IET Information Security最新文献

Penetration testing is a security exercise aimed at assessing the security of a system by simulating attacks against it. So far, penetration testing has been carried out mainly by trained human attackers and its success critically depended on the available expertise. Automating this practice constitutes a non-trivial problem because of the range and complexity of actions that a human expert may attempt. The authors focus their attention on simplified penetration testing problems expressed in the form of capture the flag hacking challenges, and analyse how model-free reinforcement learning algorithms may help solving them. In modelling these capture the flag competitions as reinforcement learning problems the authors highlight the specific challenges that characterize penetration testing. The authors show how this challenge may be eased by relying on different forms of prior knowledge that may be provided to the agent. Since complexity scales exponentially as soon as the set of states and actions for the reinforcement learning agent is extended, the need to restrict the exploration space by using techniques to inject a priori knowledge is highlighted, thus making it possible to achieve solutions more efficiently.

In this paper, the security of Advanced Encryption Standard-based authenticated encryption schemes, including AEGIS family, Tiaoxin-346, and Rocca by mixed integer linear programming tools is examined. Specifically, for the initialisation phase of AEGIS, Tiaoxin-346, and Rocca, the security against differential attacks and integral attacks is evaluated by estimating the lower bounds for the number of active S-boxes and utilising division property, respectively. In addition to the estimations of initialisation phases, the security of the encryption phases of AEGIS, Tiaoxin-346, and Rocca against distinguishing attacks on keystream is evaluated by exploiting integral properties. As a result, the authors show that the initialisation phases of AEGIS-128/128L/256, Tiaoxin-346, and Rocca are secure against differential attacks after 4/3/6, 5, and 6 rounds, respectively. Regarding integral attacks, the distinguisher is found on 6/6/7, 15, and 7 rounds in the initialisation phases of AEGIS-128/128L/256, Tiaoxin-346, and Rocca, respectively. Additionally, the integral distinguisher is presented on 2/2/4, 4, and 4 rounds in the encryption phases of AEGIS-128/128L/256, Tiaoxin-346, and Rocca, respectively. As far as it is known, this study’s results are the first distinguishing attacks on the keystream on AEGIS, Tiaoxin-346, and Rocca without relying on weak keys.

In 2018, Abbasinezhad-Mood and Nikooghadam (IEEE Transaction on Smart Grid, pp 6194–6205, 9(6), 2018) proposed an ultra-lightweight secure scheme for neighbourhood area network ($��N�A�N�$) communications in smart grid. They have claimed that their protocol is secure against all known attacks in $��N�A�N�$ environment by providing informal security analysis besides a formal analysis which was done by using an automatic verification tool. However, by performing several attacks, this study shows that their scheme has serious security flaws. After performing each attack, lightweight countermeasures is proposed for securing their protocol against that attack.

Phishing attacks have become one of the powerful sources for cyber criminals to impose various forms of security attacks in which fake website Uniform Resource Locators (URL) are circulated around the Internet community in the form of email, messages etc., in order to deceive users, resulting in the loss of their valuable assets. The phishing URLs are predicted using several blacklist-based traditional phishing website detection techniques. However, numerous phishing websites are frequently constructed and launched on the Internet over time; these blacklist-based traditional methods do not accurately predict most phishing websites. In order to effectively identify malicious URLs, an enhanced deep learning-based phishing detection approach has been proposed by integrating the strength of Variational Autoencoders (VAE) and deep neural networks (DNN). In the proposed framework, the inherent features of a raw URL are automatically extracted by the VAE model by reconstructing the original input URL to enhance phishing URL detection. For experimentation, around 1 lakh URLs were crawled from two publicly available datasets, namely ISCX-URL-2016 dataset and Kaggle dataset. The experimental results suggested that the proposed model has reached a maximum accuracy of 97.45% and exhibits a quicker response time of 1.9 s, which is better when compared to all the other experimented models.

In modern embedded systems, security issues including side-channel attacks (SCAs) are becoming of paramount importance since the embedded devices are ubiquitous in many categories of consumer electronics. Recently, deep learning (DL) has been introduced as a new promising approach for profiled and non-profiled SCAs. This paper proposes and evaluates the applications of different DL techniques including the Convolutional Neural Network and the multilayer perceptron models for non-profiled attacks on the AES-128 encryption implementation. Especially, the proposed network is fine-tuned with different number of hidden layers, labelling techniques and activation functions. Along with the designed models, a dataset reconstruction and labelling technique for the proposed model has also been performed for solving the high dimension data and imbalanced dataset problem. As a result, the DL based SCA with our reconstructed dataset for different targets of ASCAD, RISC-V microcontroller, and ChipWhisperer boards has achieved a higher performance of non-profiled attacks. Specifically, necessary investigations to evaluate the efficiency of the proposed techniques against different SCA countermeasures, such as masking and hiding, have been performed. In addition, the effect of the activation function on the proposed DL models was investigated. The experimental results have clarified that the exponential linear unit function is better than the rectified linear unit in fighting against noise generation-based hiding countermeasure.

Deoxys-BC is the internal tweakable block cipher of the authenticated encryption (AE) Deoxys family, in which Deoxys-II is the primary choice for the use case of ‘Defence in depth’ among the portfolio of CAESAR competition. Improvements of the related-tweakey rectangle attacks on round-reduced Deoxys-BC using the known distinguishers is focussed in this study. Under the new related-key rectangle attack framework proposed by Dong et al. in EUROCRYPT 2022, we present three kinds of precomputed tables to further reduce the time complexity in the key-recovery phase. In the related-tweakey rectangle attack, the invalid quartets are filtered or the subtweakey candidates are obtained by lookup the precomputed tables without more computation. Based on the precomputed table technique, we improved the related-tweakey rectangle attacks on 11-round Deoxys-BC-256, 13-round and 14-round Deoxys-BC-384. Furthermore, we reduce the time complexity of the 13-round related-tweakey rectangle attack on Deoxys AE scheme Deoxys-I-256-128 by a factor of 2²⁴ compared with the best previous attack.

In this paper, improved preimage attacks are presented on 3-round Keccak-256 and Keccak-512 and 4-round Keccak-256 based on algebraic methods. The authors propose some new properties about the components of Keccak permutation, reconsider the existing preimage attacks, and further refine the linearisation processes of quadratic bits to lower the complexities. For 3-round Keccak-256 and Keccak-512, priority is given to values with higher probability for quadratic bits, such that the guessing complexities decrease from slightly more than 2⁶⁵ and 2⁴⁴⁰ to 2^64.79 and 2⁴²⁴, respectively. For preimage attack on 4-round Keccak-256, some strategies of saving degrees of freedom are applied to solve Boolean multivariate quadratic systems and reduce the guessing complexity from 2¹⁹⁶ to 2¹⁸⁸.

The current widely used public-key cryptosystems are vulnerable to quantum attacks. To prepare for cybersecurity in the quantum era, some projects have been launched to call for post-quantum alternatives. Due to solid security and desirable performance, lattice-based cryptosystems are viewed as promising candidates in the upcoming standardisation of post-quantum cryptography. This study surveys the lattice-based cryptosystems in the post-quantum standardisation processes including the NIST Post-Quantum Cryptography Standardisation and the Chinese Cryptographic Algorithm Design Competition, from both design and security aspects. We present generic design paradigms of lattice-based schemes and describe several representative proposals and recent progress. We also recap some main cryptanalytic results and methods for estimating the concrete security of lattice-based schemes.