IET Information Security最新文献_第7页

A Survey of Secure Communications for Satellite Internet Based on Cryptography and Physical Layer Security 基于密码学和物理层安全的卫星互联网安全通信研究

4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-10-26 DOI: 10.1049/2023/5604802

Yu Zhang, Shuangrui Zhao, Ji He, Yuanyu Zhang, Yulong Shen, Xiaohong Jiang

Satellite internet serves as an indispensable component of the upcoming sixth-generation networks for providing global broadband internet access service. Due to the open nature of satellite-ground communication, security issue in satellite internet has always been an important concern for both industry and academia. Although many researchers focus on secure communications in satellite internet, the literature is surprisingly sparse, with no comprehensive overview of the state-of-the-art security techniques. This paper provides an in-depth survey of secure communications for various satellite internet scenarios. Based on different security mechanisms, we first categorize the existing works of secure communications in satellite internet into two categories: cryptography-based and physical layer security-based. The former includes classical encryption-based and quantum encryption-based secure communication, and the latter is further divided into precoding-based, cooperative jamming-based, relay selection-based, and physical-layer authentication-based secure communication depending on the applied techniques. Finally, we provide some future research directions.

卫星互联网是即将到来的第六代网络不可或缺的组成部分，提供全球宽带互联网接入服务。由于卫星与地面通信的开放性，卫星互联网的安全问题一直是业界和学术界关注的重要问题。尽管许多研究人员关注卫星互联网的安全通信，但令人惊讶的是，文献很少，没有对最先进的安全技术进行全面的概述。本文对各种卫星互联网场景下的安全通信进行了深入的研究。基于不同的安全机制，我们首先将现有的卫星互联网安全通信工作分为两类:基于加密的和基于物理层安全的。前者包括基于经典加密的安全通信和基于量子加密的安全通信，后者根据应用技术的不同又分为基于预编码的、基于协同干扰的、基于中继选择的和基于物理层认证的安全通信。最后，对今后的研究方向进行了展望。

{"title":"A Survey of Secure Communications for Satellite Internet Based on Cryptography and Physical Layer Security","authors":"Yu Zhang, Shuangrui Zhao, Ji He, Yuanyu Zhang, Yulong Shen, Xiaohong Jiang","doi":"10.1049/2023/5604802","DOIUrl":"https://doi.org/10.1049/2023/5604802","url":null,"abstract":"Satellite internet serves as an indispensable component of the upcoming sixth-generation networks for providing global broadband internet access service. Due to the open nature of satellite-ground communication, security issue in satellite internet has always been an important concern for both industry and academia. Although many researchers focus on secure communications in satellite internet, the literature is surprisingly sparse, with no comprehensive overview of the state-of-the-art security techniques. This paper provides an in-depth survey of secure communications for various satellite internet scenarios. Based on different security mechanisms, we first categorize the existing works of secure communications in satellite internet into two categories: cryptography-based and physical layer security-based. The former includes classical encryption-based and quantum encryption-based secure communication, and the latter is further divided into precoding-based, cooperative jamming-based, relay selection-based, and physical-layer authentication-based secure communication depending on the applied techniques. Finally, we provide some future research directions.","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"7 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134907874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Cross-Space Conduction Assessment Method of Network Attack Risk under the Strong Coupling Characteristics of Electric Power Cyber Physics 电力网络物理强耦合特性下网络攻击风险跨空间传导评估方法

4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-10-25 DOI: 10.1049/2023/9006166

Shenjian Qiu, Jiaxuan Fei, Jian Wang

With the deep integration and wide application of advanced digital sensing, Internet of Things technology, and energy technology in power systems. Power information systems and physical systems are gradually being coupled and developed into power cyber–physical systems (CPS). A number of blackouts in recent years have shown that cyberspace cyber attacks on CPS can lead to the intensification and rapid spread of faults in the physical space of the power grid, and even system collapse. Aiming at the difficulty of analyzing the evolution of cyber–physical cross-space impacts of cyber-attacks, this paper proposes a cross-domain propagation impact assessment method that considers cyber–physical coupling risks caused by attacks. First, according to the multiple coupling relationship between the power system information space and physical space, the monitoring function model and the control function model are established. Second, under the effect of high-concealment attack, analyze the impact of the risk caused by its failure after it is transmitted to the physical space with different propagation probabilities. Finally, the experimental verification was carried out using the IEEE RTS79 standard test system. The simulation results show that the proposed method can comprehensively consider the cyber–physical energy supply coupling relationship, the risk propagation probability, and the operating characteristics of the information system, and effectively quantify and evaluate the impact of information space network attacks on the physical space entity power grid. It further reveals the objective law that information space risks can evolve and spread across domains under the condition of strong coupling of information physics.

