-
Mitigation of Channel Tampering Attacks in Continuous-Variable Quantum Key Distribution
Authors:
Sebastian P. Kish,
Chandra Thapa,
Mikhael Sayat,
Hajime Suzuki,
Josef Pieprzyk,
Seyit Camtepe
Abstract:
Despite significant advancements in continuous-variable quantum key distribution (CV-QKD), practical CV-QKD systems can be compromised by various attacks. Consequently, identifying new attack vectors and countermeasures for CV-QKD implementations is important for the continued robustness of CV-QKD. In particular, as CV-QKD relies on a public quantum channel, vulnerability to communication disrupti…
▽ More
Despite significant advancements in continuous-variable quantum key distribution (CV-QKD), practical CV-QKD systems can be compromised by various attacks. Consequently, identifying new attack vectors and countermeasures for CV-QKD implementations is important for the continued robustness of CV-QKD. In particular, as CV-QKD relies on a public quantum channel, vulnerability to communication disruption persists from potential adversaries employing Denial-of-Service (DoS) attacks. Inspired by DoS attacks, this paper introduces a novel threat in CV-QKD called the Channel Amplification (CA) attack, wherein Eve manipulates the communication channel through amplification. We specifically model this attack in a CV-QKD optical fiber setup. To counter this threat, we propose a detection and mitigation strategy. Detection involves a machine learning (ML) model based on a decision tree classifier, classifying various channel tampering attacks, including CA and DoS attacks. For mitigation, Bob, post-selects quadrature data by classifying the attack type and frequency. Our ML model exhibits high accuracy in distinguishing and categorizing these attacks. The CA attack's impact on the secret key rate (SKR) is explored concerning Eve's location and the relative intensity noise of the local oscillator (LO). The proposed mitigation strategy improves the attacked SKR for CA attacks and, in some cases, for hybrid CA-DoS attacks. Our study marks a novel application of both ML classification and post-selection in this context. These findings are important for enhancing the robustness of CV-QKD systems against emerging threats on the channel.
△ Less
Submitted 12 June, 2024; v1 submitted 29 January, 2024;
originally announced January 2024.
-
Compression Optimality of Asymmetric Numeral Systems
Authors:
Josef Pieprzyk,
Jarek Duda,
Marcin Pawlowski,
Seyit Camtepe,
Arash Mahboubi,
Pawel Morawiecki
Abstract:
Compression also known as entropy coding has a rich and long history. However, a recent explosion of multimedia Internet applications (such as teleconferencing and video streaming for instance) renews an interest in fast compression that also squeezes out as much redundancy as possible. In 2009 Jarek Duda invented his asymmetric numeral system (ANS). Apart from a beautiful mathematical structure,…
▽ More
Compression also known as entropy coding has a rich and long history. However, a recent explosion of multimedia Internet applications (such as teleconferencing and video streaming for instance) renews an interest in fast compression that also squeezes out as much redundancy as possible. In 2009 Jarek Duda invented his asymmetric numeral system (ANS). Apart from a beautiful mathematical structure, it is very efficient and offers compression with a very low residual redundancy. ANS works well for any symbol source statistics. Besides, ANS has become a preferred compression algorithm in the IT industry. However, designing ANS instance requires a random selection of its symbol spread function. Consequently, each ANS instance offers compression with a slightly different compression rate.
The paper investigates compression optimality of ANS. It shows that ANS is optimal (i.e. the entropies of encoding and source are equal) for any symbol sources whose probability distribution is described by natural powers of 1/2. We use Markov chains to calculate ANS state probabilities. This allows us to determine ANS compression rate precisely. We present two algorithms for finding ANS instances with high compression rates. The first explores state probability approximations in order to choose ANS instances with better compression rates. The second algorithm is a probabilistic one. It finds ANS instances, whose compression rate can be made as close to the best rate as required. This is done at the expense of the number $θ$ of internal random ``coin'' tosses. The algorithm complexity is ${\cal O}(θL^3)$, where $L$ is the number of ANS states. The complexity can be reduced to ${\cal O}(θL\log{L})$ if we use a fast matrix inversion. If the algorithm is implemented on quantum computer, its complexity becomes ${\cal O}(θ(\log{L})^3)$.
△ Less
Submitted 6 September, 2022;
originally announced September 2022.
