Your search keyword '"Bagheri, Nasour"' showing total 70 results

1. Deep learning based bio-metric authentication system using a high temporal/frequency resolution transform.

Author

Maleki Lonbar, Sajjad, Beigi, Akram, Bagheri, Nasour, Peris-Lopez, Pedro, and Camara, Carmen

Subjects

RESEARCH funding, BIOMETRY, CONVOLUTIONAL neural networks, DESCRIPTIVE statistics, ELECTROCARDIOGRAPHY, DEEP learning, MACHINE learning, ALGORITHMS

Abstract

Introduction: Identity verification plays a crucial role in modern society, with applications spanning from online services to security systems. As the need for robust automatic authentication systems increases, various methodologies—software, hardware, and biometric—have been developed. Among these, biometric modalities have gained significant attention due to their high accuracy and resistance to falsification. This paper focuses on utilizing electrocardiogram (ECG) signals for identity verification, capitalizing on their unique, individualized characteristics. Methods: In this study, we propose a novel identity verification framework based on ECG signals. Notable datasets, such as the NSRDB and MITDB, are employed to evaluate the performance of the system. These datasets, however, contain inherent noise, which necessitates preprocessing. The proposed framework involves two main steps: (1) signal cleansing to remove noise and (2) transforming the signals into the frequency domain for feature extraction. This is achieved by applying the Wigner-Ville distribution, which converts ECG signals into image data. Each image captures unique cardiac signal information of the individual, ensuring distinction in a noise-free environment. For recognition, deep learning techniques, particularly convolutional neural networks (CNNs), are applied. The GoogleNet architecture is selected for its effectiveness in processing complex image data, and is used for both training and testing the system. Results: The identity verification model achieved impressive results across two benchmark datasets. For the NSRDB dataset, the model achieved an accuracy of 99.3% and an Equal Error Rate (EER) of 0.8%. Similarly, for the MITDB dataset, the model demonstrated an accuracy of 99.004% and an EER of 0.8%. These results indicate that the proposed framework offers superior performance in comparison to alternative biometric authentication methods. Discussion: The outcomes of this study highlight the effectiveness of using ECG signals for identity verification, particularly in terms of accuracy and robustness against noise. The proposed framework, leveraging the Wigner-Ville distribution and GoogleNet architecture, demonstrates the potential of deep learning techniques in biometric authentication. The results from the NSRDB and MITDB datasets reflect the high reliability of the model, with exceptionally low error rates. This approach could be extended to other biometric modalities or combined with additional layers of security to enhance its practical applications. Furthermore, future research could explore additional preprocessing techniques or alternative deep learning architectures to further improve the performance of ECG-based identity verification systems. [ABSTRACT FROM AUTHOR]

Published

2024

2. Toward designing a lightweight RFID authentication protocol for constrained environments.

Author

Zarbi, Nasser, Zaeembashi, Ali, Bagheri, Nasour, and Adeli, Morteza

Subjects

COMPUTER network security, IMPERSONATION, DISCLOSURE, PRIVACY, LOGIC

Abstract

In present times, Radio‐Frequency Identification (RFID) systems have seen a significant rise in their usage. There has been an increasing interest in developing even lighter RFID protocols suitable for resource‐constrained environments. Ensuring security and privacy remain critical challenges in RFID‐based systems. Recently proposed lightweight authentication schemes, namely LRSAS+ and LRARP+, are ideally suited for constrained devices. However, this article investigates these schemes and reveals certain vulnerabilities: LRSAS+ is susceptible to tag impersonation, desynchronization, and traceability attacks, while LRARP+ can fall prey to traceability and secret disclosure attacks. An enhanced version of these authentication systems is proposed that tackles their inherent weaknesses by leveraging the χper$\chi per$ function. To verify the security of the proposed scheme, a formal analysis is conducted using Gong–Needham–Yahalom logic (GNY logic) and an automated security protocol verification tool, ProVerif. The improved scheme's effectiveness is also compared with multiple contemporary lightweight systems. The results indicate that the enhanced scheme not only meets the security requirements for lightweight authentication schemes but also achieves this with minimal computational overhead. [ABSTRACT FROM AUTHOR]

Published

2024

3. The Rise of Passive RFID RTLS Solutions in Industry 5.0.

Author

Bendavid, Ygal, Rostampour, Samad, Berrabah, Yacine, Bagheri, Nasour, and Safkhani, Masoumeh

Subjects

DIGITAL transformation, INDOOR positioning systems, RADIO frequency identification systems, INDUSTRIAL sites, INTERNET of things

Abstract

In today's competitive landscape, manufacturing companies must embrace digital transformation. This study asserts that integrating Internet of Things (IoT) technologies for the deployment of real-time location systems (RTLS) is crucial for better monitoring of critical assets. Despite the challenge of selecting the right technology for specific needs from a wide range of indoor RTLS options, this study provides a solution to assist manufacturing companies in exploring and implementing IoT technologies for their RTLS needs. The current academic literature has not adequately addressed this industrial reality. This paper assesses the potential of Passive UHF RFID-RTLS in Industry 5.0, addressing the confusion caused by the emergence of new 'passive' RFID solutions that compete with established 'active' solutions. Our research aims to clarify the real-world performance of passive RTLS solutions and propose an updated classification of RTLS systems in the academic literature. We have thoroughly reviewed both the academic and industry literature to remain up to date with the latest market advancements. Passive UHF RFID has been proven to be a valuable addition to the RTLS domain, capable of addressing certain challenges. This has been demonstrated through the successful implementation in two industrial sites, each with different types of tagged objects. [ABSTRACT FROM AUTHOR]

Published

2024

4. Cryptanalysis of DBST, a lightweight block cipher.

Author

Sadeghi, Sadegh and Bagheri, Nasour

Published

2024

5. Using a privacy-enhanced authentication process to secure IoT-based smart grid infrastructures.

Author

Rostampour, Samad, Bagheri, Nasour, Ghavami, Behnam, Bendavid, Ygal, Kumari, Saru, Martin, Honorio, and Camara, Carmen

Subjects

MICROCONTROLLERS, ELLIPTIC curve cryptography, CYBER physical systems, ARDUINO (Microcontroller), COMPUTER networking equipment, INTERNET of things

Abstract

Over the last decade, technological advances in smart grids have permitted the modernization of legacy electricity networks. As Internet of Things (IoT)-based smart grids are becoming an efficient response to managing changing electric demand, the heterogeneous network of equipment required to make these Cyber-Physical Systems a reality poses some security threats. This paper proposes a novel mutual authentication and key agreement scheme to ensure communications security and protect users' privacy in smart grid applications. In the proposed scheme (named EPSG), an elliptic curve cryptography (ECC) module and a physical unclonable function (PUF) are used simultaneously to provide acceptable confidentiality and integrity levels. The security analysis demonstrates that the EPSG has a robust security posture regarding transferred messages on the communication channel and physical attacks. In addition, EPSG is resistant to modeling attacks as one of the main vulnerabilities of PUF modules. Furthermore, by implementing the EPSG on an Arduino UNO microcontroller, a comparative performance evaluation (e.g., Time 156 ms, Communication cost 1408 bits, and Energy consumption 13.728 mJ) demonstrates the efficiency of the proposed EPSG. [ABSTRACT FROM AUTHOR]

