Tae-hoi Huh,Sangho Lee,Woo-Young Chang

DOI: https://doi.org/10.1177/223386590701000112

2007-03-01

International Area Review

Abstract:with rapid development of science and technology and the evolution of information revolution, International security environment is being reshaped. Important factors that determine national security competence—military operations, intelligence information on advanced weapons and enemy forces, economic activities that form the poles of national power, government's major systems—are exposed to hostile cyber attacks or accidental intrusions. Therefore, protecting information systems has emerged as an urgent national security issue. In particular, in waging wars, the concept of electronic/communications war that seek destruction of enemy command and control system, has been transformed into a more comprehensive and proactive concept of information warfare by the introduction of the cyber war doctrine. Information warfare encompasses pursuit of paralysis and destruction of a nation's all social infrastructure system and military control power. The existing concept of security strategy, which is a passive concept devised for protection of national information and information system, has been replaced by the proactive and aggressive concept of information warfare strategy. Information warfare seek early and effective victory by cyber attacks that can destroy the enemy's war capability and morale. Korea, which is a leader in information technology as well as a country vulnerable to attacks challenging information security, should prepare for information warfare of the twenty first century. Provision of more systematic and detailed measures—new response strategies, the establishment of national information security response system, creation or reorganization of institutions, and training of human resources—to cope with changes in international information security environment is called for. In addition, the private, public, and military organizations should work together to introduce joint defense strategies and organizations. As an organic integrated defense system has to be established, the government has to establish a governmental system for systematic system for threat assessment, judgment, and response. In particular, the role and responsibilities of the NSC should be upgraded. The government has been tilted toward domestic security and social issues as it responded to cyber crimes and terrors. Such tendency should be guarded against.

Harold Thimbleby

DOI: https://doi.org/10.1080/01611194.2015.1028680

2015-10-19

Cryptologia

Abstract:The German World War II Enigma suffered from design weaknesses that facilitated its large-scale decryption by the British throughout the war. The author shows that the main technical weaknesses (self-coding and reciprocal coding) could have been avoided using simple contemporary technology, and therefore the true cause of the weaknesses is not technological but must be sought elsewhere. Specifically, human factors issues resulted in the persistent failure to seek out more effective designs. Similar limitations seem to beset the literature on the period, which misunderstands the Enigma weaknesses and therefore inhibits broader thinking about design or realising the critical role of human factors engineering in cryptography.

mathematics, applied,computer science, theory & methods,history & philosophy of science

Thea Riebe,Philipp Kühn,Philipp Imperatori,Christian Reuter

DOI: https://doi.org/10.1007/s41125-022-00080-0

2022-02-26

European Journal for Security Research

Abstract:Abstract Cryptography has become ubiquitous in communication technology and is considered a necessary part of information security. However, both the regulation to restrict access to cryptography, as well as practices to weaken or break encryption, are part of the States’ security policies. The United States (U.S.) regulate cryptography for export in international trade as a dual-use good. However, the regulation has been increasingly loosened and transferred to bilateral agreements with Information and Communication Technology companies. At the same time, the National Security Agency attempted to implement a government encryption standard to guarantee itself easier access to data, thus progressively expanding surveillance on non-U.S. citizens. In this paper, using comparative policy analysis, we examine the evolution of both security policies by tracing the historical development of U.S. regulation of cryptography as a dual-use good, and surveillance technologies, and practices used from the 1990s to today. We conclude that the impact of the dual-use regulation has affected the efficiency of surveillance technology, by loosening regulations only for mass communication services, thereby supporting the proliferation of surveillance intermediaries, while working on strategies to collaborate and exploit their coverage.

Brooke Dalton,Mark Stamp

DOI: https://doi.org/10.1080/01611194.2024.2304888

2024-03-16

Cryptologia

Abstract:We determine the accuracy with which machine learning and deep learning techniques can classify selected World War II era ciphers when only ciphertext is available. The specific ciphers considered are Enigma , M-209 , Sigaba , Purple , and Typex . We experiment with three classic machine learning models, namely, Support Vector Machines (SVM), k -Nearest Neighbors ( k -NN), and Random Forest (RF). We also experiment with four deep learning models: Multi-Layer Perceptrons (MLP), Long Short-Term Memory (LSTM), Extreme Learning Machines (ELM), and Convolutional Neural Networks (CNN). Each model is trained on features consisting of histograms, digrams, and raw ciphertext letter sequences. Furthermore, the classification problem is considered under four distinct scenarios: Fixed plaintext with fixed keys, random plaintext with fixed keys, fixed plaintext with random keys, and random plaintext with random keys. Under the most realistic scenario, given 1,000 characters per ciphertext, we are able to distinguish the ciphers with more than 97% accuracy. In addition, we consider the accuracy of a subset of the learning techniques as a function of the ciphertext length. We find that classic learning models outperform the deep learning models that we tested, and ciphers that are more similar in design are somewhat more challenging to distinguish.

