Katholieke Universiteit Leuven

Displaying 1-40 of 271 results

  • White Papers // May 2014

    Secure Interrupts on Low-End Microcontrollers

    Embedded devices are increasingly becoming interconnected, sometimes over the public Internet. This poses a major security concern, as these devices handle sensitive information (e.g., banking credentials and personal data) or they are critical for the safety of human lives (e.g., smoke detector and airbag system). Security protocols need to be...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2013

    Key-Recovery Attacks on Various RO PUF Constructions via Helper Data Manipulation

    Physically Unclonable Functions (PUFs) are security primitives that exploit the unique manufacturing variations of an Integrated Circuit (IC). They are mainly used to generate secret keys. Ring Oscillator (RO) PUFs are among the most widely researched PUFs. In this paper, the authors claim various RO PUF constructions to be vulnerable...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2013

    Attacking PUF-Based Pattern Matching Key Generators via Helper Data Manipulation

    Physically Unclonable Functions (PUFs) provide a unique signature for Integrated Circuits (ICs), similar to a fingerprint for humans. They are primarily used to generate secret keys, hereby exploiting the unique manufacturing variations of an IC. Unfortunately, PUF output bits are not perfectly reproducible and non-uniformly distributed. To obtain a high-quality...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2013

    Towards Finding Optimal Differential Characteristics for ARX: Application to Salsa20

    An increasing number of cryptographic primitives are built using the ARX operations: addition modulo 2n, bit rotation and XOR. Because of their very fast performance in software, ARX ciphers are becoming increasingly common. However, there is currently no rigorous understanding of the security of ARX ciphers against one of the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2013

    Indifferentiability of Double Length Compression Functions

    Double block length hashing covers the idea of constructing a compression function on 2n bits using an n-bit block cipher. In this paper, the authors present a comprehensive indifferentiability analysis of all relevant double length compression functions. Indifferentiability is a stronger security notion than collision and preimage resistance and ensures...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2013

    Fault Injection Modeling Attacks on 65nm Arbiter and RO Sum PUFs via Environmental Changes

    Physically Unclonable Functions (PUFs) are emerging as hardware security primitives. So-called strong PUFs provide a mechanism to authenticate chips which is inherently unique for every manufactured sample. To prevent cloning, modeling of the Challenge-Response Pair (CRP) behavior should be infeasible. Machine Learning (ML) algorithms are a well-known threat. Recently, repeatability...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2013

    Secure Compilation of Object-Oriented Components to Protected Module Architectures

    A fully abstract compilation scheme prevents the security features of the high-level language from being by-passed by an attacker operating at a particular lower level. This paper presents a fully abstract compilation scheme from a realistic object-oriented language with dynamic memory allocation, cross-package inheritance, exceptions and inner classes to un-typed...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    Security Considerations on Extending PACE to A Biometric-Based Connection Establishment

    The regulations of the European Union (EU) council in 2004 are the basis of the deployment of electronic passports within the EU. Since then EU member states adopt the format and the access protocols to further electronic machine readable travel documents (eMRTD) like national electronic ID cards and electronic residence...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    Improving the Security of Session Management in Web Applications

    Session management is a critical component of modern web applications, allowing a server to keep track of user-specific state, such as an authentication status. Unfortunately, many applications deploy session management over an insecure HTTP channel, making them vulnerable to eavesdropping, session hijacking or session fixation attacks. On the contrary, state-of-practice...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    IBIHOP: Proper Privacy Preserving Mutual RFID Authentication

    One of the concerns that come with the use of RFID tags is that these respond to any query. This can be overcome by having mutual authentication between reader and tag. However, the ordering between the two authentication steps is crucial. In this paper, the authors formalize mutual RFID authentication:...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    Comparing Dual-Core SMP/AMP Performance on a Telecom Architecture

