methods for subliminal channels Kazukuni Kobara and Hideki Imai Institute of Industrial Science, The University of Tokyo
|
|
- Bathsheba Stephens
- 5 years ago
- Views:
Transcription
1 In Proc. of International Conference on Information and Communications Security (ICICS'97) : LNCS 1334, pp.325{334,(1997) Self-synchronized message randomization methods for subliminal channels Kazukuni Kobara and Hideki Imai Institute of Industrial Science, The University of Tokyo Roppongi, Minato-ku, Tokyo 106, Japan TEL : Ext 2327 FAX : kobara@imailab.iis.u-tokyo.ac.jp Abstract. When one transmits a secret message sequence on a random number type subliminal channel, he/she has to convert the secret message sequence into a (practically) indistinguishable random number sequence rst, and then embeds it on a carrier sequence. Otherwise the carrier sequence could be distinguished from one that contains no secret message. If others can distinguish whether a secret message sequence is embedded in the carrier sequence, the carrier sequence cannot be a subliminal channel. That is, a converterto convert any message sequence into a (practically) indistinguishable one is required. Moreover in many applications of subliminal channels, the deconverter corresponding to the converter should be self-synchronized with the converted sequence, because additional information to synchronize reduces the indistinguishability. Therefore, both (practical) indistinguishability and self-synchronization are required to the converter for subliminal channels. Vernum encryption can convert any message sequences into perfectly indistinguishable random number sequences. However the receivers cannot decode the message sequences from anywhere of the converted sequences without any knowledge of the synchronization. On the contrary, (ECB), CBC, CFB mode block ciphers and self-synchronizing stream ciphers can realize the self-synchronization. However, most of the output sequences can be distinguished from real or well-designed random number sequences by using the birthday paradox distinguishers we propose in this paper under some conditions. In this paper, we design some pairs of converters and deconverters that satisfy both (practical) indistinguishability and self-synchronization. 1 Introduction Subliminal channels[1][2][3][4] can be made on any digital data satisfying the following conditions: 1. A random number generated by the transmitter is used to generate the digital data. 2. The value of the digital data is not independent of the generated random number.
2 3. Others cannot distinguish whether a secret message sequence is embedded in the sequence of the digital data. 4. The subliminal receiver has access to the digital data and it is possible to decode a transmitted symbol sequence from a sequence of the digital data. We call such digital data a carrier. Suppose that the carriers are generated successively from the transmitter. Then let a symbol s i denote the value of the i th carrier, and t i denote the i th transmitting symbol from the subliminal transmitter to the subliminal receiver. In order to satisfy the condition 4, two methods are available according to whether the receiver can obtain the generated random number sequence. When he/she can, it is satised by only substituting a transmitting symbol sequence for the random number sequence. For example, challenge sequences in challengeresponse protocols are random number sequences themselves and the receiver can obtain it. Therefore by only substituting a transmitting symbol sequence for the random number sequence, the transmitter can send the sequence to the receiver. In case of DSA signatures ( ^m; d; sig) 1, the receiver can obtain the generated random number r from ( ^m; d; sig) by that the signer informs his/her secret x to the receiver in advance, because r = sig 01 (h(^m)+xd) modq [4]. However, in order to satisfy the condition 3, the transmitting symbol sequence must be (practically) indistinguishable sequence. When the receiver cannot obtain the generated random number sequence from the digital data, the following method [4] is available. We call this method the searching method. Let S and T denote the sets of carrier symbols and transmitting symbols, then jsj and jt j denote the number of the elements of them, respectively. Let the number of transmitting (receiving) symbols jt j (jt 0 j) be small, then assign all the elements of S onto each element of T 0 uniformly as shown in Fig.1. A transmitter and the receiver share the mapping and keep it secret. The mapping have to be dicult for others to guess. Therefore, Ext(H k (s)) or Ext(H(E k (s))) can be used as the secret mapping, where Ext is a function to extract some bits from the input, E k is an encryption function, H is a hash function and H k is a key-dependent hash function. When a transmitter sends a symbol, he/she selects r at random, and then check whether the r is transformed onto the legitimate transmitting symbol t. If so, he/she uses the r as the random number. Otherwise he/she selects another r and repeats the same process until he/she nds an appropriate r. He/she can nd such r by trying jt 0 j elements in R on average. The channel capacity and errorrateversus jt j was estimated [5]. By using this method, transmitters can send a symbol on any digital data as long as the data satisfy the conditions 1 and 2. In case of DSA signatures 1 sig = r 01 (h(^m) +xd) modq, d = g r mod p. p and q are large primes satisfying qjp 0 1. g = g 0 p01 q where g 0 is a primitive element ofgf(p). h(^m) is a hash value of an open message ^m. x is the signer's secret. r is a random number generated by the transmitter.
3 transmitting symbols random number symbols states of a carrier receiving symbols T R S T t=0 O X t=0 O X t=1 X t=1 Fig. 1. Searching method (^m; d; sig), the searching method can be used to nd r satisfying t i = Ext(H(E k (g r mod p))) (1) 2,wherejj denotes concatenation. In order to satisfy the condition 3, the sequence of r satisfying the equation (1) must be a (practically) indistinguishable random number sequence. Because it is easy to prove that the sequence of r becomes a (practically) indistinguishable random number sequence when the transmitted symbol sequence is a (practically) indistinguishable random number sequence as long as the mapping Ext(H(E k ())) or Ext(H k ()) is uniform mapping, and that Ext(H(E k ())) and Ext(H k ()) can usually be considered as uniform mappings, the condition 3 can be satised by only converting a message sequence into a (practically) indistinguishable random number sequence. That is, if a transmitter can convert any message sequences into (practically) indistinguishable random number sequences, he/she can satisfy the condition 3 no matter whether the receiver can observe the generated sequence. Vernum encryption can be the converter. However, it is not a practical way from the viewpoint of synchronization. In many applications of subliminal channels, receivers have to be able to decode the message sequence from middle of the carrier sequence without any knowledge of the synchronization. For example, suppose that a center is a receiver of subliminal message sequences and that software distributed by the center is the transmitter. After that the software is installed to users' computers, the software starts embedding a short subliminal message sequence repetitively on a kind of digital data which is usually used for another purpose such as digital signatures or challenges of challengeresponse protocols, of course the center has to have access to the data. Suppose 2 t i = Ext(H(E k (r 01 (h(^m)+xd) modq))) and t i = Ext(H(E k (g r mod pjjr 01 (h(^m)+ xd) mod q))) are also possible. We ignore subliminal channels on an open message ^m.
