RESUMO
The advantages of using mutual information to evaluate the correlation between randomness tests have recently been demonstrated. However, it has been pointed out that the high complexity of this method limits its application in batteries with a greater number of tests. The main objective of this work is to reduce the complexity of the method based on mutual information for analyzing the independence between the statistical tests of randomness. The achieved complexity reduction is estimated theoretically and verified experimentally. A variant of the original method is proposed by modifying the step in which the significant values of the mutual information are determined. The correlation between the NIST battery tests was studied, and it was concluded that the modifications to the method do not significantly affect the ability to detect correlations. Due to the efficiency of the newly proposed method, its use is recommended to analyze other batteries of tests.
RESUMO
There are many algorithms used with different purposes in the area of cryptography. Amongst these, Genetic Algorithms have been used, particularly in the cryptanalysis of block ciphers. Interest in the use of and research on such algorithms has increased lately, with a special focus on the analysis and improvement of the properties and characteristics of these algorithms. In this way, the present work focuses on studying the fitness functions involved in Genetic Algorithms. First, a methodology was proposed to verify that the closeness to 1 of some fitness functions' values that use decimal distance implies decimal closeness to the key. On the other hand, the foundation of a theory is developed in order to characterize such fitness functions and determine, a priori, if one method is more effective than another in the attack to block ciphers using Genetic Algorithms.
RESUMO
With the fast development of blockchain technology in the latest years, its application in scenarios that require privacy, such as health area, have become encouraged and widely discussed. This paper presents an architecture to ensure the privacy of health-related data, which are stored and shared within a blockchain network in a decentralized manner, through the use of encryption with the RSA, ECC, and AES algorithms. Evaluation tests were performed to verify the impact of cryptography on the proposed architecture in terms of computational effort, memory usage, and execution time. The results demonstrate an impact mainly on the execution time and on the increase in the computational effort for sending data to the blockchain, which is justifiable considering the privacy and security provided with the architecture and encryption.
Assuntos
Blockchain , Privacidade , Atenção à Saúde , Algoritmos , Tecnologia , Segurança ComputacionalRESUMO
The security of Smart Meter (SM) systems will be a challenge in the era of quantum computing because a quantum computer might exploit characteristics of well-established cryptographic schemes to reach a successful security breach. From a practical perspective, this paper focuses on the feasibility of implementing a quantum-secure lattice-based key encapsulation mechanism in a SM, hardware-constrained equipment. In this regard, the post-quantum cryptography (PQC) scheme, FrodoKEM, an alternate candidate for the National Institute for Standards and Technology (NIST) post-quantum standardization process, is implemented using a System-on-a-Chip (SoC) device in which the Field Programmable Gate Array (FPGA) component is exploited to accelerate the most time-consuming routines in this scheme. Experimental results show that the execution time to run the FrodoKEM scheme in an SoC device reduces to one-third of that obtained by the benchmark implementation (i.e., the software implementation). Also, the attained execution time and hardware resource usage of this SoC-based implementation of the FrodoKEM scheme show that lattice-based cryptography may fit into SM equipment.
RESUMO
ABSTRACT Medical image security is acquiring its importance to preserve the integrity and confidentiality of information (medical data) from malicious users given its importance in timely and successful diagnosis. In this context, several techniques have been developed to protect medical images, such as encryption, data hiding, image tagging, application of Hash algorithms, etc. This paper proposes a technique to cipher medical images by adding the metadata inside a cover image, based on extended visual cryptography as well as the inclusion of a Hash-like function to verify the integrity of the image and the metadata once they are recovered. The method proposed in this work is implemented using medical images with a grayscale resolution of [0,4095] that is a depth of 12 bits/pixel and color images with 24 bits/pixel depth. Experimental results prove the effectiveness of the proposed method in the task of secure exchange of medical images by allowing higher hiding capability, lower distortion in the visual quality of the image with the hidden medical data, as well as a means to verify the integrity of the sent data, compared to state-of-the-art.
RESUMEN La seguridad de imágenes médicas está incrementando su importancia para preservar la integridad y la confidencialidad de la información (datos médicos), frente a usuarios malintencionados dada su importancia en el diagnóstico oportuno y acertado. En este contexto, se han desarrollado varias técnicas para proteger las imágenes médicas, como el cifrado, la ocultación de datos, el etiquetado de imágenes, la aplicación de algoritmos Hash, etc. Este trabajo propone una técnica para cifrar imágenes médicas añadiendo los metadatos dentro de una imagen de cubierta, basada en la criptografía visual extendida, así como la inclusión de una función tipo Hash para comprobar la integridad de la imagen y los metadatos una vez estos sean recuperados. El método propuesto en este trabajo se implementa utilizando imágenes médicas con una resolución en escala de grises de [0,4095] es decir una profundidad de 12 bits/ píxel e imágenes en color con 24 bits/píxel de profundidad. Los resultados experimentales demuestran la eficacia del método propuesto en la tarea de transmisión segura de imágenes médicas permitiendo una mayor capacidad de ocultamiento, una menor distorsión en la calidad visual de la imagen con los datos médicos ocultos, así como un medio para comprobar la integridad de los datos enviados, en comparación con los artículos publicados.
