فصلنامه پدافند الکترونیکی و سایبری
سال هفتم شماره 3 (پیاپی 27، پاییز 1398)

In symmetric encryption, block ciphers are more important than stream ciphers, message authentication codes and authenticated encryption schemes, because they are often used as the secure building blocks of other types. Structural analysis is one of the block ciphers cryptanalysis methods which performs attacks without prior knowledge of their internal operators such as permutations and s-boxes. In this paper, using a known 4-rounds integral distinguisher on AES, for the first time, two integral attacks are made on a new native block cipher with a 256-bit key and block length. These attacks, are made on 1-round and 2-rounds of this 3-rounds block cipher due to the weaknesses of the round function. The memory, data, and time  complexities of the best attack in this article are 232 bytes, 2128 plaintexts and 2206 encryption operations. Given the key's length, the complexity of the attack is less than the complexity of the comprehensive search key space attack (2256) and therefore it is an effective shortcut attack. In addition, some recommendations are made to improve this native cipher.

The need for energy saving and environmental adaptation, has made governments and electric power industries around the world to turn their existing power grids into smart grids. Meanwhile, telecommunication networks play an important role in converting current networks into smart grids. The Wireless Sensor Networks (WSNs) include a large number of low-cost, small, and multi-functional sensor nodes that communicate wirelessly. WSNs are considered as a powerful technology for various applications of the smart grids for reasons such as the ability to run in specific environments, fault tolerance, lower power consumption, automated configuration, rapid development, and low cost. Despite the above advantages, the WSNs face the critical limitation of data transmission latency due to the low connectivity in dense environments. The main goal of this research is to figure out and present methods of media access with the ability to distinguish, prioritize and dela, for wireless sensor networks in smart grids. This goal is achieved by presenting a priority and delay aware method in order to improve the network reliability by dynamic adjustment of the media access control parameters in WSNs. The media access control parameters are the number of back offs, exponent back off, number of retransmissions, and contention window that are optimally adjusted according to the changes in clear channel assessment. In the proposed method, the particle swarm optimization method is exploited to determine appropriate values for the media access parameters.

Mobile AD hoc Networks as a special type of wireless networks have received special attention due to having some special features such as no need for central management, no need for infrastructure and high mobility capability. They can be used in cases where creating an effective communication infrastructure is neither cost-effective nor practically feasible, such as conferences, battles and post-disaster                   communications. Several routing protocols are proposed for these networks. ODMRP protocol is one of the most famous and widely used protocols in Mobile AD hoc networks. This study was carried out to discuss this routing protocol and aimed to provide a new routing method for increasing this protocol’s efficiency. In the ODMRP protocol, the optimal route is selected based on the shortest route. In wireless communications with the nodes getting away from each other, the received signal levels are weakened and may result in loss of data, and in practice, the shortest path that works based on a smaller number of hops loses its effectiveness. In the proposed protocol, the route is selected based on the received signal strength level.  According to the simulation results, control overhead decreases by %30 and packet delivery rate increases by %10, demonstrating performance improvement of the devised protocol compared to the original one.

One of the ways to deal with the effect of jammers, especially intra-band jammers, is to use beamforming in multi-antenna systems. In this method, based on the direction of arrival (DOA) of the desired signal and DOA of the interferer, it is tried to design a beam pattern which has a peak in the direction of the desired source and a null in the direction of interferer. Depth of the null and its location depend on the information obtained about the angle of interferer from electronic support measure (ESM) system. In practice, it is not possible to obtain accurate information from the electronic support measure (ESM) system. In this paper, a beamforming method named estimation error probability based beamformer (EEPBF)which is robust to DOA estimation error has been proposed. Data dependent methods may be more efficient than the proposed method with the cost of more complexity of receiver structure required to extract information from the desired and interference signals, whilst for confronting the interferer our proposed method uses existing systems’ information, taking into account their errors. The proposed method keeps signal to interference plus noise ratio (SINR) in the order of signal to noise ratio (SNR) which can be obtained by error free DOA estimation methods. Simulation results show that the proposed method is more efficient than previous methods and traditional approaches.

Nowadays handwriting is known and accepted as a behavioral biometric. Handwriting-based authentication has become a hot topic of research as a result of increasing handwriting forgery. In this research an offline text-independent method for detection of forgeries in Persian handwritten documents is presented. The proposed approach is based on extracting two dense textures of basic alphabet and some text details. A one class classification (OCC) with only positive (original) samples is used in classification together with Binarization and Skeletonization in the preprocessing phase. Also, a combination of Gabor filter and LPQ descriptor is used to complete the feature vector. Both descriptors have been used for writer identification and verification in English and Persian but this is the first time that the combination of these two is used on a Persian handwriting. We also introduce a new dataset from 62 individuals with 2 pages per each. In the first instance the writers were instructed to copy a preset text and in the second one they were asked to write at least 6 lines about a picture. These instances were to be used as training and testing samples respectively. In order to generate counterfeit samples, we asked 5 qualified calligraphers to duplicate the second sample of each writer. Three forgeries per writer were generated in this way. Tests results are satisfactory and present more than 84% accuracy, demonstrating the quality of the proposed method.

