DOCSLIB.ORG

Math4security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Math4security Math4Security Julio López Fenner Departamento Ciencias de Computación e Informática (DCI), Universidad de La Frontera, Temuco, Chile January 2020 English Week 2019, IUT2, Université Grenoble Alpes, Grenoble, France Outline What is Security? Math 4 Crypto Computational Number Theory & Algebra Probability & Statistics Elliptic Curves Emerging Topic: IoT 1 What is Security? Shutdown or the most secure system 2 Figure 1: https://techlawforum.files.wordpress.com/2017/03/internet-shutdowns.jpg Security 3 Digital Footprints and social engineering Figure 2: https://www.teachthought.com/the-future-of-learning/11-tips-for-students-tomanage-their-digital-footprints/ 4 Social Engineering: OSINT Figure 3: https://www.pcwdld.com/osint-tools-and-software 5 OSINT https://www.pcwdld.com/osint-tools-and-software • Recon-ng: A web reconnaissance and OSINT framework written in Python. It can automate the process of information-gathering by thoroughly and quickly exploring the open-source information on the web. • Shodan: Search engine for interconnected or IoT devices. It can also be used to monitor databases to see if they have data leaks on public sites, and it can even find hidden video game servers within corporate networks. • Maltego: Computer forensics, GHDB (Google Hacking Database), etc. 6 10 Steps for Cybersecurity Figure 4: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png 7 Information Security Figure 5: https://www.techopedia.com/definition/10282/information-security-is 8 The Parkerian Hexad Figure 6: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png 9 The CIA Triad 10 Figure 7: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png Parker 1998 Figure 8: https://i.pinimg.com/originals/11/f9/ca/11f9caf74854ecba52b9d6067a7e6238.png 11 Vulnerabilities of Computing Systems Figure 9: https://books.google.co.in/books/about/Security_in_Computing.html?id=O3VB-zspJo4C 12 Find the X! 13 Figure 10: https://www.tshirtsandallstore.com/63-thickbox_default/why-do-we-need-math.jpg Responsive or Preemptive? Figure 11: http://news.mit.edu/2016/ai-system-predicts-85-percent-cyber-attacks-using-input-human-experts-0418 14 Math for Cybersecurity Entry level cyber security careers generally only require basic math concepts that are used in binary, cryptography or programming tasks, https://startacybercareer.com/do-i-need-math-for-cyber-security/ Contents • Probability theory • Data Analysis & Statistics • Analysis of algorithms • Graph Theory • Complexity theory • Game Theory • Number theory • Visualization & String Analysis • Group theory • Linear Algebra 15 Math 4 Crypto Math 4 Crypto Contents • Classical cryptographical constructions: Diffie Hellman Key exchange, discrete logarithm, RSA cryptosystems, digital signatures • Mathematical tools: primality testing, factorization algorithms, probability theory, information theory, collission algorithms • Innovations: Elliptic curves, latttice based cryptography, NTRU cryptosystems 16 The integers 17 Solving linear congruences Divisibility Primality a divides b is a divisor of c is a Fundamental theorem of multiple of d is divisible by e with arithmetic: Every non-zero integer remainder r and integer division k. is a product of primes: e1 e2 er b = k ·a+r; r 2 f0; 1;::: a−1g: n = ±p1 p2 ::: pr : The mod operator a mod b := r () a = q · b + r; 0 ≤ r < b 18 Solving linear congruences a · z = b mod n 19 Chinese remainder theorem 20 ∗ ∗ Residue Classes Zn and Euler’s phi function '(n) := jZnj 21 ∗ ∗ Residue Classes Zn and Euler’s phi function '(n) := jZnj Zn = f[0]; [1];::: [n − 1]:[i] = i + nZg the set of residue classes modulo n. ∗ −1 Zn = fα 2 Zn : 9α () gcd(α; n) = 1g the set of elements of Zn that have a multiplicative inverse. n is prime n composite ∗ ∗ Zn = Zn n f[0]g Zn (Zn n f[0]g 22 Some properties of ' with primes • '(pe ) = pe − pe−1 = pe−1(p − 1) e1 e2 er Qr • n = p1 · p2 ··· pr , then '(n) = n i=1(1 − 1=pi ) ∗ '(n) • Euler’s theorem: α 2 Zn, then α = 1. p • Fermat’s little theorem: p