Chung-Huang Yang

Pseudorandom bit generators in stream-cipher cryptography

Progress in the design and analysis of pseudorandom bit generators over the last decade is surveyed. Background information is provided, and the linear feedback shift registers that serve as building blocks for constructing the generators are examined. Three methods for attacking keystream generators are reviewed, and three techniques for designing them are considered, focusing on how they fail or how their weakness is exposed under the attacks previously described. These techniques are nonlinear feedforward transformation, step control, and multiclocking.<<ETX>>

An Improved Linear Syndrome Algorithm in Cryptanalysis With Applications

A new algorithm is developed for making attacks to certain comparatively simple LFSR based ciphersystems. Special attention is paid towards minimizing the solution distance and guaranteeing the success probability of the attacks. The algorithm is then applied to crack the random bit generators of Geffe (1973) and Beth-Piper (1984).

Design and Implementation of Live SD Acquisition Tool in Android Smart Phone

From the end of 2007, the open-source characteristic of Android platform has been the most competitive one in the smart phone market. According to recent statistics from Gartner, Android¡¦s market share in February 2010 is 3.9%, rises to 17.2% in August in the same year, and reaches 22.7% in February 2011, which only falls behind Nokia¡¦s by 14.9%. From its skyrocketing growth rate, it can be expected that Google¡¦s Android operating system would become the dominate mobile platform. However, high market share comes with problems. For instance, in March 2011, Lookout, an information security company shows Dorid Dream will make the Android phones become the media of Bot Network. The ever-changing criminal conduct continuously challenges how well the present digital forensics could react. Data acquisition is an important part in mobile phone forensics. As the mobile forensic software becomes more mature and popular, most of them are now facing the same problem where the internal collecting tools must be installed in the mobile phones first so the data collecting could be started in turn. Whether this process is against the concept of protecting the original crime scene in forensics is questionable. A new concept called Live SD is therefore introduced in this work. It utilizes the concept of data recovery to perform physical data acquisition in Android smart phones. This data-acquisition methodology differs from the current ones in most mobile forensics software and can effectively perform the recovery of the deleted data.

Fast implementation of AES cryptographic algorithms in smart cards

The National Institute of Standards and Technology (NIST) of US announced Rijndael algorithm as the advanced encryption standard (AES) in October 2000, Despite AES surpassing in security the data encryption standard (DES), it is still rare to be implemented in smart cards, due to the reason of deficient AES coprocessors. Here a chip operation system (COS) called NexCard, which derived from Microsofts Windows COS, is used as the AES implementation platform. After a suitable COS architecture design for AES and methodology of efficient memory usage, the simulation result shows that direct embedding AES encryption attains 0.56 ms at system clock 15 MHz on the INFINEON SLE66CX322P chip without existence of coprocessor. Corresponding to the development needs in smart card cryptographic algorithm implementations, and different level of the security design specifications, a concept to conjoin numbers of algorithms into single smart card called cipher system on demand (CSOD) method is accomplished in this study concurrently. This is a method utilizing the multiapplication capability of NexCard v2.0 to execute the same AES algorithm as an on-card applet. Although the performance of CSOD is not as good as AES embedded method, CSOD can provide the same result in the situation of adaptability and extendibility.

Design and implementation of a live-analysis digital forensic system

As the popularity of the internet continues growing, not only change our life, but also change the way of crime. Number of crime by computer as tools, place or target, cases of such offenders increases these days, fact to the crime of computer case traditional investigators have been unable to complete the admissibility of evidence. To solve this problem, we must collect the evidence by digital forensics tools and analysis the digital data, or recover the damaged data. In this research, we use the open source digital forensics tools base on Linux and want to make sure the stability of software then prove the evidence what we have. To avoid the data loss due to the shutdown of machines, we use the Live-analysis to collect data and design the Live DVD/USB to make image file and analysis the image. We use the MD5 and SHA-1 code to identity the file before the final report and ensure the reliability of forensic evidence on court.

Fast Deployment of Computer Forensics with USBs

As popularity of the Internet continues to grow, it changes the way of computer crime. Number of computer crime increases dramatically in recent years and investigators have been facing the difficulty of admissibility of digital evidence. To solve this problem, we must collect evidence by digital forensics techniques and analyze the digital data, or recover the damaged data. In this research, we integrate several open source digital forensics tools and create a graphic user interface to develop a user-friendly environment for investigators. To avoid evidence loss due to shutdown of target hosts, we use the live analysis technique to collect volatile data with executing commands from an external USB. We also create a live USB so that target hosts can boot from the USB which contains a functional operating system with tools for forensic discovery.

Designing a Taxonomy of Web Attacks

It has been discovered in recent years that the Internet attacks started by improper authorization on Web servers and Web applications. The top 10 Web vulnerabilities issued by OWASP and the top 20 security risks issued by SANS demonstrated that Web attacks is one of the most important network security problems. Therefore, with the help from Web attack taxonomy, we can classify the attack type with vulnerability characteristic and efficiently response with actions and find the characteristic. The new taxonomy proposed by this research is based on the HTTP method that include dangerous method such as PUT, DELETE, TRACE, and CONNECT. When threat events occur in network systems, we could more effectively categorize the possible malicious attacks with the proposed taxonomy.

Design and implementation of a distributed early warning system combined with intrusion detection system and honeypot

Network attack and defense is a never-ending war. Along with the rapid development of the Internet, network attacks have increased and diversified. Use of traditional firewall and intrusion detection technologies cannot match to this rapid change. In response to this trend, we designed and implemented a distributed early warning system where several clients collected a wide range of network attack activities, such as malicious codes, sent attack activities back to a central server, and provided warning messages to the network administrator. The proposed system consists of Snort intrusion detection system with Nepenthes/Sebek honeypot software. This combination comes with client and server architecture so that various aspects of attack-oriented records with analytical capabilities are provided. Network administrators will receive warning notices when the entire network under monitoring was attacking. To reduce the burden on the deployment of distributed early warning system, we also implemented the system on the live USB and our system can be easily installed with high portability and plug-and-play features.

Implementation of an Electronic Voting System with Contactless IC Cards for Small-Scale Voting

There have been several studies on using computer technologies to improve elections and these studies lead to widespread adoption of “direct recording electronic” (DRE) voting systems in recent years. In an electronic-voting system, voters go to their voting places and prove that they are allowed to vote there by presenting an ID card with signet. After this, the voter is given a token that allows them to vote for their candidates of choice at a voting machine. When the voter’s selection is complete, DRE systems with typically present a summary of the voter’s selections, giving them a final chance to make changes. Subsequent to this, the ballot is cast and voter shall return the given token to ballot box and leave voting place.In this research, we design and implement an e-voting system that provides DRE capability. Our e-voting system is equipped with an IC card reader and a touch-panel LCD. Cost and security are the two most important facts to the success of our e-voting system. Low cost on the token is obtained by selecting re-usable contactless IC card as voting token. Security of our e-voting machine is obtained not by secrecy, but by openness and secure coding of software.

Fast Deployment of Botnet Detection with Traffic Monitoring

Gait, or the style of walking, is a very common behavior we can observe in daily life. Gait directly or indirectly reflects body conditions: when someone limps, there will be disturbance in his gait. In this paper, aspect ratio wave (AR wave) obtained from video sequences is proposed to detect the abnormality in walking. It was shown that several abnormal stride patterns can be clearly observed from AR waves.