Published

2024

6. Smart Grid Security: A PUF-Based Authentication and Key Agreement Protocol.

Author

Bagheri, Nasour, Bendavid, Ygal, Safkhani, Masoumeh, and Rostampour, Samad

Subjects

ELLIPTIC curve cryptography, SMART meters, SMART devices, PUBLIC utilities, ENERGY industries

Abstract

A smart grid is an electricity network that uses advanced technologies to facilitate the exchange of information and electricity between utility companies and customers. Although most of the technologies involved in such grids have reached maturity, smart meters—as connected devices—introduce new security challenges. To overcome this significant obstacle to grid modernization, safeguarding privacy has emerged as a paramount concern. In this paper, we begin by evaluating the security levels of recently proposed authentication methods for smart meters. Subsequently, we introduce an enhanced protocol named PPSG, designed for smart grids, which incorporates physical unclonable functions (PUF) and an elliptic curve cryptography (ECC) module to address the vulnerabilities identified in previous approaches. Our security analysis, utilizing a real-or-random (RoR) model, demonstrates that PPSG effectively mitigates the weaknesses found in prior methods. To assess the practicality of PPSG, we conduct simulations using an Arduino UNO board, measuring computation, communication, and energy costs. Our results, including a processing time of 153 ms, a communication cost of 1376 bits, and an energy consumption of 13.468 mJ, align with the requirements of resource-constrained devices within smart grids. [ABSTRACT FROM AUTHOR]

Published

2024

7. χperbp: a cloud-based lightweight mutual authentication protocol.

Author

Adeli, Morteza, Bagheri, Nasour, Sadeghi, Sadegh, and Kumari, Saru

Subjects

KEY agreement protocols (Computer network protocols), RADIO frequency identification systems, INTERNET of things, COST analysis, CLOUD computing

Abstract

Cloud-based RFID is gaining popularity in tandem with the growth of cloud computing and the Internet of Things (IoT). The cloud-based RFID system is developed with the intent of providing real-time data that can be sent into the cloud for easy access and interpretation. The security and privacy of constrained devices in these systems is a challenging issues for many applications. To deal with this problem, we first introduce χ per, as a new hardware/software friendly component that can be implemented using bit-wise operations and extensively analyze its security. Next, we propose χ perbp, a lightweight authentication protocol based on χ per component. To evaluate the performance efficiency of our proposed scheme, we implement the χ perbp scheme on an FPGA module Xilinx Kintex-7 using the hardware description language VHDL. Our security and cost analysis of the proposed protocol shows that the proposed protocol provides desired security against various attacks, at a reasonable cost. Also, formal security evaluation using BAN logic and the Scyther tool indicates its security correctness. Besides, we analyze the security of a related protocol which has been recently proposed by Fan et al. It is a cloud-based lightweight mutual authentication protocol for RFID devices in an IoT system. The authors have claimed that their scheme is secure against active and passive attacks, however, our detailed security analysis in this paper demonstrates the major drawbacks of this protocol. More precisely, the proposed attack discloses the tag's secrets efficiently. Given the tag's secrets, any other attack will be trivial. [ABSTRACT FROM AUTHOR]

Published

2023

8. Exploiting statistical effective fault attack in a blind setting.

Author

Vafaei, Navid, Soleimany, Hadi, and Bagheri, Nasour

Subjects

DATA security, NOISE

Abstract

In order to obtain the secret key, the majority of physical attacks require knowledge of the plaintext or ciphertext, which may be unavailable or cannot be exploited. Blind attacks are introduced to do key recovery in circumstances where the adversary has no direct access to plaintext and ciphertext. A combination of fault and power attacks can circumvent typical countermeasures in this setting, for example, Fault Template Attack (FTA). However, FTA relies on bit fault injection, which is difficult to implement in practice. The SIFA‐blind, a framework for executing the Statistical Ineffective Fault Attack, is more flexible, but sensitivity to setup noise and missed faults is its main drawback. To address this deficiency, we suggest two ways to use Statistical Effective Fault Attack in a blind setting that are much less affected by missed faults and noise when measuring power traces, even though they do not use fault injection at the bit level. In order to demonstrate the viability and adaptability of our proposed attacks, we injected a fault via glitch frequency onto the ChipWhisperer board. While SEFA‐blind does not need a bit‐level fault, our results demonstrate that it is better than SIFA‐blind when the number of missed faults increases. [ABSTRACT FROM AUTHOR]

Published

2023

9. Toward Designing a Secure Authentication Protocol for IoT Environments.

Author

Hosseinzadeh, Mehdi, Malik, Mazhar Hussain, Safkhani, Masoumeh, Bagheri, Nasour, Le, Quynh Hoang, Tightiz, Lilia, and Mosavi, Amir H.

Abstract

Authentication protocol is a critical part of any application to manage the access control in many applications. A former research recently proposed a lightweight authentication scheme to transmit data in an IoT subsystem securely. Although the designers presented the first security analysis of the proposed protocol, that protocol has not been independently analyzed by third-party researchers, to the best of our knowledge. On the other hand, it is generally agreed that no cryptosystem should be used in a practical application unless its security has been verified through security analysis by third parties extensively, which is addressed in this paper. Although it is an efficient protocol by design compared to other related schemes, our security analysis identifies the non-ideal properties of this protocol. More specifically, we show that this protocol does not provide perfect forward secrecy. In addition, we show that it is vulnerable to an insider attacker, and an active insider adversary can successfully recover the shared keys between the protocol's entities. In addition, such an adversary can impersonate the remote server to the user and vice versa. Next, the adversary can trace the target user using the extracted information. Finally, we redesign the protocol such that the enhanced protocol can withstand all the aforementioned attacks. The overhead of the proposed protocol compared to its predecessor is only 15.5% in terms of computational cost. [ABSTRACT FROM AUTHOR]

Published

2023

10. ECG Identification Based on the Gramian Angular Field and Tested with Individuals in Resting and Activity States.

Author

Camara, Carmen, Peris-Lopez, Pedro, Safkhani, Masoumeh, and Bagheri, Nasour

Subjects

CONVOLUTIONAL neural networks, ELECTROCARDIOGRAPHY, SYSTEM identification, IDENTIFICATION, TIME series analysis

Abstract

In the last decade, biosignals have attracted the attention of many researchers when designing novel biometrics systems. Many of these works use cardiac signals and their representation as electrocardiograms (ECGs). Nowadays, these solutions are even more realistic since we can acquire reliable ECG records by using wearable devices. This paper moves in that direction and proposes a novel approach for an ECG identification system. For that, we transform the ECG recordings into Gramian Angular Field (GAF) images, a time series encoding technique well-known in other domains but not very common with biosignals. Specifically, the time series is transformed using polar coordinates, and then, the cosine sum of the angles is computed for each pair of points. We present a proof-of-concept identification system built on a tuned VGG19 convolutional neural network using this approach. We confirm our proposal's feasibility through experimentation using two well-known public datasets: MIT-BIH Normal Sinus Rhythm Database (subjects at a resting state) and ECG-GUDB (individuals under four specific activities). In both scenarios, the identification system reaches an accuracy of 91%, and the False Acceptance Rate (FAR) is eight times higher than the False Rejection Rate (FRR). [ABSTRACT FROM AUTHOR]

Published

2023

11. Improvement and Cryptanalysis of a Physically Unclonable Functions Based Authentication Scheme for Smart Grids.

Author

Safkhani, Masoumeh, Bagheri, Nasour, Ali, Saqib, Hussain Malik, Mazhar, Hassan Ahmed, Omed, Hosseinzadeh, Mehdi, and Mosavi, Amir H.

