Coding Theory and Security 2015
SoS Newsletter- Advanced Book Block
Coding Theory and Security 2015 |
Coding theory examines the properties of codes and their aptness for a specific application. For the Science of Security, coding theory is relevant to compositionality, resilience, cryptography, and metrics. The work cited here was presented in 2015.
H. Cai, H. Liu, Q. Yuan, M. Steinebach and X. Wang, “A Novel Image Secret Sharing Scheme With Meaningful Shares,” Acoustics, Speech and Signal Processing (ICASSP), 2015 IEEE International Conference on, South Brisbane, QLD, 2015, pp. 1767-1771. doi: 10.1109/ICASSP.2015.7178274
Abstract: In this paper a novel (t, n) threshold image secret sharing scheme is proposed. Based on the idea that there is close connection between secret sharing and coding theory, coding method on GF(2m) is applied in our scheme instead of the classical Lagrange's interpolation method in order to deal with the fidelity loss problem in the recovery. All the generated share images are meaningful and the size of each share image is the same as the secret image. The analysis proves our scheme is perfect and ideal and also has high security. The experiment results demonstrate that all the shares have high quality and the secret image can be recovered exactly.
Keywords: cryptography; image coding; coding method; image secret sharing scheme; interpolation method; meaningful shares; Encoding; Encryption; Image coding; Interpolation; Visualization; coding theory; image encryption; image secret sharing; multimedia security (ID#: 16-10949)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7178274&isnumber=7177909
X. Guang, J. Lu and F. W. Fu, “Variable-Security-Level Secure Network Coding,” Information Theory Workshop - Fall (ITW), 2015 IEEE, Jeju, 2015, pp. 34-38. doi: 10.1109/ITWF.2015.7360729
Abstract: In network coding theory, when wiretapping attacks occur, secure network coding is introduced to prevent information from being leaked to adversaries. In practical network communications, secure constraints vary with time. How to effectively deal with information transmission and information security simultaneously under different security-levels is introduced in this paper as variable-security-level secure network coding problem. In order to solve this problem efficiently, we propose the concept of local-kernel-preserving variable-security-level secure linear network codes, which have the same local encoding kernel at each internal node. We further present an approach to construct such a family of SLNCs and give an algorithm for efficient implementation. This approach saves the storage space at both source node and internal nodes, and resources and time on networks. Subsequently, an example is given to illustrate our constructive algorithm. Finally, the performance of the proposed algorithm is analyzed, including the field size, computational and storage complexities.
Keywords: cryptography; network coding; information security; information transmission; internal node; internal nodes; linear network codes; local kernel preserving variable security; network coding theory; secure constraints; source node; storage space; variable security level secure network coding; wiretapping attacks; Complexity theory; Conferences; Encoding; Information rates; Kernel; Network coding (ID#: 16-10950)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7360729&isnumber=7360717
A. Sghaier, M. Zghid and M. Machhout, “Proposed Efficient Arithmetic Operations Architectures for Hyper Elliptic Curves Cryptosystems (HECC),” Systems, Signals & Devices (SSD), 2015 12th International Multi-Conference on, Mahdia, 2015, pp. 1-5. doi: 10.1109/SSD.2015.7348108
Abstract: Because it offers several benefits over other public-key cryptosystems much effort are done to make Hyper Elliptic Curve Cryptosystems (HECC) more practical, such as RSA, it offers a comparable level of security with a smaller key size. For this reason, HECCs can be used in embedded environments where speed, energy, power, chip and memory area are constrained. However, HEC use a complex mathematical background, so it's difficult to be implemented on hardware. They can be defined over real numbers, complex numbers and any other field. So we need arithmetic operations (addition, subtraction, multiplication and division) which have much application in cryptography and coding theory. We have to note that the overall performance of HECC is mainly determined by the speed of arithmetic operations. The most algorithms that manipulate these operations use polynomial coefficients in base 2 and they are defined over finite fields. But, the problem is clearly viewed over real field and simple to be presented. Arithmetic operations are based on the complexity of a mathematical problem, and to have an optimized architecture we need to optimize arithmetic operations. In this paper we describe a high performance, area efficient implementation of arithmetic operations in HECC over real field and a new design methodology is presented. The proposed architectures operations are implemented in FPGA.
Keywords: digital arithmetic; embedded systems; field programmable gate arrays; polynomials; public key cryptography; FPGA; HECC; arithmetic operation architectures; coding theory; cryptography; embedded environments; finite fields; hyperelliptic curves cryptosystem; mathematical problem; polynomial coefficients; Decision support systems; Elliptic curve cryptography; Elliptic curves; Jacobian matrices; Polynomials; Yttrium; Discrete Logarithm Problem (DLP); Elliptic Curve (EC); Hyper Elliptic Curve Cryptosystems (HECC); HyperElliptic Curve (HEC); Jacobian group; MA; Rivest, Shamir and Adelman (RSA) (ID#: 16-10951)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7348108&isnumber=7348090
Q. Zhang, S. Kadhe, M. Bakshi, S. Jaggi and A. Sprintson, “Talking Reliably, Secretly, and Efficiently: A “Complete” Characterization,” Information Theory Workshop (ITW), 2015 IEEE, Jerusalem, 2015, pp. 1-5. doi: 10.1109/ITW.2015.7133143
Abstract: We consider reliable and secure communication of information over a multipath network. A transmitter Alice sends messages to the receiver Bob in the presence of a hidden adversary Calvin. The adversary Calvin can both eavesdrop and jam on (possibly non-identical) subsets of transmission links. The goal is to communicate reliably (intended receiver can understand the messages) and secretly (adversary cannot understand the messages). Two kinds of jamming, additive and overwrite, are considered. Additive jamming corresponds to wireless network model while overwrite jamming corresponds to wired network model and storage systems. The multipath network consists of C parallel links. Calvin can both jam and eavesdrop any zio number of links, can eavesdrop (but not jam) any zi/o number of links, and can jam (but not eavesdrop) any zo/i number of links. We present the first “complete” information-theoretic characterization of maximum achievable rate as a function of the number of links that can be jammed and/or eavesdropped for equal and unequal link capacity multipath networks under additive and overwrite jamming in the large alphabet regime. Our achievability and converse proofs require non-trivial combination of information theoretic and coding theoretic ideas and our achievability schemes are computationally efficient. The PHaSE-Saving techniques1 are used for achievability while a “stochastic” singleton bound is obtained for converse.
