Search

Your search keyword '"Janaka Alawatugoda"' showing total 27 results
Start Over Author "Janaka Alawatugoda" Database OpenAIRE
27 results on '"Janaka Alawatugoda"'

3. Peer-to-Peer Energy Trading through Swarm Intelligent Stackelberg Game

Author

Chathurangi Edussuriya, Umar Marikkar, Subash Wickramasinghe, Upul Jayasinghe, and Janaka Alawatugoda

Subjects
blockchain, Control and Optimization, swarm intelligence, Renewable Energy, Sustainability and the Environment, energy market, peer-to-peer energy trading, Energy Engineering and Power Technology, Stackelberg game, Building and Construction, Electrical and Electronic Engineering, smart grid, Engineering (miscellaneous), Energy (miscellaneous)
Abstract

The development of smart grids has paved the way for sustainable energy infrastructure to transition towards decentralized energy trading. As intelligent agents, energy sources engage in energy trading based on their energy surplus or deficit. Buyers and sellers (participants) should achieve maximum payoffs in which buyers cut costs and sellers improve their utilities, and the security of sensitive information of smart agents must be guaranteed. This paper provides a blockchain-based energy trading network where intelligent agents can exchange energy in a secure manner, without the intervention of third parties. We model energy trading as a Stackelberg game, ensuring that the platform maximizes social welfare while participants increase their payoffs. Using the inherited characteristics of blockchain technology, a novel decentralized swarm intelligence technique is applied to solve the game while ensuring the privacy of the smart agents’ sensitive information. The numerical analysis demonstrates that the suggested method outperforms the present methods (Constant Utility Optimization, average method...) for optimizing the objectives of each agent by maximizing the sellers’ utilities and reducing the buyers’ costs. In addition, the experimental results demonstrate that it significantly reduces carbon footprint (15%) by enhancing energy exchange between intelligent agents.

Published
2023

4. Review on Leakage Resilient Key Exchange Security Model

Author

Zheng Wei Clement Chan, Chai Wen Chuah, and Janaka Alawatugoda

Subjects
Computer Networks and Communications
Abstract

In leakage resilient cryptography, leakage resilient key exchange protocols are constructed to defend against leakage attacks. Then, the key exchange protocol is proved with leakage resilient security model to determine whether its security proof can provide the security properties it claimed or to find out any unexamined flaw during protocol building. It is an interesting work to review the meaningful security properties provided by these security models. This work review how a leakage resilient security model for a key exchange protocol has been evolved over years according to the increasing security requirement which covers a different range of attacks. The relationship on how an adversary capability in the leakage resilient security model can be related to real-world attack scenarios is studied. The analysis work for each leakage resilient security model here enables a better knowledge on how an adversary query addresses different leakage attacks setting, thereby understand the motive of design for a cryptographic primitive in the security model.

Published
2022

5. New approach to practical leakage-resilient public-key cryptography

Author

Suvradip Chakraborty, Chandrasekaran Pandu Rangan, and Janaka Alawatugoda

Subjects
Computer science, 68p25, 0102 computer and information sciences, 02 engineering and technology, low-latency key exchange, Computer security, computer.software_genre, 01 natural sciences, Public-key cryptography, authenticated key exchange, non-interactive key exchange, QA1-939, 0202 electrical engineering, electronic engineering, information engineering, 94a60, leakage-resilient cryptography, Leakage (electronics), 68m12, business.industry, Applied Mathematics, 14g50, Computer Science Applications, Computational Mathematics, 010201 computation theory & mathematics, 020201 artificial intelligence & image processing, business, 11t71, computer, public-key cryptography, Mathematics
Abstract