Subjects

SMART meters, CRYPTOGRAPHY, PUBLIC key cryptography, TELECOMMUNICATION systems, NUMBER systems, TRUST, IMPERSONATION, SMART cities

Abstract

Authentication protocols are often used in smart grids to deliver the necessary level of security. A huge number of clients in such a system, however, provides the attacker with the ability to clone them, for example. Device fingerprints, or Physically Unclonable Functions (PUF), have been investigated as an authentication feature to thwart such attacks. In order to accomplish the necessary security in smart grid neighborhood area network communications and to prevent unwanted physical access to smart meters, a former study designed a lightweight authentication system in this way. The suggested protocol uses PUFs to reduce physical attacks. As a consequence, the server/meter impersonation attack is one of the many assaults that this protocol is thought to be secure against. On the other hand, it is generally acknowledged that no security solution should be trusted unless its security has been verified by independent researchers. As a result, this paper assesses the security of this protocol against a typical adversary who has access to or influences over the messages carried over the public channel. This study demonstrates that the attacker is simply capable of impersonating the server for the meter and vice versa. In addition, the suggested attacks desynchronize them, making the adversary the only one capable of interacting with the meter in the role of the legal server rather than the latter. Each of the proposed attacks is extremely effective, and their success probability is almost 1. Finally, a modification is suggested that successfully fixes the protocol's security weaknesses. The security proof of the improved protocol has been done through the Scyther tool. The computational cost comparison shows that the overhead of the proposed protocol compared to the former scheme is 4.85%, while it withstands various attacks, including traceability, desynchronization, impersonation, man-in-the-middle, and secret disclosure attacks. [ABSTRACT FROM AUTHOR]

Published

2023

12. Practical Differential Fault Analysis on CRAFT, a Lightweight Block Cipher.

Author

Ramzanipour, Hamed, Vafaei, Navid, and Bagheri, Nasour

Subjects

BLOCK ciphers, FAULT location (Engineering), STATISTICS

Abstract

Differential fault analysis, a kind of active non-invasive attack, is an effective way of analyzing cryptographic primitives that have lately earned more attention. In this study, we apply this attack on CRAFT, a recently proposed lightweight tweakable block cipher, supported by simulation and experimental results. This cipher accepts a 64-bit Tweak, a 64-bit plaintext, and a 128-bit key to produce a 64-bit ciphertext. We assume that the target implementation of CRAFT does not use countermeasures in this paper. The considered fault model in the initial phase of this paper is a single-bit, but random nibble-injected fault, where we first present the fault injection attack as a simulation and then report on how to retrieve the round sub-keys. Next, we use frequency glitch as a fault injection technique in the experimental phase. This part aims to produce a single fault at a nibble in a specific round of the CRAFT. Following our statistical analysis and according to the simulation findings, we can reduce the key space to 30.28 and 24.37 bits, respectively, by using 4 and 5 faults. The experimental section also identifies the location of random faults injected by the hardware mechanism. [ABSTRACT FROM AUTHOR]

Published

2022

13. Practical Differential Fault Analysis on SKINNY.

Author

Vafaei, Navid, Porkar, Maryam, Ramzanipour, Hamed, and Bagheri, Nasour

Subjects

BLOCK ciphers, CRYPTOCURRENCIES, ALGORITHMS

Abstract

SKINNY is a lightweight tweakable block cipher that for the first time introduced in CRYPTO 2016. SKINNY is considered in two block sizes: 64 bits and 128 bits, as well as three TWEAK versions. In the beginning, this paper reflects our findings that improve the effectiveness of DFA analysis on SKINNY, then accomplishes the hardware implementation of this attack on SKINNY. Assuming that TWEAK is fixed, we first present the Enhanced DFA on SKINNY64-64 and SKINNY128-128. In order to retrieve the master key with the minimum number of faults, this approach depends on fault propagation in intermediate rounds. In our latest evaluations we can retrieve the master key with 2 and 3 faults in SKINNY64-64 and SKINNY128-128 respectively. This result should be compared with 3 and 4 faults for 64-bit and 128-bit versions respectively, in the models presented in the former work. Using the glitch model as well as a set of affordable hardware equipment, we injected faults into various rounds of the SKINNY algorithm in the implementation phase. More accurately, we can inject a single nibble fault into a particular round by determining the precise timing of the execution sub-function. [ABSTRACT FROM AUTHOR]

Published

2022

14. Defending Industry 4.0: An Enhanced Authentication Scheme for IoT Devices.

Author

Bagheri, Nasour, Kumari, Saru, Camara, Carmen, and Peris-Lopez, Pedro

Abstract

To address the security concerns of Industry 4.0, recently, Garg et al. proposed a lightweight authentication protocol, and Akram et al. showed some of its security drawbacks. We continue this line by exposing how Garg et al.’s protocol suffers from noninvasive and invasive attacks. First, we explain that a passive attacker can trace any two communicating nodes to compromise their location privacy. Next, we show that an active though noninvasive adversary can compromise the integrity of the exchanged messages without being detected and run a de-synchronization attack. Besides, the adversary can extract any shared session key from any pair of nodes in the protocol. We named this attack a pandemic session key disclosure attack, and its consequences are more harmful than the impersonation of a compromised node. Finally, we disclose how the proposed scheme does not guarantee the privacy protection for the keys when we assume an honest but curious server. To overcome those existing security flaws, we finally propose a revised protocol called TARDIGRADE. First, our informal analysis, and then, our formal security analysis using the real-or-random model shows that TARDIGRADE provides the desired security, and likewise, our performance analysis confirms a reasonable cost compared with Garg et al.’s protocol. [ABSTRACT FROM AUTHOR]

Published

2022

15. Statistical Effective Fault Attacks: The Other Side of the Coin.

Author

Vafaei, Navid, Zarei, Sara, Bagheri, Nasour, Eichlseder, Maria, Primas, Robert, and Soleimany, Hadi

Abstract

The introduction of Statistical Ineffective Fault Attacks (SIFA) has led to a renewed interest in fault attacks. SIFA requires minimal knowledge of the concrete implementation and is effective even in the presence of common fault or power analysis countermeasures. However, further investigations reveal that undesired and frequent ineffective events, which we refer to as the noise phenomenon, are the bottleneck of SIFA that can considerably diminish its strength. This includes noise associated with the attack’s setup and caused by the countermeasures utilized in the implementation. This research aims to address this significant drawback. We present two novel statistical fault attack variants that are far more successful in dealing with these noisy conditions. The first variant is the Statistical Effective Fault Attack (SEFA), which exploits the non-uniform distribution of intermediate variables in circumstances when the induced faults are effective. The idea behind the second proposed method, dubbed Statistical Hybrid Fault Attacks (SHFA), is to take advantage of the biased distributions of both effective and ineffective cases simultaneously. Our experimental results in various case studies, including noise-free and noisy setups, back up our reasoning that SEFA surpasses SIFA in several instances and that SHFA outperforms both or is at least as efficient as the best of them. For example, in the case of a 4-bits random-AND fault injected into the AES with a 35% missed fault rate, utilizing SEFA reduces the number of needed ciphertexts by 50%. In the same case study, SHFA can yield 10% and 55% reductions compared to SEFA and SIFA. [ABSTRACT FROM AUTHOR]

Published

2022

16. Proposing an MILP-based method for the experimental verification of difference-based trails: application to SPECK, SIMECK.

