Search

Your search keyword '"Janaka Alawatugoda"' showing total 67 results
Start Over Author "Janaka Alawatugoda"
67 results on '"Janaka Alawatugoda"'

1. A novel ECG compression algorithm using Pulse-Width Modulation integrated quantization for low-power real-time monitoring

Author

Isuri Devindi, Sashini Liyanage, Titus Jayarathna, Janaka Alawatugoda, and Roshan Ragel

Subjects
ECG compression, Hybrid PWM, Low-complexity, Nearly-perfect reconstruction, Real-time algorithm, Medicine, Science
Abstract

Abstract Cardiac monitoring systems in Internet of Things (IoT) healthcare, reliant on limited battery and computational capacity, need efficient local processing and wireless transmission for comprehensive analysis. Due to the power-intensive wireless transmission in IoT devices, ECG signal compression is essential to minimize data transfer. This paper presents a real-time, low-complexity algorithm for compressing electrocardiogram (ECG) signals. The algorithm uses just nine arithmetic operations per ECG sample point, generating a hybrid Pulse Width Modulation (PWM) signal storable in a compact 4-bit resolution format. Despite its simplicity, it performs comparably to existing methods in terms of Percentage Root-Mean-Square Difference (PRD) and space-saving while significantly reducing complexity and maintaining robustness against signal noise. It achieves an average Bit Compression Ratio (BCR) of 4 and space savings of 90.4% for ECG signals in the MIT-BIH database, with a PRD of 0.33% and a Quality Score (QS) of 12. The reconstructed signal shows no adverse effects on QRS complex detection and heart rate variability, preserving both the signal amplitude and periodicity. This efficient method for transferring ECG data from wearable devices enables real-time cardiac activity monitoring with reduced data storage requirements. Its versatility suggests potential broader applications, extending to compression of various signal types beyond ECG.

Published
2024
Full Text
View/download PDF

2. Analyzing transportation mode interactions using agent-based models

Author

Nimashi Uthpala, Nanduni Hansika, Sachini Dissanayaka, Kumushini Tennakoon, Samal Dharmarathne, Rajith Vidanarachchi, Janaka Alawatugoda, and Damayanthi Herath

Subjects
Transportation, Traffic management, Agent-based models, Micro-mobility, Simulation, Science, Technology
Abstract

Abstract Traffic in urban areas contributes significantly to congestion and air pollution, which contributes to climate change issues and causes economic losses and fuel wastage. Agent-based models have significant advantages for analyzing urban transportation and its sustainability. The main objective of this paper is to provide a critical review of research on agent-based models for traffic simulation in urban areas. This article reviews the literature on the subject and examines earlier case studies that dealt with agent-based models for micro-mobility and traffic simulation considering six criteria. The study analyzes multiple publications obtained from databases such as Google Scholar, Scopus, and Web of Science. These publications span from 2014 to 2022 and are scrutinized to fulfill the stated objectives. Furthermore, a thorough critical evaluation is performed on a chosen set of 16 publications. The research also proposes traffic simulation tools based on insights gathered from case studies. Further, it discusses how to choose a decent data set through a balanced and objective summary of study findings on the topic and recommends future work in this topic.

Published
2023
Full Text
View/download PDF

3. A new frontier in streamflow modeling in ungauged basins with sparse data: A modified generative adversarial network with explainable AI

Author

U.A.K.K. Perera, D.T.S. Coralage, I.U. Ekanayake, Janaka Alawatugoda, and D.P.P. Meddage

Subjects
Generative adversarial network, Hydrology, Machine learning, Streamflow, Explainable AI, Technology
Abstract

Streamflow forecasting is crucial for effective water resource planning and early warning systems, especially in regions with complex hydrological behaviors and uncertainties. While machine learning (ML) has gained popularity for streamflow prediction, many studies have overlooked the predictability of future events considering anthropogenic, static physiographic, and dynamic climate variables. This study, for the first time, used a modified generative adversarial network (GAN) based model to predict streamflow. The adversarial training concept modifies and enhances the existing data to embed featureful information enough to capture extreme events rather than generating synthetic data instances. The model was trained using (sparse data) a combination of anthropogenic, static physiographic, and dynamic climate variables obtained from an ungauged basin to predict monthly streamflow. The GAN-based model was interpreted for the first time using local interpretable model-agnostic explanations (LIME), explaining the decision-making process of the GAN-based model. The GAN-based model achieved R2 from 0.933 to 0.942 in training and 0.93–0.94 in testing. Also, the extreme events in the testing period have been reasonably well captured. The LIME explanations generally adhere to the physical explanations provided by related work. This approach looks promising as it worked well with sparse data from an ungauged basin. The authors suggest this approach for future research work that focuses on machine learning-based streamflow predictions.

