检索结果-内蒙古大学图书馆

Security analysis of GCM for communication

SECURITY AND COMMUNICATION NETWORKS 2014年第5期7卷 854-864页

作者： Yap, Wun-She Yeo, Sze Ling Heng, Swee-Huay Henricksen, Matt ASTAR Inst Infocomm Res Singapore Singapore Multimedia Univ Fac Informat Sci & Technol Ayer Keroh Melaka Malaysia

The Galois/Counter Mode of operations (GCM) is constructed by combining the counter mode encryption and the authentication component (i.e., GTAG) to provide both privacy and authenticity. GTAG can be used as a stand-alone message authentication code. In this paper, we analyze the security of GTAG and GCM with respect to the forgery and distinguishing attacks. More precisely, We generalize the set of weak key classes proposed by Saarinen in FSE 2012 to include all subsets of nonzero keys. Hence, we remove the condition on the smoothness of 2(n)-1, where n denotes the block size, for the existence of weak key classes. By considering powers of suitable field elements and linearized polynomials, we further exploit some specific weak key classes to present a universal forgery attack on GTAG. By invoking the birthday paradox arguments, we show that a chosen message attack can be used to distinguish GTAG from a random function. To relax the assumptions required in the universal forgery attack, we show that we can utilize the uniqueness of the counter mode encryption to launch a known ciphertext attack against GCM itself when the initial vector is restricted to *** first three attacks can be applied to other Wegman-Carter polynomial message authentication codes. Copyright (c) 2013 John Wiley & Sons, Ltd.

关键词： communication network authenticated encryption message authentication code forgery attack distinguishing attack weak key attack

来源：评论

学校读者我要写书评

暂无评论

A TIGHT BOUND FOR EXHAUSTIVE KEY SEARCH ATTACKS AGAINST message authentication codeS

引用

RAIRO-THEORETICAL INFORMATICS AND APPLICATIONS 2013年第2期47卷 171-180页

作者： de Sa, Vinicius G. P. Boccardo, Davidson R. Rust, Luiz Fernando Machado, Raphael C. S. Univ Fed Rio de Janeiro Dept Ciencia Comp BR-21941 Rio De Janeiro Brazil

A message authentication code (MAC) is a function that takes a message and a key as parameters and outputs an authentication of the message. MAC are used to guarantee the legitimacy of messages exchanged through a network, since generating a correct authentication requires the knowledge of the key defined secretly by trusted parties. However, an attacker with access to a sufficiently large number of message/authentication pairs may use a brute force algorithm to infer the secret key: from a set containing initially all possible key candidates, subsequently remove those that yield an incorrect authentication, proceeding this way for each intercepted message/authentication pair until a single key remains. In this paper, we determine an exact formula for the expected number of message/authentication pairs that must be used before such form of attack is successful, along with an asymptotical bound that is both simple and tight. We conclude by illustrating a modern application where this bound comes in handy, namely the estimation of security levels in reflection-based verification of software integrity.

关键词： Cryptography message authentication code asymptotic analysis

来源：评论

学校读者我要写书评

暂无评论

Differential Cryptanalysis of SipHash 1

引用

21st International Conference on Selected Areas in Cryptography (SAC)

作者： Dobraunig, Christoph Mendel, Florian Schlaeffer, Martin Graz Univ Technol IAIK A-8010 Graz Austria

ISBN: (数字)9783319130514

ISBN: (纸本)9783319130514;9783319130507

SipHash is an ARX based message authentication code developed by Aumasson and Bernstein. SipHash was designed to be fast on short messages. Already, a lot of implementations and applications for SipHash exist, whereas the cryptanalysis of SipHash lacks behind. In this paper, we provide the first published third-party cryptanalysis of SipHash regarding differential cryptanalysis. We use existing automatic tools to find differential characteristics for SipHash. To improve the quality of the results, we propose several extensions for these tools to find differential characteristics. For instance, to get a good probability estimation for differential characteristics in SipHash, we generalize the concepts presented by Mouha et al. and Velichkov et al. to calculate the probability of ARX functions. Our results are a characteristic for SipHash-2-4 with a probability of 2(-236.3) and a distinguisher for the Finalization of SipHash-2-4 with practical complexity. Even though our results do not pose any threat to the security of SipHash-2-4, they significantly improve the results of the designers and give new insights in the security of SipHash-2-4.

关键词： message authentication code MAC Cryptanalysis Differential cryptanalysis SipHash S-functions Cyclic S-functions

来源：评论

学校读者我要写书评

暂无评论

Intrusion Detection System-An Efficient way to Thwart against Dos/DDos Attack in the Cloud Environment 4

Intrusion Detection System-An Efficient way to Thwart agains...