Optimal allocation of jamming resources is one of the requirements in the electronic warfare. Following the design and production of a variety of jammers, this question remains that with jamming resource limitations in an electronic battle scene involving a large number of enemy radars, how should these limited resources be allocated and which radars should be assigned to a jammer. In this regard, the present article addresses allocating jamming resources to the enemy's positioning system (consisting of a number of sensors for parameter estimation and the system for integrating the estimated data) and proposes a new algorithm. Maximization of estimation error is the criterion for jamming resource allocation. In the proposed algorithm, receivers whose disruptions severely affect the accuracy of the estimation are chosen as targets. The Cramer-Rao Lower Bound (CRLB) is used as an error measurement in the jamming resource allocation algorithm. When the receivers to be jammed are determined, the uncertainty of the allocation is removed.

In the light of increased network attacks, payload attribution is an essential part of any forensics analysis of the attack. Usually attribution has to be done based on the payload of the packets. In such techniques network traffic should be stored in its entirety while user privacy is preserved. Bloom filters have been an ideal tool for such requirements. Previous works in this area have tried to minimize the false positive error rate associated with the bloom filter while improving on the data reduction ratio but there has not been any notable research on practical implementations in computer networks. A payload attribution technique should provide a list of connections which are suspects of carrying a specific payload (i.e. malware signature). The problem arises with the fact that there are too many queries required, given the large number of connections and the number of bloom filters involved over long time periods, which results in a large aggregate error rate. In this work, we propose a technique with which a time-based hierarchical bloom filter configuration is proposed to tackle the noted problem. Our evaluation shows that with this proposed technique we are able to limit the false positive error rate of the system as compared to the previously proposed techniques. This leads to an overall error reduction in the payload attribution system. More specifically, the error rate compared to previous work drops from 5.66% to 3.98% which results in reducing the number of incorrectly identified flows by 8400.

In the present era, along with the spread of technology in different fields and the possibility of remotely accomplishing different tasks and using internal networks and the Internet, related problems and challenges have occurred. One of these problems is maintaining the security of information while sending and receiving, to prevent unauthorized access. Watermarking is the science of hiding and covering the information with the highest degree of accuracy in security, in order to securely transfer information between the points of interest, so that even when an unauthorized access happens, there is no access to the watermarked data. There are two important features in watermarking. First, the information embedding should not make significant changes in the host environment, and second, the statistical properties of the cover image and the message should be as close as possible in order to have better cryptography. The main purpose of this paper is to provide a new method based on discrete wavelet transform to achieve a suitable cryptographic method. In this method, based on wavelet transforms, color images are watermarked so that they are not normally visible and their key is needed to view them. Simulation results indicate the efficiency of the proposed method.

Cryptographic algorithms have improved in a way that algorithm-level analysis is no longer capable of obtaining their secret key. However, these systems are still vulnerable to side-channel attacks which focus on side-channel information including power consumption and electromagnetic field radiations to achieve the secret key. Dynamic differential logic is one of the most effective countermeasures against power analysis attacks. In this approach, circuit power consumption is made flattened and uncorrelated to the  secret data. This paper concentrates on several dynamic differential logic approaches most of which are implemented on reconfigurable circuits, and are claimed to be resistant against side-channel attacks. The methods are explained and compared based on vulnerabilities, overheads and implementation details and limitations. Finally, it is concluded that less vulnerable approaches are designed at the expense of more imposed overhead. Research results show that the SDDL method with %200 and the DWDDL method with %1160 have the lowest and highest overheads respectively. However, the most resistant approach explained here, still faces some limitations in placement and routing which hinder its implementations.

Secret sharing refers to methods of distributing a secret amongst a group of participants, each of whom is assigned with a share of the secret. The secret can be reconstructed only when a sufficient number, of possibly different types of shares are combined together. Different secret sharing methods have been      presented, such as secret sharing schemes based on dominating set and edge dominating set. In edge     dominating set method, it is required that all of the edge dominating sets are obtained for the graph, which is a NP-complete problem. All of the edge dominating sets can be easily obtained, using tree decomposition of the graph and dynamic programming. Although generating tree decomposition of a graph with finite treewidth can be solved in polynomial time, but it is shown to be NP-complete for general graphs. In this paper, to generate tree decompositions of general graphs, we use the notion of Imperialist Competitive   Algorithm (ICA) which can be applied in parallel. Therefore, the proposed method, in addition to being a new method for implementation of the secret sharing scheme, can reduce runtime by up to five percent in parallel.

The Jakobsson hybrid mix-net proposed by Jakobsson and Juels, is a very practical and efficient scheme which applies symmetrical and asymmetrical cryptography concurrently to make long input messages   anonymous. In this paper a new attack on the Jakobsson hybrid mix-net is introduced. This attack infringes the faultlessness of the hybrid mix-net scheme. We will show that in this new attack, if one of the senders colludes with the first mix server, the first mix server can replace the messages of all other senders with arbitrary messages without being detected.

Median filtering, as a nonlinear content preserving process that is often employed for smoothing and denoising images, has received significant attention from the forensics and documentation research community. In this paper, a detection scheme for median filtering of compressed images is proposed, based on singular value decomposition of the process matrix. In the proposed method, the process matrix is obtained by linear estimation of the decoding process, implementation of median filtering and recompression of the image. The projections of input data over eigenspaces of this process matrix is then used as features of the image. A small number of such features are utilized to classify the image as either original or processed, thus leading to a fast and effective detection scheme for median filtering. The experimental evaluations show that the proposed scheme outperforms the existing methods, particularly over highly compressed images, and its detection error is 2% to 5% lower in comparison to the errors introduced by other detection schemes. The singular value decomposition of the process matrix introduced in this paper, may also be used in detection of other cases of image content manipulation.