Published
2024
Full Text
View/download PDF

4. Water desalination using PSO-ANN techniques: A critical review

Author

Rajesh Mahadeva, Mahendra Kumar, Vishu Gupta, Gaurav Manik, Vaibhav Gupta, Janaka Alawatugoda, Harshit Manik, Shashikant P. Patole, and Vinay Gupta

Subjects
Particle swarm optimization (PSO), Water desalination, Artificial neural network (ANN), Modeling and simulation, Water treatment, Chemical engineering, TP155-156, Information technology, T58.5-58.64
Abstract

Water is a natural and essential resource for humans, animals, and plants to persist. However, only ⁓2.5 % of the freshwater resources are available, while the remaining ⁓97.5 % is saline water, which is unsuitable for humanity. According to the WHO, water scarcity will worsen by 2050. As a result, numerous researchers, scientists, and engineers are working in this field to improve water resources with advanced treatment technologies. Aside from the multiple water resources, desalination is critical in converting saline water to fresh water. In line with a recent update from the International Desalination Association (IDA, Reuse Handbook 2022–23), approximately ⁓22,757 desalination plants are operating worldwide, providing ⁓107.95 million cubic meters of freshwater per day (m3/day). Furthermore, in this digital age, artificial intelligence (AI) techniques, such as gray wolf optimization (GWO), sine cosine algorithm (SCA), artificial neural networks (ANN), multi-verse optimizer (MVO), fuzzy logic systems (FLS), moth flame optimizer (MFO), particle swarm optimization (PSO), artificial hummingbird algorithm (AHA) and genetic algorithms (GA), are playing a vital role and capable of deep analysis of real-time desalination plant for saving time, energy, human efforts, and money. This study focuses on the critical review and various aspects of current-age PSO-ANN techniques for desalination plants. In this regard, recent datasets of the Web of Science (WoS), provided by Clarivate Analytics, state that about >54,856 records (1965–2023) of desalination and around > 180 records (2008–2023) of PSO-ANN techniques are available globally. These records involve research articles, reviews, proceedings, letters, books, chapters, and editorial materials. Finally, this review article is specific and analyzes the various perspectives of PSO-ANN techniques in the water desalination process, promoting plant engineers and researchers to improve plant performance with minimum effort and time.

Published
2023
Full Text
View/download PDF

5. Mixed-Reality Based Multi-Agent Robotics Framework for Artificial Swarm Intelligence Experiments

Author

Dilshani Karunarathna, Nuwan Jaliyagoda, Ganindu Jayalath, Janaka Alawatugoda, Roshan Ragel, and Isuru Nawinne

Subjects
Mixed-reality, multi-agent robotics, swarm intelligence, artificial intelligence, virtual reality, Electrical engineering. Electronics. Nuclear engineering, TK1-9971
Abstract

The term “Swarm intelligence” outlines a broad scope, which is generally defined as the collective behaviour of many individuals towards a certain task, each operating autonomously in a decentralised manner. Swarms are inspired by the type of biological behaviours of animals and this technology involves decentralised local control and communication, which ensures the problem-solving process is more efficient through modification and infusion into swarm robotic technology. Swarm robotics related experiments and applications are relatively expensive compared to other types of robotics experiments. The most common solution is to use computer based virtual simulations and accordingly, this study introduces a reliable and cost-effective hybrid solution using Mixed Reality (MR) technologies to perform swarm experiments on real robots and virtually deployed robots simultaneously. MR bridges the gap between the virtual and physical realms through Augmented Reality (AR) and Augmented Virtuality (AV) and addressing the weaknesses of simulators and providing a more accurate representation of real-world performance. This approach provides a platform for researchers to explore swarm robotics with enhanced realism and interactivity and conduct experiments that mimic real-world conditions. To validate this method we conducted experiments with both physical and virtual robots in near real-time in a mixed reality environment. In addition, an open-source, distributed, and modular mixed reality simulation framework was implemented with support libraries and applications. Our work not only demonstrates the potential of MR in swarm robotics but also emphasizes its value in advancing the understanding and application of swarm intelligence principles in practical contexts.

