All papers in 2008 (Page 6 of 545 results)
Information Theoretic Evaluation of Side-Channel Resistant Logic Styles
We propose to apply an information theoretic metric to the evaluation of side-channel resistant logic styles. Due to the long design and development time required for the physical evaluation of such hardware countermeasures, our analysis is based on simulations. Although they do not aim to replace the need of actual measurements, we show that simulations can be used as a meaningful first step in the validation chain of a cryptographic product. For illustration purposes, we apply our methodology to gate-level simulations of different logic styles and stress that it allows a significant improvement of the previously considered evaluation methods. In particular, our results allow putting forward the respective strengths and weaknesses of actual countermeasures and determining to which extent they can practically lead to secure implementations (with respect to a noise parameter), if adversaries were provided with simulation-based side-channel traces. Most importantly, the proposed methodology can be straightforwardly adapted to adversaries provided with any other kind of leakage traces (including physical ones).
Efficient Tweakable Enciphering Schemes from (Block-Wise) Universal Hash Functions
This paper describes several constructions of tweakable strong pseudorandom
permutations (SPRPs) built from different modes of operations of a block cipher
and suitable universal hash functions. For the electronic codebook (ECB) based
construction, an invertible blockwise universal hash function is required.
We simplify an earlier construction of such a function described by Naor and
Reingold. The other modes of operations considered are the counter mode
and the output feedback (OFB) mode. All the constructions make the same
number of block cipher calls and the same number of multiplications. Combined
with a class of polynomials defined by Bernstein, the new constructions provide
the currently best known algorithms for the important practical problem of
disk encryption.
On Collisions of Hash Functions Turbo SHA-2
In this paper we don't examine security of Turbo SHA-2 completely; we only show new collision attacks on it, with smaller complexity than it was considered by Turbo SHA-2 authors. In [1] they consider Turbo SHA-224/256-r and Turbo SHA-384/512-r with variable number of rounds r from 1 to 8. The authors of [1] show collision attack on Turbo SHA-256-1 with one round which has the complexity of 2^64. For other r from 2 to 8 they don't find better attack than with the complexity of 2^128. Similarly, for Turbo SHA-512 they find only collision attack on Turbo SHA-512-1 with one round which has the complexity of 2^128. For r from 2 to 8 they don't find better attack than with the complexity of 2^256. In this paper we show collision attack on SHA-256-r for r = 1, 2,..., 8 with the complexity of 2^{16*r}. We also show collision attack on Turbo SHA-512-r for r = 1, 2,..., 8 with the complexity of 2^{32*r}. It follows that the only one remaining candidate from the hash family Turbo SHA is Turbo SHA-256 (and Turbo SHA-512) with 8 rounds. The original security reserve of 6 round has been lost.
Fuzzy Identity Based Signature
We introduce a new cryptographic primitive which is the signature
analogue of fuzzy identity based encryption(IBE). We call it
fuzzy identity based signature(IBS). It possesses similar
error-tolerance property as fuzzy IBE that allows a user with the
private key for identity $\omega$ to decrypt a ciphertext
encrypted for identity $\omega'$ if and only if $\omega$ and
$\omega'$ are within a certain distance judged by some metric. A
fuzzy IBS is useful whenever we need to allow the user to issue
signature on behalf of the group that has certain attributes.
Fuzzy IBS can also be applied to biometric identity based
signature. To our best knowledge, this primitive was never
considered in the identity based signature before.
We give the definition and security model of the new primitive and
present the first practical implementation based on Sahai-Waters
construction\cite{6} and the two level hierarchical signature of
Boyen and Waters\cite{9}. We prove that our scheme is
existentially unforgeable against adaptively chosen message attack
without random oracles.
Security Proof for the Improved Ryu-Yoon-Yoo Identity-Based Key Agreement Protocol
Key agreement protocols are essential for secure communications in
open and distributed environments. The protocol design is, however,
extremely error-prone as evidenced by the iterative process of fixing discovered attacks on published protocols. We revisit an
efficient identity-based (ID-based) key agreement protocol due to
Ryu, Yoon and Yoo. The protocol is highly efficient and suitable for
real-world applications despite offering no resilience against
key-compromise impersonation (K-CI). We then show that the protocol
is, in fact, insecure against reflection attacks. A slight
modification to the protocol is proposed, which results in
significant benefits for the security of the protocol without
compromising on its efficiency. Finally, we prove the improved
protocol secure in a widely accepted model.
- « Previous
- 1
- ...
- 5
- 6