引用

International Conference on Recent Trends in Information Technology

作者： Aishwarya, R. Malliga, S. Kongu Engn Coll Dept CSE Erode India

ISBN: (纸本)9781479949892

One of the emerging and glooming technologies in the IT is Cloud computing where the information is permanently stored in the third party cloud servers and cached temporarily on clients that include different devices like desktops, entertainment centers, table computers, notebooks, wall computers, sensors, etc. Internet connection is the basic requirement for accessing the cloud. Virtualization technology is another technology which goes along with the cloud environment which is used most widely to reduce the cost purchasing the hardware infrastructures in organizations. Henceforth, the Cloud Computing Systems can be easily intruded by various types of cyber attacks including Denial of Service (DoS) attack and Distributed Denial of Service (DDoS) attack which utilize the entire resources like CPU, Memory, etc and makes the server to starve. This creates a major impact reducing the efficiency of the virtual machines. In the proposed method, attack can be overcome by Transmission Control Protocol (TCP) Mitigation Strategy which uses the SYN Cookie to prevent the attack in the cloud to prevent the attack in which the server ignores the connection packets when it does not receive the correct Acknowledgement (ACK) from the client which requested the connection. The server here has rules to be check whether it is a legitimate client or the spoofed one using the first layer of security for hop count filtering mechanism and second layer of security is encoding the sequence number of the SYN packet so that only a legitimate client can decode it. Additionally security is also provided for the data packets using the message authentication code (MAC) and thus client is authenticated.

关键词： DoS/DDoS Virtualization SYN Cookie Hop-Count Filtering Sequence number message authentication code

来源：评论

学校读者我要写书评

暂无评论

Characterizing the Impact of Dynamic Resource Management on message authentication in Mobiles

Characterizing the Impact of Dynamic Resource Management on ...

引用

IEEE International Conference on Communications (ICC)

作者： Rashwan, A. M. Taha, A-E M. Hassanein, H. S. Queens Univ Sch Comp Telecommun Res Lab Kingston ON K7L 3N6 Canada Alfaisal Univ Dept Elect Engn Riyadh 11533 Saudi Arabia

ISBN: (纸本)9781479920037

Communication security measures are becoming prominent standards of next generation mobile networks. These measures usually involve resource-intensive cryptographic operations that can greatly affect communication performance, particularly when it comes to time-based guarantees such as delay and jitter. It this becomes vital to understand the computational characteristics of such operations from a communication perspective. The determination of these characteristics, however, is challenging with mobile computing as computational resources are dynamically managed for balanced performance and energy-efficiency. This paper investigates different mobile computing resource management features, and evaluates their impact on the evaluation of cryptographic functions used in message authentication, and on the design considerations for future context-aware security protocols.

关键词： component dynamic resource management benchmarking mobile computing security message authentication code message hashing next generation Internet security

来源：评论

学校读者我要写书评

暂无评论

Chaskey: An Efficient MAC Algorithm for 32-bit Microcontrollers 1

引用

21st International Conference on Selected Areas in Cryptography (SAC)

作者： Mouha, Nicky Mennink, Bart Van Herrewege, Anthony Watanabe, Dai Preneel, Bart Verbauwhede, Ingrid Katholieke Univ Leuven COSIC ESAT Dept Elect Engn Ghent Belgium iMinds Ghent Belgium Yokohama Res Lab Yokohama Kanagawa Japan

ISBN: (数字)9783319130514

ISBN: (纸本)9783319130514;9783319130507

We propose Chaskey: a very efficient message authentication code (MAC) algorithm for 32-bit microcontrollers. It is intended for applications that require 128-bit security, yet cannot implement standard MAC algorithms because of stringent requirements on speed, energy consumption, or code size. Chaskey is a permutation-based MAC algorithm that uses the Addition-Rotation-XOR (ARX) design methodology. We prove that Chaskey is secure in the standard model, based on the security of an underlying Even-Mansour block cipher. Chaskey is designed to perform well on a wide range of 32-bit microcontrollers. Our benchmarks show that on the ARM Cortex-M3/M4, our Chaskey implementation reaches a speed of 7.0 cycles/byte, compared to 89.4 cycles/byte for AES-128-CMAC. For the ARM Cortex-M0, our benchmark results give 16.9 cycles/byte and 136.5 cycles/byte for Chaskey and AES-128-CMAC respectively.