Published
2023
Full Text
View/download PDF

6. Unveiling Copy-Move Forgeries: Enhancing Detection With SuperPoint Keypoint Architecture

Author

Anjali Diwan, Dinesh Kumar, Rajesh Mahadeva, H. C. S. Perera, and Janaka Alawatugoda

Subjects
Multimedia forensics, digital image forgery, image forgery detection, copy-move forgery, image duplication, keypoint detector, Electrical engineering. Electronics. Nuclear engineering, TK1-9971
Abstract

The authentication of digital images poses a significant challenge due to the wide range of image forgery techniques employed, with one notable example being a copy-move forgery. This form of forgery involves duplicating and relocating segments of an image within the same image, often accompanied by geometric transformations to deceive viewers into perceiving the forged image as authentic. Furthermore, additional processing techniques like scaling, rotation, JPEG compression, and the application of Additive White Gaussian Noise (AWGN) are frequently employed to further obscure any traces of forgery, making the detection and verification process even more complex. This paper presents a novel approach for detecting copy-move forgery in digital images using the self-supervised image keypoint detector, SuperPoint. Our approach leverages the advanced capabilities of SuperPoint, which combines keypoint detection and descriptor extraction, to identify and localize copy-move forgery accurately. One important aspect of our approach is its ability to handle images with different textures, including smooth and self-similar structural images. The proposed approach is able to produce stable results in images with various attacks, making it a functional and reliable tool for detecting copy-move forgery in a diverse range of forged images. Comparative analysis with existing forgery detection methods shows the superior performance of our proposed approach. Furthermore, the computational efficiency of our algorithm enables real-time forgery detection. Our approach using SuperPoint offers an effective solution for detecting copy-move forgery in digital images, making it valuable for image forensics and authenticity

Published
2023
Full Text
View/download PDF

7. Robust Cross Directional Controller Design for Paper Machine Spatial Distributed System

Author

Sanjeev Kumar, Subhash Chander Sharma, Rajesh Mahadeva, Janaka Alawatugoda, and Vinay Gupta

Subjects
Cross directional control, robust stability, robust performance, frequency domain synthesis, spatially distributed system, Electrical engineering. Electronics. Nuclear engineering, TK1-9971
Abstract

The paper manufacturing process is a large-scale process in which the control performance is required to be optimal in the machine direction (MD) and cross direction (CD). This work focuses on CD control, which is more complicated than MD control. Uncertainties in the process arise from different sources, so there is a requirement for better modeling techniques. The control of paper profile properties, namely basis weight, moisture, and caliper, is done with the help of actuators that are distributed spatially. Basis weight is taken as the profile parameter in this work. The work aims to improve robust performance and simplify the control design problem. Here, $\mu $ synthesis methods are used for controller design, as this method provides guaranteed robust performance. To simplify the design problem two-dimensional modeling is explained explicitly. The conventional methods of $\mu $ analysis are extended to spatial coordinates. The performance of the $\mu $ synthesis designed method is compared with the open loop shaping method. Control performance is judged in terms of sensitivity, stability margin, $\sigma $ performance, and robust performance. The effectiveness of the developed $\mu $ synthesis designed method is demonstrated using the industrial example from the pulp and paper industry.

Published
2023
Full Text
View/download PDF

8. Peer-to-Peer Energy Trading through Swarm Intelligent Stackelberg Game

Author

Chathurangi Edussuriya, Umar Marikkar, Subash Wickramasinghe, Upul Jayasinghe, and Janaka Alawatugoda

Subjects
peer-to-peer energy trading, smart grid, blockchain, Stackelberg game, swarm intelligence, energy market, Technology
Abstract

The development of smart grids has paved the way for sustainable energy infrastructure to transition towards decentralized energy trading. As intelligent agents, energy sources engage in energy trading based on their energy surplus or deficit. Buyers and sellers (participants) should achieve maximum payoffs in which buyers cut costs and sellers improve their utilities, and the security of sensitive information of smart agents must be guaranteed. This paper provides a blockchain-based energy trading network where intelligent agents can exchange energy in a secure manner, without the intervention of third parties. We model energy trading as a Stackelberg game, ensuring that the platform maximizes social welfare while participants increase their payoffs. Using the inherited characteristics of blockchain technology, a novel decentralized swarm intelligence technique is applied to solve the game while ensuring the privacy of the smart agents’ sensitive information. The numerical analysis demonstrates that the suggested method outperforms the present methods (Constant Utility Optimization, average method...) for optimizing the objectives of each agent by maximizing the sellers’ utilities and reducing the buyers’ costs. In addition, the experimental results demonstrate that it significantly reduces carbon footprint (15%) by enhancing energy exchange between intelligent agents.

