Cryptography
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Reconsidering the Security Bound of AES-GCM-SIV
Background on AES-GCM-SIV Fixing the Security Bound Improving Key Derivation Final Remarks Reconsidering the Security Bound of AES-GCM-SIV Tetsu Iwata1 and Yannick Seurin2 1Nagoya University, Japan 2ANSSI, France March 7, 2018 — FSE 2018 T. Iwata and Y. Seurin Reconsidering AES-GCM-SIV’s Security FSE 2018 1 / 26 Background on AES-GCM-SIV Fixing the Security Bound Improving Key Derivation Final Remarks Summary of the contribution • we reconsider the security of the AEAD scheme AES-GCM-SIV designed by Gueron, Langley, and Lindell • we identify flaws in the designers’ security analysis and propose a new security proof • our findings leads to significantly reduced security claims, especially for long messages • we propose a simple modification to the scheme (key derivation function) improving security without efficiency loss T. Iwata and Y. Seurin Reconsidering AES-GCM-SIV’s Security FSE 2018 2 / 26 Background on AES-GCM-SIV Fixing the Security Bound Improving Key Derivation Final Remarks Summary of the contribution • we reconsider the security of the AEAD scheme AES-GCM-SIV designed by Gueron, Langley, and Lindell • we identify flaws in the designers’ security analysis and propose a new security proof • our findings leads to significantly reduced security claims, especially for long messages • we propose a simple modification to the scheme (key derivation function) improving security without efficiency loss T. Iwata and Y. Seurin Reconsidering AES-GCM-SIV’s Security FSE 2018 2 / 26 Background on AES-GCM-SIV Fixing the Security Bound Improving Key Derivation Final Remarks Summary of the contribution • we reconsider the security of the AEAD scheme AES-GCM-SIV designed by Gueron, Langley, and Lindell • we identify flaws in the designers’ security analysis and propose a new security proof • our findings leads to significantly reduced security claims, especially for long messages • we propose a simple modification to the scheme (key derivation function) improving security without efficiency loss T. -
NSA's Efforts to Secure Private-Sector Telecommunications Infrastructure
Under the Radar: NSA’s Efforts to Secure Private-Sector Telecommunications Infrastructure Susan Landau* INTRODUCTION When Google discovered that intruders were accessing certain Gmail ac- counts and stealing intellectual property,1 the company turned to the National Security Agency (NSA) for help in securing its systems. For a company that had faced accusations of violating user privacy, to ask for help from the agency that had been wiretapping Americans without warrants appeared decidedly odd, and Google came under a great deal of criticism. Google had approached a number of federal agencies for help on its problem; press reports focused on the company’s approach to the NSA. Google’s was the sensible approach. Not only was NSA the sole government agency with the necessary expertise to aid the company after its systems had been exploited, it was also the right agency to be doing so. That seems especially ironic in light of the recent revelations by Edward Snowden over the extent of NSA surveillance, including, apparently, Google inter-data-center communications.2 The NSA has always had two functions: the well-known one of signals intelligence, known in the trade as SIGINT, and the lesser known one of communications security or COMSEC. The former became the subject of novels, histories of the agency, and legend. The latter has garnered much less attention. One example of the myriad one could pick is David Kahn’s seminal book on cryptography, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet.3 It devotes fifty pages to NSA and SIGINT and only ten pages to NSA and COMSEC. -
A Proposed System for Covert Communication to Distant And
A Proposed System for Covert Communication to Distant and Broad Geographical Areas Joshua Davis [email protected] Abstract—A covert communication system is developed that can emulate a human user, when provided information about modulates Morse code characteristics and that delivers its mes- a user’s Morse code statistical behavior. Numbers stations sage economically and to geographically remote areas using radio utilize simplex (one-way) communication, one-time pads, and and EchoLink. Our system allows a covert message to be sent to a receiving individual by hiding it in an existing carrier long range radio to ensure that both the receiver and message Morse code message. The carrier need not be sent directly to are anonymous. Our system may be utilized in this fashion, the receiving person, though the receiver must have access to the providing a level of security equal to numbers stations if this signal. Illustratively, we propose that our system may be used as is the desired configuration. Further, our system obfuscates an alternative means of implementing numbers stations. to some degree the existence of the covert communication; something that numbers stations are not known to do. I. INTRODUCTION A. Morse Code A potential use for the system we will soon derive is a se- Morse code is a simple and durable means of transmitting cure and economical alternative to numbers stations. Numbers symbols (e.g. letters, numbers). It is widely used by amateur stations can be found throughout the high frequency (HF) radio radio operators on HF bands to communicate with one another band, as the propagation characteristics of this band allows over long distances. -