    In the embedded world, symmetric multiprocessing architectures are currently most popular, however more embedded hardware platforms are being developed with asymmetric multiprocessor architectures. These may enable higher performance and provide cleaner separation of subsystems. Telecom applications are typically designed applying a planar architecture pattern. The goal of the authors' experiments...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Simulated Annealing Attack on Certain Fingerprint Authentication Systems

    In this paper, the authors describe a simple and generic attack against minutiae-based fingerprint authentication systems. The aim of the attack is to construct a fingerprint minutiae template, compliant to ISO/IEC standards, that matches a fixed but unknown target fingerprint. The authors' attack is expected to be most effective against...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    High Precision Discrete Gaussian Sampling on FPGAs

    Lattice-based public key cryptography often requires sampling from discrete Gaussian distributions. In this paper the authors present an efficient hardware implementation of a discrete Gaussian sampler with high precision and large tail-bound based on the Knuth-Yao algorithm. The Knuth-Yao algorithm is chosen since it requires a minimal number of random...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Two Attacks on a White-Box AES Implementation

    White-box cryptography aims to protect the secret key of a cipher in an environment in which an adversary has full access to the implementation of the cipher and its execution environment. In 2002, the researchers proposed a white-box implementation of AES. In 2004, they presented an efficient attack (referred to...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Revisiting the BGE Attack on A White-Box AES Implementation

    In 2002, the researcher introduced the concept of white-box cryptography by presenting a white-box implementation of AES. White-box cryptography aims to protect the confidentiality of the secret key of a cipher in a white-box environment. In a white-box environment, an adversary is assumed to have full access to the implementation...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Incremental Hyperproperty Model Checking via Games

    Hyper-properties were proposed as an abstract formalization of security policies, but unfortunately they lack a generic verification methodology. In an attempt to remedy this, the authors introduced the notion of Incremental Hyper-Properties (IHPs), motivated by the observation that they have a clearer and more feasible verification methodology. To show that...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Enhancing Transparency with Distributed Privacy-Preserving Logging

    Transparency of data processing is often a requirement for compliance to legislation and/or business requirements. Furthermore, it has recognized as a key privacy principle, for example in the European data protection directive. At the same time, transparency of the data processing should be limited to the users involved in order...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Towards a Secure Kerberos Key Exchange with Smart Cards

    Public key Kerberos (PKINIT) is a standard authentication and key establishment protocol. Unfortunately, it suffers from a security flaw when combined with smart cards. In particular, temporary access to a user's card enables an adversary to impersonate that user for an indefinite period of time, even after the adversary's access...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2013

    Sancus: Low-Cost Trustworthy Extensible Networked Devices with A Zero-Software Trusted Computing Base

    In this paper the authors propose Sancus, security architecture for networked embedded devices. Sancus supports extensibility in the form of remote (even third-party) software installation on devices while maintaining strong security guarantees. More specifically, Sancus can remotely attest to a software provider that a specific software module is running uncompromised,...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2013

    Attack on Liao and Hsiao's Secure ECC-Based RFID Authentication Scheme Integrated with ID-Verifier Transfer Protocol

    The authors proposed a private RFID authentication protocol based on elliptic curve cryptography. Their motivation to switch from symmetric key cryptography to public key cryptography is that this a prerequisite to achieve forward private RFID authentication efficiently at the server (i.e. constant size look-up). To minimize the hardware implementation area,...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2013

    VeriFast: Sound Symbolic Linking in the Presence of Preprocessing

    Formal verification enables developers to provide safety and security guarantees about their code. A modular verification approach supports the verification of different pieces of an application in separation. VeriFast is an annotation-based verifier for C source code that implements symbolic linking to support modular verification. This report describes the process...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2013

    Secure PRNG Seeding on Commercial Off-the-Shelf Microcontrollers

    The generation of high quality random numbers is crucial to many cryptographic applications, including cryptographic protocols, secret of keys, nonces or salts. Their values must contain enough randomness to be unpredictable to attackers. Pseudo-random number generators require initial data with high entropy as a seed to produce a large stream...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2013