We present a new approach to construct several leakage-resilient cryptographic primitives, including leakage-resilient public-key encryption (PKE) schemes, authenticated key exchange (AKE) protocols and low-latency key exchange (LLKE) protocols. To this end, we introduce a new primitive called leakage-resilient non-interactive key exchange (LR-NIKE) protocol. We introduce an appropriate security model for LR-NIKE protocols in the bounded memory leakage (BML) settings. We then show a secure construction of the LR-NIKE protocol in the BML setting that achieves an optimal leakage rate, i.e., 1 – o(1). Our construction of LR-NIKE requires a minimal use of a leak-free hardware component. We argue that the use of such a leak-free hardware component seems to be unavoidable in any construction of an LR-NIKE protocol, even in the BML setting. Finally, we show how to construct the aforementioned leakage-resilient primitives from such an LR-NIKE protocol as summarized below. All these primitives also achieve the same (optimal) leakage rate as the underlying LR-NIKE protocol. We show how to construct a leakage-resilient (LR) IND-CCA-2-secure PKE scheme in the BML model generically from a bounded LR-NIKE (BLR-NIKE) protocol. Our construction of LR-IND-CCA-2 secure PKE differs significantly from the state-of-the-art constructions of these primitives, which mainly use hash proof techniques to achieve leakage resilience. Moreover, our transformation preserves the leakage-rate of the underlying BLR-NIKE protocol. We introduce a new leakage model for AKE protocols, in the BML setting, and present a leakage-resilient AKE protocol construction from the LR-NIKE protocol. We introduce the first-ever leakage model for LLKE protocols in the BML setting and the first construction of such a leakage-resilient LLKE from the LR-NIKE protocol.

Published
2020

6. Public-Key Encryption In The Standard Model Against Strong Leakage Adversary

Author

Janaka Alawatugoda

Subjects
General Computer Science, business.industry, Computer science, 0102 computer and information sciences, Adversary, Computer security, computer.software_genre, 01 natural sciences, Public-key cryptography, 010201 computation theory & mathematics, business, computer, Standard model (cryptography), Leakage (electronics)
Abstract

Over the years, security against adaptively chosen-ciphertext attacks (CCA2) is considered as the strongest security definition for public-key encryption schemes. With the uprise of side-channel attacks, new security definitions are proposed, addressing leakage of secret keys together with the standard CCA2 definition. Among the new security definitions, security against continuous and after-the-fact leakage-resilient CCA2 can be considered as the strongest security definition, which is called as security against (continuous) adaptively chosen-ciphertext leakage attacks (continuous CCLA2). In this paper, we present a construction of a public-key encryption scheme, namely LR-PKE, which satisfies the aforementioned security definition. The security of our public-key encryption scheme is proven in the standard model, under decision BDH assumption. Thus, we emphasize that our public-key encryption scheme LR-PKE is (continuous) CCLA2-secure in the standard model. For our construction of LR-PKE, we have used a strong one-time signature scheme and a leakage-resilient refreshing protocol as underlying building blocks. The leakage bound is $0.15n\log p -1$ bits per leakage query, for a security parameter $k$ and a statistical security parameter $n$, such that $\log p \geq k$ and $n$ is a function of $k$. It is possible to see that LR-PKE is efficient enough to be used for real-world usage.

Published
2020

8. Authenticated Key Exchange Protocol in the Standard Model under Weaker Assumptions

Author

Janaka Alawatugoda

Subjects
Computational Theory and Mathematics, Computer Networks and Communications, Applied Mathematics, authenticated key exchange, standard model, eCK model, pairing, weaker assumptions, Software, Computer Science Applications
Abstract

A two-party authenticated key exchange (AKE) protocol allows each of the two parties to share a common secret key over insecure channels, even in the presence of active adversaries who can actively control and modify the exchanged messages. To capture the malicious behaviors of the adversaries, there have been many efforts to define security models. Amongst them, the extended Canetti–Krawczyk (eCK) security model is considered one of the strongest security models and has been widely adopted. In this paper, we present a simple construction of a pairing-based eCK-secure AKE protocol in the standard model. Our protocol can be instantiated with a suitable signature scheme (i.e., an existentially unforgeable signature scheme against adaptive chosen message attacks). The underlying assumptions of our construction are the decisional bilinear Diffie–Hellman assumption and the existence of a pseudorandom function. Note that the previous eCK-secure protocol constructions either relied on random oracles for their security or used somewhat strong assumptions, such as the existence of strong-pseudorandom functions, target collision-resistant functions, etc., while our protocol construction uses fewer and more-standard assumptions in the standard model. Furthermore, preserving the same security argument, our protocol can be instantiated with any appropriate signature scheme that comes in the future with better efficiency.

