Algorithm Substitution Attacks: State Reset Detection and Asymmetric Modifications

In this paper, we study algorithm substitution attacks (ASAs), where an algorithm in a cryptographic scheme is substituted for a subverted version. First, we formalize and study the use of state resets to detect ASAs, and show that many published stateful ASAs are detectable with simple practical methods relying on state resets. Second, we introduce two asymmetric ASAs on symmetric encryption, which are undetectable or unexploitable even by an adversary who knows the embedded subversion key. We also generalize this result, allowing for any symmetric ASA (on any cryptographic scheme) satisfying certain properties to be transformed into an asymmetric ASA. Our work demonstrates the broad application of the techniques first introduced by Bellare, Paterson, and Rogaway (Crypto 2014) and Bellare, Jaeger, and Kane (CCS 2015) and reinforces the need for precise definitions surrounding detectability of stateful ASAs.

Quantitative Weighted Visual Cryptographic (k, m, n) Method

The weighted visual cryptographic scheme (WVCS) is a secret sharing technology, where weights are assigned to each shadow (participant) according to its importance. Among WVCS, the random grid-based WVCS (RGWVCS) is a frequently visited subject. It considers the premise of equality of all participants, without taking into account the existence of privileged people in reality. To address this problem of RGWVCS, this paper designs a new model, named as (k, m, n)-RGWVCS (where m < k < n ), in which the secret is encrypted into n shares and sent to k participants. In the recovery end, the secret could be reconstructed by minimum m shares when the privileged join in; otherwise, k shares are needed. The experimental results show that our method has the advantage of no pixel expansion and no codebook design by means of random grid. Moreover, the contrast of our model increased by 32.85% on average compared with that of other WVCS.

Performance Evaluation of Attribute-Based Encryption in Automotive Embedded Platform for Secure Software Over-The-Air Update

This paper aims to show that it is possible to improve security for over the air update functionalities in an automotive scenario through the use of a cryptographic scheme, called “Attribute-Based-Encryption” (ABE), which grants confidentiality to the software/firmware update done Over The Air (OTA). We demonstrate that ABE is seamlessly integrable into the state of the art solutions regarding the OTA update by showing that the overhead of the ABE integration in terms of computation time and its storage is negligible w.r.t. the other overheads that are introduced by the OTA process, also proving that security can be enhanced with a minimum cost. In order to support our claim, we report the experimental results of an implementation of the proposed ABE OTA technique on a Xilinx ZCU102 evaluation board, which is an automotive-oriented HW/SW platform that is equipped with a Zynq UltraScale+ MPSoC chip that is representative of the computing capability of real automotive Electronic Control Units (ECUs).