    Extended Analysis of DES S-boxes

    For more than three decades, the Data Encryption Standard (DES) was one the most widely used cryptographic algorithms. It is still the dominating block cipher for banking applications. The DES was designed by IBM, verified by NSA and published by the national bureau of standards as a US Federal Information...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Side Channel Modeling Attacks on 65nm Arbiter PUFs Exploiting CMOS Device Noise

    Physically Unclonable Functions (PUFs) are emerging as hardware security primitives. For so-called strong PUFs, the number of Challenge-Response Pairs (CRPs) increases exponentially with the required chip area in the ideal case. They can provide a mechanism to authenticate chips which is inherently unique for every manufactured sample. Modeling of the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Energy Aware Software Evolution for Wireless Sensor Networks

    Wireless Sensor Networks (WSNs) are subject to high levels of dynamism arising from changing environmental conditions and application requirements. Reconfiguration allows software functionality to be optimized for current environmental conditions and supports software evolution to meet variable application requirements. Contemporary software modularization approaches for WSNs allow for software evolution at...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Privacy-Preserving Location-Sharing-Based Services

    Location-Sharing-Based Services (LSBS) are location-based services that allow users to exchange their location in a sporadic manner. Every day, millions of users exchange their location, for example with geo-social services like foursquare, to inform each other about their current location and activities. However, existing LSBS are privacy-invasive because users have...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Security of Countermeasures Against State-of-the-Art Differential Scan Attacks

    Test compression schemes have been claimed to provide a certain level of security against scan-based side-channel attacks. To mitigate these attacks, a number of scan attack countermeasures are proposed in the literature. Recently, a new Differential Scan Attack (DSA) is proposed which focuses on the S-box outputs rather than the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Mar 2013

    Automated Allocation and Configuration of Dual Stack IP Networks

    The manual configuration and management of a modern network infrastructure is an increasingly complex task. This complexity is caused by factors including heterogeneity, a high degree of change and dependencies between configuration parameters. Due to increasing complexity, manual configuration has become time consuming and error prone. This paper proposes an...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2013

    Building a Customizable Business-Process-as-a-Service Application with Current State-of-Practice

    Application-level multi-tenancy is an increasingly prominent architectural pattern in Software-as-a-Service (SaaS) applications that enables multiple tenants (customers) to share common application functionality and resources among each other. This has the disadvantage that multi-tenant applications are often limited in terms of customizability: one application should t the needs of all customers....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2013

    Solving Data-Sensitive Coordination Constraints

    In this paper the authors focused on complex coordination mechanisms based on constraint satisfaction. In particular, it focuses on data-sensitive connectors from the reo coordination language. These connectors restrict how and where data can flow between loosely-coupled components taking into account the data values being exchanged. Unfortunately, existing engines for...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Towards a Systematic Literature Review on Secure Software Design

    In recent years numerous researchers have proposed a wide variety of approaches to incorporate security concerns into software design. Unfortunately a Systematic Literature Review (SLR) providing a detailed overview of the state of the art and defining interesting research opportunities is lacking. This creates an extra barrier for (new) researchers...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Security and Reliability Properties of Syndrome Coding Techniques Used in PUF Key Generation

    A Physical Unclonable Function (PUF) uniquely identifies identically manufactured silicon devices. To derive keys, a stability algorithm is required. Unlike conventional error correction used in communication systems, a PUF stability algorithm has a dual mandate of accounting for environmental noise while minimally disclosing keying material; the latter, security, aspect is...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Privacy-Friendly Checking of Remote Token Blacklists

    Consulting a remote blacklist as part of verifying a token should not come at the cost of privacy. In particular, the blacklist provider should be unable to identify which tokens are being verified. The contents of the blacklist should also be protected; that is, it should not be possible to...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2013