Keywords: jamming; network coding; radio networks; telecommunication security; C parallel links; PHaSE-Saving techniques; additive jamming; coding theory; communication security; first complete information-theoretic characterization; hidden adversary Calvin; overwrite jamming; stochastic singleton bound; storage systems; transmission links; unequal link capacity multipath networks; wired network model; wireless network model; Additives; Computer hacking; Computers; Decoding; Jamming; Reliability theory
(ID#: 16-10952)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7133143&isnumber=7133075
T. T. Luong, N. N. Cuong and L. T. Dung, “A New Statement About Direct Exponent of an MDS Matrix in Block Ciphers,” Knowledge and Systems Engineering (KSE), 2015 Seventh International Conference on, Ho Chi Minh City, 2015, pp. 340-343. doi: 10.1109/KSE.2015.68
Abstract: MDS code has been studied for a long time in the theory of error-correcting code and has been applied widely in cryptography. Some authors studied and proposed some methods for constructing MDS matrices which do not based on MDS code. Some MDS matrix transformations have been studied and direct exponent is such a transformation. In this paper we present some new results on direct exponent transformation to show the k* number (cycle) that direct p exponent of the MDS matrix fork times results in the original MDS matrix. In addition, the results are shown to have important applications in block ciphers.
Keywords: cryptography; matrix algebra; MDS code; MDS matrix transformations; block ciphers; direct exponent transformation; direct p-exponent; error-correcting code theory; k*-number cycle; Ciphers; Error correction codes; Information security; Linear codes; Resistance; Direct Exponent Matrix; Direct Square Matrix; MDS Matrix (ID#: 16-10953)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7371809&isnumber=7371739
T. T. Luong, N. N. Cuong and L. T. Dung, “The Preservation of the Coefficient of Fixed Points of an MDS Matrix under Direct Exponent Transformation,” Advanced Technologies for Communications (ATC), 2015 International Conference on, Ho Chi Minh City, 2015, pp. 111-116. doi: 10.1109/ATC.2015.7388301
Abstract: MDS (Maximum Distance Separable) code has been studied for a long time in the theory of error-correcting code and has been applied widely in cryptography. Some authors studied and proposed some methods for constructing MDS matrices which do not base on MDS codes. Some MDS matrix transformations have been studied and direct exponent is such a transformation. In this paper, we present some new results on the preservation of the number of fixed points of an MDS matrix under direct exponent transformation. In addition, the important applications of these results will be shown in block ciphers.
Keywords: block codes; cryptography; error correction codes; matrix algebra; MDS matrix fixed point coefficient preservation; block ciphers; direct exponent transformation; error-correcting code theory; maximum distance separable code; Ciphers; Error correction codes; Information security; Matrices; Resistance; Direct Exponent Matrix; Direct Square Matrix; MDS Matrix (ID#: 16-10954)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7388301&isnumber=7388293
A. Motamedi, M. Najafi and N. Erami, “Parallel Secure Turbo Code for Security Enhancement in Physical Layer,” 2015 Signal Processing and Intelligent Systems Conference (SPIS), Tehran, 2015, pp. 179-184. doi: 10.1109/SPIS.2015.7422336
Abstract: Turbo code has been one of the important subjects in coding theory since 1993. This code has low Bit Error Rate (BER) but decoding complexity and delay are big challenges. On the other hand, considering the complexity and delay of separate blocks for coding and encryption, if these processes are combined, the security and reliability of communication system are guaranteed. In this paper a secure decoding algorithm in parallel on General-Purpose Graphics Processing Units (GPGPU) is proposed. This is the first prototype of a fast and parallel Joint Channel-Security Coding (JCSC) system. Despite of encryption process, this algorithm maintains desired BER and increases decoding speed. We considered several techniques for parallelism: (1) distribute decoding load of a code word between multiple cores, (2) simultaneous decoding of several code words, (3) using protection techniques to prevent performance degradation. We also propose two kinds of optimizations to increase the decoding speed: (1) memory access improvement, (2) the use of new GPU properties such as concurrent kernel execution and advanced atomics to compensate buffering latency.
