Engineering Commons^™

Closing The Gap: Leveraging Aes-Ni To Balance Adversarial Advantage And Honest User Performance In Argon2i, Nicholas Harrell, Nathaniel Krakauer

CERIAS Technical Reports

The challenge of providing data privacy and integrity while maintaining efficient performance for honest users is a persistent concern in cryptography. Attackers exploit advances in parallel hardware and custom circuit hardware to gain an advantage over regular users. One such method is the use of Application-Specific Integrated Circuits (ASICs) to optimize key derivation function (KDF) algorithms, giving adversaries a significant advantage in password guessing and recovery attacks. Other examples include using graphical processing units (GPUs) and field programmable gate arrays (FPGAs). We propose a focused approach to close the gap between adversarial advantage and honest user performance by leveraging the …

Hashes Are Not Suitable To Verify Fixity Of The Public Archived Web, Mohamed Aturban, Martin Klein, Herbert Van De Sompel, Sawood Alam, Michael L. Nelson, Michele C. Weigle

Computer Science Faculty Publications

Web archives, such as the Internet Archive, preserve the web and allow access to prior states of web pages. We implicitly trust their versions of archived pages, but as their role moves from preserving curios of the past to facilitating present day adjudication, we are concerned with verifying the fixity of archived web pages, or mementos, to ensure they have always remained unaltered. A widely used technique in digital preservation to verify the fixity of an archived resource is to periodically compute a cryptographic hash value on a resource and then compare it with a previous hash value. If the …

An Optimized And Scalable Blockchain-Based Distributed Learning Platform For Consumer Iot, Zhaocheng Wang, Xueying Liu, Xinming Shao, Abdullah Alghamdi, Md. Shirajum Munir, Sujit Biswas

School of Cybersecurity Faculty Publications

Consumer Internet of Things (CIoT) manufacturers seek customer feedback to enhance their products and services, creating a smart ecosystem, like a smart home. Due to security and privacy concerns, blockchain-based federated learning (BCFL) ecosystems can let CIoT manufacturers update their machine learning (ML) models using end-user data. Federated learning (FL) uses privacy-preserving ML techniques to forecast customers' needs and consumption habits, and blockchain replaces the centralized aggregator to safeguard the ecosystem. However, blockchain technology (BCT) struggles with scalability and quick ledger expansion. In BCFL, local model generation and secure aggregation are other issues. This research introduces a novel architecture, emphasizing …

Design Of Secure Communication Schemes To Provide Authentication And Integrity Among The Iot Devices, Vidya Rao Dr.

Technical Collection

The fast growth in Internet-of-Things (IoT) based applications, has increased the number of end-devices communicating over the Internet. The end devices are made with fewer resources and are low battery-powered. These resource-constrained devices are exposed to various security and privacy concerns over publicly available Internet communication. Thus, it becomes essential to provide lightweight security solutions to safeguard data and user privacy. Elliptic Curve Cryptography (ECC) can be used to generate the digital signature and also encrypt the data. The method can be evaluated on a real-time testbed deployed using Raspberry Pi3 devices and every message transmitted is subjected to ECC. …

Challenges And Opportunities For Next-Generation Manufacturing In Space, Kip Nieman, A. F. Leonard, Katie Tyrell, Dominic Messina, Rebecca Lopez, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

With commercial space travel now a reality, the idea that people might spend time on other planets in the future seems to have greater potential. To make this possible, however, there needs to be flexible means for manufacturing in space to enable tooling or resources to be created when needed to handle unexpected situations. Next-generation manufacturing paradigms offer significant potential for the kind of flexibility that might be needed; however, they can result in increases in computation time compared to traditional control methods that could make many of the computing resources already available on earth attractive for use. Furthermore, resilience …

Performance Improvements In Inner Product Encryption, Serena Riback

Honors Scholar Theses

Consider a database that contains thousands of entries of the iris biometric. Each entry identifies an individual, so it is especially important that it remains secure. However, searching for entries among an encrypted database proves to be a security problem - how should one search encrypted data without leaking any information to a potential attacker? The proximity searchable encryption scheme, as discussed in the work by Cachet et al., uses the notions of inner product encryption developed by Kim et al.. In this paper, we will focus on the efficiency of these schemes. Specifically, how the symmetry of the bilinear …

Comparison Between Two Group Signature Schemes, Hao Yang

Rose-Hulman Undergraduate Research Publications

Zerocoin is a cryptographic extension to Bitcoin. During its development, the developers decided to make use of group signature schemes to store and verify the coins. In order to compare the performance of Simple Authentication Scheme and the Dynamic Signature Scheme and figure out which one is the optimal choice for the Zerocoin scheme, I implemented them in Java and analyzed them theoretically. This paper will discuss the performance difference between two schemes, the Java implementation of them and the analysis.

