The Experts below are selected from a list of 4809 Experts worldwide ranked by ideXlab platform
A J Elbirt - One of the best experts on this subject based on the ideXlab platform.
-
enhancing the performance of Symmetric Key Cryptography via instruction set extensions
IEEE Transactions on Very Large Scale Integration Systems, 2010Co-Authors: Sean Omelia, A J ElbirtAbstract:In this paper, instruction set extensions for a reduced instruction set computer processor are presented to improve the software performance of the data encryption standard (DES), the triple DES, the international data encryption algorithm (IDEA), and the advanced encryption standard (AES) algorithms. The most computationally intensive operations of each algorithm are off-loaded to a set of newly defined instructions. The additional hardware required to support these instructions is integrated into the processor's data path. For each of the targeted algorithms, comparisons are presented between traditional software implementations and new implementations that take advantage of the extended instruction set architecture. Results show that the utilization of the proposed instructions significantly reduces program code size, and improves encryption and decryption throughput. Moreover, the additional hardware resources required to support the instruction set extensions increase the total area of the processor by less than 65%. Finally, it will be shown that the throughputs for triple DES, IDEA, and AES are approximately the same when accelerated via instruction set extensions. This allows for seamless and transparent algorithm agility as one algorithm may be easily replaced by another algorithm with minimal performance degradation.
-
instruction set extensions for enhancing the performance of Symmetric Key Cryptography
Annual Computer Security Applications Conference, 2008Co-Authors: Sean Omelia, A J ElbirtAbstract:Instruction set extensions for a RISC processor are presented to improve the software performance of the Data Encryption Standard (DES), Triple-DES, the International Data Encryption Algorithm (IDEA), and the Advanced Encryption Standard (AES) algorithms. The most computationally intensive operations of each algorithm are off-loaded to a set of newly defined instructions. The additional hardware required to support these instructions is integrated into the processor's datapath. For each of the targeted algorithms, comparisons are presented between traditional software implementations and new implementations that take advantage of the extended instruction set architecture. Results show that utilization of the proposed instructions significantly reduces program code size and improves encryption and decryption throughput. Moreover, the additional hardware resources required to support the instruction set extensions increases the total area of the processor by less than 65%.
-
An instruction-level distributed processor for Symmetric-Key Cryptography
IEEE Transactions on Parallel and Distributed Systems, 2005Co-Authors: A J Elbirt, Christof PaarAbstract:Efficient implementation of block ciphers is critical toward achieving both high security and high-speed processing. Numerous block ciphers have been proposed and implemented, using a wide and varied range of functional operations. Existing architectures such as microcontrollers do not provide this broad range of support. Therefore, we will present a hardware architecture that achieves efficient block cipher implementation while maintaining flexibility through reconfiguration. In an effort to achieve such a hardware architecture, a study of a wide range of block ciphers was undertaken to develop an understanding of the functional requirements of each algorithm. This study led to the development of COBRA, a reconfigurable architecture for the efficient implementation of block ciphers. A detailed discussion of the top-level architecture, interconnection scheme, and underlying elements of the architecture will be provided. System configuration and on-the-fly reconfiguration will be analyzed, and from this analysis, it will be demonstrated that the COBRA architecture satisfies the requirements for achieving efficient implementation of a wide range of block ciphers that meet the 622 Mbps ATM network encryption throughput requirement.
-
instruction level distributed processing for Symmetric Key Cryptography
International Parallel and Distributed Processing Symposium, 2003Co-Authors: A J Elbirt, Christof PaarAbstract:Efficient implementation of block ciphers is critical towards achieving both high security and high-speed processing. Numerous block ciphers have been proposed and implemented, using a wide and varied range of functional operations. As a result, it has become increasingly more difficult to develop a hardware architecture that allows the efficient and fast realization of a wide variety of block ciphers. In an effort to achieve such a hardware architecture, a study of a wide range of block ciphers was undertaken to develop an understanding of the functional requirements of each algorithm. This study led to the development of COBRA, a reconfigurable architecture for the efficient implementation of block ciphers. A detailed discussion of the top level architecture, interconnection scheme, and underlying elements of the architecture is provided. System configuration and on-the-fly reconfiguration is analyzed, and from this analysis it is demonstrated that the COBRA architecture satisfies the requirements for achieving efficient implementation of a wide range of block ciphers that meet the 622 Mbps ATM network encryption throughput requirement.