Published
2023

10. A Review of the NIST Lightweight Cryptography Finalists and Their Fault Analyses

Author

Hasindu Madushan, Iftekhar Salam, and Janaka Alawatugoda

Subjects
Computer Networks and Communications, Hardware and Architecture, Control and Systems Engineering, Signal Processing, Electrical and Electronic Engineering
Abstract

The security of resource-constrained devices is critical in the IoT field, given that everything is interconnected. Therefore, the National Institute of Standards and Technology (NIST) initialized the lightweight cryptography (LWC) project to standardize the lightweight cryptography algorithms for resource-constrained devices. After two rounds, the NIST announced the finalists in 2021. The finalist algorithms are Ascon, Elephant, GIFT-COFB, Grain-128AEAD, ISAP, PHOTON-Beetle, Romulus, SPARKLE, TinyJambu, and Xoodyak. The final round of the competition is still in progress, and the NIST will select the winner based on their and third-party evaluations. In this paper, we review the 10 finalists mentioned above, discuss their constructions, and classify them according to the underlying primitives. In particular, we analyze these ciphers from different perspectives, such as cipher specifications and structures, design primitives, security parameters, advantages and disadvantages, and existing cryptanalyses. We also review existing analyses of these finalists with a specific focus on the review of fault attacks. We hope the study compiled in this paper will benefit the cryptographic community by providing an easy-to-grasp overview of the NIST LWC finalists.

Published
2022

11. On Advances of Lattice-Based Cryptographic Schemes and Their Implementations

Author

Harshana Bandara, Yasitha Herath, Thushara Weerasundara, and Janaka Alawatugoda

Subjects
Computational Theory and Mathematics, Computer Networks and Communications, Applied Mathematics, Software, Computer Science Applications
Abstract

Lattice-based cryptography is centered around the hardness of problems on lattices. A lattice is a grid of points that stretches to infinity. With the development of quantum computers, existing cryptographic schemes are at risk because the underlying mathematical problems can, in theory, be easily solved by quantum computers. Since lattice-based mathematical problems are hard to be solved even by quantum computers, lattice-based cryptography is a promising foundation for future cryptographic schemes. In this paper, we focus on lattice-based public-key encryption schemes. This survey presents the current status of the lattice-based public-key encryption schemes and discusses the existing implementations. Our main focus is the learning with errors problem (LWE problem) and its implementations. In this paper, the plain lattice implementations and variants with special algebraic structures such as ring-based variants are discussed. Additionally, we describe a class of lattice-based functions called lattice trapdoors and their applications.

Published
2022

12. BAT—Block Analytics Tool Integrated with Blockchain Based IoT Platform

Author

Manjula Sandirigama, Kasun Vithanage, Chathurangi Edussuriya, Gyu Myoung Lee, Upul Jayasinghe, Nathan Shone, Janaka Alawatugoda, and Namila Bandara

Subjects
QA75, blockchain, IoT, Computer Networks and Communications, Computer science, media_common.quotation_subject, Distributed computing, Supply chain, Interface (computing), lcsh:TK7800-8360, 02 engineering and technology, smart contracts, Scarcity, access management, 0202 electrical engineering, electronic engineering, information engineering, Use case, Electrical and Electronic Engineering, data analytics, media_common, Block (data storage), business.industry, lcsh:Electronics, 020206 networking & telecommunications, Information sensitivity, Hardware and Architecture, Control and Systems Engineering, Analytics, Signal Processing, Data analysis, 020201 artificial intelligence & image processing, business
Abstract