4 that there is no feedback channel from the center to the software, and that the center starts observing the carrier sequence when he/she wants. In this case, self-synchronizing is indispensable. (ECB), CBC, CFB mode block ciphers and self-synchronizing stream ciphers [6][7][8] can realize the self-synchronization. However, most of the output sequences are distinguished from real or well-designed pseudo random number sequences by birthday paradox distinguishers we propose in section 2.2 under some conditions. In this paper, we design some pairs of converters and deconverters that realize self-synchronization and that generate more (practically) indistinguishable random number sequences. 2 Distinguishers In order to consider indistinguishability[9], we have to consider what can be distinguishers rst. The following is a list of the distinguishers. 2.1 Cryptanalytic Distinguishers Because receivers can decode a secret message sequence from a carrier sequence, a decoding rule must exist. That is, by nding the decoding rule and then verifying that an understandable message sequence for the receiver can be decoded from the sequence, the sequence can be distinguished from real or well-designed pseudo random number sequences. Therefore, all the cryptanalytic algorithms can be distinguishers. 2.2 Statistical Distinguishers The following distinguishers detect statistical dierences between the sequences. In order to detect them with reasonably high probability, distinguishers have to observe over a certain length of carrier sequences. If the length is sucient large against the length that the transmitter generates in practical use, the distinguishers cannot distinguish them practically. Chi-square test Chi-square test detects the dierences of the probability distribution between two sequences. Suppose the sequences are concatenation of symbols in T. Then let jtj and Ejtj denote the number of each symbol appeared in a sequence, and the expected value. If 2 which is calculated by the following equation is greater than 2 0, which is a border to be able to consider that each jtj follows the expected value of jtj, a statistical hypothesis that the sequence follows the expected probability distribution can be rejected. X jtj0ejtj2 2 = (2) Ejtj t2t 2 0 can be found in a chi-square chart.
5 Statistics of used or unused symbols Let a denote jt j and x denote the number of kinds of unused symbols in n observed symbols. If a sequence is generated uniformly, Pr(x; n) is given by the following equation[10]: Pr(x; n) = a! a0x X n (01) i 1 a 0 x 0 i : (3) x! i!(a 0 x 0 i)! a i=0 If a is large, the equation (3) can be simplied to the following equation: Pr(x; n) ' a! xn e0 a (1 0 e 0 n a ) x!(a 0 a0x : (4) x)! It can be seen as binomial distribution whose average is ae 0 n a and whose distribution is ne 0 n a (1 0 e 0 n a ). Therefore, if x does not follow the equation (3) or (4), a statistical hypothesis that the sequence is generated uniformly can be rejected. Cycle length Pseudo random number generators are usually designed not to generate short cycles, and then real random number sequences do not make any cycle. Therefore, an algorithm to detect a short cycle length can be a distinguisher. Birthday paradox 2 test and statistics of used or unused symbols become more powerful by applying them to the next symbol after n 0 xed symbols are observed. However in order to get a lot of samples of the n 0 xed symbols, the distinguishers must observe O(jT j n0 ) symbols continuously. Therefore, we propose to reduce the number O(jT j n0 )too(jt j n0 =2 ) by using birthday paradox. We call this distinguisher the birthday paradox distinguisher. The following is the algorithm. Birthday paradox distinguisher Step 1: Observe a sequence of the length of l symbols continuously. Step 2: Find the same patterns as (t i ; 111;t 0 i+(n 01) )inthel symbol sequence for dierent i. Step 3a: Take statistics of the rate that the next symbols after the same pattern coincide. Step 4a: If the rate is far from 1 jt j, the sequence can be distinguished from the real or well-designed pseudo random number sequences. Step 3b: Take statistics of the number of appeared symbols as the next symbols after the same pattern. Step 4b: If the number does not follow the equation (3) or (4), the sequence can be distinguished from the real or well-designed pseudo random number sequences. By the birthday paradox, such sets which coincide with the same (t i ; 111;t i+(n 0 01) ) for dierent i can be obtained by observing about jt j n0 =2 symbols.
6 3 Structure of converters and deconverters Suppose a transmitter divides a message sequence into some blocks, and then converts them into a sequence of transmitting symbols by each block. Let m i and t i denote the value of the i th block in a message sequence and a converted sequence (a transmitting sequence), respectively 3. The sequence of t is transmitted to the receiver by being embedded in a carrier sequence. The receiver obtains the sequence of t from the carrier sequence, and then deconverts it into a sequence of m. Let Conv and Dec denote a converter and a deconverter, respectively. We express them as the following functions: t i = Conv (ith mapping determining input) (m i) (5) m i = Dec (ith mapping determining input) (t i): (6) If the mapping from m i to t i is xed for every i, Pr(t i jm i ) = 1or0. This means the sequence of t can be distinguished from real or well-designed pseudo random number sequences very easily, unless the sequence of m is a real or well-designed pseudo random number sequence. In order to make itbepr(t i jm i )=1=jT j, the i th mapping determining input must contain data which are dynamically changed every i. However, it cannot contain data the receiver cannot obtain because self-synchronization has to be realized. The universal data the receiver can obtain is (t i01 ; 111;t i0n ) for small n. Therefore we include (t i01 ; 111;t i0n ) in the i th mapping determining input. Moreover, we recommend to include nondeterministic input u i in the i th mapping determining input to prevent that the output sequence makes a cycle when a periodic message sequence is transmitted. Nondeterministic input is dened as follows: Denition 1 Let o i denote all the input other than an input u i of a function. If u i cannot be expressed by any deterministic function of (o i ; 111;o i01 ;u i01 ; 111;u i01 ), the u i is nondeterministic input. Nondeterministic input can be taken from timing of key typing or moving of a mouse etc. It is even possible to input it by hands, because it is just for preventing making a cycle and then rigid uniformity is not necessarily required as long as it is nondeterministic. Only one bit of nondeterministic input can change the output sequence dramatically. Because the number of possible output sequences of the length of l symbols increases exponentially as l increases, though it does not increase when the converter has no nondeterministic input. If others can observe the sequence of t, akey k must be included in all the mapping determining input. The key k must be transmitted to the receiver in advance. 3 Note that this block size has nothing to do with the block size which isusedto transmit a message symbol on a carrier.