Download The
MAS Context Issue 22 / Summer ’14 Surveillance MAS Context Issue 22 / Summer ’14 Surveillance 3 MAS CONTEXT / 22 / SURVEILLANCE / 22 / CONTEXT MAS Welcome to our Surveillance issue. This issue examines the presence of surveillance around us— from the way we are being monitored in the physical and virtual world, to the potential of using the data we generate to redefine our relationship to the built environment. Organized as a sequence of our relationship with data, the contributions address monitoring, collecting, archiving, and using the traces that we leave, followed by camouflaging and deleting the traces that we leave. By exploring different meanings of surveillance, this issue seeks to generate a constructive conversation about the history, policies, tools, and applications of the information that we generate and how those aspects are manifested in our daily lives. MAS Context is a quarterly journal that addresses issues that affect the urban context. Each issue delivers a comprehensive view of a single topic through the active participation of people from different fields and different perspectives who, together, instigate the debate. MAS Context is a 501(c)(3) not for profit organization based in Chicago, Illinois. It is partially supported by a grant from the Graham Foundation for Advanced Studies in the Fine Arts. MAS Context is also supported by Wright. With printing support from Graphic Arts Studio. ISSN 2332-5046 5 “It felt more like a maximum security prison than a gated community SURVEILLANCE / 22 / CONTEXT MAS when the Chicago Housing Authority tried to beef up the safety of the neighborhood. Our privacy was invaded with police cameras Urban watching our every move. -
The Ethics of Intelligence Collection Ross W. Bellaby
What’s the Harm? The Ethics of Intelligence Collection Ross W. Bellaby Thesis submitted in fulfilment of the requirements for the degree of PhD Department of International Politics Aberystwyth University June 13th, 2011 DECLARATION This work has not previously been accepted in substance for any degree and is not being concurrently submitted in candidature for any degree. Signed ...................................................................... (Ross W. Bellaby) Date ........................................................................ STATEMENT 1 This thesis is the result of my own investigations, except where otherwise stated. Where *correction services have been used, the extent and nature of the correction is clearly marked in a footnote(s). Other sources are acknowledged by footnotes giving explicit references. A bibliography is appended. Signed ..................................................................... (Ross W. Bellaby) Date ........................................................................ [*this refers to the extent to which the text has been corrected by others] STATEMENT 2 I hereby give consent for my thesis, if accepted, to be available for photocopying and for inter- library loan, and for the title and summary to be made available to outside organisations. Signed ..................................................................... (Ross W. Bellaby) Date ........................................................................ I hereby give consent for my thesis, if accepted, to be available for photocopying -
State of the Art in Lightweight Symmetric Cryptography
State of the Art in Lightweight Symmetric Cryptography Alex Biryukov1 and Léo Perrin2 1 SnT, CSC, University of Luxembourg, [email protected] 2 SnT, University of Luxembourg, [email protected] Abstract. Lightweight cryptography has been one of the “hot topics” in symmetric cryptography in the recent years. A huge number of lightweight algorithms have been published, standardized and/or used in commercial products. In this paper, we discuss the different implementation constraints that a “lightweight” algorithm is usually designed to satisfy. We also present an extensive survey of all lightweight symmetric primitives we are aware of. It covers designs from the academic community, from government agencies and proprietary algorithms which were reverse-engineered or leaked. Relevant national (nist...) and international (iso/iec...) standards are listed. We then discuss some trends we identified in the design of lightweight algorithms, namely the designers’ preference for arx-based and bitsliced-S-Box-based designs and simple key schedules. Finally, we argue that lightweight cryptography is too large a field and that it should be split into two related but distinct areas: ultra-lightweight and IoT cryptography. The former deals only with the smallest of devices for which a lower security level may be justified by the very harsh design constraints. The latter corresponds to low-power embedded processors for which the Aes and modern hash function are costly but which have to provide a high level security due to their greater connectivity. Keywords: Lightweight cryptography · Ultra-Lightweight · IoT · Internet of Things · SoK · Survey · Standards · Industry 1 Introduction The Internet of Things (IoT) is one of the foremost buzzwords in computer science and information technology at the time of writing. -