The Internet of Things (IoT) is the novel paradigm of connectivity and the driving force behind state-of-the-art applications and services. However, the exponential growth of the number of IoT devices and services, their distributed nature, and scarcity of resources has increased the number of security and privacy concerns ranging from the risks of unauthorized data alterations to the potential discrimination enabled by data analytics over sensitive information. Thus, a blockchain based IoT-platform is introduced to address these issues. Built upon the tamper-proof architecture, the proposed access management mechanisms ensure the authenticity and integrity of data. Moreover, a novel approach called Block Analytics Tool (BAT), integrated with the platform is proposed to analyze and make predictions on data stored on the blockchain. BAT enables the data-analysis applications to be developed using the data stored in the platform in an optimized manner acting as an interface to off-chain processing. A pharmaceutical supply chain is used as the use case scenario to show the functionality of the proposed platform. Furthermore, a model to forecast the demand of the pharmaceutical drugs is investigated using a real-world data set to demonstrate the functionality of BAT. Finally, the performance of BAT integrated with the platform is evaluated.

Published
2020
Full Text
View/download PDF

14. On the leakage-resilient key exchange

Author

Janaka Alawatugoda

Subjects
Computer science, 02 engineering and technology, Computer security, computer.software_genre, Public-key cryptography, key exchange protocols, 0202 electrical engineering, electronic engineering, information engineering, QA1-939, Leakage (economics), 94a60, Key exchange, leakage-resilient cryptography, business.industry, Applied Mathematics, 020206 networking & telecommunications, Adversary, Computer security model, Computer Science Applications, 14g50, Authenticated Key Exchange, Computational Mathematics, security models, 020201 artificial intelligence & image processing, business, computer, 11t71, Mathematics
Abstract

Typically, secure channels are constructed from an authenticated key exchange (AKE) protocol, which authenticates the communicating parties based on long-term public keys and establishes secret session keys. In this paper we address the partial leakage of long-term secret keys of key exchange protocol participants due to various side-channel attacks. Security models for two-party authenticated key exchange protocols have been developed over time to provide security even when the adversary learns certain secret values. This paper combines and extends the advances of security modelling for AKE protocols addressing more granular partial leakage of long-term secrets of protocol participants. Further, we fix some flaws in security proofs of previous leakage-resilient key exchange protocols.

Published
2017

15. Generic construction of an $$\mathrm {eCK}$$ eCK -secure key exchange protocol in the standard model

Author

Janaka Alawatugoda

Subjects
Computer Networks and Communications, Computer science, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Random oracle, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Safety, Risk, Reliability and Quality, Key exchange, Computer Science::Cryptography and Security, Standard model (cryptography), Discrete mathematics, Cryptographic primitive, business.industry, Order (ring theory), Adaptive chosen-ciphertext attack, 010201 computation theory & mathematics, 020201 artificial intelligence & image processing, business, computer, Software, Information Systems
Abstract

LaMacchia, Lauter and Mityagin presented a strong security model for authenticated key agreement, namely the $$\mathrm {eCK}$$ model. They also constructed a protocol, namely the NAXOS protocol, that enjoys a simple security proof in the $$\mathrm {eCK}$$ model. However, the NAXOS protocol uses a random oracle-based technique to combine the long-term secret key and the per session randomness, so-called NAXOS trick, in order to achieve the $$\mathrm {eCK}$$ security definition. For NAXOS trick-based protocols, the leakage of per session randomness modeled in the $$\mathrm {eCK}$$ model is somewhat unnatural, because the $$\mathrm {eCK}$$ model leaks per session randomness, while the output of the NAXOS trick computation remains safe. In this work, we present a standard model $$\mathrm {eCK}$$ -secure protocol construction, eliminating the NAXOS trick. Moreover, our protocol is a generic construction, which can be instantiated with arbitrary suitable cryptographic primitives. Thus, we present a generic $$\mathrm {eCK}$$ -secure, NAXOS-free, standard model key exchange protocol. To the best of our knowledge this is the first paper on generic transformation of a $$\mathrm {CCA2}$$ -secure public-key encryption scheme to an $$\mathrm {eCK}$$ -secure key exchange protocol in the standard model.

