Universal hashing for ultra-low-power cryptographic hardware applications

Yuksel, Kaan.

January 2004

Thesis (M.S.)--Worcester Polytechnic Institute. / Keywords: self-powered; universal hashing; ultra-low-power; message authentication codes; provable security. Includes bibliographical references (p. 55-61).

Message Authentication and Recognition Protocols Using Two-Channel Cryptography

Mashatan, Atefeh

27 November 2008

We propose a formal model for non-interactive message authentication protocols (NIMAPs) using two channels and analyze all the attacks that can occur in this model. Further, we introduce the notion of hybrid-collision resistant (HCR) hash functions. This leads to a new proposal for a NIMAP based on HCR hash functions. This protocol is as efficient as the best previous NIMAP while having a very simple structure and not requiring any long strings to be authenticated ahead of time. We investigate interactive message authentication protocols (IMAPs) and propose a new IMAP, based on the existence of interactive-collision resistant (ICR) hash functions, a new notion of hash function security. The efficient and easy-to-use structure of our IMAP makes it very practical in real world ad hoc network scenarios. We also look at message recognition protocols (MRPs) and prove that there is a one-to-one correspondence between non-interactive MRPs and digital signature schemes with message recovery. Further, we look at an existing recognition protocol and point out its inability to recover in case of a specific adversarial disruption. We improve this protocol by suggesting a variant which is equipped with a resynchronization process. Moreover, another variant of the protocol is proposed which self-recovers in case of an intrusion. Finally, we propose a new design for message recognition in ad hoc networks which does not make use of hash chains. This new design uses random passwords that are being refreshed in each session, as opposed to precomputed elements of a hash chain.

Cryptography

message authentication

Two-channel cryptography

Combinatorics and Optimization

Message Authentication and Recognition Protocols Using Two-Channel Cryptography

Mashatan, Atefeh

27 November 2008

We propose a formal model for non-interactive message authentication protocols (NIMAPs) using two channels and analyze all the attacks that can occur in this model. Further, we introduce the notion of hybrid-collision resistant (HCR) hash functions. This leads to a new proposal for a NIMAP based on HCR hash functions. This protocol is as efficient as the best previous NIMAP while having a very simple structure and not requiring any long strings to be authenticated ahead of time. We investigate interactive message authentication protocols (IMAPs) and propose a new IMAP, based on the existence of interactive-collision resistant (ICR) hash functions, a new notion of hash function security. The efficient and easy-to-use structure of our IMAP makes it very practical in real world ad hoc network scenarios. We also look at message recognition protocols (MRPs) and prove that there is a one-to-one correspondence between non-interactive MRPs and digital signature schemes with message recovery. Further, we look at an existing recognition protocol and point out its inability to recover in case of a specific adversarial disruption. We improve this protocol by suggesting a variant which is equipped with a resynchronization process. Moreover, another variant of the protocol is proposed which self-recovers in case of an intrusion. Finally, we propose a new design for message recognition in ad hoc networks which does not make use of hash chains. This new design uses random passwords that are being refreshed in each session, as opposed to precomputed elements of a hash chain.

