Innovative Security Solutions for Information Technology and Communications

This paper describes a non-interactive process allowing a prover to convince a verifier that a modulus n is the product of two primes (p, q) of about the same size. A further heuristic argument conjectures that \(p-1\) and \(q-1\) have sufficiently large prime factors for cryptographic applications.

The new protocol relies upon elementary number-theoretic properties and can be implemented efficiently using very few operations. This contrasts with state-of-the-art zero-knowledge protocols for RSA modulus proper generation assessment.

The heuristic argument at the end of our construction calls for further cryptanalysis by the community and is, as such, an interesting research question in its own right.

RFID is widely used in many security sensitive areas. Researchers proposed many theoretical attacks and security implementation models on RFID devices. To test these theories and models is challenging and difficult task. In this paper, we use three common-off-the-shelf security testing platforms i.e. PN532, TI RF430CL330H and Chameleon Mini, to test the most widely used standards ISO14443A, ISO14443B and ISO18092. We present a detailed workflow of each platform. Furthermore, we highlight the advantages and disadvantages of each platform in regards fast implementation, delays and support for different types of RFIDs.

We present a novel public key encryption scheme that enables users to exchange many bits messages by means of at least two large prime numbers in a Goldwasser-Micali manner. Our cryptosystem is in fact a generalization of the Joye-Libert scheme (being itself an abstraction of the first probabilistic encryption scheme). We prove the security of the proposed cryptosystem in the standard model (based on the gap \(2^k\)-residuosity assumption) and report complexity related facts. We also describe an application of our scheme to biometric authentication and discuss the security of our suggested protocol. Last but not least, we indicate several promising research directions.

Mixed Integer Linear Programming (MILP) is a very common method of modelling differential and linear bounds. The Convex Hull (CH) modelling, introduced by Sun et al. (Eprint 2013/Asiacrypt 2014), is a popular method in this regard, which can convert the conditions corresponding to a small (4-bit) SBox to MILP constraints efficiently. Our analysis shows, there are SBoxes for which the CH modelling can yield incorrect modelling. The problem arises from the observation that although the CH is generated for a certain set of points, there can be points outside this set which also satisfy all the inequalities of the CH. As apparently no variant of the CH modelling can circumvent this problem, we propose a new modelling for differential and linear bounds. Our modelling makes use of every points of interest individually. Additionally, we also explore the possibility of using redundant constraints, such that the run time for an MILP solver can be reduced while keeping the optimal result unchanged. With our experiments on round-reduced GIFT-128, we show it is possible to reduce the run time a few folds using a suitable choice of redundant constraints. We also present the optimal linear bounds for 11- and 12-rounds of GIFT-128, extending from the best-known result of 10-rounds.

This paper shows new card-based cryptographic protocols using private operations that are secure against malicious players. Physical cards are used in card-based cryptographic protocols instead of computers. Operations that a player executes in a place where the other players cannot see are called private operations. Using several private operations, calculations of two variable boolean functions and copy operations were realized with the minimum number of cards. Though the private operations are very powerful in card-based cryptographic protocols, there is a problem that it is very hard to prevent malicious actions during private operations. Though most card-based protocols are discussed in the semi-honest model, there might be cases when the semi-honest model is not enough. Thus, this paper shows new protocols that are secure against malicious players. We show logical XOR, logical AND, and copy protocols, since we can execute any logical computations with a combination of these protocols. We use envelopes as an additional tool that can be easily prepared and used by people.

We propose an anonymous credential system equipped with independent decentralized authorities who issue credentials. In our system, the number of authorities can dynamically increase or decrease. A credential is a private secret key issued by an authority, and it is given to an entity distinguished by an identifier. In the issuing phase, an authority only has to sign identifiers. In the proving phase, under a principle of “commit-to-id”, an entity proves to a verifier the knowledge of his/her identifier and private secret keys by generating a unified proof. The verifier should resist against collusion attacks executed by adversaries who bring together the private secret keys issued to different identifiers. To construct our system, we employ two building blocks; the structure-preserving signature scheme and the Groth-Sahai non-interactive proof system. Both blocks work in the setting of bilinear groups. To attain the collusion resistance, we propose a notion of “bundled language” that is abstraction of simultaneous pairing-product equations which include an identifier as a variable.

