Sharif Digital Repository

Nowadays, security evaluation of software is a substantial matter in software world. Security level of software will be determined by wealth of data and operation which it provides for us. The security level is usually evaluated by a third party, named Software Security Certification Issuance Centers. It is important for software security evaluators to perform a sound and complete evaluation, which is a complicated process considering the increasing number of emerging threats. In this paper we propose a Threatened-based Software Security Evaluation method to improve the security evaluation process of software. In this method, we focus on existing threatened entities of software which in turn... 

Chevallier-Mames et al, proved that in a specific condition (such as the lack of untappable channels and trusted-third parties), the universal verifiability and privacy-preserving properties of e-voting protocols are incompatible (WOTE'06 and TTE'10). In this paper, we first show a flaw in their proof. Then, we prove that even with more assumptions, such as the existence of TTPs and untappable channels between the authorities, an e-voting protocol is unable to preserve privacy, regardless of verifiability. Finally, we demonstrate that preserving privacy in e-voting protocols requires the provision of at least one of the following assumptions: limited computational power of adversary,... 

In this study, the authors evaluate the security of the lightweight block cipher KLEIN-64 using biclique cryptanalysis. They first point out some new weaknesses of the diffusion layer and key schedule of this algorithm. Then they exploit them to cryptanalyst the full round version of KLEIN-64 using an asymmetric biclique. The (worst case) computations and data complexity of this cryptanalysis are 262.84 and 239, respectively. A modified version of this cryptanalysis is also presented which is slightly faster at the expense of the data required  

One of the important issues in security fields is hidden exchange of information. There are different methods for this purpose such as cryptography and steganography. Steganography is a method of hiding data within a cover media so that other individuals fail to realize their existence. In this paper a new method for steganography in English texts is proposed. In this method the US and UK spellings of words substituted in order to hide data in an English text. For example "color" has different spelling in UK (colour) and US (color). Therefore the data can be hidden in the text by substituting these words  

In this work we have examined the problem of consensus information fusion from a novel point of view, challenging the fundamental assumption of mutual trust among the fusion parties. In quest for a method to make information fusion possible while preserving the mutual confidentiality and anonymity of the fused information even in case of collusion of the malicious nodes, we propose the Blind Information Fusion Framework (BIFF). In BIFF, which is a secure information fusion framework, the nodes are not aware of the actual information they are processing, yet converging to the intended result(s). We formulate BIFF according to the anonymization transform and discuss its robustness against... 

By a great leap, the computer game industry has today reached fame as big as filmmaking industry. Upon introduction of the new generation of game consoles, this industry will witness spectacular progress. One of these next generation consoles is Nintendo console named "Wii". This console has a new game pad which utilizes motion sensors. On the other hand, facilities such as internet connection are added in new consoles and they are not merely for playing. It is observed that placing password for creating usernames by game consoles is difficult. By the use of the specifications of Wii console game pads, a method for user authentication and entering password is proposed in this paper. By using... 

We show that the criticism of a recent Comment by Gao on the insecurity of the quantum secret sharing protocol [proposed in S. Bagherinezhad and V. Karimipour, Phys. Rev. A 67, 044302 (2003)] is based on a misconception about the meaning of security and hence is invalid. © 2005 The American Physical Society  

Biclique attack is one of the most recent methods for cryptanalysis of block ciphers. In this paper, we present a new biclique attack on the full round of the lightweight block cipher CLEFIA-128. We obtained 2127.44 for computational complexity while the data complexity is 264 and memory complexity is 27. To the best of our knowledge, it is the first biclique attack on the full CLEFIA-128 lightweight block cipher. Also, we show that MITM attack in the way of using partial matching with precomputation and recomputation technique can reduce the data complexity of the attack to only 2 known plaintext-ciphertext pairs  

Recently, AIDA/cube testers have been revealed to be useful in building distinguishers for several cryptography schemes. χ2 tests, on the other hand, are well known and extensively used for distinguishing purposes. In this study, the notion of multi-χ2 test and AIDA/cube testers are utilised to introduce the superpoly algebraic normal form monomial test through which the output of reduced round Trivium is distinguished from being random. The test successfully distinguishes the keystream of Trivium with 830 out of 1152 initialisation rounds with a complexity of 239 operations, which is the most effective distinguisher on reduced Trivium thus far. Applying algebraic IV differential attack... 

The cooperative relay cognitive interference channel (RCIC) is a four-node network with two source nodes (primary source and cognitive source) and two destination nodes, in which sources try to communicate at certain rates with their corresponding destinations simultaneously through a common medium and each destination can act as a relay to assist the other one. In this paper, we study partially and fully cooperative state-dependent relay cognitive interference channels (RCICs) with perfect causal channel state information (CSI). For each of these channels, we investigate three different cases. For the first case, perfect causal CSI is available at both the source and relay nodes; for the... 