-
IPDPS - Instruction-level distributed processing for Symmetric-Key Cryptography
Proceedings International Parallel and Distributed Processing Symposium, 1Co-Authors: A J Elbirt, Christof PaarAbstract:Efficient implementation of block ciphers is critical towards achieving both high security and high-speed processing. Numerous block ciphers have been proposed and implemented, using a wide and varied range of functional operations. As a result, it has become increasingly more difficult to develop a hardware architecture that allows the efficient and fast realization of a wide variety of block ciphers. In an effort to achieve such a hardware architecture, a study of a wide range of block ciphers was undertaken to develop an understanding of the functional requirements of each algorithm. This study led to the development of COBRA, a reconfigurable architecture for the efficient implementation of block ciphers. A detailed discussion of the top level architecture, interconnection scheme, and underlying elements of the architecture is provided. System configuration and on-the-fly reconfiguration is analyzed, and from this analysis it is demonstrated that the COBRA architecture satisfies the requirements for achieving efficient implementation of a wide range of block ciphers that meet the 622 Mbps ATM network encryption throughput requirement.
An Braeken - One of the best experts on this subject based on the ideXlab platform.
-
Enhanced end-to-end security through Symmetric-Key Cryptography in wearable medical sensor networks
Health and Technology, 2021Co-Authors: Jori Winderickx, An Braeken, Nele MentensAbstract:This paper describes a security protocol and proof-of-concept implementation for wearable medical sensor devices that are deployed in hospitals. The sensor device measures the patient’s vital sign parameters and sends them to the hospital server, such that the data can be processed and stored in the EMR (Electronic Medical Record) of the patient. The proposed security protocol is based on Symmetric-Key Cryptography and addresses the challenges of anonymity, unlinkability, mutual authentication and perfect forward secrecy. Moreover, it relies on decentralised authentication, avoiding an authentication server to be the single point of attack. Besides offering strong security features, the proposed protocol and implementation take into account that sensor devices are typically constrained with respect to communication bandwidth and computation power. Therefore, these parameters are evaluated in addition to the security analysis of the presented protocol. Our solution gives stronger security guarantees than related work, while featuring a comparable computation overhead and the lowest communication overhead.
-
Public Key versus Symmetric Key Cryptography in client–server authentication protocols
International Journal of Information Security, 2021Co-Authors: An BraekenAbstract:Every month, several new protocols are popping up, comparing themselves with a few others and claiming to outperform the whole state of the art. The most popular domain of protocols is the one for authentication in a client–server architecture for which both Symmetric Key- and public Key-based protocols are being proposed. The usage of public Key-based mechanisms has several consequences, not only with respect to an increased computational and communication cost, but also with respect to increased possibilities to strengthen the protocol by making it resistant against a semi-trusted third party. On the other hand, we also recall that Symmetric Key-based protocols can already offer a nice set of security features. We see a trend in the current generation of papers published on public Key-based client–server authentication protocols, showing that only a very limited amount of them really exploit the power that public Key Cryptography can offer with respect to this privacy towards a semi-trusted third party, and most of them do not even satisfy the same security features able to be also realised by a much more efficient Symmetric Key-based protocol. This paper serves as a warm wake-up call to all protocol designers to rethink the usage of more heavyweight constructions compared to Symmetric Key-based mechanisms in order to ensure that if they are used, they also fully exploit their inherent strength.
-
public Key versus Symmetric Key Cryptography in client server authentication protocols
International Journal of Information Security, 2021Co-Authors: An BraekenAbstract:Every month, several new protocols are popping up, comparing themselves with a few others and claiming to outperform the whole state of the art. The most popular domain of protocols is the one for authentication in a client–server architecture for which both Symmetric Key- and public Key-based protocols are being proposed. The usage of public Key-based mechanisms has several consequences, not only with respect to an increased computational and communication cost, but also with respect to increased possibilities to strengthen the protocol by making it resistant against a semi-trusted third party. On the other hand, we also recall that Symmetric Key-based protocols can already offer a nice set of security features. We see a trend in the current generation of papers published on public Key-based client–server authentication protocols, showing that only a very limited amount of them really exploit the power that public Key Cryptography can offer with respect to this privacy towards a semi-trusted third party, and most of them do not even satisfy the same security features able to be also realised by a much more efficient Symmetric Key-based protocol. This paper serves as a warm wake-up call to all protocol designers to rethink the usage of more heavyweight constructions compared to Symmetric Key-based mechanisms in order to ensure that if they are used, they also fully exploit their inherent strength.
Sean Omelia - One of the best experts on this subject based on the ideXlab platform.
