-
When Does Your Brain Know You? Segment Length and Its Impact on EEG-based Biometric Authentication Accuracy
Authors:
Nibras Abo Alzahab,
Lorenzo Scalise,
Marco Baldi
Abstract:
In the quest for optimal EEG-based biometric authentication, this study investigates the pivotal balance for accurate identification without sacrificing performance or adding unnecessary computational complexity. Through a methodical exploration of segment durations, and employing a variety of sophisticated machine learning models, the research seeks to pinpoint a threshold where EEG data provides…
▽ More
In the quest for optimal EEG-based biometric authentication, this study investigates the pivotal balance for accurate identification without sacrificing performance or adding unnecessary computational complexity. Through a methodical exploration of segment durations, and employing a variety of sophisticated machine learning models, the research seeks to pinpoint a threshold where EEG data provides maximum informational yield for authentication purposes. The findings are set to advance the field of non-invasive biometric technologies, proposing a practical approach to secure and user-friendly identity verification systems while also raising considerations for the real-world application of EEG-based biometric authentication beyond controlled environments.
△ Less
Submitted 19 March, 2024;
originally announced March 2024.
-
Using Graph Theory for Improving Machine Learning-based Detection of Cyber Attacks
Authors:
Giacomo Zonneveld,
Lorenzo Principi,
Marco Baldi
Abstract:
Early detection of network intrusions and cyber threats is one of the main pillars of cybersecurity. One of the most effective approaches for this purpose is to analyze network traffic with the help of artificial intelligence algorithms, with the aim of detecting the possible presence of an attacker by distinguishing it from a legitimate user. This is commonly done by collecting the traffic exchan…
▽ More
Early detection of network intrusions and cyber threats is one of the main pillars of cybersecurity. One of the most effective approaches for this purpose is to analyze network traffic with the help of artificial intelligence algorithms, with the aim of detecting the possible presence of an attacker by distinguishing it from a legitimate user. This is commonly done by collecting the traffic exchanged between terminals in a network and analyzing it on a per-packet or per-connection basis. In this paper, we propose instead to perform pre-processing of network traffic under analysis with the aim of extracting some new metrics on which we can perform more efficient detection and overcome some limitations of classical approaches. These new metrics are based on graph theory, and consider the network as a whole, rather than focusing on individual packets or connections. Our approach is validated through experiments performed on publicly available data sets, from which it results that it can not only overcome some of the limitations of classical approaches, but also achieve a better detection capability of cyber threats.
△ Less
Submitted 12 February, 2024;
originally announced February 2024.
-
A Primer on RecoNIC: RDMA-enabled Compute Offloading on SmartNIC
Authors:
Guanwen Zhong,
Aditya Kolekar,
Burin Amornpaisannon,
Inho Choi,
Haris Javaid,
Mario Baldi
Abstract:
Today's data centers consist of thousands of network-connected hosts, each with CPUs and accelerators such as GPUs and FPGAs. These hosts also contain network interface cards (NICs), operating at speeds of 100Gb/s or higher, that are used to communicate with each other. We propose RecoNIC, an FPGA-based RDMA-enabled SmartNIC platform that is designed for compute acceleration while minimizing the o…
▽ More
Today's data centers consist of thousands of network-connected hosts, each with CPUs and accelerators such as GPUs and FPGAs. These hosts also contain network interface cards (NICs), operating at speeds of 100Gb/s or higher, that are used to communicate with each other. We propose RecoNIC, an FPGA-based RDMA-enabled SmartNIC platform that is designed for compute acceleration while minimizing the overhead associated with data copies (in CPU-centric accelerator systems) by bringing network data as close to computation as possible. Since RDMA is the defacto transport-layer protocol for improved communication in data center workloads, RecoNIC includes an RDMA offload engine for high throughput and low latency data transfers. Developers have the flexibility to design their accelerators using RTL, HLS or Vitis Networking P4 within the RecoNIC's programmable compute blocks. These compute blocks can access host memory as well as memory in remote peers through the RDMA offload engine. Furthermore, the RDMA offload engine is shared by both the host and compute blocks, which makes RecoNIC a very flexible platform. Lastly, we have open-sourced RecoNIC for the research community to enable experimentation with RDMA-based applications and use-cases.
△ Less
Submitted 11 December, 2023;
originally announced December 2023.
-
Euclid: Identification of asteroid streaks in simulated images using deep learning
Authors:
M. Pöntinen,
M. Granvik,
A. A. Nucita,
L. Conversi,
B. Altieri,
B. Carry,
C. M. O'Riordan,
D. Scott,
N. Aghanim,
A. Amara,
L. Amendola,
N. Auricchio,
M. Baldi,
D. Bonino,
E. Branchini,
M. Brescia,
S. Camera,
V. Capobianco,
C. Carbone,
J. Carretero,
M. Castellano,
S. Cavuoti,
A. Cimatti,
R. Cledassou,
G. Congedo
, et al. (92 additional authors not shown)
Abstract:
Up to 150000 asteroids will be visible in the images of the ESA Euclid space telescope, and the instruments of Euclid offer multiband visual to near-infrared photometry and slitless spectra of these objects. Most asteroids will appear as streaks in the images. Due to the large number of images and asteroids, automated detection methods are needed. A non-machine-learning approach based on the Strea…
▽ More
Up to 150000 asteroids will be visible in the images of the ESA Euclid space telescope, and the instruments of Euclid offer multiband visual to near-infrared photometry and slitless spectra of these objects. Most asteroids will appear as streaks in the images. Due to the large number of images and asteroids, automated detection methods are needed. A non-machine-learning approach based on the StreakDet software was previously tested, but the results were not optimal for short and/or faint streaks. We set out to improve the capability to detect asteroid streaks in Euclid images by using deep learning.
We built, trained, and tested a three-step machine-learning pipeline with simulated Euclid images. First, a convolutional neural network (CNN) detected streaks and their coordinates in full images, aiming to maximize the completeness (recall) of detections. Then, a recurrent neural network (RNN) merged snippets of long streaks detected in several parts by the CNN. Lastly, gradient-boosted trees (XGBoost) linked detected streaks between different Euclid exposures to reduce the number of false positives and improve the purity (precision) of the sample.
The deep-learning pipeline surpasses the completeness and reaches a similar level of purity of a non-machine-learning pipeline based on the StreakDet software. Additionally, the deep-learning pipeline can detect asteroids 0.25-0.5 magnitudes fainter than StreakDet. The deep-learning pipeline could result in a 50% increase in the number of detected asteroids compared to the StreakDet software. There is still scope for further refinement, particularly in improving the accuracy of streak coordinates and enhancing the completeness of the final stage of the pipeline, which involves linking detections across multiple exposures.
△ Less
Submitted 5 October, 2023;
originally announced October 2023.
-
Rate-compatible LDPC Codes based on Primitive Polynomials and Golomb Rulers
Authors:
Massimo Battaglioni,
Marco Baldi,
Franco Chiaraluce,
Giovanni Cancellieri
Abstract:
We introduce and study a family of rate-compatible Low-Density Parity-Check (LDPC) codes characterized by very simple encoders. The design of these codes starts from simplex codes, which are defined by parity-check matrices having a straightforward form stemming from the coefficients of a primitive polynomial. For this reason, we call the new codes Primitive Rate-Compatible LDPC (PRC-LDPC) codes.…
▽ More
We introduce and study a family of rate-compatible Low-Density Parity-Check (LDPC) codes characterized by very simple encoders. The design of these codes starts from simplex codes, which are defined by parity-check matrices having a straightforward form stemming from the coefficients of a primitive polynomial. For this reason, we call the new codes Primitive Rate-Compatible LDPC (PRC-LDPC) codes. By applying puncturing to these codes, we obtain a bit-level granularity of their code rates. We show that, in order to achieve good LDPC codes, the underlying polynomials, besides being primitive, must meet some more stringent conditions with respect to those of classical punctured simplex codes. We leverage non-modular Golomb rulers to take the new requirements into account. We characterize the minimum distance properties of PRC-LDPC codes, and study and discuss their encoding and decoding complexity. Finally, we assess their error rate performance under iterative decoding.
△ Less
Submitted 26 September, 2023;
originally announced September 2023.