随着先进的数字传感、物联网技术和能源技术在电力系统中的深度融合和广泛应用。电力信息系统与物理系统正逐步耦合发展成为电力信息物理系统。近年来的多次停电事件表明，网络空间对CPS的网络攻击会导致电网物理空间故障的加剧和迅速蔓延，甚至导致系统崩溃。针对网络攻击的网络物理跨空间影响演化分析困难的问题，提出了一种考虑攻击引起的网络物理耦合风险的跨域传播影响评估方法。首先，根据电力系统信息空间与物理空间的多重耦合关系，建立了监测功能模型和控制功能模型;其次，在高隐蔽性攻击作用下，分析其失效风险以不同传播概率传播到物理空间后的影响。最后，利用IEEE RTS79标准测试系统进行了实验验证。仿真结果表明，该方法能够综合考虑信息空间网络攻击对物理空间实体电网的影响，综合考虑信息空间网络的能量供应耦合关系、风险传播概率和信息系统的运行特点，有效地量化和评估信息空间网络攻击对物理空间实体电网的影响。进一步揭示了信息物理强耦合条件下信息空间风险跨域演化和扩散的客观规律。

{"title":"Cross-Space Conduction Assessment Method of Network Attack Risk under the Strong Coupling Characteristics of Electric Power Cyber Physics","authors":"Shenjian Qiu, Jiaxuan Fei, Jian Wang","doi":"10.1049/2023/9006166","DOIUrl":"https://doi.org/10.1049/2023/9006166","url":null,"abstract":"With the deep integration and wide application of advanced digital sensing, Internet of Things technology, and energy technology in power systems. Power information systems and physical systems are gradually being coupled and developed into power cyber–physical systems (CPS). A number of blackouts in recent years have shown that cyberspace cyber attacks on CPS can lead to the intensification and rapid spread of faults in the physical space of the power grid, and even system collapse. Aiming at the difficulty of analyzing the evolution of cyber–physical cross-space impacts of cyber-attacks, this paper proposes a cross-domain propagation impact assessment method that considers cyber–physical coupling risks caused by attacks. First, according to the multiple coupling relationship between the power system information space and physical space, the monitoring function model and the control function model are established. Second, under the effect of high-concealment attack, analyze the impact of the risk caused by its failure after it is transmitted to the physical space with different propagation probabilities. Finally, the experimental verification was carried out using the IEEE RTS79 standard test system. The simulation results show that the proposed method can comprehensively consider the cyber–physical energy supply coupling relationship, the risk propagation probability, and the operating characteristics of the information system, and effectively quantify and evaluate the impact of information space network attacks on the physical space entity power grid. It further reveals the objective law that information space risks can evolve and spread across domains under the condition of strong coupling of information physics.","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"142 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135112439","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Hardness of Module-LWE with Semiuniform Seeds from Module-NTRU 模组- ntru半均匀种子模组- lwe硬度

4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-10-23 DOI: 10.1049/2023/2969432

Wenjuan Jia, Jiang Zhang, Baocang Wang

The module learning with errors (MLWE) problem has attracted significant attention and has been widely used in building a multitude of lattice-based cryptographic primitives. The hardness of the MLWE problem has been established for several variants, but most of the known results require the seed distribution (i.e., the distribution of matrix

A

) to be the uniform distribution. In this paper, we show that under the Module-N-th degree Truncated polynomial Ring Units (NTRU) (MNTRU) assumption, the search MLWE problem can still be hard for some distributions that are not (even computationally indistinguishable from) the uniform distribution. Specifically, we show that if the seed distribution is a semiuniform distribution (namely, the seed distribution can be publicly derived from and has a “small difference” to the uniform distribution), then for appropriate settings of parameters, the search MLWE problem is hard under the MNTRU assumption. Moreover, we also show that under the appropriate settings of parameters, the search learning with errors over rings problem with semiuniform seeds can still be hard under the NTRU assumption due to our results for the search MLWE problem with semiuniform seeds being rank-preserving.

带错误的模块学习(MLWE)问题引起了人们的广泛关注，并被广泛应用于构建大量基于格的密码原语。MLWE问题的硬度已经建立了几种变体，但大多数已知的结果要求种子分布(即矩阵A的分布)是均匀分布。在本文中，我们证明了在模n次截断多项式环单元(NTRU) (MNTRU)假设下，对于一些非均匀分布(甚至在计算上无法区分)的分布，搜索MLWE问题仍然是困难的。具体来说，我们证明了如果种子分布是半均匀分布(即种子分布可以公开地从均匀分布中导出，并且与均匀分布有“小差异”)，那么对于适当的参数设置，在MNTRU假设下搜索MLWE问题是困难的。此外，我们还表明，在适当的参数设置下，由于我们的半均匀种子搜索MLWE问题的结果是秩保持的，因此在NTRU假设下，具有半均匀种子的带误差环问题的搜索学习仍然是困难的。