-
enhancing the performance of Symmetric Key Cryptography via instruction set extensions
IEEE Transactions on Very Large Scale Integration Systems, 2010Co-Authors: Sean Omelia, A J ElbirtAbstract:In this paper, instruction set extensions for a reduced instruction set computer processor are presented to improve the software performance of the data encryption standard (DES), the triple DES, the international data encryption algorithm (IDEA), and the advanced encryption standard (AES) algorithms. The most computationally intensive operations of each algorithm are off-loaded to a set of newly defined instructions. The additional hardware required to support these instructions is integrated into the processor's data path. For each of the targeted algorithms, comparisons are presented between traditional software implementations and new implementations that take advantage of the extended instruction set architecture. Results show that the utilization of the proposed instructions significantly reduces program code size, and improves encryption and decryption throughput. Moreover, the additional hardware resources required to support the instruction set extensions increase the total area of the processor by less than 65%. Finally, it will be shown that the throughputs for triple DES, IDEA, and AES are approximately the same when accelerated via instruction set extensions. This allows for seamless and transparent algorithm agility as one algorithm may be easily replaced by another algorithm with minimal performance degradation.
-
instruction set extensions for enhancing the performance of Symmetric Key Cryptography
Annual Computer Security Applications Conference, 2008Co-Authors: Sean Omelia, A J ElbirtAbstract:Instruction set extensions for a RISC processor are presented to improve the software performance of the Data Encryption Standard (DES), Triple-DES, the International Data Encryption Algorithm (IDEA), and the Advanced Encryption Standard (AES) algorithms. The most computationally intensive operations of each algorithm are off-loaded to a set of newly defined instructions. The additional hardware required to support these instructions is integrated into the processor's datapath. For each of the targeted algorithms, comparisons are presented between traditional software implementations and new implementations that take advantage of the extended instruction set architecture. Results show that utilization of the proposed instructions significantly reduces program code size and improves encryption and decryption throughput. Moreover, the additional hardware resources required to support the instruction set extensions increases the total area of the processor by less than 65%.
Hisham A Kholidy - One of the best experts on this subject based on the ideXlab platform.
-
ultra gridsec peer to peer computational grid middleware security using high performance Symmetric Key Cryptography
International Conference on Information Technology: New Generations, 2008Co-Authors: Mostafasami M Mostafa, S H Deif, Hisham A KholidyAbstract:"ULTRA GRIDSEC" is a high-performance Symmetric Key Cryptography scheme used to secure data passes inside peer-to-peer computational grid middleware that we are developing now. This schema is used to accelerate the performance of triple data encryption standards (TDES) by about 439.7% and this percentage value is changed according to machine capabilities, also it enhances the security of encrypted TDES files. An analysis and comparison of this scheme and its performance is presented in this paper.
-
ITNG - ULTRA GRIDSEC: Peer-to-Peer Computational Grid Middleware Security Using High Performance Symmetric Key Cryptography
Fifth International Conference on Information Technology: New Generations (itng 2008), 2008Co-Authors: Mostafasami M Mostafa, S H Deif, Hisham A KholidyAbstract:"ULTRA GRIDSEC" is a high-performance Symmetric Key Cryptography scheme used to secure data passes inside peer-to-peer computational grid middleware that we are developing now. This schema is used to accelerate the performance of triple data encryption standards (TDES) by about 439.7% and this percentage value is changed according to machine capabilities, also it enhances the security of encrypted TDES files. An analysis and comparison of this scheme and its performance is presented in this paper.
-
Enhanced "ULTRA GRIDSEC": Enhancing High Performance Symmetric Key Cryptography Schema Using Pure Peer To Peer Computational Grid Middleware (HIMAN)
2008 Third International Conference on Pervasive Computing and Applications, 2008Co-Authors: Hisham A Kholidy, Abdulrahman Azab, S H DeifAbstract:ULTRA GRIDSEC" is a high performance Symmetric Key Cryptography schema used to increase the performance of Symmetric Key encryption algorithms like DES and TDES by decreasing their execution time and increasing their security by using compression and multithreading techniques and other enhancement points. In this paper we enhancing the performance of a "ULTRA GRIDSEC" by using a pure peer-to-peer computational grid middleware called "HIMAN" that we developed before. "ULTRA GRIDSEC" Performance accelerated by about 254.8% when it was applied as an application for "HIMAN" middleware for file with size 55MB and 1MB block size, and accelerated by 431.2% for file with size 110MB and 10MB block size so every time the size of file is large and choosing the suitable block size and suitable number of threads this can cause a great acceleration for the schema performance regarding to machines capabilities of the running middleware. After that we compared the performance of the enhanced "ULTRA GRIDSEC" with a developed schema called "GRIDCRYPT" developed by Melbourne University in Australia and run over their middleware called Alchemi, so for file with size 55MB and 1MB Block Size and using 4 workers, "ULTRA GRIDSEC" Performance is faster by about 445.37% than the "GRIDCRYPT" Schema, and for file with size 110 MB and 10 MB block size and using 4 workers, "ULTRA GRIDSEC" Performance is faster by about 708.69% than the "GRIDCRYPT" schema. An analysis and results of this schema and comparison of this scheme performance with another existing schema are presented in this paper.
