Results 1  10
of
15
Informationtheoretic analysis of information hiding
 IEEE Transactions on Information Theory
, 2003
"... Abstract—An informationtheoretic analysis of information hiding is presented in this paper, forming the theoretical basis for design of informationhiding systems. Information hiding is an emerging research area which encompasses applications such as copyright protection for digital media, watermar ..."
Abstract

Cited by 227 (18 self)
 Add to MetaCart
Abstract—An informationtheoretic analysis of information hiding is presented in this paper, forming the theoretical basis for design of informationhiding systems. Information hiding is an emerging research area which encompasses applications such as copyright protection for digital media, watermarking, fingerprinting, steganography, and data embedding. In these applications, information is hidden within a host data set and is to be reliably communicated to a receiver. The host data set is intentionally corrupted, but in a covert way, designed to be imperceptible to a casual analysis. Next, an attacker may seek to destroy this hidden information, and for this purpose, introduce additional distortion to the data set. Side information (in the form of cryptographic keys and/or information about the host signal) may be available to the information hider and to the decoder. We formalize these notions and evaluate the hiding capacity, which upperbounds the rates of reliable transmission and quantifies the fundamental tradeoff between three quantities: the achievable informationhiding rates and the allowed distortion levels for the information hider and the attacker. The hiding capacity is the value of a game between the information hider and the attacker. The optimal attack strategy is the solution of a particular ratedistortion problem, and the optimal hiding strategy is the solution to a channelcoding problem. The hiding capacity is derived by extending the Gel’fand–Pinsker theory of communication with side information at the encoder. The extensions include the presence of distortion constraints, side information at the decoder, and unknown communication channel. Explicit formulas for capacity are given in several cases, including Bernoulli and Gaussian problems, as well as the important special case of small distortions. In some cases, including the last two above, the hiding capacity is the same whether or not the decoder knows the host data set. It is shown that many existing informationhiding systems in the literature operate far below capacity. Index Terms—Channel capacity, cryptography, fingerprinting, game theory, information hiding, network information theory,
Key Agreement in Dynamic Peer Groups
 IEEE Transactions on Parallel and Distributed Systems
, 2000
"... As a result of the increased popularity of grouporiented applications and protocols, group communication occurs in many different settings: from network multicasting to application layer tele and videoconferencing. Regardless of the application environment, security services are necessary to provi ..."
Abstract

Cited by 176 (20 self)
 Add to MetaCart
As a result of the increased popularity of grouporiented applications and protocols, group communication occurs in many different settings: from network multicasting to application layer tele and videoconferencing. Regardless of the application environment, security services are necessary to provide communication privacy and integrity. This paper considers the problem of key agreementindynamic peer groups. (Key agreement, especially in a group setting, is the steeping stone for all other security services.) Dynamic peer groups require not only initial key agreement (IKA) but also auxiliary key agreement (AKA) operations such as member addition, member deletion and group fusion. We discuss all group key agreement operations and present a concrete protocol suite, CLIQUES, which offers complete key agreement services. CLIQUES is based on multiparty extensions of the wellknown DiffieHellman key exchange method. The protocols are efficient and provably secure against passiveadversari...
An FPGA Implementation and Performance Evaluation of the AES Block Cipher Candidate Algorithm Finalists
, 1999
"... The technical analysis used in determining which of the Advanced Encryption Standard candidates will be selected as the Advanced Encryption Algorithm includes efficiency testing of both hardware and software implementations of candidate algorithms. Reprogrmmable devices such as Field Programmable ..."
Abstract

Cited by 43 (4 self)
 Add to MetaCart
The technical analysis used in determining which of the Advanced Encryption Standard candidates will be selected as the Advanced Encryption Algorithm includes efficiency testing of both hardware and software implementations of candidate algorithms. Reprogrmmable devices such as Field Programmable Gate Arrays (FPGAs) are highly attractive options for hardware implementations of encryption algorithms as they provide cryptographic algorithm agility, physical security, and potentially much higher performance than software solutions. This contribution investigates the significance of FPGA implementations of four of the Advanced Encryption Standard candidate algorithm finalists. Multiple architectural implementation options are explored for each algorithm. A strong focus is placed on high throughput implementations, which are required to support security for current and future high bandwidth applications.
Architectural Enhancements for Fast Subword Permutations with Repetitions in Cryptographic Applications
, 2001
"... We propose two new instructions, swperm and sieve, that can be used to efficiently complete an arbitrary bitlevel permutation of an nbit word with or without repetitions. Permutations with repetitions are rearrangements of an ordered set in which elements may replace other elements in the set; suc ..."
Abstract

