The Experts below are selected from a list of 7278 Experts worldwide ranked by ideXlab platform
Amir Mosavi - One of the best experts on this subject based on the ideXlab platform.
-
securing iot based rfid systems a robust authentication protocol using Symmetric Cryptography
Sensors, 2019Co-Authors: Khwaja Mansoor, Anwar Ghani, Shehzad Ashraf Chaudhry, Shahaboddin Shamshirband, Shahbaz Ahmed Khan Ghayyur, Amir MosaviAbstract:Despite the many conveniences of Radio Frequency Identification (RFID) systems, the underlying open architecture for communication between the RFID devices may lead to various security threats. Recently, many solutions were proposed to secure RFID systems and many such systems are based on only lightweight primitives, including Symmetric encryption, hash functions, and exclusive OR operation. Many solutions based on only lightweight primitives were proved insecure, whereas, due to resource-constrained nature of RFID devices, the public key-based cryptographic solutions are unenviable for RFID systems. Very recently, Gope and Hwang proposed an authentication protocol for RFID systems based on only lightweight primitives and claimed their protocol can withstand all known attacks. However, as per the analysis in this article, their protocol is infeasible and is vulnerable to collision, denial-of-service (DoS), and stolen verifier attacks. This article then presents an improved realistic and lightweight authentication protocol to ensure protection against known attacks. The security of the proposed protocol is formally analyzed using Burrows Abadi-Needham (BAN) logic and under the attack model of automated security verification tool ProVerif. Moreover, the security features are also well analyzed, although informally. The proposed protocol outperforms the competing protocols in terms of security.
Francoisxavier Standaert - One of the best experts on this subject based on the ideXlab platform.
-
mode level vs implementation level physical security in Symmetric Cryptography
International Cryptology Conference, 2020Co-Authors: Davide Bellizia, Olivier Pereira, Olivier Bronchain, Gaëtan Cassiers, Vincent Grosso, Chun Guo, Charles Momin, Thomas Peters, Francoisxavier StandaertAbstract:Triggered by the increasing deployment of embedded cryptographic devices (e.g., for the IoT), the design of authentication, encryption and authenticated encryption schemes enabling improved security against side-channel attacks has become an important research direction. Over the last decade, a number of modes of operation have been proposed and analyzed under different abstractions. In this paper, we investigate the practical consequences of these findings. For this purpose, we first translate the physical assumptions of leakage-resistance proofs into minimum security requirements for implementers. Thanks to this (heuristic) translation, we observe that (i) security against physical attacks can be viewed as a tradeoff between mode-level and implementation-level protection mechanisms, and (ii) security requirements to guarantee confidentiality and integrity in front of leakage can be concretely different for the different parts of an implementation. We illustrate the first point by analyzing several modes of operation with gradually increased leakage-resistance. We illustrate the second point by exhibiting leveled implementations, where different parts of the investigated schemes have different security requirements against leakage, leading to performance improvements when high physical security is needed. We finally initiate a comparative discussion of the different solutions to instantiate the components of a leakage-resistant authenticated encryption scheme.
-
leakage resilient Symmetric Cryptography under empirically verifiable assumptions
International Cryptology Conference, 2013Co-Authors: Francoisxavier Standaert, Olivier PereiraAbstract:Leakage-resilient Cryptography aims at formally proving the security of cryptographic implementations against large classes of side-channel adversaries. One important challenge for such an approach to be relevant is to adequately connect the formal models used in the proofs with the practice of side-channel attacks. It raises the fundamental problem of finding reasonable restrictions of the leakage functions that can be empirically verified by evaluation laboratories. In this paper, we first argue that the previous “bounded leakage” requirements used in leakage-resilient Cryptography are hard to fulfill by hardware engineers. We then introduce a new, more realistic and empirically verifiable assumption of simulatable leakage, under which security proofs in the standard model can be obtained. We finally illustrate our claims by analyzing the physical security of an efficient pseudorandom generator (for which security could only be proven under a random oracle based assumption so far). These positive results come at the cost of (algorithm-level) specialization, as our new assumption is specifically defined for block ciphers. Nevertheless, since block ciphers are the main building block of many leakage-resilient cryptographic primitives, our results also open the way towards more realistic constructions and proofs for other pseudorandom objects.
Olivier Pereira - One of the best experts on this subject based on the ideXlab platform.
-
mode level vs implementation level physical security in Symmetric Cryptography
International Cryptology Conference, 2020Co-Authors: Davide Bellizia, Olivier Pereira, Olivier Bronchain, Gaëtan Cassiers, Vincent Grosso, Chun Guo, Charles Momin, Thomas Peters, Francoisxavier StandaertAbstract:Triggered by the increasing deployment of embedded cryptographic devices (e.g., for the IoT), the design of authentication, encryption and authenticated encryption schemes enabling improved security against side-channel attacks has become an important research direction. Over the last decade, a number of modes of operation have been proposed and analyzed under different abstractions. In this paper, we investigate the practical consequences of these findings. For this purpose, we first translate the physical assumptions of leakage-resistance proofs into minimum security requirements for implementers. Thanks to this (heuristic) translation, we observe that (i) security against physical attacks can be viewed as a tradeoff between mode-level and implementation-level protection mechanisms, and (ii) security requirements to guarantee confidentiality and integrity in front of leakage can be concretely different for the different parts of an implementation. We illustrate the first point by analyzing several modes of operation with gradually increased leakage-resistance. We illustrate the second point by exhibiting leveled implementations, where different parts of the investigated schemes have different security requirements against leakage, leading to performance improvements when high physical security is needed. We finally initiate a comparative discussion of the different solutions to instantiate the components of a leakage-resistant authenticated encryption scheme.
