Observability Analysis - Detecting When Improved Cryptosystems Fail
نویسندگان
چکیده
In this paper we show that, paradoxically, what looks like a “universal improvement” or a “straight-forward improvement” which enables better security and better reliability on a theoretical level, may in fact, within certain operational contexts, introduce new exposures and attacks, resulting in a weaker operational cryptosystem. We demonstrate a number of such dangerous “improvements”. This implies that careful considerations should be given to the fact that an implemented cryptosystem exists within certain operational environments (which may enable certain types of tampering and other observed information channels via faults, side-channel attacks or behavior of system operators). We use our case studies to draw conclusions about certain investigations required in studying implementations and suggested improvements of cryptosystems; looking at them in the context of their operating environments (combined with their potential adversarial settings). We call these investigations observability analysis.
منابع مشابه
Efficient elliptic curve cryptosystems
Elliptic curve cryptosystems (ECC) are new generations of public key cryptosystems that have a smaller key size for the same level of security. The exponentiation on elliptic curve is the most important operation in ECC, so when the ECC is put into practice, the major problem is how to enhance the speed of the exponentiation. It is thus of great interest to develop algorithms for exponentiation...
متن کاملAn improved approach to find and rank BCC-efficient DMUs in data envelopment analysis (DEA)
Recently, a mixed integer data envelopment analysis (DEA) model has been proposed to find the most BCC-efficient (or the best) decision making unit (DMU) by Toloo (2012). This paper shows that the model may be infeasible in some cases, and when the model is feasible, it may fail to identify the most efficient DMU, correctly. We develop an improved model to find the most BCC-efficient DMU that r...
متن کاملObservability Analysis
In this paper we show that, paradoxically, what looks like a “universal improvement” or a “straight-forward improvement” which enables better security and better reliability on a theoretical level, may in fact, within certain operational contexts, introduce new exposures and attacks, resulting in a weaker operational cryptosystem. We demonstrate a number of such dangerous “improvements”. This i...
متن کاملPower Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack
We apply power analysis on known elliptic curve cryptosystems, and consider an exact implementation of scalar multiplication on elliptic curves for resisting against power attacks. Our proposed algorithm does not decrease the computational performance compared to the conventional scalar multiplication algorithm, whereas previous methods did cost the performance or fail to protect against power ...
متن کاملStructural Controllability and Observability in Influence Diagrams
Influence diagram is a graphical representa tion of belief networks with uncertainty. This article studies the structural properties of a probabilistic model in an influence diagram. In particular, structural controllability the orems and structural observability theorems are developed and algorithms are formulated. Controllability and observability are funda mental concepts in dynamic syste...
متن کامل