{"title":"Hardness of Module-LWE with Semiuniform Seeds from Module-NTRU","authors":"Wenjuan Jia, Jiang Zhang, Baocang Wang","doi":"10.1049/2023/2969432","DOIUrl":"https://doi.org/10.1049/2023/2969432","url":null,"abstract":"The module learning with errors (MLWE) problem has attracted significant attention and has been widely used in building a multitude of lattice-based cryptographic primitives. The hardness of the MLWE problem has been established for several variants, but most of the known results require the seed distribution (i.e., the distribution of matrix <math xmlns=\"http://www.w3.org/1998/Math/MathML\" id=\"M1\"> <mi mathvariant=\"bold\">A</mi> </math> ) to be the uniform distribution. In this paper, we show that under the Module-N-th degree Truncated polynomial Ring Units (NTRU) (MNTRU) assumption, the search MLWE problem can still be hard for some distributions that are not (even computationally indistinguishable from) the uniform distribution. Specifically, we show that if the seed distribution is a semiuniform distribution (namely, the seed distribution can be publicly derived from and has a “small difference” to the uniform distribution), then for appropriate settings of parameters, the search MLWE problem is hard under the MNTRU assumption. Moreover, we also show that under the appropriate settings of parameters, the search learning with errors over rings problem with semiuniform seeds can still be hard under the NTRU assumption due to our results for the search MLWE problem with semiuniform seeds being rank-preserving.","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"22 9","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135412746","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Hardness of (Semiuniform) MLWE with Short Distributions Using the Rényi Divergence 用rsamnyi散度分析短分布(半均匀)MLWE的硬度

4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-10-23 DOI: 10.1049/2023/2104380

Wenjuan Jia, Baocang Wang

The module learning with errors (MLWE) problem has attracted considerable attention for its tradeoff between security and efficiency. The quantum/classical worst-case to average-case hardness for the MLWE problem (or more exactly, a family of problems) has been established, but most of the known results require the seed distribution to be the uniform distribution. In the present paper, we show that, using the noise flooding technique based on the Rényi divergence, the search MLWE problem with uniform

B

-bounded secret distribution for

1 \leq B ≪ q

can still be hard for some seed distributions that are not (even computationally indistinguishable from) the uniform distribution under the standard MLWE assumption. Specifically, we show that if the seed distribution is a semiuniform distribution (namely, the seed distribution can be publicly derived from and has a “small difference” to the uniform distribution), then for suitable parameter choices, the search MLWE problem with uniform bounded secret distribution is hard under the standard MLWE assumption. Moreover, we also show that under the appropriate setting of parameters, the search MLWE problem with uniform bounded noise distribution is at least as hard as the standard MLWE assumption using a different approach than the one used by Boudgoust et al. in [JoC 2023].

带误差模块学习(MLWE)问题因其在安全性和效率之间的权衡问题而备受关注。MLWE问题(或者更确切地说，一类问题)的量子/经典最坏情况到平均情况的硬度已经建立，但大多数已知结果要求种子分布是均匀分布。在本论文中，我们表明，使用基于r尼散度的噪声泛流技术，对于一些种子分布(甚至在计算上与标准MLWE假设下的均匀分布无法区分)来说，对于1≤B≪q的均匀B有界秘密分布的搜索MLWE问题仍然是困难的。具体来说，我们证明了如果种子分布是半均匀分布(即种子分布可以公开地从均匀分布中导出，并且与均匀分布有“小差异”)，那么对于合适的参数选择，在标准MLWE假设下，具有均匀有界秘密分布的搜索MLWE问题是困难的。此外，我们还表明，在适当的参数设置下，使用与Boudgoust等人在[JoC 2023]中使用的方法不同的方法，具有均匀有界噪声分布的搜索MLWE问题至少与标准MLWE假设一样困难。