Application Of Huffman Data Compression Algorithm In Hashing Computation, Lakshmi Narasimha Devulapalli Venkata,

Masters Theses & Specialist Projects

Cryptography is the art of protecting information by encrypting the original message into an unreadable format. A cryptographic hash function is a hash function which takes an arbitrary length of the text message as input and converts that text into a fixed length of encrypted characters which is infeasible to invert. The values returned by the hash function are called as the message digest or simply hash values. Because of its versatility, hash functions are used in many applications such as message authentication, digital signatures, and password hashing [Thomsen and Knudsen, 2005].

The purpose of this study is to apply …

Cache-Timing Attacks Without A Profiling Phase, Ali̇ Can Atici, Cemal Yilmaz, Erkay Savaş

Turkish Journal of Electrical Engineering and Computer Sciences

Theoretically secure cryptographic algorithms can be vulnerable to attacks due to their implementation flaws. Bernstein's attack is a well-known cache-timing attack that uses execution times as the side-channel. The major drawback of this attack is that it needs an identical target machine to perform its profiling phase where the attacker models the cache timing-behavior of the target machine. This assumption makes the attack unrealistic in many circumstances. In this work, we present an effective method to eliminate the profiling phase. We propose a methodology to model the cache timing-behavior of the target machine by trying hypothetical cache behaviors exhaustively. Our …

Transferable Multiparty Computation, Michael R. Clark, Kenneth M. Hopkinson

AFIT Patents

A method and apparatus are provided for secure multiparty computation. A set of first parties is selected from a plurality of first parties for computation. Inputs for computation associated with each party in the set of first parties are divided into shares to be sent to other parties in the set of first parties. The computation on the shares is performed by the set of first parties using multiparty computation functions. In response to a trigger event, shares of the set of first parties are transferred to a set of second parties selected from a plurality of second parties. The …

Secure Integer Comparisons Using The Homomorphic Properties Of Prime Power Subgroups, Rhys A. Carlton

Electronic Thesis and Dissertation Repository

Secure multi party computation allows two or more parties to jointly compute a function under encryption without leaking information about their private inputs. These secure computations are vital in many fields including law enforcement, secure voting and bioinformatics because the privacy of the information is of paramount importance.

One common reference problem for secure multi party computation is the Millionaires' problem which was first introduced by Turing Award winner Yao in his paper "Protocols for secure computation". The Millionaires' problem considers two millionaires who want to know who is richer without disclosing their actual worth.

There are public-key cryptosystems that …

On The Independence Of Statistical Randomness Tests Included In The Nist Test Suite, Fati̇h Sulak, Muhi̇ddi̇n Uğuz, Onur Koçak, Ali̇ Doğanaksoy

Turkish Journal of Electrical Engineering and Computer Sciences

Random numbers and random sequences are used to produce vital parts of cryptographic algorithms such as encryption keys and therefore the generation and evaluation of random sequences in terms of randomness are vital. Test suites consisting of a number of statistical randomness tests are used to detect the nonrandom characteristics of the sequences. Construction of a test suite is not an easy task. On one hand, the coverage of a suite should be wide; that is, it should compare the sequence under consideration from many different points of view with true random sequences. On the other hand, an overpopulated suite …

Mutual Correlation Of Nist Statistical Randomness Tests And Comparison Of Their Sensitivities On Transformed Sequences, Ali̇ Doğanaksoy, Fati̇h Sulak, Muhi̇ddi̇n Uğuz, Okan Şeker, Zi̇ya Akcengi̇z

Turkish Journal of Electrical Engineering and Computer Sciences

Random sequences are widely used in many cryptographic applications and hence their generation is one of the main research areas in cryptography. Statistical randomness tests are introduced to detect the weaknesses or nonrandom characteristics that a sequence under consideration may have. In the literature, there exist various statistical randomness tests and test suites, defined as a collection of tests. An efficient test suite should consist of a number of uncorrelated statistical tests each of which measures randomness from another point of view. `Being uncorrelated' is not a well-defined or well-understood concept in the literature. In this work, we apply Pearson's …

Pointing Analysis And Design Drivers For Low Earth Orbit Satellite Quantum Key Distribution, Jeremiah A. Specht