In this article we present the BB84 quantum key distribution scheme from two perspectives. First, we provide a theoretical discussion of the steps Alice and Bob take to reach a shared secret using this protocol, while an eavesdropper Eve is either involved or not. Then, we offer and discuss two distinct implementations that simulate BB84 using IBM’s Qiskit framework, the first being an exercise solved during the “IBM Quantum Challenge” event in early May 2020, while the other was developed independently to showcase the intercept-resend attack strategy in detail. We note the latter’s scalability and increased output verbosity, which allow for a statistical analysis to determine the probability of detecting the act of eavesdropping.

We propose a public-key encryption scheme that arise from a kind of differential geometry called Finsler geometry. Our approach is first to observe a map of a tangent space to another tangent space, and find asymmetricity of linear parallel displacement, which is easy to compute but hard to invert. Then we construct an example of the map over the real numbers. By quantization, we propose a public-key encryption scheme. The scheme is proved to be IND-CCA2 secure under the new assumption of the decisional linear parallel displacement problem.

One possible applicability of blockchain technology is in identity management. Especially for public blockchains, the need to reduce (ideally to zero) the exposure of sensitive identification data is clear. Under these settings, zero-knowledge proofs, in particular in the advanced forms of Zero-Knowledge Succinct Non-Interactive ARguments of Knowledge (zk-SNARK) and Zero-Knowledge Scalable Transparent ARguments of Knowledge (zk-STARK), can be used as a potential privacy-preserving technique. The current work looks at the existing libraries that implement zk-SNARKs and zk-STARKs and exemplifies and discusses the use of zk-SNARKs in blockchain-based identity management solutions.

Nowadays, the number of discovered vulnerabilities increases rapidly. In 2018, the 17, 308 vulnerabilities were discovered and during the 2019 even more, so up to 20, 362. The serious problem is that a substantial part of them is rated as critical or at least labeled as high according the CVSS (Common Vulnerability Scoring System). This fact causes a problem, the designers and/or developers do not know which vulnerability should be eliminated at the first place. Time for removal of the vulnerability is crucial from the practical point of cyber security. The main contribution of the article is a proposal of a new method that is used for prioritizing vulnerabilities. The aim of the proposed method is to eliminate the disadvantages of approaches commonly used today. Our method improves the prioritization of vulnerabilities utilizing the parameters: the possibility of exploitation, availability of information about them and knowledge obtained by Threat Intelligence. These three parameters are highly important, especially for newly discovered vulnerabilities, where a priority can differ from day to day. We evaluate the functionality of the proposed method utilizing the production environment of a medium-sized company and we copare results with CVSS method (30 servers, 200 end-stations).

This paper presents an IND-CCA2 attack against the 1st- and 2nd-round versions of NTS-KEM, i.e., the versions before the update in December 2019. Our attack works against the 1st- and 2nd-round specifications, with a number of decapsulation queries upper-bounded by \(n-k\) and an advantage lower-bounded by roughly \(0.5(n-k)t/n^2\), where n, k, and t stand for the code length, code dimension, and the designed decoding capacity, for all the three parameter sets of NTS-KEM. We found that the non-reference implementations are also vulnerable to our attack, even though there are bugs. There are also bugs in the reference implementations, but in a way invulnerable to our attack.

Collaborative robots (cobots) work in close proximity with human co-workers to accomplish tasks. The proximity of working arrangements and the power required of some cobots for particular tasks means that there is significant potential for cobots to cause damage to their surroundings and people nearby. Working with cobots requires appropriate training and skill. We must ensure that co-workers access appropriate levels of service and functionality from a cobot. We would wish to stop intruders engaging with cobots but also to protect against inappropriate informal working arrangements by colleagues. In this paper, we consider the potential for users’ behaviours to be used as a biometric approach to continuous user authentication. More specifically, we consider how data from a cobot’s internal sensors can be used to characterise a user’s physical interaction with it and serve as a reference template for authentication of that user. We seek to continuously authenticate current user behaviours against these stored characteristic templates while the cobot is being manipulated (as part of a collaborative task). Our approach, based on machine learning and a recognised trust model, can provide a sensible, practical solution to authenticate users continuously as they physically interact with a cobot. Furthermore, it makes use of data that are already maintained by the cobot as part of its general operation. Our work is the first to exploit such data.