Keywords: channel coding; decoding; error statistics; graphics processing units; turbo codes; bit error rate; buffering latency; code words; communication system; concurrent kernel execution; distribute decoding load; general-purpose graphics processing units; joint channel-security coding system; memory access improvement; multiple cores; parallel secure turbo code; physical layer; secure decoding algorithm; security enhancement; Bit error rate; Decoding; Graphics processing units; Parallel processing; Security; Throughput; Turbo codes; CUDA; GPU; Turbo code; parallelism; security (ID#: 16-10955)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7422336&isnumber=7422296
C. Yin, H. Lv, Z. Cui, T. Li, L. Rao and Z. Wang, “ICRS: An Optimized Algorithm to Improve Performance in Distributed Storage System,” Intelligent Human-Machine Systems and Cybernetics (IHMSC), 2015 7th International Conference on, Hangzhou, 2015, pp. 561-564. doi: 10.1109/IHMSC.2015.219
Abstract: Erasure codes, such as Reed-Solomn (RS) and CRS Codes, are being extensively deployed in distributed storage system since they offer significantly higher reliability than data replication methods at much lower storage overheads. But RS and CRS codes always impose a huge burden on system's performance while encoding and decoding when they provide significant savings in storage space. This paper puts forward an optimized algorithm named ICRS (Improved CRS) based on erasure coding technology, which is committed to improve the security and the utilization of storage space. By studying existing high reliability and space saving rate of coding technology, we imported coding mechanism into distributed storage systems. We have verified ICRS algorithm by theory analysis and simulation test. Through theory analysis, we can conclude that ICRS algorithm can improve the performance of encoding and decoding because they can shorten the computation times. We apply ICRS algorithm into our storage system model named Robot to test the performance. At the same time, we compare RS codes and CRS codes in Robot. The test results show that decoding speed can rise up nearly two times than the past serial decoding speed.
Keywords: decoding; encoding; performance evaluation; reliability; storage allocation; CRS code; ICRS; RS code; Reed-Solomon code; data replication method; distributed storage system; improved CRS; robot; space saving rate; storage system model; Algorithm design and analysis; Decoding; Distributed databases; Encoding; Reliability; Robots; Servers; ICRS; performance; reliability
(ID#: 16-10956)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7335035&isnumber=7334774
D. K. N. Wood and D. R. E. Harang, “Grammatical Inference and Language Frameworks for LANGSEC,” Security and Privacy Workshops (SPW), 2015 IEEE, San Jose, CA, 2015, pp. 88-98. doi: 10.1109/SPW.2015.17
Abstract: Formal Language Theory for Security (LANGSEC) has proposed that formal language theory and grammars be used to define and secure protocols and parsers. The assumption is that by restricting languages to lower levels of the Chomsky hierarchy, it is easier to control and verify parser code. In this paper, we investigate an alternative approach to inferring grammars via pattern languages and elementary formal system frameworks. We summarize inferability results for subclasses of both frameworks and discuss how they map to the Chomsky hierarchy. Finally, we present initial results of pattern language learning on logged HTTP sessions and suggest future areas of research.
Keywords: formal languages; grammars; hypermedia; inference mechanisms; security of data; Chomsky hierarchy; HTTP sessions; LANGSEC; formal language theory for security; grammatical inference; language frameworks; parsers; secure protocols; Finite element analysis; Formal languages; Grammar; Polynomials; Protocols; Security; Standards; elementary formal system (EFS); language identification; pattern language (ID#: 16-10957)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7163212&isnumber=7163193
B. Zhu, A. Jiang, X. Bai and D. Bai, “A Method Research of Image Encryption Based on Chaotic and Secret Sharing,” Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), 2015 IEEE International Conference on, Shenyang, 2015, pp. 1823-1828. doi: 10.1109/CYBER.2015.7288224
Abstract: In view of the digital image in the process of transmission, it is easy to leak information, in order to protect the security of image information. This paper proposes an image encryption method which is a combination of image sharing technology and chaos theory. First, dividing the secret image into blocks and coding the blocks, restructuring the blocks by pseudo random sequence which is generated by Logistic chaotic map; Then, processing the restructuring image by the image sharing technology; Finally, the images those be processed by image sharing are embedded into the cover image for network transmission. The experimental results show that the method can be better for digital image encryption.
Keywords: block codes; chaos; cryptography; image coding; random sequences; block coding; chaos theory; image encryption method; image restructuring; image sharing technology; logistic chaotic map; pseudo random sequence; secret sharing; Chaos; Encryption; Image restoration; Indexes; Logistics; Logistic map; chaos encryption; image sharing (ID#: 16-10958)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7288224&isnumber=7287893
F. C. Colon Osorio, H. Qiu and A. Arrott, “Segmented Sandboxing - A Novel Approach to Malware Polymorphism Detection,” 2015 10th International Conference on Malicious and Unwanted Software (MALWARE), Fajardo, 2015, pp. 59-68. doi: 10.1109/MALWARE.2015.7413685
Abstract: Malware polymorphic and metamorphic obfuscation techniques combined with so-called “sandboxing evasion techniques“ continue to erode the effectiveness of both static detection (signature matching), and dynamic detection (sandboxing). Specifically, signature based techniques are overwhelmed by the sheer number of samples generated from a single seminal binary through the use of polymorphic variations (encryption, ISP obfuscation together with ISP emulators, semantically neutral transformations, and so forth). Anti-virus security vendors often report more than 100,000 new Malware signatures a day. In most cases, the preponderance of these variations can be attributed to just a handful of seminal Malware families. In 2011, FireEye reported that over 50% of observed successful Malware infections were attributable to just 13 Malware families (seminals).1 Similarly, sandboxing2, also known as dynamic Malware detection, has suffered from its own set of limitations. Mainly, (1) Malware writers embed in their code the ability to discover virtualized environments by checking for live internet access, or certain system properties inherent to virtualized environments, (2) Wait and seek (aka dormant Malware), a technique where knowing the execution time limitations of sandboxes, the Malware just waits, and (3) evasion techniques based on diverse communication. While the benefits of either dynamic or static approaches for Malware detection look quite tempting from each of their counterpart's perspectives, their weakness are daunting in their own right as well. In this manuscript we attempted to combine the best part of both approaches, while minimizing the disadvantages of either of them. We call this mixed approach “static Malware detection with segmented sandboxing“. It was first developed by modeling the problem from a classical automata theory that leads from a formal problem formulation to a practical solution implementation. Preliminary results have shown that this approach is extremely effective in at least two significant ways. First, it sequentially minimizes both false negatives (misses) and false positives (FPs) enabling response resources to be focused on a more complete set of attacks with far less distraction from false alarms. Second, it overcomes many of the known limitations of sandboxing technology.