7 As a result, the converter and the deconverter must be expressed as follows: t i = Conv ((k);(ui );t i01 ;111;t i0n )(m i ) (7) m i = Dec ((k);(ui );t i01 ;111;t i0n )(t i ): (8) k and u i are optional and they can be removed according to a situation. Well-designed converters that can be expressed in the above form can achieve Pr(t i j(k);m i ;t i01 ; 111;t i0n 0 ) '( 1 jt j (n 0 <n) 1 juj or 0 (n0 n) : (9) In order to distinguish it from real or well-designed pseudo random number sequences, O(jT j n=2 )symbols have to be observed under the condition that m i is xed for every i. IfO(jT j n=2 ) is suciently large, the output sequence can be considered as a practically indistinguishable against known distinguishers. 4 Designing concrete converters and deconverters In this section, we design some converters and deconverters by using encryption functions E (whose decryption functions are D) and hash functions H whose input size is innite. We suppose that 1. E and D can be considered as (pseudo) random permutations 2. H can be considered as a (pseudo) random function 3. m i is xed for every i. 4.1 When both receivers and others can obtain the transmitted symbols t In this case, a key k is required. We consider the following equations rst: t 0 i = E Ext(H(kjjui jjt i01 jj111jjt i0n ))(m i ) (10) t i =(t 0 ijju i ) (11) m i = E Ext(H(kjjui jjt i01 jj111jjt i0n ))(t 0 i ); (12) where jj denotes concatenation, and Ext denotes a function to extract some bits from the input to adjust the output size to the key size of E (dierent from the size of k). u i is nondeterministic input described in the section 3. Though the mapping from M i to T i is changed every i, Pr(t i jk; m i ) 6= 1=jT j when the key size of E (dierent form the size of k) is smaller than the plain text size of one block of E (D). Therefore this combination cannot be used universally.
8 The following structure can be considered to satisfy Pr(t i jk; m i ;t i01 ; 111;t 0 i0n ) ' 1 jt j for n0 <nas long as u i is uniform, because E is permutation and H can be considered as a (pseudo) random function. t 0 i = E k (m i 8 H(u i jjt i01 jj111jjt i0n )) (13) t i =(t 0 ijju i ) (14) m i = E k (t 0 i 8 H(u i jjt i01 jj jjt i0n )); (15) where 8 denotes an exclusive-or operation. However, the birthday paradox distinguishers can distinguish the sequence of t (t 0 ) from real or well-designed random number sequences by observing O(jHj 1=2 ) symbols successively, because anyone can know the hash value of (u i jjt i01 jj jjt i0n ) and then he/she can verify that the following equation is held when these equations are used. Pr(t 0 i = t 0 jjh(u i jjt i01 jj111jjt i0n )=H(u j jjt j01 jj jjt j0n )) = 1 (16) Such i and j can be found by observing O(jHj 1=2 ) symbols successively, where jhj denotes the number of possible output of H. Though O(jHj 1=2 ) might be still large, it is not the optimum characteristic the equation(7) and (8) can achieve. From the same discussion, the birthday paradox distinguishers can distinguish output sequences of CBC and CFB mode block ciphers from real or well-designed random number sequences by observing O(jEj 1=2 ) symbols successively, where jej denotes two power of the plain text size of one block of E. The following equations have the optimum characteristic, because the hash value of H(E k ()) is not known to others 4. t 0 i = m i 8 H(E k (u i jjt i01 jj111jjt i0n )) (17) t i =(t 0 ijju i ) (18) m i = t 0 i 8 H(E k (u i jjt i01 jj jjt i0n )) (19) However it is not desirable because u i must be uniform exactly. Ifitisnot uniform, others might be able to distinguish the dierence. The following equations accept a little biased u i,becauseu i is exclusive-ored by the output of H, and the output of H can be considered as uniform from the assumption of H. t i = E k ((m i jju i ) 8 H(E k (t i01 jj jjt i0n ))) (20) m i = Rem(D k (t i ) 8 H(E k (t i01 jj111jjt i0n ))) = Rem(m i jju i ); (21) where Rem(m i jju i ) is a function to remove u i from (m i X jju i ). In this case, Pr(t i = t j j(t i01 ; 111;t i0n )=(t j01 ; 111;t j0n )) = Pr(u i ) 2 (22) u i 2U 4 It is possible to substitute a key-dependent hash function H k for the H(E k ()).
9 where U denotes a set of all the possible values of u. When u is uniform, the right side becomes 1=jUj 5. However it seems a little bit redundant to use E twice. The main purpose of E k is to keep the output values of H secret. The following equations perform the same purpose by one E. t 0 i =(m i jju i ) 8 H(t 0 i01jj111jjt 0 i0n) (23) t i = E k (t 0 i) (24) t 0 i = D k (t i ) (25) m i = Rem(t 0 i 8 H(t 0 i01jj111jjt 0 i0n)) = Rem(m i jju i ) (26) Moreover, H does not have tobeaone-way or a collision-free function in this case as long as H can be considered as a (pseudo) random function. Therefore we recommend equations(23) and (24) as a converter which can convert any message sequences into practically indistinguishable random number sequences, and then recommend equation (25) and (26) as the deconverter. The deconverter can self-synchronize with the sequence of t after n symbols are observed. Moreover, the sequence of t does not make acycleeven if the same message symbol is transmitted repetitively because of the nondeterministic input. Only one bit per i of the nondeterministic input is sucient to prevent making a cycle. The bit size of u i can be used as a security parameter to control the balance of indistinguishability and information transmission rate (bit size of m i / bit size of t i ). When indistinguishability is more important than the information transmission rate, the bit size should be increased. On the contrary, when the rate is more important than indistinguishability, it should be decreased. It is even possible to remove it if either m i is nondeterministic or that the bit size of (t 0 i01jj111jjt 0 i0n ) is suciently large. In order to distinguish the sequence of t, a distinguisher either has to break the E k or has to observe continuous O(jT j n=2 ) symbols under the assumption that m i is xed. 4.2 When others cannot know the transmitted symbols t In this case, k is not necessarily required, because the sequences of t are kept in secret to others. Therefore, by the same reason discussion in the previous subsection, Conv and Dec can be simplied as follows: t i =(m i jju i ) 8 H(t i01 jj111jjt i0n ) (27) m i = Rem(t i 8 H(t i01 jj111jjt i0n )) = Rem(m i jju i ): (28) 5 If the rst (left) E k is removed in the equation(20), Pr(Rem(t i ) = Rem(t j )j(t i01; 111;t i0n) =(t j01; 111;t j0n))=1:
10 5 Conclusion We considered message randomization methods for subliminal channels. In many applications of subliminal channels, both self-synchronization and (practical) indistinguishability are required. However there is few methods to satisfy both. Although Vernum encryption perfectly satises the indistinguishability, it does not satisfy self-synchronization. On the contrary, although (ECB), CBC, CFB mode block ciphers and self-synchronizing stream ciphers satisfy self-synchronization, most of them do not have the optimum characteristic from the view point of indistinguishability. Therefore, we considered the structure to satisfy both (practical) indistinguishability and self-synchronization, and then designed some pairs of converters and deconverters. The converters can transform any message sequences into practically indistinguishable random number sequences, and the output sequences do not make any cycles because of the nondeterministic input. The deconverters can decode the message sequences from anywhere of the converted sequences. In order to distinguish the converted sequences from real or well-designed random number sequences, either underlying computational infeasibility to know t 0, t or k has to be broken or O(jT j n=2 ) symbols have to be observed under the situation that m i is xed every i. The next step of this research is to nd more powerful distinguishers and to evaluate the indistinguishability more exactly. References 1. B. Schneier. \Subliminal Channel". In \Applied Cryptography, Second Edition", pages 531{536. John Wiley & Sons, G. J. Simmons. \Subliminal Channels : Past and Present". European Trans. on Telecommunications, 4(4):459{473, Jul/Aug Y. Desmedt, C. Goutier, and S. Bengio. \Special uses and abuses of the at-shamir passport". In Proc. of CRYPTO '87, LNCS 293, pages 21{39. Springer{Verlag, G. J. Simmons. \Subliminal communication is easy using the DSA". In Proc. of EUROCRYPT '93, LNCS 765, pages 218{232. Springer{Verlag, K. Kobara and H. Imai. \The capacity of a channel with a one-way function". In Proc. of Japan{Korea Joint Workshop on Information Security and Cryptology (JW-ISC) '97, pages 173{179, R. A. Rueppel. \Stream ciphers". In Contemporary Cryptology, pages 65{134. IEEE Press, R. A. Rueppel. \Analysis and Design of Stream Ciphers". Springer{Verlag, J. Daemen, R. Govaerts, and J. Vandewalle. \resynchronization weakness in synchronous stream ciphers". In Proc. of EUROCRYPT '93, LNCS 765, pages 159{ 176. Springer{Verlag, D. R. Stinson. \Cryptography, Theory and Practice". CRC Press, S. Kullback. \Statistical methods in cryptanalysis". Aegean Park Press, This article was processed using the LaT E X macro package with LLNCS style
DUBLIN CITY UNIVERSITY
DUBLIN CITY UNIVERSITY SEMESTER ONE EXAMINATIONS 2013/2014 MODULE: CA642/A Cryptography and Number Theory PROGRAMME(S): MSSF MCM ECSA ECSAO MSc in Security & Forensic Computing M.Sc. in Computing Study
More information4. Design Principles of Block Ciphers and Differential Attacks
4. Design Principles of Block Ciphers and Differential Attacks Nonli near 28-bits Trans forma tion 28-bits Model of Block Ciphers @G. Gong A. Introduction to Block Ciphers A Block Cipher Algorithm: E and
More informationGeneric Attacks on Feistel Schemes
Generic Attacks on Feistel Schemes Jacques Patarin 1, 1 CP8 Crypto Lab, SchlumbergerSema, 36-38 rue de la Princesse, BP 45, 78430 Louveciennes Cedex, France PRiSM, University of Versailles, 45 av. des
More informationTMA4155 Cryptography, Intro
Trondheim, December 12, 2006. TMA4155 Cryptography, Intro 2006-12-02 Problem 1 a. We need to find an inverse of 403 modulo (19 1)(31 1) = 540: 540 = 1 403 + 137 = 17 403 50 540 + 50 403 = 67 403 50 540
More informationDifferential Cryptanalysis of REDOC III
Differential Cryptanalysis of REDOC III Ken Shirriff Address: Sun Microsystems Labs, 2550 Garcia Ave., MS UMTV29-112, Mountain View, CA 94043. Ken.Shirriff@eng.sun.com Abstract: REDOC III is a recently-developed
More informationo Broken by using frequency analysis o XOR is a polyalphabetic cipher in binary
We spoke about defense challenges Crypto introduction o Secret, public algorithms o Symmetric, asymmetric crypto, one-way hashes Attacks on cryptography o Cyphertext-only, known, chosen, MITM, brute-force
More informationMathematics Explorers Club Fall 2012 Number Theory and Cryptography
Mathematics Explorers Club Fall 2012 Number Theory and Cryptography Chapter 0: Introduction Number Theory enjoys a very long history in short, number theory is a study of integers. Mathematicians over
More informationJournal of Discrete Mathematical Sciences & Cryptography Vol. ( ), No., pp. 1 10
Dynamic extended DES Yi-Shiung Yeh 1, I-Te Chen 2, Ting-Yu Huang 1, Chan-Chi Wang 1, 1 Department of Computer Science and Information Engineering National Chiao-Tung University 1001 Ta-Hsueh Road, HsinChu
More informationNetwork Security: Secret Key Cryptography
1 Network Security: Secret Key Cryptography Henning Schulzrinne Columbia University, New York schulzrinne@cs.columbia.edu Columbia University, Fall 2000 cfl1999-2000, Henning Schulzrinne Last modified
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mar Zhandry Princeton University Spring 2017 Announcements Homewor 3 due tomorrow Homewor 4 up Tae- home midterm tentative dates: Posted 3pm am Monday 3/13 Due 1pm Wednesday
More informationNote Computations with a deck of cards
Theoretical Computer Science 259 (2001) 671 678 www.elsevier.com/locate/tcs Note Computations with a deck of cards Anton Stiglic Zero-Knowledge Systems Inc, 888 de Maisonneuve East, 6th Floor, Montreal,
More informationCryptography CS 555. Topic 20: Other Public Key Encryption Schemes. CS555 Topic 20 1
Cryptography CS 555 Topic 20: Other Public Key Encryption Schemes Topic 20 1 Outline and Readings Outline Quadratic Residue Rabin encryption Goldwasser-Micali Commutative encryption Homomorphic encryption
More informationGeneric Attacks on Feistel Schemes
Generic Attacks on Feistel Schemes -Extended Version- Jacques Patarin PRiSM, University of Versailles, 45 av. des États-Unis, 78035 Versailles Cedex, France This paper is the extended version of the paper
More informationLinear Congruences. The solutions to a linear congruence ax b (mod m) are all integers x that satisfy the congruence.