Author

Sadeghi, Sadegh, Rijmen, Vincent, and Bagheri, Nasour

Subjects

BLOCK ciphers, TRAILS, CIPHERS, CRYPTOGRAPHY

Abstract

Searching for the right pairs of inputs in difference-based distinguishers is an important task for the experimental verification of the distinguishers in symmetric-key ciphers. In this paper, we develop an MILP-based approach to verify the possibility of difference-based distinguishers and extract the right pairs. We apply the proposed method to some published difference-based trails (Related-Key Differentials (RKD), Rotational-XOR (RX)) of block ciphers SIMECK, and SPECK. As a result, we show that some of the reported RX-trails of SIMECK and SPECK are incompatible, i.e. there are no right pairs that follow the expected propagation of the differences for the trail. Also, for compatible trails, the proposed approach can efficiently speed up the search process of finding the exact value of a weak key from the target weak key space. For example, in one of the reported 14-round RX trails of SPECK, the probability of a key pair to be a weak key is 2 - 94.91 when the whole key space is 2 96 ; our method can find a key pair for it in a comparatively short time. It is worth noting that it was impossible to find this key pair using a traditional search. As another result, we apply the proposed method to SPECK block cipher, to construct longer related-key differential trails of SPECK which we could reach 15, 16, 17, and 19 rounds for SPECK32/64, SPECK48/96, SPECK64/128, and SPECK128/256, respectively. It should be compared with the best previous results which are 12, 15, 15, and 20 rounds, respectively, that both attacks work for a certain weak key class. It should be also considered as an improvement over the reported result of rotational-XOR cryptanalysis on SPECK. [ABSTRACT FROM AUTHOR]

Published

2021

17. Correction to: Using a privacy‑enhanced authentication process to secure IoT‑based smart grid infrastructures.

Author

Rostampour, Samad, Bagheri, Nasour, Ghavami, Behnam, Bendavid, Ygal, Kumari, Saru, Martin, Honorio, and Camara, Carmen

Subjects

TEACHER training

Abstract

This correction notice is for an article titled "Using a privacy-enhanced authentication process to secure IoT-based smart grid infrastructures" published in the Journal of Supercomputing. The correction addresses the omission of funding information, stating that Nasour Bagheri was supported by Shahid Rajaee Teacher Training University under grant number 4968. The original article has been corrected. The publisher, Springer Nature, maintains a neutral stance on jurisdictional claims and institutional affiliations. The authors of the article are Samad Rostampour, Nasour Bagheri, Behnam Ghavami, Ygal Bendavid, Saru Kumari, Honorio Martin, and Carmen Camara. [Extracted from the article]

Published

2024

18. Cryptographic properties of cyclic binary matrices.

Author

Rishakani, Akbar Mahmoodi, Dehnavi, Seyed Mojtaba, Shamsabad, Mohmmadreza Mirzaee, and Bagheri, Nasour

Subjects

MATRICES (Mathematics), MATRIX decomposition, CIPHERS

Abstract

Many modern symmetric ciphers apply MDS or almost MDS matrices as diffusion layers. The performance of a diffusion layer depends on its diffusion property measured by branch number and implementation cost which is usually measured by the number of XORs required. As the implementation cost of MDS matrices of large dimensions is high, some symmetric ciphers use binary matrices as diffusion layers to trade-off efficiency versus diffusion property. In the current paper, we investigate cyclic binary matrices (CBMs for short), mathematically. Based upon this theorical study, we provide efficient matrices with provable lower bound on branch number and minimal number of fixed-points. We consider the product of sparse CBMs to construct efficiently implementable matrices with the desired cryptographic properties. [ABSTRACT FROM AUTHOR]

Published

2021

19. A Recurrent Temporal Model for Semantic Levels Categorization Based on Human Visual System.

Author

Karimi, Mohammad Hossein, Ebrahimpour, Reza, and Bagheri, Nasour

Subjects

VISUAL cortex, HUMAN beings

Abstract

Humans can categorize an object in different semantic levels. For example, a dog can be categorized as an animal (superordinate), a terrestrial animal (basic), or a dog (subordinate). Recent studies have shown that the duration of stimulus presentation can affect the mechanism of categorization in the brain. Rapid stimulus presentation will not allow top-down influences to be applied on the visual cortex, whereas in the nonrapid, top-down influences can be established and the final result will be different. In this paper, a spiking recurrent temporal model based on the human visual system for semantic levels of categorization is introduced. We showed that the categorization problem for up-right and inverted images can be solved without taking advantage of feedback, but for the occlusion and deletion problems, top-down feedback is necessary. The proposed computational model has three feedback paths that express the effects of expectation and the perceptual task, and it is described by the type of problem that the model seeks to solve and the level of categorization. Depending on the semantic level of the asked question, the model changes its neuronal structure and connections. Another application of recursive paths is solving the expectation effect problem, that is, compensating the reduce in firing rate by the top-down influences due to the available features in the object. In addition, in this paper, a psychophysical experiment is performed and top-down influences are investigated through this experiment. In this experiment, by top-down influences, the speed and accuracy of the categorization of the subjects increased for all three categorization levels. In both the presence and absence of top-down influences, the remarkable point is the superordinate advantage. [ABSTRACT FROM AUTHOR]

Published

2021

20. MDSbSP: a search protocol based on MDS codes for RFID-based Internet of vehicle.

Author

Adeli, Morteza and Bagheri, Nasour

Subjects

RADIO frequency identification systems, RADIO frequency, INTERNET, INTERNET of things, KEY agreement protocols (Computer network protocols), ACQUISITION of data

Abstract

The new era of the Internet of Things is driving the evolution of conventional vehicle ad hoc networks into the Internet of vehicles (IoV). Radio frequency identification (RFID) is a reliable and advanced instrument used for automated data collection, processing and tracking, which is widely used in IoV. One of the important features of an RFID system is its ability to search for a particular tag among a group of tags. Since the RFID tags used in vehicles are commonly resource-constrained, the purpose is to propose a lightweight tag searching protocol that meets the security requirements while at the same time it is respecting the requirements for efficient implementation. In this regard, a lightweight tag search protocol, which is based on permutation matrices, has recently been proposed by Fan et al. and claimed to be secure against various attacks. In this paper, we analyze the security of this protocol and show that this scheme is vulnerable to de-synchronization and disclosure attacks. The latter attack can disclose all the secret information stored in a tag such as the identity, the shared secret key and the two secret permutation matrices that are used as encryption functions. To address these vulnerabilities, we propose an improved lightweight tag search protocol based on maximum distance separable matrices. As a result of security analysis, we can see that the improved scheme is secure against passive and active attacks, including disclosure and de-synchronization attack. Finally, we implement the improved protocol in ISE 14.6 environment for Virtex-7 FPGAs and compare the performance with some related protocols. The implementation results show that the improved scheme is particularly well suited for use in RFID systems. [ABSTRACT FROM AUTHOR]