prime, then for all α 2 Zp: α = α. • Wilson’s theorem: p 6= 2 prime number: (p − 1)! = −1 mod p. 23 Long story short: What can we do with integers? Caesar’s encryption or affine encryption x 7! x + k mod 26; k 2 Z26 2 x 7! a · x + b mod 26 k = (a; b) 2 Z26 Block (stream) encryption Example: Blocks of 10 bits https://www.usna.edu/Users/cs/wcbrown/courses/S18SI335/notes/03/notes.html 24 Long story short: What can we do with integers? Figure 12: https://cdn.ttgtmedia.com/rms/onlineImages/block_stream_cipher_01_mobile.jpg 25 RSA or Public Key Figure 13: https://www.isites.info/PastConferences/ISITES2015/ISITES2015/papers/B7-ISITES2015ID28.pdf 26 RSA Key Gen 27 Kerkhoff’s principles 28 Secrecy of the Key not the Method! Diffie-Hellman Key exchange Figure 14: https://www.practicalnetworking.net/wp-content/uploads/2015/11/dh-revised.png 29 Other Applications Signatures Figure 15: https://www.tutorialspoint.com/cryptography/images/public_key_cryptography.jpg 30 Other Applications Hash functions Figure 16: http://i.stack.imgur.com/eCCob.png 31 Hash functions for Crypto Figure 17: commons.wikimedia.com 32 Birthday Paradox Figure 18: https://demonstrations.wolfram.com/BirthdayParadoxProbabilityEstimates/ 33 Salting the Hash Figure 19: https://crackstation.net/hashing-security.htm Needs Random Numbers (Cryptographically secure) Figure 20: https://laughingsquid.com/cloudflare-wall-of-lava-lamps/ 34 Elliptic curve cryptosystems (ECC) ECC Procedure • Discovered 1985 by Miller & • y 2 = x 3 + ax + b Koblitz • Horizontal symmetry • Base upon logarithms in finite • Any vertical line intersect the fields curve at three points at most • Provides equivalent security as RSA with shorter Key lengths, Figure 21: 35 https://www.allaboutcircuits.com/technical-articles/elliptic-curve-cryptography-in-embedded-systems/ The Diffie-Hellman Elliptic-Curve Key Exchange (DHEC) • Alice and Bob first agree to use the same curve and a few other parameters, and then they pick a random point G on the curve. • Alice choose secret α, Bob choose secret β and each determine αG and βG which they interchange publicly. • The secret is S = α(βG) = β(αG) Figure 22: https://www.allaboutcircuits.com/technical-articles/elliptic-curve-cryptography-in-embedded-systems/ 36 DHEC DHEC uses a publicly known equation with large coefficients and modulus, for example, curve1559, which might very well be securing your browser right now. Figure 23: https://www.allaboutcircuits.com/technical-articles/elliptic-curve-cryptography-in-embedded-systems/ Elliptic-curve Diffie-Hellman allows microprocessors to securely determine a shared secret key while making it very difficult for a bad actor to determine that same shared key. 37 The NSA-Cryptography controversy of 2012 Figure 24: https://itsfoss.com/nsas-encryption-algorithm-in-linux-kernel-is-creating-unease-in-the-community/comment-page-5/ 38 NSA Backdoors? • Random number generators: The Dual-EC-DBRG generator was based on an elliptic curve cryptosystem, ... was proposed as a standard by NIST (with the technical support of NSA) in 2006, and became a U.S. standard (NIST Special Publication 800-90A) in 2007. • Parameters for Dual-EC were specified as certain constants with no explanation or justification for those numbers. • “Based on public concerns and an evaluation of the algorithm, NIST is proposing the removal of the Dual Elliptic Curve Deterministic Random Bit Generator.” https://www.nist.gov/news-events/news/2015/06/ nist-revises-key-computer-security-publication-random-number-generation • ISO blocks NSA’s latest IoT encryption systems amid murky tales of backdoors and bullying. Experts complain of shoddy tech specs and personal attacks https://www.theregister.co.uk/2018/04/25/nsa_iot_encryption/ 39 NSA 2020? Figure 25: https://searchsecurity.techtarget.com/news/252476828/NSA-reports-flaw-in-Windows-cryptography-core Affects: HTTPS connections, signed files and emails and signed executable code. Figure 26: https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF 40 Splitting the bits: SMPC Shamir’s secret sharing Figure 27: