Results 11  20
of
622
A Formal Analysis of Information Disclosure in Data Exchange
, 2004
"... We perform a theoretical study of the following queryview security problem: given a view V to be published, does V logically disclose information about a confidential query S? The problem is motivated by the need to manage the risk of unintended information disclosure in today’s world of universal d ..."
Abstract

Cited by 82 (9 self)
 Add to MetaCart
We perform a theoretical study of the following queryview security problem: given a view V to be published, does V logically disclose information about a confidential query S? The problem is motivated by the need to manage the risk of unintended information disclosure in today’s world of universal data exchange. We present a novel informationtheoretic standard for queryview security. This criterion can be used to provide a precise analysis of information disclosure for a host of data exchange scenarios, including multiparty collusion and the use of outside knowledge by an adversary trying to learn privileged facts about the database. We prove a number of theoretical results for deciding security according to this standard. We also generalize our security criterion to account for prior knowledge a user or adversary may possess, and introduce techniques for measuring the magnitude of partial disclosures. We believe these results can be a foundation for practical efforts to secure data exchange frameworks, and also illuminate a nice interaction between logic and probability theory.
REACT: Rapid Enhancedsecurity Asymmetric Cryptosystem Transform
 CTRSA 2001, volume 2020 of LNCS
, 2001
"... Abstract. Seven years after the optimal asymmetric encryption padding (OAEP) which makes chosenciphertext secure encryption scheme from any trapdoor oneway permutation (but whose unique application is RSA), this paper presents REACT, a new conversion which applies to any weakly secure cryptosystem ..."
Abstract

Cited by 76 (21 self)
 Add to MetaCart
Abstract. Seven years after the optimal asymmetric encryption padding (OAEP) which makes chosenciphertext secure encryption scheme from any trapdoor oneway permutation (but whose unique application is RSA), this paper presents REACT, a new conversion which applies to any weakly secure cryptosystem, in the random oracle model: it is optimal from both the computational and the security points of view. Indeed, the overload is negligible, since it just consists of two more hashings for both encryption and decryption, and the reduction is very tight. Furthermore, advantages of REACT beyond OAEP are numerous: 1. it is more general since it applies to any partially trapdoor oneway function (a.k.a. weakly secure publickey encryption scheme) and therefore provides security relative to RSA but also to the DiffieHellman problem or the factorization; 2. it is possible to integrate symmetric encryption (block and stream ciphers) to reach very high speed rates; 3. it provides a key distribution with session key encryption, whose overall scheme achieves chosenciphertext security even with weakly secure symmetric scheme. Therefore, REACT could become a new alternative to OAEP, and even reach security relative to factorization, while allowing symmetric integration.
Gamal, “On the secrecy capacity of fading channels
 in Proc. IEEE Int. Symp. Information Theory (ISIT
"... We consider the secure transmission of information over an ergodic fading channel in the presence of an eavesdropper. Our eavesdropper can be viewed as the wireless counterpart of Wyner’s wiretapper. The secrecy capacity of such a system is characterized under the assumption of asymptotically long c ..."
Abstract

Cited by 69 (4 self)
 Add to MetaCart
We consider the secure transmission of information over an ergodic fading channel in the presence of an eavesdropper. Our eavesdropper can be viewed as the wireless counterpart of Wyner’s wiretapper. The secrecy capacity of such a system is characterized under the assumption of asymptotically long coherence intervals. We first consider the full Channel State Information (CSI) case, where the transmitter has access to the channel gains of the legitimate receiver and the eavesdropper. The secrecy capacity under this full CSI assumption serves as an upper bound for the secrecy capacity when only the CSI of the legitimate receiver is known at the transmitter, which is characterized next. In each scenario, the perfect secrecy capacity is obtained along with the optimal power and rate allocation strategies. We then propose a lowcomplexity on/off power allocation strategy that achieves nearoptimal performance with only the main channel CSI. More specifically, this scheme is shown to be asymptotically optimal as the average SNR goes to infinity, and interestingly, is shown to attain the secrecy capacity under the full CSI assumption. Remarkably, our results reveal the positive impact of fading on the secrecy capacity and establish the critical role of rate adaptation, based on the main channel CSI, in facilitating secure communications over slow fading channels. 1
The relayeavesdropper channel: Cooperation for secrecy
 IEEE Trans. on Inf. Theory
, 2006
"... This paper establishes the utility of user cooperation in facilitating secure wireless communications. In particular, the fourterminal relayeavesdropper channel is introduced and an outerbound on the optimal rateequivocation region is derived. Several cooperation strategies are then devised and ..."
Abstract