{"title":"Hardness of (Semiuniform) MLWE with Short Distributions Using the Rényi Divergence","authors":"Wenjuan Jia, Baocang Wang","doi":"10.1049/2023/2104380","DOIUrl":"https://doi.org/10.1049/2023/2104380","url":null,"abstract":"The module learning with errors (MLWE) problem has attracted considerable attention for its tradeoff between security and efficiency. The quantum/classical worst-case to average-case hardness for the MLWE problem (or more exactly, a family of problems) has been established, but most of the known results require the seed distribution to be the uniform distribution. In the present paper, we show that, using the noise flooding technique based on the Rényi divergence, the search MLWE problem with uniform <math xmlns=\"http://www.w3.org/1998/Math/MathML\" id=\"M1\"> <mi>B</mi> </math> -bounded secret distribution for <math xmlns=\"http://www.w3.org/1998/Math/MathML\" id=\"M2\"> <mn>1</mn> <mo>≤</mo> <mi>B</mi> <mo>≪</mo> <mi>q</mi> </math> can still be hard for some seed distributions that are not (even computationally indistinguishable from) the uniform distribution under the standard MLWE assumption. Specifically, we show that if the seed distribution is a semiuniform distribution (namely, the seed distribution can be publicly derived from and has a “small difference” to the uniform distribution), then for suitable parameter choices, the search MLWE problem with uniform bounded secret distribution is hard under the standard MLWE assumption. Moreover, we also show that under the appropriate setting of parameters, the search MLWE problem with uniform bounded noise distribution is at least as hard as the standard MLWE assumption using a different approach than the one used by Boudgoust et al. in [JoC 2023].","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"23 6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135412888","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Defending against social engineering attacks: A security pattern-based analysis framework 抵御社会工程攻击：一个基于安全模式的分析框架

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-07-18 DOI: 10.1049/ise2.12125

Tong Li, Chuanyong Song, Qinyu Pang

Social engineering attacks are a growing threat to modern complex systems. Increasingly, attackers are exploiting people's "vulnerabilities" to carry out social engineering attacks for malicious purposes. Although such a severe threat has attracted the attention of academia and industry, it is challenging to propose a comprehensive and practical set of countermeasures to protect systems from social engineering attacks due to its interdisciplinary nature. Moreover, the existing social engineering defence research is highly dependent on manual analysis, which is time-consuming and labour-intensive and cannot solve practical problems efficiently and pragmatically. This paper proposes a systematic approach to generate countermeasures based on a typical social engineering attack process. Specifically, we systematically ‘attack’ each step of social engineering attacks to prevent, mitigate, or eliminate them, resulting in 62 countermeasures. We have designed a set of social engineering security patterns that encapsulate relevant security knowledge to provide practical assistance in the defence analysis of social engineering attacks. Finally, we present an automatic analysis framework for applying social engineering security patterns. We applied the case study method and performed semi-structured interviews with nine participants to evaluate our proposal, showing that our approach effectively defended against social engineering attacks.

社会工程攻击对现代复杂系统的威胁越来越大。攻击者越来越多地利用人们的“弱点”进行恶意的社会工程攻击。尽管如此严重的威胁已经引起了学术界和工业界的关注，但由于其跨学科性质，提出一套全面而实用的对策来保护系统免受社会工程攻击是具有挑战性的。此外，现有的社会工程防御研究高度依赖人工分析，耗时耗力，无法有效、务实地解决实际问题。本文基于一个典型的社会工程攻击过程，提出了一种生成对策的系统方法。具体来说，我们系统地“攻击”社会工程攻击的每一步，以预防、减轻或消除它们，从而产生62种对策。我们设计了一套社会工程安全模式，其中封装了相关的安全知识，为社会工程攻击的防御分析提供了实际帮助。最后，我们提出了一个应用社会工程安全模式的自动分析框架。我们应用了案例研究方法，并对九名参与者进行了半结构化访谈，以评估我们的提案，表明我们的方法有效地抵御了社会工程攻击。

{"title":"Defending against social engineering attacks: A security pattern-based analysis framework","authors":"Tong Li, Chuanyong Song, Qinyu Pang","doi":"10.1049/ise2.12125","DOIUrl":"https://doi.org/10.1049/ise2.12125","url":null,"abstract":"Social engineering attacks are a growing threat to modern complex systems. Increasingly, attackers are exploiting people's \"vulnerabilities\" to carry out social engineering attacks for malicious purposes. Although such a severe threat has attracted the attention of academia and industry, it is challenging to propose a comprehensive and practical set of countermeasures to protect systems from social engineering attacks due to its interdisciplinary nature. Moreover, the existing social engineering defence research is highly dependent on manual analysis, which is time-consuming and labour-intensive and cannot solve practical problems efficiently and pragmatically. This paper proposes a systematic approach to generate countermeasures based on a typical social engineering attack process. Specifically, we systematically ‘attack’ each step of social engineering attacks to prevent, mitigate, or eliminate them, resulting in 62 countermeasures. We have designed a set of social engineering security patterns that encapsulate relevant security knowledge to provide practical assistance in the defence analysis of social engineering attacks. Finally, we present an automatic analysis framework for applying social engineering security patterns. We applied the case study method and performed semi-structured interviews with nine participants to evaluate our proposal, showing that our approach effectively defended against social engineering attacks.","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"703-726"},"PeriodicalIF":1.4,"publicationDate":"2023-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12125","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50136879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Solving blockchain trilemma using off-chain storage protocol 使用链下存储协议解决区块链三重困境

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-07-18 DOI: 10.1049/ise2.12124