https://en.wikipedia.org/wiki/Shamir’s_Secret_Sharing and https://image.cagle.com/195595/750/195595.png 41 Splitting the bits: SMPC An example Figure 28: https://en.wikipedia.org/wiki/Shamir’s_Secret_Sharing 42 SMPC Figure 29: https://en.wikipedia.org/wiki/Secure_multi-party_computation 43 SMPC Figure 30: https://www.reddit.com/r/instar/comments/8k6yir/secure_multiparty_computation_smpc_in_a_nutshell/ 44 Millionnaire’s problem Figure 31: https://www.reddit.com/r/instar/comments/8k6yir/secure_multiparty_computation_smpc_in_a_nutshell/ 45 Protocols • Zero knowledge proof’s: Prove to other parties that [something] is true without revealing anything about that [something] • (Shamir’s) (Threshold) Secret Sharing: A pre-configured amount of parties have to agree (threshold) to decrypt the answer before the answer can be decrypted. • Oblivious Transfer: Fragmented data is sent without revealing what and when part of the data is sent. 46 ZKP’s 47 Figure 32: https://101blockchains.com/zero-knowledge-proof/ ZKP’s (continued) Figure 33: https://www.cryptologie.net/article/193/schnorrs-signature-and-non-interactive-protocols/ 48 ZKP’s (continued) Figure 34: https://www.cryptologie.net/article/193/schnorrs-signature-and-non-interactive-protocols/ 49 Oblivious Transfer Oblivious Transfer (OT): ”... a type of protocol in which a sender transfers one of potentially many pieces of information to a receiver, but remains oblivious as to what piece (if any) has been transferred. Claude Crépeau showed that Rabin’s oblivious transfer is equivalent to 1-2 oblivious transfer”. • https://www.semanticscholar.org/topic/ Oblivious-transfer/333513 • https://en.wikipedia.org/wiki/Oblivious_transfer https://crypto.stanford.edu/~dabo/courses/cs355_ spring14/syllabus.html • https://www.cis.upenn.edu/~nadiah/courses/ cis800-02-f13/hemenway-otsmc.pdf (No lo veremos ahora) • https://github.com/mayank0403/ Oblivious-Transfer-and-Zero-Knowledge-Proof 50 1-out of 2 OT • Alice has two messages, m0, m11 and wants to send exactly one of them to Bob.
Load more

Recommended publications
  • Harris Sierra II, Programmable Cryptographic
    TYPE 1 PROGRAMMABLE ENCRYPTION Harris Sierra™ II Programmable Cryptographic ASIC KEY BENEFITS When embedded in radios and other voice and data communications equipment, > Legacy algorithm support the Harris Sierra II Programmable Cryptographic ASIC encrypts classified > Low power consumption information prior to transmission and storage. NSA-certified, it is the foundation > JTRS compliant for the Harris Sierra II family of products—which includes two package options for the ASIC and supporting software. > Compliant with NSA’s Crypto Modernization Program The Sierra II ASIC offers a broad range of functionality, with data rates greater than 300 Mbps, > Compact form factor legacy algorithm support, advanced programmability and low power consumption. Its software programmability provides a low-cost migration path for future upgrades to embedded communications equipment—without the logistics and cost burden normally associated with upgrading hardware. Plus, it’s totally compliant with all Joint Tactical Radio System (JTRS) and Crypto Modernization Program requirements. The Sierra II ASIC’s small size, low power requirements, and high data rates make it an ideal choice for battery-powered applications, including military radios, wireless LANs, remote sensors, guided munitions, UAVs and any other devices that require a low-power, programmable solution for encryption. Specifications for: Harris SIERRA II™ Programmable Cryptographic ASIC GENERAL BATON/MEDLEY SAVILLE/PADSTONE KEESEE/CRAYON/WALBURN Type 1 – Cryptographic GOODSPEED Algorithms* ACCORDION FIREFLY/Enhanced FIREFLY JOSEKI Decrypt High Assurance AES DES, Triple DES Type 3 – Cryptographic AES Algorithms* Digital Signature Standard (DSS) Secure Hash Algorithm (SHA) Type 4 – Cryptographic CITADEL® Algorithms* SARK/PARK (KY-57, KYV-5 and KG-84A/C OTAR) DS-101 and DS-102 Key Fill Key Management SINCGARS Mode 2/3 Fill Benign Key/Benign Fill *Other algorithms can be added later.
