Laboratory of Cryptography and System Security

crysys.hu/
Budapest, Hungary
SEARCH FILTERS
Time filter
Source Type

Buttyan L.,Laboratory of Cryptography and System Security | Grilo A.M.,University of Lisbon
IEEE International Conference on Communications | Year: 2011

We propose a secure distributed transport protocol for wireless sensor networks that resists against attacks on the reliability service provided by the protocol, as well as against energy depleting attacks. Our protocol is based on the Distributed Transport for Sensor Networks (DTSN) protocol, to which we add a security extension that consists in an efficient, symmetric key based authentication scheme for control packets. Besides describing the operation of our protocol, we also provide its analysis in terms of security and overhead. © 2011 IEEE.


Laszka A.,Laboratory of Cryptography and System Security | Szeszler D.,Budapest University of Technology and Economics | Buttyan L.,Laboratory of Cryptography and System Security
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2012

In order to design robust networks, first, one has to be able to measure robustness of network topologies. In [1], a game-theoretic model, the network blocking game, was proposed for this purpose, where a network operator and an attacker interact in a zero-sum game played on a network topology, and the value of the equilibrium payoff in this game is interpreted as a measure of robustness of that topology. The payoff for a given pair of pure strategies is based on a loss-in-value function. Besides measuring the robustness of network topologies, the model can be also used to identify critical edges that are likely to be attacked. Unfortunately, previously proposed loss-in-value functions are either too simplistic or lead to a game whose equilibrium is not known to be computable in polynomial time. In this paper, we propose a new, linear loss-in-value function, which is meaningful and leads to a game whose equilibrium is efficiently computable. Furthermore, we show that the resulting game-theoretic robustness metric is related to the Cheeger constant of the topology graph, which is a well-known metric in graph theory. © 2012 Springer-Verlag.


Laszka A.,Laboratory of Cryptography and System Security | Foldes A.M.,Budapest University of Technology and Economics
Infocommunications Journal | Year: 2013

Recently, content-adaptive steganography was modeled by Johnson et al. as a stochastic, two-player, zero-sum game between a steganographer and a steganalyst [1]. To model economically rational steganalysts, we generalize this model by introducing a non-uniform cost of steganalysis. We characterize the Nash equilibria of our game based on the theory of blocking games [2], a class of quasi-zero-sum games, which were previously used to study the attack-resilience of systems and networks. Finally, we provide efficiently computable linear programs for finding an equilibrium. To the best of our knowledge, our paper is not only the first one to solve our generalized model, but it is also the first one to solve the original model for every possible combination of the parameter values.


Pek G.,Laboratory of Cryptography and System Security | Buttyan L.,Budapest University of Technology and Economics | Bencsath B.,Budapest University of Technology and Economics
ACM Computing Surveys | Year: 2013

Virtualization is a powerful technology for increasing the efficiency of computing services; however, besides its advantages, it also raises a number of security issues. In this article, we provide a thorough survey of those security issues in hardware virtualization. We focus on potential vulnerabilities and existing attacks on various virtualization platforms, but we also briefly sketch some possible countermeasures. To the best of our knowledge, this is the first survey of security issues in hardware virtualization with this level of details. Moreover, the adversary model and the structuring of the attack vectors are original contributions, never published before. © 2013 ACM.


Laszka A.,Laboratory of Cryptography and System Security | Gueye A.,U.S. National Institute of Standards and Technology
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2013

Recently, network blocking game (NBG) models have been introduced and utilized to quantify the vulnerability of network topologies in adversarial environments. In NBG models, the payoff matrix of the game is only "implicitly " given. As a consequence, computing a Nash equilibrium in these games is expected to be harder than in more conventional models, where the payoff matrix is "explicitly " given. In this paper, we first show that computing a Nash equilibrium of a NBG is in general NP-hard. Surprisingly, however, there are particular interesting cases for which the game can be solved in polynomial time. We revisit these cases in a framework where the network is to be operated under budget constraints, which previous models did not consider. We generalize previous blocking games by introducing a budget limit on the operator and consider two constraint formulations: the maximum and the expected cost constraints. For practical applications, the greatest challenge posed by blocking games is their computational complexity. Therefore, we show that the maximum cost constraint leads to NP-hard problems, even for games that were shown to be efficiently solvable in the unconstrained case. On the other hand, we show that the expected cost constraint formulation leads to games that can be solved efficiently. © Springer International Publishing 2013.


