IET Information Security最新文献

{"title":"Guest Editorial: Guest Editorial on Cryptanalysis of (NIST PQC) post-quantum proposals","authors":"Ayoub Otmani, Christophe Petit, Mehdi Tibouchi","doi":"10.1049/ise2.12105","DOIUrl":"https://doi.org/10.1049/ise2.12105","url":null,"abstract":"<p>Public-key cryptography is now ubiquitous in our lives, protecting everyday interactions ranging from mobile and wireless communications to banking transactions, over-the-air software updates, electronic voting or digital car keys. However, almost the entirety of currently deployed public-key cryptography implementations rely on the hardness of integer factorisation or computing discrete logarithms, and both problems are known to be easy to solve using large-scale quantum computers. Whether such large-scale computers are years away, decades away or more remains to be seen, but since they would break the security of so many critical systems essentially overnight, preparing the transition from classical cryptography to so-called <i>post-quantum</i> primitives, which are believed to be secure even against quantum computers, is seen as necessary and urgent—particularly as updating existing systems is likely to be a lengthy process, and some systems rely on the security of cryptographic keys over long periods of time.</p><p>In view of these challenges, starting in 2016, US standards institute NIST has been running a standardisation effort in order to come up with post-quantum encryption and signature schemes ready for deployment. The first four selected primitives have been announced in July 2022, with other schemes undergoing further analysis. Concurrently, other countries, such as the Republic of Korea, have launched similar standardisation processes.</p><p>One of the difficulties involved in running such standardisation processes and selecting primitives is security estimation: in order to set parameters for candidate schemes and to make apple-to-apple comparisons between them, consistent security levels need to be defined, and evidence that the schemes achieve those levels needs to be provided. This is typically done by estimating the cost of the best attacks (both classical and quantum) against the proposed constructions. <i>Cryptanalysis</i> is thus an essential tool for design and standardisation. Not only does it allow to provide and progressively refine security estimates, it also sometimes eliminates entire schemes, plain and simple, by uncovering serious security flaws. Both applications of cryptanalysis have been extensively represented in the NIST standardisation process in particular.</p><p>Since some post-quantum proposals rely on relatively new assumptions that have only received much scrutiny as part of the standardisation processes, their cryptanalysis is a fast-changing landscape. Very recent, dramatic developments include W. Beullens' cryptanalysis of the Rainbow multivariate signature, and W. Castryk and T. Decru's cryptanalysis of the SIKE isogeny-based KEM (along with several follow-ups). Both Rainbow and SIKE were serious contenders for eventual standardisation. Those surprising results, which appeared too late to be captured in this special issue, are thus further testimonies to the utmost importance of cryptanalytic work a","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 2","pages":"159-160"},"PeriodicalIF":1.4,"publicationDate":"2023-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12105","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50156078","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Modelling penetration testing with reinforcement learning using capture-the-flag challenges: Trade-offs between model-free learning and a priori knowledge","authors":"Fabio Massimo Zennaro,&nbsp;László Erdődi","doi":"10.1049/ise2.12107","DOIUrl":"https://doi.org/10.1049/ise2.12107","url":null,"abstract":"<p>Penetration testing is a security exercise aimed at assessing the security of a system by simulating attacks against it. So far, penetration testing has been carried out mainly by trained human attackers and its success critically depended on the available expertise. Automating this practice constitutes a non-trivial problem because of the range and complexity of actions that a human expert may attempt. The authors focus their attention on simplified penetration testing problems expressed in the form of capture the flag hacking challenges, and analyse how model-free reinforcement learning algorithms may help solving them. In modelling these capture the flag competitions as reinforcement learning problems the authors highlight the specific challenges that characterize penetration testing. The authors show how this challenge may be eased by relying on different forms of prior knowledge that may be provided to the agent. Since complexity scales exponentially as soon as the set of states and actions for the reinforcement learning agent is extended, the need to restrict the exploration space by using techniques to inject a priori knowledge is highlighted, thus making it possible to achieve solutions more efficiently.