RESUMO
The existence of quantum computers and Shor's algorithm poses an imminent threat to classical public-key cryptosystems. These cryptosystems are currently used for the exchange of keys between servers and clients over the Internet. The Internet of Things (IoT) is the next step in the evolution of the Internet, and it involves the connection of millions of low-powered and resource-constrained devices to the network. Because quantum computers are becoming more capable, the creation of a new cryptographic standard that cannot be compromised by them is indispensable. There are several current proposals of quantum-resistant or post-quantum algorithms that are being considered for future standards. Given that the IoT is increasing in popularity, and given its resource-constrained nature, it is worth adapting those new standards to IoT devices. In this work, we study some post-quantum cryptosystems that could be suitable for IoT devices, adapting them to work with current cryptography and communication software, and conduct a performance measurement on them, obtaining guidelines for selecting the best for different applications in resource-constrained hardware. Our results show that many of these algorithms can be efficiently executed in current IoT hardware, providing adequate protection from the attacks that quantum computers will eventually be capable of.
RESUMO
Several works have characterized weak instances of the Ring-LWE problem by exploring vulnerabilities arising from the use of algebraic structures. Although these weak instances are not addressed by worst-case hardness theorems, enabling other ring instantiations enlarges the scope of possible applications and favors the diversification of security assumptions. In this work, we extend the Ring-LWE problem in lattice-based cryptography to include algebraic lattices, realized through twisted embeddings. We define the class of problems Twisted Ring-LWE, which replaces the canonical embedding by an extended form. By doing so, we allow the Ring-LWE problem to be used over maximal real subfields of cyclotomic number fields. We prove that Twisted Ring-LWE is secure by providing a security reduction from Ring-LWE to Twisted Ring-LWE in both search and decision forms. It is also shown that the twist factor does not affect the asymptotic approximation factors in the worst-case to average-case reductions. Thus, Twisted Ring-LWE maintains the consolidated hardness guarantee of Ring-LWE and increases the existing scope of algebraic lattices that can be considered for cryptographic applications. Additionally, we expand on the results of Ducas and Durmus (Public-Key Cryptography, 2012) on spherical Gaussian distributions to the proposed class of lattices under certain restrictions. As a result, sampling from a spherical Gaussian distribution can be done directly in the respective number field while maintaining its format and standard deviation when seen in Zn via twisted embeddings.
RESUMO
Entropy makes it possible to measure the uncertainty about an information source from the distribution of its output symbols. It is known that the maximum Shannon's entropy of a discrete source of information is reached when its symbols follow a Uniform distribution. In cryptography, these sources have great applications since they allow for the highest security standards to be reached. In this work, the most effective estimator is selected to estimate entropy in short samples of bytes and bits with maximum entropy. For this, 18 estimators were compared. Results concerning the comparisons published in the literature between these estimators are discussed. The most suitable estimator is determined experimentally, based on its bias, the mean square error short samples of bytes and bits.
RESUMO
Post-quantum public cryptosystems introduced so far do not define a scalable public key infrastructure for the quantum era. We demonstrate here a public certification system based on Lizama's non-invertible key exchange protocol which can be used to implement a secure, scalable, interoperable and efficient public key infrastructure (PKI). We show functionality of certificates across different certification domains. Finally, we discuss a method that enables non-invertible certificates to exhibit perfect forward secrecy (PFS).
RESUMO
Generating Boolean Functions (BFs) with high nonlinearity is a complex task that is usually addresses through algebraic constructions. Metaheuristics have also been applied extensively to this task. However, metaheuristics have not been able to attain so good results as the algebraic techniques. This paper proposes a novel diversity-aware metaheuristic that is able to excel. This proposal includes the design of a novel cost function that combines several information from the Walsh Hadamard Transform (WHT) and a replacement strategy that promotes a gradual change from exploration to exploitation as well as the formation of clusters of solutions with the aim of allowing intensification steps at each iteration. The combination of a high entropy in the population and a lower entropy inside clusters allows a proper balance between exploration and exploitation. This is the first memetic algorithm that is able to generate 10-variable BFs of similar quality than algebraic methods. Experimental results and comparisons provide evidence of the high performance of the proposed optimization mechanism for the generation of high quality BFs.