mathematics, applied,computer science, theory & methods,history & philosophy of science

Frank Cain

DOI: https://doi.org/10.1177/0022009405049270

IF: 0.7

2005-01-01

Journal of Contemporary History

Abstract:The USA persuaded its European allies under the terms of the Marshall Plan to agree to embargo exports to the Soviet bloc in 1947 and to the PRC when it was established in 1949. This ban took the form of an East/West trade war and literally banned the export of everything from needles to anchors. As the West invented new technology such as coaxial telephone cable or scientific instruments, these were embargoed, although the Soviets were able to develop their own versions of those products. The Americans were early developers of the electronic computer, supported greatly by extensive sales to the military. The British looked to sell their computers in external markets, including the Soviet bloc and China. The Americans objected, but their officials did not wish to alienate the British from continuing to support the East/West trade embargo and allowed a small number to be sold. US support for such sales was important because the British machines contained some essential US equipment. The Wilson government sought to expand the development and export of British high technology, including computers. This article highlights the tension between Britain and the USA, particularly under the Nixon administration, over how the British computer firms struggled to obtain sales in the communist countries.

history

Peter Han Joo Chong,Nils Agne Nordbotten

DOI: https://doi.org/10.1109/mcom.2024.10401868

IF: 9.03

2024-01-01

IEEE Communications Magazine

Abstract:Information is at the heart of military systems and operations. Great efforts are therefore taken to protect this information and the containing systems. At the same time, history illustrates the willingness to overcome or circumvent these protections given sufficient motivation and capability. One of the most famous examples being the breaking of the Enigma code during World War II.

telecommunications,engineering, electrical & electronic

Bryan Leese

DOI: https://doi.org/10.21140/mcuj.20231402006

2023-08-31

Journal of Advanced Military Studies

Abstract:The Cold War computer arms race illustrates the military’s role in strategic competition. The Soviets bought and stole, versus creating computer technology themselves. A U.S.-led coalition integrated economic, diplomatic, and information mechanisms, embargoing computer technology to disadvantage the Soviets. President Ronald W. Reagan’s offset strategy integrated military power, openly demonstrating computer-infused weapons lethality that jeopardized Soviet quantitative military advantage. President Reagan’s use of the computer arms race shows a way to conduct and integrate a strategic competition campaign of deterrence that includes coercive diplomacy with diplomatic efforts that can deter China and Russia while encouraging them to reverse harmful foreign and domestic policies.

Ruming Yin,Shuangqing Wei,Jian Yuan,Xiuming Shan,Xiqin Wang

DOI: https://doi.org/10.1109/MILCOM.2010.5680485

2010-01-01

Abstract:In this paper, we study the effects of channel errors on security and decoding error probability of three encryption systems where encrypted message is sent and eavesdropped over binary symmetric channels (BSC). The three systems are all based on Data Encryption Standard (DES) in cipher feedback (CFB) mode. They are DES only (DC), DES concatenated with Reed Solomon encoding (DCRS), and DES concatenated with RS coding and S-box diffusion (DCRSS). We adopt linear cryptanalysis to quantitatively measure the effects of channel errors on the security of these systems. We have found the required known cipher-plain text pairs in each system for linear attack launched by Eve, an eavesdropper. In addition, performance analysis in terms of decoded information bit error probability (IBER) for Bob, the legitimate receiver, has been conducted for each system, whose accuracy is later verified by simulation results. Our results suggest there exists tradeoff between communication reliability and security. More security level can be attained by sacrificing the accuracy at the legitimate receiver end, which can be captured by the relationship between IBER and our proposed novel metric, security improvement factor (SIF).

Shujun Li,Xuanqin Mou,Yuanlong Cai

2007-01-01

Abstract:Since 1989, many contributions have been devoted to the methods of using chaos to construct digital ciphers. Although some chaotic ciphers have been known insecure and several defects have been found, a large number of chaotic ciphers still remain secure till now. Furthermore, in the past few years, some novel chaotic ciphers have been proposed, which avoid some weaknesses in previous chaotic ciphers and seem to have stronger cryptographic properties. In this paper, we first review the progress of the digital chaotic ciphers nowadays from 1989 till now (2002), and then discuss some problems in the general design of digital chaotic ciphers and possible solutions. Some suggestions are given on the future directions in chaotic cryptography. We believe that the research on chaotic cryptography will be helpful to benefit the conventional cryptology and open a broader road to more perfect ciphers.

