Results 1  10
of
84
A survey of security issues in wireless sensor networks
 IEEE Communications Surveys & Tutorials
"... Advances in wireless communication and electronics have enabled the development of lowcost, lowpower, multifunctional sensor nodes. These tiny sensor nodes, consisting of sensing, data processing, and communication components, make it possible to deploy Wireless Sensor Networks (WSNs), which repres ..."
Abstract

Cited by 95 (4 self)
 Add to MetaCart
(Show Context)
Advances in wireless communication and electronics have enabled the development of lowcost, lowpower, multifunctional sensor nodes. These tiny sensor nodes, consisting of sensing, data processing, and communication components, make it possible to deploy Wireless Sensor Networks (WSNs), which represent a significant improvement over traditional wired sensor networks. WSNs can greatly simplify system design and operation, as the environment being monitored does not require the communication or energy infrastructure associated with wired networks [1]. WSNs are expected to be solutions to many applications, such as detecting and tracking the passage of troops and tanks on a battlefield, monitoring environmental pollutants, measuring traffic flows on roads, and tracking the location of personnel in a building. Many sensor networks have missioncritical tasks and thus require that security be considered [2, 3]. Improper use of information or using forged information may cause unwanted information leakage and provide inaccurate results. While some aspects of WSNs are similar to traditional wireless ad hoc networks, important distinctions exist which greatly affect how security is achieved. The differences
Twofish: A 128Bit Block Cipher
 in First Advanced Encryption Standard (AES) Conference
, 1998
"... Twofish is a 128bit block cipher that accepts a variablelength key up to 256 bits. The cipher is a 16round Feistel network with a bijective F function made up of four keydependent 8by8bit Sboxes, a fixed 4by4 maximum distance separable matrix over GF(2 8 ), a pseudoHadamard transform, bit ..."
Abstract

Cited by 66 (8 self)
 Add to MetaCart
(Show Context)
Twofish is a 128bit block cipher that accepts a variablelength key up to 256 bits. The cipher is a 16round Feistel network with a bijective F function made up of four keydependent 8by8bit Sboxes, a fixed 4by4 maximum distance separable matrix over GF(2 8 ), a pseudoHadamard transform, bitwise rotations, and a carefully designed key schedule. A fully optimized implementation of Twofish encrypts on a Pentium Pro at 17.8 clock cycles per byte, and an 8bit smart card implementation encrypts at 1660 clock cycles per byte. Twofish can be implemented in hardware in 14000 gates. The design of both the round function and the key schedule permits a wide variety of tradeoffs between speed, software size, key setup time, gate count, and memory. We have extensively cryptanalyzed Twofish; our best attack breaks 5 rounds with 2 22.5 chosen plaintexts and 2 51 effort.
The Salsa20 family of stream ciphers
 in [38] (2008). URL: http://cr.yp.to/papers.html#salsafamily. Citations in this document: §2
"... Abstract. Salsa20 is a family of 256bit stream ciphers designed in 2005 ..."
Abstract

Cited by 42 (8 self)
 Add to MetaCart
(Show Context)
Abstract. Salsa20 is a family of 256bit stream ciphers designed in 2005
LBlock: a lightweight block cipher
 IN: APPLIED CRYPTOGRAPHY AND NETWORK SECURITY
, 2011
"... In this paper, we propose a new lightweight block cipher called LBlock. Similar to many other lightweight block ciphers, the block size of LBlock is 64bit and the key size is 80bit. Our security evaluation shows that LBlock can achieve enough security margin against known attacks, such as differ ..."
Abstract

Cited by 31 (2 self)
 Add to MetaCart
(Show Context)
In this paper, we propose a new lightweight block cipher called LBlock. Similar to many other lightweight block ciphers, the block size of LBlock is 64bit and the key size is 80bit. Our security evaluation shows that LBlock can achieve enough security margin against known attacks, such as differential cryptanalysis, linear cryptanalysis, impossible differential cryptanalysis and relatedkey attacks etc. Furthermore, LBlock can be implemented efficiently not only in hardware environments but also in software platforms such as 8bit microcontroller. Our hardware implementation of LBlock requires about 1320 GE on 0.18 µm technology with a throughput of 200 Kbps at 100 KHz. The software implementation of LBlock on 8bit microcontroller requires about 3955
Faster LubyRackoff Ciphers
, 1996
"... . This paper deals with a generalization of Luby's and Rackoff 's results [9] on the construction of block ciphers and their consequences for block cipher implementations. Based on dedicated hash functions, block ciphers are proposed which are more efficient and operate on larger blocks th ..."
Abstract

Cited by 25 (2 self)
 Add to MetaCart
. This paper deals with a generalization of Luby's and Rackoff 's results [9] on the construction of block ciphers and their consequences for block cipher implementations. Based on dedicated hash functions, block ciphers are proposed which are more efficient and operate on larger blocks than their original LubyRackoff counterparts. 1 Introduction One usually demands a block cipher to be secure and efficient. Other notsocommon demands are to be simple and to cope with large blocks. Consider a cipher being provably secure if another cryptographic primitive is secure. This reduces the number of security assumptions a cryptographic application has to depend onand thus the application's chance to be broken. Based on pseudorandom functions, Luby and Rackoff [9] described provably secure block ciphers. This theoretical breakthrough is also of practical interest pseudorandomness is a design goal for today's dedicated hash functions. E.g. the authors of RIPEMD write [14]: "It is the...
Security and Privacy: Modest Proposals for LowCost RFID Systems
 Systems, Proc. AutoID Labs Research Workshop
, 2004
"... Low cost Radio Frequency Identification (RFID) systems are increasingly being deployed in industry and commerce. These contactless devices have raised public concern regarding violation of privacy and information security. There is a growing need in the RFID community to discover and develop techniq ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
(Show Context)
Low cost Radio Frequency Identification (RFID) systems are increasingly being deployed in industry and commerce. These contactless devices have raised public concern regarding violation of privacy and information security. There is a growing need in the RFID community to discover and develop techniques and methods to overcome several problems posed by the abovementioned concerns. This paper presents proposals on feasible security mechanisms for low cost RFID systems and analyses them from both security and privacy points of view.
Zero Correlation Linear Cryptanalysis with Reduced Data Complexity, IACR Eprint Archive Report
, 2012
"... Abstract. Zero correlation linear cryptanalysis is a novel key recovery technique for block ciphers proposed in [5]. It is based on linear approximations with probability of exactly 1/2 (which corresponds to the zero correlation). Some block ciphers turn out to have multiple linear approximations ..."
Abstract

