Catálogo de publicaciones - libros

Pairings on elliptic curves have been used as cryptographic primitives for the development of new applications such as identity based schemes. For the practical applications, it is crucial to provide efficient and secure implementations of the pairings. There have been several works on efficient implementations of the pairings. However, the research for secure implementations of the pairings has not been thoroughly investigated. In this paper, we investigate vulnerability of the pairing used in some pairing based protocols against side channel attacks. We propose an efficient algorithm secure against such side channel attacks of the eta pairing using randomized projective coordinate systems for the pairing computation.

Camellia is a 128-bit block cipher which has been selected as an international standard by ISO/IEC and a European encryption standard by the NESSIE project. Wu Wenling presented the collision attack on reduced-round Camellia in 2004, the 128-bit key of 6 rounds Camellia can be recovered with 2 chosen plaintexts and 2 encryptions. The improved collision attack on 6 rounds Camellia which based on four 4-round distinguishers is presented in this paper. This attack requires less than 2 chosen plaintexts and 2 encryptions.

We present very simple kleptographic attacks on SSL/TLS and SSH protocols. They enable a party, which has slightly manipulated the code of a cryptographic library, to steal secrets of the user. According to the scenario of the kleptographic attacks the secrets can be stolen only by a party having a secret key not included in the manipulated code. The attacker needs only to record transmissions. The messages transmitted are indistinguishable from the not manipulated ones (even for somebody that knows the kleptocode inserted). Therefore, detection of infected nodes based on communication analysis is much harder than in the case of classical subliminal channels.

The problems are caused by certain design features of SSL/TLS and SSH protocols that make them vulnerable for a kleptographic attack. We propose changes of these protocols that make them immune against this threat while all previous security features remain preserved.

Network applications need to be fast and at the same time provide security. In order to minimize the overhead of the security algorithm on the performance of the application, the speeds of encryption and decryption of the algorithm are critical. To obtain maximum performance from the algorithm, efficient techniques for its implementation must be used and the implementation must be tuned for the specific hardware on which it is running.

Bitslice is a non-conventional but efficient way to implement DES in software. It involves breaking down of DES into logical bit operations so that parallel encryptions are possible on a single -bit microprocessor. This results in tremendous throughput. AES is a symmetric block cipher introduced by NIST as a replacement for DES. It is rapidly becoming popular due to its good security features, efficiency, performance and simplicity. In this paper we present an implementation of AES using the bitslice technique. We analyze the impact of the architecture of the microprocessor on the performance of bitslice AES. We consider three processors; the Intel Pentium 4, the AMD Athlon 64 and the Intel Core 2. We optimize the implementation to best utilize the superscalar architecture and SIMD instruction set present in the processors.

A fast algorithm is derived for determining the linear complexity and the minimal polynomial of periodic sequences over (3) with period 3, where is a prime number, and 3 is a primitive root modulo . The algorithm presented here generalizes the fast algorithm to determine the linear complexity of a sequence over () with period , where is a prime, is a prime and a primitive root modulo .

Differential statistics were proposed in this paper to disclose the existence of hidden data in grayscale raw images. Meanwhile, differential statistics were utilized to improve the algorithm introduced by Fridrich to attack steganographic schemes in grayscale JPEG images. In raw images, to describe the correlation between data and their spatial positions, co-occurrence matrix based on intensities of adjacent pixels was adopted and the use of co-occurrence matrix was extended to high-order differentiations. The s (center of mass) of s (histogram character function) were calculated from these statistics to form a 30-dimensional feature vector for steganalysis. For JPEG files, differential statistics were collected from boundaries of DCT blocks in their decompressed images. The of was computed for each of these differential statistics and statistics from DCT domain so that a 28-dimensional feature vector can be extracted from a JPEG image. Two blindly steganalytic algorithms were constructed based on Support Vector Machine and the two kinds of feature vectors respectively. The presented methods demonstrate higher detecting rates with lower false positives than known schemes.

Software watermarking is a new research area that aims at providing copyright protection for commercial software. It minimizes software piracy by hiding copyright signatures inside the program code or its runtime state. Prior proposals hide the watermarks in dummy data structures, e.g., linked lists and graphs that are created during the execution of the hosting software for this reason. This makes it vulnerable to subtractive attacks, because the attacker can remove the data structure without altering the operation or the semantic of the software program. In this regard, we argue that hiding watermarks in one or more data structures that are used by the program would make the watermark more robust because removing the watermark would alter the semantic and the operations of the underlying software. However, the challenge is that the insertion of the watermark should have a minimal effect on the operations and performance of the data structure.

This paper proposes a novel method for watermarking R-tree data structure and its variants. The proposed watermarking scheme takes advantage of the redundancy in the way the entries within R-tree nodes are ordered. R-trees do not require ordering the entries in a specific way. Node entries are re-ordered in a way to map the watermark. The new order is calculated relative to a “secret” initial order, known only to the software owner, using a technique based on a numbering system that uses variable radix and factorial base. The addition of the watermark in the R-tree data structure neither affects the performance nor increases the size of the R-tree. The paper provides a threat model and analysis to show that the watermarked R-trees are robust and can withstand various types of attacks.

Perfect nonlinear functions are of importance in cryptography. By using Galois rings and investigating the character values of corresponding relative difference sets, we construct a perfect nonlinear function from to where 2 is possibly larger than the largest divisor of . Meanwhile we prove that there exists a perfect nonlinear function from to if and only if =2, and that there doesn’t exist a perfect nonlinear function from to if > and ( is odd) is modulo 2(≥1) .

Chaotic cryptology has been widely investigated recently. This paper analyzes the security pitfalls existing in digital chaotic stream ciphers, which work on the well characterized one-dimensional(1-D) chaotic systems. As a practical solution to these problems caused by 1-D chaotic systems, a chaotic keystream generator using nonlinear digital filters with -D uniform distribution is proposed. To improve system security further and overcome the effects of finite wordlength, the coupling method with parameter perturbing is considered. Detailed theoretical analyses show that it has perfect cryptographic properties, and can be used to construct stream ciphers with higher security than other 1-D chaotic ciphers. Finally, some numeric experiments are made and the experimental results coincide well with the theoretical analyses.

This contribution involves cooperative information systems, and more precisely interorganizational systems (IOS). Indeed, experience of real enterprises shows that most IOS interoperate today over the Web. To “ensure” security of these IOS on the Web (in particular, security of the applications they are made of), various hardware and software protection can be employed. Our work falls into the field of intrusion detection, and covers more precisely intrusion detection for Web applications. Several misuse-based intrusion detection systems (IDSs) were developed recently for Web applications, whereas, to our knowledge, only one anomaly-based Web IDS exists and works effectively to date. This one was unfortunately conceived disregarding any kind of cooperation. In previous work, we improved it to gain in sensitivity and specificity. This paper describes a cooperation feature added to the IDS, so that it is able to perform an with other detectors, allowing coo-perative intrusion detection, as well as an to detect distributed attacks. The first experiments in real environment show encouraging results.