Universite Bordeaux 1

Displaying 1-40 of 88 results

  • White Papers // Sep 2014

    IGP-as-a-Backup for Robust SDN Networks

    One of the main concerns on SDN is relative to its ability to quickly react to network failures, while limiting both the control-plane overhead and the additional forwarding state kept by data-plane devices. Despite its practical importance, this concern is often overlooked in OpenFlow-based proposals. In this paper, the authors...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2014

    Computing Minimal Update Sequences for Graceful Router-wide Reconfigurations

    Manageability and high availability are critical properties for IP networks. Unfortunately, with link-state routing protocols commonly used in such networks, topological changes lead to transient forwarding loops inducing service disruption. This reduces the frequency at which operators can adapt their network. Prior works proved that it is possible to avoid...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2014

    On the Quality of BGP Route Collectors for iBGP Policy Inference

    A significant portion of what is known about Internet routing stems out from public BGP datasets. For this reason, numerous research efforts were devoted to assessing the (in) completeness of the datasets, identifying biases in the dataset, and augmenting data quality by optimally placing new collectors. However, those studies focused...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2014

    Opportunities and Research Challenges of Hybrid Software Defined Networks

    Software Defined Networking (SDN) promises to ease design, operation and management of communication networks. However, SDN comes with its own set of challenges, including incremental deployability, robustness, and scalability. Those challenges make a full SDN deployment difficult in the short-term and possibly inconvenient in the longer-term. In this paper, the...

    Provided By Universite Bordeaux 1

  • White Papers // Jan 2014

    Safe Routing Reconfigurations with Route Redistribution

    Simultaneously providing flexibility, evolvability and correctness of routing is one of the basic and still unsolved problems in networking. Route redistribution provides a tool, used in many enterprise networks, to either partition a network into multiple routing domains or merge previously independent networks. However, no general technique exists for changing...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2013

    How to Certify the Leakage of a Chip?

    Evaluating side-channel attacks and countermeasures requires determining the amount of information leaked by a target device. For this purpose, information extraction procedures published so far essentially combine a \"Leakage model\" with a \"Distinguisher\". Fair evaluations ideally require exploiting a perfect leakage model (i.e. exactly corresponding to the true leakage distribution)...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2013

    Block Ciphers that are Easier to Mask: How Far Can We Go?

    The design and analysis of lightweight block ciphers has been a very active research area over the last couple of years, with many innovative proposals trying to optimize different performance figures. However, since these block ciphers are dedicated to low-cost embedded devices, their implementation is also a typical target for...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2013

    Non-Malleability from Malleability: Simulation-Sound Quasi-Adaptive NIZK Proofs and CCA2-Secure Encryption from Homomorphic Signatures

    Verifiability is central to building protocols and systems with integrity. Initially, efficient methods employed the fiat-shamir heuristics. Since 2008, the groth-sahai techniques have been the most efficient in constructing non-interactive witness indistinguishable and zero-knowledge proofs for algebraic relations. For the important task of proving membership in linear subspaces, the researchers...

    Provided By Universite Bordeaux 1

  • White Papers // Sep 2013

    Redundant Border Routers for Mission-Critical 6LoWPAN Networks

    Sensor networks are gradually moving towards full-IPv6 architectures and play an important role in the upcoming Internet of things. Some mission-critical applications of sensor networks will require a level of reliability that excludes the presence of single points of failure, as it is often the case today for the gateways...

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2013

    Strong PUFs and their (Physical) Unpredictability - A Case Study with Power PUFs

    Physically unclonable functions are more and more important in the design of secure hardware, as they can ensure properties that conventional cryptography cannot. In this paper the authors clarify the relations between strong PUFs and their unpredictability. For this purpose they first introduce an alternative definition for physical unpredictability, where...