Published
2016

16. Analysis of Four Historical Ciphers Against Known Plaintext Frequency Statistical Attack

Author

Chuah Chai Wen, Sofia Najwa Ramli, Irfan Darmawan, Janaka Alawatugoda, L Samylingam, Cik Feresa Mohd Foozy, P.Siva Shamala Palaniappan, and Vivegan A

Subjects
Computer science, business.industry, Mechanical Engineering, Materials Science (miscellaneous), Substitution cipher, Data_CODINGANDINFORMATIONTHEORY, Encryption, Industrial and Manufacturing Engineering, law.invention, Scrambling, Vigenère cipher, Playfair cipher, Mechanics of Materials, law, Data_GENERAL, Known-plaintext attack, Ciphertext, Hill cipher, Hardware_ARITHMETICANDLOGICSTRUCTURES, Electrical and Electronic Engineering, Arithmetic, business, Civil and Structural Engineering
Abstract

The need of keeping information securely began thousands of years. The practice to keep the information securely is by scrambling the message into unreadable form namely ciphertext. This process is called encryption. Decryption is the reverse process of encryption. For the past, historical ciphers are used to perform encryption and decryption process. For example, the common historical ciphers are Hill cipher, Playfair cipher, Random Substitution cipher and Vigenere cipher. This research is carried out to examine and to analyse the security level of these four historical ciphers by using known plaintext frequency statistical attack. The result had shown that Playfair cipher and Hill cipher have better security compare with Vigenere cipher and Random Substitution cipher.

Published
2018

17. Implementing a proven-secure and cost-effective countermeasure against the compression ratio info-leak mass exploitation (CRIME) attack

Author

Sanduni Prasadi, Jayamine Alupotha, Roshan Ragel, Janaka Alawatugoda, and Mohamed Fawsan

Subjects
060201 languages & linguistics, Transport Layer Security, Computer science, business.industry, Plaintext, Cryptography, Data_CODINGANDINFORMATIONTHEORY, 06 humanities and the arts, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Redundancy (information theory), Financial cryptography, 0602 languages and literature, Compression ratio, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, Data compression
Abstract

Header compression is desirable for network applications as it saves bandwidth and reduces latency. However, when data is compressed before being encrypted, the amount of compression leaks information about the amount of redundancy in the plaintext. In web requests, headers contain secret web cookies. Therefore, compression of headers before encryption will reveal the information about the secret web cookies. This side-channel has led to Compression Ratio Info-leak Made Easy (CRIME) attack on web traffic protected by the SSL/TLS protocols. In order to mitigate the CRIME attack, compression is completely disabled at the TLS/SSL layer, which in return increases the bandwidth consumption and latency. In a previous work (Financial Cryptography and Data Security 2015), two countermeasures are presented with formal security proofs, against compression side-channel attacks, namely (l)-separating secret cookies from user inputs and (2)-using a static compression dictionary. In this work we create a test environment to replicate the CRIME attack and verify the attack. Moreover, we implement a proven-secure countermeasure against the CRIME attack, in a real world client/server setup, following the aforementioned two countermeasures. Our implementation achieves better compression ratio (closer to the original TLS/SSL compression), and hence reduces the bandwidth usage and latency significantly (therefore cost-effective). To the best of our knowledge, this is the first proven-secure and cost-effective countermeasure implementation against the CRIME attack.