-
Generic Decoding of Restricted Errors
Authors:
Marco Baldi,
Sebastian Bitzer,
Alessio Pavoni,
Paolo Santini,
Antonia Wachter-Zeh,
Violetta Weger
Abstract:
Several recently proposed code-based cryptosystems base their security on a slightly generalized version of the classical (syndrome) decoding problem. Namely, in the so-called restricted (syndrome) decoding problem, the error values stem from a restricted set. In this paper, we propose new generic decoders, that are inspired by subset sum solvers and tailored to the new setting. The introduced alg…
▽ More
Several recently proposed code-based cryptosystems base their security on a slightly generalized version of the classical (syndrome) decoding problem. Namely, in the so-called restricted (syndrome) decoding problem, the error values stem from a restricted set. In this paper, we propose new generic decoders, that are inspired by subset sum solvers and tailored to the new setting. The introduced algorithms take the restricted structure of the error set into account in order to utilize the representation technique efficiently. This leads to a considerable decrease in the security levels of recently published code-based cryptosystems.
△ Less
Submitted 8 June, 2023; v1 submitted 15 March, 2023;
originally announced March 2023.
-
Implementation of Ethereum Accounts and Transactions on Embedded IoT Devices
Authors:
Giulia Rafaiani,
Paolo Santini,
Marco Baldi,
Franco Chiaraluce
Abstract:
The growing interest in Internet of Things (IoT) and Industrial IoT (IIoT) poses the challenge of finding robust solutions for the certification and notarization of data produced and collected by embedded devices. The blockchain and distributed ledger technologies represent a promising solution to address these issues, but rise other questions, for example regarding their practical feasibility. In…
▽ More
The growing interest in Internet of Things (IoT) and Industrial IoT (IIoT) poses the challenge of finding robust solutions for the certification and notarization of data produced and collected by embedded devices. The blockchain and distributed ledger technologies represent a promising solution to address these issues, but rise other questions, for example regarding their practical feasibility. In fact, IoT devices have limited resources and, consequently, may not be able to easily perform all the operations required to participate in a blockchain. In this paper we propose a minimal architecture to allow IoT devices performing data certification and notarization on the Ethereum blockchain. We develop a hardware-software platform through which a lightweight device (e.g., an IoT sensor), holding a secret key and the associated public address, produces signed transactions, which are then submitted to the blockchain network. This guarantees data integrity and authenticity and, on the other hand, minimizes the computational burden on the lightweight device. To show the practicality of the proposed approach, we report and discuss the results of benchmarks performed on ARM Cortex-M4 hardware architectures, sending transactions over the Ropsten testnet. Our results show that all the necessary operations can be performed with small latency, thus proving that an IoT device can directly interact with the blockchain, without apparent bottlenecks.
△ Less
Submitted 29 June, 2022;
originally announced June 2022.
-
A Novel Attack to the Permuted Kernel Problem
Authors:
Paolo Santini,
Marco Baldi,
Franco Chiaraluce
Abstract:
The Permuted Kernel Problem (PKP) asks to find a permutation of a given vector belonging to the kernel of a given matrix. The PKP is at the basis of PKP-DSS, a post-quantum signature scheme deriving from the identification scheme proposed by Shamir in 1989. The most efficient solver for PKP is due to a recent paper by Koussa et al. In this paper we propose an improvement of such an algorithm, whic…
▽ More
The Permuted Kernel Problem (PKP) asks to find a permutation of a given vector belonging to the kernel of a given matrix. The PKP is at the basis of PKP-DSS, a post-quantum signature scheme deriving from the identification scheme proposed by Shamir in 1989. The most efficient solver for PKP is due to a recent paper by Koussa et al. In this paper we propose an improvement of such an algorithm, which we achieve by considering an additional collision search step applied on kernel equations involving a small number of coordinates. We study the conditions for such equations to exist from a coding theory perspective, and we describe how to efficiently find them with methods borrowed from coding theory, such as information set decoding. We assess the complexity of the resulting algorithm and show that it outperforms previous approaches in several cases. We also show that, taking the new solver into account, the security level of some instances of PKP-DSS turns out to be slightly overestimated.
△ Less
Submitted 28 October, 2022; v1 submitted 29 June, 2022;
originally announced June 2022.
-
Effect of Auditory Stimuli on Electroencephalography-based Authentication
Authors:
Nibras Abo Alzahab,
Angelo Di Iorio,
Marco Baldi,
Lorenzo Scalise
Abstract:
Opposed to standard authentication methods based on credentials, biometric-based authentication has lately emerged as a viable paradigm for attaining rapid and secure authentication of users. Among the numerous categories of biometric traits, electroencephalogram (EEG)-based biometrics is recognized as a promising method owing to its unique characteristics. This paper provides an experimental eval…
▽ More
Opposed to standard authentication methods based on credentials, biometric-based authentication has lately emerged as a viable paradigm for attaining rapid and secure authentication of users. Among the numerous categories of biometric traits, electroencephalogram (EEG)-based biometrics is recognized as a promising method owing to its unique characteristics. This paper provides an experimental evaluation of the effect of auditory stimuli (AS) on EEG-based biometrics by studying the following features: i) general change in AS-aided EEG-based biometric authentication in comparison with non-AS-aided EEG-based biometric authentication, ii) role of the language of the AS and ii) influence of the conduction method of the AS. Our results show that the presence of an AS can improve authentication performance by 9.27%. Additionally, the performance achieved with an in-ear AS is better than that obtained using a bone-conducting AS. Finally, we verify that performance is independent of the language of the AS. The results of this work provide a step forward towards designing a robust EEG-based authentication system.
△ Less
Submitted 29 June, 2022;
originally announced June 2022.
-
MAGIC: A Method for Assessing Cyber Incidents Occurrence
Authors:
Massimo Battaglioni,
Giulia Rafaiani,
Franco Chiaraluce,
Marco Baldi
Abstract:
The assessment of cyber risk plays a crucial role for cybersecurity management, and has become a compulsory task for certain types of companies and organizations. This makes the demand for reliable cyber risk assessment tools continuously increasing, especially concerning quantitative tools based on statistical approaches. Probabilistic cyber risk assessment methods, however, follow the general pa…
▽ More
The assessment of cyber risk plays a crucial role for cybersecurity management, and has become a compulsory task for certain types of companies and organizations. This makes the demand for reliable cyber risk assessment tools continuously increasing, especially concerning quantitative tools based on statistical approaches. Probabilistic cyber risk assessment methods, however, follow the general paradigm of probabilistic risk assessment, which requires the magnitude and the likelihood of incidents as inputs. Unfortunately, for cyber incidents, the likelihood of occurrence is hard to estimate based on historical and publicly available data; so, expert evaluations are commonly used, which however leave space to subjectivity. In this paper, we propose a novel probabilistic model, called MAGIC (Method for AssessinG cyber Incidents oCcurrence), to compute the likelihood of occurrence of a cyber incident, based on the evaluation of the cyber posture of the target organization. This allows deriving tailor-made inputs for probabilistic risk assessment methods, like HTMA (How To Measure Anything in cybersecurity risk), FAIR (Factor Analysis of Information Risk) and others, thus considerably reducing the margin of subjectivity in the assessment of cyber risk. We corroborate our approach through a qualitative and a quantitative comparison with several classical methods.
△ Less
Submitted 23 June, 2022;
originally announced June 2022.
-
SPANSE: combining sparsity with density for efficient one-time code-based digital signatures
Authors:
Marco Baldi,
Franco Chiaraluce,
Paolo Santini
Abstract:
The use of codes defined by sparse characteristic matrices, like QC-LDPC and QC-MDPC codes, has become an established solution to design secure and efficient code-based public-key encryption schemes, as also witnessed by the ongoing NIST post-quantum cryptography standardization process. However, similar approaches have been less fortunate in the context of code-based digital signatures, since no…
▽ More
The use of codes defined by sparse characteristic matrices, like QC-LDPC and QC-MDPC codes, has become an established solution to design secure and efficient code-based public-key encryption schemes, as also witnessed by the ongoing NIST post-quantum cryptography standardization process. However, similar approaches have been less fortunate in the context of code-based digital signatures, since no secure and efficient signature scheme based on these codes is available to date. The main limitation of previous attempts in this line of research has been the use of sparse signatures, which produces some leakage of information about the private key. In this paper, we propose a new code-based digital signature scheme that overcomes such a problem by publishing signatures that are abnormally dense, rather than sparse. This eliminates the possibility of deducing information from the sparsity of signatures, and follows a recent trend in code-based cryptography exploiting the hardness of the decoding problem for large-weight vectors, instead of its classical version based on small-weight vectors. In this study we focus on one-time use and provide some preliminary instances of the new scheme, showing that it achieves very fast signature generation and verification with reasonably small public keys.
△ Less
Submitted 25 May, 2022;
originally announced May 2022.