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2013

    Understanding the Limitations and Improving the Relevance of Spice Simulations in Side-Channel Security Evaluations

    Simulation is a very powerful tool for hardware designers. It generally allows the preliminary evaluation of a chip's performances before its final tape out. As security against side-channel attacks is an increasingly important issue for cryptographic devices, simulation also becomes a desirable option for preliminary evaluation in this case. However,...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2013

    Safe Updates of Hybrid SDN Networks

    Software Defined Networking (SDN) promises to bring unparalleled flexibility, fine-grained control, configuration simplification and no vendor lock-in. The introduction of SDN in an existing network, however, must be incremental in most cases, for both technical and economical reasons. During the transition, operators have to manage hybrid networks, where SDN and...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2013

    Leakage-Resilient Symmetric Cryptography Under Empirically Verifiable Assumptions

    Leakage-resilient cryptography aims at formally proving the security of cryptographic implementations against large classes of side-channel adversaries. One important challenge for such an approach to be relevant is to adequately connect the formal models used in the proofs with the practice of side-channel attacks. It raises the fundamental problem of...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2013

    Masking vs. Multiparty Computation: How Large is the Gap for AES?

    In this paper, the authors evaluate the performances of state-of-the-art higher-order masking schemes for the AES. Doing so, they pay a particular attention to the comparison between specialized solutions introduced exclusively as countermeasures against side-channel analysis, and a recent proposal exploiting Multi-Party Computation (MPC) techniques. They show that the additional...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2013

    Systematic Construction and Comprehensive Evaluation of Kolmogorov-Smirnov Test Based Side-Channel Distinguishers

    Generic side-channel distinguisher's aim at revealing the correct key embedded in cryptographic modules even when few assumptions can be made about their physical leakages. In this paper, Kolmogorov-Smirnov Analysis (KSA) and Partial Kolmogorov-Smirnov analysis (PKS) were proposed respectively. Although both KSA and PKS are based on the Kolmogorov-Smirnov (KS) test,...

    Provided By Universite Bordeaux 1

  • White Papers // Jan 2013

    Fresh Re-Keying: Security Against Side-Channel and Fault Attacks for Low-Cost Devices

    The market for RFID technology has grown rapidly over the past few years. Going along with the proliferation of RFID technology is an increasing demand for secure and privacy-preserving applications. In this context, RFID tags need to be protected against physical attacks such as Differential Power Analysis (DPA) and fault...

    Provided By Universite Bordeaux 1

  • White Papers // Jan 2013

    Harvesting the Potential of Nano-CMOS for Lightweight Cryptography: An Ultra-Low-Voltage 65nm AES Coprocessor for Passive RFID Tags

    An important challenge associated with the current massive deployment of RFID solutions is to provide security to passive tags while meeting their power budget. This can either be achieved by designing new lightweight ciphers, or by proposing advanced low-power implementations of standard ciphers. In this paper, the authors show that...

    Provided By Universite Bordeaux 1

  • White Papers // Dec 2012

    Discarding the Endpoints Makes the Cryptanalytic Time-Memory Trade-Offs Even Faster

    Cryptanalytic time-memory trade-offs were introduced by Hellman in 1980 in order to perform key-recovery attacks on cryptosystems. A major advance was presented at Crypto 2003 by Oechslin, with the rainbow table variant that outperforms Hellman's seminal work. This paper introduces the fingerprint tables, which drastically reduce the number of false...

    Provided By Universite Bordeaux 1

  • White Papers // Nov 2012

    Efficient Removal of Random Delays from Embedded Software Implementations Using Hidden Markov Models

    Inserting random delays in cryptographic implementations is often used as a countermeasure against side-channel attacks. Most previous papers on the topic focus on improving the statistical distribution of these delays. These solutions increase security against attacks that solve the lack of synchronization between different leakage traces by integrating them. In...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2012

    Improving Network Agility with Seamless BGP Reconfigurations

    The network infrastructure of Internet Service Providers (ISPs) undergoes constant evolution. Whenever new requirements arise (e.g., the deployment of a new Point of Presence, or a change in the business relationship with a neighboring ISP), operators need to change the configuration of the network. Due to the complexity of BGP...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2012

    Security Evaluations Beyond Computing Power How to Analyze Side-Channel Attacks You Cannot Mount?