Keywords: automata theory; digital signatures; invasive software; FireEye; ISP emulators; ISP obfuscation; anti-virus security vendors; diverse communication; dormant malware; dynamic detection; dynamic malware detection; encryption; malware infections; malware polymorphism detection; malware signatures; metamorphic obfuscation techniques; polymorphic variations; sandboxing evasion techniques; segmented sandboxing; semantically neutral transformations; seminal binary; signature based techniques; signature matching; static detection; static malware detection; virtualized environments; Automata; Engines; Malware; Manuals; Semantics; Software (ID#: 16-10959)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7413685&isnumber=7413673
D. Fangquan, D. Chaoqun, Z. Yao and L. Teng, “Binary-Oriented Hybrid Fuzz Testing,” Software Engineering and Service Science (ICSESS), 2015 6th IEEE International Conference on, Beijing, 2015, pp. 345-348. doi: 10.1109/ICSESS.2015.7339071
Abstract: In software security testing, fuzz testing and symbolic execution are two main testing techniques. Fuzz testing finds program bugs by executing the target program with random inputs it generates while monitoring the execution for abnormal behaviors. Though fuzz testing is able to explore deep into a program's state space efficiently, it usually cannot guarantee the code coverage ratio in many situations. Symbolic execution treats a program's input as symbols and executes the program with such symbolic input. Symbolic execution tries to explore the whole state space of a program by analyzing all of the program's paths. Symbolic execution always guarantees the code coverage ratio in theory, but for real programs it has many problems such as path explosion. Our new method, hybrid fuzz testing, combines the benefits of fuzz testing and symbolic execution. Symbolic execution will start to work and to generate new program input when fuzz testing cannot increase the code coverage ratio. The experiment result implies that our hybrid fuzz testing method can obviously increase the code coverage ratio efficiently in reasonable resources using.
Keywords: fuzzy set theory; program testing; system monitoring; binary-oriented hybrid fuzz testing techniques; code coverage ratio; program state space; software security testing; symbolic execution; Assembly; Computer bugs; Computers; Instruments; Reactive power; Registers; Testing; case generation; code coverage; fuzz testing; symbolic execution (ID#: 16-10960)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7339071&isnumber=7338993
J. Li, X. Xu, L. Liao and L. Li, “Concolic Execute Fuzzing Based on Control-Flow Analysis,” 2015 11th International Conference on Computational Intelligence and Security (CIS), Shenzhen, 2015, pp. 385-389. doi: 10.1109/CIS.2015.99
Abstract: This paper proposes a method which utilizing taint analysis to reduce the unnecessary analysis routine, concentrating on the control-flow altering input using concolic (concrete and symbolic) execution procedure. A prototype, Concolic Fuzz is implemented based on this method, which is built on Pin platform at x86 binary level and using Z3 as the SMT (Satisfiability Modulo Theories) solver. The results of experiments verify that our approach is effective in increasing code coverage with remarkably lower resource and time cost than the standard fuzzing and concolic testing tools. The scale of fuzzing range and symbols are reduced, so as the computing resource and time consumption, especially when the input data is in highly structured and complex file format.
Keywords: computability; Concolic Fuzz; SMT solver; Satisfiability Modulo Theories; code coverage; complex file format; computing resource; concolic execution procedure; concolic testing tools; control flow analysis; fuzzing range; lower resource; standard fuzzing; taint analysis; time consumption; Concrete; Instruments; Performance analysis; Registers; Security; Software; Testing; concolic execution; controlflow; dynamic taint analysis; fuzzing test (ID#: 16-10961)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7397113&isnumber=7396229
B. Fang, Z. Qian, W. Zhong and W. Shao, “Iterative Precoding for MIMO Wiretap Channels Using Successive Convex Approximation,” Antennas and Propagation (APCAP), 2015 IEEE 4th Asia-Pacific Conference on, Kuta, 2015, pp. 65-66. doi: 10.1109/APCAP.2015.7374273
Abstract: In this paper, we study the precoding problem for physical layer security in a general multiple-input multiple-output (MIMO) wiretap channel. Since the resultant secrecy capacity maximization (SCM) problem is nonconvex in general, we solve it by employing a successive convex approximation method, where the nonconvex part of the formulated problem is approximated by its first-order Taylor expansion. Thus, the SCM problem can be iteratively solved through convex programming of its convexified version. Finally, an iterative precoding algorithm with provable convergence is presented. Numerical simulations are also provided to verify the proposed algorithm.
