Showing papers on "40-bit encryption published in 2003"

Practical Verifiable Encryption and Decryption of Discrete Logarithms

Abstract: This paper addresses the problem of designing practical protocols for proving properties about encrypted data. To this end, it presents a variant of the new public key encryption of Cramer and Shoup based on Paillier’s decision composite residuosity assumption, along with efficient protocols for verifiable encryption and decryption of discrete logarithms (and more generally, of representations with respect to multiple bases). This is the first verifiable encryption system that provides chosen ciphertext security and avoids inefficient cut-and-choose proofs. The presented protocols have numerous applications, including key escrow, optimistic fair exchange, publicly verifiable secret and signature sharing, universally composable commitments, group signatures, and confirmer signatures.

Error analysis and detection procedures for a hardware implementation of the advanced encryption standard

Abstract: The goal of the Advanced Encryption Standard (AES) is to achieve secure communication. The use of AES does not, however, guarantee reliable communication. Prior work has shown that even a single transient error occurring during the AES encryption (or decryption) process will very likely result in a large number of errors in the encrypted/decrypted data. Such faults must be detected before sending to avoid the transmission and use of erroneous data. Concurrent fault detection is important not only to protect the encryption/decryption process from random faults. It will also protect the encryption/decryption circuitry from an attacker who may maliciously inject faults in order to find the encryption secret key. In this paper, we first describe some studies of the effects that faults may have on a hardware implementation of AES by analyzing the propagation of such faults to the outputs. We then present two fault detection schemes: The first is a redundancy-based scheme while the second uses an error detecting code. The latter is a novel scheme which leads to very efficient and high coverage fault detection. Finally, the hardware costs and detection latencies of both schemes are estimated.

Variable encryption scheme for data transfer between medical devices and related data management systems

Abstract: The present invention provides for an encryption apparatus, system, and method in which data from an Implantable Medical Device (IMD) and a data center could be transferred based on a differentiated encryption system. The encryption scheme allows for the differentiation, segregation, and classification of data at required or needed levels of security. Before transfer of the data, either from an IMD or any other part of a support network for the IMDs, the encryption device begins to distinguish the data. The variable data is then classified based on various levels of security having distinct encryption protocols. After classification the data is encrypted based on the data's level of security. The data is then transmitted. Upon being received the data is then segregated based on whether the data is encrypted. The encrypted data is then de-encrypted and interpreted.

Randomness Re-use in Multi-recipient Encryption Schemeas

Abstract: Kurosawa showed how one could design multi-receiver encryption schemes achieving savings in bandwidth and computation relative to the naive methods We broaden the investigation We identify new types of attacks possible in multi-recipient settings, which were overlooked by the previously suggested models, and specify an appropriate model to incorporate these types of attacks We then identify a general paradigm that underlies his schemes and also others, namely the re-use of randomness: ciphertexts sent to different receivers by a single sender are computed using the same underlying coins In order to avoid case by case analysis of encryption schemes to see whether they permit secure randomness re-use, we provide a condition, or test, that when applied to an encryption scheme shows whether or not the associated randomness re-using version of the scheme is secure As a consequence, our test shows that randomness re-use is secure in the strong sense for asymmetric encryption schemes such as El Gamal, Cramer-Shoup, DHIES, and Boneh and Franklin's escrow El Gamal

Selective encryption of wavelet-packet encoded image data: efficiency and security

Abstract: Selective encryption provides the ability to strike a balance between security and processing demands, e.g., in mobile clients. Image encoding using wavelets, and especially wavelet packets, can be used for efficient selective encryption. We will show how two such methods work and discuss their advantages and disadvantages in terms of security and speed.