    Secure Compilation of Object-Oriented Components to Untyped Machine Code

    A fully abstract compilation scheme prevents high-level code security features from being bypassed by an attacker operating at a lower level. This paper presents a fully abstract compilation scheme from a realistic object-oriented language with dynamic memory allocation to untyped machine code. Full abstraction of the compilation scheme relies on...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    Access Control in Multi-Party Wireless Sensor Networks

    Emerging real world WSNs seldom exist as single owner, single application, isolated networks, but instead comprise of sensor nodes owned by multiple parties. These sensors offer multiple services to users locally or across the Internet, and travel between multiple WSNs. How-ever, users should only have access to a limited subset...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    StIgMa: Status Information Management for Evolvable Wireless Sensor Networks

    The application of run-time evolvable software stacks promises an increase in the lifetime of wireless sensor network deployments. Besides supporting changing application requirements, said systems allow the underlying platforms to adapt to new environments by replacing system and communication services at runtime. These dynamics across various software layers however complicate...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2012

    Smarmy - A Language to Verify the Security of Software Architectures

    In this paper, the authors present smarmy, a formal modeling language intended to verify the security of software architectures. smarmy is created with the practicing software architect in mind. Its semantics are very close to how software architecture would be modeled in UML, while its syntax is similar to Java....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2012

    Towards an Automated Pattern Selection Procedure in Software Models

    Software patterns are widely adopted to manage the rapidly increasing complexity of software. Despite their popularity, applying software patterns in a software model remains a time-consuming and error-prone manual task. In this paper, the authors argue that the relational nature of both software models and software patterns can be exploited...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2012

    Optimal Collision Security in Double Block Length Hashing with Single Length Key

    The idea of double block length hashing is to construct a compression function on 2n bits using a block cipher with an n-bit block size. All optimally secure double block length hash functions known in the literature employ a cipher with a key space of double block size, 2n-bit. On...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2012

    Impossibility Results for Indifferentiability with Resets

    The in-differentiability framework of Maurer, Renner, and Holenstein (MRH) has gained immense popularity in recent years and has proved to be a powerful way to argue security of cryptosystems that enjoy proofs in the random oracle model. Recently, however, Ristenpart, Shacham, and Shrimpton (RSS) showed that the composition theorem of...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2012

    Secure Compilation to Modern Processors

    The authors present a secure (fully abstract) compilation scheme to compile an object-based high-level language to low-level machine code. Full abstraction is achieved by relying on a fine-grained program counter-based memory access protection scheme, which is part of their low-level target language. They discuss why standard compilers fail to provide...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2012

    A Security Analysis of Emerging Web Standards: HTML5 and Friends, from Specification to Implementation

    Over the past few years, a significant effort went into the development of a new generation of web standards, centered around the HTML5 specification. Given the importance of the web in their society, it is essential that these new standards are scrutinized for potential security problems. This paper reports on...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    Formal Analysis of Policies in Wireless Sensor Network Applications

    Since wireless sensor network applications are ever growing in scale and complexity, managers require strong formal guarantees that any changes done to the system can be enacted safely. This paper presents the formalization and analysis of the semantics of policies, tiny software artefacts used to orchestrate wireless sensor network applications....

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2012

    Resource Allocation for Cloud-Assisted Mobile Applications

    Mobile devices such as netbooks, smart phones, and tablets have made computing ubiquitous. However, such battery powered devices often have limited computing power for the benefit of an extended runtime. Nevertheless, despite the reduced processing power, users expect to perform the same types of operations as they could do using...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2012

    Serene: Self-Reliant Client-Side Protection Against Session Fixation

    The web is the most wide-spread and de facto distributed platform, with a plethora of valuable applications and services. Building stateful services on the web requires a session mechanism that keeps track of server-side session state, such as authentication data. These sessions are an attractive attacker target, since taking over...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    Secure Multi-Execution Through Static Program Transformation