    [Show full text]
  • A History of U.S. Communications Security (U)
    A HISTORY OF U.S. COMMUNICATIONS SECURITY (U) THE DAVID G. BOAK LECTURES VOLUME II NATIONAL SECURITY AGENCY FORT GEORGE G. MEADE, MARYLAND 20755 The information contained in this publication will not be disclosed to foreign nationals or their representatives without express approval of the DIRECTOR, NATIONAL SECURITY AGENCY. Approval shall refer specifically to this publication or to specific information contained herein. JULY 1981 CLASSIFIED BY NSA/CSSM 123-2 REVIEW ON 1 JULY 2001 NOT RELEASABLE TO FOREI6N NATIONALS SECRET HA~mLE YIA COMINT CIIA~HJELS O~JLY ORIGINAL (Reverse Blank) ---------- • UNCLASSIFIED • TABLE OF CONTENTS SUBJECT PAGE NO INTRODUCTION _______ - ____ - __ -- ___ -- __ -- ___ -- __ -- ___ -- __ -- __ --- __ - - _ _ _ _ _ _ _ _ _ _ _ _ iii • POSTSCRIPT ON SURPRISE _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I OPSEC--------------------------------------------------------------------------- 3 ORGANIZATIONAL DYNAMICS ___ -------- --- ___ ---- _______________ ---- _ --- _ ----- _ 7 THREAT IN ASCENDANCY _________________________________ - ___ - - _ -- - _ _ _ _ _ _ _ _ _ _ _ _ 9 • LPI _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I I SARK-SOME CAUTIONARY HISTORY __ --- _____________ ---- ________ --- ____ ----- _ _ 13 THE CRYPTO-IGNITION KEY __________ --- __ -- _________ - ---- ___ -- ___ - ____ - __ -- _ _ _ 15 • PCSM _ _ _ _ _ _ _ _ _ _ _ _ _ _
    [Show full text]
  • NSA's Survaliance of the Internet
    NSA’s survaliance of the internet Can open-source help? KLID presentation May 21, 2015 Luke Herbert [email protected] Professionelle Keld Simonsen [email protected] Linux-Interessenter Can open-sourcei Danmark help? May 21, 2015 1/ 82 → Contents 1 Introduction 2 Tailored Access Operations 3 Data Collection 4 Analysis 5 Hacking (Malware) 6 Cryptography 7 Using the Data 8 Open-Source Possibilities 9 Conclusion Can open-source help? May 21, 2015 2/ 82 Introduction → NSA National Security Agency (NSA) ”The National Security Agency/Central Security Service (NSA/CSS) leads the U.S. Government in cryptology that encompasses both Signals Intelligence (SIGINT) and Information Assurance (IA) products and services, and enables Computer Network Operations (CNO) in order to gain a decision advantage for the Nation and our allies under all circumstances.” Can open-source help? May 21, 2015 3/ 82 Introduction → 5 Eyes The 5 Eyes alliance (FVEY) UKUSA Agreement • Great Britain • New Zeeland • Canada • Australia Founded August 1941 Backbone STONEGHOST Intel Network Can open-source help? May 21, 2015 4/ 82 Introduction → Partners Partners as of 2013 Glenn Greenwald: No Place To Hide, May-2014. Can open-source help? May 21, 2015 5/ 82 Introduction → Edward Snowden Edward Snowden • Born: 21 June, 1983 • 2006: CIA System admin. • 2009: Dell Consultant at NSA • One of approx. 1000 NSA admins authorised to access almost all systems. • 2010: NSA allows USB sticks to be used in secure areas. • 2013: Charged with Theft of government property, unauthorized communication of national defense information, and ... Can open-source help? May 21, 2015 6/ 82 Introduction → Publication Edward Snowden (ES) • ES stationed at the NSA’s Remote Operations Center facility in Hawaii.
