Babak Sadeghian

DDPM: Dynamic Deterministic Packet Marking for IP Traceback

This paper introduces the concepts of dynamic marking and mark-based detection to the field of IP traceback. In dynamic marking it is possible to find the attack agents in a large scale DDoS network. Moreover, in the case of a DRDoS it enables the victim to trace the attack one step further back to the source, to find a master machine or the real attacker with only a few numbers of packets. The proposed marking procedure increases the possibility of DRDoS attack detection at the victim through Mark-based detection. In Mark-based method, the detection engine takes into account the marks of the packets to identify varying sources of a single site involved in a DDoS attack. This significantly increases the probability of detection. In order to satisfy the end-to-end arguments approach, fate-sharing and also respect to the need for scalable and applicable schemes, only edge routers implement our simple marking procedure. The delay and bandwidth overhead added to the edge routers is fairly negligible

RUPSec: extending business modeling and requirements disciplines of RUP for developing secure systems

Nowadays, one of the main challenges facing computer systems is increasing attacks and security threats against them. Therefore, capturing, analyzing, designing, developing and testing of security requirements have became an important issue in development of security-critical computing systems, such as banking, military and e-commerce systems. For developing every system, a process model is chosen. The rational unified process (RUP) is one of the most popular and complete process models which has been used by developers in recent years. Our study and analysis has shown that RUP should be extended for developing security-critical systems. In this paper, we report our work on extending business modeling and requirements disciplines of RUP for developing secure systems. We call this extended version of RUP as RUPSec. The proposed extensions in RUPSec are adding and integrating a number of activities, roles, and artifacts to RUP in order to capture, document and model threats and security requirements.

A modified radix-2 Montgomery modular multiplication with new recoding method

Montgomery modular multiplication algorithm is commonly used in implementations of the RSA cryptosystem and other cryptosystems with modular operations. Radix-2 version of this algorithm is simple and fast in hardware implementations. In this paper this algorithm is modified with a new recoding method to make it simpler and faster. We have also implemented this new algorithm with carry save adders. Results show that, in average the proposed algorithm has about 47% increase of data throughput with maximum 7% increase of hardware area comparing with conventional algorithm.

Very Fast Multi Operand Addition Method by Bitwise Subtraction

Basic operations of public key cryptography are multiplication and exponentiation. Because of long operand length, their processing is very time consuming operations. The basic of all of these operations is multi operand addition. To improve this operations performance, many methods are used, that carry save adder (CSA) is the best method until now. This paper proposed a new method with the same performance as CSA but with 40% less logic gates than CSA. This area reduction may lead to less power consumption and sometimes more processing speed, that are suitable for embedded processor. The idea of proposed method is bitwise subtraction that there is no carry propagation needed that is very useful for long length multi additions.

Efficient Methods in Converting to Modulo 2^n+1 and 2^n-1

Modulo 2n + 1 and 2n - 1 multiplication plays an important role in residue number systems. In this paper two efficient methods for converting the input number to these moduli are presented. One of them has less area than the other but the second one has more processing speed. The diminished-1 representation of numbers are most suitable for multiplication in 2n + 1 thus for this modulus the input number is converting to that representation

A New Operator for Multi-addition Calculations

Today multi operand addition is used in many aspect of computer arithmetic such as multiplication, exponentiation, etc. One of the best method for multi addition is Carry save adder that has no carry propagation during intermediate summation. This paper introduce a new method that has a performance like carry save adder for multi-addition but has fewer gates than it. This architecture can reduce the number of logic gates by 40%.