Keywords: MIMO communication; approximation theory; channel coding; concave programming; convex programming; iterative methods; precoding; telecommunication security; MIMO wiretap channels; SCM problem; first-order Taylor expansion; iterative precoding algorithm; multiple-input multiple-output wiretap channel; numerical simulations; physical layer security; provable convergence; secrecy capacity maximization problem; successive convex approximation method; MIMO wiretap channel; convex optimization; successive convex approximation (ID#: 16-10962)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7374273&isnumber=7374246
W. Kang and N. Liu, “A Permutation-Based Code for the Wiretap Channel,” Information Theory (ISIT), 2015 IEEE International Symposium on, Hong Kong, 2015, pp. 2306-2310. doi: 10.1109/ISIT.2015.7282867
Abstract: In this paper, we propose a permutation-based code for the wiretap channel. We begin with an arbitrary channel code from Alice to Bob and then perform a series of permutations to enlarge the code to achieve secrecy to Eve. We show that the proposed code achieves the same performance as the traditional random code, in the sense that it achieves the random coding bound for the probability of decoding error at Bob and an exponentially vanishing information leakage at Eve. Thus, the permutation-based code we propose offers an alternative method of code construction for the wiretap channel.
Keywords: channel coding; decoding; error statistics; random codes; telecommunication security; arbitrary channel code; decoding error probability; information leakage; permutation-based code; random coding; wiretap channel; Ciphers; Decoding; Electronic mail; Encoding; Iterative decoding; Tin; Zinc (ID#: 16-10963)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7282867&isnumber=7282397
H. C. Huang, C. C. Lin and Y. H. Chen, “Fidelity Enhancement of Reversible Data Hiding for Images with Prediction-Based Concepts,” 2015 International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), Adelaide, SA, 2015, pp. 13-16. doi: 10.1109/IIH-MSP.2015.60
Abstract: Reversible data hiding has attracted more and more attention in recent years. With reversible data hiding, it requires embedding secret data into original image with devised algorithm at the encoder, and marked image can then be delivered to the decoder. At the decoder, both the secret data and original image should be perfectly separated from marked image to keep the reversibility. There are several practical ways to make reversible data hiding possible, and one of the latest methods belongs to the prediction-based method. By carefully manipulating differences between predicted and original images, reversible data hiding can be achieved. We propose an enhanced method for manipulating the difference histogram, and we observe the better performances than existing scheme in literature. Possible ways for enhancing embedding capacity are also pointed out for the extension of our method in the future.
Keywords: data encapsulation; image coding; prediction theory; security of data; decoder; difference histogram; encoder; fidelity enhancement; marked image; prediction-based method; reversibility; reversible data hiding; secret data; Copyright protection; Decoding; Histograms; Image quality; Multimedia communication; Receivers; Watermarking; capacity; prediction; quality (ID#: 16-10964)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7415746&isnumber=7415733
T. C. Gulcu and A. Barg, “Achieving Secrecy Capacity of the Wiretap Channel and Broadcast Channel with a Confidential Component,” Information Theory Workshop (ITW), 2015 IEEE, Jerusalem, 2015, pp. 1-5. doi: 10.1109/ITW.2015.7133098
Abstract: We show that capacity of the general (not necessarily degraded or symmetric) wiretap channel under a “strong secrecy constraint” can be achieved using an explicit scheme based on polar codes. We also extend our construction to the case of broadcast channels with confidential messages defined by Csiszár and Körner, achieving the entire capacity region of this communication model. This submission is an extended abstract of the paper by the same authors (see arXiv:1410.3422).
Keywords: broadcast channels; codes; telecommunication security; wireless channels; broadcast channel; communication model; polar codes; secrecy capacity; secrecy constraint; wiretap channel; Channel coding; Decoding; Receivers; Reliability; Security; Transmitters (ID#: 16-10965)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7133098&isnumber=7133075
S. Renatus, C. Bartelheimer and J. Eichler, “Improving Prioritization of Software Weaknesses Using Security Models with AVUS,” Source Code Analysis and Manipulation (SCAM), 2015 IEEE 15th International Working Conference on, Bremen, 2015,
pp. 259-264. doi: 10.1109/SCAM.2015.7335423
Abstract: Testing tools for application security have become an integral part of secure development life-cycles. Despite their ability to spot important software weaknesses, the high number of findings require rigorous prioritization. Most testing tools provide generic ratings to support prioritization. Unfortunately, ratings from established tools lack context information especially with regard to the security requirements of respective components or source code. Thus experts often spend a great deal of time re-assessing the prioritization provided by these tools. This paper introduces our lightweight tool AVUS that adjusts context-free ratings of software weaknesses according to a user-defined security model. We also present a first evaluation applying AVUS to a well-known open source project and the findings of a popular, commercially available application security testing tool.