-
Analysis of a blockchain protocol based on LDPC codes
Authors:
Massimo Battaglioni,
Paolo Santini,
Giulia Rafaiani,
Franco Chiaraluce,
Marco Baldi
Abstract:
In a blockchain Data Availability Attack (DAA), a malicious node publishes a block header but withholds part of the block, which contains invalid transactions. Honest full nodes, which can download and store the full blockchain, are aware that some data are not available but they have no formal way to prove it to light nodes, i.e., nodes that have limited resources and are not able to access the w…
▽ More
In a blockchain Data Availability Attack (DAA), a malicious node publishes a block header but withholds part of the block, which contains invalid transactions. Honest full nodes, which can download and store the full blockchain, are aware that some data are not available but they have no formal way to prove it to light nodes, i.e., nodes that have limited resources and are not able to access the whole blockchain data. A common solution to counter these attacks exploits linear error correcting codes to encode the block content. A recent protocol, called SPAR, employs coded Merkle trees and low-density parity-check codes to counter DAAs. In this paper, we show that the protocol is less secure than claimed, owing to a redefinition of the adversarial success probability. As a consequence we show that, for some realistic choices of the parameters, the total amount of data downloaded by light nodes is larger than that obtainable with competitor solutions.
△ Less
Submitted 30 April, 2022; v1 submitted 15 February, 2022;
originally announced February 2022.
-
Optimization of a Reed-Solomon code-based protocol against blockchain data availability attacks
Authors:
Paolo Santini,
Giulia Rafaiani,
Massimo Battaglioni,
Franco Chiaraluce,
Marco Baldi
Abstract:
ASBK (named after the authors' initials) is a recent blockchain protocol tackling data availability attacks against light nodes, employing two-dimensional Reed-Solomon codes to encode the list of transactions and a random sampling phase where adversaries are forced to reveal information. In its original formulation, only codes with rate $1/4$ are considered, and a theoretical analysis requiring co…
▽ More
ASBK (named after the authors' initials) is a recent blockchain protocol tackling data availability attacks against light nodes, employing two-dimensional Reed-Solomon codes to encode the list of transactions and a random sampling phase where adversaries are forced to reveal information. In its original formulation, only codes with rate $1/4$ are considered, and a theoretical analysis requiring computationally demanding formulas is provided. This makes ASBK difficult to optimize in situations of practical interest. In this paper, we introduce a much simpler model for such a protocol, which additionally supports the use of codes with arbitrary rate. This makes blockchains implementing ASBK much easier to design and optimize. Furthermore, disposing of a clearer view of the protocol, some general features and considerations can be derived (e.g., nodes behaviour in largely participated networks). As a concrete application of our analysis, we consider relevant blockchain parameters and find network settings that minimize the amount of data downloaded by light nodes. Our results show that the protocol benefits from the use of codes defined over large finite fields, with code rates that may be even significantly different from the originally proposed ones.
△ Less
Submitted 20 January, 2022;
originally announced January 2022.
-
Cryptanalysis of a code-based full-time signature
Authors:
Nicolas Aragon,
Marco Baldi,
Jean-Christophe Deneuville,
Karan Khathuria,
Edoardo Persichetti,
Paolo Santini
Abstract:
We present an attack against a code-based signature scheme based on the Lyubashevsky protocol that was recently proposed by Song, Huang, Mu, Wu and Wang (SHMWW). The private key in the SHMWW scheme contains columns coming in part from an identity matrix and in part from a random matrix. The existence of two types of columns leads to a strong bias in the distribution of set bits in produced signatu…
▽ More
We present an attack against a code-based signature scheme based on the Lyubashevsky protocol that was recently proposed by Song, Huang, Mu, Wu and Wang (SHMWW). The private key in the SHMWW scheme contains columns coming in part from an identity matrix and in part from a random matrix. The existence of two types of columns leads to a strong bias in the distribution of set bits in produced signatures. Our attack exploits such a bias to recover the private key from a bunch of collected signatures. We provide a theoretical analysis of the attack along with experimental evaluations, and we show that as few as 10 signatures are enough to be collected for successfully recovering the private key. As for previous attempts of adapting Lyubashevsky's protocol to the case of code-based cryptography, the SHMWW scheme is thus proved unable to provide acceptable security. This confirms that devising secure code-based signature schemes with efficiency comparable to that of other post-quantum solutions (e.g., based on lattices) is still a challenging task.
△ Less
Submitted 6 July, 2021; v1 submitted 16 November, 2020;
originally announced November 2020.
-
A New Path to Code-based Signatures via Identification Schemes with Restricted Errors
Authors:
Marco Baldi,
Massimo Battaglioni,
Franco Chiaraluce,
Anna-Lena Horlemann-Trautmann,
Edoardo Persichetti,
Paolo Santini,
Violetta Weger
Abstract:
In this paper we introduce a variant of the Syndrome Decoding Problem (SDP), that we call Restricted SDP (R-SDP), in which the entries of the searched vector are defined over a subset of the underlying finite field. We prove the NP-completeness of R-SDP, via a reduction from the classical SDP, and describe algorithms which solve such new problem. We study the properties of random codes under this…
▽ More
In this paper we introduce a variant of the Syndrome Decoding Problem (SDP), that we call Restricted SDP (R-SDP), in which the entries of the searched vector are defined over a subset of the underlying finite field. We prove the NP-completeness of R-SDP, via a reduction from the classical SDP, and describe algorithms which solve such new problem. We study the properties of random codes under this new decoding perspective, in the fashion of traditional coding theory results, and assess the complexity of solving a random R-SDP instance. As a concrete application, we describe how Zero-Knowledge Identification (ZK-ID) schemes based on SDP can be tweaked to rely on R-SDP, and show that this leads to compact public keys as well as significantly reduced communication costs. Thus, these schemes offer an improved basis for the construction of code-based digital signature schemes derived from identification schemes through the well-know Fiat-Shamir transformation.
△ Less
Submitted 30 January, 2021; v1 submitted 14 August, 2020;
originally announced August 2020.
-
NEMA: Automatic Integration of Large Network Management Databases
Authors:
Fubao Wu,
Han Hee Song,
Jiangtao Yin,
Lixin Gao,
Mario Baldi,
Narendra Anand
Abstract:
Network management, whether for malfunction analysis, failure prediction, performance monitoring and improvement, generally involves large amounts of data from different sources. To effectively integrate and manage these sources, automatically finding semantic matches among their schemas or ontologies is crucial. Existing approaches on database matching mainly fall into two categories. One focuses…
▽ More
Network management, whether for malfunction analysis, failure prediction, performance monitoring and improvement, generally involves large amounts of data from different sources. To effectively integrate and manage these sources, automatically finding semantic matches among their schemas or ontologies is crucial. Existing approaches on database matching mainly fall into two categories. One focuses on the schema-level matching based on schema properties such as field names, data types, constraints and schema structures. Network management databases contain massive tables (e.g., network products, incidents, security alert and logs) from different departments and groups with nonuniform field names and schema characteristics. It is not reliable to match them by those schema properties. The other category is based on the instance-level matching using general string similarity techniques, which are not applicable for the matching of large network management databases. In this paper, we develop a matching technique for large NEtwork MAnagement databases (NEMA) deploying instance-level matching for effective data integration and connection. We design matching metrics and scores for both numerical and non-numerical fields and propose algorithms for matching these fields. The effectiveness and efficiency of NEMA are evaluated by conducting experiments based on ground truth field pairs in large network management databases. Our measurement on large databases with 1,458 fields, each of which contains over 10 million records, reveals that the accuracies of NEMA are up to 95%. It achieves 2%-10% higher accuracy and 5x-14x speedup over baseline methods.
△ Less
Submitted 1 June, 2020;
originally announced June 2020.
-
Information set decoding of Lee-metric codes over finite rings
Authors:
Violetta Weger,
Massimo Battaglioni,
Paolo Santini,
Franco Chiaraluce,
Marco Baldi,
Edoardo Persichetti
Abstract:
Information set decoding (ISD) algorithms are the best known procedures to solve the decoding problem for general linear codes. These algorithms are hence used for codes without a visible structure, or for which efficient decoders exploiting the code structure are not known. Classically, ISD algorithms have been studied for codes in the Hamming metric. In this paper we switch from the Hamming metr…
▽ More
Information set decoding (ISD) algorithms are the best known procedures to solve the decoding problem for general linear codes. These algorithms are hence used for codes without a visible structure, or for which efficient decoders exploiting the code structure are not known. Classically, ISD algorithms have been studied for codes in the Hamming metric. In this paper we switch from the Hamming metric to the Lee metric, and study ISD algorithms and their complexity for codes measured with the Lee metric over finite rings.
△ Less
Submitted 18 February, 2021; v1 submitted 23 January, 2020;
originally announced January 2020.
