On the correlation and sensitivity of so far statistical randomness tests based on runs

Abstract—Random numbers play a very important role in cryptography. More precisely, almost cryptographic primitives are ensured their security based on random values such as random key, nonces, salts... Therefore, the assessment of randomness according to statistical tests is really essential for measuring the security of cryptographic algorithms. In this paper, we focus on so far randomness tests based on runs in the literature. First, we have proved in detail that the expected number of gaps (or blocks) of length in a random sequence of length is . Secondly, we have evaluated correlation of some tests based on runs so far using Pearson coefficient method [5, 6] and Fail-Fail ratio one [7, 8]. Surprisingly, the Pearson coefficient method do not show any strong linear correlation of these runs-based tests but the Fail-Fail ratio do. Then, we have considered the sensitivity of these runs tests with some basic transformations. Finally, we have proposed some new runs tests based on the sensitivity results and applied evaluations to some random sources. Tóm tắt—Số ngẫu nhiên đóng một vai trò quan trọng trong mật mã. Cụ thể, độ an toàn của hầu hết các nguyên thủy mật mã đều được đảm bảo dựa trên các giá trị ngẫu nhiên như khóa, nonce, salt… Do đó, việc đánh giá tính ngẫu nhiên dựa trên các kiểm tra thống kê là thực sự cần thiết để đo độ an toàn cho các thuật toán mật mã. Trong bài báo này, chúng tôi tập trung vào các kiểm tra ngẫu nhiên dựa vào run trong các tài liệu. Đầu tiên, chúng tôi chứng minh chi tiết rằng kỳ vọng số các gap (khối) độ dài trong một chuỗi ngẫu nhiên độ dài là . Sau đó, chúng tôi đánh giá mối tương quan của một số kiểm tra dựa vào run bằng phương pháp hệ số Pearson [5, 6] và tỷ số Fail-Fail [7, 8]. Đáng ngạc nhiên là phương pháp hệ số Pearson không cho thấy bất kỳ mối tương quan tuyến tính mạnh nào của các kiểm tra dựa vào run, trong khi đó tỷ số Fail-Fail lại chỉ ra. Tiếp theo, chúng tôi xem xét độ nhạy của các kiểm tra run này với một số phép biến đổi cơ bản. Cuối cùng, chúng tôi đề xuất một số kiểm tra run mới dựa trên các kết quả độ nhạy và đánh giá áp dụng chúng cho một số nguồn ngẫu nhiên.

BlockREV: Blockchain-Enabled Multi-Controller Rule Enforcement Verification in SDN

Compared with the classical structure with only one controller in software-defined networking (SDN), multi-controller topology structure in SDN provides a new type of cross-domain forwarding network architecture with multiple centralized controllers and distributed forwarding devices. However, when the network includes multiple domains, lack of trust among the controllers remains a challenge how to verify the correctness of cross-domain forwarding behaviors in different domains. In this paper, we propose a novel secure multi-controller rule enforcement verification (BlockREV) mechanism in SDN to guarantee the correctness of cross-domain forwarding. We first adopt blockchain technology to provide the immutability and privacy protection for forwarding behaviors. Furthermore, we present an address-based aggregate signature scheme with appropriate cryptographic primitives, which is provably secure in the random oracle model. Moreover, we design a verification algorithm based on hash values of forwarding paths to check the consistency of forwarding order. Finally, experimental results demonstrate that the proposed BlockREV mechanism is effective and suitable for multi-controller scenarios in SDN.

Decentralized Inner-Product Encryption with Constant-Size Ciphertext

With the rise of technology in recent years, more people are studying distributed system architecture, such as the e-government system. The advantage of this architecture is that when a single point of failure occurs, it does not cause the system to be invaded by other attackers, making the entire system more secure. On the other hand, inner product encryption (IPE) provides fine-grained access control, and can be used as a fundamental tool to construct other cryptographic primitives. Lots of studies for IPE have been proposed recently. The first and only existing decentralized IPE was proposed by Michalevsky and Joye in 2018. However, some restrictions in their scheme may make it impractical. First, the ciphertext size is linear to the length of the corresponding attribute vector; second, the number of authorities should be the same as the length of predicate vector. To cope with the aforementioned issues, we design the first decentralized IPE with constant-size ciphertext. The security of our scheme is proven under the ℓ-DBDHE assumption in the random oracle model. Compared with Michalevsky and Joye’s work, ours achieves better efficiency in ciphertext length and encryption/decryption cost.