Section 4.4 Linear Congruences Definition: A congruence of the form ax b (mod m), where m is a positive integer, a and b are integers, and x is a variable, is called a linear congruence. The solutions
More informationExploring Signature Schemes with Subliminal Channel
SCIS 2003 The 2003 Symposium on Cryptography and Information Security Hamamatsu,Japan, Jan.26-29,2003 The Institute of Electronics, Information and Communication Engineers Exploring Signature Schemes with
More informationCryptography, Number Theory, and RSA
Cryptography, Number Theory, and RSA Joan Boyar, IMADA, University of Southern Denmark November 2015 Outline Symmetric key cryptography Public key cryptography Introduction to number theory RSA Modular
More informationThe number theory behind cryptography
The University of Vermont May 16, 2017 What is cryptography? Cryptography is the practice and study of techniques for secure communication in the presence of adverse third parties. What is cryptography?
More informationConvolutional Coding in Hybrid Type-II ARQ Schemes on Wireless Channels Sorour Falahati, Tony Ottosson, Arne Svensson and Lin Zihuai Chalmers Univ. of Technology, Dept. of Signals and Systems, Communication
More informationIntroduction to Cryptography
B504 / I538: Introduction to Cryptography Spring 2017 Lecture 11 * modulo the 1-week extension on problems 3 & 4 Assignment 2 * is due! Assignment 3 is out and is due in two weeks! 1 Secrecy vs. integrity
More informationMA/CSSE 473 Day 9. The algorithm (modified) N 1
MA/CSSE 473 Day 9 Primality Testing Encryption Intro The algorithm (modified) To test N for primality Pick positive integers a 1, a 2,, a k < N at random For each a i, check for a N 1 i 1 (mod N) Use the
More informationGustavus J. Simmons Sandia National Laboratories Applied Mathematics Department Albuquerque, New Mexico Introduction
A SECURE SUBLIMINAL CHANNZL (?) Gustavus J. Simmons Sandia National Laboratories Applied Mathematics Department Albuquerque, New Mexico 87185 Introduction At Crypto'83, the present author showed that a
More informationSome Cryptanalysis of the Block Cipher BCMPQ
Some Cryptanalysis of the Block Cipher BCMPQ V. Dimitrova, M. Kostadinoski, Z. Trajcheska, M. Petkovska and D. Buhov Faculty of Computer Science and Engineering Ss. Cyril and Methodius University, Skopje,
More informationLeandro Chaves Rêgo. Unawareness in Extensive Form Games. Joint work with: Joseph Halpern (Cornell) Statistics Department, UFPE, Brazil.
Unawareness in Extensive Form Games Leandro Chaves Rêgo Statistics Department, UFPE, Brazil Joint work with: Joseph Halpern (Cornell) January 2014 Motivation Problem: Most work on game theory assumes that:
More informationDiffie-Hellman key-exchange protocol
Diffie-Hellman key-exchange protocol This protocol allows two users to choose a common secret key, for DES or AES, say, while communicating over an insecure channel (with eavesdroppers). The two users
More informationRECEIVER TRANSMITTER CHANNEL. n[i] g[i] Decoder. y[i] Channel Estimator. x[i] w Encoder. Power Control S[i] g[i]
To Appear: IEEE Trans. Inform. Theory. Capacity of Fading Channels with Channel ide Information Andrea J. Goldsmith and Pravin P. Varaiya * Abstract We obtain the hannon capacity of a fading channel with
More informationProceedings of Meetings on Acoustics
Proceedings of Meetings on Acoustics Volume 19, 213 http://acousticalsociety.org/ ICA 213 Montreal Montreal, Canada 2-7 June 213 Signal Processing in Acoustics Session 2pSP: Acoustic Signal Processing
More informationCombinations. April 14, 2006
Combinations April 14, 2006 Combinations (cont'd), April 14, 2006 Inclusion-Exclusion Principle Theorem. Let P be a probability distribution on a sample space Ω, and let {A 1, A 2,..., A n } be a nite
More informationChapter 3 LEAST SIGNIFICANT BIT STEGANOGRAPHY TECHNIQUE FOR HIDING COMPRESSED ENCRYPTED DATA USING VARIOUS FILE FORMATS
44 Chapter 3 LEAST SIGNIFICANT BIT STEGANOGRAPHY TECHNIQUE FOR HIDING COMPRESSED ENCRYPTED DATA USING VARIOUS FILE FORMATS 45 CHAPTER 3 Chapter 3: LEAST SIGNIFICANT BIT STEGANOGRAPHY TECHNIQUE FOR HIDING
More informationNew Linear Cryptanalytic Results of Reduced-Round of CAST-128 and CAST-256
New Linear Cryptanalytic Results of Reduced-Round of CAST-28 and CAST-256 Meiqin Wang, Xiaoyun Wang, and Changhui Hu Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education,
More informationSHA-3 and permutation-based cryptography
SHA-3 and permutation-based cryptography Joan Daemen 1 Joint work with Guido Bertoni 1, Michaël Peeters 2 and Gilles Van Assche 1 1 STMicroelectronics 2 NXP Semiconductors Crypto summer school Šibenik,
More informationAsymptotically Optimal Two-Round Perfectly Secure Message Transmission
Asymptotically Optimal Two-Round Perfectly Secure Message Transmission Saurabh Agarwal 1, Ronald Cramer 2 and Robbert de Haan 3 1 Basic Research in Computer Science (http://www.brics.dk), funded by Danish
More informationChapter 4 MASK Encryption: Results with Image Analysis
95 Chapter 4 MASK Encryption: Results with Image Analysis This chapter discusses the tests conducted and analysis made on MASK encryption, with gray scale and colour images. Statistical analysis including
More informationIntroduction to Cryptography CS 355
Introduction to Cryptography CS 355 Lecture 25 Mental Poker And Semantic Security CS 355 Fall 2005 / Lecture 25 1 Lecture Outline Review of number theory The Mental Poker Protocol Semantic security Semantic
More informationSolution: Alice tosses a coin and conveys the result to Bob. Problem: Alice can choose any result.
Example - Coin Toss Coin Toss: Alice and Bob want to toss a coin. Easy to do when they are in the same room. How can they toss a coin over the phone? Mutual Commitments Solution: Alice tosses a coin and
More informationHigh-Capacity Reversible Data Hiding in Encrypted Images using MSB Prediction
High-Capacity Reversible Data Hiding in Encrypted Images using MSB Prediction Pauline Puteaux and William Puech; LIRMM Laboratory UMR 5506 CNRS, University of Montpellier; Montpellier, France Abstract
More informationWe have dened a notion of delay limited capacity for trac with stringent delay requirements.