    Concrete security evaluations are at the core of cryptographic research. Taking the example of symmetric cryptography, they are at the same time central in formal definitions of security (e.g. as introduced by Bellare et al.) and in the evaluation of attacks such as linear and differential cryptanalysis. Their goal is...

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2012

    Bounds on the Capacity of the Relay Channel with Noncausal State at the Source

    The authors consider a three-terminal state-dependent relay channel with the channel state available non-causally at only the source. Such a model may be of interest for node cooperation in the framework of cognition, i.e., collaborative signal transmission involving cognitive and non-cognitive radios. They study the capacity of this communication model....

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2012

    Group Signatures with Almost-for-Free Revocation

    Group signatures are a central cryptographic primitive where users can anonymously and accountably sign messages in the name of a group they belong to. Several efficient constructions with security proofs in the standard model (i.e., without the random oracle idealization) appeared in the recent years. However, like standard PKIs, group...

    Provided By Universite Bordeaux 1

  • White Papers // Jul 2012

    On Multiaccess Channel With Unidirectional Cooperation and Security Constraints

    The authors study a special case of Willems's two-user multi-access channel with partially cooperating encoders from a security perspective. This model differs from Willems's setup in the following aspects - only one encoder, Encoder 1, is allowed to conference, Encoder 2 does not transmit any message, and there is an...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2012

    Designing a Deployable Future Internet: the Locator/Identifier Separation Protocol (LISP) case

    The Internet has been created for interconnecting few hundred networks, but is now close to one billion hosts, grouped in 40,000 autonomous systems, using more than 400,000 prefixes. Such a situation raises scalability issues that have driven both academia and industry to review the current Internet architecture in the light...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2012

    Unified and Optimized Linear Collision Attacks and their Application in a Non-Profiled Setting

    Side-channel collision attacks are one of the most investigated techniques allowing the combination of mathematical and physical cryptanalysis. In this paper, the authors discuss their relevance in the security evaluation of leaking devices with two main contributions. On the one hand, they suggest that the exploitation of linear collisions in...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2012

    Towards Super-Exponential Side-Channel Security with Efficient Leakage-Resilient PRFs

    Leakage-resilient constructions have attracted significant attention over the last couple of years. In practice, pseudorandom functions are among the most important such primitives, because they are state-less and do not require a secure initialization as, e.g. stream ciphers. However, their deployment in actual applications is still limited by security and...

    Provided By Universite Bordeaux 1

  • White Papers // May 2012

    Multiaccess Channel with Partially Cooperating Encoders and Security Constraints

    The authors study a special case of Willems's two-user multi-access channel with partially cooperating encoders from a security perspective. This model differs from Willems's setup in that only one encoder, Encoder 1, is allowed to conference; Encoder 2 does not transmit any message, and there is an additional passive eavesdropper...

    Provided By Universite Bordeaux 1

  • White Papers // May 2012

    A Novel Class of Iterative Approximation Methods for DSL Spectrum Optimization

    Spectrum optimization is a promising means to tackle the crosstalk problem in DSL systems, and corresponds to a challenging non-convex optimization problem. Iterative Convex Approximation (ICA) methods have been proposed in the literature to deal with this optimization problem. These methods consist in solving a series of improving convex approximations...

    Provided By Universite Bordeaux 1

  • White Papers // May 2012

    Power Scheduling for Distributed Estimation in Cluster-Based Wireless Sensor Networks

    This paper deals with distributed estimation problem in hierarchical wireless sensor networks, where the network is divided into spatially disjoint groups called clusters. The sensors in each cluster observe a separate random source which is correlated with the sources being observed by other clusters. Each cluster has its designated Cluster...