An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext
An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext By Isaac Quinn DuPont A thesis submitted in conformity with the requirements for the degree of Doctor of Philosophy Faculty of Information University of Toronto © Copyright by Isaac Quinn DuPont 2017 ii An Archeology of Cryptography: Rewriting Plaintext, Encryption, and Ciphertext Isaac Quinn DuPont Doctor of Philosophy Faculty of Information University of Toronto 2017 Abstract Tis dissertation is an archeological study of cryptography. It questions the validity of thinking about cryptography in familiar, instrumentalist terms, and instead reveals the ways that cryptography can been understood as writing, media, and computation. In this dissertation, I ofer a critique of the prevailing views of cryptography by tracing a number of long overlooked themes in its history, including the development of artifcial languages, machine translation, media, code, notation, silence, and order. Using an archeological method, I detail historical conditions of possibility and the technical a priori of cryptography. Te conditions of possibility are explored in three parts, where I rhetorically rewrite the conventional terms of art, namely, plaintext, encryption, and ciphertext. I argue that plaintext has historically been understood as kind of inscription or form of writing, and has been associated with the development of artifcial languages, and used to analyze and investigate the natural world. I argue that the technical a priori of plaintext, encryption, and ciphertext is constitutive of the syntactic iii and semantic properties detailed in Nelson Goodman’s theory of notation, as described in his Languages of Art. I argue that encryption (and its reverse, decryption) are deterministic modes of transcription, which have historically been thought of as the medium between plaintext and ciphertext. -
Numbers Stations
Numbers Stations What are Numbers Stations? Well this is subject to conjecture with some believing they are weather broadcasts in 5 figure codes, some others believe they may be hoax broadcasts. The majority of those who have listened to these signals over long periods believe they are from several of the world’s secret service agencies to outstations or agents in the field. There is now a significant amount of evidence in public documents and books to support this with the USA’s CIA, Britain’s MI6, Israel’s Mossad and Germany’s BND just some of the countries represented. Messages are sent in various modes e.g. Plain language, CW or Digital modes. The languages used in the first example vary also depending on the country of origin of the signals and they also use both female and male voices and these voices can be “live” or synthesised and can be in AM, USB or SSB modes. The format of the messages are nearly always 5 figure or 5 letter groups. The CW stations sometimes use MCW (modulated CW) which is Morse keyed as a tone on an AM signal. The format of the Morse signal can be as for the plain language types i.e. 5 figure groups, but they also use what are known as “cut numbers” to speed up transmissions. An example of this is to substitute A for 1, U for 2, V for 3, 4 5 and 6 stay as numbers then B for 7, D for 8 and N for 9 which means only 9 different characters need to be sent. -
New Developments in Cryptology Outline Outline How NOT to Use A
New Developments in Cryptography February 2007 Bart Preneel Outline New developments in cryptology • 1. Cryptology: protocols – identification/entity authentication – key establishment Prof. Bart Preneel • 2. Public Key Infrastructures COSIC Bart.Preneel(at)esatDOTkuleuven.be • 3. Secure Networking protocols http://homes.esat.kuleuven.be/~preneel – Internet Security: email, web, IPSEC, SSL • 4. Using cryptography well • 5. New developments in cryptology © Bart Preneel. All rights reserved Outline How to use cryptographic algorithms • Modes of operation • Modes of operation • Padding and error messages • The hash function disaster • Authenticated encryption • How to encrypt using RSA • Algorithm: secure design and • How to encrypt with RSA implementation • Obfuscation • SPAM fighting How NOT to use a block cipher: ECB mode An example plaintext P1 P2 P3 block block block cipher cipher cipher C1 C2 C3 1 New Developments in Cryptography February 2007 Bart Preneel Encrypted with substitution and transposition cipher Encrypted with AES in ECB and CBC mode How to use a block cipher: CBC mode CBC mode decryption P1 P2 P3 P1 P2 P3 IV IV AES AES AES AES-1 AES-1 AES-1 C1 C2 C3 C1 C2 C3 What if IV is constant? CBC with incomplete plaintext (1) Plaintext length P2’ P3’ 1 byte P1 in bytes IV P1 P2 P3|| 0000..0 IV AES AES AES C1 C2’ C3’ AES AES AES Repetition in P results in repetition in C: ⇒ information leakage need random and secret IV C1 C2 C3 2 New Developments in Cryptography February 2007 Bart Preneel CBC with incomplete plaintext (2) CBC with -