    Secure Multi-Execution (SME) is a dynamic technique to ensure secure information flow. In a nutshell, SME enforces security by running one execution of the program per security level, and by reinterpreting input/output operations w.r.t. their associated security level. SME is sound, in the sense that the execution of a program...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2012

    On the Effectiveness of Virtualization-Based Security

    Protecting commodity operating systems and applications against malware and targeted attacks has proven to be difficult. In recent years, virtualization has received attention from security researchers who utilize it to harden existing systems and provide strong security guarantees. This has lead to interesting use cases such as cloud computing where...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2011

    Deploy, Adjust and Readjust: Supporting Dynamic Reconfiguration of Policy Enforcement

    For large distributed applications, security and performance are two requirements often difficult to satisfy together. Addressing them separately leads more often to fast systems with security holes, rather than secure systems with poor performance. For instance, caching data needed for security decisions can lead to security violations when the data...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Dec 2011

    Towards Incrementalization of Holistic Hyperproperties

    A hyperproperty is a set of sets of finite or infinite traces over some fixed alphabet and can be seen as a very generic system specification. In this paper, the authors define the notions of holistic and incremental hyperproperties. Systems specified holistically tend to be more intuitive but difficult to...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2011

    Automatic and Precise Client-Side Protection Against CSRF Attacks

    A common client-side countermeasure against Cross Site Request Forgery (CSRF) is to strip session and authentication information from malicious requests. The difficulty however is in determining when a request is malicious. Existing client-side countermeasures are typically too strict, thus breaking many existing websites that rely on authenticated cross-origin requests, such...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2011

    Code Pointer Masking: Hardening Applications Against Code Injection Attacks

    In this paper the authors present an efficient countermeasure against code injection attacks. Their countermeasure does not rely on secret values such as stack canaries and protects against attacks that are not addressed by state-of-the-art countermeasures of similar performance. By enforcing the correct semantics of code pointers, they thwart attacks...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2012

    Tuple Cryptanalysis of ARX with Application to BLAKE and Skein

    The authors introduce tuple cryptanalysis, a variant of structural cryptanalysis techniques as square, saturation, integral, internal collision, and multi-set cryptanalysis, the main difference being that tuple cryptanalysis considers ordered rather than unordered multi-sets. This allows cryptanalysts to better trace structural properties within a cipher's internal state. Unlike previous papers that...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2011

    Reactive Non-Interference for the Browser

    In this paper, the authors investigate the suitability of non-interference as a replacement for the baseline security policy of a browser, the same-origin-policy. They propose an enforcement mechanism that can enforce non-interference with respect to a broad class of security level posets for the full browser. They prove the security...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2010

    The Security Twin Peaks

    The feedback from architectural decisions to the elaboration of requirements is an established concept in the software engineering community. However, pinpointing the nature of this feedback in a precise way is a largely open problem. Often, the feedback is generically characterized as additional qualities that might be affected by an...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2011

    Engineering Privacy by Design

    The design and implementation of privacy requirements in systems is a difficult problem and requires the translation of complex social, legal and ethical concerns into systems requirements. The concept of \"Privacy by design\" has been proposed to serve as a guideline on how to address these concerns. \"Privacy by design\"...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jan 2011

    The Additive Differential Probability of ARX

    Many cryptographic primitives are built using the operations modular addition, bit rotation and XOR (ARX). The advantage of using these operations is that they are very fast when implemented in software. At the same time, they have desirable cryptographic properties. Modular addition provides non-linearity, bit rotation provides diffusion within a...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2010

    A Privacy-Preserving ID-Based Group Key Agreement Scheme Applied in VPAN

    In this paper the authors show that forward and backward secrecy do not hold for the protocol. They propose a correction that introduces a shielding factor that protects each member's input to the group key. They also introduce a new feature that assures the correctness of the key as computed...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2011