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 3","pages":"441-457"},"PeriodicalIF":1.4,"publicationDate":"2023-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12107","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50154901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MILP-based security evaluation for AEGIS/Tiaoxin-346/Rocca","authors":"Takuro Shiraya,&nbsp;Nobuyuki Takeuchi,&nbsp;Kosei Sakamoto,&nbsp;Takanori Isobe","doi":"10.1049/ise2.12109","DOIUrl":"https://doi.org/10.1049/ise2.12109","url":null,"abstract":"<p>In this paper, the security of Advanced Encryption Standard-based authenticated encryption schemes, including AEGIS family, Tiaoxin-346, and Rocca by mixed integer linear programming tools is examined. Specifically, for the initialisation phase of AEGIS, Tiaoxin-346, and Rocca, the security against differential attacks and integral attacks is evaluated by estimating the lower bounds for the number of active S-boxes and utilising division property, respectively. In addition to the estimations of initialisation phases, the security of the encryption phases of AEGIS, Tiaoxin-346, and Rocca against distinguishing attacks on keystream is evaluated by exploiting integral properties. As a result, the authors show that the initialisation phases of AEGIS-128/128L/256, Tiaoxin-346, and Rocca are secure against differential attacks after 4/3/6, 5, and 6 rounds, respectively. Regarding integral attacks, the distinguisher is found on 6/6/7, 15, and 7 rounds in the initialisation phases of AEGIS-128/128L/256, Tiaoxin-346, and Rocca, respectively. Additionally, the integral distinguisher is presented on 2/2/4, 4, and 4 rounds in the encryption phases of AEGIS-128/128L/256, Tiaoxin-346, and Rocca, respectively. As far as it is known, this study’s results are the first distinguishing attacks on the keystream on AEGIS, Tiaoxin-346, and Rocca without relying on weak keys.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 3","pages":"458-467"},"PeriodicalIF":1.4,"publicationDate":"2023-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12109","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50154900","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On the security of ‘an ultra-lightweight and secure scheme for communications of smart metres and neighbourhood gateways by utilisation of an ARM Cortex-M microcontroller’","authors":"Sonia Miri,&nbsp;Masoud Kaveh,&nbsp;Hadi Shahriar Shahhoseini,&nbsp;Mohammad Reza Mosavi,&nbsp;Saeed Aghapour","doi":"10.1049/ise2.12108","DOIUrl":"https://doi.org/10.1049/ise2.12108","url":null,"abstract":"<p>In 2018, Abbasinezhad-Mood and Nikooghadam (IEEE Transaction on Smart Grid, pp 6194–6205, 9(6), 2018) proposed an ultra-lightweight secure scheme for neighbourhood area network (<math>\u0000 <semantics>\u0000 <mrow>\u0000 <mi>N</mi>\u0000 <mi>A</mi>\u0000 <mi>N</mi>\u0000 </mrow>\u0000 <annotation> $boldsymbol{N}boldsymbol{A}boldsymbol{N}$</annotation>\u0000 </semantics></math>) communications in smart grid. They have claimed that their protocol is secure against all known attacks in <math>\u0000 <semantics>\u0000 <mrow>\u0000 <mi>N</mi>\u0000 <mi>A</mi>\u0000 <mi>N</mi>\u0000 </mrow>\u0000 <annotation> $boldsymbol{N}boldsymbol{A}boldsymbol{N}$</annotation>\u0000 </semantics></math> environment by providing informal security analysis besides a formal analysis which was done by using an automatic verification tool. However, by performing several attacks, this study shows that their scheme has serious security flaws. After performing each attack, lightweight countermeasures is proposed for securing their protocol against that attack.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 3","pages":"544-551"},"PeriodicalIF":1.4,"publicationDate":"2023-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12108","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50131207","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Guest Editorial: Selected papers from the 24th International Conference on Information Security and Cryptology (ICISC 2021)","authors":"Jong Hwan Park","doi":"10.1049/ise2.12096","DOIUrl":"https://doi.org/10.1049/ise2.12096","url":null,"abstract":"&lt;p&gt;This is our first IET Information Security special issue from the Internation Conference on Information Security and Cryptology, which was held from December 1 to December 3, Seoul, South Korea, 2021. The aim of ICISC 2021 was to provide an international forum for the latest results of research, development, and applications within the field of information security and cryptography. In ICISC 2021, we received 63 submissions and were able to accept 23 papers for the presentation at the conference. Among accepted and presented papers at ICISC 2021, we selected six papers with high review scores and recommended them for publication in the special issue of IET information Security (via at least 30% extension). It is worth noting that the review and the selection process were successfully conducted by programme committee (PC) members, including reviewers dispatched from IET Information Security, and each paper underwent a blind review by at least three PC members.&lt;/p&gt;&lt;p&gt;The special issue contains six papers on topic areas, including lattice-based protocol constructions (Topic A), lattice-based analysis algorithms (Topic B), efficient quantum circuit constructions (Topic C), and analysis on symmetric-key primitives (Topic D).