丁国良,李志祥,尹文龙,赵强

DOI: https://doi.org/10.3724/sp.j.1087.2009.02200

2009-01-01

Abstract:To study the vulnerability of Advanced Encryption Standard (AES) against electromagnetic side channel attacks, the article analyzed the electromagnetic information leakage model of microcomputer and the choice of D function. Then, concerning the AES-128 bits cryptographic system realized by the 89C51 microchip, Differential Electromagnetic Analysis (DEMA) algorithm, which was used into an attack experiment and succeeded in obtaining 128 bits secret key of AES-128, was described. After analyzing the experimental results, the leakage of secret information produced by ByteSub transformation was detected. This method can be regarded as a new protective measure in cryptographic systems.

Zongyue Wang,Xiaoyang Dong,Keting Jia,Jingyuan Zhao

DOI: https://doi.org/10.1155/2014/251853

IF: 1.43

2014-01-01

Mathematical Problems in Engineering

Abstract:The confidentiality of GSM cellular telephony depends on the security of A5 family of cryptosystems. As an algorithm in this family survived from cryptanalysis, A5/3 is based on the block cipher KASUMI. This paper describes a novel differential fault attack on KAUSMI with a 64-bit key. Taking advantage of some mathematical observations on the FL, FO functions, and key schedule, only one 16-bit word fault is required to recover all information of the 64-bit key. The time complexity is only 2(32) encryptions. We have practically simulated the attack on a PC which takes only a few minutes to recover all the key bits. The simulation also experimentally verifies the correctness and complexity.

Miles E. Smid

DOI: https://doi.org/10.6028/jres.126.024

2021-08-16

Journal of Research of the National Institute of Standards and Technology

Abstract:Strong cryptographic algorithms are essential for the protection of stored and transmitted data throughout the world. This publication discusses the development of Federal Information Processing Standards Publication (FIPS) 197, which specifies a cryptographic algorithm known as the Advanced Encryption Standard (AES). The AES was the result of a cooperative multiyear effort involving the U.S. government, industry, and the academic community. Several difficult problems that had to be resolved during the standard’s development are discussed, and the eventual solutions are presented. The author writes from his viewpoint as former leader of the Security Technology Group and later as acting director of the Computer Security Division at the National Institute of Standards and Technology, where he was responsible for the AES development.

instruments & instrumentation,physics, applied

Zakaria Tolba

2024-02-24

Abstract:With the rising popularity of the internet and the widespread use of networks and information systems via the cloud and data centers, the privacy and security of individuals and organizations have become extremely crucial. In this perspective, encryption consolidates effective technologies that can effectively fulfill these requirements by protecting public information exchanges. To achieve these aims, the researchers used a wide assortment of encryption algorithms to accommodate the varied requirements of this field, as well as focusing on complex mathematical issues during their work to substantially complicate the encrypted communication mechanism. as much as possible to preserve personal information while significantly reducing the possibility of attacks. Depending on how complex and distinct the requirements established by these various applications are, the potential of trying to break them continues to occur, and systems for evaluating and verifying the cryptographic algorithms implemented continue to be necessary. The best approach to analyzing an encryption algorithm is to identify a practical and efficient technique to break it or to learn ways to detect and repair weak aspects in algorithms, which is known as cryptanalysis. Experts in cryptanalysis have discovered several methods for breaking the cipher, such as discovering a critical vulnerability in mathematical equations to derive the secret key or determining the plaintext from the ciphertext. There are various attacks against secure cryptographic algorithms in the literature, and the strategies and mathematical solutions widely employed empower cryptanalysts to demonstrate their findings, identify weaknesses, and diagnose maintenance failures in algorithms.

Artificial Intelligence,Information Retrieval,Cryptography and Security

Jens Wegener

DOI: https://doi.org/10.1080/16161262.2019.1697539

2019-12-19

Journal of Intelligence History

Abstract:In the summer of 1967, with antiwar and civil rights protests dominating the news, U.S. president Lyndon B. Johnson tasked law enforcement and intelligence agencies with investigating links between domestic civil unrest and foreign governments, particularly the Soviet Union. One of the outcomes was HYDRA, a CIA-led counter-intelligence database intended to leverage novel digital information technology to uncover previously unseen links to foreign threats. The paper argues that conceptualizing HYDRA as technological system which mobilized resources from across the federal government as well as from foreign partner agencies, allows us to raise larger questions about the impact of information technology on intelligence work: How did computer technology change everyday practices within intelligence and security services? Did public opposition to computerization efforts contribute to a critical discourse within Western societies associating security databases with attacks on freedom and democracy? Did the use of computers contribute to a new culture of security that shifted attention from great power rivalries to technological, networked or transnational threats which became characteristic of the Information Age?

