J.C. Hernandez

Introduction to the Applications of Evolutionary Computation in Computer Security and Cryptography

Techniques taken from the field of Artificial Intelligence, especially Evolutionary Computation (Genetic Algorithms and Genetic Programming, but also others) are steadily becoming more and more present in the area of computer security, both in network/host security and in the very demanding area of cryptology. In recent years, many algorithms that take advantage of approaches based on Evolutionary Computation have been proposed, for example, in the design and analysis of a number of new cryptographic primitives, ranging from pseudo-random number generators to block ciphers, in the cryptanalysis of state-of-the-art cryptosystems, and in the detection of network attacking patterns, to name a few. There is a growing interest from the computer security community toward Evolutionary Computation techniques, as a result of these recent successes, but there still are a number of open problems in the field that should be addressed.

Finding efficient distinguishers for cryptographic mappings, with an application to the block cipher TEA

A simple way of creating new and efficient distinguishers for cryptographic primitives such as block ciphers or hash functions is introduced. This technique is then successfully applied over reduced round versions of the block cipher TEA, which is proven to be weak with less than five rounds.

Reference chromosome to overcome user fatigue in IEC

Evolutionary Computation encompasses computational models that follow a biological evolution metaphor. The success of these techniques is based on the maintenance of the genetic diversity, for which it is necessary to work with large populations. However, it is not always possible to deal with such large populations, for instance, when the adequacy values must be estimated by a human being (Interactive Evolutionary Computation, IEC). This work introduces a new algorithm which is able to perform very well with a very low number of individuals (micropopulations) which speeds up the convergence and it is solving problems with complex evaluation functions. The new algorithm is compared with the canonical genetic algorithm in order to validate its efficiency. Two experimental frameworks have been chosen: table and logotype designs. An objective evaluation measures has been proposed to avoid user interaction in the experiments. In both cases the results show the efficiency of the new algorithm in terms of quality of solutions and convergence speed, two key issues in decreasing user fatigue.

Genetic Cryptoanalysis of Two Rounds TEA

Distinguishing the output of a cryptographic primitive such as a block cipher or a habh function from the output of a random mapping seriously affects the credibility of the primitive security, and defeats it for many cryptographic applications. However, this is usually a quite difficult task. In a previous work [1], a new cryptoanalytic technique was presented and proved useful in distinguishing a block cipher from a random permutation in a completely automatic way. This technique is based in the selection of the worst input patterns for the block cipher with the aid of genetic algorithms. The objective is to find which input patters generate a significant deviation of the observed output from the output we would expect from a random permutation. In [1], this technique was applied to the case of the block cipher TEA with 1 round. The much harder problem of breaking TEA with 2 rounds is successfully solved in this paper, where an efficient distinguisher ia also presented.

Low computational cost integrity for block ciphers

Encryption algorithms supply confidentiality to communications between parties. However, only under certain circumstances, encryption might also supply integrity validation. For those situations, where encryption algorithms do not supply any integrity protection, additional mechanisms must be implemented (hash functions, digital signature). In this way, many solutions have been proposed in the literature, which achieve confidentiality and integrity checking (some of them also provide authentication), however these methods usually represent a relatively high computational cost. This paper presents a new encryption mode for block cipher algorithms, which is based on the Plaintext Cipher Block Chaining (from now on, PCBC) mode. Our new mode supplies, apart from confidentiality, fast integrity checking with a minimum computational cost. This makes it eminently suitable for ensuring data integrity in GIS systems and at the same time assuring some other GIS requirements.

On the design of state-of-the-art pseudorandom number generators by means of genetic programming

The design of pseudorandom number generators by means of evolutionary computation is a classical problem. Today, it has been mostly and better accomplished by means of cellular automata and not many proposals, inside or outside this paradigm could claim to be both robust (passing all the statistical tests, including the most demanding ones) and fast, as is the case of the proposal we present here. Furthermore, for obtaining these generators, we use a radical approach, where our fitness function is not at all based in any measure of randomness, as is frequently the case in the literature, but of nonlinearity. Efficiency is assured by using only very efficient operators (both in hardware and software) and by limiting the number of terminals in the genetic programming implementation.

Migration of Internet security protocols to the IPSEC framework

Nowadays it is clear that security protocols will implement a very important part of the communications accomplished through the future Internet. Efforts made by the IETF have produced the first Internet Protocol version that includes security services, this framework is called IPSEC and it is a flexible solution designed taking into account the heterogeneity of the Internet. In fact the IPSEC mechanisms supply confidentiality, integrity and authentication of IP packets (implemented by the Authentication Header -AHand the Encapsulated Security Payload -ESP). But this new framework also provides another security service that is not widely known, this is the ISAKMP protocol (Internet Security Association and Key Management Protocol) that allows negotiating security parameters over the Internet. Those security parameters include the cipher algorithm to use the cipher key, the hash function, etc. These parameters are grouped in a Security Association that will be referenced in the first step of the security protocol. The ISAKMP is used by AH and ESP to establish the security associations needed to accomplish the protocols. However ISAKMP advantages can be exploited by any other security protocol, and in this way it will be possible to avoid the duplicity of single purpose negotiations of security parameters. Current security protocols negotiate parameters by exchanging messages. SSL is an example where the first part of its message is used to negotiate the security parameters. We describe a methodology for the migration of aged security protocols to an ISAKMP negotiation. We identify the phases for the migration from the definition of a domain of interpretation to specify the parameters that must be included into the security associations.

New results on the genetic cryptanalysis of TEA and reduced-round versions of XTEA

Recently, a simple way of creating very efficient distinguishers for cryptographic primitives such as block ciphers or hash functions, was presented by the authors. Here, this cryptanalysis attack is shown to be successful when applied over reduced round versions of the block cipher XTEA. Additionally, a variant of this genetic attack is introduced and its results over TEA shown to be the most powerful published to date.

A first step towards automatic hoax detection

Recent hoaxes, specially virus-related hoaxes, have shown a previously unknown degree of danger. Although current policies against hoaxes are certainly helpful, their ability for dealing with them is very limited, especially against some of the new and more imaginative types of hoaxes outlined in this article. The expansion of the Internet, and the corresponding boost in hoax evolution, have increased the need for automatic detection tools, and everything suggests this need is going to grow in the near future. In this work, after a quick introduction to the past, present and future of hoaxes, their quick change rate and the difficulties and limits for their automatic detection are highlighted. The paper proposes two approaches: heuristics, which should be enough for dealing with the easiest and most common ones, and traffic analysis to fight the toughest.

Finding Efficient Distinguishers for Cryptographic Mappings, with an Application to the Block Cipher TEA

A simple way of creating new and efficient distinguishers for cryptographic primitives such as block ciphers or hash functions is introduced. This technique is then successfully applied over reduced round versions of the block cipher TEA, which is proven to be weak with less than five rounds.A simple way of creating new and very efficient distinguishers for cryptographic primitives, such as block ciphers or hash functions, is introduced. This technique is then successfully applied over reduced round versions of the block cipher TEA, which is proven to be weak with less than five cycles.