Filtyp
HQC is an IND-CCA2 KEM running for standardization in NIST’s post-quantum cryptography project and has advanced to the second round. It is a code-based scheme in the class of public key encryptions, with given sets of parameters spanning NIST security strength 1, 3 and 5, corresponding to 128, 192 and 256 bits of classic security.In this paper we present an attack recovering the secret key of an H
NTRU is a lattice-based public-key cryptosystem that has been selected as one of the Round III finalists at the NIST Post-Quantum Cryptography Standardization. Compressing the key sizes to increase efficiency has been a long-standing open question for lattice-based cryptosystems. In this paper we provide a solution to three seemingly opposite demands for NTRU cryptosystem: compress the key size, i
Along with the rapid development of containerization technology, remarkable benefits have been created for developers and operation teams, and overall software infrastructure. Although lots of effort has been devoted to enhancing containerization security, containerized environments still have a huge attack surface. This paper proposes a secure cloud service for generating a Linux security module,
Along with the rapid development of cloud computing technology, containerization technology has drawn much attention from both industry and academia. In this paper, we perform a comparative measurement analysis of Docker-sec, which is a Linux Security Module proposed in 2018, and a new AppArmor profile generator called Lic-Sec, which combines Docker-sec with a modified version of LiCShield, which
Internet of Things or IoT deployments are becoming more and more common. The list of use-cases for IoT is getting longer and longer, but some examples are smart home appliances and wireless sensor networks. When IoT devices are deployed and used over an extended time, it is not guaranteed that one owner will control the IoT devices over their entire lifetime. If the ownership of an IoT system shal
Due to limitations of IoT networks including limited bandwidth, memory, battery, etc., secure multicast group communication has gained more attention, and to enable that a group key establishment scheme is required to share the secret key among the group members. The current group key establishment protocols were mostly designed for Wireless Sensor Network, and they require device interaction, hig
Internet of Things (IoT) firmware upgrade has turned out to be a challenging task with respect to security. While Over-The-Air (OTA) software upgrade possibility is an essential feature to achieve security, it is also most sensitive to attacks and lots of different firmware upgrade attacks have been presented in the literature. Several security solutions exist to tackle these problems. We observe
The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of m
Kubernetes (K8s) is one of the best options available to deploy applications in large-scale infrastructures. Security has been a big concern for all practitioners in the K8s eco-system. Almost all cloud vendors have their security solution for K8s cluster, pods, workloads, etc. In recent years, a large number of open-source tools and projects related to K8s security have emerged to meet the increa
The size of the authentication tag represents a significant overhead for applications that are limited by bandwidth or memory. Hence, some authenticated encryption designs have a smaller tag than the required privacy level, which was also suggested by the NIST lightweight cryptography standardization project. In the ToSC 2022, two papers have raised questions about the IND-CCA security of AEAD sch
The advancement of mobile technologies and their ability to utilize the Global Positioning System (GPS) to accurately locate their substantial number of users, prompt Location-Based Services (LBS) significantly. Ride-sharing is a popular means of transportation that utilizes LBS. With the rapid development of smart cities and their impact on addressing the critical issues of urban life such as tra
Liskov, Rivest and Wagner laid the theoretical foundations for tweakable block ciphers (TBC). In a seminal paper, they proposed two (up to) birthday-bound secure design strategies — LRW1 and LRW2 — to convert any block cipher into a TBC. Several of the follow-up works consider cascading of LRW-type TBCs to construct beyond-the-birthday bound (BBB) secure TBCs. Landecker et al. demonstrated that ju
Scheduling library for efficient scheduling of time intervals and merging of schedules.
Random wireless network scenario generator.
Advances in software virtualization and network processing lead to increasing network softwarization. Software network elements running on commodity platforms replace or complement hardware components in cloud and mobile network infrastructure. However, such commodity platforms have a large attack surface and often lack granular control and tight integration of the underlying hardware and software
Algorithms for secure encryption in a post-quantum world are currently receiving a lot of attention in the research community. One of the most promising such algorithms is the code-based scheme called QC-MDPC, which has excellent performance and a small public key size. In this work we present a very efficient key recovery attack on the QC-MDPC scheme using the fact that decryption uses an iterati
With the advancement of the next generation of cellular systems, flexible mechanisms for Discontinuous Reception (DRX) are needed in order to save energy. 5G will bring heterogeneous packet sizes and traffic types, as well as an increasing need for energy efficiency. The current static DRX mechanism is inadequate to meet these needs. In this paper we exploit channel prediction to develop integer p
