Zbigniew Kotulski

APPLICATION OF DISCRETE CHAOTIC DYNAMICAL SYSTEMS IN CRYPTOGRAPHY — DCC METHOD

In the paper we propose a method of constructing cryptosystems, utilizing a nonpredictability property of discrete chaotic systems. We point out the requirements for such systems to ensure their security. The presented algorithms of encryption and decryption are based on multiple iteration of a certain dynamical chaotic system coming from gas dynamics models. A plaintext message specifies a part of the initial condition of the system (a particles initial position). A secret key specifies the remaining part of initial condition (the particles initial angle) as well as a sequence of discrete choices of the pre-images in the encryption procedure. We also discuss problems connected with the practical realization of such chaotic cryptosystems. Finally we demonstrate numerical experiments illustrating the basic properties of the proposed cryptosystem.

Adaptable security mechanism for dynamic environments

Electronic services in dynamic environment (e.g. e-government, e-banking, e-commerce, etc.), meet many different barriers reducing their efficient applicability. One of them is the requirement of information security when it is transmitted, transformed, and stored in an electronic service. It is possible to provide the appropriate level of security by applying the present-day information technology. However, the level of protection of information is often much higher than it is necessary to meet potential threats. Since the level of security strongly affects the performance of the whole system, the excessive protection decreases its reliability and availability and, as a result, its global security. In this paper we present a mechanism of adaptable security for, digital information transmission systems (being usually the crucial part of e-service). It makes it possible to guarantee the adequate level of protection for actual level of threats dynamically changing in the environment. In our model the basic element of the security is the Public Key Infrastructure (PKI) is enriched with specific cryptographic modules.

Towards Quality of Experience-based reputation models for future web service provisioning

This paper concerns the applicability of reputations systems for assessing Quality of Experience (QoE) for web services in the Future Internet. Reputation systems provide mechanisms to manage subjective opinions in societies and yield a general scoring of a particular behavior. Thus, they are likely to become an important ingredient of the Future Internet. Parameters under evaluation by a reputation system may vary greatly and, particularly, may be chosen to assess the users’ satisfaction with (composite) web services. Currently, this satisfaction is usually expressed by QoE, which represents subjective users’ opinions. The goal of this paper is to present a novel framework of web services where a reputation system is incorporated for tracking and predicting of users’ satisfaction. This approach is a beneficial tool which enables providers to facilitate service adaptation according to users’ expectations and maintain QoE at a satisfactory level. Presented reputation systems operate in an environment of composite services that integrate client and server-side. This approach is highly suitable for effective QoE differentiating and maximizing user experience for specific customer profiles as even the service and network resources are shared.

Effects of parameter uncertainty on the response of vibratory systems to random excitation

Abstract Vibratory systems subjected to a stationary random external excitation and having random uncertainties in parameters are analyzed. Some quantities characterizing the quality of such systems (quality measures) are defined and evaluated; they are, for example, the average number of level crossings, the average number of maxima, and the departure from normality. The effects of random uncertainty in system parameters on the quality measures are investigated (analytically and numerically) via conditioning. This means that first the conditional quantities (obtained for fixed parameters) are used and then integration with respect to the appropriate distribution is performed. The analysis includes also a discussion of the quality predictions for systems subjected to a random excitation with an exponential correlation by considering a system with an “equivalent” white noise excitation.

Adaptive Approach to Network Security

The security of information exchange between the parts in the teleinformatic infrastructure is one of the crucial topics. During the protecting the infrastructure of the organization, one can use a lot of mechanisms which are often based on the cryptographic primitives. Traditionally, the security officers model the protection system to be as strong as it is possible. However, the level of protection of information is often much higher than it is necessary to meet potential threats. Since the level of security strongly affects the performance of the whole system, the excessive protection decreases its reliability and availability and, as a result, its global security. The appropriate security level can be estimated by means of different quality of protection models. In this paper we are going to present the approach how to introduce the adaptability to the network. We are basing on the adaptable security model for dynamic environment which calculates the protection level by means of the risk management processes. The analysis is assisted by the security management tool (SPOT) which visualizes and optimizes the adaptable model mentioned above. Finally, we present the case study introducing the network adaptability of the cryptographic protocol.

Pseudorandom Number Generators Based on Chaotic Dynamical Systems

Pseudorandom number generators are used in many areas of contemporary technology such as modern communication systems and engineering applications. In recent years a new approach to secure transmission of information based on the application of the theory of chaotic dynamical systems has been developed. In this paper we present a method of generating pseudorandom numbers applying discrete chaotic dynamical systems. The idea of construction of chaotic pseudorandom number generators (CPRNG) intrinsically exploits the property of extreme sensitivity of trajectories to small changes of initial conditions, since the generated bits are associated with trajectories in an appropriate way. To ensure good statistical properties of the CPRBG (which determine its quality) we assume that the dynamical systems used are also ergodic or preferably mixing. Finally, since chaotic systems often appear in realistic physical situations, we suggest a physical model of CPRNG.

A Light-Weight e-Voting System with Distributed Trust

A new agent-based scheme for secure electronic voting is proposed in the paper. The scheme is universal and can be realized in a network of stationary and mobile electronic devices. The proposed mechanism supports the implementation of a user interface simulating traditional election cards, semi-mechanical voting devices or utilization purely electronic voting booths. The security mechanisms applied in the system are based on verified cryptographic primitives: the secure secret sharing scheme and Merkles puzzles. Due to pre-computations during the generation of agent, the voter need not to do computations. The proposed distributed trust architecture makes the crucial stage of sending votes elastic, reliable, and effective.

Analysis of different architectures of neural networks for application in Intrusion Detection Systems

Usually, intrusion detection systems (IDS) work using two methods of identification of attacks: by signatures that are specific defined elements of the network traffic possible to identification and by anomalies being some deviations form of the network behavior assumed as normal. In the both cases one must pre-defined the form of the signature (in the first case) and the networkpsilas normal behavior (in the second one). In this paper we propose application of neural networks (NN) as a tool for application in IDS. Such a method makes possible utilization of the NN learning property to discover new attacks, so (after the training phase) we need not deliver attackspsila definitions to the IDS. In the paper, we study usability of several NN architectures to find the most suitable for the IDS application purposes.

New VoIP traffic security scheme with digital watermarking

In this paper we propose a new, lightweight, no bandwidth consuming authentication and integrity scheme for VoIP service based on SIP as a signalling protocol. It is shared password mechanism and this solution exploits digital watermarking. Nowadays, there are many applications of this technique, such as solving copyright protection problems, but we propose to use it to secure the transmitted audio and signalling protocol that IP Telephony is based on simultaneously. This solution can be the potential answer to the problem VoIP faces today: finding a scalable and universal mechanism for securing VoIP traffic (voice and the signalling protocol messages) at the same time. It can greatly improve, if we combine it with existing security mechanisms, overall IP Telephony systems security.

CMAC, CCM and GCM/GMAC: Advanced modes of operation of symmetric block ciphers in wireless sensor networks

Symmetric block ciphers are usually used in WSN for security services. This paper puts forward the idea of using advanced modes of operation of symmetric block ciphers to achieve confidentiality and authentication in one cryptographic operation. The modes of operation approved by NIST that is CMAC, CCM, GCM/GMAC are applied here. The benchmarks of these approaches in the terms of efficiency of nodes in WSN are presented.