RESUMO
Due to the drastic increase of electricity prosumers, i.e., energy consumers that are also producers, smart grids have become a key solution for electricity infrastructure. In smart grids, one of the most crucial requirements is the privacy of the final users. The vast majority of the literature addresses the privacy issue by providing ways of hiding user's electricity consumption. However, open issues in the literature related to the privacy of the electricity producers still remain. In this paper, we propose a framework that preserves the secrecy of prosumers' identities and provides protection against the traffic analysis attack in a competitive market for energy trade in a Neighborhood Area Network (NAN). In addition, the amount of bidders and of successful bids are hidden from malicious attackers by our framework. Due to the need for small data throughput for the bidders, the communication links of our framework are based on a proprietary communication system. Still, in terms of data security, we adopt the Advanced Encryption Standard (AES) 128 bit with Exclusive-OR (XOR) keys due to their reduced computational complexity, allowing fast processing. Our framework outperforms the state-of-the-art solutions in terms of privacy protection and trading flexibility in a prosumer-to-prosumer design.
RESUMO
Making Elliptic Curve Cryptography (ECC) available for the Internet of Things (IoT) and related technologies is a recent topic of interest. Modern IoT applications transfer sensitive information which needs to be protected. This is a difficult task due to the processing power and memory availability constraints of the physical devices. ECC mainly relies on scalar multiplication (kP)-which is an operation-intensive procedure. The broad majority of kP proposals in the literature focus on performance improvements and often overlook the energy footprint of the solution. Some IoT technologies-Wireless Sensor Networks (WSN) in particular-are critically sensitive in that regard. In this paper we explore energy-oriented improvements applied to a low-area scalar multiplication architecture for Binary Edwards Curves (BEC)-selected given their efficiency. The design and implementation costs for each of these energy-oriented techniques-in hardware-are reported. We propose an evaluation method for measuring the effectiveness of these optimizations. Under this novel approach, the energy-reducing techniques explored in this work contribute to achieving the scalar multiplication architecture with the most efficient area/energy trade-offs in the literature, to the best of our knowledge.
RESUMO
Profiling and parallel computing techniques in a cluster of six embedded systems with multiprocessors are introduced herein to implement a chaotic cryptosystem for digital color images. The proposed encryption method is based on stream encryption using a pseudo-random number generator with high-precision arithmetic and data processing in parallel with collective communication. The profiling and parallel computing techniques allow discovery of the optimal number of processors that are necessary to improve the efficiency of the cryptosystem. That is, the processing speed improves the time for generating chaotic sequences and execution of the encryption algorithm. In addition, the high numerical precision reduces the digital degradation in a chaotic system and increases the security levels of the cryptosystem. The security analysis confirms that the proposed cryptosystem is secure and robust against different attacks that have been widely reported in the literature. Accordingly, we highlight that the proposed encryption method is potentially feasible to be implemented in practical applications, such as modern telecommunication devices employing multiprocessors, e.g., smart phones, tablets, and in any embedded system with multi-core hardware.
RESUMO
Currently, chaos-based cryptosystems are being proposed in the literature to provide confidentiality for digital images, since the diffusion effect in the Advance Encryption Standard (AES) algorithm is weak. Security is the most important challenge to assess in cryptosystems according to the National Institute of Standard and Technology (NIST), then cost and performance, and finally algorithm and implementation. Recent chaos-based image encryption algorithms present basic security analysis, which could make them insecure for some applications. In this paper, we suggest an integral analysis framework related to comprehensive security analysis, cost and performance, and the algorithm and implementation for chaos-based image cryptosystems. The proposed guideline based on 20 analysis points can assist new cryptographic designers to present an integral analysis of new algorithms. Future comparisons of new schemes can be more consistent in terms of security and efficiency. In addition, we present aspects regarding digital chaos implementation, chaos validation, and key definition to improve the security of the overall cryptosystem. The suggested guideline does not guarantee security, and it does not intend to limit the liberty to implement new analysis. However, it provides for the first time in the literature a solid basis about integral analysis for chaos-based image cryptosystems as an effective approach to improve security.
RESUMO
Researches in Artificial Intelligence (AI) have achieved many important breakthroughs, especially in recent years. In some cases, AI learns alone from scratch and performs human tasks faster and better than humans. With the recent advances in AI, it is natural to wonder whether Artificial Neural Networks will be used to successfully create or break cryptographic algorithms. Bibliographic review shows the main approach to this problem have been addressed throughout complex Neural Networks, but without understanding or proving the security of the generated model. This paper presents an analysis of the security of cryptographic algorithms generated by a new technique called Adversarial Neural Cryptography (ANC). Using the proposed network, we show limitations and directions to improve the current approach of ANC. Training the proposed Artificial Neural Network with the improved model of ANC, we show that artificially intelligent agents can learn the unbreakable One-Time Pad (OTP) algorithm, without human knowledge, to communicate securely through an insecure communication channel. This paper shows in which conditions an AI agent can learn a secure encryption scheme. However, it also shows that, without a stronger adversary, it is more likely to obtain an insecure one.