Published
2023
Full Text
View/download PDF

9. Authenticated Key Exchange Protocol in the Standard Model under Weaker Assumptions

Author

Janaka Alawatugoda

Subjects
authenticated key exchange, standard model, eCK model, pairing, weaker assumptions, Technology
Abstract

A two-party authenticated key exchange (AKE) protocol allows each of the two parties to share a common secret key over insecure channels, even in the presence of active adversaries who can actively control and modify the exchanged messages. To capture the malicious behaviors of the adversaries, there have been many efforts to define security models. Amongst them, the extended Canetti–Krawczyk (eCK) security model is considered one of the strongest security models and has been widely adopted. In this paper, we present a simple construction of a pairing-based eCK-secure AKE protocol in the standard model. Our protocol can be instantiated with a suitable signature scheme (i.e., an existentially unforgeable signature scheme against adaptive chosen message attacks). The underlying assumptions of our construction are the decisional bilinear Diffie–Hellman assumption and the existence of a pseudorandom function. Note that the previous eCK-secure protocol constructions either relied on random oracles for their security or used somewhat strong assumptions, such as the existence of strong-pseudorandom functions, target collision-resistant functions, etc., while our protocol construction uses fewer and more-standard assumptions in the standard model. Furthermore, preserving the same security argument, our protocol can be instantiated with any appropriate signature scheme that comes in the future with better efficiency.

Published
2023
Full Text
View/download PDF

10. On Advances of Lattice-Based Cryptographic Schemes and Their Implementations

Author

Harshana Bandara, Yasitha Herath, Thushara Weerasundara, and Janaka Alawatugoda

Subjects
post-quantum cryptography, lattice-based cryptography, LWE problem, ring-LWE, lattice trapdoors, implementation, Technology
Abstract

Lattice-based cryptography is centered around the hardness of problems on lattices. A lattice is a grid of points that stretches to infinity. With the development of quantum computers, existing cryptographic schemes are at risk because the underlying mathematical problems can, in theory, be easily solved by quantum computers. Since lattice-based mathematical problems are hard to be solved even by quantum computers, lattice-based cryptography is a promising foundation for future cryptographic schemes. In this paper, we focus on lattice-based public-key encryption schemes. This survey presents the current status of the lattice-based public-key encryption schemes and discusses the existing implementations. Our main focus is the learning with errors problem (LWE problem) and its implementations. In this paper, the plain lattice implementations and variants with special algebraic structures such as ring-based variants are discussed. Additionally, we describe a class of lattice-based functions called lattice trapdoors and their applications.

Published
2022
Full Text
View/download PDF

29. Review on Leakage Resilient Key Exchange Security Model

Author

Zheng Wei Clement Chan, Chai Wen Chuah, and Janaka Alawatugoda

Subjects
Computer Networks and Communications
Abstract

In leakage resilient cryptography, leakage resilient key exchange protocols are constructed to defend against leakage attacks. Then, the key exchange protocol is proved with leakage resilient security model to determine whether its security proof can provide the security properties it claimed or to find out any unexamined flaw during protocol building. It is an interesting work to review the meaningful security properties provided by these security models. This work review how a leakage resilient security model for a key exchange protocol has been evolved over years according to the increasing security requirement which covers a different range of attacks. The relationship on how an adversary capability in the leakage resilient security model can be related to real-world attack scenarios is studied. The analysis work for each leakage resilient security model here enables a better knowledge on how an adversary query addresses different leakage attacks setting, thereby understand the motive of design for a cryptographic primitive in the security model.

