Your search keyword '"Guillermo Sosa-Gómez"' showing total 60 results

1. New Test to Detect Clustered Graphical Passwords in Passpoints Based on the Perimeter of the Convex Hull

Author

Joaquín Alberto Herrera-Macías, Lisset Suárez-Plasencia, Carlos Miguel Legón-Pérez, Guillermo Sosa-Gómez, and Omar Rojas

Subjects

Passpoints, convex hull, clustered graphical passwords, authentication, Information technology, T58.5-58.64

Abstract

This research paper presents a new test based on a novel approach for identifying clustered graphical passwords within the Passpoints scenario. Clustered graphical passwords are considered a weakness of graphical authentication systems, introduced by users during the registration phase, and thus it is necessary to have methods for the detection and prevention of such weaknesses. Graphical authentication methods serve as a viable alternative to the conventional alphanumeric password-based authentication method, which is susceptible to known weaknesses arising from user-generated passwords of this nature. The test proposed in this study is based on estimating the distributions of the perimeter of the convex hull, based on the hypothesis that the perimeter of the convex hull of a set of five clustered points is smaller than the one formed by random points. This convex hull is computed based on the points that users select as passwords within an image measuring 1920 × 1080 pixels, using the built-in function convhull in Matlab R2018a relying on the Qhull algorithm. The test was formulated by choosing the optimal distribution that fits the data from a total of 54 distributions, evaluated using the Kolmogorov–Smirnov, Anderson–Darling, and Chi-squared tests, thus achieving the highest reliability. Evaluating the effectiveness of the proposed test involves estimating type I and II errors, for five levels of significance α∈{0.01,0.02,0.05,0.1,0.2}, by simulating datasets of random and clustered graphical passwords with different levels of clustering. In this study, we compare the effectiveness and efficiency of the proposed test with existing tests from the literature that can detect this type of pattern in Passpoints graphical passwords. Our findings indicate that the new test demonstrates a significant improvement in effectiveness compared to previously published tests. Furthermore, the joint application of the two tests also shows improvement. Depending on the significance level determined by the user or system, the enhancement results in a higher detection rate of clustered passwords, ranging from 0.1% to 8% compared to the most effective previous methods. This improvement leads to a decrease in the estimated probability of committing a type II error. In terms of efficiency, the proposed test outperforms several previous tests; however, it falls short of being the most efficient, using computation time measured in seconds as a metric. It can be concluded that the newly developed test demonstrates the highest effectiveness and the second-highest efficiency level compared to the other tests available in the existing literature for the same purpose. The test was designed to be implemented in graphical authentication systems to prevent users from selecting weak graphical passwords, enhance password strength, and improve system security.

Published

2024

2. Practical Improvement in the Implementation of Two Avalanche Tests to Measure Statistical Independence in Stream Ciphers

Author

Evaristo José Madarro-Capó, Eziel Christians Ramos Piñón, Guillermo Sosa-Gómez, and Omar Rojas

Subjects

stream cipher, avalanche criterion, bit independence, parallel implementation, statistical test, Electronic computers. Computer science, QA75.5-76.95

Abstract

This study describes the implementation of two algorithms in a parallel environment. These algorithms correspond to two statistical tests based on the bit’s independence criterion and the strict avalanche criterion. They are utilized to measure avalanche properties in stream ciphers. These criteria allow for the statistical independence between the outputs and the internal state of a bit-level cipher to be determined. Both tests require extensive input parameters to assess the performance of current stream ciphers, leading to longer execution times. The presented implementation significantly reduces the execution time of both tests, making them suitable for evaluating ciphers in practical applications. The evaluation results compare the performance of the RC4 and HC256 stream ciphers in both sequential and parallel environments.

Published

2024

3. Complexity Reduction in Analyzing Independence between Statistical Randomness Tests Using Mutual Information

Author

Jorge Augusto Karell-Albo, Carlos Miguel Legón-Pérez, Raisa Socorro-Llanes, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

mutual information, complexity, PRNG, cryptography, Science, Astrophysics, QB460-466, Physics, QC1-999

Abstract

The advantages of using mutual information to evaluate the correlation between randomness tests have recently been demonstrated. However, it has been pointed out that the high complexity of this method limits its application in batteries with a greater number of tests. The main objective of this work is to reduce the complexity of the method based on mutual information for analyzing the independence between the statistical tests of randomness. The achieved complexity reduction is estimated theoretically and verified experimentally. A variant of the original method is proposed by modifying the step in which the significant values of the mutual information are determined. The correlation between the NIST battery tests was studied, and it was concluded that the modifications to the method do not significantly affect the ability to detect correlations. Due to the efficiency of the newly proposed method, its use is recommended to analyze other batteries of tests.

Published

2023

4. On the Cryptanalysis of a Simplified AES Using a Hybrid Binary Grey Wolf Optimization

Author

Rizk M. Rizk-Allah, Hatem Abdulkader, Samah S. Abd Elatif, Diego Oliva, Guillermo Sosa-Gómez, and Václav Snášel

Subjects

cryptanalysis, simplified-AES, binary optimization, grey wolf optimizer, particle swarm optimization, Mathematics, QA1-939

Abstract

Cryptosystem cryptanalysis is regarded as an NP-Hard task in modern cryptography. Due to block ciphers that are part of a modern cipher and have nonlinearity and low autocorrelation in their structure, traditional techniques and brute-force attacks suffer from breaking the key presented in traditional techniques, and brute-force attacks against modern cipher S-AES (simplified-advanced encryption standard) are complex. Thus, developing robust and reliable optimization with high searching capability is essential. Motivated by this, this paper attempts to present a novel binary hybridization algorithm based on the mathematical procedures of the grey wolf optimizer (GWO) and particle swarm optimization (PSO), named BPSOGWO, to deal with the cryptanalysis of (S-AES). The proposed BPSOGWO employs a known plaintext attack that requires only one pair of plaintext–ciphertext pairs instead of other strategies that require more pairs (i.e., it reduces the number of messages needed in an attack, and secret information such as plaintext-ciphertext pairs cannot be obtained easily). The comprehensive and statistical results indicate that the BPSOGWO is more accurate and provides superior results compared to other peers, where it improved the cryptanalysis accurateness of S-AES by 82.5%, 84.79%, and 79.6% compared to PSO, GA, and ACO, respectively. Furthermore, the proposed BPSOGWO retrieves the optimal key with a significant reduction in search space compared to a brute-force attack. Experiments show that combining the suggested fitness function with HPSOGWO resulted in a 109-fold reduction in the search space. In cryptanalysis, this is a significant factor. The results prove that BPSOGWO is a promising and effective alternative to attack the key employed in the S-AES cipher.

Published

2023

5. A partial evaluation approach for the School Bus Routing Problem

Author

Ana Camila Pérez, Eduardo Sánchez-Ansola, Alejandro Rosete, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

Metaheuristics, Optimization, Partial evaluation, SBRP, Science (General), Q1-390, Social sciences (General), H1-99

Abstract

Several real-life optimization problems, such as the case of several instances of the School Bus Routing Problem (SBRP), are very complex and expensive to solve with exact algorithms. Metaheuristics are a good alternative in these situations because they are capable of generating good quality solutions to these problems in a reasonable time. Metaheuristics iterate thousands of times by introducing changes concerning the previous solutions. Each new solution must be evaluated, and sometimes, the new solutions have elements unchanged that are unnecessarily re-evaluated. However, an approach avoids repeatedly evaluating parts of different solutions known as partial evaluation. This work applies this technique to the SBRP to reduce its execution time. To apply the partial evaluation approach in this problem, each solution contains the information of the change that was made concerning the solution from which it originates. With this information, when evaluating the objective function, it will be only necessary to analyze the routes that changed. In the literature reviewed, no previous work was found in which the partial evaluation approach has been applied in the context of SBRP. In this paper we apply it in order to reduce the computational cost of SBRP solutions based on metaheuristics. The results show that it is possible to decrease the execution time in 80% of the instances, reducing the execution time on average by 73.6%.