Cited by 21 (5 self)
 Add to MetaCart
We propose two new instructions, swperm and sieve, that can be used to efficiently complete an arbitrary bitlevel permutation of an nbit word with or without repetitions. Permutations with repetitions are rearrangements of an ordered set in which elements may replace other elements in the set; such permutations are useful in cryptographic algorithms. On a 4way superscalar processor, an arbitrary 64bit permutation with repetitions of 1bit subwords can be completed in 11 instructions and only 4 cycles using the two proposed instructions. For subwords of size 4 bits or greater, an arbitrary permutation with repetitions of a 64bit register can be completed in a single cycle using a single swperm instruction. This improves upon previous permutation instruction proposals that require log(r) sequential instructions to permute r subwords of a 64bit word without repetitions. Our method requires fewer instructions to permute 4bit or larger subwords packed in a 64bit register and fewer execution cycles for 1bit subwords on wide superscalar processors.
Inequalities between Entropy and Index of Coincidence derived from Information Diagrams
 IEEE Trans. Inform. Theory
, 2001
"... To any discrete probability distribution P we can associate its entropy H(P) = − � pi ln pi and its index of coincidence IC(P) = � p 2 i. The main result of the paper is the determination of the precise range of the map P � (IC(P), H(P)). The range looks much like that of the map P � (Pmax, H(P ..."
Abstract

Cited by 19 (11 self)
 Add to MetaCart
To any discrete probability distribution P we can associate its entropy H(P) = − � pi ln pi and its index of coincidence IC(P) = � p 2 i. The main result of the paper is the determination of the precise range of the map P � (IC(P), H(P)). The range looks much like that of the map P � (Pmax, H(P)) where Pmax is the maximal point probability, cf. research from 1965 (Kovalevskij [18]) to 1994 (Feder and Merhav [7]). The earlier results, which actually focus on the probability of error 1 − Pmax rather than Pmax, can be conceived as limiting cases of results obtained by methods here presented. Ranges of maps as those indicated are called Information Diagrams. The main result gives rise to precise lower as well as upper bounds for the entropy function. Some of these bounds are essential for the exact solution of certain problems of universal coding and prediction for Bernoulli sources. Other applications concern Shannon theory (relations betweeen various measures of divergence), statistical decision theory and rate distortion theory. Two methods are developed. One is topological, another involves convex analysis and is based on a “lemma of replacement ” which is of independent interest in relation to problems of optimization of mixed type (concave/convex optimization).
ConstraintBased Watermarking Techniques for Design IP Protection
 IEEE TRANS. COMPUTERAIDED DESIGN INTEGRATED CIRCUITS SYSTEMS
, 2001
"... Digital system designs are the product of valuable effort and knowhow. Their embodiments, from software and hardware description language program down to devicelevel netlist and mask data, represent carefully guarded intellectual property (IP). Hence, design methodologies based on IP reuse require ..."
Abstract

Cited by 14 (1 self)
 Add to MetaCart
Digital system designs are the product of valuable effort and knowhow. Their embodiments, from software and hardware description language program down to devicelevel netlist and mask data, represent carefully guarded intellectual property (IP). Hence, design methodologies based on IP reuse require new mechanisms to protect the rights of IP producers and owners. This paper establishes principles of watermarkingbased IP protection, where a watermark is a mechanism for identification that is: 1) nearly invisible to human and machine inspection; 2) difficult to remove; and 3) permanently embedded as an integral part of the design. Watermarking addresses IP protection by tracing unauthorized reuse and making untraceable unauthorized reuse as difficult as recreating given pieces of IP from scratch. We survey related work in cryptography and design methodology, then develop desiderata, metrics, and concrete protocols for constraintbased watermarking at various stages of the very large scale integration (VLSI) design process. In particular, we propose a new preprocessing approach that embeds watermarks as constraints into the input of a blackbox design tool and a new postprocessing approach that embeds watermarks as constraints into the output of a blackbox design tool. To demonstrate that our protocols can be transparently integrated into existing design flows, we use a testbed of commercial tools for VLSI physical design and embed watermarks into realworld industrial designs. We show that the implementation overhead is lowboth in terms of central processing unit time and such standard physical design metrics as wirelength, layout area, number of vias, and routing congestion. We empirically show that in the placement and routing applications considered in our methods...
An FPGA Implementation and Performance Evaluation of the Serpent Block Cipher
 EIGHTH ACM INTERNATIONAL SYMPOSIUM ON FIELDPROGRAMMABLE GATE ARRAYS
, 2000
"... With the expiration of the Data Encryption Standard (DES) in 1998, the Advanced Encryption Standard (AES) development process is well underway. It is hoped that the result of the AES process will be the specification of a new nonclassified encryption algorithm that will have the global acceptance ac ..."
Abstract