Cited by 61 (4 self)
 Add to MetaCart
This paper establishes the utility of user cooperation in facilitating secure wireless communications. In particular, the fourterminal relayeavesdropper channel is introduced and an outerbound on the optimal rateequivocation region is derived. Several cooperation strategies are then devised and the corresponding achievable rateequivocation region are characterized. Of particular interest is the novel NoiseForwarding (NF) strategy, where the relay node sends codewords independent of the source message to confuse the eavesdropper. This strategy is used to illustrate the deaf helper phenomenon, where the relay is able to facilitate secure communications while being totally ignorant of the transmitted messages. Furthermore, NF is shown to increase the secrecy capacity in the reversely degraded scenario, where the relay node fails to offer performance gains in the classical setting. The gain offered by the proposed cooperation strategies is then proved theoretically and validated numerically in the additive White Gaussian Noise (AWGN) channel. I.
The Gaussian Multiple Access Wiretap Channel
 IEEE TRANSACTION ON INFORMATION THEORY
, 2008
"... We consider the Gaussian multiple access wiretap channel (GMACWT). In this scenario, multiple users communicate with an intended receiver in the presence of an intelligent and informed wiretapper who receives a degraded version of the signal at the receiver. We define suitable security measures ..."
Abstract

Cited by 60 (8 self)
 Add to MetaCart
We consider the Gaussian multiple access wiretap channel (GMACWT). In this scenario, multiple users communicate with an intended receiver in the presence of an intelligent and informed wiretapper who receives a degraded version of the signal at the receiver. We define suitable security measures for this multiaccess environment. Using codebooks generated randomly according to a Gaussian distribution, achievable secrecy rate regions are identified using superposition coding and timedivision multiple access (TDMA) coding schemes. An upper bound for the secrecy sumrate is derived, and our coding schemes are shown to achieve the sum capacity. Numerical results are presented showing the new rate region and comparing it with the capacity region of the Gaussian multipleaccess channel (GMAC) with no secrecy constraints, which quantifies the price paid for secrecy.
Symmetric Ciphers Based On TwoDimensional Chaotic Maps
 Int. J. Bifurcation and Chaos
, 1998
"... this paper, methods are shown how to adapt invertible twodimensional chaotic maps on a ..."
Abstract

Cited by 58 (0 self)
 Add to MetaCart
this paper, methods are shown how to adapt invertible twodimensional chaotic maps on a
Higher Order Correlation Attacks, XL algorithm and Cryptanalysis of Toyocrypt
, 2002
"... Abstract. A popular technique to construct stream ciphers is to use a linear sequence generator with a very large period and good statistical properties and a nonlinear filter. There is abundant literature on how to use linear approximations of this nonlinear function to attack the cipher, which i ..."
Abstract