    Provided By Universite Bordeaux 1

  • White Papers // Apr 2012

    Anonymous Broadcast Encryption: Adaptive Security and Efficient Constructions in the Standard Model

    In this paper the authors consider anonymity in the context of Broadcast Encryption (BE). This issue has received very little attention so far and all but one of the currently available BE schemes fail to provide anonymity. Yet, they argue that it is intrinsically desirable to provide anonymity in standard...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2012

    A Local Approach to Fast Failure Recovery of LISP Ingress Tunnel Routers

    LISP (Locator/ID Separation Protocol) has been proposed as a future Internet architecture in order to solve the scalability issues the current architecture is facing. LISP tunnels packets between border routers, which are the locators of the non-globally routable identifiers associated to end-hosts. In this context, the encapsulating routers, which are...

    Provided By Universite Bordeaux 1

  • White Papers // Dec 2011

    Dynamic Channel Modeling at 2.4 GHz for On-Body Area Networks

    In wireless body area networks, on-body radio propagation channels are typically time-varying, because of the frequent body movements. The dynamic local body scattering dominates the temporal and spatial properties of the on-body channels. The influence varies largely depending on the distribution of the channels and the modes of body movements....

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2011

    Fresh Re-Keying II: Securing Multiple Parties Against Side-Channel and Fault Attacks

    Security-aware embedded systems are widespread nowadays and many applications, such as payment, pay-TV and automotive applications rely on them. These devices are usually very resource constrained but at the same time likely to operate in a hostile environment. Thus, the implementation of low-cost protection mechanisms against physical attacks is vital...

    Provided By Universite Bordeaux 1

  • White Papers // Jul 2011

    Extractors Against Side-Channel Attacks: Weak or Strong?

    Randomness extractors are important tools in cryptography. Their goal is to compress a high-entropy source into a more uniform output. Beyond their theoretical interest, they have recently gained attention because of their use in the design and proof of leakage-resilient primitives, such as stream ciphers and pseudorandom functions. However, for...

    Provided By Universite Bordeaux 1

  • White Papers // Jul 2011

    Information Theoretic and Security Analysis of a 65-Nanometer DDSLL AES S-Box

    In this paper, the authors complement this work by analyzing an implementation of the AES s-box, in the DDSLL dual-rail logic style, using the same 65-nanometer technology. For this purpose, they first compare the performance results of the static CMOS and dual-rail s-boxes. They show that full custom design allows...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2011

    Homomorphic Network Coding Signatures in the Standard Model

    Network coding is known to provide improved resilience to packet loss and increased throughput. Unlike traditional routing techniques, it allows network nodes to perform transformations on packets they receive before transmitting them. For this reason, packets cannot be authenticated using ordinary digital signatures, which make it difficult to hedge against...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2011

    Experimenting Linear Cryptanalysis

    In this paper, the authors mainly focused on the experimental review of a number of important assumptions used in linear cryptanalysis and its extensions. It highlights the difficulty of predicting the statistical behavior of a block cipher as its number of rounds increases, both for adversaries trying to exploit key-dependent...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2011

    A Formal Foundation for the Security Features of Physical Functions

    Physical attacks against cryptographic devices typically take advantage of information leakage (e.g., side-channels attacks) or erroneous computations (e.g., fault injection attacks). Preventing or detecting these attacks has become a challenging task in modern cryptographic research. In this context intrinsic physical properties of integrated circuits, such as Physical(ly) Unclonable Functions (PUFs),...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2011

    FPGA Implementations of the AES Masked Against Power Analysis Attacks

    Power analysis attacks are a serious treat for implementations of modern cryptographic algorithms. Masking is a particularly appealing countermeasure against such attacks since it increases the security to a well quantifiable level and can be implemented without modifying the underlying technology. Its main drawback is the performance overhead it implies....