-
Transformer-Based Language Models for Software Vulnerability Detection
Authors:
Chandra Thapa,
Seung Ick Jang,
Muhammad Ejaz Ahmed,
Seyit Camtepe,
Josef Pieprzyk,
Surya Nepal
Abstract:
The large transformer-based language models demonstrate excellent performance in natural language processing. By considering the transferability of the knowledge gained by these models in one domain to other related domains, and the closeness of natural languages to high-level programming languages, such as C/C++, this work studies how to leverage (large) transformer-based language models in detec…
▽ More
The large transformer-based language models demonstrate excellent performance in natural language processing. By considering the transferability of the knowledge gained by these models in one domain to other related domains, and the closeness of natural languages to high-level programming languages, such as C/C++, this work studies how to leverage (large) transformer-based language models in detecting software vulnerabilities and how good are these models for vulnerability detection tasks. In this regard, firstly, a systematic (cohesive) framework that details source code translation, model preparation, and inference is presented. Then, an empirical analysis is performed with software vulnerability datasets with C/C++ source codes having multiple vulnerabilities corresponding to the library function call, pointer usage, array usage, and arithmetic expression. Our empirical results demonstrate the good performance of the language models in vulnerability detection. Moreover, these language models have better performance metrics, such as F1-score, than the contemporary models, namely bidirectional long short-term memory and bidirectional gated recurrent unit. Experimenting with the language models is always challenging due to the requirement of computing resources, platforms, libraries, and dependencies. Thus, this paper also analyses the popular platforms to efficiently fine-tune these models and present recommendations while choosing the platforms.
△ Less
Submitted 5 September, 2022; v1 submitted 7 April, 2022;
originally announced April 2022.
-
Physical Publicly Verifiable Randomness from Pulsars
Authors:
J. R. Dawson,
George Hobbs,
Yansong Gao,
Seyit Camtepe,
Josef Pieprzyk,
Yi Feng,
Luke Tranfa,
Sarah Bradbury,
Weiwei Zhu,
Di Li,
.
Abstract:
We demonstrate how radio pulsars can be used as random number generators. Specifically, we focus on publicly verifiable randomness (PVR), in which the same sequence of trusted and verifiable random numbers is obtained by multiple parties. PVR is a critical building block for many processes and algorithms (including cryptography, scientific trials, electoral audits and international treaties). Howe…
▽ More
We demonstrate how radio pulsars can be used as random number generators. Specifically, we focus on publicly verifiable randomness (PVR), in which the same sequence of trusted and verifiable random numbers is obtained by multiple parties. PVR is a critical building block for many processes and algorithms (including cryptography, scientific trials, electoral audits and international treaties). However, current approaches (based on number theory) may soon become vulnerable to quantum computers, motivating a growing demand for PVR based on natural physical phenomena. In this context, we explore pulsars as a potential physical PVR source. We first show that bit sequences extracted from the measured flux densities of a bright millisecond pulsar can pass standardised tests for randomness. We then quantify three illustrative methods of bit-extraction from pulsar flux density sequences, using simultaneous observations of a second pulsar carried out with the Parkes telescope in Australia and the Five-hundred-metre Aperture Spherical radio Telescope (FAST) in China, supported by numerical simulations. We demonstrate that the same bit sequence can indeed be obtained at both observatories, but the ubiquitous presence of radiometer noise needs to be accounted for when determining the expected bit error rate between two independent sequences. We discuss our results in the context of an imaginary use-case in which two mutually distrusting parties wish to obtain the same random bit sequence, exploring potential methods to mitigate against a malicious participant.
△ Less
Submitted 15 January, 2022;
originally announced January 2022.
-
Lattice Blind Signatures with Forward Security
Authors:
Huy Quoc Le,
Dung Hoang Duong,
Willy Susilo,
Ha Thanh Nguyen Tran,
Viet Cuong Trinh,
Josef Pieprzyk,
Thomas Plantard
Abstract:
Blind signatures play an important role in both electronic cash and electronic voting systems. Blind signatures should be secure against various attacks (such as signature forgeries). The work puts a special attention to secret key exposure attacks, which totally break digital signatures. Signatures that resist secret key exposure attacks are called forward secure in the sense that disclosure of a…
▽ More
Blind signatures play an important role in both electronic cash and electronic voting systems. Blind signatures should be secure against various attacks (such as signature forgeries). The work puts a special attention to secret key exposure attacks, which totally break digital signatures. Signatures that resist secret key exposure attacks are called forward secure in the sense that disclosure of a current secret key does not compromise past secret keys. This means that forward-secure signatures must include a mechanism for secret-key evolution over time periods.
This paper gives a construction of the first blind signature that is forward secure. The construction is based on the SIS assumption in the lattice setting. The core techniques applied are the binary tree data structure for the time periods and the trapdoor delegation for the key-evolution mechanism.
△ Less
Submitted 14 July, 2020;
originally announced July 2020.