-
Comparison of Statistical and Machine Learning Techniques for Physical Layer Authentication
Authors:
Linda Senigagliesi,
Marco Baldi,
Ennio Gambi
Abstract:
In this paper we consider authentication at the physical layer, in which the authenticator aims at distinguishing a legitimate supplicant from an attacker on the basis of the characteristics of a set of parallel wireless channels, which are affected by time-varying fading. Moreover, the attacker's channel has a spatial correlation with the supplicant's one. In this setting, we assess and compare t…
▽ More
In this paper we consider authentication at the physical layer, in which the authenticator aims at distinguishing a legitimate supplicant from an attacker on the basis of the characteristics of a set of parallel wireless channels, which are affected by time-varying fading. Moreover, the attacker's channel has a spatial correlation with the supplicant's one. In this setting, we assess and compare the performance achieved by different approaches under different channel conditions. We first consider the use of two different statistical decision methods, and we prove that using a large number of references (in the form of channel estimates) affected by different levels of time-varying fading is not beneficial from a security point of view. We then consider classification methods based on machine learning. In order to face the worst case scenario of an authenticator provided with no forged messages during training, we consider one-class classifiers. When instead the training set includes some forged messages, we resort to more conventional binary classifiers, considering the cases in which such messages are either labelled or not. For the latter case, we exploit clustering algorithms to label the training set. The performance of both nearest neighbor (NN) and support vector machine (SVM) classification techniques is evaluated. Through numerical examples, we show that under the same probability of false alarm, one-class classification (OCC) algorithms achieve the lowest probability of missed detection when a small spatial correlation exists between the main channel and the adversary one, while statistical methods are advantageous when the spatial correlation between the two channels is large.
△ Less
Submitted 10 November, 2020; v1 submitted 17 January, 2020;
originally announced January 2020.
-
A Code-specific Conservative Model for the Failure Rate of Bit-flip** Decoding of LDPC Codes with Cryptographic Applications
Authors:
Paolo Santini,
Alessandro Barenghi,
Gerardo Pelosi,
Marco Baldi,
Franco Chiaraluce
Abstract:
Characterizing the decoding failure rate of iteratively decoded Low- and Moderate-Density Parity Check (LDPC/MDPC) codes is paramount to build cryptosystems based on them, able to achieve indistinguishability under adaptive chosen ciphertext attacks. In this paper, we provide a statistical worst-case analysis of our proposed iterative decoder obtained through a simple modification of the classic i…
▽ More
Characterizing the decoding failure rate of iteratively decoded Low- and Moderate-Density Parity Check (LDPC/MDPC) codes is paramount to build cryptosystems based on them, able to achieve indistinguishability under adaptive chosen ciphertext attacks. In this paper, we provide a statistical worst-case analysis of our proposed iterative decoder obtained through a simple modification of the classic in-place bit-flip** decoder. This worst case analysis allows both to derive the worst-case behaviour of an LDPC/MDPC code picked among the family with the same length, rate and number of parity checks, and a code-specific bound on the decoding failure rate. The former result allows us to build a code-based cryptosystem enjoying the $δ$-correctness property required by IND-CCA2 constructions, while the latter result allows us to discard code instances which may have a decoding failure rate significantly different from the average one (i.e., representing weak keys), should they be picked during the key generation procedure.
△ Less
Submitted 11 December, 2019;
originally announced December 2019.
-
Security analysis of a blockchain-based protocol for the certification of academic credentials
Authors:
Marco Baldi,
Franco Chiaraluce,
Migelan Kodra,
Luca Spalazzi
Abstract:
We consider a blockchain-based protocol for the certification of academic credentials named Blockcerts, which is currently used worldwide for validating digital certificates of competence compliant with the Open Badges standard. We study the certification steps that are performed by the Blockcerts protocol to validate a certificate, and find that they are vulnerable to a certain type of impersonat…
▽ More
We consider a blockchain-based protocol for the certification of academic credentials named Blockcerts, which is currently used worldwide for validating digital certificates of competence compliant with the Open Badges standard. We study the certification steps that are performed by the Blockcerts protocol to validate a certificate, and find that they are vulnerable to a certain type of impersonation attacks. More in detail, authentication of the issuing institution is performed by retrieving an unauthenticated issuer profile online, and comparing some data reported there with those included in the issued certificate. We show that, by fabricating a fake issuer profile and generating a suitably altered certificate, an attacker is able to impersonate a legitimate issuer and can produce certificates that cannot be distinguished from originals by the Blockcerts validation procedure. We also propose some possible countermeasures against an attack of this type, which require the use of a classic public key infrastructure or a decentralized identity system integrated with the Blockcerts protocol.
△ Less
Submitted 10 October, 2019;
originally announced October 2019.
-
Analysis of the error correction capability of LDPC and MDPC codes under parallel bit-flip** decoding and application to cryptography
Authors:
Paolo Santini,
Massimo Battaglioni,
Marco Baldi,
Franco Chiaraluce
Abstract:
Iterative decoders used for decoding low-density parity-check (LDPC) and moderate-density parity-check (MDPC) codes are not characterized by a deterministic decoding radius and their error rate performance is usually assessed through intensive Monte Carlo simulations. However, several applications, like code-based cryptography, need guaranteed low values of the error rate, which are infeasible to…
▽ More
Iterative decoders used for decoding low-density parity-check (LDPC) and moderate-density parity-check (MDPC) codes are not characterized by a deterministic decoding radius and their error rate performance is usually assessed through intensive Monte Carlo simulations. However, several applications, like code-based cryptography, need guaranteed low values of the error rate, which are infeasible to assess through simulations, thus requiring the development of theoretical models for the error rate of these codes under iterative decoding. Some models of this type already exist, but become computationally intractable for parameters of practical interest. Other approaches approximate the code ensemble behaviour through some assumptions, which may not hold true for a specific code. We propose a theoretical analysis of the error correction capability of LDPC and MDPC codes that allows deriving tight bounds on the error rate at the output of parallel bit-flip** decoders. Special attention is devoted to the case of codes with small girth; moreover, single-iteration decoding is investigated through a rigorous approach, which does not require any assumption and hence results in a guaranteed error correction capability for any single code. We show an example of application of the new bound to the context of code-based cryptography, where guaranteed error rates are needed to achieve some strong security levels.
△ Less
Submitted 26 February, 2020; v1 submitted 1 October, 2019;
originally announced October 2019.
-
Statistical and Machine Learning-based Decision Techniques for Physical Layer Authentication
Authors:
Linda Senigagliesi,
Marco Baldi,
Ennio Gambi
Abstract:
In this paper we assess the security performance of key-less physical layer authentication schemes in the case of time-varying fading channels, considering both partial and no channel state information (CSI) on the receiver's side. We first present a generalization of a well-known protocol previously proposed for flat fading channels and we study different statistical decision methods and the corr…
▽ More
In this paper we assess the security performance of key-less physical layer authentication schemes in the case of time-varying fading channels, considering both partial and no channel state information (CSI) on the receiver's side. We first present a generalization of a well-known protocol previously proposed for flat fading channels and we study different statistical decision methods and the corresponding optimal attack strategies in order to improve the authentication performance in the considered scenario. We then consider the application of machine learning techniques in the same setting, exploiting different one-class nearest neighbor (OCNN) classification algorithms. We observe that, under the same probability of false alarm, one-class classification (OCC) algorithms achieve the lowest probability of missed detection when a low spatial correlation exists between the main channel and the adversary one, while statistical methods are advantageous when the spatial correlation between the two channels is higher.
△ Less
Submitted 16 September, 2019;
originally announced September 2019.
-
Analysis of reaction and timing attacks against cryptosystems based on sparse parity-check codes
Authors:
Paolo Santini,
Massimo Battaglioni,
Franco Chiaraluce,
Marco Baldi
Abstract:
In this paper we study reaction and timing attacks against cryptosystems based on sparse parity-check codes, which encompass low-density parity-check (LDPC) codes and moderate-density parity-check (MDPC) codes. We show that the feasibility of these attacks is not strictly associated to the quasi-cyclic (QC) structure of the code but is related to the intrinsically probabilistic decoding of any spa…
▽ More
In this paper we study reaction and timing attacks against cryptosystems based on sparse parity-check codes, which encompass low-density parity-check (LDPC) codes and moderate-density parity-check (MDPC) codes. We show that the feasibility of these attacks is not strictly associated to the quasi-cyclic (QC) structure of the code but is related to the intrinsically probabilistic decoding of any sparse parity-check code. So, these attacks not only work against QC codes, but can be generalized to broader classes of codes. We provide a novel algorithm that, in the case of a QC code, allows recovering a larger amount of information than that retrievable through existing attacks and we use this algorithm to characterize new side-channel information leakages. We devise a theoretical model for the decoder that describes and justifies our results. Numerical simulations are provided that confirm the effectiveness of our approach.