Theses and Dissertations

The world relies on encryption to perform critical and sensitive tasks every day. If quantum computing matures, the capability to decode keys and decrypt messages becomes possible. Quantum key distribution (QKD) is a method of distributing secure cryptographic keys which relies on the laws of quantum mechanics. Current implementations of QKD use fiber-based channels which limit the number of users and the distance between users. Satellite-based QKD using free-space channels is proposed as a feasible secure global communication solution. Since a free-space link does not use a waveguide, pointing a transmitter to receiver is required to ensure signal arrival. In …

The Role Of Cryptography In Security For Electronic Commerce, Ann Murphy, David Murphy

The ITB Journal

Many businesses and consumers are wary of conducting business over the Internet due to a perceived lack of security. Electronic business is subject to a variety of threats such as unauthorised access, misappropriation, alteration and destruction of both data and systems. This paper explores the major security concerns of businesses and users and describes the cryptographic techniques used to reduce such risks.

Implementing And Testing A Novel Chaotic Cryptosystem, Samuel Jackson, Scott Kerlin, Jeremy Straub

Jeremy Straub

Cryptography in the domain of small satellites is a relatively new area of research. Compared to typical desktop computers, small satellites have limited bandwidth, processing power, and battery power. Many of the current encryption schemes were developed for desktop computers and servers, and as such may be unsuitable for small satellites. In addition, most cryptographic research in the domain of small satellites focuses on hardware solutions, which can be problematic given the limited space requirements of small satellites.

This paper investigates potential software solutions that could be used to encrypt and decrypt data on small satellites and other devices with …

Testing A Novel Cryptosystem For Use In Securing Small Satellite Communications, Samuel Jackson, Scott Kerlin, Jeremy Straub

Jeremy Straub

Cryptography in the domain of Small Satellites is a topic of growing importance. While large satellites are likely to have the hardware requirements to run common cryptographic algorithms, small satellites are extremely limited in both hardware capabilities, which limits the speed and security of cryptosystems implemented in software, and available physical space, which limits the ability to include cryptosystems implemented in hardware. However, small satellites are growing in popularity, and as such securing communications becomes a necessity for some. The Department of Defense is exploring the possibility of using CubeSats, a type of small satellite, in their operations, as are …

Prevention And Detection Of Intrusions In Wireless Sensor Networks, Ismail Butun

USF Tampa Graduate Theses and Dissertations

Wireless Sensor Networks (WSNs) continue to grow as one of the most exciting and challenging research areas of engineering. They are characterized by severely constrained computational and energy

resources and also restricted by the ad-hoc network operational

environment. They pose unique challenges, due to limited power

supplies, low transmission bandwidth, small memory sizes and limited energy. Therefore, security techniques used in traditional networks cannot be directly adopted. So, new ideas and approaches are needed, in order to increase the overall security of the network. Security applications in such resource constrained WSNs with minimum overhead provides significant challenges, and is the …

Effects Of Architecture On Information Leakage Of A Hardware Advanced Encryption Standard Implementation, Eric A. Koziel

Theses and Dissertations

Side-channel analysis (SCA) is a threat to many modern cryptosystems. Many countermeasures exist, but are costly to implement and still do not provide complete protection against SCA. A plausible alternative is to design the cryptosystem using architectures that are known to leak little information about the cryptosystem's operations. This research uses several common primitive architectures for the Advanced Encryption Standard (AES) and assesses the susceptibility of the full AES system to side-channel attack for various primitive configurations. A combined encryption/decryption core is also evaluated to determine if variation of high-level architectures affects leakage characteristics. These different configurations are evaluated under …

Fast Software Multiplication In F_2[X] For Embedded Processors, Serdar Süer Erdem

Turkish Journal of Electrical Engineering and Computer Sciences

We present a novel method for fast multiplication of polynomials over F_2 which can be implemented efficiently in embedded software. Fast polynomial multiplication methods are needed for the efficient implementation of some cryptographic and coding applications. The proposed method follows a strategy to reduce the memory accesses for input data and intermediate values during computation. This strategy speeds up the binary polynomial multiplication significantly on typical embedded processors with limited memory bandwidth. These multiplications are usually performed by the comb method or the Karatsuba-based methods in embedded software. The proposed method has speed and memory advantages over these methods on …

A Secure On-Line Credit Card Transaction Method Based On Kerberos Authentication Protocol, Jung Eun Kim

UNLV Theses, Dissertations, Professional Papers, and Capstones

Nowadays, electronic payment system is an essential part of modern business. Credit cards or debit cards have been widely used for on-site or remote transactions, greatly reducing the need for inconvenient cash transactions. However, there have been a huge number of incidents of credit card frauds over the Internet due to the security weakness of electronic payment system. A number of solutions have been proposed in the past to prevent this problem, but most of them were inconvenient and did not satisfy the needs of cardholders and merchants at the same time.

