rongrong ; Yun Xiaochun ; Hao Zhiyu
- Source: IET Information Security, Volume 13, Issue 2, p. 149 –156
- DOI: 10.1049/iet-ifs.2018.5189
- Type: Article
- + Show details - Hide details
-
p.
149
–156
(8)
A large number of data is generated to help network analysts to evaluate the network security situation in traditional detection and prevention measures, but it is not used fully and effectively, there is not a holistic view of the network situation on it for now. To address this issue, a framework is proposed to evaluate the security situation of the network from three dimensions: threat, vulnerability and stability, and merge the results at decision level to measure the security situation of the overall network. In the case studies, the authors demonstrate how the framework is deployed in the network and how to use it to reflect the security situation of the network in real time. Results of the case study show that the framework can evaluate the security situation of the network accurately and reasonably.
Division cryptanalysis of block ciphers with a binary diffusion layer
Security analysis of ABAC under an administrative model
Quantum secret sharing by using Fourier transform on orbital angular momentum
Detecting anomalous traffic in the controlled network based on cross entropy and support vector machine
New second-order threshold implementation of AES
On the extension and security of key schedule of GOST
Detecting lateral spear phishing attacks in organisations
Advanced conditional differential attack on Grain-like stream cipher and application on Grain v1
Framework for risk assessment in cyber situational awareness
-
- Author(s): Qiang Zhang ; JianZhong Qiao ; QingYang Meng
- Source: IET Information Security, Volume 13, Issue 2, p. 157 –166
- DOI: 10.1049/iet-ifs.2018.5031
- Type: Article
- + Show details - Hide details
-
p.
157
–166
(10)
The authors introduce their design, implementation and formally verification of a Trusted Execution Environment (TEE)-based trusted storage system (TSS) in mobile devices, which conforms to GlobalPlatform specifications. The authors’ TSS provides not only authenticating the integrity and freshness of data but also many security storage operation properties like atomicity operations of a persistent object. To improve data store efficient when a big persistent object is read or written, a new mechanism that dynamic allocate continuous memory in REE's kernel memory space and map the address to the TEE through a communication pipe is proposed. This method can reduce switching times, allocating memory times and copy memory overloads between two worlds. A formal method is used in their design and development to guarantee the correctness and security of TSS. They consider the functional correctness mainly in this study, and use traditional formal verification tool – VCC verify the functional correctness of TSS. Their evaluation demonstrates its advantage compared to existing systems in addition.
Build a trusted storage system on a mobile phone
Most viewed content
Most cited content for this Journal
-
High accuracy android malware detection using ensemble learning
- Author(s): Suleiman Y. Yerima ; Sakir Sezer ; Igor Muttik
- Type: Article
-
Crypto-based algorithms for secured medical image transmission
- Author(s): Ali Al-Haj ; Gheith Abandah ; Noor Hussein
- Type: Article
-
Pseudorandom bit generator based on non-stationary logistic maps
- Author(s): Lingfeng Liu ; Suoxia Miao ; Hanping Hu ; Yashuang Deng
- Type: Article
-
Constructing important features from massive network traffic for lightweight intrusion detection
- Author(s): Wei Wang ; Yongzhong He ; Jiqiang Liu ; Sylvain Gombault
- Type: Article
-
Empirical analysis of Tor Hidden Services
- Author(s): Gareth Owen and Nick Savage
- Type: Article