△ Less
Submitted 27 April, 2019;
originally announced April 2019.
-
Efficient Search and Elimination of Harmful Objects in Optimized QC SC-LDPC Codes
Authors:
Massimo Battaglioni,
Franco Chiaraluce,
Marco Baldi,
David Mitchell
Abstract:
The error correction performance of low-density parity-check (LDPC) codes under iterative message-passing decoding is degraded by the presence of certain harmful objects existing in their Tanner graph representation. Depending on the context, such harmful objects are known as stop** sets, trap** sets, absorbing sets, or pseudocodewords. In this paper, we propose a general procedure based on ed…
▽ More
The error correction performance of low-density parity-check (LDPC) codes under iterative message-passing decoding is degraded by the presence of certain harmful objects existing in their Tanner graph representation. Depending on the context, such harmful objects are known as stop** sets, trap** sets, absorbing sets, or pseudocodewords. In this paper, we propose a general procedure based on edge spreading that enables the design of quasi-cyclic (QC) spatially coupled low-density parity-check codes (SC-LDPCCs) that are derived from QC-LDPC block codes and possess a significantly reduced multiplicity of harmful objects with respect to the original QC-LDPC block code. This procedure relies on a novel algorithm that greedily spans the search space of potential candidates to reduce the multiplicity of the target harmful object(s) in the Tanner graph. The effectiveness of the method we propose is validated via examples and numerical computer simulations.
△ Less
Submitted 15 April, 2019;
originally announced April 2019.
-
Cryptanalysis of a One-Time Code-Based Digital Signature Scheme
Authors:
Paolo Santini,
Marco Baldi,
Franco Chiaraluce
Abstract:
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a successful key recovery attack can be mounted with limited complexity. The attack we propose exploits a single signature intercepted by the attacker, and relies on a statistical analysis performed over such a signature, followed by information set decoding. We assess the attack complexity and show that…
▽ More
We consider a one-time digital signature scheme recently proposed by Persichetti and show that a successful key recovery attack can be mounted with limited complexity. The attack we propose exploits a single signature intercepted by the attacker, and relies on a statistical analysis performed over such a signature, followed by information set decoding. We assess the attack complexity and show that a full recovery of the secret key can be performed with a work factor that is far below the claimed security level. The efficiency of the attack is motivated by the sparsity of the signature, which leads to a significant information leakage about the secret key.
△ Less
Submitted 23 January, 2019; v1 submitted 8 December, 2018;
originally announced December 2018.
-
On the dissection of degenerate cosmologies with machine learning
Authors:
Julian Merten,
Carlo Giocoli,
Marco Baldi,
Massimo Meneghetti,
Austin Peel,
Florian Lalande,
Jean-Luc Starck,
Valeria Pettorino
Abstract:
Based on the DUSTGRAIN-pathfinder suite of simulations, we investigate observational degeneracies between nine models of modified gravity and massive neutrinos. Three types of machine learning techniques are tested for their ability to discriminate lensing convergence maps by extracting dimensional reduced representations of the data. Classical map descriptors such as the power spectrum, peak coun…
▽ More
Based on the DUSTGRAIN-pathfinder suite of simulations, we investigate observational degeneracies between nine models of modified gravity and massive neutrinos. Three types of machine learning techniques are tested for their ability to discriminate lensing convergence maps by extracting dimensional reduced representations of the data. Classical map descriptors such as the power spectrum, peak counts and Minkowski functionals are combined into a joint feature vector and compared to the descriptors and statistics that are common to the field of digital image processing. To learn new features directly from the data we use a Convolutional Neural Network (CNN). For the map** between feature vectors and the predictions of their underlying model, we implement two different classifiers; one based on a nearest-neighbour search and one that is based on a fully connected neural network. We find that the neural network provides a much more robust classification than the nearest-neighbour approach and that the CNN provides the most discriminating representation of the data. It achieves the cleanest separation between the different models and the highest classification success rate of 59% for a single source redshift. Once we perform a tomographic CNN analysis, the total classification accuracy increases significantly to 76% with no observational degeneracies remaining. Visualising the filter responses of the CNN at different network depths provides us with the unique opportunity to learn from very complex models and to understand better why they perform so well.
△ Less
Submitted 27 March, 2019; v1 submitted 25 October, 2018;
originally announced October 2018.
-
Compact QC-LDPC Block and SC-LDPC Convolutional Codes for Low-Latency Communications
Authors:
Massimo Battaglioni,
Alireza Tasdighi,
Marco Baldi,
Mohammad H. Tadayon,
Franco Chiaraluce
Abstract:
Low decoding latency and complexity are two important requirements of channel codes used in many applications, like machine-to-machine communications. In this paper, we show how these requirements can be fulfilled by using some special quasi-cyclic low-density parity-check block codes and spatially coupled low-density parity-check convolutional codes that we denote as compact. They are defined by…
▽ More
Low decoding latency and complexity are two important requirements of channel codes used in many applications, like machine-to-machine communications. In this paper, we show how these requirements can be fulfilled by using some special quasi-cyclic low-density parity-check block codes and spatially coupled low-density parity-check convolutional codes that we denote as compact. They are defined by parity-check matrices designed according to a recent approach based on sequentially multiplied columns. This method allows obtaining codes with girth up to 12. Many numerical examples of practical codes are provided.
△ Less
Submitted 12 September, 2018;
originally announced September 2018.
-
Assessing and countering reaction attacks against post-quantum public-key cryptosystems based on QC-LDPC codes
Authors:
Paolo Santini,
Marco Baldi,
Franco Chiaraluce
Abstract:
Code-based public-key cryptosystems based on QC-LDPC and QC-MDPC codes are promising post-quantum candidates to replace quantum vulnerable classical alternatives. However, a new type of attacks based on Bob's reactions have recently been introduced and appear to significantly reduce the length of the life of any keypair used in these systems. In this paper we estimate the complexity of all known r…
▽ More
Code-based public-key cryptosystems based on QC-LDPC and QC-MDPC codes are promising post-quantum candidates to replace quantum vulnerable classical alternatives. However, a new type of attacks based on Bob's reactions have recently been introduced and appear to significantly reduce the length of the life of any keypair used in these systems. In this paper we estimate the complexity of all known reaction attacks against QC-LDPC and QC-MDPC code-based variants of the McEliece cryptosystem. We also show how the structure of the secret key and, in particular, the secret code rate affect the complexity of these attacks. It follows from our results that QC-LDPC code-based systems can indeed withstand reaction attacks, on condition that some specific decoding algorithms are used and the secret code has a sufficiently high rate.
△ Less
Submitted 6 August, 2018;
originally announced August 2018.
-
Resource Allocation for Secure Gaussian Parallel Relay Channels with Finite-Length Coding and Discrete Constellations
Authors:
Linda Senigagliesi,
Marco Baldi,
Stefano Tomasin
Abstract:
We investigate the transmission of a secret message from Alice to Bob in the presence of an eavesdropper (Eve) and many of decode-and-forward relay nodes. Each link comprises a set of parallel channels, modeling for example an orthogonal frequency division multiplexing transmission. We consider the impact of discrete constellations and finite-length coding, defining an achievable secrecy rate unde…
▽ More
We investigate the transmission of a secret message from Alice to Bob in the presence of an eavesdropper (Eve) and many of decode-and-forward relay nodes. Each link comprises a set of parallel channels, modeling for example an orthogonal frequency division multiplexing transmission. We consider the impact of discrete constellations and finite-length coding, defining an achievable secrecy rate under a constraint on the equivocation rate at Eve. Then we propose a power and channel allocation algorithm that maximizes the achievable secrecy rate by resorting to two coupled Gale-Shapley algorithms for stable matching problem. We consider the scenarios of both full and partial channel state information at Alice. In the latter case, we only guarantee an outage secrecy rate, i.e., the rate of a message that remains secret with a given probability. Numerical results are provided for Rayleigh fading channels in terms of average outage secrecy rate, showing that practical schemes achieve a performance quite close to that of ideal ones.
△ Less
Submitted 17 July, 2018;
originally announced July 2018.