Advanced encryption standard (aes) hardware cryptographic engine

Abstract: A cryptographic method and related implements the Rijndael - AES encryption standard. In one improvement, the decryption round keys (w[i]) are generated on a round by round basis from the final Nk round keys saved from a previous encryption key scheduling operation. Latency and memory requirements are thereby minimized. S-boxes (410 to 413) for the AES key generation and cipher operation itself, may be implemented multiple times in different ways with different power signatures, with a pseudo-random selection (39o to 393, 410 to 413) of the pathway for the different bytes to be substituted. The premix operation (73) occurs simultaneously (72, 83) with the generation of first round keys, and a dummy circuit (Fig. 13) with substantially identical timing as the real premix circuitry adds power consumption noise to the premix.

System and method for multiple users to securely access encrypted data on computer system

Abstract: A method and system for encrypting non-volatile storage regions, such as volumes, accessible by multiple users. A plurality of non-volatile storage regions is encrypted each with a different encryption key. A subset of the encryption keys is made available to each user thereby granting the user access to a corresponding subset of non-volatile storage regions. To protect a user's encryption keys, a private-public encryption key pair is generated, the private key being made available only to that user. The subset of the user's encryption keys is encrypted using the user's public encryption key. The users' private keys can be stored in a secure encryption module and can be protected with a password. Upon authenticating a user, the corresponding encryption keys may be provided to the user after decrypting the encryption keys using the user's private key. The contents of the non-volatile storage regions are then decrypted using the encryption keys.

Communication device, communication system, and algorithm selection method

Abstract: An encryption information determination section in a communication device negotiates an encryption algorithm to be used for encrypted communications with an encryption information determination section in a network camera, which is a communication counterpart. At this time, the encryption algorithm to be selected is varied depending on the CPU load of the communication device. That is, if the CPU utilization rate is high, a low-load encryption algorithm is selected, and if the CPU utilization rate is low, a high-load encryption algorithm is selected. A encryption/decryption processing section performs code processing using the encryption algorithm selected by the encryption information determination section.

Encryption overhead in embedded systems and sensor network nodes: modeling and analysis

Abstract: Recent research in sensor networks has raised issues of security for small embedded devices. Security concerns are motivated by the deployment of a large number of sensory devices in the field. Limitations in processing power, battery life, communication bandwidth and memory constrain the applicability of existing cryptography standards for small embedded devices. A mismatch between wide arithmetic for security (32 bit word operations) and embedded data bus widths (often only 8 or 16 bits) combined with lack of certain operations (e.g., multiply) in the ISA present other challenges.This paper offers two contributions. First, a survey investigating the computational requirements for e a number of common cryptographic algorithms and embedded architectures is presented. The objective of this work is to cover a wide class of commonly used encryption algorithms and to determine the impact of embedded architectures on their performance. This will help designers predict a system's performance for cryptographic tasks. Second, methods to derive the computational overhead of embedded architectures in general for encryption algorithms are developed. This allows one to project computational limitations and determine the threshold of feasible encryption schemes under a set of the constraints for an embedded architecture.Experimental measurements indicate uniform cryptographic cost for each encryption class and each architecture class and negligible impact of caches. RC4 is shown to outperform RC5 for the Atmega platform. But when message authentication is required in addition to encryption, hash or block ciphers, such as RC5, have the advantage of providing support for both authentication and encryption. The analytical model allows to assess the impact of arbitrary embedded architectures as a multi-variant function for each encryption scheme. Overall, our results are not only valuable to assess the feasibility of encryption schemes for existing embedded architectures, they also extend to assess the feasibility of encryption methods for new algorithms and architectures for sensor systems.

Selective Encryption of the JPEG2000 Bitstream

Abstract: In this paper, we propose partial encryption of JPEG2000 coded image data using an AES symmetric block cipher. We find that encrypting 20% of the visual data is sufficient to provide a high level of confidentiality. This percentage of encryption also provides security against replacement attacks, which is discussed at length.

Encrypting file system

Abstract: An encryption method that is largely transparent to a user is accomplished by intercepting a change document or open document command, carrying out an encryption or decryption process, and then completing the command on an encrypted or decrypted file. The encryption method can be used in a wide variety of environments, such as an individual computer program, a database or electronic messaging over the Internet. The encryption method can select from a plurality of encryption algorithms.