Published
2017

18. Leakage-Resilient Non-interactive Key Exchange in the Continuous-Memory Leakage Setting

Author

C. Pandu Rangan, Janaka Alawatugoda, and Suvradip Chakraborty

Subjects
Hardware_MEMORYSTRUCTURES, Cryptographic primitive, Theoretical computer science, Computer science, business.industry, Open problem, Hash function, 0102 computer and information sciences, 02 engineering and technology, Encryption, 01 natural sciences, Memory leak, 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Key exchange, Leakage (electronics)
Abstract

Recently, Chakraborty et al. (Cryptoeprint:2017:441) showed a novel approach of constructing several leakage-resilient cryptographic primitives by introducing a new primitive called leakage-resilient non-interactive key exchange (LR-NIKE). Their construction of LR-NIKE was only in the bounded-memory leakage model, and they left open the construction of LR-NIKE in continuous-memory leakage model. In this paper we address that open problem. Moreover, we extend the continuous-memory leakage model by addressing more realistic after-the-fact leakage. The main ingredients of our construction are a leakage-resilient storage scheme and a refreshing protocol (Dziembowski and Faust, Asiacrypt 2011) and a (standard) chameleon hash function (CHF), equipped with an additional property of oblivious sampling, which we introduce. We observe that the present constructions of CHF already satisfies our new notion. Further, our protocol can be used as a building block to construct leakage-resilient public-key encryption schemes, interactive key exchange and low-latency key exchange protocols in the continuous-memory leakage model, following the approach of Chakraborty et al. (Cryptoeprint:2017:441).

Published
2017

19. Leakage-resilient storage scheme for cryptographic applications

Author

Janaka Alawatugoda, Nalaka Jayanath, Roshan Ragel, Chinthaka Somathilaka, and Danushka Eranga

Subjects
060201 languages & linguistics, Cryptographic primitive, Computer science, 06 humanities and the arts, 02 engineering and technology, Cryptographic protocol, Computer security, computer.software_genre, Hash-based message authentication code, 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, Static key, 020201 artificial intelligence & image processing, Security of cryptographic hash functions, Key management, Cryptographic key types, computer, Key exchange
Abstract

Since the side-channel attacks arise as a huge threat for cryptographic schemes than previously realized, it is necessary to implement proven-secure leakage-resilient cryptographic schemes and use them for real-world purposes. In this work our effort is to implement two leakage-resilient cryptographic schemes, a leakage-resilient storage scheme and a refreshing protocol, which have been proven-secure and accepted by the cryptographic community since 2011 (ASIACRYPT 2011). Our aim is to open up the direction for implementing the useful leakage-resilient cryptographic schemes for future usage.

Published
2016

20. On Power Analysis Attacks against Hardware Stream Ciphers

Author

Janaka Alawatugoda, Rangana De Silva, Chuah Chai Wen, Malitha Kumarasiri, and Iranga Navaratna

Subjects
Power analysis, Computer Networks and Communications, Hardware and Architecture, business.industry, Computer science, Safety, Risk, Reliability and Quality, business, Stream cipher, Software, Computer hardware
Published
2019

21. Implementation of an eCK-secure Key Exchange Protocol for OpenSSL

Author

Nishen Peiris, Janaka Alawatugoda, Chamitha Wickramasinghe, Chai Wen Chuah, and Seralathan Vivekaanathan

Subjects
Transport Layer Security, General Computer Science, business.industry, Computer science, Hash function, General Engineering, Cryptography, Cryptographic protocol, Computer security model, Authenticated Key Exchange, General Agricultural and Biological Sciences, business, Implementation, Key exchange, Computer network
Abstract