    [Show full text]
  • A Usability Study of Post-Quantum Algorithms
    MARCUS KINDBERG Printed by Tryckeriet i E-huset, Lund 2017 Printed by Tryckeriet A usability study of post-quantum algorithms MARCUS KINDBERG MASTER´S THESIS DEPARTMENT OF ELECTRICAL AND INFORMATION TECHNOLOGY FACULTY OF ENGINEERING | LTH | LUND UNIVERSITY A usability study of post-quantum algorithms Series of Master’s theses Department of Electrical and Information Technology LUND 2017 LU/LTH-EIT 2017-583 http://www.eit.lth.se A usability study of post-quantum algorithms Marcus Kindberg [email protected] Department of Electrical and Information Technology Lund University Principal supervisor: Paul Stankovski Assistant supervisors (Advenica AB): Niklas Lindskog, Sebastian Mauritsson and Alexander Nilsson Examiner: Thomas Johansson June 13, 2017 c 2017 Printed in Sweden Tryckeriet i E-huset, Lund Abstract There is a non-negligible risk that a quantum computer capable of breaking most modern public key encryption will be invented within the next couple of decades. All data that have to stay secret for more than 10-20 years should therefore be en- crypted using quantum-resistant algorithms. There are different ways of approach- ing the problem of quantum security and the currently existing quantum-resistant algorithms for encryption and key exchange can be divided into four categories; Lattice-based, Supersingular elliptic curves, Code-based and Multivariate. The performance of the algorithms in the different categories varies and to evaluate the strengths and weaknesses of each, further study is needed. This thesis provides an overview of algorithms in each category, a comparison of existing implementa- tions of algorithms from the first three categories, and an evaluation of the results.
    [Show full text]
  • Improving Copy Protection for Mobile Apps
    INSTITUT FÜR INFORMATIK DER TECHNISCHEN UNIVERSITÄT MÜNCHEN Dissertation zum Erreichen des akademischen Grades eines Dr. rer. nat. (Doktor der Naturwissenschaften) Improving Copy Protection for Mobile Apps Nils Timotheus Kannengießer INSTITUT FÜR INFORMATIK DER TECHNISCHEN UNIVERSITÄT MÜNCHEN Improving Copy Protection for Mobile Apps Nils Timotheus Kannengießer Vollständiger Abdruck der von der Fakultät für Informatik der Technischen Universität München zur Erlangung des akademischen Grades eines Doktors der Naturwissenschaften (Dr. rer. nat.) genehmigten Dissertation. Vorsitzende/r: Univ. Prof. Dr. Claudia Eckert Prüfer/in der Dissertation: 1. Univ. Prof. Dr. Uwe Baumgarten 2. Prof. Sejun Song, Ph.D. Die Dissertation wurde am 10.08.2016 bei der Technischen Universität München eingereicht und durch die Fakultät für Informatik am 16.11.2016 angenommen. “Copy protection is never perfect” [1] Thomas Aura, Dieter Gollmann Acknowledgements 1 Acknowledgements First of all, I would like to thank my main supervisor Prof. Dr. Uwe Baumgarten, who was always available to discuss any open questions. He also provided many helpful hints during the writing of this dissertation. Ultimately, he gave me the required workspace and utilities as part of my job at TUM, which surely helped me in finishing this document within the recent years. During this time, I highly enjoyed my work as a Teaching/Research Associate at TUM in introducing students to Android, and working closely together on interesting projects with major industry partners from both Germany and the US. Moreover, I would like to thank Prof. Sejun Song, PhD for the feedback he provided as well as his engagement in related research papers throughout these years. He also provided students and me helpful hints in paper writing.