Saha Reno, Md. Mokammel Haque

Trilemma in blockchain refers to the infamous problem of simultaneously not delivering the three critical aspects of a ledger: security, scalability, and decentralisation. While security and scalability hinder decentralisation, security is jeopardised if the scalability is escalated. This deficiency of not maintaining a balance among these three crucial factors restricts the broader adoption of blockchain technology and cryptocurrencies in the industries. This paper proposes a solution to the blockchain trilemma by implementing a public ledger using The InterPlanetary File System (IPFS) and a newly introduced strategy called the double-chain technique. The scalability and decentralisation features are guaranteed by the distributed file system of IPFS and the public nature of the blockchain suggested in this study. Although any consensus can be plugged into our system, the proof-of-work consensus is utilised to ensure that the security is not compromised while stabilising scalability and decentralisation.

区块链中的三重困境指的是臭名昭著的问题，即不能同时提供账本的三个关键方面：安全性、可扩展性和去中心化。虽然安全性和可扩展性阻碍了去中心化，但如果可扩展性升级，安全性就会受到威胁。这三个关键因素之间没有保持平衡的不足限制了区块链技术和加密货币在行业中的广泛采用。本文提出了一种解决区块链三重困境的方法，即使用行星间文件系统（IPFS）和一种新引入的称为双链技术的策略来实现公共账本。IPFS的分布式文件系统和本研究中建议的区块链的公共性质保证了可扩展性和去中心化功能。尽管任何共识都可以插入我们的系统，但工作证明共识用于确保安全性不受影响，同时稳定可扩展性和去中心化。

引用次数: 0

An optimisation for a two-round good-case latency protocol 两轮良好情况下延迟协议的优化

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-07-13 DOI: 10.1049/ise2.12123

Kexin Hu, Zhenfeng Zhang, Kaiwen Guo, Weiyu Jiang, Xiaoman Li, Jiang Han

Byzantine broadcast is a fundamental primitive in distributed computing. A highly efficient Byzantine broadcast protocol, motivated by the real-world performance of practical state machine replication protocols, is increasingly needed. This article focuses on the state-of-the-art partially synchronous Byzantine broadcast protocol proposed by Abraham et al. (PODC’21), which achieves optimal good-case latency of two rounds and optimal resilience of n ≥ 5f − 1 in this setting. Each step of the protocol is analysed, and then improved by cutting down the number of messages required to be collected and transmitted in the heaviest step of the protocol by about half, without adding any extra cost. This benefits from a new property, named “spread”, that we identify and extract from the original protocol. It helps us to eliminate non-essential work in its view-change procedure. The authors also show that no further reduction is possible without violating security. A prototype is implemented and the performances of improved and original protocols are evaluated in the same environment. The results show that our improvement can achieve about 50% lower communication cost and 40% shorter latency at a scale of 100 replicas. The latency gap becomes wider as the scale further increases.

拜占庭广播是分布式计算中的一个基本元素。越来越需要一种高效的拜占庭广播协议，该协议的动机是实际状态机复制协议的真实性能。本文主要研究Abraham等人提出的最先进的部分同步拜占庭广播协议。（PODC'21），在该设置中实现了两轮的最佳良好情况延迟和n≥5f−1的最佳弹性。对协议的每个步骤进行分析，然后通过将协议最重步骤中需要收集和传输的消息数量减少约一半来改进，而不增加任何额外成本。这得益于我们从原始协议中识别和提取的一个名为“spread”的新属性。它有助于我们在其观点改变程序中消除非必要的工作。作者还表明，在不违反安全的情况下，不可能进一步减少。实现了一个原型，并在相同的环境下评估了改进协议和原始协议的性能。结果表明，在100个副本的规模下，我们的改进可以实现约50%的通信成本降低和40%的延迟缩短。随着规模的进一步增加，延迟差距变得更大。

{"title":"An optimisation for a two-round good-case latency protocol","authors":"Kexin Hu, Zhenfeng Zhang, Kaiwen Guo, Weiyu Jiang, Xiaoman Li, Jiang Han","doi":"10.1049/ise2.12123","DOIUrl":"https://doi.org/10.1049/ise2.12123","url":null,"abstract":"Byzantine broadcast is a fundamental primitive in distributed computing. A highly efficient Byzantine broadcast protocol, motivated by the real-world performance of practical state machine replication protocols, is increasingly needed. This article focuses on the state-of-the-art partially synchronous Byzantine broadcast protocol proposed by Abraham et al. (PODC’21), which achieves optimal good-case latency of two rounds and optimal resilience of n ≥ 5f − 1 in this setting. Each step of the protocol is analysed, and then improved by cutting down the number of messages required to be collected and transmitted in the heaviest step of the protocol by about half, without adding any extra cost. This benefits from a new property, named “spread”, that we identify and extract from the original protocol. It helps us to eliminate non-essential work in its view-change procedure. The authors also show that no further reduction is possible without violating security. A prototype is implemented and the performances of improved and original protocols are evaluated in the same environment. The results show that our improvement can achieve about 50% lower communication cost and 40% shorter latency at a scale of 100 replicas. The latency gap becomes wider as the scale further increases.","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"664-680"},"PeriodicalIF":1.4,"publicationDate":"2023-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12123","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50131632","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Search framework for neutral bits and boomerangs in SHA-1 collision attacks SHA-1碰撞攻击中中性比特和回旋镖的搜索框架