Published

2022

6. On the Fitness Functions Involved in Genetic Algorithms and the Cryptanalysis of Block Ciphers

Author

Osmani Tito-Corrioso, Mijail Borges-Quintana, Miguel A. Borges-Trenard, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

genetic algorithm, fitness function, block ciphers, cryptography, optimization, Science, Astrophysics, QB460-466, Physics, QC1-999

Abstract

There are many algorithms used with different purposes in the area of cryptography. Amongst these, Genetic Algorithms have been used, particularly in the cryptanalysis of block ciphers. Interest in the use of and research on such algorithms has increased lately, with a special focus on the analysis and improvement of the properties and characteristics of these algorithms. In this way, the present work focuses on studying the fitness functions involved in Genetic Algorithms. First, a methodology was proposed to verify that the closeness to 1 of some fitness functions’ values that use decimal distance implies decimal closeness to the key. On the other hand, the foundation of a theory is developed in order to characterize such fitness functions and determine, a priori, if one method is more effective than another in the attack to block ciphers using Genetic Algorithms.

Published

2023

7. Construction of Boolean Functions from Hermitian Codes

Author

Guillermo Sosa-Gómez, Octavio Paez-Osuna, Omar Rojas, Pedro Luis del Ángel Rodríguez, Herbert Kanarek, and Evaristo José Madarro-Capó

Subjects

Boolean function, Hermitian codes, nonlinearity, Hadamard transform, resilient, Mathematics, QA1-939

Abstract

In 2005, Guillot published a method for the construction of Boolean functions using linear codes through the Maiorana–McFarland construction of Boolean functions. In this work, we present a construction using Hermitian codes, starting from the classic Maiorana–McFarland construction. This new construction describes how the set of variables is divided into two complementary subspaces, one of these subspaces being a Hermitian Code. The ideal theoretical parameters of the Hermitian code are proposed to reach desirable values of the cryptographic properties of the constructed Boolean functions such as nonlinearity, resiliency order, and order of propagation. An extension of Guillot’s work is also made regarding parameters selection using algebraic geometric tools, including explicit examples.

Published

2022

8. Detection of DIAG and LINE Patterns in PassPoints Graphical Passwords Based on the Maximum Angles of Their Delaunay Triangles

Author

Lisset Suárez-Plasencia, Joaquín Alberto Herrera-Macías, Carlos Miguel Legón-Pérez, Guillermo Sosa-Gómez, and Omar Rojas

Subjects

PassPoints, graphical passwords, DIAG patterns, LINE patterns, maximum angles of a Delaunay triangle, Chemical technology, TP1-1185

Abstract

An alternative authentication method to traditional alphanumeric passwords is graphical password authentication, also known as graphical authentication, for which one of the most valuable cued-recall techniques is PassPoints. This technique stands out for its security and usability. However, it can be violated if the user follows a predefined pattern when selecting the five points in an image as their passwords, such as the DIAG and LINE patterns. Dictionary attacks can be built using these two patterns to compromise graphical passwords. So far, no reports have been found in the state of the art about any test capable of detecting graphical passwords with DIAG or LINE patterns in PassPoints. Studies carried out in other scenarios have shown the effectiveness of the characteristics of Delaunay triangulations in extracting information about the dependence between the points. In this work, graphical passwords formed by five randomly selected points on an image are compared with passwords whose points contain patterns of the DIAG or LINE type. The comparison is based on building for each password its Delaunay triangulation and calculating the mean value of the maximum angles of the triangles obtained; such a mean value is denoted by amadt. It is experimentally shown that in passwords containing DIAG and LINE patterns, the value of amadt is higher than the one obtained in passwords formed by random dots. From this result, it is proposed to use this amadt value as a statistic to build a test of means. This result constitutes the work’s main contribution: The proposal of a spatial randomness test to detect weak graphic passwords that contain DIAG and LINE type patterns. The importance and novelty of this result become evident when two aspects are taken into account: First, these weak passwords can be exploited by attackers to improve the effectiveness of their attacks; second, there are no prior criteria to detect this type of weak password. The practical application of said test contributes to increasing PassPoints security without substantially affecting its efficiency.

Published

2022

9. Using Hadamard transform for cryptanalysis of pseudo-random generators in stream ciphers

Author

Guillermo Sosa-Gómez, Omar Rojas, and Octavio Páez-Osuna

Subjects

pseudo-random generators, hadamard transform, stream ciphers, entropy, Science, Mathematics, QA1-939, Electronic computers. Computer science, QA75.5-76.95

Abstract

In this work we discuss results obtained from an application of the Hadamard transform to cryptanalysis, andin particular, we determine the probability to decipher different pseudo-random number generators used ascomponents of stream ciphers. Also, we found a relationship between entropy and Hadamard’s values.

Published

2020

10. Algorithm to detect and calculate the cerebrospinal fluid (CSF) through Magnetic Resonance Imaging (MRI)

Author

Enrique González-Martín, Guillermo Sosa-Gómez, and Omar Rojas

Subjects

cerebrospinal fluid (csf), magnetic resonance imaging, image registration, region growing, Medicine, Medical technology, R855-855.5

Abstract

INTRODUCTION: An heuristic algorithm for detection and segmentation of cerebrospinal fluid through magnetic resonance imaging is presented. OBJECTIVE: The objective of the method is to calculate the minimum amount of anesthesia to be used in patients at the time of an operation and thus make a decision based on the algorithm. METHODS: The pattern-based CSF segmentation algorithm presented is based on finite cellular automata that takes as input light and dark images obtained from MRI methods. RESULTS: Based on Fieldman’s test, results show that the algorithm is as efficient as the decision taken by two different operators regarding the mL of anesthesia to be used in the patient.

Published

2020

11. Electronic Voting System Using an Enterprise Blockchain

Author

Camilo Denis González, Daniel Frias Mena, Alexi Massó Muñoz, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

Hyperledger Fabric, blockchain, election, permissioned, permissionless, non-fungible token (NFT), Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

Conventional electronic voting systems use a centralized scheme. A central administration of these systems manages the entire voting process and has partial or total control over the database and the system itself. This creates some problems, accidental or intentional, such as possible manipulation of the database and double voting. Many of these problems have been solved thanks to permissionless blockchain technologies in new voting systems; however, the classic consensus method of such blockchains requires specific computing power during each voting operation. This has a significant impact on power consumption, compromises the efficiency and increases the system latency. However, using a permissioned blockchain improves efficiency and reduces system energy consumption, mainly due to the elimination of the typical consensus protocols used by public blockchains. The use of smart contracts provides a secure mechanism to guarantee the accuracy of the voting result and make the counting procedure public and protected against fraudulent actions, and contributes to preserving the anonymity of the votes. Its adoption in electronic voting systems can help mitigate part of these problems. Therefore, this paper proposes a system that ensures high reliability by applying enterprise blockchain technology to electronic voting, securing the secret ballot. In addition, a flexible network configuration is presented, discussing how the solution addresses some of the security and reliability issues commonly faced by electronic voting system solutions.