The ability to store and operate on cloud data provides flexibility and reduced hardware needs, but it has the disadvantage of a possible loss of data privacy. Homomorphic encryption solves this problem allowing operations on encrypted data to be performed, while maintaining its confidentiality. In this paper we focus on the introduction of homomorphic cryptosystems within neural networks. The main contribution is an implementation of a speaker recognition system whose security is based on the principles of homomorphic encryption. The application uses a convolutional neural network to classify encrypted spectral samples and it achieves an accuracy of over 99.5%. Moreover, we test different approximations for transfer functions analyzing time and memory consumption along accuracy.

In response to the increasing number and complexity of cyber threats, universities, industry, and government agencies are widely employing network emulation environments for cybersecurity training and experimentation. These environments, known as “cyber ranges”, can model enterprise networks and sophisticated attacks, providing a realistic experience for the users. Building and deploying such environments is currently very time consuming, especially for complex scenarios and a high number of participants to the training exercises. This paper presents how virtualization and automation tools can be used to address this issue, starting from the formal specification of the emulated network environment to the automated deployment and replication of virtual machines. Our approach is based on widely used technologies and allows building tailored environments that fulfill organization needs for specific training, exercise, research, and development.

In this paper we present a long-term secure deniable group key establishment protocol. Long-term security provides resistance again-st an adversary, even if some underlying hardness assumptions become invalid later, after completion of the protocol. Deniability feature of a group key establishment protocol allows each participant to join a protocol session and authenticate a message for the other group members, but the receiver(s) cannot convince a third party that such involvement of the group members in the process ever took place.

The protocol presented here is a long-term secure deniable group key establishment protocol in the random oracle model which remains secure if either a Computational Bilinear Diffie Hellman problem is hard or a server, who shares a symmetric key with each user, is uncorrupted. The technical tools used for the protocol are ring signature, multiparty key encapsulation, and message authentication code.

Before starting to play a two-player board game such as Chess and Shogi (namely, Japanese chess), we have to determine who makes the first move. Players’ strategies of Chess and Shogi often rely on whether they will move first or not, and most players have their own preferences. Therefore, it would be nice if we can take their individual requests into account when determining who goes first. To this end, if the two players simply tell their preferable moves to each other, they will notice the other’s strategy. Thus, we want the players to determine the first move according to their requests while hiding any information about them. Note that this problem cannot be solved by a typical way done in Chess, namely, a coin-flipping. In this paper, we formalize this problem in a cryptographic perspective and propose a secure protocol that solves this problem using a deck of physical cards. Moreover, we extend this problem to the multi-player setting: Assume that there is a single prize in a lottery drawing among more than two players, each of who has an individual secret feeling ‘Yes’ or ‘No’ that indicates whether he/she really wants to get the prize or not. If one or more players have ‘Yes,’ we want to randomly and covertly choose a winner among those having ‘Yes.’ If all of them have ‘No,’ we want to randomly pick a winner among all the players. We solve this extended problem, which we call the “covert lottery” problem, by proposing a simple card-based protocol.

The paper presents a hardware-accelerated cryptographic solution for Field Programmable Gate Array (FPGA) based network cards that provide throughput up to 200 Gpbs. Our solution employs a Software-Defined Network (SDN) concept based on the high-level Programming Protocol-independent Packet Processors (P4) language that offers flexibility for network-oriented data processing. In order to accelerate cryptographic operations, we implement main cryptographic functions by VHSIC Hardware Description Language (VHDL) directly in FPGA, i.e., a symmetric cipher (AES-GCM-256), a digital signature scheme (EdDSA) and a hash function (SHA-3). Our solution then uses these widely-used cryptographic primitives as basic external P4 functions which can be applied in various customized security use cases. Thus, our solution allows engineers to avoid hardware development (VHDL) and offers rapid prototyping by using the high-level language (P4). Moreover, we test these cryptographic components on the UltraScale+ FPGA card and we present their hardware consumption and performance results.

Subjective attack trees are an extension to traditional attack trees, proposed so to take uncertainty about likelihoods of security events into account during the modelling of security risk scenarios, using subjective opinions. This paper extends the work of subjective attack trees by allowing for the modelling of countermeasures, as well as conducting a comprehensive security and security investment analysis, such as risk measuring and analysis of profitable security investments. Our approach is evaluated against traditional attack trees. The results demonstrate the importance and advantage of taking uncertainty about probabilities into account. In terms of security investment, our approach seems to be more inclined to protect systems in presence of uncertainty (or lack of knowledge) about security events evaluations.