&lt;/p&gt;&lt;p&gt;Paper 1 by P. Ren, X. Gu, and Z. Wang investigates how to construct a quantum-safe password-authenticated key exchange (PAKE) as a cryptographic primitive that can establish secure remote communications between a client and a server. They suggest a new PAKE protocol based on module lattices with a rigorous security proof in the random oracle model. Taking the flexibility of the module learning with errors problem, they elaborately select 3 parameter sets to meet different application scenarios. Specifically, they show that their recommended PAKE implementation achieves 177-bit post-quantum security with a generous margin to cope with later improvement in the cryptanalysis. Their performance results indicate that the MLWE-PAKE is quite practical: compared with the latest Yang-PAKE, their PAKE reduces the communication cost and the running time by 36.8% and 13.8%, respectively.&lt;/p&gt;&lt;p&gt;Paper 2 by V. Farzaliyev, J. Willemson, and J. K. Kaasik investigates Mix-networks as a general tool for building anonymous communication systems. They focus on the application case of post-quantum electronic voting where the number of votes to be mixed may reach hundreds of thousands or even millions. They propose an improved architecture for lattice-based post-quantum mix-nets featuring more efficient zero-knowledge proofs while maintaining established security assumptions. Their implementation scales up to 100,000 votes, still leaving a lot of room for future optimisation.&lt;/p&gt;&lt;p&gt;Paper 3 by K. Yamamura, Y. Wang, and E. Fujisaki investigates an enumeration algorithm that is used as a subroutine for the BKZ algorithm, which is one of the most practical reduction algorithms. It is a critical issue to reduce the computational complexity of the en","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 1","pages":"1-2"},"PeriodicalIF":1.4,"publicationDate":"2023-01-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12096","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50150345","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An enhanced deep learning-based phishing detection mechanism to effectively identify malicious URLs using variational autoencoders","authors":"Manoj Kumar Prabakaran,&nbsp;Parvathy Meenakshi Sundaram,&nbsp;Abinaya Devi Chandrasekar","doi":"10.1049/ise2.12106","DOIUrl":"https://doi.org/10.1049/ise2.12106","url":null,"abstract":"<p>Phishing attacks have become one of the powerful sources for cyber criminals to impose various forms of security attacks in which fake website Uniform Resource Locators (URL) are circulated around the Internet community in the form of email, messages etc., in order to deceive users, resulting in the loss of their valuable assets. The phishing URLs are predicted using several blacklist-based traditional phishing website detection techniques. However, numerous phishing websites are frequently constructed and launched on the Internet over time; these blacklist-based traditional methods do not accurately predict most phishing websites. In order to effectively identify malicious URLs, an enhanced deep learning-based phishing detection approach has been proposed by integrating the strength of Variational Autoencoders (VAE) and deep neural networks (DNN). In the proposed framework, the inherent features of a raw URL are automatically extracted by the VAE model by reconstructing the original input URL to enhance phishing URL detection. For experimentation, around 1 lakh URLs were crawled from two publicly available datasets, namely ISCX-URL-2016 dataset and Kaggle dataset. The experimental results suggested that the proposed model has reached a maximum accuracy of 97.45% and exhibits a quicker response time of 1.9 s, which is better when compared to all the other experimented models.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 3","pages":"423-440"},"PeriodicalIF":1.4,"publicationDate":"2023-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12106","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50129855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"On the performance of non-profiled side channel attacks based on deep learning techniques","authors":"Ngoc-Tuan Do,&nbsp;Van-Phuc Hoang,&nbsp;Van Sang Doan,&nbsp;Cong-Kha Pham","doi":"10.1049/ise2.12102","DOIUrl":"https://doi.org/10.1049/ise2.12102","url":null,"abstract":"<p>In modern embedded systems, security issues including side-channel attacks (SCAs) are becoming of paramount importance since the embedded devices are ubiquitous in many categories of consumer electronics. Recently, deep learning (DL) has been introduced as a new promising approach for profiled and non-profiled SCAs. This paper proposes and evaluates the applications of different DL techniques including the Convolutional Neural Network and the multilayer perceptron models for non-profiled attacks on the AES-128 encryption implementation. Especially, the proposed network is fine-tuned with different number of hidden layers, labelling techniques and activation functions. Along with the designed models, a dataset reconstruction and labelling technique for the proposed model has also been performed for solving the high dimension data and imbalanced dataset problem. As a result, the DL based SCA with our reconstructed dataset for different targets of ASCAD, RISC-V microcontroller, and ChipWhisperer boards has achieved a higher performance of non-profiled attacks. Specifically, necessary investigations to evaluate the efficiency of the proposed techniques against different SCA countermeasures, such as masking and hiding, have been performed. In addition, the effect of the activation function on the proposed DL models was investigated. The experimental results have clarified that the exponential linear unit function is better than the rectified linear unit in fighting against noise generation-based hiding countermeasure.