Cited by 11 (2 self)
 Add to MetaCart
With the expiration of the Data Encryption Standard (DES) in 1998, the Advanced Encryption Standard (AES) development process is well underway. It is hoped that the result of the AES process will be the specification of a new nonclassified encryption algorithm that will have the global acceptance achieved by DES as well as the capability of longterm protection of sensitive information. The technical analysis used in determining which of the potential AES candidates will be selected as the Advanced Encryption Algorithm includes e#ciency testing of both hardware and software implementations of candidate algorithms. Reprogrammable devices such as Field Programmable Gate Arrays (FPGAs) are highly attractive options for hardware implementations of encryption algorithms as they provide cryptographic algorithm agility, physical security, and potentially much higher performance than software solutions. This contribution investigates the significance of an FPGA implementation of Serpent, one of the Advanced Encryption Standard candidate algorithms. Multiple architecture options of the Serpent algorithm will be explored with a strong focus being placed on a high speed implementation within an FPGA in order to support security for current and future high bandwidth applications. One of the main findings is that Serpent can be implemented with encryption rates beyond 4 Gbit/s on current FPGAs.
Intellectual property metering
 Inform. Hiding
, 2001
"... Abstract. We have developed the first hardware and software (intellectual property) metering scheme that enables reliable low overhead proofs for the number of manufactured parts and copied programs. The key idea is to make each design slightly different during postprocessing phase. Therefore, if tw ..."
Abstract

Cited by 11 (9 self)
 Add to MetaCart
Abstract. We have developed the first hardware and software (intellectual property) metering scheme that enables reliable low overhead proofs for the number of manufactured parts and copied programs. The key idea is to make each design slightly different during postprocessing phase. Therefore, if two identical hardware/software designs or a design that is not reported by the foundry are detected, the design house has proof of misconduct. We start by establishing implementation requirements for hardware metering. We also establish the connection between the requirements for hardware and software metering and synthesis process. Furthermore, we present mathematical analysis of statistical accuracy of the proposed hardware and software metering schemes. The effectiveness of the metering scheme is demonstrated on a number
A System Theory Approach for Designing Cryptosystems Based on Hyperchaos
 IEEE Transactions on Circuits and SystemsI
, 1999
"... In this paper a general methodology for designing chaotic and hyperchaotic cryptosystems is developed. The basic idea is to make the decrypter a nonlinear observer for the state of the encrypter. Referring to this concept, some propositions are given which enable the plaintext to be retrieved if pro ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
In this paper a general methodology for designing chaotic and hyperchaotic cryptosystems is developed. The basic idea is to make the decrypter a nonlinear observer for the state of the encrypter. Referring to this concept, some propositions are given which enable the plaintext to be retrieved if proper structural properties of the chaotic system hold. The proposed tool proves to be powerful and flexible, since a wide class of cryptosystems can be designed by exploiting different chaotic and hyperchaotic circuits. The advantages of the suggested approach are illustrated in detail. In particular, the utilization of hyperchaosbased cryptosystems, as well as the increased complexity of the transmitted signal, make a contribution to the development of communication systems with higher security.
Anomaly Detection in Streaming Sensor Data
 in Intelligent Techniques for Warehousing and Mining Sensor Network Data, Alfredo Cussocrea, Ed., IGI Global, 2009
"... In this chapter we consider a cell phone network as a set of automatically deployed sensors that records movement and interaction patterns of the population. We discuss methods for detecting anomalies in the streaming data produced by the cell phone network. We motivate this discussion by describing ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
In this chapter we consider a cell phone network as a set of automatically deployed sensors that records movement and interaction patterns of the population. We discuss methods for detecting anomalies in the streaming data produced by the cell phone network. We motivate this discussion by describing the Wireless Phone Based Emergency Response (WIPER) system, a proofofconcept decision support system for emergency response managers. We also discuss some of the scientific work enabled by this type of sensor data and the related privacy issues. We describe scientific studies that use the cell phone data set and steps we have taken to ensure the security of the data. We describe the overall decision support system and discuss three methods of anomaly detection that we have applied to the data.