M. Anwar Hasan

Selected Areas in Cryptography

Stream Cipher Cryptanalysis.- An Improved Correlation Attack on A5/1.- Extending the Resynchronization Attack.- A New Simple Technique to Attack Filter Generators and Related Ciphers.- Side-Channel Analysis.- On XTR and Side-Channel Analysis.- Provably Secure Masking of AES.- Block Cipher Design.- Perfect Diffusion Primitives for Block Ciphers.- Security of the MISTY Structure in the Luby-Rackoff Model: Improved Results.- FOX : A New Family of Block Ciphers.- Efficient Implementations.- A Note on the Signed Sliding Window Integer Recoding and a Left-to-Right Analogue.- Fast Irreducibility Testing for XTR Using a Gaussian Normal Basis of Low Complexity.- Modular Number Systems: Beyond the Mersenne Family.- Efficient Doubling on Genus Two Curves over Binary Fields.- Secret Key Cryptography I.- About the Security of Ciphers (Semantic Security and Pseudo-Random Permutations).- A Subliminal Channel in Secret Block Ciphers.- Blockwise Adversarial Model for On-line Ciphers and Symmetric Encryption Schemes.- Cryptanalysis.- Cryptanalysis of a White Box AES Implementation.- Predicting Subset Sum Pseudorandom Generators.- Collision Attack and Pseudorandomness of Reduced-Round Camellia.- Cryptographic Protocols.- Password Based Key Exchange with Mutual Authentication.- Product Construction of Key Distribution Schemes for Sensor Networks.- Deterministic Key Predistribution Schemes for Distributed Sensor Networks.- On Proactive Secret Sharing Schemes.- Secret Key Cryptography II.- Efficient Constructions of Variable-Input-Length Block Ciphers.- A Sufficient Condition for Optimal Domain Extension of UOWHFs.

Enabling Dynamic Data and Indirect Mutual Trust for Cloud Computing Storage Systems

Storage-as-a-service offered by cloud service providers (CSPs) is a paid facility that enables organizations to outsource their sensitive data to be stored on remote servers. In this paper, we propose a cloud-based storage scheme that allows the data owner to benefit from the facilities offered by the CSP and enables indirect mutual trust between them. The proposed scheme has four important features: 1) it allows the owner to outsource sensitive data to a CSP, and perform full block-level dynamic operations on the outsourced data, i.e., block modification, insertion, deletion, and append, 2) it ensures that authorized users (i.e., those who have the right to access the owners file) receive the latest version of the outsourced data, 3) it enables indirect mutual trust between the owner and the CSP, and 4) it allows the owner to grant or revoke access to the outsourced data. We discuss the security issues of the proposed scheme. Besides, we justify its performance through theoretical analysis and a prototype implementation on Amazon cloud platform to evaluate storage, communication, and computation overheads.

Subquadratic Computational Complexity Schemes for Extended Binary Field Multiplication Using Optimal Normal Bases

Based on a recently proposed Toeplitz matrix-vector product approach, a subquadratic computational complexity scheme is presented for multiplications in binary extended finite fields using type I and II optimal normal bases.

Efficient digit-serial normal basis multipliers over binary extension fields

In this article, two digit-serial architectures for normal basis multipliers over (GF(2m)) are presented. These two structures have the same gate count and gate delay. We also consider two special cases of optimal normal bases for the two digit-serial architectures. A straightforward implementation leaves gate redundancy in both of them. An algorithm that can considerably reduce the redundancy is also developed. The proposed architectures are compared with the existing ones in terms of gate and time complexities.

Provable Multicopy Dynamic Data Possession in Cloud Computing Systems

Increasingly more and more organizations are opting for outsourcing data to remote cloud service providers (CSPs). Customers can rent the CSPs storage infrastructure to store and retrieve almost unlimited amount of data by paying fees metered in gigabyte/month. For an increased level of scalability, availability, and durability, some customers may want their data to be replicated on multiple servers across multiple data centers. The more copies the CSP is asked to store, the more fees the customers are charged. Therefore, customers need to have a strong guarantee that the CSP is storing all data copies that are agreed upon in the service contract, and all these copies are consistent with the most recent modifications issued by the customers. In this paper, we propose a map-based provable multicopy dynamic data possession (MB-PMDDP) scheme that has the following features: 1) it provides an evidence to the customers that the CSP is not cheating by storing fewer copies; 2) it supports outsourcing of dynamic data, i.e., it supports block-level operations, such as block modification, insertion, deletion, and append; and 3) it allows authorized users to seamlessly access the file copies stored by the CSP. We give a comparative analysis of the proposed MB-PMDDP scheme with a reference model obtained by extending existing provable possession of dynamic single-copy schemes. The theoretical analysis is validated through experimental results on a commercial cloud platform. In addition, we show the security against colluding servers, and discuss how to identify corrupted copies by slightly modifying the proposed scheme.

Towards fault-tolerant cryptographic computations over finite fields

Cryptographic schemes, such as authentication, confidentiality, and integrity, rely on computations in very large finite fields, whose hardware realization may require millions of logic gates. In a straightforward design, even a single fault in such a complex circuit is likely to yield an incorrect result and may be exploited by an attacker to break the cryptosystem. In this regard, we consider computing over finite fields in presence of certain faults in multiplier circuits. Our work reported here deals with errors caused by such faults in polynomial basis multipliers over finite fields of characteristic two and presents a scheme to correct single errors. Towards this, pertinent theoretical results are derived, and both bit-parallel and bit-serial fault tolerant multipliers are proposed.

Comments on "Five, Six, and Seven-Term Karatsuba-Like Formulae

For original paper see P.L. Montgomery, ibid., vol.54, no.3, p.362-369, (2005). We show that multiplication complexities of n-term Karatsuba-Like formulae of GF(2)[x] (7<n<19) presented in the above paper can be further improved using the Chinese Remainder Theorem and the construction multiplication modulo (x-infin)w

Fault Attacks on Elliptic Curve Cryptosystems

While there is no known subexponential algorithm for the elliptic curve discrete logarithm problem, elliptic curve cryptosystems have been shown to be vulnerable to a wide range of attacks that target their implementation rather than their mathematical foundation. Fault analysis attacks exploit faults that can occur in the implementation of an elliptic curve cryptosystem to discover the secret information partially or fully. Faults can be injected in a variety of ways and almost all parts of the system can be targeted, e.g., the base point, system parameters, intermediate results, dummy operations and validation tests. In this chapter, we review a collection of the known fault analysis attacks on elliptic curve cryptosystems. We also briefly discuss the known countermeasures to various attacks and comment on their effectiveness.

Multiway Splitting Method for Toeplitz Matrix Vector Product

Computing the product of a Toeplitz matrix and a vector arises in various applications including cryptography. In this paper, we consider Toeplitz matrices and vectors with entries in

On binary signed digit representations of integers

({\hbox{\rlap{I}\kern 2.0pt{\hbox{F}}}}_2)