Scopus İndeksli Yayınlar Koleksiyonu / Scopus Indexed Publications Collection
Permanent URI for this collectionhttps://hdl.handle.net/11147/7148
Browse
11 results
Search Results
Conference Object Citation - WoS: 1Citation - Scopus: 1Robust and Energy-Efficient Hardware Architectures for Dizy Stream Cipher(IEEE, 2024) Schmid, Martin; Arul, Tolga; Kavun, Elif Bilge; Regazzoni, Francesco; Kara, OrhunIn the era of ubiquitous computing, efficient and secure implementations of cryptographic hardware are crucial. This paper extends the hardware implementations of a Small Internal State Stream (SISS) cipher, namely DIZY. Previous work shows that DIZY's hardware performance, in terms of area cost and power consumption, is among the best when compared to notable stream ciphers, especially for frame-based encryptions requiring frequent initialization. In this study, we initially optimize the existing hardware implementation and then evaluate the energy efficiency of DIZY. We implement different unrolled versions of DIZY and analyze their energy consumption. Furthermore, we address physical security by integrating masking techniques into the DIZY S-box to protect the implementation against side-channel attacks. We thoroughly investigate the associated overhead and apply optimizations to reduce it, ensuring robust security without compromising efficiency. Our results present a secure, energy-efficient, and lightweight cryptographic hardware design for the stream cipher DIZY, making it suitable for various applications, including Internet of Things (IoT) and embedded systems.Article Citation - WoS: 1Citation - Scopus: 1Fractional Duals of the Poisson Process on Time Scales With Applications in Cryptography(Springernature, 2024) Gharari, Fatemeh; Hematpour, Nafiseh; Bakouch, Hassan S.; Popovic, Predrag M.A super-structure system for probability densities, covering not just typical types but also fractional ones, was developed using the time scale theory. From a mathematical point of view, we discover duals of the Poisson process on the time scale T=R\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {T}=\mathbb {R}$$\end{document} for the time scales T=Z\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\mathbb {T}=\mathbb {Z}$$\end{document} and T=qZ,\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$ \mathbb {T}=q<^>{\mathbb {Z}},$$\end{document} evaluating del-\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\nabla -$$\end{document}calculus and Delta-\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$$\Delta -$$\end{document}calculus. Also, we search the fractional extensions of the Poisson process on these time scales and detect duals of them. A simulation allows for comparing the nabla and delta types of the observed distributions, not just typical types but also fractional ones. As an application, we also propose new substitution boxes (S-boxes) using the proposed stochastic models and compare the performance of S-boxes created in this way. Given that the S-box is the core for confusion in Advanced Encryption Standard (AES), the formation of these new S-boxes represents an interesting application of these stochastic models.Article Citation - WoS: 1Citation - Scopus: 2New Security Proofs and Complexity Records for Advanced Encryption Standard(IEEE-Inst Electrical Electronics Engineers Inc, 2023) Kara, OrhunCommon block ciphers like AES specified by the NIST or KASUMI (A5/3) of GSM are extensively utilized by billions of individuals globally to protect their privacy and maintain confidentiality in daily communications. However, these ciphers lack comprehensive security proofs against the vast majority of known attacks. Currently, security proofs are limited to differential and linear attacks for both AES and KASUMI. For instance, the consensus on the security of AES is not based on formal mathematical proofs but on intensive cryptanalysis over its reduced rounds spanning several decades. In this work, we introduce new security proofs for AES against another attack method: impossible differential (ID) attacks. We classify ID attacks as reciprocal and nonreciprocal ID attacks. We show that sharp and generic lower bounds can be imposed on the data complexities of reciprocal ID attacks on substitution permutation networks. We prove that the minimum data required for a reciprocal ID attack on AES using a conventional ID characteristic is 2(66) chosen plaintexts whereas a nonreciprocal ID attack involves at least 2(88) computational steps. We mount