Location privacy through ip address space scrambling

Abstract: In a network, a router uses some secret information combined with a cryptographic process in determination of a subnet's routing prefix. Several methods are disclosed, including using an IP suffix for prefix generation and for decryption, maintaining a pool of pseudo prefixes at the router, using public key encryption and symmetric key encryption.

Method and apparatus for encrypting data

Abstract: A method of securing data on an electronic device comprises allowing a user of the device to select one of an encryption and decryption operating mode and an encryption only operating mode. The encryption and decryption operating mode requires that the device have access to a user passphrase, and the encryption only operating mode does not require that the device have access to the passphrase.

Secure transport for mobile communication network

Abstract: A communication network encrypts a first portion of a transaction associated with point-to-point communications using a point-to-point encryption key. A second portion of the transaction associated with end-to-end communications is encrypted using an end-to-end encryption key.

Using distributed nonlinear dynamics for public key encryption.

Abstract: We introduce a new method for asymmetric (public key/private key) encryption exploiting properties of nonlinear dynamical systems A high-dimensional dissipative nonlinear dynamical system is distributed between transmitter and receiver, so we call the method distributed dynamics encryption (DDE) The transmitter dynamics is public, and the receiver dynamics is hidden A message is encoded by modulation of parameters of the transmitter, and this results in a shift of the overall system attractor An unauthorized receiver does not know the hidden dynamics in the receiver and cannot decode the message We present an example of DDE using a coupled map lattice

Methods and apparatus for secure and adaptive delivery of multimedia content

Abstract: Techniques for securely and adaptively delivering multimedia content It is assumed that a set of alternate access units for each time slot is obtained Then, the encryption stream index of each access unit from the set of alternate access units of the previous time slot are obtained An encryption stream index is then assigned to each access unit in the set of alternate access units in the current time slot, such that the encryption index increases over time Thus, the invention overcomes the problem of encrypting a multimedia stream that may have multiple access units for each time slot by selecting the encryption index for each access unit such that the encryption index increases, regardless of which access unit the delivery system (eg, server) selects for transmission

Open generic tamper resistant CPU and application system thereof

Abstract: A central processing unit (GT) comprises a private key in secrecy, and an encryption engine. Before the GT executes software, a license added to the software is entered into the GT. The license includes information obtained by encrypting a code encryption key used when the software is encrypted with a public key pairing with the private key. When the license is entered, the encryption engine obtains the code encryption key by decrypting the license with the private key, and decrypts the software with the code encryption key.

Optical scanning cryptography for secure wireless transmission

Abstract: We propose a method for secure wireless transmission of encrypted information. By use of an encryption key, an image or document is optically encrypted by optical heterodyne scanning and hence encryption is performed on the fly. We call this technique optical scanning cryptography. The output of the heterodyne encrypted signal is at radio frequency and can be directly sent through an antenna to a secure site for digital storage to be prepared for decryption. In the secure site, an identical optical scanning system to that used for encryption is used, together with a decryption key, to generate an electrical signal. The electrical signal is then processed and sent to a computer to be used for decryption. Utilizing the stored information received from the encryption stage and the electrical information from the secure site, a digital decryption unit performs a decryption algorithm. If the encryption key and the decryption key are matched, the decryption unit will decrypt the image or document faithfully. The overall cryptosystem can perform the incoherent optical processing counterpart of the well-known coherent double-random phase-encoding technique. We present computer simulations of the idea.

