National Security Research Institute

In this paper, we discuss the use of combinatorial set systems (combinatorial designs) in the design of key predistribution schemes (KPSs) for sensor networks. We show that the performance of a KPS can be improved by carefully choosing a certain class of set systems as “key ring spaces”. Especially, we analyze KPSs based on a type of combinatorial design known as a <it>transversal design</it>. We employ two types of transversal designs, which are represented by the set of all linear polynomials and the set of quadratic polynomials (over some finite field), respectively. These KPSs turn out to have significant efficiency in a shared-key discovery phase without degrading connectivity and resiliency.

In today's world of computer security, Internet attacks such as Dos/DDos, worms, and spyware continue to evolve as detection techniques improve. It is not easy, however, to distinguish such new attacks using only knowledge of pre-existing attacks. In this paper the authors focused on machine learning techniques for detecting attacks from Internet anomalies. The machine learning framework consists of two major components: genetic algorithm (GA) for feature selection and support vector machine (SVM) for packet classification. By experiment it is also demonstrated that the proposed framework outperforms currently employed real-world NIDS.

The recently proposed file-injection type attacks are highlighting the importance of forward security in dynamic searchable symmetric encryption (DSSE). Forward security enables to thwart those attacks by hiding the information about the newly added files matching a previous search query. However, there are still only a few DSSE schemes that provide forward security, and they have factors that hinder efficiency. In particular, all of these schemes do not support actual data deletion, which increments both storage space and computational complexity. In this paper, we design and implement a forward secure DSSE scheme with optimal search and update complexity, for both computation and communication point of view. As a starting point, we propose a new, simple, theoretical data structure, called dual dictionary that can take advantage of both the inverted and the forward indexes at the same time. This data structure allows to delete data explicitly and in real time, which greatly improves efficiency compared to previous works. In addition, our scheme provides forward security by encrypting the newly added data with fresh keys not related with the previous search tokens. We implemented our scheme for Enron email and Wikipedia datasets and measured its performance. The comparison with Sophos shows that our scheme is very efficient in practice, for both searches and updates in dynamic environments.

Data deduplication has attracted many cloud service providers (CSPs) as a way to reduce storage costs. Even though the general deduplication approach has been increasingly accepted, it comes with many security and privacy problems due to the outsourced data delivery models of cloud storage. To deal with specific security and privacy issues, secure deduplication techniques have been proposed for cloud data, leading to a diverse range of solutions and trade-offs. Hence, in this article, we discuss ongoing research on secure deduplication for cloud data in consideration of the attack scenarios exploited most widely in cloud storage. On the basis of classification of deduplication system, we explore security risks and attack scenarios from both inside and outside adversaries. We then describe state-of-the-art secure deduplication techniques for each approach that deal with different security issues under specific or combined threat models, which include both cryptographic and protocol solutions. We discuss and compare each scheme in terms of security and efficiency specific to different security goals. Finally, we identify and discuss unresolved issues and further research challenges for secure deduplication in cloud storage.

Performance of cryptanalytic quantum search algorithms is mainly inferred from query complexity which hides overhead induced by an implementation. To shed light on quantitative complexity analysis removing hidden factors, we provide a framework for estimating time-space complexity, with carefully accounting for characteristics of target cryptographic functions. Processor and circuit parallelization methods are taken into account, resulting in the time-space trade-off curves in terms of depth and qubit. The method guides how to rank different circuit designs in order of their efficiency. The framework is applied to representative cryptosystems NIST referred to as a guideline for security parameters, reassessing the security strengths of AES and SHA-2.