关键词： Microcontroller message authentication code Standard model security Permutation-based ARX

来源：评论

学校读者我要写书评

暂无评论

Tweakable Blockciphers with Asymptotically Optimal Security

Tweakable Blockciphers with Asymptotically Optimal Security

引用

20th International Workshop on Fast Software Encryption (FSE)

作者： Lampe, Rodolphe Seurin, Yannick Univ Versailles Versailles France ANSSI Paris France

ISBN: (纸本)9783662439333;9783662439326

We consider tweakable blockciphers with beyond the birthday bound security. Landecker, Shrimpton, and Terashima (CRYPTO 2012) gave the first construction with security up to O(2(2n/3)) adversarial queries (n denotes the block size in bits of the underlying blockcipher), and for which changing the tweak does not require changing the keys for blockcipher calls. In this paper, we extend this construction, which consists of two rounds of a previous proposal by Liskov, Rivest, and Wagner (CRYPTO 2002), by considering larger numbers of rounds r > 2. We show that asymptotically, as r increases, the resulting tweakable blockcipher approaches security up to the information bound, namely O(2 n) queries. Our analysis makes use of a coupling argument, and carries some similarities with the analysis of the iterated Even-Mansour cipher by Lampe, Patarin, and Seurin (ASIACRYPT 2012).

关键词： Tweakable blockcipher Beyond birthday bound Coupling message authentication code

来源：评论

学校读者我要写书评

暂无评论

An Efficient Edge-Based authentication for Network Coding Against Entropy Attacks 34

An Efficient Edge-Based Authentication for Network Coding Ag...

引用

34th IEEE International Conference on Distributed Computing Systems (ICDCS)

作者： Iguchi, Ryo Manabe, Yoshifumi Kogakuin Univ Fac Informat Dept Comp Sci Shinjuku Ku Tokyo 1638677 Japan

ISBN: (纸本)9781479941810

This paper proposes a new edge-based authentication scheme for network coding. Many authentication schemes for random linear network coding have been proposed against pollution attacks. However, random linear network coding is vulnerable to entropy attacks. An adversary can generate messages that are verified as correct messages by the authentication mechanism but obstruct the network coding. Random linear network coding is shown to be efficient in a random failure model, but not in an adversary model. This paper shows a simple solution to tolerate entropy attacks by changing random linear coding to deterministic message combining rule. For an example, this paper shows a modification of RIPPLE, an authentication scheme for random linear network coding. Lastly, we show that the total delay of modified RIPPLE can be reduced by an edge-based authentication. RIPPLE and many other authentication schemes are node-based, that is, verification keys and operations are defined for each node. We show that we can construct an edge-based scheme, that is, verification keys and operations are defined for each edge. We show that the edge-based authentication scheme is more efficient than the node-based schemes.

关键词： network coding random linear network coding message authentication code

来源：评论

学校读者我要写书评

暂无评论

Dropping False Packet to Increase the Network Lifetime of Wireless Sensor Network using EFDD Protocol

引用

WIRELESS PERSONAL COMMUNICATIONS 2013年第4期70卷 1697-1709页

作者： Kumar, S. Manoj Rajkumar, N. Mary, W. Catherine Christinal Karunya Univ Dept Informat Technol Coimbatore Tamil Nadu India Sri Ramakrishna Engn Coll Dept Comp Sci & Engn Coimbatore Tamil Nadu India WIPRO Technol Madras Tamil Nadu India

In Wireless Sensor Network (WSN) sensors are densely deployed where the intruders can compromise some sensor nodes and inject false data in order to raise false alarms, reduce network lifetime, utilize bandwidth resources and so on. False Data Injection can possibly occur in Data Aggregation (DA) and Data Forwarding (DF). This paper analyses EFDD Protocol- Early False Data Detection Protocol which addresses the two possibilities in a simple and secure way considering the constraints of sensor nodes. The main idea is the selection of the network structure;this protocol will work effectively in Spatial/Semantic Correlation Tree Structure (SCT). False Data Detection in DA is done using some monitoring nodes which will monitor the Data Aggregator. EFDD in SCT structure reduce the counterfeit data transmission when compared to other structure in a better way. The result shows that EFDD reduce data transmission by dropping false data earlier and it also reduces computation when compared to the existing schemes.

关键词： Wireless sensor networks Data aggregation SCT Load balancing Data integrity message authentication code

来源：评论

学校读者我要写书评

暂无评论

On the relationships between perfect nonlinear functions and universal hash families

引用

THEORETICAL COMPUTER SCIENCE 2013年 513卷 85-95页

作者： Liu, Jian Chen, Lusheng Nankai Univ Sch Math Sci Tianjin 300071 Peoples R China

In this paper, the relationships between perfect nonlinear (in brief, PN) functions and optimal universal hash families are discussed. We point out the equivalence of constructions between them, i.e., from PN functions, one can obtain optimal universal hash families and vice versa. As an application of our construction, a message authentication code is proposed, which provides better resistance to substitution attack than a known construction given by Cadet et al. in 2006. More generally, the connections between functions with given differential uniformity and some universal hash families are studied. (C) 2013 Elsevier B.V. All rights reserved.

关键词： Universal hash family PN function Multi-output bent function message authentication code

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：