Published

2022

12. Probabilistic Evaluation of the Exploration–Exploitation Balance during the Search, Using the Swap Operator, for Nonlinear Bijective S-Boxes, Resistant to Power Attacks

Author

Carlos Miguel Legón-Pérez, Jorge Ariel Menéndez-Verdecía, Ismel Martínez-Díaz, Guillermo Sosa-Gómez, Omar Rojas, and Germania del Roció Veloz-Remache

Subjects

swap operator, balance exploration–exploitation, permutations, S-box, Hamming weight class, power attacks, Information technology, T58.5-58.64

Abstract

During the search for S-boxes resistant to Power Attacks, the S-box space has recently been divided into Hamming Weight classes, according to its theoretical resistance to these attacks using the metric variance of the confusion coefficient. This partition allows for reducing the size of the search space. The swap operator is frequently used when searching with a random selection of items to be exchanged. In this work, the theoretical probability of changing Hamming Weight class of the S-box is calculated when the swap operator is applied randomly in a permutation. The precision of these probabilities is confirmed experimentally. Its limit and a recursive formula are theoretically proved. It is shown that this operator changes classes with high probability, which favors the exploration of the Hamming Weight class of S-boxes space but dramatically reduces the exploitation within classes. These results are generalized, showing that the probability of moving within the same class is substantially reduced by applying two swaps. Based on these results, it is proposed to modify/improve the use of the swap operator, replacing its random application with the appropriate selection of the elements to be exchanged, which allows taking control of the balance between exploration and exploitation. The calculated probabilities show that the random application of the swap operator is inappropriate during the search for nonlinear S-boxes resistant to Power Attacks since the exploration may be inappropriate when the class is resistant to Differential Power Attack. It would be more convenient to search for nonlinear S-boxes within the class. This result provides new knowledge about the influence of this operator in the balance exploration–exploitation. It constitutes a valuable tool to improve the design of future algorithms for searching S-boxes with good cryptography properties. In a probabilistic way, our main theoretical result characterizes the influence of the swap operator in the exploration–exploitation balance during the search for S-boxes resistant to Power Attacks in the Hamming Weight class space. The main practical contribution consists of proposing modifications to the swap operator to control this balance better.

Published

2021

13. Matheuristics for the Design of a Multi-Step, Multi-Product Supply Chain with Multimodal Transport

Author

David A. Ruvalcaba-Sandoval, Elias Olivares-Benitez, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

matheuristic, multimodal transport, supply-chain network design, decomposition, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

Supply-chain network design is a complex task because there are many decisions involved, and presently, global networks involve many actors and variables, for example, in the automotive, pharmaceutical, and electronics industries. This research addresses a supply-chain network design problem with four levels: suppliers, factories, warehouses, and customers. The problem considered decides on the number, locations, and capacities of factories and warehouses and the transportation between levels in the supply chain. The problem is modeled as a mixed-integer linear program. The main contribution of this work is the proposal of two matheuristic algorithms to solve the problem. Matheuristics are algorithms that combine exact methods and heuristics, attracting interest in the literature because of their fast execution and high-quality solutions. The matheuristics proposed to select the warehouses and their capacities following heuristic rules. Once the warehouses and their capacities are fixed, the algorithms solve reduced models using commercial optimization software. Medium and large instances were generated based on a procedure described in the literature. A comparison is made between the algorithms and the results obtained, solving the model with a time limit. The algorithms proposed are successful in obtaining better results for the largest instances in shorter execution times.

Published

2021

14. Measuring Avalanche Properties on RC4 Stream Cipher Variants

Author

Evaristo José Madarro-Capó, Carlos Miguel Legón-Pérez, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

SAC, BIC, RC4 variants, stream cipher, statistical dependence, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

In the last three decades, the RC4 has been the most cited stream cipher, due to a large amount of research carried out on its operation. In this sense, dissimilar works have been presented on its performance, security, and usability. One of the distinguishing features that stand out the most is the sheer number of RC4 variants proposed. Recently, a weakness has been reported regarding the existence of statistical dependence between the inputs and outputs of the RC4, based on the use of the strict avalanche criterion and the bit independence criterion. This work analyzes the influence of this weakness in some of its variants concerning RC4. The five best-known variants of RC4 were compared experimentally and classified into two groups according to the presence or absence of such a weakness.

Published

2021

15. Information Theory Based Evaluation of the RC4 Stream Cipher Outputs

Author

Evaristo José Madarro-Capó, Carlos Miguel Legón-Pérez, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

RC4, iterative probabilistic attacks, entropy, randomness, Science, Astrophysics, QB460-466, Physics, QC1-999

Abstract

This paper presents a criterion, based on information theory, to measure the amount of average information provided by the sequences of outputs of the RC4 on the internal state. The test statistic used is the sum of the maximum plausible estimates of the entropies H(jt|zt), corresponding to the probability distributions P(jt|zt) of the sequences of random variables (jt)t∈T and (zt)t∈T, independent, but not identically distributed, where zt are the known values of the outputs, while jt is one of the unknown elements of the internal state of the RC4. It is experimentally demonstrated that the test statistic allows for determining the most vulnerable RC4 outputs, and it is proposed to be used as a vulnerability metric for each RC4 output sequence concerning the iterative probabilistic attack.

Published

2021

16. Search-Space Reduction for S-Boxes Resilient to Power Attacks

Author

Carlos Miguel Legón-Pérez, Ricardo Sánchez-Muiña, Dianne Miyares-Moreno, Yasser Bardaji-López, Ismel Martínez-Díaz, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

power attacks, cryptology, confusion coefficient variance, S-boxes, equivalence classes, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

The search of bijective n×n S-boxes resilient to power attacks in the space of dimension (2n)! is a controversial topic in the cryptology community nowadays. This paper proposes partitioning the space of (2n)! S-boxes into equivalence classes using the hypothetical power leakage according to the Hamming weights model, which ensures a homogeneous theoretical resistance within the class against power attacks. We developed a fast algorithm to generate these S-boxes by class. It was mathematically demonstrated that the theoretical metric confusion coefficient variance takes constant values within each class. A new search strategy—jumping over the class space—is justified to find S-boxes with high confusion coefficient variance in the space partitioned by Hamming weight classes. In addition, a decision criterion is proposed to move quickly between or within classes. The number of classes and the number of S-boxes within each class are calculated, showing that, as n increases, the class space dimension is an ever-smaller fraction of the space of S-boxes, which significantly reduces the space of search of S-boxes resilient to power attacks, when the search is performed from class to class.

Published

2021

17. Study of Parameters in the Genetic Algorithm for the Attack on Block Ciphers

Author

Osmani Tito-Corrioso, Miguel Angel Borges-Trenard, Mijail Borges-Quintana, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

genetic algorithm, cryptanalysis, AES(t), optimization, heuristics, Mathematics, QA1-939

Abstract

In recent years, the use of Genetic Algorithms (GAs) in symmetric cryptography, in particular in the cryptanalysis of block ciphers, has increased. In this work, the study of certain parameters that intervene in GAs was carried out, such as the time it takes to execute a certain number of iterations, so that a number of generations to be carried out in an available time can be estimated. Accordingly, the size of the set of individuals that constitute admissible solutions for GAs can be chosen. On the other hand, several fitness functions were introduced, and which ones led to better results was analyzed. The experiments were performed with the block ciphers AES(t), for t∈{3,4,7}.