Performance evaluation of three encryption/decryption algorithms

Abstract: This paper presents an implementation of three encryption algorithms and a comparison between them based on CPU execution time. The CPU execution time is broken down to kernel and user time. The selected algorithms are: DES, Triple-DES (T-DES) and Blowfish. These are symmetric block encryption algorithms. The objective of this research is to evaluate the performance of the three cryptography algorithms in terms of the processing time required in the kernel and user space for generating the secret key, encryption and decryption operations. The powerful portable programming language Java and JCA (Java cryptography architecture) is used in implementing the encryption algorithms. The performance of the implemented encryption algorithms will be evaluated on SunOS platforms. The results show that the Blowfish algorithm is the fastest, followed by the DES algorithm then the T-DES algorithm

Cryptographic method and computer program product for use in wireless local area networks

Abstract: An encryption system and method that may encrypt all of the transmitted and received data packets on the data link layer without collisions on the Initialization Vector (IV). In the encryption system and method a new final key value may be generated and applied to every transmitted and received data packet. The encryption system and method provide for a novel three phase algorithmic process for generating a final secret key.

A public key encryption scheme based on the polynomial reconstruction problem

Abstract: The Polynomial Reconstruction problem (PR) has been introduced in 1999 as a new hard problem. Several cryptographic primitives established on this problem have been constructed, for instance Naor and Pinkas have proposed a protocol for oblivious polynomial evaluation. Then it has been studied from the point of view of robustness, and several important properties have been discovered and proved by Kiayias and Yung. Furthermore the same authors constructed a symmetric cipher based on the PR problem. In the present paper, we use the published security results and construct a new public key encryption scheme based on the hardness of the problem of Polynomial Reconstruction. The scheme presented is the first public key encryption scheme based on this Polynomial Reconstruction problem. We also present some attacks, discuss their performances and state the size of the parameters required to reach the desired security level. In conclusion, this leads to a cryptosystem where the cost of encryption and decryption per bit is low, and where the public key is kept relatively small.

Multi-Recipient Encryption Schemes: Security Notions and Randomness Re-Use

Abstract: This paper begins by rening Kurosawa’s [Ku] denitions of security for multi-recipient encryption schemes (MRESs). It then considers a subclass of MRESs, that are formed by transforming standard encryption schemes via a natural technique called randomness re-use, and that oer important performance benets. The main result is a way to avoid ad-hoc analyses of such schemes: we provide a general test that can be applied to a standard encryption scheme to determine whether the associated randomness re-using MRES is secure. This is applied to identify numerous specic secure and ecient randomness re-using MRESs. The results and applications cover both asymmetric and symmetric encryption.

Security analysis of selectively encrypted MPEG-2 streams

Abstract: Selective encryption exploits the relationship between encryption and compression to reduce encryption requirements, saving in complexity and facilitating new system functionality Selective encryption of MPEG video streams has been proposed in a number of variations, yet has seen little application to date Here we focus on high encryption savings, targeting 10% of the bit stream or less encrypted, moderate security in the sense that the content is degraded to the point that purchase would be preferred over consuming free content, no impact on compression efficiency, and a cryptanalytic approach to validating security We find that adequate security is plausible if the compressor is cooperative or at least neutral with respect to the selective encryption system, but implausible if the compressor is operated antagonistically The unusually low encryption targeted makes application of this solution appealing

Lower bounds on the efficiency of encryption and digital signature schemes

Abstract: A central focus of modern cryptography is to investigate the weakest possible assumptions under which various cryptographic algorithms exist. Typically, a proof that a "weak" primitive (e.g., a one-way function) implies the existence of a "strong" algorithm (e.g., a private-key encryption scheme) proceeds by giving an explicit construction of the latter from the former. In addition to showing the existence of such a construction, an equally important research direction is to explore the efficiency of such constructions.Among the most fundamental cryptographic algorithms are digital signature schemes and schemes for public- or private-key encryption. Here, we show the first lower bounds on the efficiency of any encryption or signature construction based on black-box access to one-way or trapdoor one-way permutations. If S is the assumed security of the permutation π (i.e., no adversary of size S can invert π on a fraction larger than 1/S of its inputs), our results show that:Any public-key encryption scheme for m-bit messages must query π at least Ω(m log S) times.Any private-key encryption scheme for m-bit messages (with k-bit keys) must query π at least Ω(m-k/log S) times.Any signature verification algorithm for m-bit messages must query π at least Ω(m log S) times.Our bounds match known upper bounds for the case of encryption.We prove our results in an extension of the Impagliazzo-Rudich model. That is, we show that any black-box construction beating our lower bounds would imply the unconditional existence of a one-way function.