What Role for the Cia's General Counsel
Sed Quis Custodiet Ipsos Custodes: The CIA’s Office of General Counsel? A. John Radsan* After 9/11, two officials at the Central Intelligence Agency (CIA) made decisions that led to major news. In 2002, one CIA official asked the Justice Department’s Office of Legal Counsel (OLC) to clarify how aggressive CIA interrogators could be in questioning al Qaeda operatives held overseas.1 This request led to the August 2002 memorandum, later leaked, in which John Yoo argued that an interrogator crosses the line into torture only by inflicting pain on a par with organ failure.2 Yoo further suggested that interrogators would have many defenses, justifications, and excuses if they faced possible criminal charges.3 One commentator described the advice as that of a “mob lawyer to a mafia don on how to skirt the law and stay out of prison.”4 To cool the debate about torture, the Bush administration retracted the memorandum and replaced it with another.5 The second decision was made in 2003, when another CIA official asked the Justice Department to investigate possible misconduct in the disclosure to the media of the identity of a CIA employee. The employee was Valerie Plame, a covert CIA analyst and the wife of Ambassador Joseph Wilson. * Associate Professor of Law, William Mitchell College of Law. The author was a Justice Department prosecutor from 1991 until 1997, and Assistant General Counsel at the Central Intelligence Agency from 2002 until 2004. He thanks Paul Kelbaugh, a veteran CIA lawyer in the Directorate of Operations, for thoughtful comments on an early draft, and Erin Sindberg Porter and Ryan Check for outstanding research assistance. -
The Export of Cryptography in the 20 Century and the 21
The Export of Cryptography th st in the 20 Century and the 21 ∗ Whitfield Diffie and Susan Landau Sun Microsystems, Inc Palo Alto CA April 19, 2005 August 2000 On the 14th of January 2000, the Bureau of Export Administration issued long-awaited revisions to the rules on exporting cryptographic hardware and software. The new regulations, which grew out of a protracted tug of war between the computer industry and the U.S. Government, are seen by indus- try as a victory. Their appearance, which was attended by both excitement and relief, marked a substantial change in export policy. This paper exam- ines the evolution of export control in the cryptographic area and considers its impact on the deployment of privacy-protecting technologies within the United States. Before the electronic age, all \real-time" interaction between people had to take place in person. Privacy in such interactions could be taken for granted. No more than reasonable care was required to assure yourself that only the people you were addressing | people who had to be right there with you | could hear you. Telecommunications have changed this. The people with whom you interact no longer have to be in your immediate vicinity; they can be on the other side of the world, making what was once impossible spontaneous and inexpensive. Telecommunication, on the other hand, makes protecting yourself from eavesdropping more difficult. Some other security mechanism is required to replace looking around to see that ∗To appear in the Handbook of the History of Information Security Elsevier B.V. 1 no one is close enough to overhear: that mechanism is cryptography, the only security mechanism that directly protects information passing out of the physical control of the sender and receiver. -
Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men
Zerohack Zer0Pwn YourAnonNews Yevgeniy Anikin Yes Men YamaTough Xtreme x-Leader xenu xen0nymous www.oem.com.mx www.nytimes.com/pages/world/asia/index.html www.informador.com.mx www.futuregov.asia www.cronica.com.mx www.asiapacificsecuritymagazine.com Worm Wolfy Withdrawal* WillyFoReal Wikileaks IRC 88.80.16.13/9999 IRC Channel WikiLeaks WiiSpellWhy whitekidney Wells Fargo weed WallRoad w0rmware Vulnerability Vladislav Khorokhorin Visa Inc. Virus Virgin Islands "Viewpointe Archive Services, LLC" Versability Verizon Venezuela Vegas Vatican City USB US Trust US Bankcorp Uruguay Uran0n unusedcrayon United Kingdom UnicormCr3w unfittoprint unelected.org UndisclosedAnon Ukraine UGNazi ua_musti_1905 U.S. Bankcorp TYLER Turkey trosec113 Trojan Horse Trojan Trivette TriCk Tribalzer0 Transnistria transaction Traitor traffic court Tradecraft Trade Secrets "Total System Services, Inc." Topiary Top Secret Tom Stracener TibitXimer Thumb Drive Thomson Reuters TheWikiBoat thepeoplescause the_infecti0n The Unknowns The UnderTaker The Syrian electronic army The Jokerhack Thailand ThaCosmo th3j35t3r testeux1 TEST Telecomix TehWongZ Teddy Bigglesworth TeaMp0isoN TeamHav0k Team Ghost Shell Team Digi7al tdl4 taxes TARP tango down Tampa Tammy Shapiro Taiwan Tabu T0x1c t0wN T.A.R.P. Syrian Electronic Army syndiv Symantec Corporation Switzerland Swingers Club SWIFT Sweden Swan SwaggSec Swagg Security "SunGard Data Systems, Inc." Stuxnet Stringer Streamroller Stole* Sterlok SteelAnne st0rm SQLi Spyware Spying Spydevilz Spy Camera Sposed Spook Spoofing Splendide