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2010

    Manuscript Preparation Guidelines for International Journal of Computer Science and Security

    In this paper, a new variant of cryptographic schemes based on error coding is studied. Random based techniques allow to design large families of chained codes. Therefore, in principle, such codes can substitute Goppa codes, originally used by McEliece. The McEliece cryptosystem is a public key cryptosystem based on coding...

    Provided By Universite Bordeaux 1

  • White Papers // May 2012

    Power Scheduling for Distributed Estimation in Cluster-Based Wireless Sensor Networks

    This paper deals with distributed estimation problem in hierarchical wireless sensor networks, where the network is divided into spatially disjoint groups called clusters. The sensors in each cluster observe a separate random source which is correlated with the sources being observed by other clusters. Each cluster has its designated Cluster...

    Provided By Universite Bordeaux 1

  • White Papers // Dec 2011

    Dynamic Channel Modeling at 2.4 GHz for On-Body Area Networks

    In wireless body area networks, on-body radio propagation channels are typically time-varying, because of the frequent body movements. The dynamic local body scattering dominates the temporal and spatial properties of the on-body channels. The influence varies largely depending on the distribution of the channels and the modes of body movements....

    Provided By Universite Bordeaux 1

  • White Papers // May 2012

    Multiaccess Channel with Partially Cooperating Encoders and Security Constraints

    The authors study a special case of Willems's two-user multi-access channel with partially cooperating encoders from a security perspective. This model differs from Willems's setup in that only one encoder, Encoder 1, is allowed to conference; Encoder 2 does not transmit any message, and there is an additional passive eavesdropper...

    Provided By Universite Bordeaux 1

  • White Papers // May 2012

    A Novel Class of Iterative Approximation Methods for DSL Spectrum Optimization

    Spectrum optimization is a promising means to tackle the crosstalk problem in DSL systems, and corresponds to a challenging non-convex optimization problem. Iterative Convex Approximation (ICA) methods have been proposed in the literature to deal with this optimization problem. These methods consist in solving a series of improving convex approximations...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2011

    Homomorphic Network Coding Signatures in the Standard Model

    Network coding is known to provide improved resilience to packet loss and increased throughput. Unlike traditional routing techniques, it allows network nodes to perform transformations on packets they receive before transmitting them. For this reason, packets cannot be authenticated using ordinary digital signatures, which make it difficult to hedge against...

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2012

    Group Signatures with Almost-for-Free Revocation

    Group signatures are a central cryptographic primitive where users can anonymously and accountably sign messages in the name of a group they belong to. Several efficient constructions with security proofs in the standard model (i.e., without the random oracle idealization) appeared in the recent years. However, like standard PKIs, group...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2012

    Security Evaluations Beyond Computing Power How to Analyze Side-Channel Attacks You Cannot Mount?

    Concrete security evaluations are at the core of cryptographic research. Taking the example of symmetric cryptography, they are at the same time central in formal definitions of security (e.g. as introduced by Bellare et al.) and in the evaluation of attacks such as linear and differential cryptanalysis. Their goal is...

    Provided By Universite Bordeaux 1

  • White Papers // Dec 2012

    Discarding the Endpoints Makes the Cryptanalytic Time-Memory Trade-Offs Even Faster

    Cryptanalytic time-memory trade-offs were introduced by Hellman in 1980 in order to perform key-recovery attacks on cryptosystems. A major advance was presented at Crypto 2003 by Oechslin, with the rainbow table variant that outperforms Hellman's seminal work. This paper introduces the fingerprint tables, which drastically reduce the number of false...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2010

    Bounds on the Capacity of the Relay Channel With Noncausal State Information at Source

    The authors consider a three-terminal state-dependent relay channel with the channel state available non-causally at only the source. Such a model may be of interest for node cooperation in the framework of cognition, i.e., collaborative signal transmission involving cognitive and non-cognitive radios. They study the capacity of this communication model....