Cited by 57 (8 self)
 Add to MetaCart
Abstract. A popular technique to construct stream ciphers is to use a linear sequence generator with a very large period and good statistical properties and a nonlinear filter. There is abundant literature on how to use linear approximations of this nonlinear function to attack the cipher, which is known as (fast) correlation attacks. In this paper we explore nonlinear approximations, much less well known. We will reduce the cryptanalysis of a stream cipher to solving an overdefined system of multivariate equations. At Eurocrypt 2000, Courtois, Klimov, Patarin and Shamir have introduced the XL algorithm for solving systems of overdefined multivariate quadratic equations over finite fields. The exact complexity of the XL algorithm remains an open problem. and some authors such as T.T.Moh have expressed serious doubts whether it actually works very well. However there is no doubt that such methods work very well for largely overdefined systems (much more equations than variables), and we confirm this by computer simulations. Luckily systems we obtain in cryptanalysis of stream ciphers are precisely very overdefined. In this paper we will show how to break efficiently stream ciphers that are known to be immune to all the previously known attacks. For example, we will be able to break the stream
Secrecy Capacity of Wireless Channels
 in Proc. IEEE Int. Symp. Information Theory (ISIT
, 2006
"... Abstract — We consider the transmission of confidential data over wireless channels with multiple communicating parties. Based on an informationtheoretic problem formulation in which two legitimate partners communicate over a quasistatic fading channel and an eavesdropper observes their transmissi ..."
Abstract

Cited by 52 (3 self)
 Add to MetaCart
Abstract — We consider the transmission of confidential data over wireless channels with multiple communicating parties. Based on an informationtheoretic problem formulation in which two legitimate partners communicate over a quasistatic fading channel and an eavesdropper observes their transmissions through another independent quasistatic fading channel, we define the secrecy capacity in terms of outage probability and provide a complete characterization of the maximum transmission rate at which the eavesdropper is unable to decode any information. In sharp contrast with known results for Gaussian wiretap channels (without feedback), our contribution shows that in the presence of fading informationtheoretic security is achievable even when the eavesdropper has a better average signaltonoise ratio (SNR) than the legitimate receiver — fading thus turns out to be a friend and not a foe. I.
Unbalanced Feistel Networks and BlockCipher Design
 Fast Software Encryption, 3rd International Workshop Proceedings
, 1996
"... We examine a generalization of the concept of Feistel networks, which we call Unbalanced Feistel Networks (UFNs). Like conventional Feistel networks, UFNs consist of a series of rounds in which one part of the block operates on the rest of the block. However, in a UFN the two parts need not be of eq ..."
Abstract

Cited by 50 (5 self)
 Add to MetaCart
We examine a generalization of the concept of Feistel networks, which we call Unbalanced Feistel Networks (UFNs). Like conventional Feistel networks, UFNs consist of a series of rounds in which one part of the block operates on the rest of the block. However, in a UFN the two parts need not be of equal size. Removing this limitation on Feistel networks has interesting implications for designing ciphers secure against linear and differential attacks. We describe UFNs and a terminology for discussing their properties, present and analyze some UFN constructions, and make some initial observations about their security. It is notable that almost all the proposed ciphers that are based on Feistel networks follow the same design construction: half the bits operate on the other half. There is no inherent reason that this should be so; as we will demonstrate, it is possible to design Feistel networks across a much wider, richer design space. In this paper, we examine the nature of the...
Coding for relay channels with confidential messages
 in Proc. IEEE Information Theory Workshop
, 2001
"... Abstract — We consider a relay channel where a relay helps the transmission of messages from one sender to one receiver. The relay is considered not only as a sender that helps the message transmission but as a wiretapper who can obtain some knowledge about the transmitted messages. In this paper w ..."
Abstract

Cited by 48 (1 self)
 Add to MetaCart
Abstract — We consider a relay channel where a relay helps the transmission of messages from one sender to one receiver. The relay is considered not only as a sender that helps the message transmission but as a wiretapper who can obtain some knowledge about the transmitted messages. In this paper we study the coding problem of the relay channel under the situation that some of transmitted messages are confidential to the relay. A security of such confidential messages is measured by the conditional entropy. The rate region is defined by the set of transmission rates for which messages are reliably transmitted and the security of confidential messages is larger than a prescribed level. In this paper we give two definition of the rate region. We first define the rate region in the case of deterministic encoder and call it the deterministic rate region. Next, we define the rate region in the case of stochastic encoder and call it the stochastic rate region. We derive explicit inner and outer bounds for the above two rate regions and present a class of relay channels where two bounds match. Furthermore, we show that stochastic encoder can enlarge the rate region.