Published

2021

21. On the designing a secure biometric-based remote patient authentication scheme for mobile healthcare environments.

Author

Adeli, Morteza, Bagheri, Nasour, and Meimani, Hamid Reza

Abstract

Internet of medical things (IoMT) is bringing many opportunities for healthcare and our personal lives. For example, using this technology a healthcare provider can remotely monitor, collect and analyze data of patients using smart sensors that are connected to them. With this trend on the rise, data protection and information security in healthcare environments are now major concerns. Authentication before starting the data transmission is a common approach to provide data security. Recently, Mohammedi et al. have proposed a lightweight biometric-based authentication scheme for mobile healthcare environments and have claimed that their scheme is secure against known attacks in the context of RFID authentication protocols. However, in this paper, we provide a more detailed analysis of the this scheme and show that their protocol is vulnerable to a man-in-the-middle attack. Furthermore, we demonstrate that their protocol does not provide other security requirements such as forward secrecy, anonymity, and untraceability. To remedy these weaknesses, we propose an improved scheme and demonstrate that the proposed scheme can withstand common attacks while it requires approximately 23% less computation time and 50% less communication overhead than the Mohammedi et al. scheme. We also formally evaluate the security of the proposed protocol by Scyther tool, which is a widely accepted automated tool for this purpose. [ABSTRACT FROM AUTHOR]

Published

2021

22. Modification and hardware implementation of cortex‐like object recognition model.

Author

Mohammadi Anbaran, Alireza, Torkzadeh, Pooya, Ebrahimpour, Reza, and Bagheri, Nasour

Abstract

Object recognition in the visual cortex of mammals and humans has inspired many computational object recognition models. Hierarchical model and X (HMAX) is a well‐known biologically motivated object recognition model with scale and position tolerance and high accuracy. Due to the computational intensive nature, hardware implementation with massive parallel processing is suggested for real‐time applications. However, it is important to explore algorithmic trade‐offs when mapping an algorithm to are configurable hardware. A direct conversion of the software implementation of an algorithm generally results inefficient hardware resource usage. In this study, the authors propose a novel modification into the HMAX model which makes it suitable for hardware implementation. More precisely, to reduce the number of memory blocks and multipliers of the S2 layer of HMAX produces, they replace the first norm by the second norm, which critically affects the silicon area in an application‐specific integrated circuit implementation or the required resources in field‐programmable gate array (FPGA). To evaluate the proposed model, they implement a pipelined version of the revised model on a mid‐range commercial Xilinx FPGA, i.e. XC6VLX240T platform from a Virtex 6 family of Xilinx using ISE. Compared to the recent hardware implementation of HMAX, the proposed model offers 83% resource degradation in DSP48 slices and 3% in memory blocks. [ABSTRACT FROM AUTHOR]

Published

2020

23. CPA on COLM Authenticated Cipher and the Protection Using Domain-Oriented Masking.

Author

Jahanbani, Mohsen, Bagheri, Nasour, and Norouzi, Zeinolabedin

Subjects

CIPHERS, STATISTICAL correlation, MASKS

Abstract

Authenticated encryption schemes are important cryptographic primitives that received extensive attention recently. They can provide both confidentiality and authenticity services, simultaneously. Correlation power analysis (CPA) can be a thread for authenticated ciphers, similar to the any physical implementation of any other cryptographic scheme. In this paper, a three-step CPA attack against COLM, one of the winners of CAESAR competition, is presented to indicate its vulnerability. To validate this attack, COLM is implemented on the FPGA of the SAKURA-G board. A successful CPA attack with zero value power model is mounted by measuring and collecting 1,800 power traces. In addition, a protected hardware architecture for COLM is proposed to make this design secure against first-order CPA attacks, where a domain-oriented masking (DOM) scheme with two-input/output shares is used to protect it. To verify these countermeasures, we mount first and second-order CPA attacks and a non-specified t-test on the protected COLM. [ABSTRACT FROM AUTHOR]

Published

2020

24. Investigation of Some Attacks on GAGE (v1), InGAGE (v1), (v1.03), and CiliPadi (v1) Variants.

Author

Niknam, Majid M., Sadeghi, Sadegh, Aref, Mohammad Reza, and Bagheri, Nasour

Subjects

INVESTIGATIONS, DATA encryption, PRESSURE gages, PERMUTATIONS

Abstract

In this paper, we present some attacks on GAGE, InGAGE, and CiliPadi, which are candidates of the first round of the NIST-LWC competition. GAGE and InGAGE are lightweight sponge based hash function and Authenticated Encryption with Associated Data (AEAD), respectively, and support different sets of parameters. The length of hash, key, and tag are always 256, 128, and 128 bits, respectively. We show that the security bounds for some variants of its hash and AEAD are less than the designers' claims. For example, the designers' security claim of the preimage attack for a hash function when the rate is 128 bits, and the capacity is 256 bits, is 2256. However, we show that the security of preimage for this parameter set is 2128. Also, the designer claimed security of confidentiality for an AEAD, when the rate is 8 bits, and the capacity is 224 bits, is 2116. However, we show the security of confidentiality for it is 2112. We also investigate the structure of the permutation used in InGAGE and present an attack to recover the key for reduced rounds of a variant of InGAGE. In an instance of AEAD of InGAGE, when the rate is 8 bits and the capacity is 224 bits, we recover the key when the number of the composition of the main permutation with itself, i.e., r1, is less than 8. We also show that CiliPadi is vulnerable to the length extension attack by presenting concrete examples of forged messages. [ABSTRACT FROM AUTHOR]

Published

2020

25. Practical fault resilient hardware implementations of AES.

Author

Sheikhpour, Saeide, Mahani, Ali, and Bagheri, Nasour

Abstract

Security is a challenging issue in resource‐constrained applications, e.g. in an embedded system. This study focused on practical lightweight fault‐tolerant strategies for hardware implementation of Advanced Encryption Standard (AES) to mitigate the‐reliability issue of secure architectures. In this work, a‐fault‐tolerant architecture called configurable fault‐tolerant AES (CFTA), and its variants, called robust CFTA (R‐CFTA), R‐CFTA+, high throughput CFTA (HT‐CFTA), HT‐CFTA4R, HT‐CFTA8R, and HT‐CFTA+, are introduced. Proposed approaches exploit the‐inherent parallel architecture of AES for employing redundancy at low cost. CFTA and HT‐CFTA can tolerate all single permanent and transient faults in the‐AES blocks and also all multiple permanent and transient faults in the‐same block. R‐CFTA upgrades the‐fault‐tolerant aspect of CFTA and HT‐CFTA and it is also able to tolerate all single‐ and multiple‐transient faults in two AES functional blocks during a round. The proof is provided to show the fault masking ability of provided architectures. Furthermore, R‐CFTA+ and HT‐CFTA+, which are suitable for high‐security sensitive applications are suggested. In addition, the proposed fault‐tolerant designs are implemented on both field programmable gate array and application‐specific integrated circuit platforms, and their implementation area, frequency, and throughput are discussed and compared with other related works. Moreover, system‐efficiency, as an important design metric, is reported for proposed structures. [ABSTRACT FROM AUTHOR]