Cryptography

message authentication

Two-channel cryptography

Combinatorics and Optimization

On Achieving Secure Message Authentication for Vehicular Communications

Zhang, Chenxi

January 2010

Vehicular Ad-hoc Networks (VANETs) have emerged as a new application scenario that is envisioned to revolutionize the human driving experiences, optimize traffic flow control systems, etc. Addressing security and privacy issues as the prerequisite of VANETs' development must be emphasized. To avoid any possible malicious attack and resource abuse, employing a digital signature scheme is widely recognized as the most effective approach for VANETs to achieve authentication, integrity, and validity. However, when the number of signatures received by a vehicle becomes large, a scalability problem emerges immediately, where a vehicle could be difficult to sequentially verify each received signature within 100-300 ms interval in accordance with the current Dedicated Short Range Communications (DSRC) protocol. In addition, there are still some unsolved attacks in VANETs such as Denial of Service (Dos) attacks, which are not well addressed and waiting for us to solve. In this thesis, we propose the following solutions to address the above mentioned security related issues. First of all, to address the scalability issues, we introduce a novel roadside unit (RSU) aided message authentication scheme, named RAISE, which makes RSUs responsible for verifying the authenticity of messages sent from vehicles and for notifying the results back to vehicles. In addition, RAISE adopts the k-anonymity property for preserving user privacy, where a message cannot be associated with a common vehicle. Secondly, we further consider the situation that RSUs may not cover all the busy streets of a city or a highway in some situations, for example, at the beginning of a VANETs' deployment period, or due to the physical damage of some RSUs, or simply for economic considerations. Under these circumstances, we further propose an efficient identity-based batch signature verification scheme for vehicular communications. The proposed scheme can make vehicles verify a batch of signatures once instead of one after another, and thus it efficiently increases vehicles' message verification speed. In addition, our scheme achieves conditional privacy: a distinct pseudo identity is generated along with each message, and a trust authority can trace a vehicle's real identity from its pseudo identity. In order to find invalid signatures in a batch of signatures, we adopt group testing technique which can find invalid signatures efficiently. Lastly, we identify a DoS attack, called signature jamming attack (SJA), which could easily happen and possibly cause a profound vicious impact on the normal operations of a VANET, yet has not been well addressed in the literature. The SJA can be simply launched at an attacker by flooding a significant number of messages with invalid signatures that jam the surrounding vehicles and prevent them from timely verifying regular and legitimate messages. To countermeasure the SJA, we introduces a hash-based puzzle scheme, which serves as a light-weight filter for excluding likely false signatures before they go through relatively lengthy signature verification process. To further minimize the vicious effect of SJA, we introduce a hash recommendation mechanism, which enables vehicles to share their information so as to more efficiently thwart the SJA. For each research solution, detailed analysis in terms of computational time, and transmission overhead, privacy preservation are performed to validate the efficiency and effectiveness of the proposed schemes.

message authentication

privacy

vehicular ad-hoc network

Electrical and Computer Engineering

The Authentication Scheme Based on IBC and Chameleon Hashing for Vehicular Ad-Hoc Networks

Chen, Liang-Chih

20 July 2011

In the VANET environment, the security of traffic information between vehicles is very important. The messages need to be real-time, and the complexity of authentication should be low. Our proposed method focus on the identity verification based on bilinear pairing, therefore, vehicles, roadside units (RSUs), central authorities (CAs) and trust authority (TA) can verify the identity of each other. After the identity authentication, RSUs will broadcast messages containing chameleon hashing values of verified vehicles, to the other RSUs and vehicles. In the future, vehicles can communicate with the verified vehicles, and verify the messages by these chameleon hashing values. The advantages of the propose method is mainly: 1. Based on the identity-based cryptography (i.e. IBC), the vehicles, RSUs, CAs and TA can verify the message each other. 2. The vehicles can verify the source and legitimacy of the public/private key. 3. The vehicles do not need to show any certificate to verify the identity, avoiding the certificate is exposed for a long time and causing attacks. 4. We can verify the messages through chameleon function and does not need to wait for RSU to verify, it would have good latency performance. 5. We don¡¦t need to re-verify the identity and consult the common keys when the vehicles hand off within the different cover ranges of the RSUs. 6. Not only within the RSUs, our proposal but also can execute in somewhere without RSU. Finally, our proposal method can fulfill the authentication, data integrity, non-repudiation, condition-privacy and untraceable.