    Systematic Security Evaluation Method Against C Safe-Error Attacks

    In this paper the authors present a new systematic method to detect vulnerabilities against C safe-error attacks. Using the graph representation of a design which is available at an early stage of a design process, the presented method provides a systematic and an efficient detection. As a proof of concept,...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Mar 2011

    Tripartite Modular Multiplication

    In this paper, the authors present a new modular multiplication algorithm that allows one to implement modular multiplications efficiently. It proposes a systematic approach for maximizing a level of parallelism when performing a modular multiplication. The proposed algorithm effectively integrates three different existing algorithms, a classical modular multiplication based on...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Sep 2011

    A New RFID Privacy Model

    As Radio Frequency IDentification (RFID) systems are becoming more common (for example in access control, product tracking, e-ticketing and electronic passports), managing the associated privacy and security concerns becomes more important. This paper critically examines some recently proposed RFID privacy models. It shows that some models suffer from weaknesses such...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2011

    The Fault Attack Jungle - A Classification Model to Guide You

    For a secure hardware designer, the vast array of fault attacks and countermeasures looks like a jungle. This paper aims at providing a guide through this jungle and at helping a designer of secure embedded devices to protect a design in the most efficient way. The authors classify the existing...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2010

    Meet-in-the-Middle Attacks on Reduced-Round XTEA

    The block cipher XTEA, designed and published as a technical report in 1997. The cipher was a result of fixing some weaknesses in the cipher TEA (also designed by wheeler and needham), which was used in microsoft's Xbox gaming console. XTEA is a 64-round feistel cipher with a block size...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2011

    Differential and Linear Cryptanalysis Using Mixed-Integer Linear Programming

    Differential and linear cryptanalysis is two of the most powerful techniques to analyze symmetric-key primitives. For modern ciphers, resistance against these attacks is therefore a mandatory design criterion. In this paper, the authors propose a novel technique to prove security bounds against both differential and linear cryptanalysis. They use Mixed-Integer...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2010

    Threshold-Based Location-Aware Access Control

    Designing a secure, resilient and user-friendly access control system is a challenging task. In this paper, a threshold-based location-aware access control mechanism is proposed. In the authors' design, they uniquely combine the concepts of secret sharing and distance bounding protocols to tackle various security vulnerabilities. The proposed solution makes use...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2011

    The NIST SHA-3 Competition: A Perspective on the Final Year

    Cryptographic hash functions map input strings of arbitrary length to fixed length output strings. They are expected to satisfy several security properties that include pre-image resistance, second pre-image resistance, and collision resistance. The free availability of efficient software-oriented hash functions such as MD4, MD5 and SHA-1 has resulted in a...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2010

    Privacy, Liveliness and Fairness for Reputation

    In various internet applications, reputation systems are typical means to collect experiences users make with each other. The authors present a reputation system that balances the security and privacy requirements of all users involved. Their system provides privacy in the form of information theoretic relationship anonymity w.r.t. users and the...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2011

    User-Centric Identity Management Using Trusted Modules

    Many service providers want to control access to their services and offer personalized services. This implies that the service provider requests and stores personal attributes. However, many service providers are not sure about the correctness of attributes that are disclosed by the user during registration. Federated identity management systems aim...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Nov 2010

    Security of Web Mashups: A Survey

    Web mashups, a new web application development paradigm, combine content and services from multiple origins into a new service. Web mashups heavily depend on interaction between content from multiple origins and communication with different origins. Contradictory, mashup security relies on separation for protecting code and data. Traditional HTML techniques fail...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Oct 2011

    Machine Learning in Side-Channel Analysis

    Electronic devices may undergo attacks going beyond traditional cryptanalysis. Side-channel analysis is an alternative attack that exploits information leaking from physical implementations of e.g. cryptographic devices in order to discover cryptographic keys or other secrets. This paper comprehensively investigates the application of a machine learning technique in side-channel analysis. The...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Feb 2012

    UNAF: A Special Set of Additive Differences with Application to the Differential Analysis of ARX