-
Enhanced “ULTRA GRIDSEC”: Enhancing high performance Symmetric Key Cryptography schema using pure peer to peer computational grid middleware (HIMAN)
2008 IEEE Region 8 International Conference on Computational Technologies in Electrical and Electronics Engineering, 2008Co-Authors: Mostafasami M Mostafa, S H Deif, Hisham A KholidyAbstract:"ULTRA GRIDSEC" (Mostafa et al., 2008) is a high performance Symmetric Key Cryptography schema used to increase the performance of Symmetric Key encryption algorithms like DES and TDES by decreasing their execution time and increasing their security by using compression and multithreading techniques and other enhancement points. In this paper we enhancing the performance of a "ULTRA GRIDSEC" by using a pure peer-to-peer computational grid middleware called (HIMAN) (El-Desoky et al., 2007) that we developed before. "ULTRA GRIDSEC" performance accelerated by about 254.8% when it was applied as an application for "HIMAN" middleware for file with size 55 MB and 1 MB block size, and accelerated by 431.2% for file with size 110 MB and 10 MB block size so every time the size of file is large and choosing the suitable block size and suitable number of threads this can cause a great acceleration for the schema performance regarding to machines capabilities of the running middleware. After that we compared the performance of the enhanced "ULTRA GRIDSEC" with a developed schema called "GRIDCRYPT" (Luther et al., 2004) developed by Melbourne University in Australia and run over their middleware called Alchemi (Luther et al., 2004), so for file with size 55 MB and 1 MB block size and using 4 workers, "ULTRA GRIDSEC" performance is faster by about 445.37% than the "GRIDCRYPT" schema, and for file with size 110 MB and 10 MB block size and using 4 workers, "ULTRA GRIDSEC" performance is faster by about 708.69%, than the "GRIDCRYPT" schema. An analysis and results of this schema and comparison of this scheme performance with another existing schema is presented in this paper.
-
SoSE - Enhanced “ULTRA GRIDSEC”: Enhancing high Performance Symmetric Key Cryptography Schema using pure Peer To Peer Computational Grid Middleware (HIMAN)
2008 IEEE International Conference on System of Systems Engineering, 2008Co-Authors: Mostafasami M Mostafa, S H Deif, Hisham A KholidyAbstract:ldquoULTRA GRIDSECrdquo is a high performance Symmetric Key Cryptography schema used to increase the performance of Symmetric Key encryption algorithms like DES and TDES by decreasing their execution time and increasing their security by using compression and multithreading techniques and other enhancement points. In this paper we enhancing the performance of a ldquoULTRA GRIDSECrdquo by using a pure peer-to-peer computational grid middleware called (HIMAN) that we developed before. ldquoULTRA GRIDSECrdquo performance accelerated by about 254.8% when it was applied as an application for ldquoHIMANldquo middleware for file with size 55 MB and 1 MB Block Size, and accelerated by 431.2% for file with size 110 MB and 10 MB Block Size so every time the size of file is large and choosing the suitable block size and suitable number of threads this can cause a great acceleration for the schema performance regarding to machines capabilities of the running middleware. After that we compared the performance of the Enhanced ldquoULTRA GRIDSECrdquo with a developed schema called ldquoGRIDCRYPTrdquo developed by Melbourne University in Australia and run over their middleware called Alchemi, so for file with size 55 MB and 1 MB Block Size and using 4 workers, ldquoULTRA GRIDSECrdquo Performance is faster by about 445.37% than the ldquoGRIDCRYPTrdquo Schema, and for file with size 110 MB and 10 MB Block Size and using 4 workers, ldquoULTRA GRIDSECrdquo Performance is faster by about 708.69% than the ldquoGRIDCRYPTrdquo Schema. An analysis and results of this schema and comparison of this scheme performance with another existing schema is presented in this paper.
Daniel Wichs - One of the best experts on this subject based on the ideXlab platform.
