James P. Hughes

Performance of checksums and CRCs over real data

Checksum and CRC algorithms have historically been studied under the assumption that the data fed to the algorithms was entirely random. This paper examines the behavior of checksums and CRCs over real data from various UNIX® file systems. We show that, when given real data in small to modest pieces (e.g., 48 bytes), all the checksum algorithms have skewed distributions. In one dramatic case, 0.01% of the check values appeared nearly 19% of the time. These results have implications for CRCs and checksums when applied to real data. They also cause a spectacular failure rate for the both TCP and Fletchers checksums when trying to detect certain types of packet splices.

Public Keys

We performed a sanity check of public keys collected on the web and found that the vast majority works as intended. Our main goal was to test the validity of the assumption that different random choices are made each time keys are generated. We found that this is not always the case, resulting in public keys that offer no security. Our conclusion is that generating secure public keys in the real world is challenging. We did not study usage of public keys.

Performance of checksums and CRC's over real data

Checksum and cyclic redundancy check (CRC) algorithms have historically been studied under the assumption that the data fed to the algorithms was uniformly distributed. This paper examines the behavior of checksums and CRCs over real data from various UNIX file systems. We show that, when given real data in small to modest pieces (e.g., 48 bytes), all the checksum algorithms have skewed distributions. These results have implications for CRCs and checksums when applied to real data. They also can cause a spectacular failure rate for both the TCP and ones-complement Fletcher (1983) checksums when trying to detect certain types of packet splices. When measured over several large file systems, the 16 bit TCP checksum performed about as well as a 10-bit CRC. We show that for fragmentation-and-reassembly error models, the checksum contribution of each fragment are, in effect, colored by the fragments offset in the splice. This coloring explains the performance of Fletchers sum on nonuniform data, and shows that placing checksum fields in a packet trailer is theoretically no worse than a header checksum field. In practice, the TCP trailer sums outperform even Fletcher header sums.

A Linear Algebraic Attack on the AAFG1 Braid Group Cryptosystem

Our purpose is to describe a promising linear algebraic attack on the AAFG1 braid group cryptosystem proposed in [2] employing parameters suggested by the authors. Our method employs the well known Burau matrix representation of the braid group and techniques from computational linear algebra and provide evidence which shows that at least a certain class of keys are weak. We argue that if AAFG1 is to be viable the parameters must be fashioned to defend against this attack.

Architecture of the Secure File System

The Secure File System (SFS) provides transparent, end-to-end encryption support to users accessing files across any network. In this paper the architecture of the Secure File System is described.

IEEE standards for encrypted storage

Numerous communications security standards - including IP security (IPsec), secure shell (SSH), and various forms of e-mail encryption - now exist to protect information in transit. However, businesses have come to realize that the mishandling of stored data - information at rest - is also a significant threat to them and their customers. Whether data is stolen, lost, or discarded, the results are the same: Information that should be confidential may no longer be. To address this deficiency, the IEEE Computer Societys Security in Storage Working Group (http://siswg.org) is developing Project 1619, Standard Architecture for Encrypted Shared Storage Media. P1619s goal is to enable the interoperable encryption of storage devices, provide methods for information owners to transfer key material, and facilitate product certification. The standard currently includes encryption at the physical level of disk and tape drives, and future efforts will extend it to objects and file systems.

Security in storage [standards]

This paper describes the development of IEEE Project P1619, a standard architecture for securing data from the time it is written to the time an authorized reader accesses it, regardless of how the data is transmitted or stored.

Streamed or detached triple integrity for a time stamped secure storage system

Organizations and companies with integrity concerns for their archivals are currently left with very few and unconvenient solutions. To cope with those needs, a Time Stamped Virtual WORM system has been proposed previously, but only its concepts and theory have been examined yet. Hence, this paper focuses on defining practical block formats to help implement this system in reality. But there are several pitfalls on the path of implementation, and this paper has to be extremely cautious not to introduce any limit - or security flaw into virtual WORMs. With such requirements, two different block formats are successfully defined: a streamed format where security data is inserted within users documents, and a detached format where security information is written in a different location. Finally, the detached format is studied in the sample case of a tamper-evident FTP server.

HIPPI (high performance parallel interface)

The HIPPI data channel and how it is used from a standard data channel, a standard internetworking, and a standard protocol viewpoint are described. Performance is also briefly discussed, as are some existing implementations of switches and other HIPPI realizations.<<ETX>>