Published

2021

18. Selecting an Effective Entropy Estimator for Short Sequences of Bits and Bytes with Maximum Entropy

Author

Lianet Contreras Rodríguez, Evaristo José Madarro-Capó, Carlos Miguel Legón-Pérez, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

entropy, estimation, cryptography, randomness, undersample, Science, Astrophysics, QB460-466, Physics, QC1-999

Abstract

Entropy makes it possible to measure the uncertainty about an information source from the distribution of its output symbols. It is known that the maximum Shannon’s entropy of a discrete source of information is reached when its symbols follow a Uniform distribution. In cryptography, these sources have great applications since they allow for the highest security standards to be reached. In this work, the most effective estimator is selected to estimate entropy in short samples of bytes and bits with maximum entropy. For this, 18 estimators were compared. Results concerning the comparisons published in the literature between these estimators are discussed. The most suitable estimator is determined experimentally, based on its bias, the mean square error short samples of bytes and bits.

Published

2021

19. Test for Detection of Weak Graphic Passwords in Passpoint Based on the Mean Distance between Points

Author

Joaquín Alberto Herrera-Macías, Carlos Miguel Legón-Pérez, Lisset Suárez-Plasencia, Luis Ramiro Piñeiro-Díaz, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

mean distance, Passpoint, weak graphical passwords, authentication, access control, Mathematics, QA1-939

Abstract

This work demonstrates the ineffectiveness of the Ripley’s K function tests, the distance to the nearest neighbor, and the empty space function in the Graphical Authentication scenario with Passpoint for the detection of non-random graphical passwords. The results obtained show that none of these tests effectively detect non-random graphical passwords; the reason for their failure is attributed to the small sample of the spatial pattern in question, where only the five points of the graphical password are analyzed. Consequently, a test based on mean distances is proposed, whose experiments show that it detects with good efficiency non-random graphical passwords in Passpoint. The test was designed to be included in the Graphical Authentication systems with Passpoint to warn the user about a possibly weak password during the registration phase, and in this way, the security of the system is increased.

Published

2021

20. A New Family of Boolean Functions with Good Cryptographic Properties

Author

Guillermo Sosa-Gómez, Octavio Paez-Osuna, Omar Rojas, and Evaristo José Madarro-Capó

Subjects

resilient, boolean function, Hadamard, cryptography, non-linearity, Mathematics, QA1-939

Abstract

In 2005, Philippe Guillot presented a new construction of Boolean functions using linear codes as an extension of the Maiorana–McFarland’s (MM) construction of bent functions. In this paper, we study a new family of Boolean functions with cryptographically strong properties, such as non-linearity, propagation criterion, resiliency, and balance. The construction of cryptographically strong Boolean functions is a daunting task, and there is currently a wide range of algebraic techniques and heuristics for constructing such functions; however, these methods can be complex, computationally difficult to implement, and not always produce a sufficient variety of functions. We present in this paper a construction of Boolean functions using algebraic codes following Guillot’s work.

Published

2021

21. Bit Independence Criterion Extended to Stream Ciphers

Author

Evaristo José Madarro-Capó, Carlos Miguel Legón-Pérez, Omar Rojas, Guillermo Sosa-Gómez, and Raisa Socorro-Llanes

Subjects

bit independence criterion, bit independence, RC4, stream cipher, complexity, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

The bit independence criterion was proposed to evaluate the security of the S-boxes used in block ciphers. This paper proposes an algorithm that extends this criterion to evaluate the degree of independence between the bits of inputs and outputs of the stream ciphers. The effectiveness of the algorithm is experimentally confirmed in two scenarios: random outputs independent of the input, in which it does not detect dependence, and in the RC4 ciphers, where it detects significant dependencies related to some known weaknesses. The complexity of the algorithm is estimated based on the number of inputs l, and the dimensions, n and m, of the inputs and outputs, respectively.

Published

2020

22. Metaheuristics in the Optimization of Cryptographic Boolean Functions

Author

Isaac López-López, Guillermo Sosa-Gómez, Carlos Segura, Diego Oliva, and Omar Rojas

Subjects

boolean function, metaheuristics, nonlinearity, cryptography, hadamard transform, entropy, Science, Astrophysics, QB460-466, Physics, QC1-999

Abstract

Generating Boolean Functions (BFs) with high nonlinearity is a complex task that is usually addresses through algebraic constructions. Metaheuristics have also been applied extensively to this task. However, metaheuristics have not been able to attain so good results as the algebraic techniques. This paper proposes a novel diversity-aware metaheuristic that is able to excel. This proposal includes the design of a novel cost function that combines several information from the Walsh Hadamard Transform (WHT) and a replacement strategy that promotes a gradual change from exploration to exploitation as well as the formation of clusters of solutions with the aim of allowing intensification steps at each iteration. The combination of a high entropy in the population and a lower entropy inside clusters allows a proper balance between exploration and exploitation. This is the first memetic algorithm that is able to generate 10-variable BFs of similar quality than algebraic methods. Experimental results and comparisons provide evidence of the high performance of the proposed optimization mechanism for the generation of high quality BFs.

Published

2020

23. Measuring Independence between Statistical Randomness Tests by Mutual Information

Author

Jorge Augusto Karell-Albo, Carlos Miguel Legón-Pérez, Evaristo José Madarro-Capó, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

independence, statistical randomness tests, NIST, mutual information, Science, Astrophysics, QB460-466, Physics, QC1-999

Abstract

The analysis of independence between statistical randomness tests has had great attention in the literature recently. Dependency detection between statistical randomness tests allows one to discriminate statistical randomness tests that measure similar characteristics, and thus minimize the amount of statistical randomness tests that need to be used. In this work, a method for detecting statistical dependency by using mutual information is proposed. The main advantage of using mutual information is its ability to detect nonlinear correlations, which cannot be detected by the linear correlation coefficient used in previous work. This method analyzes the correlation between the battery tests of the National Institute of Standards and Technology, used as a standard in the evaluation of randomness. The results of the experiments show the existence of statistical dependencies between the tests that have not been previously detected.

Published

2020

24. Weak PassPoint Passwords Detected by the Perimeter of Delaunay Triangles

Author

Guillermo Sosa-Gómez, Joaquín Alberto Herrera Macías, Lisset Suárez Plasencia, Omar Rojas, Carlos Miguel Legón-Pérez, and Raisa Socorro Llanes

Subjects

Article Subject, Computer Networks and Communications, Information Systems

Abstract

PassPoint is a graphical authentication technique that is based on the selection of five points in an image. A detected vulnerability lies in the possible existence of a pattern in the points that make up the password. The objective of this work is to detect nonrandom graphical passwords in the PassPoint scenario. A spatial randomness test based on the average of Delaunay triangles’ perimeter is proposed, given the ineffectiveness of the classic tests in this scenario, which only consists of five points. A state-of-the-art of various applications of Voronoi polygons and Delaunay triangulations are presented to detect clustered and regular patterns. The distributions of the averages of the triangles’ perimeters in the PassPoint scenario for various sizes of images are disclosed, which were unknown. The test’s decision criterion was constructed from one of the best distributions to which the data were adjusted. Type I and type II errors were estimated, and it was concluded that the proposed test could detect clustered and regular graphical passwords in PassPoint, therefore being more effective in detecting clustering than regularity.