-
Trapdoor Delegation and HIBE from Middle-Product LWE in Standard Model
Authors:
Huy Quoc Le,
Dung Hoang Duong,
Willy Susilo,
Josef Pieprzyk
Abstract:
At CRYPTO 2017, Rosca, Sakzad, Stehle and Steinfeld introduced the Middle--Product LWE (MPLWE) assumption which is as secure as Polynomial-LWE for a large class of polynomials, making the corresponding cryptographic schemes more flexible in choosing the underlying polynomial ring in design while still kee** the equivalent efficiency. Recently at TCC 2019, Lombardi, Vaikuntanathan and Vuong intro…
▽ More
At CRYPTO 2017, Rosca, Sakzad, Stehle and Steinfeld introduced the Middle--Product LWE (MPLWE) assumption which is as secure as Polynomial-LWE for a large class of polynomials, making the corresponding cryptographic schemes more flexible in choosing the underlying polynomial ring in design while still kee** the equivalent efficiency. Recently at TCC 2019, Lombardi, Vaikuntanathan and Vuong introduced a variant of MPLWE assumption and constructed the first IBE scheme based on MPLWE. Their core technique is to construct lattice trapdoors compatible with MPLWE in the same paradigm of Gentry, Peikert and Vaikuntanathan at STOC 2008. However, their method cannot directly offer a Hierachical IBE construction. In this paper, we make a step further by proposing a novel trapdoor delegation mechanism for an extended family of polynomials from which we construct, for the first time, a Hierachical IBE scheme from MPLWE. Our Hierachy IBE scheme is provably secure in the standard model.
△ Less
Submitted 14 July, 2020;
originally announced July 2020.
-
Puncturable Encryption: A Generic Construction from Delegatable Fully Key-Homomorphic Encryption
Authors:
Willy Susilo,
Dung Hoang Duong,
Huy Quoc Le,
Josef Pieprzyk
Abstract:
Puncturable encryption (PE), proposed by Green and Miers at IEEE S&P 2015, is a kind of public key encryption that allows recipients to revoke individual messages by repeatedly updating decryption keys without communicating with senders. PE is an essential tool for constructing many interesting applications, such as asynchronous messaging systems, forward-secret zero round-trip time protocols, pub…
▽ More
Puncturable encryption (PE), proposed by Green and Miers at IEEE S&P 2015, is a kind of public key encryption that allows recipients to revoke individual messages by repeatedly updating decryption keys without communicating with senders. PE is an essential tool for constructing many interesting applications, such as asynchronous messaging systems, forward-secret zero round-trip time protocols, public-key watermarking schemes and forward-secret proxy re-encryptions. This paper revisits PEs from the observation that the puncturing property can be implemented as efficiently computable functions. From this view, we propose a generic PE construction from the fully key-homomorphic encryption, augmented with a key delegation mechanism (DFKHE) from Boneh et al. at Eurocrypt 2014. We show that our PE construction enjoys the selective security under chosen plaintext attacks (that can be converted into the adaptive security with some efficiency loss) from that of DFKHE in the standard model. Basing on the framework, we obtain the first post-quantum secure PE instantiation that is based on the learning with errors problem, selective secure under chosen plaintext attacks (CPA) in the standard model. We also discuss about the ability of modification our framework to support the unbounded number of ciphertext tags inspired from the work of Brakerski and Vaikuntanathan at CRYPTO 2016.
△ Less
Submitted 13 July, 2020;
originally announced July 2020.
-
Dynamic Searchable Symmetric Encryption Schemes Supporting Range Queries with Forward/Backward Privacy
Authors:
Cong Zuo,
Shi-Feng Sun,
Joseph K. Liu,
Jun Shao,
Josef Pieprzyk
Abstract:
Dynamic searchable symmetric encryption (DSSE) is a useful cryptographic tool in encrypted cloud storage. However, it has been reported that DSSE usually suffers from file-injection attacks and content leak of deleted documents. To mitigate these attacks, forward privacy and backward privacy have been proposed. Nevertheless, the existing forward/backward-private DSSE schemes can only support singl…
▽ More
Dynamic searchable symmetric encryption (DSSE) is a useful cryptographic tool in encrypted cloud storage. However, it has been reported that DSSE usually suffers from file-injection attacks and content leak of deleted documents. To mitigate these attacks, forward privacy and backward privacy have been proposed. Nevertheless, the existing forward/backward-private DSSE schemes can only support single keyword queries. To address this problem, in this paper, we propose two DSSE schemes supporting range queries. One is forward-private and supports a large number of documents. The other can achieve backward privacy, while it can only support a limited number of documents. Finally, we also give the security proofs of the proposed DSSE schemes in the random oracle model.
△ Less
Submitted 21 May, 2019;
originally announced May 2019.
-
On alternative approach for verifiable secret sharing
Authors:
Kamil Kulesza,
Zbigniew Kotulski,
Joseph Pieprzyk
Abstract:
Secret sharing allows split/distributed control over the secret (e.g. master key). Verifiable secret sharing (VSS) is the secret sharing extended by verification capacity.
Usually verification comes at the price. We propose "free lunch", the approach that allows to overcome this inconvenience.
Secret sharing allows split/distributed control over the secret (e.g. master key). Verifiable secret sharing (VSS) is the secret sharing extended by verification capacity.
Usually verification comes at the price. We propose "free lunch", the approach that allows to overcome this inconvenience.
△ Less
Submitted 18 November, 2002;
originally announced November 2002.