Security models have been developed over time to analyze the security of two-party authenticated key exchange (AKE) protocols. LaMacchia et al. (ProSec 2007) presented a strong security model for AKE protocols, namely the extended Canetti-Krawczyk (eCK) model, addressing wide range of real-world attack scenarios. They constructed a protocol called NAXOS, that is proven-secure in the eCK model. In order to satisfy the eCK security, the NAXOS protocol uses a hash function to combine the long-term secret key and the ephemeral secret key, which is often called as “NAXOS-trick”. However, for the NAXOS-trick-based protocols, the way of leakage modelled in the eCK model leads to an unnatural assumption of leak-free computation of the hash function. Precisely, the eCK model allows the attacker to reveal the ephemeral key while the output of the NAXOS-trick computation remains safe (leak-free). In a recent work of Alawatugoda et al. (IMA Cryptography and Coding 2015), a NAXOS-trick-free eCK-secure AKE protocol is presented, namely protocol P1. In this work, we implement the protocol P1 to be used with the widely-used OpenSSL cryptographic library. OpenSSL implementations are widely used with the real-world security protocol suites, such as Security Socket Layer (SSL) and Transport Layer Security (TLS). As per best of our knowledge, this is the first implementation of a eCK-secure key exchange protocol for the OpenSSL library. Thus, we open up the direction to use the recent advancements of cryptography for real-world Internet communication.

Published
2018

22. Protecting Encrypted Cookies from Compression Side-Channel Attacks

Author

Colin Boyd, Douglas Stebila, and Janaka Alawatugoda

Subjects
Transport Layer Security, Computer science, business.industry, Plaintext, Data_CODINGANDINFORMATIONTHEORY, Encryption, Computer security, computer.software_genre, Redundancy (information theory), Web traffic, Confidentiality, Side channel attack, business, computer, Data compression
Abstract

Compression is desirable for network applications as it saves bandwidth; however, when data is compressed before being encrypted, the amount of compression leaks information about the amount of redundancy in the plaintext. This side channel has led to successful CRIME and BREACH attacks on web traffic protected by the Transport Layer Security (TLS) protocol. The general guidance in light of these attacks has been to disable compression, preserving confidentiality but sacrificing bandwidth. In this paper, we examine two techniques—heuristic separation of secrets and fixed-dictionary compression—for enabling compression while protecting high-value secrets, such as cookies, from attack. We model the security offered by these techniques and report on the amount of compressibility that they can achieve.

Published
2015

23. Continuous After-the-Fact Leakage-Resilient eCK-Secure Key Exchange

Author

Colin Boyd, Douglas Stebila, and Janaka Alawatugoda

Subjects
Authenticated Key Exchange, Discrete mathematics, business.industry, Computer science, Cryptography, Side channel attack, Computer security model, Adversary, business, Key exchange, Leakage (electronics), Computer network
Abstract

Security models for two-party authenticated key exchange AKE protocols have developed over time to capture the security of AKE protocols even when the adversary learns certain secret values. Increased granularity of security can be modelled by considering partial leakage of secrets in the manner of models for leakage-resilient cryptography, designed to capture side-channel attacks. In this work, we use the strongest known partial-leakage-based security model for key exchange protocols, namely continuous after-the-fact leakage $$\mathrm {eCK}$$$$\mathrm {CAFL\text {-}eCK}$$ model. We resolve an open problem by constructing the first concrete two-pass leakage-resilient key exchange protocol that is secure in the $$\mathrm {CAFL\text {-}eCK}$$ model.

Published
2015

24. Modelling after-the-fact leakage for key exchange

Author

Douglas Stebila, Colin Boyd, and Janaka Alawatugoda

Subjects
Computer science, business.industry, Key distribution, Adversary, Computer security model, Computer security, computer.software_genre, Public-key cryptography, Authenticated Key Exchange, Session key, Cryptosystem, Side channel attack, business, computer, Key exchange
Abstract

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to prove the security of AKE protocols even when the adversary learns certain secret values. In this work, we address more granular leakage: partial leakage of long-term secrets of protocol principals, even after the session key is established. We introduce a generic key exchange security model, which can be instantiated allowing bounded or continuous leakage, even when the adversary learns certain ephemeral secrets or session keys. Our model is the strongest known partial-leakage-based security model for key exchange protocols. We propose a generic construction of a two-pass leakage-resilient key exchange protocol that is secure in the proposed model, by introducing a new concept: the leakage-resilient NAXOS trick. We identify a special property for public-key cryptosystems: pair generation indistinguishability, and show how to obtain the leakage-resilient NAXOS trick from a pair generation indistinguishable leakage-resilient public-key cryptosystem.