4 Conclusions We have dened a notion of delay limited capacity for trac with stringent delay requirements. This can be accomplished by a centralized power control to completely mitigate the fading. We
More informationDiscrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography
Discrete Mathematics & Mathematical Reasoning Multiplicative Inverses and Some Cryptography Colin Stirling Informatics Some slides based on ones by Myrto Arapinis Colin Stirling (Informatics) Discrete
More informationB. Substitution Ciphers, continued. 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet.
B. Substitution Ciphers, continued 3. Polyalphabetic: Use multiple maps from the plaintext alphabet to the ciphertext alphabet. Non-periodic case: Running key substitution ciphers use a known text (in
More informationPublic Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014
7 Public Key Cryptography Great Ideas in Theoretical Computer Science Saarland University, Summer 2014 Cryptography studies techniques for secure communication in the presence of third parties. A typical
More informationRSA hybrid encryption schemes
RSA hybrid encryption schemes Louis Granboulan École Normale Supérieure Louis.Granboulan@ens.fr Abstract. This document compares the two published RSA-based hybrid encryption schemes having linear reduction
More informationAvailable online at ScienceDirect. Procedia Computer Science 65 (2015 )
Available online at www.sciencedirect.com ScienceDirect Procedia Computer Science 65 (2015 ) 350 357 International Conference on Communication, Management and Information Technology (ICCMIT 2015) Simulink
More informationA STENO HIDING USING CAMOUFLAGE BASED VISUAL CRYPTOGRAPHY SCHEME
International Journal of Power Control Signal and Computation (IJPCSC) Vol. 2 No. 1 ISSN : 0976-268X A STENO HIDING USING CAMOUFLAGE BASED VISUAL CRYPTOGRAPHY SCHEME 1 P. Arunagiri, 2 B.Rajeswary, 3 S.Arunmozhi
More informationBlock Ciphers Security of block ciphers. Symmetric Ciphers
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2016. Slide: 26 Assume encryption and decryption use the same key. Will discuss how to distribute key to all parties later Symmetric ciphers unusable
More informationBit Permutation Instructions for Accelerating Software Cryptography
Bit Permutation Instructions for Accelerating Software Cryptography Zhijie Shi, Ruby B. Lee Department of Electrical Engineering, Princeton University {zshi, rblee}@ee.princeton.edu Abstract Permutation
More informationEE 418: Network Security and Cryptography
EE 418: Network Security and Cryptography Homework 3 Solutions Assigned: Wednesday, November 2, 2016, Due: Thursday, November 10, 2016 Instructor: Tamara Bonaci Department of Electrical Engineering University
More informationFive-Card Secure Computations Using Unequal Division Shuffle
Five-Card Secure Computations Using Unequal Division Shuffle Akihiro Nishimura, Takuya Nishida, Yu-ichi Hayashi, Takaaki Mizuki, and Hideaki Sone Sone-Mizuki Lab., Graduate School of Information Sciences,
More informationMerkle s Puzzles. c Eli Biham - May 3, Merkle s Puzzles (8)
Merkle s Puzzles See: Merkle, Secrecy, Authentication, and Public Key Systems, UMI Research press, 1982 Merkle, Secure Communications Over Insecure Channels, CACM, Vol. 21, No. 4, pp. 294-299, April 1978
More informationJoint Transmitter-Receiver Adaptive Forward-Link DS-CDMA System
# - Joint Transmitter-Receiver Adaptive orward-link D-CDMA ystem Li Gao and Tan. Wong Department of Electrical & Computer Engineering University of lorida Gainesville lorida 3-3 Abstract A joint transmitter-receiver
More informationRobust Key Establishment in Sensor Networks
Robust Key Establishment in Sensor Networks Yongge Wang Abstract Secure communication guaranteeing reliability, authenticity, and privacy in sensor networks with active adversaries is a challenging research
More informationLECTURE NOTES ON SUBLIMINAL CHANNEL & COMMUNICATION SYSTEM
Department of Software The University of Babylon LECTURE NOTES ON SUBLIMINAL CHANNEL & COMMUNICATION SYSTEM By Dr. Samaher Hussein Ali College of Information Technology, University of Babylon, Iraq Samaher_hussein@yahoo.com
More informationChapter 2 Direct-Sequence Systems
Chapter 2 Direct-Sequence Systems A spread-spectrum signal is one with an extra modulation that expands the signal bandwidth greatly beyond what is required by the underlying coded-data modulation. Spread-spectrum
More informationA New Compression Method for Encrypted Images
Technology, Volume-2, Issue-2, March-April, 2014, pp. 15-19 IASTER 2014, www.iaster.com Online: 2347-5099, Print: 2348-0009 ABSTRACT A New Compression Method for Encrypted Images S. Manimurugan, Naveen
More informationEfficient Card-based Protocols for Generating a Hidden Random Permutation without Fixed Points
Efficient Card-based Protocols for Generating a Hidden Random Permutation without Fixed Points Rie Ishikawa 1, Eikoh Chida 1, and Takaaki Mizuki 2 1 Electrical and Computer Engineering, National Institute
More informationClassical Cryptography
Classical Cryptography CS 6750 Lecture 1 September 10, 2009 Riccardo Pucella Goals of Classical Cryptography Alice wants to send message X to Bob Oscar is on the wire, listening to all communications Alice
More informationPublic Key Encryption
Math 210 Jerry L. Kazdan Public Key Encryption The essence of this procedure is that as far as we currently know, it is difficult to factor a number that is the product of two primes each having many,
More informationOn the Capacity Regions of Two-Way Diamond. Channels
On the Capacity Regions of Two-Way Diamond 1 Channels Mehdi Ashraphijuo, Vaneet Aggarwal and Xiaodong Wang arxiv:1410.5085v1 [cs.it] 19 Oct 2014 Abstract In this paper, we study the capacity regions of
More informationphase switching in radio interferometry Eric Keto Smithsonian Astrophysical Observatory, 60 Garden Street,Cambridge, MA 02138
Shifted m-sequences as an alternative to Walsh functions for phase switching in radio interferometry Eric Keto Smithsonian Astrophysical Observatory, 60 Garden Street,Cambridge, MA 02138 Submillimeter