Published

2022

25. Improved Objective Functions to Search for 8 × 8 Bijective S-Boxes With Theoretical Resistance Against Power Attacks Under Hamming Leakage Models

Author

Guillermo Sosa-Gómez, Omar Rojas, Ismel Martínez Díaz, Carlos Miguel Legón-Pérez, and Alejandro Freyre-Echevarría

Subjects

General Computer Science, General Engineering, General Materials Science

Published

2022

26. New heuristics for assigning in the Multi-Depot Vehicle Routing Problem

Author

Isis Torres-Pérez, Alejandro Rosete, Guillermo Sosa-Gómez, and Omar Rojas

Subjects

Control and Systems Engineering

Published

2022

27. Improvements in the computing efficiency of the probabilities of the LIL test for the PRNG evaluation

Author

Yuniel Matos-Rodríguez, Evaristo José Madarro-Capó, Carlos Miguel Legón-Pérez, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

General Computer Science, Theoretical Computer Science

Published

2022

28. Evolving Nonlinear S-Boxes With Improved Theoretical Resilience to Power Attacks

Author

Ismel Martínez-Díaz, Guillermo Sosa-Gómez, Carlos Miguel Legon Perez, Omar Rojas, and Alejandro Freyre-Echevarría

Subjects

Theoretical computer science, General Computer Science, Computer science, Substitution (logic), differential uniformity, General Engineering, nonlinearity, 020206 networking & telecommunications, 02 engineering and technology, confusion coefficient variance, law.invention, Hybrid heuristic method, substitution boxes, law, fitness function, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, General Materials Science, lcsh:Electrical engineering. Electronics. Nuclear engineering, Side channel attack, Hamming weight, Cryptanalysis, lcsh:TK1-9971, Computer Science::Cryptography and Security, Block cipher

Abstract

Substitution boxes are the main nonlinear component of block ciphers. The security of these ciphers against linear, differential, or side-channel attacks is dependent on the design of such component and their intrinsic properties. There are several methods that aim to cryptographically define, generate, or search for strong substitution boxes. The application of combinatorial optimization algorithms is one of the most useful methodologies in this research area. In this article, we present a novel hybrid method based on the Leaders and Followers and hill-climbing over Hamming Weight Classes metaheuristics, coupled with a new trade-off fitness function that generates 8-bit bijective substitution boxes with good resisting properties towards classical cryptanalysis and side-channel attacks by power consumption. We address the best Pareto optimal solutions for the multi-objective optimization of non-linearity and confusion coefficient variance.

Published

2020

29. Conscious Exploration of Alpha-Cuts in the Parametric Solution of the School Bus Routing Problem with Fuzzy Walking Distance

Author

Isis Torres Pérez, Eduardo Sánchez-Ansola, Guillermo Sosa-Gómez, Omar Rojas, Alejandro Rosete-Suárez, and Ana Camila Pérez Pérez

Subjects

Schools, General Computer Science, Article Subject, General Mathematics, General Neuroscience, Uncertainty, Humans, General Medicine, Walking

Abstract

Combinatorial optimization problems allow for modeling multiple situations in which proper allocation of resources is needed. For some real-world problems, the use of fuzzy elements in the models allows for incorporating certain levels of uncertainty to better approximate such real-world situations. One way to solve combinatorial optimization problems with fuzzy elements is the parametric approach, where it is necessary to define how to explore different relaxation levels using alpha-cuts. Researchers tend to select such alpha-cuts uniformly. The current investigation proposes a novel strategy for selecting alpha-cuts in the School Bus Routing Problem with fuzzy students’ maximum walking distance. This proposal bases its foundations on the number of student-bus stop pairs available according to the different levels of relaxations allowed. Results demonstrate how the proposed strategy gives attractive solutions with more diverse trade-offs, contrasted with other methods in the literature. Furthermore, it decreases the computational cost for those instances where the maximum relaxation does not provide new pairs of students-bus stops.

Published

2022

30. Detection of DIAG and LINE Patterns in PassPoints Graphical Passwords Based on the Maximum Angles of Their Delaunay Triangles

Author

Guillermo Sosa-Gómez, Joaquín Alberto Herrera Macías, Lisset Suárez Plasencia, Omar Rojas, and Carlos Miguel Legón-Pérez

Subjects

PassPoints, graphical passwords, DIAG patterns, LINE patterns, maximum angles of a Delaunay triangle, Electrical and Electronic Engineering, Biochemistry, Instrumentation, Atomic and Molecular Physics, and Optics, Analytical Chemistry

Abstract

An alternative authentication method to traditional alphanumeric passwords is graphical password authentication, also known as graphical authentication, for which one of the most valuable cued-recall techniques is PassPoints. This technique stands out for its security and usability. However, it can be violated if the user follows a predefined pattern when selecting the five points in an image as their passwords, such as the DIAG and LINE patterns. Dictionary attacks can be built using these two patterns to compromise graphical passwords. So far, no reports have been found in the state of the art about any test capable of detecting graphical passwords with DIAG or LINE patterns in PassPoints. Studies carried out in other scenarios have shown the effectiveness of the characteristics of Delaunay triangulations in extracting information about the dependence between the points. In this work, graphical passwords formed by five randomly selected points on an image are compared with passwords whose points contain patterns of the DIAG or LINE type. The comparison is based on building for each password its Delaunay triangulation and calculating the mean value of the maximum angles of the triangles obtained; such a mean value is denoted by amadt. It is experimentally shown that in passwords containing DIAG and LINE patterns, the value of amadt is higher than the one obtained in passwords formed by random dots. From this result, it is proposed to use this amadt value as a statistic to build a test of means. This result constitutes the work’s main contribution: The proposal of a spatial randomness test to detect weak graphic passwords that contain DIAG and LINE type patterns. The importance and novelty of this result become evident when two aspects are taken into account: First, these weak passwords can be exploited by attackers to improve the effectiveness of their attacks; second, there are no prior criteria to detect this type of weak password. The practical application of said test contributes to increasing PassPoints security without substantially affecting its efficiency.

Published

2022

31. A partial evaluation approach for the School Bus Routing Problem

Author

Ana Camila Pérez, Eduardo Sánchez-Ansola, Alejandro Rosete, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

Multidisciplinary

Abstract

Several real-life optimization problems, such as the case of several instances of the School Bus Routing Problem (SBRP), are very complex and expensive to solve with exact algorithms. Metaheuristics are a good alternative in these situations because they are capable of generating good quality solutions to these problems in a reasonable time. Metaheuristics iterate thousands of times by introducing changes concerning the previous solutions. Each new solution must be evaluated, and sometimes, the new solutions have elements unchanged that are unnecessarily re-evaluated. However, an approach avoids repeatedly evaluating parts of different solutions known as partial evaluation. This work applies this technique to the SBRP to reduce its execution time. To apply the partial evaluation approach in this problem, each solution contains the information of the change that was made concerning the solution from which it originates. With this information, when evaluating the objective function, it will be only necessary to analyze the routes that changed. In the literature reviewed, no previous work was found in which the partial evaluation approach has been applied in the context of SBRP. In this paper we apply it in order to reduce the computational cost of SBRP solutions based on metaheuristics. The results show that it is possible to decrease the execution time in 80% of the instances, reducing the execution time on average by 73.6%.

Published

2021

32. Matheuristics for the Design of a Multi-Step, Multi-Product Supply Chain with Multimodal Transport

Author

Guillermo Sosa-Gómez, Omar Rojas, David A. Ruvalcaba-Sandoval, and Elias Olivares-Benitez

Subjects

Multimodal transport, Technology, Linear programming, Heuristic (computer science), Computer science, QH301-705.5, Supply chain, QC1-999, Automotive industry, General Materials Science, multimodal transport, Biology (General), Instrumentation, QD1-999, supply-chain network design, Fluid Flow and Transfer Processes, decomposition, business.industry, Process Chemistry and Technology, Physics, General Engineering, Engineering (General). Civil engineering (General), Industrial engineering, Computer Science Applications, Network planning and design, Task (computing), Chemistry, matheuristic, TA1-2040, Heuristics, business

Abstract

Supply-chain network design is a complex task because there are many decisions involved, and presently, global networks involve many actors and variables, for example, in the automotive, pharmaceutical, and electronics industries. This research addresses a supply-chain network design problem with four levels: suppliers, factories, warehouses, and customers. The problem considered decides on the number, locations, and capacities of factories and warehouses and the transportation between levels in the supply chain. The problem is modeled as a mixed-integer linear program. The main contribution of this work is the proposal of two matheuristic algorithms to solve the problem. Matheuristics are algorithms that combine exact methods and heuristics, attracting interest in the literature because of their fast execution and high-quality solutions. The matheuristics proposed to select the warehouses and their capacities following heuristic rules. Once the warehouses and their capacities are fixed, the algorithms solve reduced models using commercial optimization software. Medium and large instances were generated based on a procedure described in the literature. A comparison is made between the algorithms and the results obtained, solving the model with a time limit. The algorithms proposed are successful in obtaining better results for the largest instances in shorter execution times.