-
Design and Implementation of a Digital Signature Scheme Based on Low-density Generator Matrix Codes
Authors:
Marco Baldi,
Alessandro Barenghi,
Franco Chiaraluce,
Gerardo Pelosi,
Joachim Rosenthal,
Paolo Santini,
Davide Schipani
Abstract:
In this paper we consider a post-quantum digital signature scheme based on low-density generator matrix codes and propose efficient algorithmic solutions for its implementation. We also review all known attacks against this scheme and derive closed-form estimates of their complexity when running over both classical and quantum computers. Based on these estimates, we propose new parametrization for…
▽ More
In this paper we consider a post-quantum digital signature scheme based on low-density generator matrix codes and propose efficient algorithmic solutions for its implementation. We also review all known attacks against this scheme and derive closed-form estimates of their complexity when running over both classical and quantum computers. Based on these estimates, we propose new parametrization for the considered system to achieve given pre-quantum and post-quantum security levels. Finally, we provide and discuss performance benchmarks obtained through a suitably developed and publicly available reference implementation of the considered system.
△ Less
Submitted 16 July, 2018;
originally announced July 2018.
-
Hindering reaction attacks by using monomial codes in the McEliece cryptosystem
Authors:
Paolo Santini,
Marco Baldi,
Giovanni Cancellieri,
Franco Chiaraluce
Abstract:
In this paper we study recent reaction attacks against QC-LDPC and QC-MDPC code-based cryptosystems, which allow an opponent to recover the private parity-check matrix through its distance spectrum by observing a sufficiently high number of decryption failures. We consider a special class of codes, known as monomial codes, to form private keys with the desirable property of having a unique and com…
▽ More
In this paper we study recent reaction attacks against QC-LDPC and QC-MDPC code-based cryptosystems, which allow an opponent to recover the private parity-check matrix through its distance spectrum by observing a sufficiently high number of decryption failures. We consider a special class of codes, known as monomial codes, to form private keys with the desirable property of having a unique and complete distance spectrum. We verify that for these codes the problem of recovering the secret key from the distance spectrum is equivalent to that of finding cliques in a graph, and use this equivalence to prove that current reaction attacks are not applicable when codes of this type are used in the McEliece cryptosystem.
△ Less
Submitted 12 May, 2018;
originally announced May 2018.
-
Efficient Search of Compact QC-LDPC and SC-LDPC Convolutional Codes with Large Girth
Authors:
Mohammad H. Tadayon,
Alireza Tasdighi,
Massimo Battaglioni,
Marco Baldi,
Franco Chiaraluce
Abstract:
We propose a low-complexity method to find quasi-cyclic low-density parity-check block codes with girth 10 or 12 and shorter length than those designed through classical approaches. The method is extended to time-invariant spatially coupled low-density parity-check convolutional codes, permitting to achieve small syndrome former constraint lengths. Several numerical examples are given to show its…
▽ More
We propose a low-complexity method to find quasi-cyclic low-density parity-check block codes with girth 10 or 12 and shorter length than those designed through classical approaches. The method is extended to time-invariant spatially coupled low-density parity-check convolutional codes, permitting to achieve small syndrome former constraint lengths. Several numerical examples are given to show its effectiveness.
△ Less
Submitted 17 April, 2018;
originally announced April 2018.
-
LEDAkem: a post-quantum key encapsulation mechanism based on QC-LDPC codes
Authors:
Marco Baldi,
Alessandro Barenghi,
Franco Chiaraluce,
Gerardo Pelosi,
Paolo Santini
Abstract:
This work presents a new code-based key encapsulation mechanism (KEM) called LEDAkem. It is built on the Niederreiter cryptosystem and relies on quasi-cyclic low-density parity-check codes as secret codes, providing high decoding speeds and compact keypairs. LEDAkem uses ephemeral keys to foil known statistical attacks, and takes advantage of a new decoding algorithm that provides faster decoding…
▽ More
This work presents a new code-based key encapsulation mechanism (KEM) called LEDAkem. It is built on the Niederreiter cryptosystem and relies on quasi-cyclic low-density parity-check codes as secret codes, providing high decoding speeds and compact keypairs. LEDAkem uses ephemeral keys to foil known statistical attacks, and takes advantage of a new decoding algorithm that provides faster decoding than the classical bit-flip** decoder commonly adopted in this kind of systems. The main attacks against LEDAkem are investigated, taking into account quantum speedups. Some instances of LEDAkem are designed to achieve different security levels against classical and quantum computers. Some performance figures obtained through an efficient C99 implementation of LEDAkem are provided.
△ Less
Submitted 26 January, 2018;
originally announced January 2018.
-
Design and Analysis of Time-Invariant SC-LDPC Convolutional Codes With Small Constraint Length
Authors:
Massimo Battaglioni,
Alireza Tasdighi,
Giovanni Cancellieri,
Franco Chiaraluce,
Marco Baldi
Abstract:
In this paper, we deal with time-invariant spatially coupled low-density parity-check convolutional codes (SC-LDPC-CCs). Classic design approaches usually start from quasi-cyclic low-density parity-check (QC-LDPC) block codes and exploit suitable unwrap** procedures to obtain SC-LDPC-CCs. We show that the direct design of the SC-LDPC-CCs syndrome former matrix or, equivalently, the symbolic pari…
▽ More
In this paper, we deal with time-invariant spatially coupled low-density parity-check convolutional codes (SC-LDPC-CCs). Classic design approaches usually start from quasi-cyclic low-density parity-check (QC-LDPC) block codes and exploit suitable unwrap** procedures to obtain SC-LDPC-CCs. We show that the direct design of the SC-LDPC-CCs syndrome former matrix or, equivalently, the symbolic parity-check matrix, leads to codes with smaller syndrome former constraint lengths with respect to the best solutions available in the literature. We provide theoretical lower bounds on the syndrome former constraint length for the most relevant families of SC-LDPC-CCs, under constraints on the minimum length of cycles in their Tanner graphs. We also propose new code design techniques that approach or achieve such theoretical limits.
△ Less
Submitted 29 November, 2017; v1 submitted 1 March, 2017;
originally announced March 2017.
-
On the Error Probability of Short Concatenated Polar and Cyclic Codes with Interleaving
Authors:
Giacomo Ricciutelli,
Marco Baldi,
Franco Chiaraluce,
Gianluigi Liva
Abstract:
In this paper, the analysis of the performance of the concatenation of a short polar code with an outer binary linear block code is addressed from a distance spectrum viewpoint. The analysis targets the case where an outer cyclic code is employed together with an inner systematic polar code. A concatenated code ensemble is introduced placing an interleaver at the input of the polar encoder. The in…
▽ More
In this paper, the analysis of the performance of the concatenation of a short polar code with an outer binary linear block code is addressed from a distance spectrum viewpoint. The analysis targets the case where an outer cyclic code is employed together with an inner systematic polar code. A concatenated code ensemble is introduced placing an interleaver at the input of the polar encoder. The introduced ensemble allows deriving bounds on the achievable error rates under maximum likelihood decoding, by applying the union bound to the (expurgated) average weight enumerators. The analysis suggests the need of careful optimization of the outer code, to attain low error floors.
△ Less
Submitted 25 January, 2017;
originally announced January 2017.
-
Soft McEliece: MDPC code-based McEliece cryptosystems with very compact keys through real-valued intentional errors
Authors:
Marco Baldi,
Paolo Santini,
Franco Chiaraluce
Abstract:
We propose to use real-valued errors instead of classical bit flip** intentional errors in the McEliece cryptosystem based on moderate-density parity-check (MDPC) codes. This allows to exploit the error correcting capability of these codes to the utmost, by using soft-decision iterative decoding algorithms instead of hard-decision bit flip** decoders. However, soft reliability values resulting…
▽ More
We propose to use real-valued errors instead of classical bit flip** intentional errors in the McEliece cryptosystem based on moderate-density parity-check (MDPC) codes. This allows to exploit the error correcting capability of these codes to the utmost, by using soft-decision iterative decoding algorithms instead of hard-decision bit flip** decoders. However, soft reliability values resulting from the use of real-valued noise can also be exploited by attackers. We devise new attack procedures aimed at this, and compute the relevant work factors and security levels. We show that, for a fixed security level, these new systems achieve the shortest public key sizes ever reached, with a reduction up to 25% with respect to previous proposals.
△ Less
Submitted 3 June, 2016;
originally announced June 2016.
-
On the Error Detection Capability of Combined LDPC and CRC Codes for Space Telecommand Transmissions
Authors:
Marco Baldi,
Nicola Maturo,
Giacomo Ricciutelli,
Franco Chiaraluce
Abstract:
We present a method for estimating the undetected error rate when a cyclic redundancy check (CRC) is performed on the output of the decoder of short low-density parity-check (LDPC) codes. This system is of interest for telecommand links, where new LDPC codes have been designed for updating the current standard. We show that these new LDPC codes combined with CRC are adequate for complying with the…
▽ More
We present a method for estimating the undetected error rate when a cyclic redundancy check (CRC) is performed on the output of the decoder of short low-density parity-check (LDPC) codes. This system is of interest for telecommand links, where new LDPC codes have been designed for updating the current standard. We show that these new LDPC codes combined with CRC are adequate for complying with the stringent requirements of this kind of transmissions in terms of error detection.