More informationAutomated Analysis and Synthesis of Block-Cipher Modes of Operation
Automated Analysis and Synthesis of Block-Cipher Modes of Operation Alex J. Malozemoff 1 Jonathan Katz 1 Matthew D. Green 2 1 University of Maryland 2 Johns Hopkins University Presented at the Fall Protocol
More informationarxiv: v1 [nlin.cd] 29 Oct 2007
Analog Chaos-based Secure Communications and Cryptanalysis: A Brief Survey Shujun Li, Gonzalo Alvarez, Zhong Li and Wolfgang A. Halang arxiv:0710.5455v1 [nlin.cd] 29 Oct 2007 Abstract A large number of
More informationCMath 55 PROFESSOR KENNETH A. RIBET. Final Examination May 11, :30AM 2:30PM, 100 Lewis Hall
CMath 55 PROFESSOR KENNETH A. RIBET Final Examination May 11, 015 11:30AM :30PM, 100 Lewis Hall Please put away all books, calculators, cell phones and other devices. You may consult a single two-sided
More informationChaos based Communication System Using Reed Solomon (RS) Coding for AWGN & Rayleigh Fading Channels
2015 IJSRSET Volume 1 Issue 1 Print ISSN : 2395-1990 Online ISSN : 2394-4099 Themed Section: Engineering and Technology Chaos based Communication System Using Reed Solomon (RS) Coding for AWGN & Rayleigh
More informationIntroduction to Cryptography
B504 / I538: Introduction to Cryptography Spring 2017 Lecture 10 Assignment 2 is due on Tuesday! 1 Recall: Pseudorandom generator (PRG) Defⁿ: A (fixed-length) pseudorandom generator (PRG) with expansion
More informationConditional Cube Attack on Reduced-Round Keccak Sponge Function
Conditional Cube Attack on Reduced-Round Keccak Sponge Function Senyang Huang 1, Xiaoyun Wang 1,2,3, Guangwu Xu 4, Meiqin Wang 2,3, Jingyuan Zhao 5 1 Institute for Advanced Study, Tsinghua University,
More informationPublished in: Proceedings of the 3rd International Conference on Information Systems Security and Privacy
Improved Greedy Nonrandomness Detectors for Stream Ciphers Karlsson, Linus; Hell, Martin; Stankovski, Paul Published in: Proceedings of the 3rd International Conference on Information Systems Security
More informationDepartment of Telecommunications. The Norwegian Institute of Technology. N-7034 Trondheim, Norway. and the same power.
OFDM for Digital TV Terrestrial Broadcasting Anders Vahlin and Nils Holte Department of Telecommunications The Norwegian Institute of Technology N-734 Trondheim, Norway ABSTRACT This paper treats the problem
More informationImplementation and Performance Testing of the SQUASH RFID Authentication Protocol
Implementation and Performance Testing of the SQUASH RFID Authentication Protocol Philip Koshy, Justin Valentin and Xiaowen Zhang * Department of Computer Science College of n Island n Island, New York,
More informationOn Symmetric Key Broadcast Encryption
On Symmetric Key Broadcast Encryption Sanjay Bhattacherjee and Palash Sarkar Indian Statistical Institute, Kolkata Elliptic Curve Cryptography (This is not) 2014 Bhattacherjee and Sarkar Symmetric Key
More informationPROBABILITY AND STATISTICS Vol. II - Information Theory and Communication - Tibor Nemetz INFORMATION THEORY AND COMMUNICATION
INFORMATION THEORY AND COMMUNICATION Tibor Nemetz Rényi Mathematical Institute, Hungarian Academy of Sciences, Budapest, Hungary Keywords: Shannon theory, alphabet, capacity, (transmission) channel, channel
More informationRandom Bit Generation and Stream Ciphers
Random Bit Generation and Stream Ciphers Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: 8-1 Overview 1.
More informationHigh Diffusion Cipher: Encryption and Error Correction in a Single Cryptographic Primitive
High Diffusion Cipher: Encryption and Error Correction in a Single Cryptographic Primitive Chetan Nanjunda Mathur, Karthik Narayan and K.P. Subbalakshmi Department of Electrical and Computer Engineering
More informationRSA hybrid encryption schemes
RSA hybrid encryption schemes Louis Granboulan École Normale Supérieure Louis.Granboulan@ens.fr Abstract. This document compares the two published RSA-based hybrid encryption schemes having linear reduction
More informationCOS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017
COS433/Math 473: Cryptography Mark Zhandry Princeton University Spring 2017 Previously Pseudorandom Functions and Permutaitons Modes of Operation Pseudorandom Functions Functions that look like random
More informationPermutation Polynomials Modulo 2 w
Finite Fields and Their Applications 7, 287}292 (2001) doi.10.1006/!ta.2000.0282, available online at http://www.idealibrary.com on Permutation Polynomials Modulo 2 w Ronald L. Rivest Laboratory for Computer
More informationA Comprehensive Review on Secure Image Steganography
25 A Comprehensive Review on Secure Image Steganography Yadavindra College of Engineering, Punjabi University, Patiala kritikasingla23@gmail.com, Purbasumeet@yahoo.co.in Abstract: Steganography is an art
More informationChaotically Modulated RSA/SHIFT Secured IFFT/FFT Based OFDM Wireless System
Chaotically Modulated RSA/SHIFT Secured IFFT/FFT Based OFDM Wireless System Sumathra T 1, Nagaraja N S 2, Shreeganesh Kedilaya B 3 Department of E&C, Srinivas School of Engineering, Mukka, Mangalore Abstract-
More informationReversible Data Hiding in Encrypted color images by Reserving Room before Encryption with LSB Method
ISSN (e): 2250 3005 Vol, 04 Issue, 10 October 2014 International Journal of Computational Engineering Research (IJCER) Reversible Data Hiding in Encrypted color images by Reserving Room before Encryption
More informationEcient Routing in Optical Networks. Alok Aggarwal Amotz Bar-Noy Don Coppersmith. Rajiv Ramaswami Baruch Schieber Madhu Sudan. IBM { Research Division
Ecient Routing in Optical Networks Alok Aggarwal Amotz Bar-Noy Don Coppersmith Rajiv Ramaswami Baruch Schieber Madhu Sudan IBM { Research Division T. J. Watson Research Center Yorktown Heights, NY 10598
More informationEE 418 Network Security and Cryptography Lecture #3
EE 418 Network Security and Cryptography Lecture #3 October 6, 2016 Classical cryptosystems. Lecture notes prepared by Professor Radha Poovendran. Tamara Bonaci Department of Electrical Engineering University
More informationCalculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating by hand.