    Provided By Universite Bordeaux 1

  • White Papers // May 2010

    On the Capacity of a Class of Relay Channels with Orthogonal Components and Noncausal State Information at Source

    The authors study the capacity of a class of state-controlled relay channels with orthogonal channels from the source to the relay and from the source and relay to the destination. The channel states are assumed to be known, non-causally, to only the source. This model is useful for relaying in...

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2012

    Bounds on the Capacity of the Relay Channel with Noncausal State at the Source

    The authors consider a three-terminal state-dependent relay channel with the channel state available non-causally at only the source. Such a model may be of interest for node cooperation in the framework of cognition, i.e., collaborative signal transmission involving cognitive and non-cognitive radios. They study the capacity of this communication model....

    Provided By Universite Bordeaux 1

  • White Papers // Jul 2012

    On Multiaccess Channel With Unidirectional Cooperation and Security Constraints

    The authors study a special case of Willems's two-user multi-access channel with partially cooperating encoders from a security perspective. This model differs from Willems's setup in the following aspects - only one encoder, Encoder 1, is allowed to conference, Encoder 2 does not transmit any message, and there is an...

    Provided By Universite Bordeaux 1

  • White Papers // May 2010

    Architecture for Cooperative Prefetching in P2P Video-on-Demand System

    Most P2P VoD schemes focused on service architectures and overlays optimization without considering segments rarity and the performance of prefetching strategies. As a result, they cannot better support VCR-oriented service in heterogeneous environment having clients using free VCR controls. Despite the remarkable popularity in VoD systems, there exists no prior...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2007

    Soft-Core FPGA Processor Based Platform for Embedded Systems Rapid Prototyping

    Rapid prototyping is highly needed capabilities in today embedded systems design in order to validate requirements, succeed the design and fulfill time-to market constraints. Efficient and flexible hardware/software platforms are the ultimate support to achieve this goal. In this scope soft-core FPGA processor based platforms constitute an interesting approach thanks...

    Provided By Universite Bordeaux 1

  • White Papers // Apr 2012

    Anonymous Broadcast Encryption: Adaptive Security and Efficient Constructions in the Standard Model

    In this paper the authors consider anonymity in the context of Broadcast Encryption (BE). This issue has received very little attention so far and all but one of the currently available BE schemes fail to provide anonymity. Yet, they argue that it is intrinsically desirable to provide anonymity in standard...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2007

    ASIC Implementations of the Block Cipher SEA for Constrained Applications

    SEA is a scalable encryption algorithm targeted for small embedded applications. It was initially designed for software implementations in controllers, smart cards or processors. In this paper, the authors investigate its hardware performances in a 0.13 m CMOS technology. For these purposes, different designs are detailed. A single clock cycle...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2008

    Introduction to Side-Channel Attacks

    Side-channel cryptanalysis is a new research area in applied cryptography that has gained more and more interest since the mid-nineties. It considers adversaries trying to take advantage of the physical specificities of actual cryptographic devices. These implementation specific attacks frequently turn out to be much more efficient than the best...

    Provided By Universite Bordeaux 1

  • White Papers // Jan 2007

    FPGA Implementations of eSTREAM Phase-2 Focus Candidates with Hardware Profile

    Efficient cryptographic implementations are a fundamental factor in the achievement and dissemination of new computerized applications. In some recent environments with (very) limited resources such as smart cards, sensor networks or RFID tags, standard algorithms may not be completely adapted. Consequently, the design of new solutions for low-cost cryptography is...

    Provided By Universite Bordeaux 1

  • White Papers // Apr 2009

    IMAPS: Imbricated Authentication Protocol Suite for Mobile Users and Groups

    The rapid advancement and the wide-spread use of the Internet and wireless communications in the authors' professional endeavors and personal lives are making ubiquitous authenticated connectivity for mobile users indispensable. Individuals and groups may roam within a network or across networks, either in infrastructure or ad hoc mode. In any...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2013

    Non-Malleability from Malleability: Simulation-Sound Quasi-Adaptive NIZK Proofs and CCA2-Secure Encryption from Homomorphic Signatures

    Verifiability is central to building protocols and systems with integrity. Initially, efficient methods employed the fiat-shamir heuristics. Since 2008, the groth-sahai techniques have been the most efficient in constructing non-interactive witness indistinguishable and zero-knowledge proofs for algebraic relations. For the important task of proving membership in linear subspaces, the researchers...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2013

    How to Certify the Leakage of a Chip?