-
non malleable extractors and Symmetric Key Cryptography from weak secrets
Symposium on the Theory of Computing, 2009Co-Authors: Yevgeniy Dodis, Daniel WichsAbstract:We study the question of basing Symmetric Key Cryptography on weak secrets. In this setting, Alice and Bob share an n-bit secret W, which might not be uniformly random, but the adversary has at least k bits of uncertainty about it (formalized using conditional min-entropy). Since standard Symmetric-Key primitives require uniformly random secret Keys, we would like to construct an authenticated Key agreement protocol in which Alice and Bob use W to agree on a nearly uniform Key R, by communicating over a public channel controlled by an active adversary Eve. We study this question in the information theoretic setting where the attacker is computationally unbounded. We show that single-round (i.e. one message) protocols do not work when k ≤ n/2, and require poor parameters even when n/2 On the other hand, for arbitrary values of k, we design a communication efficient two-round (challenge-response) protocol extracting nearly k random bits. This dramatically improves the previous construction of Renner and Wolf [32], which requires Θ(λ + log(n)) rounds where λ is the security parameter. Our solution takes a new approach by studying and constructing "non-malleable" seeded randomness extractors -- if an attacker sees a random seed X and comes up with an arbitrarily related seed X', then we bound the relationship between R= Ext(W;X) and R' = Ext(W;X'). We also extend our two-round Key agreement protocol to the "fuzzy" setting, where Alice and Bob share "close" (but not equal) secrets WA and WB, and to the Bounded Retrieval Model (BRM) where the size of the secret W is huge.
-
STOC - Non-malleable extractors and Symmetric Key Cryptography from weak secrets
Proceedings of the 41st annual ACM symposium on Symposium on theory of computing - STOC '09, 2009Co-Authors: Yevgeniy Dodis, Daniel WichsAbstract:We study the question of basing Symmetric Key Cryptography on weak secrets. In this setting, Alice and Bob share an n-bit secret W, which might not be uniformly random, but the adversary has at least k bits of uncertainty about it (formalized using conditional min-entropy). Since standard Symmetric-Key primitives require uniformly random secret Keys, we would like to construct an authenticated Key agreement protocol in which Alice and Bob use W to agree on a nearly uniform Key R, by communicating over a public channel controlled by an active adversary Eve. We study this question in the information theoretic setting where the attacker is computationally unbounded. We show that single-round (i.e. one message) protocols do not work when k ≤ n/2, and require poor parameters even when n/2 On the other hand, for arbitrary values of k, we design a communication efficient two-round (challenge-response) protocol extracting nearly k random bits. This dramatically improves the previous construction of Renner and Wolf [32], which requires Θ(λ + log(n)) rounds where λ is the security parameter. Our solution takes a new approach by studying and constructing "non-malleable" seeded randomness extractors -- if an attacker sees a random seed X and comes up with an arbitrarily related seed X', then we bound the relationship between R= Ext(W;X) and R' = Ext(W;X'). We also extend our two-round Key agreement protocol to the "fuzzy" setting, where Alice and Bob share "close" (but not equal) secrets WA and WB, and to the Bounded Retrieval Model (BRM) where the size of the secret W is huge.
-
Non-Malleable Extractors and Symmetric Key Cryptography from Weak Secrets.
IACR Cryptology ePrint Archive, 2008Co-Authors: Yevgeniy Dodis, Daniel WichsAbstract:We study the question of basing Symmetric Key Cryptography on weak secrets. In this setting, Alice and Bob share an n-bit secretW , which might not be uniformly random, but the adversary has at least k bits of uncertainty about it (formalized using conditional min-entropy). Since standard SymmetricKey primitives require uniformly random secret Keys, we would like to construct an authenticated Key agreement protocol in which Alice and Bob use W to agree on a nearly uniform Key R, by communicating over a public channel controlled by an active adversary Eve. We study this question in the information theoretic setting where the attacker is computationally unbounded. We show that single-round (i.e. one message) protocols do not work when k ≤ n2 , and require poor parameters even when n2 < k n. On the other hand, for arbitrary values of k, we design a communication efficient two-round (challenge-response) protocol extracting nearly k random bits. This dramatically improves the previous construction of Renner and Wolf [RW03], which requires Θ(λ+ log(n)) rounds where λ is the security parameter. Our solution takes a new approach by studying and constructing “non-malleable” seeded randomness extractors — if an attacker sees a random seed X and comes up with an arbitrarily related seed X ′, then we bound the relationship between R = Ext(W ;X) and R′ = Ext(W ;X ′). We also extend our two-round Key agreement protocol to the “fuzzy” setting, where Alice and Bob share “close” (but not equal) secrets WA and WB , and to the Bounded Retrieval Model (BRM) where the size of the secret W is huge. ∗Computer Science Dept. NYU. Email: dodis@cs.nyu.edu. †Computer Science Dept. NYU. Email: wichs@cs.nyu.edu.