-
leakage resilient Symmetric Cryptography under empirically verifiable assumptions
International Cryptology Conference, 2013Co-Authors: Francoisxavier Standaert, Olivier PereiraAbstract:Leakage-resilient Cryptography aims at formally proving the security of cryptographic implementations against large classes of side-channel adversaries. One important challenge for such an approach to be relevant is to adequately connect the formal models used in the proofs with the practice of side-channel attacks. It raises the fundamental problem of finding reasonable restrictions of the leakage functions that can be empirically verified by evaluation laboratories. In this paper, we first argue that the previous “bounded leakage” requirements used in leakage-resilient Cryptography are hard to fulfill by hardware engineers. We then introduce a new, more realistic and empirically verifiable assumption of simulatable leakage, under which security proofs in the standard model can be obtained. We finally illustrate our claims by analyzing the physical security of an efficient pseudorandom generator (for which security could only be proven under a random oracle based assumption so far). These positive results come at the cost of (algorithm-level) specialization, as our new assumption is specifically defined for block ciphers. Nevertheless, since block ciphers are the main building block of many leakage-resilient cryptographic primitives, our results also open the way towards more realistic constructions and proofs for other pseudorandom objects.
Stefano Tessaro - One of the best experts on this subject based on the ideXlab platform.
-
provable time memory trade offs Symmetric Cryptography against memory bounded adversaries
Theory of Cryptography Conference, 2018Co-Authors: Stefano Tessaro, Aishwarya ThiruvengadamAbstract:We initiate the study of Symmetric encryption in a regime where the memory of the adversary is bounded. For a block cipher with n-bit blocks, we present modes of operation for encryption and authentication that guarantee security beyond \(2^n\) encrypted/authenticated messages, as long as (1) the adversary’s memory is restricted to be less than \(2^n\) bits, and (2) the key of the block cipher is long enough to mitigate memory-less key-search attacks. This is the first proposal of a setting which allows to bypass the \(2^n\) barrier under a reasonable assumption on the adversarial resources.
-
information theoretic indistinguishability via the chi squared method
International Cryptology Conference, 2017Co-Authors: Wei Dai, Viet Tung Hoang, Stefano TessaroAbstract:Proving tight bounds on information-theoretic indistinguishability is a central problem in Symmetric Cryptography. This paper introduces a new method for information-theoretic indistinguishability proofs, called “the chi-squared method”. At its core, the method requires upper-bounds on the so-called \(\chi ^2\) divergence (due to Neyman and Pearson) between the output distributions of two systems being queries. The method morally resembles, yet also considerably simplifies, a previous approach proposed by Bellare and Impagliazzo (ePrint, 1999), while at the same time increasing its expressiveness and delivering tighter bounds.
-
basing prfs on constant query weak prfs minimizing assumptions for efficient Symmetric Cryptography
International Conference on the Theory and Application of Cryptology and Information Security, 2008Co-Authors: Ueli Maurer, Stefano TessaroAbstract:Although it is well known that all basic private-key cryptographic primitives can be built from one-way functions, finding weak assumptions from which practical implementations of such primitives exist remains a challenging task. Towards this goal, this paper introduces the notion of a constant-query weak PRF , a function with a secret key which is computationally indistinguishable from a truly random function when evaluated at a constant number s of known random inputs, where s can be as small as two. We provide iterated constructions of (arbitrary-input-length) PRFs from constant-query weak PRFs that even improve the efficiency of previous constructions based on the stronger assumption of a weak PRF (where polynomially many evaluations are allowed). One of our constructions directly provides a new mode of operation using a constant-query weak PRF for IND-CPA Symmetric encryption which is essentially as efficient as conventional PRF-based counter-mode encryption. Furthermore, our constructions yield efficient modes of operation for keying hash functions (such as MD5 and SHA-1) to obtain iterated PRFs (and hence MACs) which rely solely on the assumption that the underlying compression function is a constant-query weak PRF, which is the weakest assumption ever considered in this context.
Assi C. - One of the best experts on this subject based on the ideXlab platform.
-
Improving the security of SNMP in wireless networks
IEEE, 2017Co-Authors: Mourad A., Otrok H., Debbabi M., Assi C.Abstract:Simple network management protocol (SNMP) is widely used for monitoring and managing computers and network devices on wired and wireless network. SNMPv1 and v2 do not provide security when managing agents. Three very important security features (authentication, encryption, access control) are added to SNMPv3 under the user-based security model (USM). Symmetric Cryptography is used for encryption and one-way Cryptography is used for authentication. The two keys used for encryption and authentication are derived from the shared password between the manager and agent. In this paper, we are addressing (1) the problem of one way authentication that leads to the man-in-the-middle attack and (2) the vulnerability pertaining to the password update method of SNMPv3. We propose to use certification authority for two-way authentication and Diffie-Hellman algorithm for key exchange to mitigate the impacts of these problems.N/