    Evaluating side-channel attacks and countermeasures requires determining the amount of information leaked by a target device. For this purpose, information extraction procedures published so far essentially combine a \"Leakage model\" with a \"Distinguisher\". Fair evaluations ideally require exploiting a perfect leakage model (i.e. exactly corresponding to the true leakage distribution)...

    Provided By Universite Bordeaux 1

  • White Papers // Dec 2009

    Simulation Based Security in the Applied Pi Calculus

    The authors present a symbolic framework for refinement and composition of security protocols. The framework uses the notion of ideal functionalities. These are abstract systems which are secure by construction and which can be combined into larger systems. They can be separately refined in order to obtain concrete protocols implementing...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2009

    Mutual Information Analysis: How, When and Why?

    The Mutual Information Analysis (MIA) is a generic side-channel distinguisher that has been introduced at CHES 2008. This paper brings three contributions with respect to its applicability to practice. The authors emphasize that the MIA principle can be seen as a toolbox in which different (more or less effective) statistical...

    Provided By Universite Bordeaux 1

  • White Papers // Aug 2009

    Group Encryption: Non-Interactive Realization in the Standard Model

    Group Encryption (GE) schemes, introduced at Asiacrypt'07, are an encryption analogue of group signatures with a number of interesting applications. They allow a sender to encrypt a message (in the CCA2 security sense) for some member of a PKI group concealing that member's identity (in a CCA2 security sense, as...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2009

    Algebraic Side-Channel Attacks on the AES: -Why Time also Matters in DPA

    Algebraic side-channel attacks have been recently introduced as a powerful cryptanalysis technique against block ciphers. These attacks represent both a target algorithm and its physical information leakages as an over-defined system of equations that the adversary tries to solve. They were first applied to PRESENT because of its simple algebraic...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2013

    Systematic Construction and Comprehensive Evaluation of Kolmogorov-Smirnov Test Based Side-Channel Distinguishers

    Generic side-channel distinguisher's aim at revealing the correct key embedded in cryptographic modules even when few assumptions can be made about their physical leakages. In this paper, Kolmogorov-Smirnov Analysis (KSA) and Partial Kolmogorov-Smirnov analysis (PKS) were proposed respectively. Although both KSA and PKS are based on the Kolmogorov-Smirnov (KS) test,...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2010

    Functional Encryption for Inner Product: Achieving Constant-Size Ciphertexts with Adaptive Security or Support for Negation

    In Functional Encryption (FE) schemes, ciphertexts and private keys are associated with attributes and decryption is possible whenever key and ciphertext attributes are suitably related. It is known that expressive realizations can be obtained from a simple FE flavor called Inner Product Encryption (IPE), where decryption is allowed whenever ciphertext...

    Provided By Universite Bordeaux 1

  • White Papers // Dec 2010

    Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts

    Attribute-Based Encryption (ABE), as introduced by the researchers, allows for fine-grained access control on encrypted data. In its key-policy flavor, the primitive enables senders to encrypt messages under a set of attributes and private keys are associated with access structures that specify which ciphertexts the key holder will be allowed...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2014

    Computing Minimal Update Sequences for Graceful Router-wide Reconfigurations

    Manageability and high availability are critical properties for IP networks. Unfortunately, with link-state routing protocols commonly used in such networks, topological changes lead to transient forwarding loops inducing service disruption. This reduces the frequency at which operators can adapt their network. Prior works proved that it is possible to avoid...

