Abstract not found

this paper we do not describe any formal notations or rules for propositional connectives. Instead, we use English keywords, like "if" and "then", and informal reasoning. 4 \Delta E. Wobber et al. --- Conjunctions of principals. We write A B for the conjunction of A and B. If both A says S and B says S then (A B) says S as well. --- Principals quoting principals. We write B j A for B quoting A. If B says A says

Due to the widespread software piracy and virus attacks, significant efforts have been made to improve security for computer systems. For stand-alone computers, a key observation is that other than the processor, any component is vulnerable to security attacks. Recently, an execution only memory (XOM) architecture has been proposed to support copy and tamper resistant software [18, 17, 13]. In this design, the program and data are stored in encrypted format outside the CPU boundary. The decryption is carried after they are fetched from memory, and before they are used by the CPU. As a result, the lengthened critical path causes a serious performance degradation.

. Most modern security protocols and security applications are defined to be algorithm independent, that is, they allow a choice from a set of cryptographic algorithms for the same function. Therefore a key-search machine which is also defined to be algorithm independent might be interesting. We researched the feasibility of a universal key-search machine using the Data Encryption Standard (DES) as an example algorithm. Field Programmable Gate Arrays (FPGA) provide an ideal match for an algorithm independent cracker as they can switch algorithms on-the-fly and run much faster than software. We designed, implemented and compared various architecture options of DES with strong emphasis on high-speed performance. Techniques like pipelining and loop unrolling were used and their effectiveness for DES on FPGAs investigated. The most interesting result is that we could achieve data rates of up to 403 Mbit/s using a standard Xilinx FPGA. This result is by a factor 31 faster than software imp...

Abstract—Due to the widespread software piracy and virus attacks, significant efforts have been made to improve security for computer systems. For stand-alone computers, a key observation is that, other than the processor, any component is vulnerable to security attacks. Recently, an execution only memory (XOM) architecture has been proposed to support copy and tamper resistant software. In this design, the program and data are stored in an encrypted format outside the CPU boundary. The decryption is carried out after they are fetched from memory and before they are used by the CPU. As a result, the lengthened critical path causes a serious performance degradation. In this paper, we present an innovative technique in which the cryptography computation is shifted off from the memory access critical path. We propose using a different encryption scheme, namely, “pseudo-one-time pad ” encryption, to produce the instructions and data ciphertext. With some additional on-chip storage, cryptography computations are carried in parallel with memory accesses, minimizing the performance penalty. We performed experiments to study the trade-off between storage size and performance penalty. Our technique reduces the performance overhead from 20.79 percent to 1.28 percent on average for reasonably sized (64KB) on-chip storage. Index Terms—Memory design, hardware/software protection, security and protection. 1

Most modern security standards and security applications are defined to be algorithm independent, that is, they allow a choice from a set of cryptographic algorithms for the same function. Since the Data Encryption Standard (DES) is currently the most widely used private-key encryption algorithm, DES is usually amongst them. Field Programmable Gate Arrays (FPGA) are reconfigurable hardware devices. They can switch algorithms on-thefly. Thus, cryptographic algorithms which are implemented on FPGAs provide an an ideal match for algorithm independent security applications. On FPGAs, cryptographic algorithms can run much faster than on software while preserving the security of traditional hardware solutions. At the same time, FPGAs allow potentially the same flexibility as software does. Although there have been a few previous reports on DES implementations on reconfigurable devices, there has been no systematic treatment of that matter. We designed and implemented various architecture op...

We examine issues in high-performance cryptanalysis, focusing on the use of programmable logic. Several standard techniques from computer architecture are adapted and applied to this application. We present performance measurements for RC4, A5, DES, and CDMF; these measurements were taken from actual implementations. We conclude by estimating the resources needed to break these encryption algorithms. 1 Introduction Large-scale open electronic communications networks are spreading: for example, mobile computing is on the rise, the Internet is experiencing exponential growth, and electronic commerice is a hot topic. With these advances comes a need for robust security mechanisms, and they in turn depend critically on cryptographic protection. At the same time, computer power has been growing at dizzying rates, matching or exceeding Moore's Law. Therefore, in this rapidly changing environment, it is important to assess the strength of deployed encryption algorithms against the tremendous...

Abstract not found

CellCase is a commercial high-speed encryptor for Asynchronous Transfer Mode (ATM) networks, available since 1997. It provides data confidentiality and entity authentication at the ATM layer, encrypting ATM cell payloads at rates from T1 (1.5 Mb/s) to OC-12c (622 Mb/s). Though deployed prior to the adoption of the ATM Forum Security Specification (1999), CellCase implements many of the mechanisms defined by that standard. In this paper, we describe how CellCase is deployed in actual networks, as well as customer experience with services such as counter-mode encryption, key exchange, and key update. Based on this experience, we also discuss possible changes to the ATM Forum specification.

An important aspect of dependability in distributed systems relates to security. There are two security related aspects of dependability: confidentiality and integrity. In a system that offers confidentiality, information will only be disclosed to (and services will only be provided to) authorised parties. A system that provides integrity will ensure that alterations (to data or services) can only be made in an authorised way. Furthermore, improper alterations will be detectable and recoverable. Confidentiality and integrity are generally provided through a combination of secure communication and authorisation. Secure communication is concerned with providing a secure communication channel between entities (such as users and processes) in a distributed system. A secure channel provides confidentiality in that data sent over such a channel will not be disclosed to unauthorised third parties. Likewise the integrity of data being sent over secure channels is protected because it cannot be tampered with by unauthorised third parties. Authorisation is concerned with allowing entities to only access those resources that they are entitled to access. This requires determining the identity of entities in the system and keeping track of which resources they are allowed to access, as well as monitoring which resources they attempt to access and preventing