Since the advent of datacenter networking, achieving low latency within the network has been a primary goal. Many congestion control schemes have been proposed in recent years to meet the datacenters' unique performance requirement. The nature of congestion feedback largely governs the behavior of congestion control. In datacenter networks, where round trip times are in hundreds of microseconds, accurate feedback is crucial to achieve both high utilization and low queueing delay. Proposals for datacenter congestion control predominantly leverage explicit congestion notification (ECN) or even explicit in-network feedback to minimize the queuing delay. In this paper, we explore latency-based feedback as an alternative and show its advantages over ECN. Against the common belief that such implicit feedback is noisy and inaccurate, we demonstrate that latency-based implicit feedback is accurate enough to signal a single packet's queuing delay in 10 Gb/s networks. Such high accuracy enables us to design a new congestion control algorithm, DX, that performs fine-grained control to adjust the congestion window just enough to achieve very low queuing delay while attaining full utilization. Our extensive evaluation shows that: 1) the latency measurement accurately reflects the one-way queuing delay in single packet level; 2) the latency feedback can be used to perform practical and fine-grained congestion control in high-speed datacenter networks; and 3) DX outperforms DCTCP with 5.33 times smaller median queueing delay at 1 Gb/s and 1.57 times at 10 Gb/s.

Network intrusion detection systems (NIDS) are essential security building-blocks for today's organizations to ensure safe and trusted communication of information. In this paper, we study the feasibility of off-line deep learning based NIDSes by constructing the detection engine with multiple advanced deep learning models and conducting a quantitative and comparative evaluation of those models. We first introduce the general deep learning methodology and its potential implication on the network intrusion detection problem. We then review multiple machine learning solutions to two network intrusion detection tasks (NSL-KDD and UNSW-NB15 datasets). We develop a TensorFlow-based deep learning library, called NetLearner, and implement a handful of cutting-edge deep learning models for NIDS. Finally, we conduct a quantitative and comparative performance evaluation of those models using NetLearner.

As the quantity and complexity of network threats grow, Intrusion Detection Systems (IDSs) have become critical for securing networks. Achieving computer network intrusion detection with these IDSs requires high-level information technology and security expertise because malicious traffic has to be rigorously analyzed and the appropriate IDS rules written to effectively detect vulnerabilities that may potentially be exploited. However, incorrect IDS rules may produce numerous false positives, thereby degrading the performance of the IDS, and even worse, paralyzing the network. In this paper, we present a novel approach that exploits the Latent Dirichle Allocation (LDA) algorithm to generate IDS rules. Our proposed method, called LDA-based Automatic Rule Generation (LARGen), automatically performs an analysis of the malicious traffic and extracts the appropriate attack signatures that will be used for IDS rules. LARGen first extracts multiple signature strings embedded in network flows. Then, the flows are classified based on the extracted signature strings, and key content strings for malicious traffic are identified through the LDA inferential topic model. Those key content strings are the core of an IDS rule that can detect malicious traffic. We study the effectiveness of LDA in the context of network attack signature generation via extensive experiments with real network trace data, consisting of both benign and malicious traffic. Experimental results confirm that threat rules generated from LARGen accurately detect every cyber attack with high accuracy.

Internet of Things (IoT) technologies allow everyday objects to be capable of connecting to the Internet, thereby making smart and convenient daily life. Although users' daily lives can be convenient due to various smart services utilizing IoT, it can also be a target of attack through the Internet. Thus, security has now been recognized as mandatory technology to activate IoT based smart service. Several standard organizations related to IoT technologies recommend using the CoAP over DTLS protocol stacks for enabling secure communications between resource constrained things. In general DTLS, a cipher suite required to support specific security service should be negotiated between the CoAP client and server in the process of performing the DTLS handshake protocol. However, the handshake requires too much processing and transmission overhead in constrained IoT environment. To improve such an issue, this paper proposes a secure but efficient scheme for resource constrained things. The proposed scheme can selectively apply application data encryption or integrity to the DTLS record layer during an on-going secure session, thereby reducing the burden of DTLS handshake in resource constrained Internet of Things.

We propose a controlled quantum teleportation scheme to teleport an unknown state based on the interactions between flying photons and quantum dots (QDs) confined within single- and double-sided cavities. In our scheme, users (Alice and Bob) can teleport the unknown state through a secure entanglement channel under the control and distribution of an arbitrator (Trent). For construction of the entanglement channel, Trent utilizes the interactions between two photons and the QD-cavity system, which consists of a charged QD (negatively charged exciton) inside a single-sided cavity. Subsequently, Alice can teleport the unknown state of the electron spin in a QD inside a double-sided cavity to Bob's electron spin in a QD inside a single-sided cavity assisted by the channel information from Trent. Furthermore, our scheme using QD-cavity systems is feasible with high fidelity, and can be experimentally realized with current technologies.