    Provided By Universite Bordeaux 1

  • White Papers // Jan 2014

    Safe Routing Reconfigurations with Route Redistribution

    Simultaneously providing flexibility, evolvability and correctness of routing is one of the basic and still unsolved problems in networking. Route redistribution provides a tool, used in many enterprise networks, to either partition a network into multiple routing domains or merge previously independent networks. However, no general technique exists for changing...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2014

    Opportunities and Research Challenges of Hybrid Software Defined Networks

    Software Defined Networking (SDN) promises to ease design, operation and management of communication networks. However, SDN comes with its own set of challenges, including incremental deployability, robustness, and scalability. Those challenges make a full SDN deployment difficult in the short-term and possibly inconvenient in the longer-term. In this paper, the...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2013

    Safe Updates of Hybrid SDN Networks

    Software Defined Networking (SDN) promises to bring unparalleled flexibility, fine-grained control, configuration simplification and no vendor lock-in. The introduction of SDN in an existing network, however, must be incremental in most cases, for both technical and economical reasons. During the transition, operators have to manage hybrid networks, where SDN and...

    Provided By Universite Bordeaux 1

  • White Papers // Sep 2013

    Redundant Border Routers for Mission-Critical 6LoWPAN Networks

    Sensor networks are gradually moving towards full-IPv6 architectures and play an important role in the upcoming Internet of things. Some mission-critical applications of sensor networks will require a level of reliability that excludes the presence of single points of failure, as it is often the case today for the gateways...

    Provided By Universite Bordeaux 1

  • White Papers // Oct 2012

    Improving Network Agility with Seamless BGP Reconfigurations

    The network infrastructure of Internet Service Providers (ISPs) undergoes constant evolution. Whenever new requirements arise (e.g., the deployment of a new Point of Presence, or a change in the business relationship with a neighboring ISP), operators need to change the configuration of the network. Due to the complexity of BGP...

    Provided By Universite Bordeaux 1

  • White Papers // Jun 2012

    Designing a Deployable Future Internet: the Locator/Identifier Separation Protocol (LISP) case

    The Internet has been created for interconnecting few hundred networks, but is now close to one billion hosts, grouped in 40,000 autonomous systems, using more than 400,000 prefixes. Such a situation raises scalability issues that have driven both academia and industry to review the current Internet architecture in the light...

    Provided By Universite Bordeaux 1

  • White Papers // Feb 2012

    A Local Approach to Fast Failure Recovery of LISP Ingress Tunnel Routers

    LISP (Locator/ID Separation Protocol) has been proposed as a future Internet architecture in order to solve the scalability issues the current architecture is facing. LISP tunnels packets between border routers, which are the locators of the non-globally routable identifiers associated to end-hosts. In this context, the encapsulating routers, which are...

    Provided By Universite Bordeaux 1

  • White Papers // Sep 2014

    IGP-as-a-Backup for Robust SDN Networks

    One of the main concerns on SDN is relative to its ability to quickly react to network failures, while limiting both the control-plane overhead and the additional forwarding state kept by data-plane devices. Despite its practical importance, this concern is often overlooked in OpenFlow-based proposals. In this paper, the authors...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2014

    On the Quality of BGP Route Collectors for iBGP Policy Inference

    A significant portion of what is known about Internet routing stems out from public BGP datasets. For this reason, numerous research efforts were devoted to assessing the (in) completeness of the datasets, identifying biases in the dataset, and augmenting data quality by optimally placing new collectors. However, those studies focused...

    Provided By Universite Bordeaux 1

  • White Papers // Mar 2008

    User Interface Derivation from Business Processes: A Model-Driven Approach for Organizational Engineering

    In this paper, the authors define a model-driven approach for organizational engineering in which user interfaces of information systems are derived from business processes. This paper consists of four steps: business process modeling in the context of organizational engineering, task model derivation from the business process model, task refinement, and...

    Provided By Universite Bordeaux 1