△ Less
Submitted 28 May, 2016;
originally announced May 2016.
-
Parametric and Probabilistic Model Checking of Confidentiality in Data Dispersal Algorithms (Extended Version)
Authors:
Marco Baldi,
Alessandro Cucchiarelli,
Linda Senigagliesi,
Luca Spalazzi,
Francesco Spegni
Abstract:
Recent developments in cloud storage architectures have originated new models of online storage as cooperative storage systems and interconnected clouds. Such distributed environments involve many organizations, thus ensuring confidentiality becomes crucial: only legitimate clients should recover the information they distribute among storage nodes.
In this work we present a unified framework for…
▽ More
Recent developments in cloud storage architectures have originated new models of online storage as cooperative storage systems and interconnected clouds. Such distributed environments involve many organizations, thus ensuring confidentiality becomes crucial: only legitimate clients should recover the information they distribute among storage nodes.
In this work we present a unified framework for verifying confidentiality of dispersal algorithms against probabilistic models of intruders. Two models of intruders are given, corresponding to different types of attackers: one aiming at intercepting as many slices of information as possible, and the other aiming at attacking the storage providers in the network. Both try to recover the original information, given the intercepted slices. By using probabilistic model checking, we can measure the degree of confidentiality of the system exploring exhaustively all possible behaviors. Our experiments suggest that dispersal algorithms ensure a high degree of confidentiality against the slice intruder, no matter the number of storage providers in the system. On the contrary, they show a low level of confidentiality against the provider intruder in networks with few storage providers (e.g. interconnected cloud storage solutions).
△ Less
Submitted 29 June, 2016; v1 submitted 19 May, 2016;
originally announced May 2016.
-
Time-Invariant Spatially Coupled Low-Density Parity-Check Codes with Small Constraint Length
Authors:
Marco Baldi,
Massimo Battaglioni,
Franco Chiaraluce,
Giovanni Cancellieri
Abstract:
We consider a special family of SC-LDPC codes, that is, time-invariant LDPCC codes, which are known in the literature for a long time. Codes of this kind are usually designed by starting from QC block codes, and applying suitable unwrap** procedures. We show that, by directly designing the LDPCC code syndrome former matrix without the constraints of the underlying QC block code, it is possible t…
▽ More
We consider a special family of SC-LDPC codes, that is, time-invariant LDPCC codes, which are known in the literature for a long time. Codes of this kind are usually designed by starting from QC block codes, and applying suitable unwrap** procedures. We show that, by directly designing the LDPCC code syndrome former matrix without the constraints of the underlying QC block code, it is possible to achieve smaller constraint lengths with respect to the best solutions available in the literature. We also find theoretical lower bounds on the syndrome former constraint length for codes with a specified minimum length of the local cycles in their Tanner graphs. For this purpose, we exploit a new approach based on a numerical representation of the syndrome former matrix, which generalizes over a technique we already used to study a special subclass of the codes here considered.
△ Less
Submitted 18 May, 2016;
originally announced May 2016.
-
Performance assessment and design of finite length LDPC codes for the Gaussian wiretap channel
Authors:
Marco Baldi,
Giacomo Ricciutelli,
Nicola Maturo,
Franco Chiaraluce
Abstract:
In this work we study the reliability and secrecy performance achievable by practical LDPC codes over the Gaussian wiretap channel. While several works have already addressed this problem in asymptotic conditions, i.e., under the hypothesis of codewords of infinite length, only a few approaches exist for the finite length regime. We propose an approach to measure the performance of practical codes…
▽ More
In this work we study the reliability and secrecy performance achievable by practical LDPC codes over the Gaussian wiretap channel. While several works have already addressed this problem in asymptotic conditions, i.e., under the hypothesis of codewords of infinite length, only a few approaches exist for the finite length regime. We propose an approach to measure the performance of practical codes and compare it with that achievable in asymptotic conditions. Moreover, based on the secrecy metrics we adopt to achieve this target, we propose a code optimization algorithm which allows to design irregular LDPC codes able to approach the ultimate performance limits even at moderately small codeword lengths (in the order of 10000 bits).
△ Less
Submitted 5 June, 2015;
originally announced June 2015.
-
CrowdSurf: Empowering Informed Choices in the Web
Authors:
Hassan Metwalley,
Stefano Traverso,
Marco Mellia,
Stanislav Miskovic,
Mario Baldi
Abstract:
When surfing the Internet, individuals leak personal and corporate information to third parties whose (legitimate or not) businesses revolve around the value of collected data. The implications are serious, from a person unwillingly exposing private information to an unknown third party, to a company unable to manage the flow of its information to the outside world. The point is that individuals a…
▽ More
When surfing the Internet, individuals leak personal and corporate information to third parties whose (legitimate or not) businesses revolve around the value of collected data. The implications are serious, from a person unwillingly exposing private information to an unknown third party, to a company unable to manage the flow of its information to the outside world. The point is that individuals and companies are more and more kept out of the loop when it comes to control private data. With the goal of empowering informed choices in information leakage through the Internet, we propose CROWDSURF, a system for comprehensive and collaborative auditing of data that flows to Internet services. Similarly to open-source efforts, we enable users to contribute in building awareness and control over privacy and communication vulnerabilities. CROWDSURF provides the core infrastructure and algorithms to let individuals and enterprises regain control on the information exposed on the web. We advocate CROWDSURF as a data processing layer positioned right below HTTP in the host protocol stack. This enables the inspection of clear-text data even when HTTPS is deployed and the application of processing rules that are customizable to fit any need. Preliminary results obtained executing a prototype implementation on ISP traffic traces demonstrate the feasibility of CROWDSURF.
△ Less
Submitted 25 February, 2015;
originally announced February 2015.
-
Security issues for data sharing and service interoperability in eHealth systems: the Nu.Sa. test bed
Authors:
Emanuele Frontoni,
Marco Baldi,
Primo Zingaretti,
Vincenzo Landro,
Paolo Misericordia
Abstract:
The aim of the Nu.Sa. project is the definition of national level data standards to collect data coming from General Practitioners' Electronic Health Records and to allow secure data sharing between them. This paper introduces the Nu.Sa. framework and is mainly focused on security issues. A solution for secure data sharing and service interoperability is presented and implemented in the actual sys…
▽ More
The aim of the Nu.Sa. project is the definition of national level data standards to collect data coming from General Practitioners' Electronic Health Records and to allow secure data sharing between them. This paper introduces the Nu.Sa. framework and is mainly focused on security issues. A solution for secure data sharing and service interoperability is presented and implemented in the actual system used around Italy. The solution is strongly focused on privacy and correct data sharing with a complete set of tools devoted to authorization, encryption and decryption in a data sharing environment and a distributed architecture. The implemented system with more than one year of experiences in thousands of test cases shows a good feasibility of the approach and a future scalability in a cloud based architecture.
△ Less
Submitted 29 July, 2014;
originally announced July 2014.
-
AONT-LT: a Data Protection Scheme for Cloud and Cooperative Storage Systems
Authors:
Marco Baldi,
Nicola Maturo,
Eugenio Montali,
Franco Chiaraluce
Abstract:
We propose a variant of the well-known AONT-RS scheme for dispersed storage systems. The novelty consists in replacing the Reed-Solomon code with rateless Luby transform codes. The resulting system, named AONT-LT, is able to improve the performance by dispersing the data over an arbitrarily large number of storage nodes while ensuring limited complexity. The proposed solution is particularly suita…
▽ More
We propose a variant of the well-known AONT-RS scheme for dispersed storage systems. The novelty consists in replacing the Reed-Solomon code with rateless Luby transform codes. The resulting system, named AONT-LT, is able to improve the performance by dispersing the data over an arbitrarily large number of storage nodes while ensuring limited complexity. The proposed solution is particularly suitable in the case of cooperative storage systems. It is shown that while the AONT-RS scheme requires the adoption of fragmentation for achieving widespread distribution, thus penalizing the performance, the new AONT-LT scheme can exploit variable length codes which allow to achieve very good performance and scalability.
△ Less
Submitted 29 May, 2014;
originally announced May 2014.