We report a source of polarization-entangled photon pairs in the 1550-nm telecommunication band, which is based on non-collinear spontaneous parametric down-conversion in a periodically poled lithium niobate crystal pumped by picosecond pulses. This source is realized utilizing a polarization-based Sagnac interferometer employing a type-0 non-collinear quasi-phase-matching configuration. Polarization entanglement is verified through measurement of the polarization-correlation interference fringes with visibility >96% and by testing the experimental violation of the Clauser-Horne-Shimony-Holt (CHSH) form of Bell's inequality. The CHSH-Bell parameter S is found to be 2.72 ± 0.04, with 18 standard deviations from the statistical uncertainty.

With prevalence of remote storage services, data privacy issues become more serious owing to loss of control to outsourced data. In the meanwhile, the service providers tend to minimize storage utility costs. To minimize the storage costs while preserving data privacy, secure deduplication techniques have been proposed, which are categorized into client-side or server-side approaches. Client-side approach achieves storage and bandwidth savings at the same time but allows external adversaries to know existence of duplicates in the remote storage. On the contrary, server-side one prevents the adversaries from getting acknowledged but sacrifices network bandwidth savings. In fog computing, however, which is a new computing paradigm extending the cloud computing by outsourcing a centralized workload of the cloud to geographically distributed fog devices located at the edge of the networks, the previous deduplication schemes cannot guarantee efficiency improvement and privacy preservation simultaneously. In this paper, we present a simple but nontrivial solution of these contradictory issues in fog storage. The proposed hybrid secure deduplication protocol combines client-and server-side deduplications by taking untrustworthy fog storage environments into account. The client-side deduplication is applied in inter-network (i.e., cloud-fog network) communications to prevent network congestion at the network core, while the server-side deduplication is adopted in intra-network (i.e., user-fog network) communications to prevent information leakage via side channels for maximal data privacy. Performance and security analyses demonstrate the comparable efficiency of the proposed scheme with security enhancement.

We consider how to quantify non-Gaussianity for the correlation of a bipartite quantum state by using various measures such as relative entropy and geometric distances. We first show that an intuitive approach, i.e., subtracting the correlation of a reference Gaussian state from that of a target non-Gaussian state, fails to yield a non-negative measure with monotonicity under local Gaussian channels. Our finding clearly manifests that quantum-state correlations generally have no Gaussian extremality. We therefore propose a different approach by introducing relevantly averaged states to address correlation. This enables us to define a non-Gaussianity measure based on, e.g., the trace-distance and the fidelity, fulfilling all requirements as a measure of non-Gaussian correlation. For the case of the fidelity-based measure, we also present readily computable lower bounds of non-Gaussian correlation.

This brief proposes a dc-dc buck converter using an analog coarse-fine self-tracking zero-current detection (ASTZCD) scheme. The AST-ZCD detects the zero-current by measuring the voltage level across a freewheeling transistor. It adjusts the nMOS turn-off time using an amplifier, capacitors, and current sources instead of large numbers of shift register bits and unit delay cells in the conventional digital self-tracking zerocurrent detection (DST-ZCD). It also reduces the zero-current self-tracking time by using coarse-fine current-sources when the output current transition is large. The proposed dc-dc buck converter was fabricated with a 0.18-μm CMOS process. The AST-ZCD reduces the area by 94%, the power consumption by 80%, and the zero-current self-tracking time by 82% compared to the DST-ZCD.

This paper proposes a new SHA-1 architecture to exploit higher parallelism and to shorten the critical path for Hash operations. It enhances a performance without significant area penalty. We implemented the proposed SHA-1 architecture on FPGA that showed the maximum clock frequency of 118MHz allows a data throughput rate of 5.9Gbps. The throughput is about 26% higher, compared to other counterparts. It supports cryptography of high-speed multimedia data.

