Samuel Galice

Improving integral attacks against Rijndael-256 up to 9 rounds

Rijndael is a block cipher designed by V. Rijmen and J. Daemen and it was chosen in its 128-bit block version as AES by the NIST in October 2000. Three key lengths - 128, 192 or 256 bits - are allowed. In the original contribution describing Rijndael [4], two other versions have been described: Rijndael-256 and Rijndael-192 that respectively use plaintext blocks of length 256 bits and 192 bits under the same key lengths and that have been discarded by the NIST. This paper presents an efficient distinguisher between 4 inner rounds of Rijndael- 256 and a random permutation of the blocks space, by exploiting the existence of semi-bijective and Integral properties induced by the cipher. We then present three attacks based upon the 4 rounds distinguisher against 7, 8 and 9 rounds versions of Rijndael-256 using the extensions proposed by N. ferguson et al. in [6]. The best cryptanalysis presented here works against 9 rounds of Rijndael-256 under a 192-bit key and requires 2128 - 2119 chosen plaintexts and 2188 encryptions.

A trust protocol for community collaboration

In ambient environments, new security challenges that are not adequately addressed by existing security models appear. In such context, intelligent communication devices participate to spontaneous and self-organized networks where unexpected interactions with unknown devices take place. Without centralized organization, security turns in a risk management problem.

Identity-Based Cryptosystems for Enhanced Deployment of OSGi Bundles

The OSGi platform is designed to make Java software extensible at runtime. This undeniably presents a great interest in several domains like embedded platforms or enterprise application servers. However, securing the deployment of the OSGi components, or bundles, proves to be a major challenge. The current approach consists in digitally signing the bundles and certifying the signature through a public key infrastructure (PKI). We propose to replace this technology with an identity-based cryptosystem, which provides both better performances and simplified key management. We present an infrastructure for initialization and use of identity-based cryptography, and define the digital signature of bundles using such a cryptographic scheme. Based on our implementation, we provide a comparison between classical PKI management and identity-based PKI management. The proposed approach proves to support radical improvement in the key management process, especially in strongly asymmetric system such as OSGi-based home gateway, where a few providers publish services for millions of potential users.

Cryptographic protocol to establish trusted history of interactions

In the context of ambient networks, this article describes a cryptographic protocol called Common History Extraction (CHE) protocol implementing a trust management framework. All the nodes are supposed to share the same cryptographic algorithms and protocols. An entity called imprinting station provides them with two pairs of public/private keys derived from their identities. Also, two strange nodes wanting to initiate an interaction have to build a seed of trust. The trust between two nodes is based on a mutual proof of previous common met nodes.

A History-Based Framework to Build Trust Management Systems

In the context of ambient networks where each small device must trust its neighborhood rather than a fixed network, we propose in this paper a trust management framework based upon social patterns. As in human interactions model, our proposal build trust using history elements of past interactions with a local reputation model. The main features of our framework is the non transitivity of the trust bond and the non transferability of the history. The elements of history are also cryptographically proved as a criterion to enforce the trust notion. This gives a general framework that permits the implementation of various trust models