Published

2021

33. Local Search Trajectories over S-box space

Author

Guillermo Sosa-Gómez, Omar Rojas, Diego Oliva, Ismel Martínez Díaz, and Carlos Miguel Legón-Pérez

Subjects

Computer Networks and Communications, Safety, Risk, Reliability and Quality, Software

Published

2022

34. Study of Parameters in the Genetic Algorithm for the Attack on Block Ciphers

Author

M. A. Borges-Trenard, Omar Rojas, M. Borges-Quintana, Osmani Tito-Corrioso, and Guillermo Sosa-Gómez

Subjects

Physics and Astronomy (miscellaneous), Computer science, General Mathematics, 0211 other engineering and technologies, 02 engineering and technology, heuristics, 010502 geochemistry & geophysics, 01 natural sciences, law.invention, Set (abstract data type), cryptanalysis, law, 021105 building & construction, Genetic algorithm, Computer Science (miscellaneous), genetic algorithm, QA1-939, 0105 earth and related environmental sciences, Block cipher, AES(t), optimization, business.industry, Symmetric-key algorithm, Chemistry (miscellaneous), Cryptanalysis, business, Heuristics, Algorithm, Mathematics

Abstract

In recent years, the use of Genetic Algorithms (GAs) in symmetric cryptography, in particular in the cryptanalysis of block ciphers, has increased. In this work, the study of certain parameters that intervene in GAs was carried out, such as the time it takes to execute a certain number of iterations, so that a number of generations to be carried out in an available time can be estimated. Accordingly, the size of the set of individuals that constitute admissible solutions for GAs can be chosen. On the other hand, several fitness functions were introduced, and which ones led to better results was analyzed. The experiments were performed with the block ciphers AES(t), for t∈{3,4,7}.

Published

2021

35. Selecting an Effective Entropy Estimator for Short Sequences of Bits and Bytes with Maximum Entropy

Author

Carlos Miguel Legón-Pérez, Guillermo Sosa-Gómez, Omar Rojas, Lianet Contreras Rodríguez, and Evaristo José Madarro-Capó

Subjects

Uniform distribution (continuous), Mean squared error, Science, QC1-999, General Physics and Astronomy, randomness, 0102 computer and information sciences, 02 engineering and technology, Astrophysics, 01 natural sciences, Article, 0202 electrical engineering, electronic engineering, information engineering, Entropy (information theory), Randomness, Mathematics, cryptography, estimation, Physics, Principle of maximum entropy, Byte, Estimator, QB460-466, undersample, 010201 computation theory & mathematics, 020201 artificial intelligence & image processing, Information source (mathematics), entropy, Algorithm

Abstract

Entropy makes it possible to measure the uncertainty about an information source from the distribution of its output symbols. It is known that the maximum Shannon’s entropy of a discrete source of information is reached when its symbols follow a Uniform distribution. In cryptography, these sources have great applications since they allow for the highest security standards to be reached. In this work, the most effective estimator is selected to estimate entropy in short samples of bytes and bits with maximum entropy. For this, 18 estimators were compared. Results concerning the comparisons published in the literature between these estimators are discussed. The most suitable estimator is determined experimentally, based on its bias, the mean square error short samples of bytes and bits.

Published

2021

36. Test for Detection of Weak Graphic Passwords in Passpoint Based on the Mean Distance between Points

Author

Lisset Suárez-Plasencia, Carlos Miguel Legón-Pérez, Joaquín A. Herrera-Macías, Omar Rojas, Guillermo Sosa-Gómez, and Luis R. Piñeiro-Díaz

Subjects

K-function, Physics and Astronomy (miscellaneous), Computer science, mean distance, Passpoint, weak graphical passwords, authentication, access control, General Mathematics, Access control, 02 engineering and technology, 01 natural sciences, k-nearest neighbors algorithm, 010104 statistics & probability, QA1-939, 0202 electrical engineering, electronic engineering, information engineering, Computer Science (miscellaneous), 0101 mathematics, Password, Authentication, business.industry, Pattern recognition, Small sample, Function (mathematics), Test (assessment), Chemistry (miscellaneous), 020201 artificial intelligence & image processing, Artificial intelligence, business, Mathematics

Abstract

This work demonstrates the ineffectiveness of the Ripley’s K function tests, the distance to the nearest neighbor, and the empty space function in the Graphical Authentication scenario with Passpoint for the detection of non-random graphical passwords. The results obtained show that none of these tests effectively detect non-random graphical passwords; the reason for their failure is attributed to the small sample of the spatial pattern in question, where only the five points of the graphical password are analyzed. Consequently, a test based on mean distances is proposed, whose experiments show that it detects with good efficiency non-random graphical passwords in Passpoint. The test was designed to be included in the Graphical Authentication systems with Passpoint to warn the user about a possibly weak password during the registration phase, and in this way, the security of the system is increased.

Published

2021

37. Generation of the symmetric group Sn2

Author

Evaristo José Madarro Capó, Guillermo Sosa-Gómez, and Carlos Zequeira Sánchez

Subjects

Discrete mathematics, Mathematics::Combinatorics, Dimension (vector space), Symmetric group, Discrete Mathematics and Combinatorics, Random element, Random permutation, Mathematics

Abstract

In various scenarios today, the generation of random permutations has become an indispensable tool. Since random permutation of dimension [Formula: see text] is a random element of the symmetric group [Formula: see text], it is necessary to have algorithms capable of generating any permutation. This work demonstrates that it is possible to generate the symmetric group [Formula: see text] by shifting the components of a particular matrix representation of each permutation.

Published

2021

38. A New Family of Boolean Functions with Good Cryptographic Properties

Author

Omar Rojas, Octavio Páez-Osuna, Evaristo José Madarro-Capó, and Guillermo Sosa-Gómez

Subjects

Theoretical computer science, Logic, Computer science, Cryptography, 02 engineering and technology, 01 natural sciences, non-linearity, Hadamard transform, Hadamard, 0202 electrical engineering, electronic engineering, information engineering, 0101 mathematics, Algebraic number, Boolean function, Mathematical Physics, Algebra and Number Theory, cryptography, business.industry, lcsh:Mathematics, Extension (predicate logic), lcsh:QA1-939, 010101 applied mathematics, Range (mathematics), boolean function, 020201 artificial intelligence & image processing, Geometry and Topology, Variety (universal algebra), Heuristics, business, resilient, Analysis

Abstract

In 2005, Philippe Guillot presented a new construction of Boolean functions using linear codes as an extension of the Maiorana–McFarland’s (MM) construction of bent functions. In this paper, we study a new family of Boolean functions with cryptographically strong properties, such as non-linearity, propagation criterion, resiliency, and balance. The construction of cryptographically strong Boolean functions is a daunting task, and there is currently a wide range of algebraic techniques and heuristics for constructing such functions, however, these methods can be complex, computationally difficult to implement, and not always produce a sufficient variety of functions. We present in this paper a construction of Boolean functions using algebraic codes following Guillot’s work.