The traditional security objectives of smart grids have been availability, integrity, and confidentiality. However, as the grids incorporate smart metering and load management, user and corporate privacy is increasingly becoming an issue in smart grid networks. Although transmitting current power consumption levels to the supplier or utility from each smart meter at short intervals has an advantage for the electricity supplier’s planning and management purposes, it threatens user privacy by disclosing fine-grained consumption data and usage behavior to utility providers. In this study, we propose a distributed incremental data aggregation scheme where all smart meters on an aggregation path are involved in routing the data from the source meter to the collection unit. User privacy is preserved by symmetric homomorphic encryption, which allows smart meters to participate in the aggregation without seeing any intermediate or final result. Aggregated data is further integrated with an aggregate signature to achieve data integrity and smart meter authentication in such a way that dishonest or fake smart meters cannot falsify data en route. Only the collection unit can obtain the aggregated data and verify its integrity while the individual plain data are not exposed to the collection unit. Therefore, user privacy and security are improved for the smart metering in a smart grid network.

This paper reports two sorts of Trusted Platform Module (TPM) attacks regarding power management. The attacks allow an adversary to reset and forge platform configuration registers which are designed to securely hold measurements of software that are used for bootstrapping a computer. One attack is exploiting a design flaw in the TPM 2.0 specification for the static root of trust for measurement (SRTM). The other attack is exploiting an implementation flaw in tboot, the most popular measured launched environment used with Intel's Trusted Execution Technology. Considering TPM-based platform integrity protection is widely used, the attacks may affect a large number of devices. We demonstrate the attacks with commodity hardware. The SRTM attack is significant because its countermeasure requires hardware-specific firmware patches that could take a long time to be applied.

Modular exponentiation in an abelian group is one of the most frequently used mathematical primitives in modern cryptography. Batch verification is an algorithm for verifying many exponentiations simultaneously. We propose two fast batch verification algorithms. The first one makes use of exponents of small weight, called sparse exponents, and is asymptotically 10 times faster than individual verification and twice as fast as previous works at the same security level. The second one can only be applied to elliptic curves defined over small finite fields. Using sparse Frobenius expansion with small integer coefficients, we give a complex exponent test which is four times faster than the previous works. For example, each exponentiation in one batch asymptotically requires nine elliptic curve additions on some elliptic curves for 2 <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">80</sup> security

With the proliferation of cloud computing, security concerns about confidentiality violations of user data by the privileged domain and system administrators have been growing. This paper proposes secure cloud architecture with a hardware security module, which isolates cloud user data from potentially malicious privileged domains or cloud administrators. Within a securely isolated execution environment, the hardware security module provides essential security functionality with only restricted interfaces exposed to vulnerable management systems or cloud administrators. Such restriction prevents cloud administrators from affecting the security of guest VMs. The proposed architecture not only defends against wide attack vectors but also achieves a small TCB. This paper discusses our hardware and software implementation of the proposed cloud architecture, analyzes its security, and presents its performance results.

We represent an optical scheme using cross-Kerr nonlinearities (XKNLs) and quantum dot (QD) within a single-sided optical cavity (QD-cavity system) to generate three-photon entangled W state containing entanglement against loss of one photon of them. To generate W state (three-photon) with robust entanglement against loss of one photon, we utilize effects of optical nonlinearities in XKNLs (as quantum controlled operations) and QD-cavity system (as a parity operation) with linearly optical devices. In our scheme, the nonlinear (XKNL) gate consists of weak XKNLs, quantum bus beams, and photon-number-resolving measurement to realize controlled-unitary gate between two photons while another nonlinear (QD) gate employs interactions of photons and an electron of QD confined within a single-sided optical cavity for implementation of parity gate. Subsequently, for the efficiency and experimental feasibility of our scheme generating W state, we analyze the immunity of the controlled-unitary gate using XKNLs against decoherence effect and reliable performance of parity gate using QD-cavity system.