Imran Makhdoom,Mehran Abolhasan,Justin Lipman

DOI: https://doi.org/10.1016/j.cose.2022.102784

2022-09-01

Abstract:Data encryption aims to protect the confidentiality of data at storage, during transmission, or while in processing. However, it is not always the optimum choice as attackers know the existence of the ciphertext. Hence, they can exploit various weaknesses in the implementation of encryption algorithms and can thus decrypt or guess the related cryptographic primitives. Moreover, in the case of proprietary applications such as online social networks, users are at the mercy of the vendor’s security measures. Therefore, users are vulnerable to various security and privacy threats. Contrary to this, covert communication techniques hide the existence of communication and thus achieve security through obscurity and hidden communication channels. Over the period, there has been a significant advancement in this field. However, existing literature fails to encompass all the aspects of covert communications in a single document. This survey thus endeavors to highlight the latest trends in covert communication techniques, related challenges, and future directions.

computer science, information systems

Fernando Peralta Castro

2024-11-12

Abstract:Cryptography, derived from Greek meaning hidden writing, uses mathematical techniques to secure information by converting it into an unreadable format. While cryptography as a science began around 100 years ago, its roots trace back to ancient civilizations like Mesopotamia and Egypt. Over time, cryptography evolved from basic methods to complex systems involving number theory, such as modular arithmetic, the Euclidean algorithm, and Eulers totient function. This paper explores the link between early information hiding techniques and modern cryptographic algorithms like RSA, which use advanced number theory to secure data for billions of people. By analyzing historical methods, this study shows how the development of number theory enabled the transition from simple letter shifting ciphers, like the Caesar and Vigenere ciphers, to more sophisticated encryption methods. This evolution reflects a profound impact on daily life and the importance of number theory in protecting information.

Cryptography and Security

U. Herath,J. Alawatugoda,R.G. Ragel

DOI: https://doi.org/10.1109/ICIInfS.2013.6731958

2014-03-06

Abstract:Advanced Encryption Standard (AES) is a symmetric key encryption algorithm which is extensively used in secure electronic data transmission. When introduced, although it was tested and declared as secure, in 2005, a researcher named Bernstein claimed that it is vulnerable to side channel attacks. The cache-based timing attack is the type of side channel attack demonstrated by Bernstein, which uses the timing variation in cache hits and misses. This kind of attacks can be prevented by masking the actual timing information from the attacker. Such masking can be performed by altering the original AES software implementation while preserving its semantics. This paper presents possible software implementation level countermeasures against Bernstein's cache timing attack. Two simple software based countermeasures based on the concept of "constant-encryption-time" were demonstrated against the remote cache timing attack with positive outcomes, in which we establish a secured environment for the AES encryption.

Cryptography and Security

孙维东,俞军,沈磊

DOI: https://doi.org/10.15943/j.cnki.fdxb-jns.2013.03.003

2013-01-01

Abstract:The ability of symmetric encryption algorithm AES and DES against the differential fault analysis is examined.Two kinds of differential fault analysis on AES are described,and the initial key is recovered by software emulation.The result shows that the attack on AES can be realized by 20 times of fault-inductions.Then a new differential fault analysis on DES is described.The principle of this attack is analogous to differential fault analysis on AES.Result shows that attack on DES needs more fault-inductions.Therefore symmetric encryption algorithm AES and DES without any protection are vulnerable to differential fault analysis.It is presented that such attacks can be resisted by fault-detection.

Jia Chen,Dongyue Xue,Xuejia Lai

DOI: https://doi.org/10.1007/s11859-008-0612-4

2008-01-01

Abstract:The security of international date encryption algorithm (IDEA(16)), a mini IDEA cipher, against differential cryptanalysis is investigated. The results show that IDEA(16) is secure against differential cryptanalysis attack after 5 rounds while IDEA(8) needs 7 rounds for the same level of security. The transition matrix for IDEA(16) and its eigenvalue of second largest magnitude are computed. The storage method for the transition matrix has been optimized to speed up file I/O. The emphasis of the work lies in finding out an effective way of computing the eigenvalue of the matrix. To lower time complexity, three mature algorithms in finding eigenvalues are compared from one another and subspace iteration algorithm is employed to compute the eigenvalue of second largest module, with a precision of 0.001.