Published
2014

25. Software implementation level countermeasures against the cache timing attack on advanced encryption standard

Author

Roshan Ragel, Udyani Herath, and Janaka Alawatugoda

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, business.industry, Computer science, Advanced Encryption Standard, Cryptography, Computer security, computer.software_genre, Timing attack, Software, Symmetric-key algorithm, Electronic data, Side channel attack, Cache, business, computer, Cryptography and Security (cs.CR)
Abstract

Advanced Encryption Standard (AES) is a symmetric key encryption algorithm which is extensively used in secure electronic data transmission. When introduced, although it was tested and declared as secure, in 2005, a researcher named Bernstein claimed that it is vulnerable to side channel attacks. The cache-based timing attack is the type of side channel attack demonstrated by Bernstein, which uses the timing variation in cache hits and misses. This kind of attacks can be prevented by masking the actual timing information from the attacker. Such masking can be performed by altering the original AES software implementation while preserving its semantics. This paper presents possible software implementation level countermeasures against Bernstein's cache timing attack. Two simple software based countermeasures based on the concept of “constant-encryption-time” were demonstrated against the remote cache timing attack with positive outcomes, in which we establish a secured environment for the AES encryption.

Published
2014

26. Continuous After-the-Fact Leakage-Resilient Key Exchange

Author

Douglas Stebila, Colin Boyd, and Janaka Alawatugoda

Subjects
Authenticated Key Exchange, Computer science, business.industry, Ephemeral key, Session (computer science), Computer security model, Adversary, business, Protocol (object-oriented programming), Key exchange, Leakage (electronics), Computer network
Abstract

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to provide security even when the adversary learns certain secret keys. In this work, we advance the modelling of AKE protocols by considering more granular, continuous leakage of long-term secrets of protocol participants: the adversary can adaptively request arbitrary leakage of long-term secrets even after the test session is activated, with limits on the amount of leakage per query but no bounds on the total leakage. We present a security model supporting continuous leakage even when the adversary learns certain ephemeral secrets or session keys, and give a generic construction of a two-pass leakage-resilient key exchange protocol that is secure in the model; our protocol achieves continuous, after-the-fact leakage resilience with not much more cost than a previous protocol with only bounded, non-after-the-fact leakage.

Published
2014

27. Countermeasures against Bernstein's remote cache timing attack

Author

Roshan Ragel, Janaka Alawatugoda, and Darshana Jayasinghe

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, business.industry, Computer science, Advanced Encryption Standard, AES implementations, Cryptography, Computer security, computer.software_genre, Encryption, Timing attack, Software, Side channel attack, Cache, business, computer, Cryptography and Security (cs.CR)
Abstract

Cache timing attack is a type of side channel attack where the leaking timing information due to the cache behaviour of a crypto system is used by an attacker to break the system. Advanced Encryption Standard (AES) was considered a secure encryption standard until 2005 when Daniel Bernstein claimed that the software implementation of AES is vulnerable to cache timing attack. Bernstein demonstrated a remote cache timing attack on a software implementation of AES. The original AES implementation can methodically be altered to prevent the cache timing attack by hiding the natural cache-timing pattern during the encryption while preserving its semantics. The alternations while preventing the attack should not make the implementation very slow. In this paper, we report outcomes of our experiments on designing and implementing a number of possible countermeasures.

Published
2014
Full Text
View/download PDF

Catalog

Books, media, physical & digital resources
See catalog results