Cited by 16 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Zero correlation linear cryptanalysis is a novel key recovery technique for block ciphers proposed in [5]. It is based on linear approximations with probability of exactly 1/2 (which corresponds to the zero correlation). Some block ciphers turn out to have multiple linear approximations with correlation zero for each key over a considerable number of rounds. Zero correlation linear cryptanalysis is the counterpart of impossible differential cryptanalysis in the domain of linear cryptanalysis, though having many technical distinctions and sometimes resulting in stronger attacks. In this paper, we propose a statistical technique to significantly reduce the data complexity using the high number of zero correlation linear approximations available. We also identify zero correlation linear approximations for 14 and 15 rounds of TEA and XTEA. Those result in keyrecovery attacks for 21round TEA and 25round XTEA, while requiring less data than the full code book. In the single secret key setting, these are structural attacks breaking the highest number of rounds for both ciphers. The findings of this paper demonstrate that the prohibitive data complexity requirements are not inherent in the zero correlation linear cryptanalysis and can be overcome. Moreover, our results suggest that zero correlation linear cryptanalysis can actually break more rounds than the best known impossible differential cryptanalysis does for relevant block ciphers. This might make a security reevaluation of some ciphers necessary in the view of the new attack.
Improving the time complexity of matsui’s linear cryptanalysis, Information Security and Cryptology
 ICISC 2007, 10th International Conference, Seoul, Korea, November 2930, 2007, Proceedings, Lecture Notes in Computer Science
, 2007
"... Abstract. This paper reports on an improvement of Matsui’s linear cryptanalysis that reduces the complexity of an attack with algorithm 2, by taking advantage of the Fast Fourier Transform. Using this improvement, the time complexity decreases from O(2 k ∗ 2 k) to O(k ∗ 2 k), where k is the number o ..."
Abstract

Cited by 13 (2 self)
 Add to MetaCart
(Show Context)
Abstract. This paper reports on an improvement of Matsui’s linear cryptanalysis that reduces the complexity of an attack with algorithm 2, by taking advantage of the Fast Fourier Transform. Using this improvement, the time complexity decreases from O(2 k ∗ 2 k) to O(k ∗ 2 k), where k is the number of bits in the keyguess. This improvement is very generic and can be applied against a broad variety of ciphers including SPN and Feistel schemes. In certain (practically meaningful) contexts, it also involves a reduction of the attacks data complexity (which is usually the limiting factor in the linear cryptanalysis of block ciphers). For illustration, the method is applied against the AES candidate Serpent and the speedup is given for exemplary attacks. Keywords: block ciphers, linear cryptanalysis, Fast Fourier Transform. 1
GPU Random Numbers via the Tiny Encryption Algorithm
, 2010
"... Random numbers are extensively used on the GPU. As more computation is ported to the GPU, it can no longer be treated as rendering hardware alone. Random number generators (RNG) are expected to cater general purpose and graphics applications alike. Such diversity adds to expected requirements of a R ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
Random numbers are extensively used on the GPU. As more computation is ported to the GPU, it can no longer be treated as rendering hardware alone. Random number generators (RNG) are expected to cater general purpose and graphics applications alike. Such diversity adds to expected requirements of a RNG. A good GPU RNG should be able to provide repeatability, random access, multiple independent streams, speed, and random numbers free from detectable statistical bias. A specific application may require some if not all of the above characteristics at one time. In particular, we hypothesize that not all algorithms need the highestquality random numbers, so a good GPU RNG should provide a speed quality tradeoff that can be tuned for fast low quality or slower high quality random numbers. We propose that the Tiny Encryption Algorithm satisfies all of the requirements of a good GPU Pseudo Random Number Generator. We compare our technique against previous approaches, and present an evaluation using standard randomness test suites as well as Perlin noise and a MonteCarlo shadow algorithm. We show that the quality of random number generation directly affects the quality of the noise produced, however, good quality noise can still be produced with a lower quality random number generator.
Structure of a proofproducing compiler for a subset of higher order logic
 16th European Symposium on Programming (ESOP’07
, 2007
"... Abstract. We give an overview of a proofproducing compiler which translates recursion equations, defined in higher order logic, to assembly language. The compiler is implemented and validated with a mix of translation validation and compiler verification techniques. Both the design of the compiler ..."
Abstract

Cited by 10 (7 self)
 Add to MetaCart
(Show Context)
Abstract. We give an overview of a proofproducing compiler which translates recursion equations, defined in higher order logic, to assembly language. The compiler is implemented and validated with a mix of translation validation and compiler verification techniques. Both the design of the compiler and its mechanical verification are implemented in the same logic framework.