Published

2019

26. High throughput fault‐resilient AES architecture.

Author

Sheikhpour, Saeide, Mahani, Ali, and Bagheri, Nasour

Abstract

As more and more confidential information is being transmitted securely, the use of cryptographic algorithms is expanded. However, existing cryptographic algorithms are subject to various malicious attacks. Fault injection attack is one of the most effective attacks that are able to extract private information with the inexpensive requirement and short amount of time. AES is a block cipher that is used in many critical applications. Here, a lightweight error‐detection architecture for AES has been proposed; the authors call it as high throughput fault‐resilient AES (HFA). In the proposed architecture, the authors use parallel AES architecture, which contains four equivalent blocks and split each block into two pipeline stages. The authors have shown that HFA achieves high error‐detection rate while keeping overheads reasonable. [ABSTRACT FROM AUTHOR]

Published

2019

27. Reliable S-Box Hardware Implementation by Gate-Level Fault Masking Enhancement.

Author

Sheikhpour, Saeide, Mahani, Ali, and Bagheri, Nasour

Subjects

INTEGRATED circuit fault tolerance, ADVANCED Encryption Standard, MULTICASTING (Computer networks), NP-hard problems, COMBINATIONAL circuits, DIGITAL electronics, RELIABILITY in engineering

Abstract

With technology scaling, fault tolerance has become more essential for digital circuits. Some solutions, like all types of redundancies, have been proposed to increase the reliability of the systems. In this paper, we present a cost-aware algorithm to enhance the fault tolerance ability of combinational digital circuits. Proposed algorithm improves the circuit logical masking with minimum area overhead based on an improved version of genetic algorithm (GA). Given a set of potential gates that are more sensitive to fault occurrence, we first extract feasible functional redundant, ffr, between the source nodes and the potential gates' outputs that their improvement on logical masking be more than a pre-defined threshold and hold them in a library, Masking_Lib. Then, we have to find a set of minimum number of potential gates as a target to add appropriate ffr, so that the maximum improvement on logical masking with minimum area overhead is achieved. Since, finding a set of potential gates with their suitable ffrs to meet these objectives is an NP-hard problem, we formulize this, as an optimization problem and solve using GA. We introduce an efficient chromosome representation and an adaptive objective function along with the basic GA operators. Besides, we integrate an assimilation operator with GA in order to enhance its searching ability. Our approach is applied to composite field substitution box implementation (S-box) that forms the core building block of any hardware implementation of the Advanced Encryption Standard algorithm. The simulation and synthesis results have been reported to show the effectiveness of our approach. Through these results, it has been shown that our proposed algorithm provides reliable digital circuits based on different level of logical masking (from 25.58 to 52.15). [ABSTRACT FROM AUTHOR]

Published

2019

28. Lightweight 4 x 4MDSMatrices for Hardware-Oriented Cryptographic Primitives.

Author

Rishakani, Akbar Mahmoodi, Shamsabad, Mohammad Reza Mirzaee, Dehnavi, Seyyed Mojtaba, Amiri, Mohammad Amin, Maimani, Hamid Reza, and Bagheri, Nasour

Subjects

BINARY codes, BLOCK ciphers

Abstract

Linear diffsion layer is an important part of lightweight block ciphers and hash functions. This paper presents an efficient class of lightweight 4 ⨰ 4 MDS matrices such that the implementation cost of them and their corresponding inverses are equal. The main target of the paper is hardware oriented cryptographic primitives and the implementation cost is measured in terms of the required number of XORs. Firstly, we mathematically characterize the MDS property of a class of matrices (derived from the product of binary matrices and companion matrices of σ-LFSRs aka recursive di usion layers) whose implementation cost is 10m+4 XORs for 4 ⩽ m ⩽ 8, where m is the bit length of inputs. Then, based on the mathematical investigation, we further extend the search space and propose new families of 4 ⨰ 4 MDS matrices with 8m + 4 and 8m + 3 XOR implementation cost. The lightest MDS matrices by our new approach have the same implementation cost as the lightest existent matrix. [ABSTRACT FROM AUTHOR]

Published

2019

29. An improved low-cost yoking proof protocol based on Kazahaya’s flaws.

Author

Bagheri, Nasour, Safkhani, Masoumeh, Namin, Mojtaba Eslamnezhad, and Rostampour, Samad

Subjects

RADIO frequency identification systems, INTERNET of things, ROBUST control, FALSE personation, DATABASES

Abstract

Peris-Lopez et al. (J Netw Comput Appl 34:833-845, 2011) recently provided some guidelines that should be followed to design a secure yoking proof protocol. In addition, conforming to those guidelines and EPC C1-G2, they presented a yoking proof for medical systems based on low-cost RFID tags, named Kazahaya. In this paper, we compromise its security and show how a passive adversary can retrieve secret parameters of a patient’s tag in cost of O(216) off-line PRNG evaluations. Nevertheless, to show other weaknesses of the protocol and rule out any possible improvement by increasing the length of the used PRNG, we present a forgery attack that proves that a generated proof at time tn can be used to forge a valid proof for any desired time tj. The success probability of this attack is ‘1’ and the complexity is negligible. In addition, we present a new lightweight protocol based on 128-bit PRNG function to solve the problems of Kazahaya protocol. In terms of security, we evaluate the new protocol based on formal and informal methods and prove that the improved protocol is not vulnerable to RFID attacks. [ABSTRACT FROM AUTHOR]

Published

2018

30. A secure search protocol for lightweight and low-cost RFID systems.

Author

Eslamnezhad Namin, Mojtaba, Hosseinzadeh, Mehdi, Bagheri, Nasour, and Khademzadeh, Ahmad

Subjects

RADIO frequency identification systems, EAVESDROPPING, COMMUNICATION, BIOMETRIC identification, ELECTRONIC surveillance

Abstract

In radio frequency identification (RFID) systems, search protocols are used to find a specific item in a large number of tagged products. These protocols should be secure against RFID attacks such as traceability, impersonation, DoS and eavesdropping. Sundaresan et al. (IEEE Trans Dependable Secure Comput, 2015) presented a server-less search protocol based on 128-bits PRNG function and claimed that their method can address all vulnerabilities of previous protocols. In this paper, we prove that Sundaresan et al.’s protocol is vulnerable to traceability attack with the high probability. In addition, we present an improved protocol to solve the proposed problem and analyze its security level informally and formally based on AVISPA tool and BAN logic. [ABSTRACT FROM AUTHOR]