-
Practical LDPC coded modulation schemes for the fading broadcast channel with confidential messages
Authors:
Marco Baldi,
Nicola Maturo,
Giacomo Ricciutelli,
Franco Chiaraluce
Abstract:
The broadcast channel with confidential messages is a well studied scenario from the theoretical standpoint, but there is still lack of practical schemes able to achieve some fixed level of reliability and security over such a channel. In this paper, we consider a quasi-static fading channel in which both public and private messages must be sent from the transmitter to the receivers, and we aim at…
▽ More
The broadcast channel with confidential messages is a well studied scenario from the theoretical standpoint, but there is still lack of practical schemes able to achieve some fixed level of reliability and security over such a channel. In this paper, we consider a quasi-static fading channel in which both public and private messages must be sent from the transmitter to the receivers, and we aim at designing suitable coding and modulation schemes to achieve such a target. For this purpose, we adopt the error rate as a metric, by considering that reliability (security) is achieved when a sufficiently low (high) error rate is experienced at the receiving side. We show that some conditions exist on the system feasibility, and that some outage probability must be tolerated to cope with the fading nature of the channel. The proposed solution exploits low-density parity-check codes with unequal error protection, which are able to guarantee two different levels of protection against noise for the public and the private information, in conjunction with different modulation schemes for the public and the private message bits.
△ Less
Submitted 11 April, 2014;
originally announced April 2014.
-
LDPC coded transmissions over the Gaussian broadcast channel with confidential messages
Authors:
Marco Baldi,
Nicola Maturo,
Giacomo Ricciutelli,
Franco Chiaraluce
Abstract:
We design and assess some practical low-density parity-check (LDPC) coded transmission schemes for the Gaussian broadcast channel with confidential messages (BCC). This channel model is different from the classical wiretap channel model as the unauthorized receiver (Eve) must be able to decode some part of the information. Hence, the reliability and security targets are different from those of the…
▽ More
We design and assess some practical low-density parity-check (LDPC) coded transmission schemes for the Gaussian broadcast channel with confidential messages (BCC). This channel model is different from the classical wiretap channel model as the unauthorized receiver (Eve) must be able to decode some part of the information. Hence, the reliability and security targets are different from those of the wiretap channel. In order to design and assess practical coding schemes, we use the error rate as a metric of the performance achieved by the authorized receiver (Bob) and the unauthorized receiver (Eve). We study the system feasibility, and show that two different levels of protection against noise are required on the public and the secret messages. This can be achieved in two ways: i) by using LDPC codes with unequal error protection (UEP) of the transmitted information bits or ii) by using two classical non-UEP LDPC codes with different rates. We compare these two approaches and show that, for the considered examples, the solution exploiting UEP LDPC codes is more efficient than that using non-UEP LDPC codes.
△ Less
Submitted 10 April, 2014;
originally announced April 2014.
-
Array Convolutional Low-Density Parity-Check Codes
Authors:
Marco Baldi,
Giovanni Cancellieri,
Franco Chiaraluce
Abstract:
This paper presents a design technique for obtaining regular time-invariant low-density parity-check convolutional (RTI-LDPCC) codes with low complexity and good performance. We start from previous approaches which unwrap a low-density parity-check (LDPC) block code into an RTI-LDPCC code, and we obtain a new method to design RTI-LDPCC codes with better performance and shorter constraint length. D…
▽ More
This paper presents a design technique for obtaining regular time-invariant low-density parity-check convolutional (RTI-LDPCC) codes with low complexity and good performance. We start from previous approaches which unwrap a low-density parity-check (LDPC) block code into an RTI-LDPCC code, and we obtain a new method to design RTI-LDPCC codes with better performance and shorter constraint length. Differently from previous techniques, we start the design from an array LDPC block code. We show that, for codes with high rate, a performance gain and a reduction in the constraint length are achieved with respect to previous proposals. Additionally, an increase in the minimum distance is observed.
△ Less
Submitted 17 December, 2013;
originally announced December 2013.
-
Advanced channel coding for space mission telecommand links
Authors:
Marco Baldi,
Marco Bianchi,
Franco Chiaraluce,
Roberto Garello,
Ignacio Aguilar Sanchez,
Stefano Cioni
Abstract:
We investigate and compare different options for updating the error correcting code currently used in space mission telecommand links. Taking as a reference the solutions recently emerged as the most promising ones, based on Low-Density Parity-Check codes, we explore the behavior of alternative schemes, based on parallel concatenated turbo codes and soft-decision decoded BCH codes. Our analysis sh…
▽ More
We investigate and compare different options for updating the error correcting code currently used in space mission telecommand links. Taking as a reference the solutions recently emerged as the most promising ones, based on Low-Density Parity-Check codes, we explore the behavior of alternative schemes, based on parallel concatenated turbo codes and soft-decision decoded BCH codes. Our analysis shows that these further options can offer similar or even better performance.
△ Less
Submitted 2 October, 2013;
originally announced October 2013.
-
Advanced coding schemes against jamming in telecommand links
Authors:
Marco Baldi,
Marco Bianchi,
Franco Chiaraluce,
Roberto Garello,
Nicola Maturo,
Ignacio Aguilar Sanchez,
Stefano Cioni
Abstract:
The aim of this paper is to study the performance of some coding schemes recently proposed for updating the TC channel coding standard for space applications, in the presence of jamming. Besides low-density parity-check codes, that appear as the most eligible candidates, we also consider other solutions based on parallel turbo codes and extended BCH codes. We show that all these schemes offer very…
▽ More
The aim of this paper is to study the performance of some coding schemes recently proposed for updating the TC channel coding standard for space applications, in the presence of jamming. Besides low-density parity-check codes, that appear as the most eligible candidates, we also consider other solutions based on parallel turbo codes and extended BCH codes. We show that all these schemes offer very good performance, which approaches the theoretical limits achievable.
△ Less
Submitted 2 October, 2013;
originally announced October 2013.
-
On a Family of Circulant Matrices for Quasi-Cyclic Low-Density Generator Matrix Codes
Authors:
Marco Baldi,
Federico Bambozzi,
Franco Chiaraluce
Abstract:
We present a new class of sparse and easily invertible circulant matrices that can have a sparse inverse though not being permutation matrices. Their study is useful in the design of quasi-cyclic low-density generator matrix codes, that are able to join the inner structure of quasi-cyclic codes with sparse generator matrices, so limiting the number of elementary operations needed for encoding. Cir…
▽ More
We present a new class of sparse and easily invertible circulant matrices that can have a sparse inverse though not being permutation matrices. Their study is useful in the design of quasi-cyclic low-density generator matrix codes, that are able to join the inner structure of quasi-cyclic codes with sparse generator matrices, so limiting the number of elementary operations needed for encoding. Circulant matrices of the proposed class permit to hit both targets without resorting to identity or permutation matrices that may penalize the code minimum distance and often cause significant error floors.
△ Less
Submitted 5 September, 2013;
originally announced September 2013.
-
Coding with Scrambling, Concatenation, and HARQ for the AWGN Wire-Tap Channel: A Security Gap Analysis
Authors:
Marco Baldi,
Marco Bianchi,
Franco Chiaraluce
Abstract:
This study examines the use of nonsystematic channel codes to obtain secure transmissions over the additive white Gaussian noise (AWGN) wire-tap channel. Unlike the previous approaches, we propose to implement nonsystematic coded transmission by scrambling the information bits, and characterize the bit error rate of scrambled transmissions through theoretical arguments and numerical simulations. W…
▽ More
This study examines the use of nonsystematic channel codes to obtain secure transmissions over the additive white Gaussian noise (AWGN) wire-tap channel. Unlike the previous approaches, we propose to implement nonsystematic coded transmission by scrambling the information bits, and characterize the bit error rate of scrambled transmissions through theoretical arguments and numerical simulations. We have focused on some examples of Bose-Chaudhuri-Hocquenghem (BCH) and low-density parity-check (LDPC) codes to estimate the security gap, which we have used as a measure of physical layer security, in addition to the bit error rate. Based on a number of numerical examples, we found that such a transmission technique can outperform alternative solutions. In fact, when an eavesdropper (Eve) has a worse channel than the authorized user (Bob), the security gap required to reach a given level of security is very small. The amount of degradation of Eve's channel with respect to Bob's that is needed to achieve sufficient security can be further reduced by implementing scrambling and descrambling operations on blocks of frames, rather than on single frames. While Eve's channel has a quality equal to or better than that of Bob's channel, we have shown that the use of a hybrid automatic repeat-request (HARQ) protocol with authentication still allows achieving a sufficient level of security. Finally, the secrecy performance of some practical schemes has also been measured in terms of the equivocation rate about the message at the eavesdropper and compared with that of ideal codes.
△ Less
Submitted 29 August, 2013;
originally announced August 2013.