Dvir A.,Laboratory of Cryptography and System Security | Holczer T.,Laboratory of Cryptography and System Security | Buttyan L.,Laboratory of Cryptography and System Security
Proceedings - 8th IEEE International Conference on Mobile Ad-hoc and Sensor Systems, MASS 2011 | Year: 2011

Designing a routing protocol for large low-power and lossy networks (LLNs), consisting of thousands of constrained nodes and unreliable links, presents new challenges. The IPv6 Routing Protocol for Low-power and Lossy Networks (RPL), have been developed by the IETF ROLL Working Group as a preferred routing protocol to provide IPv6 routing functionality in LLNs. RPL provides path diversity by building and maintaining directed acyclic graphs (DAG) rooted at one (or more) gateway. However, an adversary that impersonates a gateway or has compromised one of the nodes close to the gateway can divert a large part of network traffic forward itself and/or exhaust the nodes' batteries. Therefore in RPL, special security care must be taken when the Destination Oriented Directed Acyclic Graph (DODAG) root is updating the Version Number by which reconstruction of the routing topology can be initiated. The same care also must be taken to prevent an internal attacker (compromised DODAG node) to publish decreased Rank value, which causes a large part of the DODAG to connect to the DODAG root via the attacker and give it the ability to eavesdrop a large part of the network traffic forward itself. Unfortunately, the currently available security services in RPL will not protect against a compromised internal node that can construct and disseminate fake messages. In this paper, a new security service is described that prevents any misbehaving node from illegitimately increasing the Version Number and compromise illegitimate decreased Rank values. © 2011 IEEE.


Shakiba M.,Laboratory of Cryptography and System Security | Dakhilalian M.,Laboratory of Cryptography and System Security | Mala H.,Laboratory of Cryptography and System Security
Journal of Systems and Software | Year: 2010

In this paper, we introduce a new impossible differential cryptanalysis of Zodiac that is considerably more effective than the one in the previous work (Hong et al., 2002). Using two new 13-round impossible differential characteristics and the early abort technique, this 3R-Attack breaks 128-bit key full-round Zodiac with complexity less than 271.3 encryptions, which is practical. This result is approximately 248 times better than what mentioned in the earlier work. Our result reveals depth of Zodiac's weakness against impossible differential cryptanalysis due to its poor diffusion layer. We also obtain a tighter upper bound for time complexity. © 2009 Elsevier Inc. All rights reserved.


Laszka A.,Vanderbilt University | Felegyhazi M.,Vanderbilt University | Felegyhazi M.,Laboratory of Cryptography and System Security | Buttyan L.,Laboratory of Cryptography and System Security
ACM Computing Surveys | Year: 2014

Risks faced by information system operators and users are not only determined by their own security posture, but are also heavily affected by the security-related decisions of others. This interdependence between information system operators and users is a fundamental property that shapes the efficiency of security defense solutions. Game theory is the most appropriate method to model the strategic interactions between these participants. In this survey, we summarize game-Theoretic interdependence models, characterize the emerging security inefficiencies, and present mechanisms to improve the security decisions of the participants. We focus our attention on games with interdependent defenders and do not discuss two-player attacker-defender games. Our goal is to distill the main insights from the state of the art and to identify the areas that need more attention from the research community. © 2014 ACM.


Horvath M.,Laboratory of Cryptography and System Security
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2015

In this work, we aim to make attribute-based encryption (ABE) more suitable for access control to data stored in the cloud. For this purpose, we concentrate on giving to the encryptor full control over the access rights, providing feasible key management even in case of multiple independent authorities, and enabling viable user revocation, which is essential in practice. Our main result is an extension of the decentralized CP-ABE scheme of Lewko and Waters [6] with identity-based user revocation. Our revocation system is made feasible by removing the computational burden of a revocation event from the cloud service provider, at the expense of some permanent, yet acceptable overhead of the encryption and decryption algorithms run by the users. Thus, the computation overhead s distributed over a potentially large number of users, instead of putting it on a single party (e.g., a proxy server), which would easily lead to a performance bottleneck. The formal security proof of our scheme is given in the generic bilinear group and random oracle models. © Springer-Verlag Berlin Heidelberg 2015.


Loading Laboratory of Cryptography and System Security collaborators
Loading Laboratory of Cryptography and System Security collaborators