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-07-08 DOI: 10.1049/ise2.12122

Degang Li, Yang Yang, Guang Zeng

Neutral bits and boomerangs are key techniques for accelerating collision search in SHA-1 attacks. The current acceleration techniques for SHA-1 near-collision attacks are reviewed and a generic search framework for neutral bits and boomerangs is presented. The framework can efficiently construct auxiliary paths for a given differential path and message bit relations and find and store ideal boomerangs. The framework was applied to free-start attacks for 76-step SHA-1, and the complexity was reduced from $� � � �^{2 � 50.25 �} � � �$ to $� � � �^{2 � 47.9 �} � � �$ . Relaxing the boomerang's restrictions on message words, the authors propose an accelerating technique termed semi-boomerangs, combined with the search framework of boomerangs, which increases the speed of collision search by 3.48 times in a free-start attack for 80-step SHA-1 and the complexity for 80-step attack was reduced from $� � � �^{2 � 57.5 �} � � �$ to $� � � �^{2 � 55.7 �} � � �$ .

中性比特和回旋镖是SHA-1攻击中加速碰撞搜索的关键技术。综述了当前SHA-1近碰撞攻击的加速技术，并提出了一个通用的中性比特和回旋镖搜索框架。该框架可以有效地为给定的差分路径和消息位关系构造辅助路径，并找到和存储理想的回旋镖。该框架应用于76步SHA-1的自由启动攻击，复杂性从250.25${2}^{50.25}$降低到247.9$｛2｝^｛47.9｝$。放宽了回旋镖对信息词的限制，结合回旋镖的搜索框架，提出了一种称为半回旋镖的加速技术，在80步SHA-1的自由启动攻击中，碰撞搜索速度提高了3.48倍，80步攻击的复杂度从2 57.5${2}^{57.5}$降低到2 55.7$｛2｝^｛55.7｝$。

{"title":"Search framework for neutral bits and boomerangs in SHA-1 collision attacks","authors":"Degang Li, Yang Yang, Guang Zeng","doi":"10.1049/ise2.12122","DOIUrl":"https://doi.org/10.1049/ise2.12122","url":null,"abstract":"Neutral bits and boomerangs are key techniques for accelerating collision search in SHA-1 attacks. The current acceleration techniques for SHA-1 near-collision attacks are reviewed and a generic search framework for neutral bits and boomerangs is presented. The framework can efficiently construct auxiliary paths for a given differential path and message bit relations and find and store ideal boomerangs. The framework was applied to free-start attacks for 76-step SHA-1, and the complexity was reduced from <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mn>2</mn>\u0000 <mn>50.25</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${2}^{50.25}$</annotation>\u0000 </semantics></math> to <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mn>2</mn>\u0000 <mn>47.9</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${2}^{47.9}$</annotation>\u0000 </semantics></math>. Relaxing the boomerang's restrictions on message words, the authors propose an accelerating technique termed semi-boomerangs, combined with the search framework of boomerangs, which increases the speed of collision search by 3.48 times in a free-start attack for 80-step SHA-1 and the complexity for 80-step attack was reduced from <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mn>2</mn>\u0000 <mn>57.5</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${2}^{57.5}$</annotation>\u0000 </semantics></math> to <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mn>2</mn>\u0000 <mn>55.7</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${2}^{55.7}$</annotation>\u0000 </semantics></math>.","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"647-663"},"PeriodicalIF":1.4,"publicationDate":"2023-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12122","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50124897","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Exploiting statistical effective fault attack in a blind setting 在盲环境中利用统计有效故障攻击

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-06-23 DOI: 10.1049/ise2.12121

Navid Vafaei, Hadi Soleimany, Nasour Bagheri

In order to obtain the secret key, the majority of physical attacks require knowledge of the plaintext or ciphertext, which may be unavailable or cannot be exploited. Blind attacks are introduced to do key recovery in circumstances where the adversary has no direct access to plaintext and ciphertext. A combination of fault and power attacks can circumvent typical countermeasures in this setting, for example, Fault Template Attack (FTA). However, FTA relies on bit fault injection, which is difficult to implement in practice. The SIFA-blind, a framework for executing the Statistical Ineffective Fault Attack, is more flexible, but sensitivity to setup noise and missed faults is its main drawback. To address this deficiency, we suggest two ways to use Statistical Effective Fault Attack in a blind setting that are much less affected by missed faults and noise when measuring power traces, even though they do not use fault injection at the bit level. In order to demonstrate the viability and adaptability of our proposed attacks, we injected a fault via glitch frequency onto the ChipWhisperer board. While SEFA-blind does not need a bit-level fault, our results demonstrate that it is better than SIFA-blind when the number of missed faults increases.