Published
2022

31. A Review of the NIST Lightweight Cryptography Finalists and Their Fault Analyses

Author

Hasindu Madushan, Iftekhar Salam, and Janaka Alawatugoda

Subjects
Computer Networks and Communications, Hardware and Architecture, Control and Systems Engineering, Signal Processing, Electrical and Electronic Engineering
Abstract

The security of resource-constrained devices is critical in the IoT field, given that everything is interconnected. Therefore, the National Institute of Standards and Technology (NIST) initialized the lightweight cryptography (LWC) project to standardize the lightweight cryptography algorithms for resource-constrained devices. After two rounds, the NIST announced the finalists in 2021. The finalist algorithms are Ascon, Elephant, GIFT-COFB, Grain-128AEAD, ISAP, PHOTON-Beetle, Romulus, SPARKLE, TinyJambu, and Xoodyak. The final round of the competition is still in progress, and the NIST will select the winner based on their and third-party evaluations. In this paper, we review the 10 finalists mentioned above, discuss their constructions, and classify them according to the underlying primitives. In particular, we analyze these ciphers from different perspectives, such as cipher specifications and structures, design primitives, security parameters, advantages and disadvantages, and existing cryptanalyses. We also review existing analyses of these finalists with a specific focus on the review of fault attacks. We hope the study compiled in this paper will benefit the cryptographic community by providing an easy-to-grasp overview of the NIST LWC finalists.

Published
2022

36. BAT—Block Analytics Tool Integrated with Blockchain Based IoT Platform

Author

Manjula Sandirigama, Kasun Vithanage, Chathurangi Edussuriya, Gyu Myoung Lee, Upul Jayasinghe, Nathan Shone, Janaka Alawatugoda, and Namila Bandara

Subjects
QA75, blockchain, IoT, Computer Networks and Communications, Computer science, media_common.quotation_subject, Distributed computing, Supply chain, Interface (computing), lcsh:TK7800-8360, 02 engineering and technology, smart contracts, Scarcity, access management, 0202 electrical engineering, electronic engineering, information engineering, Use case, Electrical and Electronic Engineering, data analytics, media_common, Block (data storage), business.industry, lcsh:Electronics, 020206 networking & telecommunications, Information sensitivity, Hardware and Architecture, Control and Systems Engineering, Analytics, Signal Processing, Data analysis, 020201 artificial intelligence & image processing, business
Abstract

The Internet of Things (IoT) is the novel paradigm of connectivity and the driving force behind state-of-the-art applications and services. However, the exponential growth of the number of IoT devices and services, their distributed nature, and scarcity of resources has increased the number of security and privacy concerns ranging from the risks of unauthorized data alterations to the potential discrimination enabled by data analytics over sensitive information. Thus, a blockchain based IoT-platform is introduced to address these issues. Built upon the tamper-proof architecture, the proposed access management mechanisms ensure the authenticity and integrity of data. Moreover, a novel approach called Block Analytics Tool (BAT), integrated with the platform is proposed to analyze and make predictions on data stored on the blockchain. BAT enables the data-analysis applications to be developed using the data stored in the platform in an optimized manner acting as an interface to off-chain processing. A pharmaceutical supply chain is used as the use case scenario to show the functionality of the proposed platform. Furthermore, a model to forecast the demand of the pharmaceutical drugs is investigated using a real-world data set to demonstrate the functionality of BAT. Finally, the performance of BAT integrated with the platform is evaluated.

Published
2020
Full Text
View/download PDF

40. Analysis of Four Historical Ciphers Against Known Plaintext Frequency Statistical Attack

Author

Chuah Chai Wen, Sofia Najwa Ramli, Irfan Darmawan, Janaka Alawatugoda, L Samylingam, Cik Feresa Mohd Foozy, P.Siva Shamala Palaniappan, and Vivegan A

Subjects
Computer science, business.industry, Mechanical Engineering, Materials Science (miscellaneous), Substitution cipher, Data_CODINGANDINFORMATIONTHEORY, Encryption, Industrial and Manufacturing Engineering, law.invention, Scrambling, Vigenère cipher, Playfair cipher, Mechanics of Materials, law, Data_GENERAL, Known-plaintext attack, Ciphertext, Hill cipher, Hardware_ARITHMETICANDLOGICSTRUCTURES, Electrical and Electronic Engineering, Arithmetic, business, Civil and Structural Engineering
Abstract

The need of keeping information securely began thousands of years. The practice to keep the information securely is by scrambling the message into unreadable form namely ciphertext. This process is called encryption. Decryption is the reverse process of encryption. For the past, historical ciphers are used to perform encryption and decryption process. For example, the common historical ciphers are Hill cipher, Playfair cipher, Random Substitution cipher and Vigenere cipher. This research is carried out to examine and to analyse the security level of these four historical ciphers by using known plaintext frequency statistical attack. The result had shown that Playfair cipher and Hill cipher have better security compare with Vigenere cipher and Random Substitution cipher.