    [Show full text]
  • Applied Cryptography for Cyber Security and Defense: Information Encryption and Cyphering
    Applied Cryptography for Cyber Security and Defense: Information Encryption and Cyphering Hamid R. Nemati University of North Carolina at Greensboro, USA Li Yang University of Tennessee, USA InformatIon scIence reference Hershey • New York Director of Editorial Content: Kristin Klinger Director of Book Publications: Julia Mosemann Acquisitions Editor: Lindsay Johnston Development Editor: Christine Bufton Publishing Assistant: Milan Vracarich Jr. Typesetter: Casey Conapitski Production Editor: Jamie Snavely Cover Design: Lisa Tosheff Published in the United States of America by Information Science Reference (an imprint of IGI Global) 701 E. Chocolate Avenue Hershey PA 17033 Tel: 717-533-8845 Fax: 717-533-8661 E-mail: [email protected] Web site: http://www.igi-global.com Copyright © 2011 by IGI Global. All rights reserved. No part of this publication may be reproduced, stored or distributed in any form or by any means, electronic or mechanical, including photocopying, without written permission from the publisher. Product or company names used in this set are for identification purposes only. Inclusion of the names of the products or com- panies does not indicate a claim of ownership by IGI Global of the trademark or registered trademark. Library of Congress Cataloging-in-Publication Data Applied cryptography for cyber security and defense : information encryption and cyphering / Hamid R. Nemati and Li Yang, editors. p. cm. Includes bibliographical references and index. Summary: "This book is written for professionals who want to improve their understanding about how to bridge the gap between cryptographic theory and real-world cryptographic applications and how to adapt cryptography solutions to emerging areas that have special requirements"--Provided by publisher.
    [Show full text]
  • Mobile Free Space Quantum Key Distribution for Short Distance Secure Communication
    DEPARTMENT OF PHYSICS LUDWIG-MAXIMILIAN-UNIVERSITY OF MUNICH Master’s Thesis Mobile Free Space Quantum Key Distribution for short distance secure communication Tobias Vogl January 21, 2016 Supervised by Prof. Dr. Harald Weinfurter and Gwenaelle Mélen DEPARTMENT FÜR PHYSIK LUDWIG-MAXIMILLIANS-UNIVERSTITÄT MÜNCHEN Masterarbeit Mobile Freiraum Quanten Schlüssel Verteilung für sichere Kommunikation über kurze Distanzen Tobias Vogl January 21, 2016 Betreut durch Prof. Dr. Harald Weinfurter und Gwenaelle Mélen Contents 1 Introduction 1 2 Theoretical Essentials 5 2.1 Conventional Cryptography . 5 2.1.1 Symmetric encryptions . 5 2.1.2 Asymmetric encryptions . 6 2.2 Quantum Mechanical Fundamentals . 8 2.2.1 States, Operators and Measurements . 8 2.2.2 No-cloning Theorem . 10 2.3 Quantum Key Distribution . 10 2.3.1 The BB84 Protocol . 11 2.3.2 Realistic Devices . 12 2.3.3 Other Protocols . 16 2.3.4 Calculation of the Key Rate . 17 2.4 Quantum State Tomography . 21 2.4.1 Stokes parameter . 21 2.4.2 Mueller calculus . 23 2.4.3 QBER in the Stokes formalism . 24 2.4.4 Jones formalism . 25 3 Experimental Part I: Setup 27 3.1 Idea of the Experiment . 27 3.1.1 Design of the Transmitter . 28 3.1.2 Quantum and Classical Channel . 29 3.1.3 Design of the Receiver . 30 3.2 State of the Experiment . 31 3.2.1 State of the Transmitter . 31 3.2.2 Remaining Tasks I . 33 3.2.3 State of the Receiver . 34 3.2.4 Remaining Tasks II . 36 3.3 The Transmitter: Alice Module .