Published

2018

31. A Scalable and Lightweight Grouping Proof Protocol for Internet of Things Applications.

Author

Rostampour, Samad, Bagheri, Nasour, Hosseinzadeh, Mehdi, and Khademzadeh, Ahmad

Subjects

INTERNET of things, RADIO frequency identification systems, COMPUTER network protocols, COMPUTER network security, COMPUTER access control, SCALABILITY

Abstract

The Internet of Things (IoT) is a new technology, which enables objects to exchange data via the internet network. One part of the infrastructure of IoT is Radio Frequency Identification (RFID). One way to fortify the system and prevent it against an unauthorized access is an authentication process. A grouping proof protocol is a protocol by which a reader authenticates two or more tags simultaneously in an authentication process. In this paper, we present a novel scalable grouping proof protocol. Since scalability is a challenge in grouping proof protocol, to solve the scalability problem in the proposed protocol, the reader broadcasts the messages and the tags respond to it independently. In terms of the performance, we use a 64-bit lightweight Pseudo-Random Number Generator (64-PRNG) function, which meets the needs of low-power and low-cost systems. In addition, the security analysis results prove that the proposed protocol is resistant against RFID threats and provides an acceptable security level and low computation cost. [ABSTRACT FROM AUTHOR]

Published

2018

32. Passive secret disclosure attack on an ultralightweight authentication protocol for Internet of Things.

Author

Safkhani, Masoumeh and Bagheri, Nasour

Subjects

INTERNET of things, DATA transmission systems, INTERNET service providers, INTERNET security, COMPUTER access control, SECURITIES

Abstract

Internet of Things (IoT) is a technology in which for any object the ability to send data via communications networks is provided. Ensuring the security of Internet services and applications is an important factor in attracting users to use this platform. In the other words, if people are unable to trust that the equipment and information will be reasonably safe against damage, abuse and the other security threats, this lack of trust leads to a reduction in the use of IoT-based applications. Recently, Tewari and Gupta (J Supercomput 1-18, 2016) have proposed an ultralightweight RFID authentication protocol to provide desired security for objects in IoT. In this paper, we consider the security of the proposed protocol and present a passive secret disclosure attack against it. The success probability of the attack is '1' while the complexity of the attack is only eavesdropping one session of the protocol. The presented attack has negligible complexity. We verify the correctness of the presented attack by simulation. [ABSTRACT FROM AUTHOR]

Published

2017

33. Cryptanalysis of Reduced NORX.

Author

Bagheri, Nasour, Huang, Tao, Jia, Keting, Mendel, Florian, and Sasaki, Yu

Published

2016

34. Improved Rebound Attacks on AESQ: Core Permutation of CAESAR Candidate PAEQ.

Author

Bagheri, Nasour, Mendel, Florian, and Sasaki, Yu

Published

2016

35. On the (Im)Possibility of Receiving Security Beyond 2 Using an l-Bit PRNG.

Author

Safkhani, Masoumeh, Hosseinzadeh, Mehdi, Namin, Mojtaba, Rostampour, Samad, and Bagheri, Nasour

Subjects

SYNCHRONIZATION, COMPUTER access control, RADIO frequency identification systems, COMPUTATIONAL complexity, COMPUTER network protocols

Abstract

Recently, Wang et al. analyzed the security of two EPC C1-G2 compliant RFID authentication protocols, called RAPLT and $$\textit{SRP}^+$$ , and proved that these protocols are vulnerable against de-synchronization and secret disclosure attacks. The time complexity of their attacks were $$O(2^{16})$$ . In addition, they proposed an improved version of $$\textit{SRP}^+$$ entitled $$\textit{SRP}^{++}$$ , for which they claim the security would be $$O(2^{32})$$ . However, in this letter, we analyze the security of $$\textit{SRP}^{++}$$ and show that the complexity of retrieving all secret parameters of a given tag is $$O(2^{16})$$ , similar to its predecessor protocol. [ABSTRACT FROM AUTHOR]

Published

2017

36. A new anti-collision protocol based on information of collided tags in RFID systems.

Author

Bagheri, Nasour, Alenaby, Parvin, and Safkhani, Masoumeh

Subjects

RADIO frequency identification systems, TAGS (Metadata), DATA transmission systems, QUERY (Information retrieval system), PROBABILITY theory

Abstract

Radio frequency identification (RFID) technology has recently become an integral part of a wide range of applications. One of the challenges in RFID systems is the tag anti-collision issue, for which several anti-collision tag identification protocols have been proposed. This paper proposes a novel slotted ALOHA-based RFID tag anti-collision algorithm which can be employed for tag identification. The main idea of this algorithm is to use the information available in collision slots, called collided data, to identify tags uniquely. For this purpose, the collision slots that include only two tags are selected. Then, the non-conflict bits in these slots are used to possibly identifying the tags. Because in the proposed algorithm readers use both single slots and also the collision slots for tag identification, the performance is increased significantly compared with other protocols. Results of the study indicate that in the proposed algorithm, the optimal frame size for an individual tag number is equal to the half of tags number and the efficiency of the proposed protocol is improved to about 73%. Copyright © 2015 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2017

37. An authenticated encryption based grouping proof protocol for RFID systems.

Author

Rostampour, Samad, Bagheri, Nasour, Hosseinzadeh, Mehdi, and Khademzadeh, Ahmad

Subjects

COMPUTER access control, DATA encryption, RADIO frequency identification systems, INTERNET protocols, MINIMUM message length (Information theory)

Abstract

Radio frequency identification grouping proof authentication protocol is an approach to identify a set of tagged objects simultaneously. Over the past decade, several protocols in this domain have been presented, but each was weak with flawed attributes. It is essential that a grouping proof protocol be both scalable and affordable, considering its use for applications with large quantities of tags and the high level of security. In this paper, we present a secure and scalable grouping proof protocol by utilizing an encryption method that is called authenticated encryption. This encryption method provides both confidentiality and message integrity simultaneously. In addition, it can satisfy the resource limitation of passive tags. The proposed protocol eliminates the dependency among the tags' responses and provides the scalability with minimum message broadcasting. We evaluate the proposed protocol based on formal and informal security methods, and the results prove that it is robust against radio frequency identification attacks and suitable for low-power and low-cost devices. Copyright © 2017 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2016

38. On the Security of Permutation Based Authentication Protocols for Internet of Things Applications: The Case of Huang et al.'s Protocol.

