The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The destruction due to computer security incidents warns organizations to adopt security measures. In addition to technological measures, individual’s information security awareness is also necessary. Different psychological theories have been proposed to make an effective information security awareness campaign. These information security awareness campaigns are limited in their ability in raising...
This paper presents the first equivalent key recovery attack on H2-MAC-MD5, which conduces to a selective forgery attack directly. H2-MAC is similar with HMAC except that the outer key is omitted. For HMAC-MD5, since the available differential paths are pseudo-collisions, all the key recovery attacks are in the related-key setting, while our attack on H2-MAC-MD5 gets...
The last three years have witnessed tremendous progress in the understanding of code-based cryptography. One of its most promising applications is the design of cryptographic schemes with exceptionally strong security guarantees and other desirable properties. In contrast to number-theoretic problems typically used in cryptography, the underlying problems have so far resisted subexponential time attacks...
Hash functions are one of the most important cryptographic primitives. Some of the currently employed hash functions like SHA-1 or MD5 are considered broken today. Therefore, in 2007 the US National Institute of Standards and Technology announced a competition for a new family of hash functions. Keccak is one of the five final candidates to be chosen as SHA-3 hash function standard. In this paper,...
In this paper, we tackled the problem of generation of rare classification rules. Our work is motivated by the search of an effective algorithm allowing the extraction of rare classification rules by avoiding the generation of a large number of patterns at reduced time. Within this framework we are interested in rules of the form a1 ∧ a2… ∧ an...
In this paper, firstly, we introduce a new security definition called secret key awareness security which is to guarantee anyone generating the public key to know the corresponding secret key. Following, we give a concrete implementing for secret key awareness security. Secondly, we present two applications: one is in plaintext awareness security cryptosystem, and another is in certificatless public...
Combining different cryptanalytic methods to attack a cryptosystem became one of the hot topics in cryptanalysis. In particular, algebraic methods in side channel and differential fault analysis (DFA) attracted a lot of attention recently. In [9], Hojsík and Rudolf used DFA to recover the inner state of the stream cipher Trivium which leads to recovering the secret key. For this attack, they required...
Together with the massive expansion of smartphones, tablets, and other smart devices, we can notice a growing number of malware threats targeting these platforms. Software security companies are not prepared for such diversity of target platforms and there are only few techniques for platform-independent malware analysis. This is a major security issue these days. In this paper, we propose a concept...
Recent papers have urged the need for new forensic techniques and tools able to investigate anti-forensics methods, and have promoted automation of live investigation. Such techniques and tools are called proactive forensic approaches, i.e., approaches that can deal with digitally investigating an incident while it occurs. To come up with such an approach, a Systematic Literature Review (SLR) was...
A growing trend in the cybersecurity landscape is represented by multistep attacks that involve multiple correlated intrusion activities to reach the intended target. The duty of reconstructing complete attack scenarios is left to system administrators because current Network Intrusion Detection Systems (NIDS) are still oriented to generate alerts related to single attacks, with no or minimal correlation...
In this article, we present a new code-based stream cipher called 2SC, based on the sponge construction. The security of the keystream generation of 2SC is reducible to the conjectured intractability of the Syndrome Decoding (SD) problem, which is believed to be hard in the average case. Our stream cipher compares favorably with other provably secure stream ciphers such as QUAD and SYND in terms of...
In this paper, we present an experimental analysis of HFE Challenge 2 (144 bit) type systems. We generate scaled versions of the full challenge fixing and guessing some unknowns. We use the MXL3 algorithm, an efficient algorithm for computing Gröbner basis, to solve these scaled versions. We review the MXL3 strategy and introduce our experimental results.
In 2003, Augot et al. introduced the Fast Syndrome-Based hash family (in short FSB), which follows the generic construction of Merkle-Damgård and is based on the syndrome decoding problem. In 2007, Finiasz et al. proposed an improved version of FSB. In this work, we propose a new efficient hash function, which incorporates the ideas of FSB and the sponge construction introduced by Bertoni et al. Our...
In this paper, we present an improved version of an identity-based identification scheme based on error-correcting codes. Our scheme combines the Courtois-Finiasz-Sendrier signature scheme using quasi-dyadic codes (QD-CFS) proposed in [2] and the identification scheme by Stern [18]. Following the construction proposed in [5], we obtain an identity-based identification scheme which has the advantage...
Prime numbers are known to be in one of two series; P mod 6 = ±1. In this paper, we introduce the concept of Integer Absolute Position in prime series, and we use the concept to develop a structure for composite integer numbers in the prime series P mod 6 = -1. We use the developed structure to state theorems and to develop a deterministic algorithm that can test simultaneously for primality...
Deniable authentication protocol enables a receiver to identify the true source of a given message, but not to prove the identity of the sender to a third party. This property is very useful for providing secure negotiation over the Internet. This paper describes a secure non-interactive deniable authentication protocol using ECDSA signature scheme. The security of the protocol is based on difficulty...
In this paper we derive lower bounds for the degree of polynomials that approximate the square root of the discrete logarithm for Elliptic Curves with orders of various specific types. These bounds can serve as evidence for the difficulty in the computation of the square root of discrete logarithms for such elliptic curves, with properly chosen parameters that result in the curve having order of any...
European Union has decided that all emergencies can be reported to authorities by European citizens by calling 112 or sending a text message to 112. Distributing warnings and alerts of authorities to citizens currently happens through national TV and radio channels, but telecom networks are also used now in some countries for this purpose. During the last ten years there have been attempts to develop...
Conventional SCADA communications has been fixed Point-to-Multipoint serial communications over lease line or private radio systems. Mobility of Remote Components can widen the coverage and can make SCADA more powerful and more efficient. Instead of a steady sensor which can only gather limited information, the mobile sensor can cover larger space and gather more specific information. In this paper,...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.