Midterm #: practice MATH Intro to Number Theory midterm: Thursday, Nov 7 Please print your name: Calculators will not be permitted on the exam. The numbers on the exam will be suitable for calculating
More informationNew Zero-knowledge Undeniable Signatures - Forgery of Signature Equivalent to Factorisation
New Zero-knowledge Undeniable Signatures - Forgery of Signature Equivalent to Factorisation Wenbo Mao Trusted E-Services Laboratory HP Laboratories Bristol HPL-2001-36 February 28 th, 2001* E-mail: wm@hplb.hpl.hp.com
More informationCDMA Physical Layer Built-in Security Enhancement
CDMA Physical Layer Built-in Security Enhancement Jian Ren Tongtong Li 220 Engineering Building Department of Electrical & Computer Engineering Michigan State University East Landing, MI 48864-226 Email:
More informationBER Analysis for Synchronous All-Optical CDMA LANs with Modified Prime Codes
BER Analysis for Synchronous All-Optical CDMA LANs with Modified Prime Codes Pham Manh Lam Faculty of Science and Technology, Assumption University Bangkok, Thailand Abstract The analysis of the BER performance
More informationMath 319 Problem Set #7 Solution 18 April 2002
Math 319 Problem Set #7 Solution 18 April 2002 1. ( 2.4, problem 9) Show that if x 2 1 (mod m) and x / ±1 (mod m) then 1 < (x 1, m) < m and 1 < (x + 1, m) < m. Proof: From x 2 1 (mod m) we get m (x 2 1).
More informationMath236 Discrete Maths with Applications
Math236 Discrete Maths with Applications P. Ittmann UKZN, Pietermaritzburg Semester 1, 2012 Ittmann (UKZN PMB) Math236 2012 1 / 43 The Multiplication Principle Theorem Let S be a set of k-tuples (s 1,
More informationCryptography. Module in Autumn Term 2016 University of Birmingham. Lecturers: Mark D. Ryan and David Galindo
Lecturers: Mark D. Ryan and David Galindo. Cryptography 2017. Slide: 1 Cryptography Module in Autumn Term 2016 University of Birmingham Lecturers: Mark D. Ryan and David Galindo Slides originally written
More informationClassification of Ciphers
Classification of Ciphers A Thesis Submitted in Partial Fulfillment of the Requirements for the Degree of Master of Technology by Pooja Maheshwari to the Department of Computer Science & Engineering Indian
More informationVISUAL CRYPTOGRAPHY for COLOR IMAGES USING ERROR DIFFUSION AND PIXEL SYNCHRONIZATION
VISUAL CRYPTOGRAPHY for COLOR IMAGES USING ERROR DIFFUSION AND PIXEL SYNCHRONIZATION Pankaja Patil Department of Computer Science and Engineering Gogte Institute of Technology, Belgaum, Karnataka Bharati
More informationStream Ciphers And Pseudorandomness Revisited. Table of contents
Stream Ciphers And Pseudorandomness Revisited Foundations of Cryptography Computer Science Department Wellesley College Fall 2016 Table of contents Introduction Stream Ciphers Stream ciphers & pseudorandom
More informationNon-overlapping permutation patterns
PU. M. A. Vol. 22 (2011), No.2, pp. 99 105 Non-overlapping permutation patterns Miklós Bóna Department of Mathematics University of Florida 358 Little Hall, PO Box 118105 Gainesville, FL 326118105 (USA)
More informationIdentity-based multisignature with message recovery
University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers: Part A Faculty of Engineering and Information Sciences 2013 Identity-based multisignature with message
More informationKeywords: dynamic P-Box and S-box, modular calculations, prime numbers, key encryption, code breaking.
INTRODUCING DYNAMIC P-BOX AND S-BOX BASED ON MODULAR CALCULATION AND KEY ENCRYPTION FOR ADDING TO CURRENT CRYPTOGRAPHIC SYSTEMS AGAINST THE LINEAR AND DIFFERENTIAL CRYPTANALYSIS M. Zobeiri and B. Mazloom-Nezhad
More informationPublic Key Cryptography
Public Key Cryptography How mathematics allows us to send our most secret messages quite openly without revealing their contents - except only to those who are supposed to read them The mathematical ideas
More informationLecture 1: Introduction
Lecture 1: Introduction Instructor: Omkant Pandey Spring 2018 (CSE390) Instructor: Omkant Pandey Lecture 1: Introduction Spring 2018 (CSE390) 1 / 13 Cryptography Most of us rely on cryptography everyday
More informationPublic-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 5: Cryptographic Algorithms Common Encryption Algorithms RSA
More informationInputs. Outputs. Outputs. Inputs. Outputs. Inputs
Permutation Admissibility in Shue-Exchange Networks with Arbitrary Number of Stages Nabanita Das Bhargab B. Bhattacharya Rekha Menon Indian Statistical Institute Calcutta, India ndas@isical.ac.in Sergei
More informationAn on-chip glitchy-clock generator and its application to safe-error attack
An on-chip glitchy-clock generator and its application to safe-error attack Sho Endo, Takeshi Sugawara, Naofumi Homma, Takafumi Aoki and Akashi Satoh Graduate School of Information Sciences, Tohoku University
More information1. The chance of getting a flush in a 5-card poker hand is about 2 in 1000.
CS 70 Discrete Mathematics for CS Spring 2008 David Wagner Note 15 Introduction to Discrete Probability Probability theory has its origins in gambling analyzing card games, dice, roulette wheels. Today
More informationLOSSLESS CRYPTO-DATA HIDING IN MEDICAL IMAGES WITHOUT INCREASING THE ORIGINAL IMAGE SIZE THE METHOD
LOSSLESS CRYPTO-DATA HIDING IN MEDICAL IMAGES WITHOUT INCREASING THE ORIGINAL IMAGE SIZE J.M. Rodrigues, W. Puech and C. Fiorio Laboratoire d Informatique Robotique et Microlectronique de Montpellier LIRMM,
More informationA Soft-Limiting Receiver Structure for Time-Hopping UWB in Multiple Access Interference
2006 IEEE Ninth International Symposium on Spread Spectrum Techniques and Applications A Soft-Limiting Receiver Structure for Time-Hopping UWB in Multiple Access Interference Norman C. Beaulieu, Fellow,
More informationLab/Project Error Control Coding using LDPC Codes and HARQ
Linköping University Campus Norrköping Department of Science and Technology Erik Bergfeldt TNE066 Telecommunications Lab/Project Error Control Coding using LDPC Codes and HARQ Error control coding is an
More information