    [Show full text]
  • Guidelines on Cryptographic Algorithms Usage and Key Management
    Guidelines on cryptographic algorithms usage and key management EPC342-08 / Version 10.0 / Produced by PSSG / Date issued: 8 March 2021 This document defines guidelines on cryptographic algorithms usage and key management. © 2021 Copyright European Payments Council (EPC) AISBL: This document is public and may be copied or otherwise distributed provided attribution is made and the text www.epc-cep.eu is not used directly as a source of profit 1 / 75 Guidelines Cryptographic algorithms usage and key management EPC342-08 2021 version 10.0 Date issued: 8 March 2021 Table of Contents Executive Summary .................................................................................................................... 6 1 Introduction ......................................................................................................................... 8 1.1 Scope of the document .............................................................................................................. 8 1.2 Document structure ................................................................................................................... 8 1.3 Recommendations ..................................................................................................................... 9 1.4 Implementation best practices ................................................................................................ 12 2 Algorithm Taxonomy ......................................................................................................... 14 2.1 Technical
    [Show full text]
  • Guidelines on Cryptographic Algorithms Usage and Key Management
    EPC342-08 Version 8.0 18 December 2018 [X] Public – [ ] Internal Use – [ ] Confidential – [ ] Strictest Confidence Distribution: Publicly available GUIDELINES ON CRYPTOGRAPHIC ALGORITHMS USAGE AND KEY MANAGEMENT Abstract This document defines guidelines on cryptographic algorithms usage and key management. Document EPC342-08 Reference Issue Version 8.0 Date of Issue 18 December 2018 Reason for Issue Publication on EPC website Produced by PSSG Authorised by EPC Conseil Européen des Paiements AISBL– Cours Saint-Michel 30A – B 1040 Brussels Tel: +32 2 733 35 33 – Fax: +32 2 736 49 88 Enterprise N° 0873.268.927 – www.epc-cep.eu – [email protected] © 2016 Copyright European Payments Council (EPC) AISBL: Reproduction for non-commercial purposes is authorised, with acknowledgement of the source Document History This document was first produced by ECBS as TR 406, with its latest ECBS version published in September 2005. The document has been handed over to the EPC which is responsible for its yearly maintenance. DISCLAIMER: Whilst the European Payments Council (EPC) has used its best endeavours to make sure that all the information, data, documentation (including references) and other material in the present document are accurate and complete, it does not accept liability for any errors or omissions. EPC will not be liable for any claims or losses of any nature arising directly or indirectly from use of the information, data, documentation or other material in the present document. 2 EPC342-08 v8.0 Approved Guidelines on cryptographic algorithms usage and key management_final TABLE OF CONTENT MANAGEMENT SUMMARY ....................................................................................................... 6 1 INTRODUCTION ................................................................................................................ 8 1.1 Scope of the document .............................................................
    [Show full text]
  • Unclassified Unclassified
    UNCLASSIFIED Exhibit P-40, Budget Line Item Justification: FY 2018 Air Force Date: May 2017 Appropriation / Budget Activity / Budget Sub Activity: P-1 Line Item Number / Title: 3080F: Other Procurement, Air Force / BA 03: Electronics and Telecommunications 831010 / Comsec Equipment Equip / BSA 1: Comm Security Equipment(Comsec) ID Code (A=Service Ready, B=Not Service Ready): A Program Elements for Code B Items: 0207448F Other Related Program Elements: N/A Line Item MDAP/MAIS Code: N/A Prior FY 2018 FY 2018 FY 2018 To Resource Summary Years FY 2016 FY 2017 Base OCO Total FY 2019 FY 2020 FY 2021 FY 2022 Complete Total Procurement Quantity (Units in Each) - - - - - - - - - - - - Gross/Weapon System Cost ($ in Millions) - 136.998 80.359 115.000 0.000 115.000 103.008 90.630 92.704 114.852 - 733.551 Less PY Advance Procurement ($ in Millions) - - - - - - - - - - - - Net Procurement (P-1) ($ in Millions) - 136.998 80.359 115.000 0.000 115.000 103.008 90.630 92.704 114.852 - 733.551 Plus CY Advance Procurement ($ in Millions) - - - - - - - - - - - - Total Obligation Authority ($ in Millions) - 136.998 80.359 115.000 0.000 115.000 103.008 90.630 92.704 114.852 - 733.551 (The following Resource Summary rows are for informational purposes only. The corresponding budget requests are documented elsewhere.) Initial Spares ($ in Millions) - - - - - - - - - - - - Flyaway Unit Cost ($ in Millions) - - - - - - - - - - - - Gross/Weapon System Unit Cost ($ in Millions) - - - - - - - - - - - - Description: PE 0207448F C2ISR TACTICAL DATA LINK Assistant Secretary of Defense/Command, Control, Communications and Intelligence (ASD/C3I) directed implementation of the DoD Cryptographic Modernization Initiative (CMI) on 23 February 2001.