A Light and Anonymous Three-Factor Authentication Protocol for Wireless Sensor Networks

Recently, wireless sensor networks (WSNs) have been widely used in a variety of fields, and make people’s lives more convenient and efficient. However, WSNs are usually deployed in a harsh and insecure environment. Furthermore, sensors with limited hardware resources have a low capacity for data processing and communication. For these reasons, research on efficient and secure real-time authentication and key agreement protocols based on the characteristics of WSNs has gradually attracted the attention of academics. Although many schemes have been proposed, most of them cannot achieve all known security features with satisfactory performance, among which anonymity, N-Factor security, and forward secrecy are the most vulnerable. In order to solve these shortcomings, we propose a new lightweight and anonymous three-factor authentication scheme based on symmetric cryptographic primitives for WSNs. By using the automated security verification tool ProVerif, BAN-logic verification, and an informal security analysis, we prove that our proposed scheme is secure and realizes all known security features in WSNs. Moreover, we show that our proposed scheme is practical and efficient through the comparison of security features and performance.

Towards the Construction of Reed-Muller Code Based Symmetric Key FHE

Homomorphic encryption (HE) schemes became popular cryptographic primitives and very useful in variety of security applications. Homomorphic encryption based on coding theory have the advantages of faster computations due to the structural properties of the codes used. Several schemes are supporting unlimited Mod2 addition operations in literature. The present paper introduces Reed-Muller (RM) code based Mod2 multiplication operation thereby making RM code based HE scheme fully homomorphic. The representation of the codeword with necessary adaption to support unlimited number of Mod2​ multiplication operations is presented along with the scheme first. The correctness proof of the homomorphic operations along with experimental evaluation is also presented to demonstrate the practical aspects of the proposal.

ESSM: Formal Analysis Framework for Protocol to Support Algebraic Operations and More Attack Capabilities

The strand space model has been proposed as a formal method for verifying the security goals of cryptographic protocols. However, only encryption and decryption operations and hash functions are currently supported for the semantics of cryptographic primitives. Therefore, we establish the extended strand space model (ESSM) framework to describe algebraic operations and advanced threat models. Based on the ESSM, we add algebraic semantics, including the Abelian group and the XOR operation, and a threat model based on algebraic attacks, key-compromise impersonation attacks, and guess attacks. We implement our model using the automatic analysis tool, Scyther. We demonstrate the effectiveness of our framework by analysing several protocols, in particular a three-factor agreement protocol, with which we can identify new attacks while providing trace proofs.

Improving Security Using Modified S-Box for AES Cryptographic Primitives

The growing network traffic rate in wireless communication demands extended network capacity. Current crypto core methodologies are already reaching the maximum achievable network capacity limits. The combination of AES with other crypto cores and inventing new optimization models have emerged. In this paper, some of the prominent issues related to the existing AES core system, namely, lack of data rate, design complexity, reliability, and discriminative properties. In addition to that, this work also proposes a biometric key generation for AES core that constitutes simpler arithmetic such as substitution, modulo operation, and cyclic shifting for diffusion and confusion metrics which explore cipher transformation level. It is proved that in AES as compared to all other functions S-Box component directly influences the overall system performance both in terms of power consumption overhead, security measures, and path delay, etc.

A Commitment Scheme with Output Locality-3 Fit for the IoT Device

Low output locality is a property of functions, in which every output bit depends on a small number of input bits. In IoT devices with only a fragile CPU, it is important for many IoT devices to cooperate to execute a single function. In such IoT’s collaborative work, a feature of low output locality is very useful. This is why it is desirable to reconstruct cryptographic primitives with low output locality. However, until now, commitment with a constant low output locality has been constructed by using strong randomness extractors from a nonconstant-output-locality collision-resistant hash function. In this paper, we construct a commitment scheme with output locality-3 from a constant-output-locality collision-resistant hash function for the first time. We prove the computational hiding property of our commitment by the decisional M , δ -bSVP assumption and prove the computational binding property by the M , δ -bSVP assumption, respectively. Furthermore, we prove that the M , δ -bSVP assumption can be reduced to the decisional M , δ -bSVP assumption. We also give a parameter suggestion for our commitment scheme with the 128 bit security.