a nonreciprocal ID attack on 6-round AES for 192-bit and 2(56)-bit keys, which requires only 2(18) chosen plaintexts and outperforms the data complexity of any attack. Given its marginal time complexity, this attack does not pose a substantial threat to the security of AES. However, we have made enhancements to the integral attack on 6-round AES, thereby surpassing the longstanding record for the most efficient attack after a period of 23 years.Article Citation - WoS: 1Citation - Scopus: 4A Practical Privacy-Preserving Targeted Advertising Scheme for Iptv Users(Springer Verlag, 2016) Khayati, Leyli Javid; Örencik, Cengiz; Savaş, Erkay; Ustaoğlu, BerkantIn this work, we present a privacy-preserving scheme for targeted advertising via the Internet Protocol TV (IPTV). The scheme uses a communication model involving a collection of subscribers, a content provider (IPTV), advertisers and a semi-trusted server. To target potential customers, the advertiser can utilize not only demographic information of subscribers, but also their watching habits. The latter includes watching history, preferences for IPTV content and watching rate, which are periodically (e.g., weekly) published on a semi-trusted server (e.g., cloud server) along with anonymized demographics. Since the published data may leak sensitive information about subscribers, it is safeguarded using cryptographic techniques in addition to the anonymization of demographics. The techniques used by the advertiser, which can be manifested in its queries to the server, are considered (trade) secrets and therefore are protected as well. The server is oblivious to the published data and the queries of the advertiser as well as its own responses to these queries. Only a legitimate advertiser, endorsed with so-called trapdoors by the IPTV, can query the cloud server and access the query results. Even when some background information about users is available, query responses do not leak sensitive information about the IPTV users. The performance of the proposed scheme is evaluated with experiments, which show that the scheme is practical. The algorithms demonstrate both weak and strong scaling property and take advantage of high level of parallelism. The scheme can also be applied as a recommendation system. © 2015, Springer-Verlag Berlin Heidelberg.Conference Object Citation - Scopus: 1Privacy-Preserving Targeted Advertising Scheme for Iptv Using the Cloud(SciTePress, 2012) Khayati, Leyli Javid; Savaş, Erkay; Ustaoğlu, Berkant; Örencik, CengizIn this paper, we present a privacy-preserving scheme for targeted advertising via the Internet Protocol TV (IPTV). The scheme uses a communication model involving a collection of viewers/subscribers, a content provider (IPTV), an advertiser, and a cloud server. To provide high quality directed advertising service, the advertiser can utilize not only demographic information of subscribers, but also their watching habits. The latter includes watching history, preferences for IPTV content and watching rate, which are published on the cloud server periodically (e.g. weekly) along with anonymized demographics. Since the published data may leak sensitive information about subscribers, it is safeguarded using cryptographic techniques in addition to the anonymization of demographics. The techniques used by the advertiser, which can be manifested in its queries to the cloud, are considered (trade) secrets and therefore are protected as well. The cloud is oblivious to the published data, the queries of the advertiser as well as its own responses to these queries. Only a legitimate advertiser, endorsed with a so-called trapdoor by the IPTV, can query the cloud and utilize the query results. The performance of the proposed scheme is evaluated with experiments, which show that the scheme is suitable for practical usage.Conference Object Citation - WoS: 9Citation - Scopus: 24Modeling Leakage of Ephemeral Secrets in Tripartite/Group Key Exchange(Springer Verlag, 2010) Manulis, Mark; Suzuki, Koutarou; Ustaoğlu, BerkantRecent advances in the design and analysis of secure two-party key exchange (2KE) such as the leakage of ephemeral secrets used during the attacked sessions remained unnoticed by the current models for group key exchange (GKE). Focusing on a special case of GKE - the tripartite key exchange (3KE) - that allows for efficient one-round protocols, we demonstrate how to incorporate these advances to the multi-party setting. From this perspective our work closes the most