A Publicly Verifiable Secret Sharing (PVSS) scheme, as introduced by Stadler, has a feature where anyone, besides the participants, can verify the validity of the shares distributed by the dealer. Schoenmakers added a new feature, by providing a proof of correctness of the shares released by the players in the reconstruction process. This protocol is claimed to be an improvement on Stadler's and Fujisaki-Okamoto's, both in efficiency and in the type of intractability assumptions. However, Young-Yung improved Schoenmakers' PVSS, using a Discrete-Log instead of a Decision Diffie-Hellman. In this paper, a new PVSS is presented, having an intrinsic difference with its predecessors, that is, the... 

ABC is a synchronous stream cipher proposed by Anashin, Bogdanov, Kizhvatov and Kumar as a candidate for ECRYPT Project (call for Stream Cipher). ABC cipher consists of three component named A, B, and C and gets a key and an Initial Vector (IV) each of 128-bit length. In this paper we propose a new distinguish attack to finding the internal state of component B and C of ABC algorithm in time complexity of 288. This attack is completely retrieves internal state of those components by analyzing the 232 32-bits word sequences of C component output of this cipher  

Composite field arithmetic is known as an alternative method for lookup tables in implementation of S-box block of AES algorithm. The idea is to breakdown the computations to lower order fields and compute the inverse there. Recently this idea have been used both for reducing the area in implementation of S-boxes and masking implementations of AES algorithm. The most compact design using this technique is presented by Canright using only 92 gates for an S-box block. In another approach, IAIK laboratory has presented a masked implementation of AES algorithm with higher security comparing common masking methods using Composite field arithmetic. Our work in this paper is to use basic ideas of... 

Following the expansion of Internet, many software were produced that could launch through Internet without prior installation on computers. This included game software and software that deal with financial affairs. These softwares are mainly in Java language and can be found on web pages as Java Applets. Some software owners want that their products only able to execute through their own web pages so that no one could put them on other web pages. In this paper, a new method has been presented to protect Java Applets from copying by using "Steganography in HTML web pages" method. In this method, a special 8-character string is hidden in the HTML page by a secret key. The string and the... 

In this paper, a new multi-secret threshold scheme based on linear algebra and matrices is proposed. Unlike many recently proposed methods, this method lets the use of conventional cryptographic algorithms in sharing multiple secrets. Our scheme is a multi-use scheme, which in some cases, the amount of computations is considerably reduced. Also, in this paper bounds on the maximum number of participants, for a given threshold value, are obtained. © 2010  

A quantum protocol for secure transmission of data using qubits is presented. This protocol sends one qubit in a round-trip to transmit one bit of data. The protocol offers an improvement over the BB84 QKD protocol. BB84, in conjunction with one-time pad encryption, has been shown to be unconditionally secure. However its security relies on the assumption that the qubit source device does not emit multiple replicas of the same qubit for each transmitted bit. If this happens a multi-qubit emission attack can be launched. In addition, BB84 cannot be used to send predetermined bit strings as it generates a random bit string in the process. Our protocol does not have the above drawbacks, but... 

TOR is one of the most famous anonymity networks. TOR works correctly when at least one honest relay exists along an established circuit. However, many attacks reveal anonymity of TOR communications by watermarking traffics, changing timings, counting cells per packets, and recently, introducing errors in cells. This paper focuses on protocol-level attacks which can de-anonymize users by changing a cell, and provides a solution for this attack by changing the way integrities of cells are checked. The proposed design allows all relays, not just the exit node, to check the integrity of cells, independently. In addition, this paper proposes a novel method, based on the concept of... 

This paper presents cube and dynamic cube attacks on reduced-round lightweihgt block cipher SIMON32/64, proposed by U.S. National Security Agency in 2013. Cube attack is applied to 17 rounds out of 32 rounds of SIMON using a 13-round distinguisher and dynamic cube breaks 14 rounds out of 32 rounds using 10-round distinguishers. Both attacks recover the full 64-bit key of the cipher in a practical time complexity  

Multi-layer schemes have been proposed for steganography. Also some authors have combined these methods with the idea of wet paper codes and gained higher embedding efficiency. This paper proposes a generalized multi-layer method for wet paper embedding. First, the cover bits are divided into blocks and, by combining these bits in groups of 3, a pyramid is formed. Next, the secret message is embedded through a layer-by-layer procedure. The proposed method has higher embedding efficiency in some cases and provides more flexibility for choosing the embedding payload, especially in lower payload conditions  

This paper analyzes the Piccolo family of lightweight block ciphers against the impossible differential cryptanalysis. A combination of some ploys such as decreasing the S-box computations, finding an appropriate propagation of differentials, utilizing hash tables and using the linearity of the key-schedule as well as disregarding subkeys of two rounds lead to 12-round and 13-round impossible differential attack on Piccolo-80 and 15-round attack on Piccolo-128. The time and data complexity of the attack against Piccolo-80 is 255.18 and 236.34 for 12-round and 269.7 and 243.25 for 13-round, respectively. Moreover, the time and data complexity for 15 rounds cryptanalysis of Piccolo-128 are...