Keywords: program testing; public domain software; safety-critical software; source code (software); AVUS; application security testing tool; context-free rating; open source project; security model; software testing tool; software weakness; source code; user-defined security model; Complexity theory; Context; Kernel; Measurement; Security; Testing; Secure software development; contextual enrichment; security metrics; vulnerability scoring (ID#: 16-10966)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7335423&isnumber=7335391
S. Y. Kim, S. Gu, H.-h. Jeong and K.-A. Sohn, “A Network Clustering Based Software Attribute Selection for Identifying Fault-Prone Modules,” IT Convergence and Security (ICITCS), 2015 5th International Conference on, Kuala Lumpur, 2015, pp. 1-5. doi: 10.1109/ICITCS.2015.7292921
Abstract: The software defect can damage the reliability and the quality of the software. The static code software metrics have been widely used and played an important role in software defect prediction. Instead of using whole features, it is quite necessary to remove the redundant features and select some meaningful features to improve the prediction performance. This study focuses on the effective attribute selection technique for the software fault classification. We proposed the software attributes network that indicates the mutual information between features and the clustering based attribute selection techniques. The results demonstrate that the proposed network clustering based feature selection performs the best on fault-prone modules prediction. The comparative feature selection techniques are examined to evaluate the result. Furthermore, the best-performed software attributes and the relations between them are shown and carefully analyzed.
Keywords: pattern clustering; software fault tolerance; software metrics; software quality; comparative feature selection techniques; fault-prone module identification; mutual information; network clustering; software attribute selection technique; software defect prediction; software quality; software reliability; static code software metrics; Clustering algorithms; Complexity theory; Feature extraction; Measurement; Microwave integrated circuits; Software; Support vector machines (ID#: 16-10967)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7292921&isnumber=7292885
M. Trapp, M. Rossberg and G. Schaefer, “Program Partitioning Based on Static Call Graph Analysis for Privilege Separation,” 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, 2015, pp. 613-618. doi: 10.1109/ISCC.2015.7405582
Abstract: The major cause of IT security incidents are software issues, hence this article presents an automated approach for source code partitioning and privilege separation. Based on static call graph analysis, functions and program parts of a monolithic software are separated in several processes and grouped by the privilege they need. For the partitioning we introduce a metric that estimates the potential security gain by considering the complexity and privilege distribution of the separated software. Furthermore, we present a partitioning heuristic that uses this metric to create a secure software partitioning.
Keywords: graph theory; program diagnostics; security of data; software metrics; IT security incident; monolithic software; partitioning heuristic; privilege separation; program partitioning; secure software partitioning; source code partitioning; static call graph analysis; Computers; Context; Measurement; Permission; Process control; Software (ID#: 16-10968)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7405582&isnumber=7405441
H. Mercier, M. Augier and A. K. Lenstra, “STEP-Archival: Storage Integrity and Anti-Tampering Using Data Entanglement,” Information Theory (ISIT), 2015 IEEE International Symposium on, Hong Kong, 2015, pp. 1590-1594. doi: 10.1109/ISIT.2015.7282724
Abstract: We present STEP-archives, a model for censorship-resistant storage systems where an attacker cannot censor or tamper with data without causing a large amount of obvious collateral damage. MDS erasure codes are used to entangle unrelated data blocks, in addition to providing redundancy against storage failures. We show a tradeoff for the attacker between attack complexity, irrecoverability, and collateral damage. We also show that the system can efficiently recover from attacks with imperfect irrecoverability, making the problem asymmetric between attackers and defenders. Finally, we present sample heuristic attack algorithms that are efficient and irrecoverable (but not collateral-damage-optimal), and demonstrate how some strategies and parameter choices allow to resist these sample attacks.
Keywords: data integrity; data protection; information retrieval; redundancy; STEP-archival; antitampering; censorship-resistant storage system; data entanglement; heuristic attack algorithm; imperfect irrecoverability; storage integrity; Censorship; Complexity theory; Decoding; Grippers; Memory; Resistance; Security; Distributed storage; MDS codes; anti-tampering; data entanglement
(ID#: 16-10969)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7282724&isnumber=7282397
P. Jilna, P. P. Deepthi, S. M. Sameer, P. S. Sathidevi and A. P. Vijitha, “FPGA Implementation of an Elliptic Curve Based Integrated System for Encryption and Authentication,” Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on, Kozhikode, 2015, pp. 1-6. doi: 10.1109/SPICES.2015.7091513
Abstract: The resource constrained applications in the present day communication networks demand the use of new cryptographic protocols and hardware with reduced computational and structural complexity. The use of standard, standalone cryptographic primitives are not suitable for such applications. This paper proposes the implementation of a new integrated system for both encryption and authentication based on elliptic curves. An algorithm for pseudo random sequence generation based on cryptographic one way function of elliptic curve point multiplication is developed. This is combined with an elliptic curve based message authentication code to form the integrated system. EC point multiplication operation is preferred as cryptographic one way function for use in this system due to its high security per bit of the key. The hardware is implemented on a Virtex 5 FPGA using Xilinx ISE. In the proposed hardware implementation a single point multiplication unit is time shared between the operations of pseudo random sequence generation and authentication to reduce the overall hardware complexity. A comparison of the resource requirement of the proposed implementation with existing standalone methods is also done.