In this thesis, we present a new secure …

On The Applications Of Deterministic Chaos For Encrypting Data On The Cloud, Jonathan Blackledge, Nikolai Ptitsyn

Conference papers

Cloud computing is expected to grow considerably in the future because it has so many advantages with regard to sale and cost, change management, next generation architectures, choice and agility. However, one of the principal concerns for users of the Cloud is lack of control and above all, data security. This paper considers an approach to encrypting information before it is ‘place’ on the Cloud where each user has access to their own encryption algorithm, an algorithm that is based on a set of Iterative Function Systems that outputs a chaotic number stream, designed to produce a cryptographically secure cipher. …

A New Multi-Tier Adaptive Military Manet Security Protocol Using Hybrid Cryptography And Signcryption, Atti̇la A. Yavuz, Fati̇h Alagöz, Emi̇n Anarim

Turkish Journal of Electrical Engineering and Computer Sciences

Mobile Ad-hoc NETworks (MANETs) are expected to play an important role in tactical military networks by providing infrastructureless communication. However, maintaining secure and instant information sharing is a difficult task especially for highly dynamic military MANETs. To address this requirement, we propose a new multi-tier adaptive military MANET security protocol using hybrid cryptography and signcryption. In our protocol, we bring novelties to secure military MANET communication for three main points: Cryptographic methods used in MANETs, hybrid key management protocols and structural organization of the military MANETs. As a new approach, we use hybrid cryptography mechanisms and Elliptic Curve Pintsov-Vanstone Signature …

Design And Performance Analysis Of A Secure Proces-Sor Scan-Sp With Crypto-Biometric Capabilities, Raghudeep Kannavara

Browse all Theses and Dissertations

Secure computing is gaining importance in recent times as computing capability is increasingly becoming distributed and information is everywhere. Prevention of piracy and digital rights management has become very important. Information security is mandatory rather than an additional feature. Numerous software techniques have been proposed to provide certain level of copyright and intellectual property protection. Techniques like obfuscation attempt to transform the code into a form that is harder to reverse engineer. Tamper-proofing causes a program to malfunction when it detects that it has been modified. Software watermarking embeds copyright notice in the software code to allow the owners of …

A Cryptanalysis Methodology For The Reverse Engineering Of Encrypted Information In Images, Allan Anthony Rwabutaza

Browse all Theses and Dissertations

Security is an important issue related to the storage and communication of data and information. In data and information security, cryptography and steganography are two of the most common security techniques. On one hand, there is cryptography, which is the secret communication between two parties by message scrambling on the sender's side and message unscrambling on the receiver's side so that only the intended receiver gets the secret message. On the other hand, there is steganography, which is the hiding of information in a medium in such a way that no one other than the sender or the intended receiver …

Covert Encryption And Document Authentication Using Texture Coding, Jonathan Blackledge, Mary Hallot

Articles

With the improvements in the quality of Commercial-Off-The-Shelf (COTS) printing and scanning devices, the ability to counterfeit documents has become a widespread problem. Consequently, there has been an increasing demand to develop digital watermarking techniques which can be applied to both electronic and printed images (and documents) that can be authenticated, prevent unauthorized copying and withstand abuse and degradation. In this paper , a new approach to digital watermarking is presented and a range of possible applications are considered. The process is defined by using concepts and techniques borrowed from Cryptography. It is based on computing a 'scramble image' by …

Implementation And Optimization Of The Advanced Encryption Standard Algorithm On An 8-Bit Field Programmable Gate Array Hardware Platform, Ryan J. Silva

Theses and Dissertations

The contribution of this research is three-fold. The first is a method of converting the area occupied by a circuit implemented on a Field Programmable Gate Array (FPGA) to an equivalent as a measure of total gate count. This allows direct comparison between two FPGA implementations independent of the manufacturer or chip family. The second contribution improves the performance of the Advanced Encryption Standard (AES) on an 8-bit computing platform. This research develops an AES design that occupies less than three quarters of the area reported by the smallest design in current literature as well as significantly increases area efficiency. …

Secured Network Model For Management Information System Based On Ip Security (Ipsec) Encryption Using Multilayered Approach Of Network Security, Dr. Amir Hassan Pathan, Muniza Irshad

International Conference on Information and Communication Technologies

Secured flow of information through the network and play important role in the management information systems. In this paper I describe Secured Network Model For Corporate & Business Organization In Based On Network Level IP Security (IPSec) Encryption & Its Physical Layout Using Multilayered Approach. I have four important considerations for adoption of secured network model as secured network model for management information system.