919 Hits in 2.4 sec

MAC Precomputation with Applications to Secure Memory [chapter]

Juan Garay, Vladimir Kolesnikov, Rae McLellan
2009 Lecture Notes in Computer Science  
Our motivating application is a system architecture where a hardware-secured processor uses memory controlled by an adversary.  ...  (See our comparison with [39] , presented in related work on secure memory below.)  ...  Their idea is to use a highly efficient CRC (CRC8 or CRC32) as the MAC of memory block m, and to encrypt stored data by XORing it with a one-time pad (OTP).  ... 
doi:10.1007/978-3-642-04474-8_34 fatcat:u2nmk3mwbrfmlnzidwcxatvqq4

MAC Precomputation with Applications to Secure Memory

Juan A. Garay, Vladimir Kolesnikov, Rae Mclellan
2016 ACM Transactions on Privacy and Security  
Our motivating application is a system architecture where a hardware-secured processor uses memory controlled by an adversary.  ...  (See our comparison with [39] , presented in related work on secure memory below.)  ...  Their idea is to use a highly efficient CRC (CRC8 or CRC32) as the MAC of memory block m, and to encrypt stored data by XORing it with a one-time pad (OTP).  ... 
doi:10.1145/2943780 fatcat:bakr4m3wzvhwxcqjbm42ppqitm

Authenticated encryption on FPGAs from the static part to the reconfigurable part

Karim M. Abdellatif, Roselyne Chotin-Avot, Habib Mehrez
2014 Microprocessors and microsystems  
Also, it is used in the reconfigurable part of the FPGA to support applications which need security requirements like Virtual Private Networks (VPNs).  ...  Combining these two security services in hardware produces smaller area compared to two separate algorithms.  ...  Also, AE is used to compute the MAC and compare it with the bitstream's MAC. If they are equal, the FPGA will continue to the startup sequence.  ... 
doi:10.1016/j.micpro.2014.03.006 fatcat:bnwwochauzb33ieopovzhighnq

IoD-Crypt: A Lightweight Cryptographic Framework for Internet of Drones [article]

Muslum Ozgur Ozmen, Rouzbeh Behnia, Attila A. Yavuz
2019 arXiv   pre-print
It is therefore vital to ensure the security and privacy of IoD.  ...  Our integrations and optimizations are broadly applicable to key exchange, digital signature and public key encryption schemes that encompass generic applications of PKC in IoD.  ...  However, these precomputation tables are stored as a part of the flash memory of ATmega 2560 and they take less than 10% of the memory.  ... 
arXiv:1904.06829v1 fatcat:73oxxyn5czdzlflo352p25gvq4

Integrity and performance in network attached storage [chapter]

Howard Gobioff, David Nagle, Garth Gibson
1999 Lecture Notes in Computer Science  
integrating security into network storage system.  ...  For receivers, where precomputation cannot be done, we outline an inline message authentication code that minimizes buffering requirements.  ...  We thank Bennet Yee for his helpful discussions on the security of Hier-MAC. Finally, we thank Joan Digney for helping to prepare this technical report.  ... 
doi:10.1007/bfb0094926 fatcat:lcz7e5s3xfbx7ezgsb2oeujgii

Updates on Generic Attacks against HMAC and NMAC [chapter]

Jian Guo, Thomas Peyrin, Yu Sasaki, Lei Wang
2014 Lecture Notes in Computer Science  
With O(2 l ) precomputation, the internal key Kout is firstly recovered with O(2 2l/3 ) computations by exploiting the Hellman's time-memory tradeoff, and then the other internal key Kin is recovered with  ...  It is assumed that the adversary can interact with an oracle that outputs the valid tag T = MAC(K, M) when queried with a message M).  ...  The authors would like to thank the anonymous referees for their helpful comments, especially for suggesting the conversion from the previous distinguishing-H attack into the selective forgery attack.  ... 
doi:10.1007/978-3-662-44371-2_8 fatcat:lbls3bfmazgbfly3iplokjld24

I2SEMS: Interconnects-Independent Security Enhanced Shared Memory Multiprocessor Systems

Manhee Lee, Minseon Ahn, Eun Jung Kim
2007 Parallel Architecture and Compilation Techniques (PACT), Proceedings of the International Conference on  
The stable keystream hit rate shows that I 2 SEMS works well with both memory-read and memory-write dominant applications.  ...  We tested our design with SPLASH-2 benchmarks on up to 16-processor shared memory multiprocessor systems.  ...  In-depth experiments with those server applications should fortify the I 2 SEMS design.  ... 
doi:10.1109/pact.2007.4336203 fatcat:62pacrxg2feeheqlzn54enu2di

Cryptanalysis with COPACOBANA

Tim Güneysu, Timo Kasper, Martin Novotný, Christof Paar, Andy Rupp
2008 IEEE transactions on computers  
us to extrapolate more reliable security estimates for real-world bit lengths.  ...  Even though breaking RSA or elliptic curves with parameter lengths used in most practical applications is out of reach with COPACOBANA, our attacks on algorithms with artificially short bit lengths allow  ...  and Stefan Spitz, for their tremendous help on our work with COPACOBANA and its applications.  ... 
doi:10.1109/tc.2008.80 fatcat:pl4gthjisjgond3au5qrracuju