Chameleon hashing function

VANET

Identity-based Cryptography

Message Authentication

On Achieving Secure Message Authentication for Vehicular Communications

Zhang, Chenxi

January 2010

Vehicular Ad-hoc Networks (VANETs) have emerged as a new application scenario that is envisioned to revolutionize the human driving experiences, optimize traffic flow control systems, etc. Addressing security and privacy issues as the prerequisite of VANETs' development must be emphasized. To avoid any possible malicious attack and resource abuse, employing a digital signature scheme is widely recognized as the most effective approach for VANETs to achieve authentication, integrity, and validity. However, when the number of signatures received by a vehicle becomes large, a scalability problem emerges immediately, where a vehicle could be difficult to sequentially verify each received signature within 100-300 ms interval in accordance with the current Dedicated Short Range Communications (DSRC) protocol. In addition, there are still some unsolved attacks in VANETs such as Denial of Service (Dos) attacks, which are not well addressed and waiting for us to solve. In this thesis, we propose the following solutions to address the above mentioned security related issues. First of all, to address the scalability issues, we introduce a novel roadside unit (RSU) aided message authentication scheme, named RAISE, which makes RSUs responsible for verifying the authenticity of messages sent from vehicles and for notifying the results back to vehicles. In addition, RAISE adopts the k-anonymity property for preserving user privacy, where a message cannot be associated with a common vehicle. Secondly, we further consider the situation that RSUs may not cover all the busy streets of a city or a highway in some situations, for example, at the beginning of a VANETs' deployment period, or due to the physical damage of some RSUs, or simply for economic considerations. Under these circumstances, we further propose an efficient identity-based batch signature verification scheme for vehicular communications. The proposed scheme can make vehicles verify a batch of signatures once instead of one after another, and thus it efficiently increases vehicles' message verification speed. In addition, our scheme achieves conditional privacy: a distinct pseudo identity is generated along with each message, and a trust authority can trace a vehicle's real identity from its pseudo identity. In order to find invalid signatures in a batch of signatures, we adopt group testing technique which can find invalid signatures efficiently. Lastly, we identify a DoS attack, called signature jamming attack (SJA), which could easily happen and possibly cause a profound vicious impact on the normal operations of a VANET, yet has not been well addressed in the literature. The SJA can be simply launched at an attacker by flooding a significant number of messages with invalid signatures that jam the surrounding vehicles and prevent them from timely verifying regular and legitimate messages. To countermeasure the SJA, we introduces a hash-based puzzle scheme, which serves as a light-weight filter for excluding likely false signatures before they go through relatively lengthy signature verification process. To further minimize the vicious effect of SJA, we introduce a hash recommendation mechanism, which enables vehicles to share their information so as to more efficiently thwart the SJA. For each research solution, detailed analysis in terms of computational time, and transmission overhead, privacy preservation are performed to validate the efficiency and effectiveness of the proposed schemes.

message authentication

privacy

vehicular ad-hoc network

Electrical and Computer Engineering

Efficient Simulation for Quantum Message Authentication

Wainewright, Evelyn

January 2016

A mix of physics, mathematics, and computer science, the study of quantum information seeks to understand and utilize the information that can be held in the state of a quantum system. Quantum cryptography is then the study of various cryptographic protocols on the information in a quantum system. One of the goals we may have is to verify the integrity of quantum data, a process called quantum message authentication. In this thesis, we consider two quantum message authentication schemes, the Clifford code and the trap code. While both of these codes have been previously proven secure, they have not been proven secure in the simulator model, with an efficient simulation. We offer a new class of simulator that is efficient, so long as the adversary is efficient, and show that both of these codes can be proven secure using the efficient simulator. The efficiency of the simulator is typically a crucial requirement for a composable notion of security. The main results of this thesis have been accepted to appear in the Proceedings of the 9th International Conference on Information Theoretic Security (ICITS 2016).

quantum cryptography

message authentication

quantum information

trap code

Clifford code

Universal Hashing for Ultra-Low-Power Cryptographic Hardware Applications

Yuksel, Kaan

28 April 2004

Message Authentication Codes (MACs) are valuable tools for ensuring the integrity of messages. MACs may be built around a keyed hash function. Our main motivation was to prove that universal hash functions can be employed as underlying primitives of MACs in order to provide provable security in ultra-low-power applications such as the next generation self-powered sensor networks. The idea of using a universal hash function (NH) was explored in the construction of UMAC. This work presents three variations on NH, namely PH, PR and WH. The first hash function we propose, PH, produces a hash of length 2w and is shown to be 2^(-w)-almost universal. The other two hash functions, i.e. PR and WH, reach optimality and are proven to be universal hash functions with half the hash length of w. In addition, these schemes are simple enough to allow for efficient constructions. To the best of our knowledge the proposed hash functions are the first ones specifically designed for low-power hardware implementations. We achieve drastic power savings of up to 59% and speedup of up to 7.4 times over NH. Note that the speed improvement and the power reduction are accomplished simultaneously. Moreover, we show how the technique of multi- hashing and the Toeplitz approach can be combined to reduce the power and energy consumption even further while maintaining the same security level with a very slight increase in the amount of key material. At low frequencies the power and energy reductions are achieved simultaneously while keeping the hashing time constant. We develope formulae for estimation of leakage and dynamic power consumptions as well as energy consumption based on the frequency and the Toeplitz parameter t. We introduce a powerful method for scaling WH according to specific energy and power consumption requirements. This enables us to optimize the hash function implementation for use in ultra-low-power applications such as "Smart Dust" motes, RFIDs, and Piconet nodes. Our simulation results indicate that the implementation of WH-16 consumes only 2.95 ìW 500 kHz. It can therefore be integrated into a self- powered device. By virtue of their security and implementation features mentioned above, we believe that the proposed universal hash functions fill an important gap in cryptographic hardware applications.