Published
2018

41. Generic construction of an $$\mathrm {eCK}$$ eCK -secure key exchange protocol in the standard model

Author

Janaka Alawatugoda

Subjects
Computer Networks and Communications, Computer science, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Random oracle, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Safety, Risk, Reliability and Quality, Key exchange, Computer Science::Cryptography and Security, Standard model (cryptography), Discrete mathematics, Cryptographic primitive, business.industry, Order (ring theory), Adaptive chosen-ciphertext attack, 010201 computation theory & mathematics, 020201 artificial intelligence & image processing, business, computer, Software, Information Systems
Abstract

LaMacchia, Lauter and Mityagin presented a strong security model for authenticated key agreement, namely the $$\mathrm {eCK}$$ model. They also constructed a protocol, namely the NAXOS protocol, that enjoys a simple security proof in the $$\mathrm {eCK}$$ model. However, the NAXOS protocol uses a random oracle-based technique to combine the long-term secret key and the per session randomness, so-called NAXOS trick, in order to achieve the $$\mathrm {eCK}$$ security definition. For NAXOS trick-based protocols, the leakage of per session randomness modeled in the $$\mathrm {eCK}$$ model is somewhat unnatural, because the $$\mathrm {eCK}$$ model leaks per session randomness, while the output of the NAXOS trick computation remains safe. In this work, we present a standard model $$\mathrm {eCK}$$ -secure protocol construction, eliminating the NAXOS trick. Moreover, our protocol is a generic construction, which can be instantiated with arbitrary suitable cryptographic primitives. Thus, we present a generic $$\mathrm {eCK}$$ -secure, NAXOS-free, standard model key exchange protocol. To the best of our knowledge this is the first paper on generic transformation of a $$\mathrm {CCA2}$$ -secure public-key encryption scheme to an $$\mathrm {eCK}$$ -secure key exchange protocol in the standard model.

Published
2016

42. Implementing a proven-secure and cost-effective countermeasure against the compression ratio info-leak mass exploitation (CRIME) attack

Author

Sanduni Prasadi, Jayamine Alupotha, Roshan Ragel, Janaka Alawatugoda, and Mohamed Fawsan

Subjects
060201 languages & linguistics, Transport Layer Security, Computer science, business.industry, Plaintext, Cryptography, Data_CODINGANDINFORMATIONTHEORY, 06 humanities and the arts, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Redundancy (information theory), Financial cryptography, 0602 languages and literature, Compression ratio, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, computer, Data compression
Abstract

Header compression is desirable for network applications as it saves bandwidth and reduces latency. However, when data is compressed before being encrypted, the amount of compression leaks information about the amount of redundancy in the plaintext. In web requests, headers contain secret web cookies. Therefore, compression of headers before encryption will reveal the information about the secret web cookies. This side-channel has led to Compression Ratio Info-leak Made Easy (CRIME) attack on web traffic protected by the SSL/TLS protocols. In order to mitigate the CRIME attack, compression is completely disabled at the TLS/SSL layer, which in return increases the bandwidth consumption and latency. In a previous work (Financial Cryptography and Data Security 2015), two countermeasures are presented with formal security proofs, against compression side-channel attacks, namely (l)-separating secret cookies from user inputs and (2)-using a static compression dictionary. In this work we create a test environment to replicate the CRIME attack and verify the attack. Moreover, we implement a proven-secure countermeasure against the CRIME attack, in a real world client/server setup, following the aforementioned two countermeasures. Our implementation achieves better compression ratio (closer to the original TLS/SSL compression), and hence reduces the bandwidth usage and latency significantly (therefore cost-effective). To the best of our knowledge, this is the first proven-secure and cost-effective countermeasure implementation against the CRIME attack.

Published
2017

43. Leakage-Resilient Non-interactive Key Exchange in the Continuous-Memory Leakage Setting

Author

C. Pandu Rangan, Janaka Alawatugoda, and Suvradip Chakraborty

Subjects
Hardware_MEMORYSTRUCTURES, Cryptographic primitive, Theoretical computer science, Computer science, business.industry, Open problem, Hash function, 0102 computer and information sciences, 02 engineering and technology, Encryption, 01 natural sciences, Memory leak, 010201 computation theory & mathematics, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Key exchange, Leakage (electronics)
Abstract

