Results 1 - 10
of
84
A survey of security issues in wireless sensor networks
- IEEE Communications Surveys & Tutorials
"... Advances in wireless communication and electronics have enabled the development of low-cost, lowpower, multifunctional sensor nodes. These tiny sensor nodes, consisting of sensing, data processing, and communication components, make it possible to deploy Wireless Sensor Networks (WSNs), which repres ..."
Abstract
-
Cited by 95 (4 self)
- Add to MetaCart
(Show Context)
Advances in wireless communication and electronics have enabled the development of low-cost, lowpower, multifunctional sensor nodes. These tiny sensor nodes, consisting of sensing, data processing, and communication components, make it possible to deploy Wireless Sensor Networks (WSNs), which represent a significant improvement over traditional wired sensor networks. WSNs can greatly simplify system design and operation, as the environment being monitored does not require the communication or energy infrastructure associated with wired networks [1]. WSNs are expected to be solutions to many applications, such as detecting and tracking the passage of troops and tanks on a battlefield, monitoring environmental pollutants, measuring traffic flows on roads, and tracking the location of personnel in a building. Many sensor networks have mission-critical tasks and thus require that security be considered [2, 3]. Improper use of information or using forged information may cause unwanted information leakage and provide inaccurate results. While some aspects of WSNs are similar to traditional wireless ad hoc networks, important distinctions exist which greatly affect how security is achieved. The differences
Twofish: A 128-Bit Block Cipher
- in First Advanced Encryption Standard (AES) Conference
, 1998
"... Twofish is a 128-bit block cipher that accepts a variable-length key up to 256 bits. The cipher is a 16-round Feistel network with a bijective F function made up of four key-dependent 8-by-8-bit S-boxes, a fixed 4-by-4 maximum distance separable matrix over GF(2 8 ), a pseudo-Hadamard transform, bit ..."
Abstract
-
Cited by 66 (8 self)
- Add to MetaCart
(Show Context)
Twofish is a 128-bit block cipher that accepts a variable-length key up to 256 bits. The cipher is a 16-round Feistel network with a bijective F function made up of four key-dependent 8-by-8-bit S-boxes, a fixed 4-by-4 maximum distance separable matrix over GF(2 8 ), a pseudo-Hadamard transform, bitwise rotations, and a carefully designed key schedule. A fully optimized implementation of Twofish encrypts on a Pentium Pro at 17.8 clock cycles per byte, and an 8-bit smart card implementation encrypts at 1660 clock cycles per byte. Twofish can be implemented in hardware in 14000 gates. The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory. We have extensively cryptanalyzed Twofish; our best attack breaks 5 rounds with 2 22.5 chosen plaintexts and 2 51 effort.
The Salsa20 family of stream ciphers
- in [38] (2008). URL: http://cr.yp.to/papers.html#salsafamily. Citations in this document: §2
"... Abstract. Salsa20 is a family of 256-bit stream ciphers designed in 2005 ..."
Abstract
-
Cited by 42 (8 self)
- Add to MetaCart
(Show Context)
Abstract. Salsa20 is a family of 256-bit stream ciphers designed in 2005
LBlock: a lightweight block cipher
- IN: APPLIED CRYPTOGRAPHY AND NETWORK SECURITY
, 2011
"... In this paper, we propose a new lightweight block cipher called LBlock. Similar to many other lightweight block ciphers, the block size of LBlock is 64-bit and the key size is 80-bit. Our security evaluation shows that LBlock can achieve enough security margin against known attacks, such as differ ..."
Abstract
-
Cited by 31 (2 self)
- Add to MetaCart
(Show Context)
In this paper, we propose a new lightweight block cipher called LBlock. Similar to many other lightweight block ciphers, the block size of LBlock is 64-bit and the key size is 80-bit. Our security evaluation shows that LBlock can achieve enough security margin against known attacks, such as differential cryptanalysis, linear cryptanalysis, impossible differential cryptanalysis and related-key attacks etc. Furthermore, LBlock can be implemented efficiently not only in hardware environments but also in software platforms such as 8-bit microcontroller. Our hardware implementation of LBlock requires about 1320 GE on 0.18 µm technology with a throughput of 200 Kbps at 100 KHz. The software implementation of LBlock on 8-bit microcontroller requires about 3955
Faster Luby-Rackoff Ciphers
, 1996
"... . This paper deals with a generalization of Luby's and Rackoff 's results [9] on the construction of block ciphers and their consequences for block cipher implementations. Based on dedicated hash functions, block ciphers are proposed which are more efficient and operate on larger blocks th ..."
Abstract
-
Cited by 25 (2 self)
- Add to MetaCart
. This paper deals with a generalization of Luby's and Rackoff 's results [9] on the construction of block ciphers and their consequences for block cipher implementations. Based on dedicated hash functions, block ciphers are proposed which are more efficient and operate on larger blocks than their original Luby-Rackoff counterparts. 1 Introduction One usually demands a block cipher to be secure and efficient. Other not-socommon demands are to be simple and to cope with large blocks. Consider a cipher being provably secure if another cryptographic primitive is secure. This reduces the number of security assumptions a cryptographic application has to depend on---and thus the application's chance to be broken. Based on pseudorandom functions, Luby and Rackoff [9] described provably secure block ciphers. This theoretical break-through is also of practical interest--- pseudorandomness is a design goal for today's dedicated hash functions. E.g. the authors of RIPE-MD write [14]: "It is the...
Security and Privacy: Modest Proposals for Low-Cost RFID Systems
- Systems, Proc. Auto-ID Labs Research Workshop
, 2004
"... Low cost Radio Frequency Identification (RFID) systems are increasingly being deployed in industry and commerce. These contactless devices have raised public concern regarding violation of privacy and information security. There is a growing need in the RFID community to discover and develop techniq ..."