    [Show full text]
  • Lattice-Based Signature Schemes and Their Sensitivity to Fault Attacks
    Lattice-Based Signature Schemes and their Sensitivity to Fault Attacks Nina Bindel and Johannes Buchmann and Juliane Krämer Technische Universität Darmstadt, Germany Email: {nbindel, buchmann, jkraemer}@cdc.informatik.tu-darmstadt.de June 10, 2016 Technology (NIST): in 2015, NSA advertised lattice-based cryptography over elliptic curve cryptography [25] and in Abstract Due to their high efficiency and their strong security properties, lattice-based cryptographic 2016, NIST announced to start a standardization process schemes seem to be a very promising post-quantum for post-quantum cryptography [26]. These developments replacement for currently used public key cryptogra- show that post-quantum cryptography is standing on the phy. The security of lattice-based schemes has been edge of being used in practical applications. deeply analyzed mathematically, whereas little effort Lattice-based constructions promise to be a valuable has been spent on the analysis against implementa- post-quantum replacement for current public-key cryp- tion attacks. tography because of their broad applicability, their high In this paper, we start with the fault analysis of one of the most important cryptographic primitives: efficiency, and their strong security properties. However, signature schemes. We investigate the vulnerabil- when novel cryptographic schemes are brought into prac- ity and resistance of the currently most efficient tice, their mathematical security is not sufficient. Physical lattice-based signature schemes BLISS (CRYPTO attacks which target cryptographic schemes while they are 2013), ring-TESLA (AfricaCrypt 2016), and the GLP being executed also have to be considered to provide the scheme (CHES 2012) and their implementations. We desired level of security. For lattice-based cryptographic consider different kinds of (first-order) randomizing, schemes, until now, little effort has been spent in analyzing zeroing, and skipping faults.
    [Show full text]
  • Meeting Security Challenges of SCADA
    Meeting Security Challenges of SCADA Alecia Copeland-Barrett, Steven Stefano, Stephanie Menoscal Paula Hernandez-Medina, Xinchen Yi, Nadia Walker and Charles Tappert Seidenberg School of Computer Science and Information Systems Pace University Pleasantville, NY 10570, USA Email: [email protected] and fss80137p, sm47236p, ph79486p, xy79419p, nw18485p, [email protected] Abstract—Supervisory Control and Data Acquisition (SCADA) systems capture data from network facilities and sends com- mands to a control feature (automated or staffed) where the physical process creates a feedback control loop. The dynamic nature of SCADA information reflects a high degree of common variance in these areas: wasted resources, network inefficiencies, physical damage, and lost revenues. Poorly managed system data can amplify missed opportunities for users to discover changes embedded within essential operations. Attackers can access simple remote devices such as a fingerprint scanner to learn specific information. The team investigated the practicality of identifying the targeted devices with machine learning. The Fig. 1. ConEd Exposure group provided insights into the important role cryptography plays to secure system links. The sample dataset was an accurate reflection of the monitor and control information associated with elementary gas pipeline field devices. This specific set was are legal requirements to produce and deliver continuous, safe provided by Oak Ridge National Laboratories (ORNL). Our services to customers. group utilized Waikato Environment for Knowledge Analysis Cyber attacks on natural gas SCADA systems are increasing (WEKA) and ORANGE to analyze the ORNL gas pipeline dataset. This data was an insightful vehicle to explore assorted in the utility industry. In 2014 BlackEnergy attackers released types of threats common to Industrial Control Systems (ICS).
    [Show full text]