Quantum communication for sender anonymity based on single-particle with collective detection

Nowadays, identity protection has turned into a fundamental demand for online activities. Currently, the present quantum anonymous communication protocols mostly rely on multi-entanglement. In this paper, we propose an anonymous communication protocol for anonymous sender by using single-particle states. The protocol can be extended to a communication protocol where the sender and receiver are fully anonymous with the message kept secret. In terms of security, our protocol is designed to comply with the technique of collective detection. Compared to the step-by-step detection, collective detection, in which the participants perform detection only once, reduces the complexity of the protocol to some extent. Moreover, we analytically demonstrate the security of the protocol in the face of active attacks. Any active attack employed by an external or internal attacker cannot reveal any useful information about the sender’s identity. Meanwhile, any malicious behavior will be detected by honest participants.

Curse of Re-encryption: A Generic Power/EM Analysis on Post-Quantum KEMs

This paper presents a side-channel analysis (SCA) on key encapsulation mechanism (KEM) based on the Fujisaki–Okamoto (FO) transformation and its variants. The FO transformation has been widely used in actively securing KEMs from passively secure public key encryption (PKE), as it is employed in most of NIST post-quantum cryptography (PQC) candidates for KEM. The proposed attack exploits side-channel leakage during execution of a pseudorandom function (PRF) or pseudorandom number generator (PRG) in the re-encryption of KEM decapsulation as a plaintext-checking oracle that tells whether the PKE decryption result is equivalent to the reference plaintext. The generality and practicality of the plaintext-checking oracle allow the proposed attack to attain a full-key recovery of various KEMs when an active attack on the underlying PKE is known. This paper demonstrates that the proposed attack can be applied to most NIST PQC third-round KEM candidates, namely, Kyber, Saber, FrodoKEM, NTRU, NTRU Prime, HQC, BIKE, and SIKE (for BIKE, the proposed attack achieves a partial key recovery). The applicability to Classic McEliece is unclear because there is no known active attack on this cryptosystem. This paper also presents a side-channel distinguisher design based on deep learning (DL) for mounting the proposed attack on practical implementation without the use of a profiling device. The feasibility of the proposed attack is evaluated through experimental attacks on various PRF implementations (a SHAKE software, an AES software, an AES hardware, a bit-sliced masked AES software, and a masked AES hardware based on threshold implementation). Although it is difficult to implement the oracle using the leakage from the TI-based masked hardware, the success of the proposed attack against these implementations (even except for the masked hardware), which include masked software, confirms its practicality.

Detection and Isolation Technique for Sinkhole Attack in WSN

The WSN is a self-configuring network in which no centralized control is available. The sensing devices are considered as the nodes. These nodes have small size and low-cost. Primarily, the deployment of these networks is done in the military areas in order to monitor the activities of conflicting sides. These networks can monitor all the movement of energy. Malicious nodes can also join the network and trigger different types of active & passive attacks. The major kind of active attack is sinkhole intrusion. Such an attack allows the attacker node to spoof the identity of sink and act like sink itself. The sensor nodes focus on the transmission of information to the attacker node instead of BS. This research study suggests an algorithm to explore and segregate the attacker nodes from the network. This algorithm is designed on the basis of the identify confirmation. The NS2 (Network Simulator 2) is utilized to deploy the suggested algorithm and diverse metrics are utilized for analyzing the results.

CLAP: A Cross-Layer Analytic Platform for the Correlation of Cyber and Physical Security Events Affecting Water Critical Infrastructures

Water CIs are exposed to a wide number of IT challenges that go from the cooperation and alignment between physical and cyber security teams to the proliferation of new vulnerabilities and complex cyber-attacks with potential disastrous consequences. Although novel and powerful solutions are proposed in the literature, most of them lack appropriate mechanisms to detect cyber and physical attacks in real time. We propose a Cross-Layer Analytic Platform (denoted as CLAP) developed for the correlation of Cyber and Physical security events affecting water CIs. CLAP aims to improve the detection of complex attack scenarios in real time based on the correlation of cyber and physical security events. The platform assigns appropriate severity values to each correlated alarm that will guide security analysts in the decision-making process of prioritizing mitigation actions. A series of passive and active attack scenarios against the target infrastructure are presented at the end of the paper to show the mechanisms used for the detection and correlation of cyber–physical security events. Results show promising benefits in the improvement of response accuracy, false rates reduction and real-time detection of complex attacks based on cross-correlation rules.

A Secure Distance-Bounding Protocol with Mutual Authentication

Distance-bounding protocol is a useful primitive in resisting distance-based attacks. Currently, most of the existing distance-bounding protocols usually do not take the reuse of nonces in designing the protocols into consideration. However, there have been some literature studies showing that nonce repetition may lead to the leakage of the shared key between protocol participants. Aikaterini et al. introduced a countermeasure that could serve as a supplementary in most distance-bounding systems allowing nonce repetition. However, their proposal only holds against passive attackers. In this paper, we introduce an active attack model and show that their countermeasure is insecure under the proposed active attack model. We also discover that all existing distance-bounding protocols with mutual authentication are vulnerable to distance-based attacks if a short nonce is applied under the proposed active model. To address this security concern, we propose a new distance-bounding protocol with mutual authentication to prevent distance-based attacks under the active adversary model. A detailed security analysis is presented for the proposed distance-bounding protocol with mutual authentication.

Cryptanalysis of a Group Key Establishment Protocol

In this paper, we analyze the security of a group key establishment scheme proposed by López-Ramos et al. This proposal aims at allowing a group of users to agree on a common key. We present several attacks against the security of the proposed protocol. In particular, an active attack is presented, and it is also proved that the protocol does not provide forward secrecy.