self-powered

universal hashing

ultra-low-power

message authentication codes

provable security

Cryptography

Authentication

Microelectromechanical systems

Message authentication codes

Lightweight Message Authentication for the Internet of Things

Höglund, Rikard

January 2014

During the last decade, the number of devices capable of connecting to the Internet has grown enormously. The Internet of Things describes a scenario where Internet connected devices are ubiquitous and even the smallest device has a connection to the Internet. Many of these devices will be running on constrained platforms with limited power and computing resources. Implementing protocols that are both secure and resource efficient is challenging. Current protocols have generally been designed for mains powered devices; hence, they are not optimized for running on constrained devices. The Constrained Application Protocol (CoAP) is a protocol for network communication specifically designed for constrained devices. This thesis project examines CoAP and presents an extension that adds authentication in a way that is suitable for constrained devices, with respect to minimizing resource use. The proposed solution has been compared and contrasted with other alternatives for authentication, particularly those alternatives used with CoAP. It has also been implemented in code and experimentally evaluated with regards to performance versus vanilla CoAP. The main goal of this project is to implement a lightweight authentication extension for CoAP to be deployed and evaluated on constrained devices. This extension, called Short Message Authentication ChecK (SMACK), can be used on devices that require a method for secure authentication of messages while using only limited power. The main goal of the extension is to protect against battery exhaustion and denial of sleep attacks. Other benefits are that the extension adds no additional overhead when compared with the packet structure described in the latest CoAP specification. Minimizing overhead is important since some constrained networks may only support low bandwidth communication. / Under det senaste århundradet har antalet enheter som kan ansluta sig till Internet ökat enormt. ”The Internet of Things” beskriver ett scenario där Internet-anslutna enheter är närvarande överallt och även den minsta enhet har en uppkoppling till Internet. Många av dessa enheter kommer att vara begränsade plattformar med restriktioner på både kraft- och beräkningsresurser. Att implementera protokoll som både är säkra och resurseffektiva är en utmaning. Tillgängliga protokoll har i regel varit designade för enheter med anslutning till det fasta kraftnätet; på grund av detta är de inte optimerade för att köras på begränsade plattformar. Constrained Application Protocol (CoAP) är ett protokoll för nätverkskommunikation speciellt framtaget för begränsade plattformar. Denna uppsats undersöker CoAP protokollet och presenterar ett tillägg som erbjuder autentisering på ett sätt som passar begränsade plattformar, med avseende på att minimera resursanvändning. Den föreslagna lösningen har blivit beskriven och jämförd med andra alternativ för autentisering, speciellt de alternativ som används med CoAP. Lösningen har också implementerats i kod och blivit experimentellt utvärderad när det gäller prestanda jämfört med standardversionen av CoAP. Det huvudsakliga målet för detta projekt är att implementera en lättviktslösning för autentisering till CoAP som ska installeras och utvärderas på begränsade plattformar. Detta tillägg, Short Message Authentication checK (SMACK), kan användas på enheter som behöver en metod för säker autentisering av meddelanden samtidigt som kraftåtgången hålls låg. Huvudmålet för detta tillägg är att skydda mot batteridräneringsattacker och attacker som hindrar en enhet från att gå i viloläge. Andra fördelar är att tillägget inte kräver någon extra dataanvändning jämfört med paketstrukturen som beskrivs i den senaste CoAP-specifikationen. Att minimera overhead i kommunikationsprotokoll är viktigt eftersom vissa begränsade nätverk endast stödjer kommunikation över låg bandbredd.

Constrained Application Protocol

CoAP

Internet of Things

message authentication

constrained devices

Contiki

Short Message Authentication Check

SMACK

Constrained Application Protocol

CoAP

Internet of Things

meddelandeautentisering

begränsade plattformar

Contiki

Short Message Authentication Check

SMACK

Communication Systems

Kommunikationssystem

HASH STAMP MARKING SCHEME FOR PACKET TRACEBACK

NEIMAN, ADAM M.

January 2005

No description available.

Computer Science

hash

message authentication code

MAC

hash-keyed message authentication

HMAC

Internet Protocol

IP

spoofing

packet stamping

packet marking

traceback

computer network security

denial of service

DoS