EVALUATION OF PERSISTENCE OF STREAMING CRYPTOSYSTEMS OPERATING AS PART OF TELECOMMUNICATIONS MANAGEMENT NETWORK SYSTEM

Целью исследования является повышение защищенности телекоммуникационных систем управления в контексте криптографической защиты с использованием математического аппарата риск-анализа для оценки стойкости поточных криптосистем. Стойкость поточной криптосистемы в работе рассмотрена как совокупность рисков разнородных компонентов поточной криптосистемы, уязвимых к деструктивному воздействию. В ходе исследования проанализированы уязвимости компонентов поточной криптосистемы, особенности среды функционирования, построены модель угроз и риск-модель атакуемой поточной криптосистемы, предложены мероприятия по снижению рисков поточных криптосистем. Полученные результаты могут быть использованы или адаптированы при необходимости повышения стойкости поточных криптосистем на этапах проектирования и модернизации, а также при необходимости восстановления эффективности функционирования после компрометации или взлома. На основе предложенной риск-модели поточной криптосистемы в дальнейшем возможна реализация программного обеспечения для оценки стойкости поточных криптосистем. The aim of the article consists in increasing of security level of telecommunications management network system due to cryptographic security methods. Risk analysis is used as an instrument of evaluation of persistence of streaming cryptosystems. The vulnerabilities of components and features of environment are analyzed. The threat model and the risk model of the stream cryptosystem are built. Measures of reducing the risks of stream cryptosystems are proposed. The obtained results can be used or adapted if it is necessary to increase the persistence of streaming cryptosystems during the design and modernization stages, as well as if it is necessary to restore operational efficiency after compromising or hacking. Based on the proposed risk model of a stream cryptosystem, it is further possible to implement software to assess the persistence of stream cryptosystems.

Peningkatan Keamanan Kriptografi Caesar Cipher dengan Menerapkan Algoritma Kompresi Stout Codes

The development of applications that can crack passwords or data that has been secured by cryptographic algorithms has made researchers try various ways to further secure the data they have. Even though the method used is quite modern, the algorithm for breaking ciphertext in cryptography can still be created. For this reason, in this study the authors develop cryptographic security by combining it with data compression. In this study, the algorithm used is the classic cryptographic algorithm, namely Caesar Cipher, combined with the Stout Codes compression algorithm. The results of the Caesar Cipher ciphertext are then compressed by applying the Stout Codes algorithm. From the test results using the Brute Force Atack model, the results are quite good, that the security of the encrypted data is quite good and not easily broken.

A PUF-based cryptographic security solution for IoT systems on chip

The integration of multicore processors and peripherals from multiple intellectual property core providers as hardware components of IoT multiprocessor systems-on-chip (SoC) represents a source of security vulnerabilities for the in-chip communication. This paper describes the concept and the practical results of a SoC security implementation that is illustrative for IoT applications. The mechanism employed in this approach uses physically unclonable functions (PUF) and symmetric cryptography in order to encrypt the transferred messages within the SoC between the microprocessor and its peripherals. The mechanism is experimentally validated at FPGA level, the paper describing also an implementation scenario for an IoT ARM based device.

MoneyMorph: Censorship Resistant Rendezvous using Permissionless Cryptocurrencies

Cryptocurrencies play a major role in the global financial ecosystem. Their presence across different geopolitical corridors, including in repressive regimes, has been one of their striking features. In this work, we leverage this feature for bootstrapping Censorship Resistant communication. We conceptualize the notion of stego-bootstrapping scheme and its security in terms of rareness and security against chosencovertext attacks. We present MoneyMorph, a provably secure stego-bootstrapping scheme using cryptocurrencies. MoneyMorph allows a censored user to interact with a decoder entity outside the censored region, through blockchain transactions as rendezvous, to obtain bootstrapping information such as a censorshipresistant proxy and its public key. Unlike the usual bootstrapping approaches (e.g., emailing) with heuristic security, if any, MoneyMorph employs public-key steganography over blockchain transactions to ensure provable cryptographic security. We design rendezvous over Bitcoin, Zcash, Monero, and Ethereum, and analyze their effectiveness in terms of available bandwidth and transaction cost. With its highly cryptographic structure, we show that Zcash provides 1148 byte bandwidth per transaction costing less than 0.01 USD as fee.

STUDIES ON PRACTICAL CRYPTOGRAPHIC SECURITY ANALYSIS FOR BLOCK CIPHERS WITH RANDOM SUBSTITUTIONS

In up-to-date information and communication systems (ICS) cryptography is used for ensuring data confidentiality. The symmetric block ciphers (BC) are implemented in different ICS including critical applications. Today theory of analysis and security verification of BC with fixed substitution nodes against linear and differential cryptanalysis (LDC) is developed. There are also BC with substitution nodes defined by round keys. Random substitution nodes improve security of ciphers and complicate its cryptanalysis. But through it all, quantitative assessment is an actual and not simple task as well as the derivation of formulas for practical security verification for BC with random substitution nodes against LDC. In this paper analytical upper bounds of parameters characterized practical security of BC with random substitution nodes against LDC were given. These assessments generalize known analogs on BC with random substitution nodes and give a possibility to verify security improving against LDC. By using the example of BC Kalyna-128, it was shown that the use of random substitution nodes allows improving upper bounds of linear and differential parameters average probabilities in 246 and 290 times respectively. The study is novel as it is one of the few in the cryptology field to calculate analytical upper bounds of BC practical security against LDC methods as well as to show and prove that using random substitutions allows improving upper bounds of linear and differential parameters. The security analysis using quantitative parameters gives possibility to evaluate various BCs or other cryptographic algorithms and their ability to provide necessary and sufficient security level in ICS. A future research study can be directed on improving analytical upper bounds for analyzed LDC in context to practical security against LDC, as well as practical cryptographic security assessment for other BC with random substitutions against LDC and other cryptanalysis methods including quantum cryptanalysis (Shor, Grover, Deutsch-Jozsa algorithms).

A Secured e-Governance Enterprise Framework using Aadhaar Based eSign System

Over the wide expansion of internet and eGovernance, many services of government are nowadays provided online. In any online services, confidentiality, authentication and non-repudiation are of foremost priority in setting up any e-Governance framework. Strong cryptographic security protocols and framework must be deployed for large scale e-Governance transactions. We have proposed an open source based secured e-Governance enterprise framework, using Aadhaar based eSign system to integrate all available existing eGovernance services from different sources to seamlessly perform secured transactions in very large-scale and costeffective manner.