为了获得密钥，大多数物理攻击都需要明文或密文的知识，而明文或密文可能不可用或无法利用。在对手无法直接访问明文和密文的情况下，引入盲攻击来进行密钥恢复。故障和电源攻击的组合可以规避此设置中的典型对策，例如故障模板攻击（FTA）。然而，FTA依赖于位故障注入，这在实践中很难实现。SIFA盲是一种用于执行统计无效故障攻击的框架，它更灵活，但对设置噪声和遗漏故障的敏感性是它的主要缺点。为了解决这一缺陷，我们提出了两种在盲设置中使用统计有效故障攻击的方法，即使它们不在位级别使用故障注入，但在测量功率迹线时，它们受遗漏故障和噪声的影响要小得多。为了证明我们提出的攻击的可行性和适应性，我们通过故障频率在ChipWhisperer板上注入了一个故障。虽然SEFA盲不需要位级故障，但我们的结果表明，当遗漏故障数量增加时，它比SIFA盲更好。

{"title":"Exploiting statistical effective fault attack in a blind setting","authors":"Navid Vafaei, Hadi Soleimany, Nasour Bagheri","doi":"10.1049/ise2.12121","DOIUrl":"https://doi.org/10.1049/ise2.12121","url":null,"abstract":"In order to obtain the secret key, the majority of physical attacks require knowledge of the plaintext or ciphertext, which may be unavailable or cannot be exploited. Blind attacks are introduced to do key recovery in circumstances where the adversary has no direct access to plaintext and ciphertext. A combination of fault and power attacks can circumvent typical countermeasures in this setting, for example, Fault Template Attack (FTA). However, FTA relies on bit fault injection, which is difficult to implement in practice. The SIFA-blind, a framework for executing the Statistical Ineffective Fault Attack, is more flexible, but sensitivity to setup noise and missed faults is its main drawback. To address this deficiency, we suggest two ways to use Statistical Effective Fault Attack in a blind setting that are much less affected by missed faults and noise when measuring power traces, even though they do not use fault injection at the bit level. In order to demonstrate the viability and adaptability of our proposed attacks, we injected a fault via glitch frequency onto the ChipWhisperer board. While SEFA-blind does not need a bit-level fault, our results demonstrate that it is better than SIFA-blind when the number of missed faults increases.","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"639-646"},"PeriodicalIF":1.4,"publicationDate":"2023-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12121","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50141900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Revisit two memoryless state-recovery cryptanalysis methods on A5/1 对A5/1上两种无记忆状态恢复密码分析方法的再认识

IF 1.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

IET Information Security

Pub Date : 2023-06-18 DOI: 10.1049/ise2.12120

Yanbin Xu, Yonglin Hao, Mingxing Wang

At ASIACRYPT 2019, Zhang proposed a near collision attack on A5/1 claiming to recover the 64-bit A5/1 state with a time complexity around 232 cipher ticks with negligible memory requirements. Soon after its proposal, Zhang's near collision attack was severely challenged by Derbez et al. who claimed that Zhang's attack cannot have a time complexity lower than Golic's memoryless guess-and-determine attack dating back to EUROCRYPT 1997. In this article, both the guess-and-determine and the near collision attacks for recovering A5/1 states with negligible memory complexities are studied. Firstly, a new guessing technique called the move guessing technique that can construct linear equation filters in a more efficient manner is proposed. Such a technique can be applied to both guess-and-determine and collision attacks for efficiency improvements. Secondly, the filtering strength of the linear equation systems is taken into account for complexity analysis. Such filtering strength are evaluated with practical experiments making the complexities more convincing. Based on such new techniques, the authors are able to give 2 new guess-and-determine attacks on A5/1: the 1st attack recovers the internal state <math> <semantics> <mrow> <msup> <mi>s</mi> <mn>0</mn> </msup> </mrow> <annotation> ${boldsymbol{s}}^{0}$</annotation> </semantics></math> with time complexity 243.92; the 2nd one recovers a different state <math> <semantics> <mrow> <msup> <mi>s</mi> <mn>1</mn> </msup> </mrow> <annotation> ${boldsymbol{s}}^{1}$</annotation> </semantics></math> with complexity 243.25. Golic's guess-and-determine attack and Zhang's near collision attacks are revisited. According to our detailed analysis, the complexity of Golic's <math> <semantics> <mrow> <msup> <mi>s</mi> <mn>1</mn> </msup> </mrow> <annotation> ${boldsymbol{s}}^{1}$</annotation> </semantics></math> recovery attack is no lower than 246.04, higher than the previously believed 243. On the other hand, Zhang's near collision attack recovers <math> <semantics> <mrow> <msup> <mi>s</mi> <mn>0</mn> </msup> </mrow> <annotation> ${boldsymbol{s}}^{0}$</annotation> </semantics></math> with the time complexity 253.19: such a complexity can be further lowered to