    Due to their fast performance in software, an increasing number of cryptographic primitives are constructed using the operations addition modulo 2n, bit rotation and XOR (ARX). However, the resistance of ARX-based ciphers against differential cryptanalysis is not well understood. In this paper, the authors propose a new tool for evaluating...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2012

    Design Solutions for Securing SRAM Cell Against Power Analysis

    Side channel attacks exploit physical imperfections of hardware to circumvent security features achieved by mathematically secure protocols and algorithms. This is achieved by monitoring physical quantities, usually power consumption or electromagnetic radiation, which contain information about the secret data. As a countermeasure, several circuit styles have been proposed for designing...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2012

    Security Analysis and Comparison of the SHA-3 Finalists BLAKE, Grostl, JH, Keccak, and Skein

    Hash functions are a building block for numerous cryptographic applications. In 2007, the US NIST announced a call for the design of a new cryptographic hash algorithm in response to the vulnerabilities identified in widely employed hash functions, such as MD5 and SHA-1. NIST received many submissions, 51 of which...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2012

    Private Client-Side Profiling with Random Forests and Hidden Markov Models

    Now-a-days, service providers gather fine-grained data about users to deliver personalized services, for example, through the use of third-party cookies or social network profiles. This poses a threat both to privacy, since the amount of information obtained is excessive for the purpose of customization, and authenticity, because those methods employed...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2012

    Cryptanalysis of the Xiao - Lai White-Box AES Implementation

    A white-box environment is an environment in which an adversary has complete access to an implementation of a cryptographic algorithm and its execution environment. In a white-box environment, the adversary is much more powerful than in a traditional black-box environment in which the adversary has only access to the inputs...

    Provided By Katholieke Universiteit Leuven

  • White Papers // May 2012

    Hash Functions Based on Three Permutations: A Generic Security Analysis

    The traditional recipe for the design of a cryptographic hash function is to base it on one or more block ciphers. Since the late 70s, this methodology developed itself to become the dominating approach in the area of hash function design and plenty of hash functions have been constructed accordingly...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jun 2012

    PUFKY: A Fully Functional PUF-Based Cryptographic Key Generator

    The authors present PUFKY: a practical and modular design for a cryptographic key generator based on a Physically Unclonable Function (PUF). A fully functional reference implementation is developed and successfully evaluated on a substantial set of FPGA devices. It uses a highly optimized Ring Oscillator PUF (ROPUF) design, producing responses...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Enhancing Transparency with Distributed Privacy-Preserving Logging

    Transparency of data processing is often a requirement for compliance to legislation and/or business requirements. Furthermore, it has recognized as a key privacy principle, for example in the European data protection directive. At the same time, transparency of the data processing should be limited to the users involved in order...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Jul 2013

    Simulated Annealing Attack on Certain Fingerprint Authentication Systems

    In this paper, the authors describe a simple and generic attack against minutiae-based fingerprint authentication systems. The aim of the attack is to construct a fingerprint minutiae template, compliant to ISO/IEC standards, that matches a fixed but unknown target fingerprint. The authors' attack is expected to be most effective against...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Aug 2013

    Security Considerations on Extending PACE to A Biometric-Based Connection Establishment

    The regulations of the European Union (EU) council in 2004 are the basis of the deployment of electronic passports within the EU. Since then EU member states adopt the format and the access protocols to further electronic machine readable travel documents (eMRTD) like national electronic ID cards and electronic residence...

    Provided By Katholieke Universiteit Leuven

  • White Papers // Apr 2013

    Privacy-Preserving Location-Sharing-Based Services

    Location-Sharing-Based Services (LSBS) are location-based services that allow users to exchange their location in a sporadic manner. Every day, millions of users exchange their location, for example with geo-social services like foursquare, to inform each other about their current location and activities. However, existing LSBS are privacy-invasive because users have...

    Provided By Katholieke Universiteit Leuven