Author

Rostampour, Samad, Bagheri, Nasour, Hosseinzadeh, Mehdi, and Khademzadeh, Ahmad

Subjects

PERMUTATION groups, COMPUTER access control, INTERNET of things, PERSONAL computers, SMARTPHONES

Abstract

The Internet of Things (IoT) is a new technology, which enables objects to exchange data via the Internet. Authentication process is a method to prevent an unauthorized access to the IoT systems. The using of bit-wise functions such as XOR, Shift and Rotation could decrease the cost of authentication protocols. On the other hand, the simple operations usually could not provide an acceptable security level. Therefore, the researchers try to improve the security level by creating new permutation functions. In this paper, we evaluate some permutation functions and analyze a protocol which recently has been proposed by Huang et al. We prove that their protocol is vulnerable to the disclosure and the impersonation attacks and an adversary can clone a valid tag easily. The complexity of the proposed attack is low and attack method works efficiently for the secret keys and ID numbers with variable length. [ABSTRACT FROM AUTHOR]

Published

2016

39. Multicollision Attack on a Recently Proposed Hash Function vMDC-2.

Author

Zolfaghari, Zahra, Asadollahi, Hamid, and Bagheri, Nasour

Subjects

HASHING, BLOCK ciphers, DATA compression, INITIAL value problems, BIRTHDAYS

Published

2016

40. A Note on the Security of Two Improved RFID Protocols.

Author

Safkhani, Masoumeh and Bagheri, Nasour

Subjects

RADIO frequency identification systems, SYNCHRONIZATION, PROBABILITY theory

Abstract

Recently, Baghery et al. [1, 2] presented some attacks on two RFID protocols, namely Yoon and Jung et al. protocols, and proposed the improved version of them. However, in this note, we show that the improved version of the Jung et al. protocol suffers from desynchronization attack and the improved version of the Yoon's protocol suffers from secret disclosure attack. The success probability of the desynchronization attack against the improved version of the Jung et al. protocol is (1-2-2n)², where n is length of the protocol parameters. The attack can be accomplished with just three runs of the protocol. The success probability of the secret disclosure attack against the improved version of the Yoon's protocol is almost 1, while the complexity is just two runs of the protocol and doing 216 off-line evaluations of PRNG function. [ABSTRACT FROM AUTHOR]

Published

2016

41. Differential Fault Analysis of SHA-3.

Author

Bagheri, Nasour, Ghaedi, Navid, and Sanadhya, Somitra Kumar

Published

2015

42. Improved Linear Cryptanalysis of Reduced-Round SIMON-32 and SIMON-48.

Author

Abdelraheem, Mohamed Ahmed, Alizadeh, Javad, Alkhzaimi, Hoda A., Aref, Mohammad Reza, Bagheri, Nasour, and Gauravaram, Praveen

Published

2015

43. Linear Cryptanalysis of Reduced-Round SIMECK Variants.

Author

Bagheri, Nasour

Published

2015

44. Building indifferentiable compression functions from the PGV compression functions.

Author

Gauravaram, Praveen, Bagheri, Nasour, and Knudsen, Lars

Subjects

MATHEMATICAL functions, COMPUTER security, CIPHER & telegraph codes, DATA compression, MATHEMATICAL models

Abstract

Preneel, Govaerts and Vandewalle (PGV) analysed the security of single-block-length block cipher based compression functions assuming that the underlying block cipher has no weaknesses. They showed that 12 out of 64 possible compression functions are collision and (second) preimage resistant. Black, Rogaway and Shrimpton formally proved this result in the ideal cipher model. However, in the indifferentiability security framework introduced by Maurer, Renner and Holenstein, all these 12 schemes are easily differentiable from a fixed input-length random oracle (FIL-RO) even when their underlying block cipher is ideal. We address the problem of building indifferentiable compression functions from the PGV compression functions. We consider a general form of 64 PGV compression functions and replace the linear feed-forward operation in this generic PGV compression function with an ideal block cipher independent of the one used in the generic PGV construction. This modified construction is called a generic modified PGV (MPGV). We analyse indifferentiability of the generic MPGV construction in the ideal cipher model and show that 12 out of 64 MPGV compression functions in this framework are indifferentiable from a FIL-RO. To our knowledge, this is the first result showing that two independent block ciphers are sufficient to design indifferentiable single-block-length compression functions. [ABSTRACT FROM AUTHOR]

Published

2016

45. Weaknesses of fingerprint-based mutual authentication protocol.

Author

Picazo-Sanchez, Pablo, Ortiz-Martin, Lara, Peris-Lopez, Pedro, and Bagheri, Nasour

Subjects

HUMAN fingerprints, COMPUTER access control, COMPUTER network protocols, INTERNET, UBIQUITOUS computing

Abstract

The Internet of Things is an emerging paradigm, which is used to link physical objects with Internet. One of the most common ways of communicating and identifying objects on Internet of Things is using Radio Frequency IDentification (RFID) systems between different objects. Researchers have focused on developing improvements of RFID authentication protocols that stave off privacy threats and well-known security problems. Recently, Khor et al. have proposed a new authentication protocol that conforms to the Electronic Product Code Class-1 Generation-2 standard (ISO/IEC 18000-6C for RFID systems). In this paper, we show the vulnerabilities of this authentication protocol concerning to full disclosure, impersonation, traceability, de-synchronization, and Denial-of-Service attacks. These attacks make the protocol unfeasible to introduce it with an adequate security and sufficient privacy protection level. Finally, we present a new protocol, called F i n g e r p r i n t+ protocol, which is based on ISO/IEC 9798-2 and ISO/IEC 18000-6C and whose security is formally verified using BAN logic. Copyright © 2014 John Wiley & Sons, Ltd. [ABSTRACT FROM AUTHOR]

Published

2015

46. Cryptanalysis of Some First Round CAESAR Candidates.

Author

Alizadeh, Javad, Aref, Mohammad Reza, Bagheri, Nasour, and Sadeghi, Hassan

Subjects

DATA encryption, CYBERTERRORISM, DATA security

Abstract

AES - CMCCv1, AVALANCHEv1, CLOCv1, and SILCv1 are four candidates of the first round of CAESAR. CLOCv1 is presented in FSE 2014 and SILCv1 is designed upon it with the aim of optimizing the hardware implementation cost. In this paper, structural weaknesses of these candidates are studied. We present distinguishing attacks against AES - CMCCv1 with the complexity of two queries and the success probability of almost 1, and distinguishing attacks on CLOCv1 and SILCv1 with the complexity of O(2n/2) queries and the success probability of 0:63, in which n is bit length of message blocks. In addition, a forgery attack is presented against AVALANCHEv1 which requires only one query and has the success probability of 1. The attacks reveal weaknesses in the structure of these first round candidates and inaccuracy of their security claims. [ABSTRACT FROM AUTHOR]

Published

2015

47. Cryptanalysis of SIMON Variants with Connections.

Author

Alizadeh, Javad, Alkhzaimi, Hoda A., Aref, Mohammad Reza, Bagheri, Nasour, Gauravaram, Praveen, Kumar, Abhishek, Lauridsen, Martin M., and Sanadhya, Somitra Kumar

Published

2014

48. On the Security of Tan et al. Serverless RFID Authentication and Search Protocols.

Author

Safkhani, Masoumeh, Peris-Lopez, Pedro, Bagheri, Nasour, Naderi, Majid, and Hernandez-Castro, Julio Cesar

Published

2013

49. Desynchronization and Traceability Attacks on RIPTA-DA Protocol.

Author

Bagheri, Nasour, Gauravaram, Praveen, Safkhani, Masoumeh, and Sanadhya, Somitra Kumar

Published

2013

50. On the Security of Two RFID Mutual Authentication Protocols.

Author

Aghili, Seyed Farhad, Bagheri, Nasour, Gauravaram, Praveen, Safkhani, Masoumeh, and Sanadhya, Somitra Kumar

Published

2013