Keywords: computational complexity; field programmable gate arrays; public key cryptography; random sequences; EC point multiplication operation; FPGA implementation; Virtex 5 FPGA; Xilinx ISE; communication networks; cryptographic one-way function; cryptographic protocols; elliptic curve point multiplication; elliptic curve-based integrated system; elliptic curve-based message authentication code; encryption; hardware complexity reduction; hardware implementation; integrated system; pseudorandom sequence generation; reduced computational complexity; resource-constrained application; single-point multiplication unit; structural complexity; Authentication; Complexity theory; Elliptic curves; Encryption; Hardware; Random sequences; Elliptic Curve Cryptography; MAC; Pseudo random sequence (ID#: 16-10970)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7091513&isnumber=7091354
M. Benssalah, M. Djeddou and K. Drouiche, “Pseudo-Random Sequence Generator Based on Random Selection of an Elliptic Curve,” Computer, Information and Telecommunication Systems (CITS), 2015 International Conference on, Gijon, 2015, pp. 1-5. doi: 10.1109/CITS.2015.7297719
Abstract: Pseudo-random numbers generators (PRNG) are one of the main security tools in Radio Frequency IDentification (RFID) technology. Thus, a weak internal embedded generator can directly cause the entire application to be insecure and it makes no sense to employ robust protocols for the security issue. In this paper, we propose a new PRNG constructed by randomly selecting points from two elliptic curves, suitable for ECC based applications. The main contribution of this work is the increasing of the generator internal states by extending the set of its output realizations to two curves randomly selected. The main advantages of this PRNG in comparison to previous works are the large periodicity, a better distribution of the generated sequences and a high security level based on the elliptic curve discrete logarithm problem (ECDLP). Further, the proposed PRNG has passed the different Special Publication 800-22 NIST statistical test suite. Moreover, the proposed PRNG presents a scalable architecture in term of security level and periodicity at the expense of increasing the computation complexity. Thus, it can be adapted for ECC based cryptosystems such as RFID tags and sensors networks and other applications like computer physic simulations, and control coding.
Keywords: computational complexity; cryptographic protocols; public key cryptography; radiofrequency identification; random number generation; statistical analysis; ECC based cryptosystem; ECDLP; PRNG; RFID technology; computation complexity; elliptic curve discrete logarithm problem; embedded generator; pseudo-random sequence generator; radio frequency identification technology; random selection; robust protocols; security tools; sensors networks; special publication 800-22 NIST statistical test; Complexity theory; Elliptic curve cryptography; Elliptic curves; Generators; Space exploration; Cryptosystem; ECC; RFID (ID#: 16-10971)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7297719&isnumber=7297712
A. Sghaier, M. Zghid and M. Machhout, “Proposed Efficient Arithmetic Operations Architectures for Hyper Elliptic Curves Cryptosystems (HECC),” Systems, Signals & Devices (SSD), 2015 12th International Multi-Conference on, Mahdia, 2015, pp. 1-5. doi: 10.1109/SSD.2015.7348108
Abstract: Because it offers several benefits over other public-key cryptosystems much effort are done to make Hyper Elliptic Curve Cryptosystems (HECC) more practical, such as RSA, it offers a comparable level of security with a smaller key size. For this reason, HECCs can be used in embedded environments where speed, energy, power, chip and memory area are constrained. However, HEC use a complex mathematical background, so it's difficult to be implemented on hardware. They can be defined over real numbers, complex numbers and any other field. So we need arithmetic operations (addition, subtraction, multiplication and division) which have much application in cryptography and coding theory. We have to note that the overall performance of HECC is mainly determined by the speed of arithmetic operations. The most algorithms that manipulate these operations use polynomial coefficients in base 2 and they are defined over finite fields. But, the problem is clearly viewed over real field and simple to be presented. Arithmetic operations are based on the complexity of a mathematical problem, and to have an optimized architecture we need to optimize arithmetic operations. In this paper we describe a high performance, area efficient implementation of arithmetic operations in HECC over real field and a new design methodology is presented. The proposed architectures operations are implemented in FPGA.
Keywords: digital arithmetic; embedded systems; field programmable gate arrays; polynomials; public key cryptography; FPGA; HECC; arithmetic operation architectures; coding theory; cryptography; embedded environments; finite fields; hyperelliptic curves cryptosystem; mathematical problem; polynomial coefficients; Decision support systems; Elliptic curve cryptography; Elliptic curves; Jacobian matrices; Polynomials; Yttrium; Discrete Logarithm Problem (DLP); Elliptic Curve (EC); FPGA; Hyper Elliptic Curve Cryptosystems (HECC); HyperElliptic Curve (HEC); Jacobian group; MA; Rivest, Shamir and Adelman (RSA) (ID#: 16-10972)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7348108&isnumber=7348090
E. Pisek, S. Abu-Surra, R. Taori, J. Dunham and D. Rajan, “Enhanced Cryptcoding: Joint Security and Advanced Dual-Step Quasi-Cyclic LDPC Coding,” 2015 IEEE Global Communications Conference (GLOBECOM), San Diego, CA, 2015, pp. 1-7. doi: 10.1109/GLOCOM.2015.7417284
Abstract: Data security has always been a major concern and a huge challenge for governments and individuals throughout the world since early times. Recent advances in technology, such as the introduction of cloud computing, make it even a bigger challenge to keep data secure. In parallel, high throughput mobile devices such as smartphones and tablets are designed to support these new technologies. The high throughput requires power-efficient designs to maintain the battery-life. In this paper, we propose a novel Joint Security and Advanced Low Density Parity Check (LDPC) Coding (JSALC) method. The JSALC is composed of two parts: the Joint Security and Advanced LDPC-based Encryption (JSALE) and the dual-step Secure LDPC code for Channel Coding (SLCC). The JSALE is obtained by interlacing Advanced Encryption System (AES)-like rounds and Quasi-Cyclic (QC)-LDPC rows into a single primitive. Both the JSALE code and the SLCC code share the same base quasi-cyclic parity check matrix (PCM) which retains the power efficiency compared to conventional systems. We show that the overall JSALC Frame-Error-Rate (FER) performance outperforms other cryptcoding methods by over 1.5 dB while maintaining the AES-128 security level. Moreover, the JSALC enables error resilience and has higher diffusion than AES-128.