Recently, Chakraborty et al. (Cryptoeprint:2017:441) showed a novel approach of constructing several leakage-resilient cryptographic primitives by introducing a new primitive called leakage-resilient non-interactive key exchange (LR-NIKE). Their construction of LR-NIKE was only in the bounded-memory leakage model, and they left open the construction of LR-NIKE in continuous-memory leakage model. In this paper we address that open problem. Moreover, we extend the continuous-memory leakage model by addressing more realistic after-the-fact leakage. The main ingredients of our construction are a leakage-resilient storage scheme and a refreshing protocol (Dziembowski and Faust, Asiacrypt 2011) and a (standard) chameleon hash function (CHF), equipped with an additional property of oblivious sampling, which we introduce. We observe that the present constructions of CHF already satisfies our new notion. Further, our protocol can be used as a building block to construct leakage-resilient public-key encryption schemes, interactive key exchange and low-latency key exchange protocols in the continuous-memory leakage model, following the approach of Chakraborty et al. (Cryptoeprint:2017:441).

Published
2017

44. Leakage-resilient storage scheme for cryptographic applications

Author

Janaka Alawatugoda, Nalaka Jayanath, Roshan Ragel, Chinthaka Somathilaka, and Danushka Eranga

Subjects
060201 languages & linguistics, Cryptographic primitive, Computer science, 06 humanities and the arts, 02 engineering and technology, Cryptographic protocol, Computer security, computer.software_genre, Hash-based message authentication code, 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, Static key, 020201 artificial intelligence & image processing, Security of cryptographic hash functions, Key management, Cryptographic key types, computer, Key exchange
Abstract

Since the side-channel attacks arise as a huge threat for cryptographic schemes than previously realized, it is necessary to implement proven-secure leakage-resilient cryptographic schemes and use them for real-world purposes. In this work our effort is to implement two leakage-resilient cryptographic schemes, a leakage-resilient storage scheme and a refreshing protocol, which have been proven-secure and accepted by the cryptographic community since 2011 (ASIACRYPT 2011). Our aim is to open up the direction for implementing the useful leakage-resilient cryptographic schemes for future usage.

Published
2016

45. On Power Analysis Attacks against Hardware Stream Ciphers

Author

Janaka Alawatugoda, Rangana De Silva, Chuah Chai Wen, Malitha Kumarasiri, and Iranga Navaratna

Subjects
Power analysis, Computer Networks and Communications, Hardware and Architecture, business.industry, Computer science, Safety, Risk, Reliability and Quality, business, Stream cipher, Software, Computer hardware
Published
2019

46. Implementation of an eCK-secure Key Exchange Protocol for OpenSSL

Author

Nishen Peiris, Janaka Alawatugoda, Chamitha Wickramasinghe, Chai Wen Chuah, and Seralathan Vivekaanathan

Subjects
Transport Layer Security, General Computer Science, business.industry, Computer science, Hash function, General Engineering, Cryptography, Cryptographic protocol, Computer security model, Authenticated Key Exchange, General Agricultural and Biological Sciences, business, Implementation, Key exchange, Computer network
Abstract

Security models have been developed over time to analyze the security of two-party authenticated key exchange (AKE) protocols. LaMacchia et al. (ProSec 2007) presented a strong security model for AKE protocols, namely the extended Canetti-Krawczyk (eCK) model, addressing wide range of real-world attack scenarios. They constructed a protocol called NAXOS, that is proven-secure in the eCK model. In order to satisfy the eCK security, the NAXOS protocol uses a hash function to combine the long-term secret key and the ephemeral secret key, which is often called as “NAXOS-trick”. However, for the NAXOS-trick-based protocols, the way of leakage modelled in the eCK model leads to an unnatural assumption of leak-free computation of the hash function. Precisely, the eCK model allows the attacker to reveal the ephemeral key while the output of the NAXOS-trick computation remains safe (leak-free). In a recent work of Alawatugoda et al. (IMA Cryptography and Coding 2015), a NAXOS-trick-free eCK-secure AKE protocol is presented, namely protocol P1. In this work, we implement the protocol P1 to be used with the widely-used OpenSSL cryptographic library. OpenSSL implementations are widely used with the real-world security protocol suites, such as Security Socket Layer (SSL) and Transport Layer Security (TLS). As per best of our knowledge, this is the first implementation of a eCK-secure key exchange protocol for the OpenSSL library. Thus, we open up the direction to use the recent advancements of cryptography for real-world Internet communication.