Published

2021

39. Analysis of the Number of Sides of Voronoi Polygons in PassPoint

Author

Raisa Socorro-Llanes, Guillermo Sosa-Gómez, Lisset Suárez-Plasencia, Omar Rojas, Joaquín A. Herrera-Macías, and Carlos Miguel Legón-Pérez

Subjects

Combinatorics, Voronoi polygon, Distribution (number theory), Feature (computer vision), Gamma distribution, Entropy (information theory), Authentication system, Computer Science::Computational Geometry, Expected value, Characteristic number, ComputingMethodologies_COMPUTERGRAPHICS, Mathematics

Abstract

The probabilistic distribution of the characteristics of Voronoi polygons has been extensively studied due to its many areas of application. In various works that differ in the number of polygons generated and in the size of their regions, it is concluded that the expected value of the characteristic number of sides of Voronoi polygons is equal to 6. In this work, this characteristic in the polygons generated by the graphical passwords of the graphical authentication system PassPoint is studied. Its distribution is estimated and it is shown that the expected value of the number of sides of the Voronoi polygons in this scenario differs from previous works. The effectiveness of this feature is evaluated to detect weak graphical passwords made up of grouped dots. They are to be detected by estimating the entropy of the number of sides and by the expected value of the number of sides. It is concluded that the distribution of the number of sides in this scenario does not the 3-parameter gamma distribution reported in previous work or any of 61 distributions that were tested, and that the entropy and the expected value of the number of sides are not efficient for the detection of weak graphical passwords of PassPoint formed by 5 grouped points.

Published

2021

40. Variable Mesh Optimization for Continuous Optimization and Multimodal Problems

Author

Omar Rojas, Jarvin A. Antón-Vargas, Guillermo Sosa-Gómez, and Luis A. Quintero-Domínguez

Subjects

Continuous optimization, Mathematical optimization, education.field_of_study, Optimization problem, Mesh optimization, Homogeneous, Computer science, Population, education, Metaheuristic, Linear subspace, Variable (mathematics)

Abstract

Optimization problems with continuous variables are very often in real-life scenarios. This is why several studies have focused on the use of metaheuristics to solve these problems, known as continuous optimization problems. This chapter focuses on the robust population-based metaheuristic Variable Mesh Optimization (VMO). We review the fundamental aspects of VMO for continuous optimization. Moreover, we analyze the variants of VMO that have been proposed to solve multimodal problems, i.e. those with multiple optima at several search subspaces. The chapter uses a homogeneous algorithmic framework to describe VMO and its variants with niching strategies for multimodal problems.

Published

2021

41. Effectiveness of Some Tests of Spatial Randomness in the Detection of Weak Graphical Passwords in Passpoint

Author

Omar Rojas, Lisset Suárez-Plasencia, Joaquín A. Herrera-Macías, Luis R. Piñeiro-Díaz, Guillermo Sosa-Gómez, and Carlos Miguel Legón-Pérez

Subjects

Password, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Authentication, K-function, Computer science, business.industry, Pattern recognition, Usability, Artificial intelligence, business, Randomness, Image (mathematics), k-nearest neighbors algorithm

Abstract

This paper explores the usability of the Ripley’s K function and the nearest neighbor distance, in the detection of clustered graphical passwords in the graphical authentication stage. For it, both tests were applied to two bases of data of 10, 000 clustered graphical passwords each, the first with graphical passwords clustered in an area lesser than the fourth part of the original image, the second clustered in an area lesser than eighth part of the image. The results show that none of these tests is effective in the detection of clustered graphical passwords, the reason of such failure is due to the short size of the spatial pattern in question, only the 5 points of the graphical password analyzed.

Published

2021

42. Bit Independence Criterion Extended to Stream Ciphers

Author

Carlos Miguel Legón-Pérez, Guillermo Sosa-Gómez, Evaristo José Madarro-Capó, Raisa Socorro-Llanes, and Omar Rojas

Subjects

Computer science, bit independence, 0211 other engineering and technologies, 02 engineering and technology, RC4, lcsh:Technology, lcsh:Chemistry, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, Arithmetic, Instrumentation, Stream cipher, lcsh:QH301-705.5, Block cipher, Computer Science::Cryptography and Security, Fluid Flow and Transfer Processes, 021110 strategic, defence & security studies, Degree (graph theory), lcsh:T, Process Chemistry and Technology, General Engineering, 020207 software engineering, bit independence criterion, lcsh:QC1-999, stream cipher, Computer Science Applications, Bit (horse), lcsh:Biology (General), lcsh:QD1-999, lcsh:TA1-2040, Independence (mathematical logic), lcsh:Engineering (General). Civil engineering (General), complexity, lcsh:Physics

Abstract

The bit independence criterion was proposed to evaluate the security of the S-boxes used in block ciphers. This paper proposes an algorithm that extends this criterion to evaluate the degree of independence between the bits of inputs and outputs of the stream ciphers. The effectiveness of the algorithm is experimentally confirmed in two scenarios: random outputs independent of the input, in which it does not detect dependence, and in the RC4 ciphers, where it detects significant dependencies related to some known weaknesses. The complexity of the algorithm is estimated based on the number of inputs l, and the dimensions, n and m, of the inputs and outputs, respectively.

Published

2020

43. Measuring Independence between Statistical Randomness Tests by Mutual Information

Author

Guillermo Sosa-Gómez, Evaristo José Madarro-Capó, Carlos Miguel Legón-Pérez, Jorge Augusto Karell-Albo, and Omar Rojas

Subjects

Dependency (UML), Computer science, independence, General Physics and Astronomy, lcsh:Astrophysics, Mutual information, statistical randomness tests, Measure (mathematics), Article, lcsh:QC1-999, Statistical randomness, Nonlinear system, NIST, Statistics, lcsh:QB460-466, lcsh:Q, mutual information, lcsh:Science, Randomness, Independence (probability theory), lcsh:Physics

Abstract

The analysis of independence between statistical randomness tests has had great attention in the literature recently. Dependency detection between statistical randomness tests allows one to discriminate statistical randomness tests that measure similar characteristics, and thus minimize the amount of statistical randomness tests that need to be used. In this work, a method for detecting statistical dependency by using mutual information is proposed. The main advantage of using mutual information is its ability to detect nonlinear correlations, which cannot be detected by the linear correlation coefficient used in previous work. This method analyzes the correlation between the battery tests of the National Institute of Standards and Technology, used as a standard in the evaluation of randomness. The results of the experiments show the existence of statistical dependencies between the tests that have not been previously detected.

Published

2020

44. An Application of Hadamard Transform to Test Stream Ciphers

Author

Guillermo Sosa-Gómez, Omar Rojas, and Octavio Páez-Osuna

Subjects

ComputingMilieux_THECOMPUTINGPROFESSION, law, Hadamard transform, Computer science, Computer Science::Multimedia, DECIPHER, Data_CODINGANDINFORMATIONTHEORY, Arithmetic, Cryptanalysis, Stream cipher, Computer Science::Cryptography and Security, law.invention

Abstract

In this chapter, we discuss results obtained on an application of the Hadamard transform to cryptanalysis, and in particular, we determine the probability to decipher different pseudo-random number generators used as components of stream ciphers.