Accelerating memory decryption and authentication with frequent value prediction

Weidong Shi, Hsien-Hsin S. Lee
2007 Proceedings of the 4th international conference on Computing frontiers - CF '07  
In MAC speculation, a secure processor pre-computes MAC for speculated frequent values and compares the MAC result with the fetched MAC from memory.  ...  A number of recent secure processor designs have used memory block encryption and authentication to protect un-trusted external memory.  ...  To implement MAC speculation, a secure processor will along with each speculated ciphertext speculate its corresponding MAC value.  ... 
doi:10.1145/1242531.1242539 dblp:conf/cf/ShiL07 fatcat:z54jp3wr3nbs3ckzxyptwcdyme


Ruan de Clercq, Ronald de Keulenaer, Pieter Maena, Bart Preneel, Bjorn De Sutter, Ingrid Verbauwhede
2017 Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security - ASIA CCS '17  
An increasing number of applications implemented on a SoC (System-on-chip) require security features.  ...  In addition, SCM has the flexibility to select the parts of the software to be protected, which eases the integration of our solution with existing software.  ...  Acknowledgements We would like to thank Bart Coppens, Koen de Bosschere, and Atul Luykx for their valuable contributions. This work  ... 
doi:10.1145/3052973.3053044 dblp:conf/ccs/ClercqKMPSV17 fatcat:llwuepbbbzfihp3wbv3uq7gzjq

Generic Internal State Recovery on Strengthened HMAC: n-bit Secure HMAC Requires Key in All Blocks

2016 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
With such a modification, the attacker is unable to precompute the property of the compression function offline, and thus previous generic attacks are prevented.  ...  In this paper, we investigate the security of strengthened HMAC instantiated with a Merkle-Damgård hash function in which the key is used to process underlying compression functions.  ...  This framework is called a hybrid MAC [3] . A MAC only with the initialization, prefix MAC, and a MAC only with the finalization, suffix MAC, are known to have several weaknesses.  ... 
doi:10.1587/transfun.e99.a.22 fatcat:ynue5sfvi5hx3fje4fyqwzoure

Cryptanalysis of INCrypt32 in HID's iCLASS Systems

ChangKyun KIM, Eun-Gu JUNG, Dong Hoon LEE, Chang-Ho JUNG, Daewan HAN
2013 IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences  
Although INCrypt32 is a heart of the security of HID's iCLASS systems, its security has not been evaluated yet since the specification has not been open to public.  ...  If the length of messages is limited to predetermined values by the authentication protocol, the required number of MAC queries grows to 2 42 to recover the secret key.  ...  The iCLASS card is fundamentally a memory card with simple security mechanisms for access control. The memory is divided into data blocks which are grouped into application areas.  ... 
doi:10.1587/transfun.e96.a.35 fatcat:ipue2m6yavfabcis2fpttm5nk4

Efficient Implementation of ARX-Based Block Ciphers on 8-Bit AVR Microcontrollers

YoungBeom Kim, Hyeokdong Kwon, SangWoo An, Hwajeong Seo, and Seog Chung Seo
2020 Mathematics  
To secure the sensitive data with user's personal information, it is necessary to encrypt the transmitted data.  ...  With respect to CTR_DRBG, we identified several parts that do not need to be computed.  ...  Therefore, precomputation is not applicable as a whole.  ... 
doi:10.3390/math8101837 fatcat:vfgqkoqwzbarrhipbh6eaxegde

Dronecrypt - An Efficient Cryptographic Framework for Small Aerial Drones

Muslum Ozgur Ozmen, Attila A. Yavuz
2018 MILCOM 2018 - 2018 IEEE Military Communications Conference (MILCOM)  
It is critical to ensure the cyber security of networked aerial drone systems in these applications.  ...  drones with resource-limited processors.  ...  We would like to thank the anonymous reviewers for their insightful comments and suggestions. This work is supported by NSF CAREER Award CNS-1652389.  ... 
doi:10.1109/milcom.2018.8599784 dblp:conf/milcom/OzmenY18 fatcat:naoylei57fexnncsn5ofqbku54

An architecture for practical actively secure MPC with dishonest majority

Marcel Keller, Peter Scholl, Nigel P. Smart
2013 Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13  
We present a runtime environment for executing secure programs via a multi-party computation protocol in the preprocessing model.  ...  The runtime environment is general and allows arbitrary reactive computations to be performed.  ...  To avoid confusion with the long term memory we shall call this local memory a register file, referring to the values as shared or clear registers.  ... 
doi:10.1145/2508859.2516744 dblp:conf/ccs/KellerSS13 fatcat:r3dvfhkzfjcjdcemxftbwhc5jy
« Previous Showing results 1 — 15 out of 919 results