Published
2018

47. Protecting Encrypted Cookies from Compression Side-Channel Attacks

Author

Colin Boyd, Douglas Stebila, and Janaka Alawatugoda

Subjects
Transport Layer Security, Computer science, business.industry, Plaintext, Data_CODINGANDINFORMATIONTHEORY, Encryption, Computer security, computer.software_genre, Redundancy (information theory), Web traffic, Confidentiality, Side channel attack, business, computer, Data compression
Abstract

Compression is desirable for network applications as it saves bandwidth; however, when data is compressed before being encrypted, the amount of compression leaks information about the amount of redundancy in the plaintext. This side channel has led to successful CRIME and BREACH attacks on web traffic protected by the Transport Layer Security (TLS) protocol. The general guidance in light of these attacks has been to disable compression, preserving confidentiality but sacrificing bandwidth. In this paper, we examine two techniques—heuristic separation of secrets and fixed-dictionary compression—for enabling compression while protecting high-value secrets, such as cookies, from attack. We model the security offered by these techniques and report on the amount of compressibility that they can achieve.

Published
2015

48. Continuous After-the-Fact Leakage-Resilient eCK-Secure Key Exchange

Author

Colin Boyd, Douglas Stebila, and Janaka Alawatugoda

Subjects
Authenticated Key Exchange, Discrete mathematics, business.industry, Computer science, Cryptography, Side channel attack, Computer security model, Adversary, business, Key exchange, Leakage (electronics), Computer network
Abstract

Security models for two-party authenticated key exchange AKE protocols have developed over time to capture the security of AKE protocols even when the adversary learns certain secret values. Increased granularity of security can be modelled by considering partial leakage of secrets in the manner of models for leakage-resilient cryptography, designed to capture side-channel attacks. In this work, we use the strongest known partial-leakage-based security model for key exchange protocols, namely continuous after-the-fact leakage $$\mathrm {eCK}$$$$\mathrm {CAFL\text {-}eCK}$$ model. We resolve an open problem by constructing the first concrete two-pass leakage-resilient key exchange protocol that is secure in the $$\mathrm {CAFL\text {-}eCK}$$ model.

Published
2015

49. Modelling after-the-fact leakage for key exchange

Author

Douglas Stebila, Colin Boyd, and Janaka Alawatugoda

Subjects
Computer science, business.industry, Key distribution, Adversary, Computer security model, Computer security, computer.software_genre, Public-key cryptography, Authenticated Key Exchange, Session key, Cryptosystem, Side channel attack, business, computer, Key exchange
Abstract

Security models for two-party authenticated key exchange (AKE) protocols have developed over time to prove the security of AKE protocols even when the adversary learns certain secret values. In this work, we address more granular leakage: partial leakage of long-term secrets of protocol principals, even after the session key is established. We introduce a generic key exchange security model, which can be instantiated allowing bounded or continuous leakage, even when the adversary learns certain ephemeral secrets or session keys. Our model is the strongest known partial-leakage-based security model for key exchange protocols. We propose a generic construction of a two-pass leakage-resilient key exchange protocol that is secure in the proposed model, by introducing a new concept: the leakage-resilient NAXOS trick. We identify a special property for public-key cryptosystems: pair generation indistinguishability, and show how to obtain the leakage-resilient NAXOS trick from a pair generation indistinguishable leakage-resilient public-key cryptosystem.

Published
2014

50. Software implementation level countermeasures against the cache timing attack on advanced encryption standard

Author

Roshan Ragel, Udyani Herath, and Janaka Alawatugoda

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, business.industry, Computer science, Advanced Encryption Standard, Cryptography, Computer security, computer.software_genre, Timing attack, Software, Symmetric-key algorithm, Electronic data, Side channel attack, Cache, business, computer, Cryptography and Security (cs.CR)
Abstract

Advanced Encryption Standard (AES) is a symmetric key encryption algorithm which is extensively used in secure electronic data transmission. When introduced, although it was tested and declared as secure, in 2005, a researcher named Bernstein claimed that it is vulnerable to side channel attacks. The cache-based timing attack is the type of side channel attack demonstrated by Bernstein, which uses the timing variation in cache hits and misses. This kind of attacks can be prevented by masking the actual timing information from the attacker. Such masking can be performed by altering the original AES software implementation while preserving its semantics. This paper presents possible software implementation level countermeasures against Bernstein's cache timing attack. Two simple software based countermeasures based on the concept of “constant-encryption-time” were demonstrated against the remote cache timing attack with positive outcomes, in which we establish a secured environment for the AES encryption.

Published
2014

Catalog

Books, media, physical & digital resources
See catalog results