Abstract
-
Cited by 17 (0 self)
- Add to MetaCart
(Show Context)
Low cost Radio Frequency Identification (RFID) systems are increasingly being deployed in industry and commerce. These contactless devices have raised public concern regarding violation of privacy and information security. There is a growing need in the RFID community to discover and develop techniques and methods to overcome several problems posed by the above-mentioned concerns. This paper presents proposals on feasible security mechanisms for low cost RFID systems and analyses them from both security and privacy points of view.
Zero Correlation Linear Cryptanalysis with Reduced Data Complexity, IACR Eprint Archive Report
, 2012
"... Abstract. Zero correlation linear cryptanalysis is a novel key recovery technique for block ciphers proposed in [5]. It is based on linear approx-imations with probability of exactly 1/2 (which corresponds to the zero correlation). Some block ciphers turn out to have multiple linear approx-imations ..."
Abstract
-
Cited by 16 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Zero correlation linear cryptanalysis is a novel key recovery technique for block ciphers proposed in [5]. It is based on linear approx-imations with probability of exactly 1/2 (which corresponds to the zero correlation). Some block ciphers turn out to have multiple linear approx-imations with correlation zero for each key over a considerable number of rounds. Zero correlation linear cryptanalysis is the counterpart of im-possible differential cryptanalysis in the domain of linear cryptanalysis, though having many technical distinctions and sometimes resulting in stronger attacks. In this paper, we propose a statistical technique to significantly reduce the data complexity using the high number of zero correlation linear approximations available. We also identify zero correlation linear ap-proximations for 14 and 15 rounds of TEA and XTEA. Those result in key-recovery attacks for 21-round TEA and 25-round XTEA, while re-quiring less data than the full code book. In the single secret key setting, these are structural attacks breaking the highest number of rounds for both ciphers. The findings of this paper demonstrate that the prohibitive data com-plexity requirements are not inherent in the zero correlation linear crypt-analysis and can be overcome. Moreover, our results suggest that zero correlation linear cryptanalysis can actually break more rounds than the best known impossible differential cryptanalysis does for relevant block ciphers. This might make a security re-evaluation of some ciphers neces-sary in the view of the new attack.
Improving the time complexity of matsui’s linear cryptanalysis, Information Security and Cryptology
- ICISC 2007, 10th International Conference, Seoul, Korea, November 29-30, 2007, Proceedings, Lecture Notes in Computer Science
, 2007
"... Abstract. This paper reports on an improvement of Matsui’s linear cryptanalysis that reduces the complexity of an attack with algorithm 2, by taking advantage of the Fast Fourier Transform. Using this improvement, the time complexity decreases from O(2 k ∗ 2 k) to O(k ∗ 2 k), where k is the number o ..."
Abstract
-
Cited by 13 (2 self)
- Add to MetaCart
(Show Context)
Abstract. This paper reports on an improvement of Matsui’s linear cryptanalysis that reduces the complexity of an attack with algorithm 2, by taking advantage of the Fast Fourier Transform. Using this improvement, the time complexity decreases from O(2 k ∗ 2 k) to O(k ∗ 2 k), where k is the number of bits in the keyguess. This improvement is very generic and can be applied against a broad variety of ciphers including SPN and Feistel schemes. In certain (practically meaningful) contexts, it also involves a reduction of the attacks data complexity (which is usually the limiting factor in the linear cryptanalysis of block ciphers). For illustration, the method is applied against the AES candidate Serpent and the speed-up is given for exemplary attacks. Keywords: block ciphers, linear cryptanalysis, Fast Fourier Transform. 1
GPU Random Numbers via the Tiny Encryption Algorithm
, 2010
"... Random numbers are extensively used on the GPU. As more computation is ported to the GPU, it can no longer be treated as rendering hardware alone. Random number generators (RNG) are expected to cater general purpose and graphics applications alike. Such diversity adds to expected requirements of a R ..."
Abstract
-
Cited by 12 (0 self)
- Add to MetaCart
Random numbers are extensively used on the GPU. As more computation is ported to the GPU, it can no longer be treated as rendering hardware alone. Random number generators (RNG) are expected to cater general purpose and graphics applications alike. Such diversity adds to expected requirements of a RNG. A good GPU RNG should be able to provide repeatability, random access, multiple independent streams, speed, and random numbers free from detectable statistical bias. A specific application may require some if not all of the above characteristics at one time. In particular, we hypothesize that not all algorithms need the highest-quality random numbers, so a good GPU RNG should provide a speed quality tradeoff that can be tuned for fast low quality or slower high quality random numbers. We propose that the Tiny Encryption Algorithm satisfies all of the requirements of a good GPU Pseudo Random Number Generator. We compare our technique against previous approaches, and present an evaluation using standard randomness test suites as well as Perlin noise and a Monte-Carlo shadow algorithm. We show that the quality of random number generation directly affects the quality of the noise produced, however, good quality noise can still be produced with a lower quality random number generator.
Structure of a proof-producing compiler for a subset of higher order logic
- 16th European Symposium on Programming (ESOP’07
, 2007
"... Abstract. We give an overview of a proof-producing compiler which translates recursion equations, defined in higher order logic, to assembly language. The compiler is implemented and validated with a mix of translation validation and compiler verification techniques. Both the design of the compiler ..."
Abstract
-
Cited by 10 (7 self)
- Add to MetaCart
(Show Context)
Abstract. We give an overview of a proof-producing compiler which translates recursion equations, defined in higher order logic, to assembly language. The compiler is implemented and validated with a mix of translation validation and compiler verification techniques. Both the design of the compiler and its mechanical verification are implemented in the same logic framework.