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 3","pages":"377-393"},"PeriodicalIF":1.4,"publicationDate":"2022-12-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12102","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50138614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Improved related-tweakey rectangle attacks on round-reduced Deoxys-BC","authors":"Jiamei Liu,&nbsp;Lin Tan,&nbsp;Hong Xu","doi":"10.1049/ise2.12104","DOIUrl":"https://doi.org/10.1049/ise2.12104","url":null,"abstract":"<p>Deoxys-BC is the internal tweakable block cipher of the authenticated encryption (AE) Deoxys family, in which Deoxys-II is the primary choice for the use case of ‘Defence in depth’ among the portfolio of CAESAR competition. Improvements of the related-tweakey rectangle attacks on round-reduced Deoxys-BC using the known distinguishers is focussed in this study. Under the new related-key rectangle attack framework proposed by Dong <i>et al.</i> in EUROCRYPT 2022, we present three kinds of precomputed tables to further reduce the time complexity in the key-recovery phase. In the related-tweakey rectangle attack, the invalid quartets are filtered or the subtweakey candidates are obtained by lookup the precomputed tables without more computation. Based on the precomputed table technique, we improved the related-tweakey rectangle attacks on 11-round Deoxys-BC-256, 13-round and 14-round Deoxys-BC-384. Furthermore, we reduce the time complexity of the 13-round related-tweakey rectangle attack on Deoxys AE scheme Deoxys-I-256-128 by a factor of 2²⁴ compared with the best previous attack.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 3","pages":"407-422"},"PeriodicalIF":1.4,"publicationDate":"2022-12-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12104","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50137697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Preimage attacks on reduced-round Keccak hash functions by solving algebraic systems","authors":"Junling Pei,&nbsp;Lusheng Chen","doi":"10.1049/ise2.12103","DOIUrl":"https://doi.org/10.1049/ise2.12103","url":null,"abstract":"<p>In this paper, improved preimage attacks are presented on 3-round Keccak-256 and Keccak-512 and 4-round Keccak-256 based on algebraic methods. The authors propose some new properties about the components of Keccak permutation, reconsider the existing preimage attacks, and further refine the linearisation processes of quadratic bits to lower the complexities. For 3-round Keccak-256 and Keccak-512, priority is given to values with higher probability for quadratic bits, such that the guessing complexities decrease from slightly more than 2⁶⁵ and 2⁴⁴⁰ to 2^64.79 and 2⁴²⁴, respectively. For preimage attack on 4-round Keccak-256, some strategies of saving degrees of freedom are applied to solve Boolean multivariate quadratic systems and reduce the guessing complexity from 2¹⁹⁶ to 2¹⁸⁸.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 3","pages":"394-406"},"PeriodicalIF":1.4,"publicationDate":"2022-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12103","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50131030","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Lattice-based cryptosystems in standardisation processes: A survey","authors":"Anyu Wang,&nbsp;Dianyan Xiao,&nbsp;Yang Yu","doi":"10.1049/ise2.12101","DOIUrl":"https://doi.org/10.1049/ise2.12101","url":null,"abstract":"<p>The current widely used public-key cryptosystems are vulnerable to quantum attacks. To prepare for cybersecurity in the quantum era, some projects have been launched to call for post-quantum alternatives. Due to solid security and desirable performance, lattice-based cryptosystems are viewed as promising candidates in the upcoming standardisation of post-quantum cryptography. This study surveys the lattice-based cryptosystems in the post-quantum standardisation processes including the NIST Post-Quantum Cryptography Standardisation and the Chinese Cryptographic Algorithm Design Competition, from both design and security aspects. We present generic design paradigms of lattice-based schemes and describe several representative proposals and recent progress. We also recap some main cryptanalytic results and methods for estimating the concrete security of lattice-based schemes.</p>","PeriodicalId":50380,"journal":{"name":"IET Information Security","volume":"17 2","pages":"227-243"},"PeriodicalIF":1.4,"publicationDate":"2022-12-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ise2.12101","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50146109","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}