Method and apparatus for variable encryption of data

Abstract: A system and method for encrypting content in an adaptive manner. Portions of data to be encrypted are identified and an encryption ratio that specifies the one or more portions of data to encrypt and other portions of data to not encrypt is determined. The data is then encrypted based on the encryption ratio.

Practical Symmetric On-Line Encryption

Abstract: This paper addresses the security of symmetric cryptosystems in the blockwise adversarial model. At Crypto 2002, Joux, Martinet and Valette have proposed a new kind of attackers against several symmetric encryption schemes. In this paper, we first show a generic technique to thwart blockwise adversaries for a specific class of encryption schemes. It consists in delaying the output of the ciphertext block. Then we provide the first security proof for the CFB encryption scheme, which is naturally immune against such attackers.

Multimedia content protection via biometrics-based encryption

Abstract: We propose a multimedia content protection framework that is based on biometric data of the users and a layered encryption/decryption scheme. Password-only encryption schemes are vulnerable to illegal key exchange problems. By using biometric data along with hardware identifiers as keys, it is possible to alleviate fraudulent usage of protected content. A combination of symmetric and asymmetric key systems is utilized for this purpose. The computational requirements and applicability of the proposed method are addressed. The results of encryption and decryption experiments related to time measurements are included. Watermarking systems can be used to complement the proposed method to permit novel uses of protected multimedia data.

Mobile communication terminal, information processing method, data processing program, and recording medium

Abstract: A transmission side mobile telephone (10) includes a controller (11) for realizing functions of data encryption means, first key encryption means, and encryption file generation means. The data encryption means encrypts data by using a first encryption key. The first key encryption means encrypts the first encryption key by using a second encryption key. The encryption file generation means generates an encryption file of the data from the data encrypted by the data encryption means, the first encryption key encrypted by the first key encryption means, and user unique information capable identifying a user of the mobile communication terminal.

Parallel authentication and public-key encryption

Abstract: A parallel authentication and public-key encryption is introduced and exemplified on joint encryption and signing which compares favorably with sequential Encrypt-then-Sign (EtS) or Sign-then-Encrypt (StE) schemes as far as both efficiency and security are concerned. A security model for signcryption, and thus joint encryption and signing, has been recently defined which considers possible attacks and security goals. Such a scheme is considered secure if the encryption part guarantees indistinguishability and the signature part prevents existential forgeries, for outsider but also insider adversaries. We propose two schemes of parallel signcryption, which are efficient alternative to Commit-then-Sign-and-Encrypt (CtE&S). They are both provably secure in the random oracle model. The first one, called generic parallel encrypt and sign, is secure if the encryption scheme is semantically secure against chosen-ciphertext attacks and the signature scheme prevents existential forgeries against random-message attacks. The second scheme, called optimal parallel encrypt and sign, applies random oracles similar to the OAEP technique in order to achieve security using encryption and signature components with very weak security requirements - encryption is expected to be one-way under chosen-plaintext attacks while signature needs to be secure against universal forgeries under random-plaintext attack, that is actually the case for both the plain-RSA encryption and signature under the usual RSA assumption. Both proposals are generic in the sense that any suitable encryption and signature schemes (i.e. which simply achieve required security) can be used. Furthermore they allow both parallel encryption and signing, as well as parallel decryption and verification. Properties of parallel encrypt and sign schemes are considered and a new security standard for parallel signcryption is proposed.

Use of the Advanced Encryption Standard (AES) Encryption Algorithm in Cryptographic Message Syntax (CMS)

Abstract: This document specifies the conventions for using the Advanced Encryption Standard (AES) algorithm for encryption with the Cryptographic Message Syntax (CMS).