Published

2020

45. An Heuristic Algorithm to Calculate the Minimum Amount of Anesthesia Using MRI

Author

Enrique González-Martín, Omar Rojas, and Guillermo Sosa-Gómez

Subjects

Computer science, Region growing, Heuristic (computer science), Anesthesia, Image registration, In patient, Segmentation, Volume (compression)

Abstract

In this work, we introduce a heuristic segmentation algorithm for the detection and subsequent segmentation of the volume of cerebrospinal fluid (CSF) that allows from MRI to calculate the CSF due to the importance of this represents to calculate the amount of anesthesia to be used in patients.

Published

2020

46. Measuring Avalanche Properties on RC4 Stream Cipher Variants

Author

Guillermo Sosa-Gómez, Evaristo José Madarro-Capó, Carlos Miguel Legón-Pérez, and Omar Rojas

Subjects

Technology, QH301-705.5, Computer science, QC1-999, RC4, BIC, General Materials Science, Biology (General), Arithmetic, QD1-999, Instrumentation, Stream cipher, statistical dependence, Fluid Flow and Transfer Processes, business.industry, Physics, Process Chemistry and Technology, RC4 variants, General Engineering, SAC, Usability, Engineering (General). Civil engineering (General), stream cipher, Computer Science Applications, Chemistry, Independence (mathematical logic), TA1-2040, business

Abstract

In the last three decades, the RC4 has been the most cited stream cipher, due to a large amount of research carried out on its operation. In this sense, dissimilar works have been presented on its performance, security, and usability. One of the distinguishing features that stand out the most is the sheer number of RC4 variants proposed. Recently, a weakness has been reported regarding the existence of statistical dependence between the inputs and outputs of the RC4, based on the use of the strict avalanche criterion and the bit independence criterion. This work analyzes the influence of this weakness in some of its variants concerning RC4. The five best-known variants of RC4 were compared experimentally and classified into two groups according to the presence or absence of such a weakness.

Published

2021

47. Debilidad SAC en el algoritmo de cifrado en flujo RC4

Author

Evaristo J. Madarro Capó, Oristela Justiz Cuellar, Carlos M. Legón, and Guillermo Sosa Gómez

Subjects

lcsh:Computer engineering. Computer hardware, entradas de colisión, criterio estricto de avalancha, correlación estadística, lcsh:TK7885-7895, RC4

Abstract

En este trabajo se describe una interesante vía para la detección de la existencia de entradas de colisión en el algoritmo de cifrado en flujo RC4 basado en el criterio estricto de avalancha y se discuten los resultados obtenidos en comparación con las debilidades y ataques reportados sobre el RC4 que plantean la existencia de una fuerte correlación entre los parámetros de entrada y salida del algoritmo.

Published

2017

48. Search-Space Reduction for S-Boxes Resilient to Power Attacks

Author

Ricardo Sánchez-Muiña, Omar Rojas, Dianne Miyares-Moreno, Carlos Miguel Legón-Pérez, Guillermo Sosa-Gómez, Ismel Martínez-Díaz, and Yasser Bardaji-López

Subjects

Technology, Class (set theory), QH301-705.5, QC1-999, 0102 computer and information sciences, 02 engineering and technology, S-boxes, Space (mathematics), Computer Science::Digital Libraries, 01 natural sciences, Reduction (complexity), Dimension (vector space), 0202 electrical engineering, electronic engineering, information engineering, power attacks, General Materials Science, Biology (General), Hamming weight, QD1-999, Instrumentation, Mathematics, Fluid Flow and Transfer Processes, Discrete mathematics, Physics, Process Chemistry and Technology, equivalence classes, General Engineering, Engineering (General). Civil engineering (General), confusion coefficient variance, Computer Science Applications, Chemistry, 010201 computation theory & mathematics, Metric (mathematics), Bijection, Computer Science::Programming Languages, 020201 artificial intelligence & image processing, TA1-2040, cryptology, Hamming code

Abstract

The search of bijective n×n S-boxes resilient to power attacks in the space of dimension (2n)! is a controversial topic in the cryptology community nowadays. This paper proposes partitioning the space of (2n)! S-boxes into equivalence classes using the hypothetical power leakage according to the Hamming weights model, which ensures a homogeneous theoretical resistance within the class against power attacks. We developed a fast algorithm to generate these S-boxes by class. It was mathematically demonstrated that the theoretical metric confusion coefficient variance takes constant values within each class. A new search strategy—jumping over the class space—is justified to find S-boxes with high confusion coefficient variance in the space partitioned by Hamming weight classes. In addition, a decision criterion is proposed to move quickly between or within classes. The number of classes and the number of S-boxes within each class are calculated, showing that, as n increases, the class space dimension is an ever-smaller fraction of the space of S-boxes, which significantly reduces the space of search of S-boxes resilient to power attacks, when the search is performed from class to class.

Published

2021

49. A modified Multifractal Detrended Fluctuation Analysis (MFDFA) approach for multifractal analysis of precipitation

Author

Guillermo Sosa-Gómez, Israel Quiros Rodríguez, Jorge Luis Morales Martínez, Francisco Antonio Horta-Rangel, and Ignacio Segovia-Dominguez

Subjects

Statistics and Probability, Hurst exponent, Gaussian, Model selection, Statistical and Nonlinear Physics, Multifractal system, 01 natural sciences, Fractal dimension, 010305 fluids & plasmas, symbols.namesake, 0103 physical sciences, symbols, Detrended fluctuation analysis, Trigonometric functions, Statistical physics, 010306 general physics, Brownian motion, Mathematics

Abstract

Multifractal Detrended Fluctuation Analysis (MFDFA) is an efficient method to investigate the long-term correlations of the power law of non-stationary time series, in which the elimination of local trends usually depends upon a fixed-constant polynomial order. In this paper, we propose a flexible set of polynomial and trigonometric functions to better detect, and correctly model, hidden local trends in the time series at different scales. We introduce the Multifractal Detrended Fluctuation Analysis with Polynomial and Trigonometric functions (MFDFAPT) method via optimal model selection from an optimization framework. The performance of MFDFAPT is assessed with extensive numerical experiments based on the multifractal binomial cascade process, fractional Brownian movements, and fractional Gaussian noises. MFDFAPT shows better performance than MFDFA in the approximation of the Hurst index, and correctly determines the scalar behavior in stationary and non-stationary series. Additionally we apply MFDFAPT to detect and characterize the scalar properties of the daily precipitation time series in meteorological stations of Tabasco, Mexico. Our results confirm previous indications that the general Hurst exponent depends on the physiographic characteristics of the study area, and that fractal dimension correctly characterizes the series of daily precipitations in tropical regions.

Published

2021

50. Algorithm to detect and calculate the cerebrospinal fluid (CSF) through Magnetic Resonance Imaging (MRI)

Author

Omar Rojas, Enrique González-Martín, and Guillermo Sosa-Gómez

Subjects

Physics, lcsh:Medical technology, medicine.diagnostic_test, lcsh:R, lcsh:Medicine, Image registration, Health Informatics, Magnetic resonance imaging, image registration, Cerebrospinal fluid, Nuclear magnetic resonance, lcsh:R855-855.5, Region growing, Computer Science (miscellaneous), medicine, magnetic resonance imaging, cerebrospinal fluid (csf), region growing

Abstract

INTRODUCTION: An heuristic algorithm for detection and segmentation of cerebrospinal fluid through magnetic resonance imaging is presented. OBJECTIVE: The objective of the method is to calculate the minimum amount of anesthesia to be used in patients at the time of an operation and thus make a decision based on the algorithm. METHODS: The pattern-based CSF segmentation algorithm presented is based on finite cellular automata that takes as input light and dark images obtained from MRI methods. RESULTS: Based on Fieldman’s test, results show that the algorithm is as efficient as the decision taken by two different operators regarding the mL of anesthesia to be used in the patient.

Published

2020