pronounced gap between provably secure 2KE and GKE protocols. The proposed 3KE protocol is an implicitly authenticated protocol with one communication round which remains secure even in the event of ephemeral secret leakage. It also significantly improves upon currently known 3KE protocols, many of which are insecure. An optional key confirmation round can be added to our proposal to achieve the explicitly authenticated protocol variant. © 2010 Springer-Verlag.Conference Object Citation - WoS: 4Reusing Static Keys in Key Agreement Protocols(Springer Verlag, 2009) Chatterjee, Sanjit; Menezes, Alfred; Ustaoğlu, BerkantContrary to conventional cryptographic wisdom, the NIST SP 800-56A standard explicitly allows the use of a static key pair in more than one of the key establishment protocols described in the standard. In this paper, we give examples of key establishment protocols that are individually secure, but which are insecure when static key pairs are reused in two of the protocols. We also propose an enhancement of the extended Canetti-Krawczyk security model and definition for the situation where static public keys are reused in two or more key agreement protocols. © 2009 Springer-Verlag.Conference Object Citation - WoS: 22Multi-Party Off-The Messaging(Association for Computing Machinery (ACM), 2009) Goldberg, Ian; Ustaoğlu, Berkant; Van Gundy, Matthew D.; Chen, HaoMost cryptographic algorithms provide a means for secret and authentic communication. However, under many circumstances, the ability to repudiate messages or deny a conversation is no less important than secrecy and authenticity. For whistleblowers, informants, political dissidents and journalists - to name a few - it is most important to have means for deniable conversation, where electronic communication must mimic face-to-face private meetings. Off-the-Record Messaging, proposed in 2004 by Borisov, Goldberg and Brewer, and its subsequent improvements, simulate private two-party meetings. Despite some attempts, the multi-party scenario remains unresolved. In this paper, we first identify the properties of multi-party private meetings. We illustrate the differences not only between the physical and electronic medium but also between two- and multi-party scenarios, which have important implications for the design of private chatrooms. We then propose a solution to multi-party off-the-record instant messaging that satisfies the above properties. Our solution is also composable with extensions that provide other properties, such as anonymity. Copyright 2009 ACM.Article Citation - WoS: 4Citation - Scopus: 9End-To Security Implementation for Mobile Devices Using Tls Protocol(Springer Verlag, 2006) Kayayurt, Barış; Tuğlular, TuğkanEnd-to-end security has been an emerging need for mobile devices with the widespread use of personal digital assistants and mobile phones. Transport Layer Security Protocol (TLS) is an end-to-end security protocol that is commonly used on the Internet, together with its predecessor, SSL protocol. By implementing TLS protocol in the mobile world, the advantage of the proven security model of this protocol can be utilized. The main design goals of mobile end-to-end security protocol are maintainability and extensibility. Cryptographic operations are performed with a free library, Bouncy Castle Cryptography Package. The object oriented architecture of proposed end-to-end security protocol implementation makes the replacement of this library with another cryptography package easier. The implementation has been experimented with different cases, which represent use of different cryptographic algorithms.Conference Object Citation - WoS: 2Citation - Scopus: 4Computational Cost Analysis of Elliptic Curve Arithmetic(Institute of Electrical and Electronics Engineers Inc., 2006) Atay, Serap; Koltuksuz, Ahmet; Hışıl, Hüseyin; Eren, ŞabanElliptic curves are proposed for the asymmetrical cryptography by Neal Koblitz and Victor Miller in 1986 separately. Elliptic curve cryptography (ECC) is utilized by hardware embedded solutions on mobile equipments and smart cards after 2000. Currently, software implementation of ECC faces the computational speed problem. One of the proposed solutions is to do the arithmetic operations on different Euclidean coordinate systems. This paper concentrates on the research of this technique and delineates the performance results of the implementation of the aforementioned technique on the different cryptographic libraries such as CRYMPIX, GMP and MIRACL.