Keywords: channel coding; cryptography; cyclic codes; error statistics; parity check codes; AES-128 security level; FER; JSALC method; JSALE; PCM; SLCC; advanced encryption system; battery-life; cloud computing; cryptcoding; data security; dual-step secure LDPC code for channel coding; frame-error-rate; high throughput mobile device; joint security and advanced LDPC-based encryption; joint security and advanced dual-step quasicyclic LDPC coding; low density parity check coding; power-efficient design; quasicyclic parity check matrix; smartphone; tablet; Complexity theory; Encoding; Encryption; Parity check codes; Phase change materials (ID#: 16-10973)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7417284&isnumber=7416057
A. Alzahrani and R. F. DeMara, “Hypergraph-Cover Diversity for Maximally-Resilient Reconfigurable Systems,” High Performance Computing and Communications (HPCC), 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conferen on Embedded Software and Systems (ICESS), 2015 IEEE 17th International Conference on, New York, NY, 2015, pp. 1086-1092. doi: 10.1109/HPCC-CSS-ICESS.2015.294
Abstract: Scaling trends of reconfigurable hardware (RH) and their design flexibility have proliferated their use in dependability-critical embedded applications. Although their reconfigurability can enable significant fault tolerance, due to the complexity of execution time in their design flow, in-field reconfigurability can be infeasible and thus limit such potential. This need is addressed by developing a graph and set theoretic approach, named hypergraph-cover diversity (HCD), as a preemptive design technique to shift the dominant costs of resiliency to design-time. In particular, union-free hypergraphs are exploited to partition the reconfigurable resources pool into highly separable subsets of resources, each of which can be utilized by the same synthesized application netlist. The diverse implementations provide reconfiguration-based resilience throughout the system lifetime while avoiding the significant overheads associated with runtime placement and routing phases. Two novel scalable algorithms to construct union-free hypergraphs are proposed and described. Evaluation on a Motion-JPEG image compression core using a Xilinx 7-series-based FPGA hardware platform demonstrates a statistically significant increase in fault tolerance and area efficiency when using proposed work compared to commonly-used modular redundancy approaches.
Keywords: data compression; embedded systems; field programmable gate arrays; graph theory; image coding; motion estimation; reconfigurable architectures; HCD; Motion-JPEG image compression core; RH; Xilinx 7-series-based FPGA hardware platform; area efficiency; dependability-critical embedded applications; design flexibility; execution time; fault tolerance; hypergraph-cover diversity; in-field reconfigurability; maximally-resilient reconfigurable systems; preemptive design technique; reconfigurable hardware; reconfigurable resource partitioning; reconfiguration-based resilience; resiliency costs; routing phases; runtime placement; separable resource subsets; set theoretic approach; statistical analysis; synthesized application netlist; union-free hypergraphs; Circuit faults; Embedded systems; Fault tolerance; Fault tolerant systems; Field programmable gate arrays; Hardware; Runtime; Area Efficiency; Design Diversity; FPGAs; Fault Tolerance; Hypergraphs; Reconfigurable Systems; Reliability (ID#: 16-10974)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7336313&isnumber=7336120
J. Li, K. Zhou and J. Ren, “Security and Efficiency Trade-Offs for Cloud Computing and Storage,” Resilience Week (RWS), 2015, Philadelphia, PA, 2015, pp. 1-6. doi: 10.1109/RWEEK.2015.7287434
Abstract: Cloud computing provides centralized data storage and online computing. For centralized data storage, to address both security and availability issue, distributed storage is an appealing option in that it can ensure file security without requiring data encryption. Instead of storing a file and its replications on multiple servers, we can break the file into components and store the components on multiple servers. In this paper, we develop the minimum storage regeneration (MSR) point based distributed storage schemes that can achieve optimal storage efficiency and storage capacity. Moreover, our scheme can detect and correct malicious nodes with much higher error correction efficiency. For online computing, we investigate outsourcing of general computational problems and propose efficient Cost-Aware Secure Outsourcing (CASO) schemes for problem transformation and outsourcing so that the cloud is unable to learn any key information from the transformed problem. We also propose a verification scheme to ensure that the end-users will always receive a valid solution from the cloud. Our extensive complexity and security analysis show that our proposed Cost- Aware Secure Outsourcing (CASO) scheme is both practical and effective.
Keywords: cloud computing; error correction; outsourcing; security of data; storage management; CASO scheme; MSR point based distributed storage scheme; availability issue; centralized data storage; cloud storage; complexity analysis; cost-aware secure outsourcing; efficiency trade-off; error correction efficiency; file security; malicious node correction; malicious node detection; minimum storage regeneration point; online computing; optimal storage efficiency; security analysis; security trade-off; storage capacity; verification scheme; Bandwidth; Complexity theory; Error correction; Error correction codes; Outsourcing; Security; Servers; Cloud computing; computation outsourcing; cost aware; distributed storage; efficiency; optimal scheme design; security (ID#: 16-10975)
URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7287434&isnumber=7287407
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.