在ASIACRYPT 2019上，张提出了一种针对A5/1的近碰撞攻击，声称可以恢复64位A5/1状态，时间复杂度约为232个密码周期，对内存的要求可以忽略不计。在其提出后不久，张的近距离碰撞攻击受到了Derbez等人的严厉挑战。他声称张的攻击不可能具有比Golic的无记忆猜测和确定攻击低的时间复杂性，该攻击可以追溯到1997年欧洲杯。在本文中，研究了在可忽略内存复杂性的情况下恢复A5/1状态的猜测和确定以及近碰撞攻击。首先，提出了一种新的猜测技术，称为移动猜测技术，可以更有效地构造线性方程滤波器。这种技术可以应用于猜测和确定以及碰撞攻击，以提高效率。其次，在复杂性分析中考虑了线性方程组的滤波强度。通过实际实验对这种过滤强度进行了评估，使复杂性更具说服力。基于这些新技术，作者能够给出两个新的猜测并确定对A5/1的攻击：第一次攻击恢复内部状态s0$｛boldsymbol｛s｝｝^｛0｝$，时间复杂度为243.92；第二个恢复了不同的状态s1$｛boldsymbol｛s｝｝^｛1｝$，复杂度为243.25。戈利克的猜测定位球进攻和张的近距离冲撞进攻被重新审视。根据我们的详细分析，Golic的s1$恢复攻击的复杂性不低于246.04，高于之前认为的243。另一方面，张的近碰撞攻击恢复了s0$｛boldsymbol｛s｝｝^｛0｝$，时间复杂度为253.19：通过我们的猜测技巧，这种复杂度可以进一步降低到250.78。

{"title":"Revisit two memoryless state-recovery cryptanalysis methods on A5/1","authors":"Yanbin Xu, Yonglin Hao, Mingxing Wang","doi":"10.1049/ise2.12120","DOIUrl":"https://doi.org/10.1049/ise2.12120","url":null,"abstract":"At ASIACRYPT 2019, Zhang proposed a near collision attack on A5/1 claiming to recover the 64-bit A5/1 state with a time complexity around 232 cipher ticks with negligible memory requirements. Soon after its proposal, Zhang's near collision attack was severely challenged by Derbez et al. who claimed that Zhang's attack cannot have a time complexity lower than Golic's memoryless guess-and-determine attack dating back to EUROCRYPT 1997. In this article, both the guess-and-determine and the near collision attacks for recovering A5/1 states with negligible memory complexities are studied. Firstly, a new guessing technique called the move guessing technique that can construct linear equation filters in a more efficient manner is proposed. Such a technique can be applied to both guess-and-determine and collision attacks for efficiency improvements. Secondly, the filtering strength of the linear equation systems is taken into account for complexity analysis. Such filtering strength are evaluated with practical experiments making the complexities more convincing. Based on such new techniques, the authors are able to give 2 new guess-and-determine attacks on A5/1: the 1st attack recovers the internal state <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mi>s</mi>\u0000 <mn>0</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${boldsymbol{s}}^{0}$</annotation>\u0000 </semantics></math> with time complexity 243.92; the 2nd one recovers a different state <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mi>s</mi>\u0000 <mn>1</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${boldsymbol{s}}^{1}$</annotation>\u0000 </semantics></math> with complexity 243.25. Golic's guess-and-determine attack and Zhang's near collision attacks are revisited. According to our detailed analysis, the complexity of Golic's <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mi>s</mi>\u0000 <mn>1</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${boldsymbol{s}}^{1}$</annotation>\u0000 </semantics></math> recovery attack is no lower than 246.04, higher than the previously believed 243. On the other hand, Zhang's near collision attack recovers <math>\u0000 <semantics>\u0000 <mrow>\u0000 <msup>\u0000 <mi>s</mi>\u0000 <mn>0</mn>\u0000 </msup>\u0000 </mrow>\u0000 <annotation> ${boldsymbol{s}}^{0}$</annotation>\u0000 </semantics></math> with the time complexity 253.19: such a complexity can be further lowered to ","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 4","pages":"626-638"},"PeriodicalIF":1.4,"publicationDate":"2023-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12120","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50152087","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 2