Match!
Ed Dawson
Queensland University of Technology
303Publications
32H-index
3,467Citations
Publications 304
Newest
We show that a particular class of stream ciphers - namely those in which the output function contains a bitwise AND operation - are susceptible to a differential fault attack using random faults. Several finalists and other candidates from the recent CAESAR competition fall into this category, including the AEGIS variants, Tiaoxin and the MORUS family. Attack outcomes range from key or full state recovery for Tiaoxin, to full state recovery for the AEGIS family and partial state recovery for MO...
#1Harry Bartlett (QUT: Queensland University of Technology)H-Index: 8
#2Ed Dawson (QUT: Queensland University of Technology)H-Index: 32
Last.Kenneth Koon-Ho Wong (QUT: Queensland University of Technology)H-Index: 7
view all 6 authors...
In this paper, we show that stream ciphers with a particular form of ciphertext output function are vulnerable to differential fault attacks using random faults. The CAESAR competition candidates Tiaoxin-346 and AEGIS-128L both fall into this category, and we show that our attack can be used to recover the secret key of Tiaoxin-346 and the entire state of AEGIS-128L with practical complexity. In the case of AEGIS-128L, the attack can be applied in a ciphertext-only scenario. Our attacks are more...
Source
#1Hassan Qahur Al Mahri (QUT: Queensland University of Technology)H-Index: 1
#2Leonie Simpson (QUT: Queensland University of Technology)H-Index: 8
Last.Kenneth Koon-Ho Wong (QUT: Queensland University of Technology)H-Index: 7
view all 5 authors...
AEZ is a block cipher mode based on AES which uses three 128‐bit keys. The algorithm has been updated several times during the three rounds of the CAESAR cryptographic competiton. Cryptanalytic results presented on AEZ to date do not breach its security. This paper describes a fault injection analysis on AEZ. We focus on analysing AEZ v4.2 but also investigate the applicability of these analyses to the recent version AEZ v5. This paper shows that all three 128‐bit keys in AEZ v4.2 can be uniquel...
Source
#1Khalid AlissaH-Index: 1
#2Farzad Salim (QUT: Queensland University of Technology)H-Index: 7
Last.Ed Dawson (QUT: Queensland University of Technology)H-Index: 32
view all 4 authors...
Role-based access control (RBAC) is widely accepted and used as an access control model. However, an access control model for a business process environment requires particular capabilities that RBAC does not satisfy, such as active access control and separation of duty that can be dynamically enforced at the level of a business process execution instance. This creates the need for an access control model that is specifically designed to work in a business process environment. This paper identif...
Source
In this article, we analyse a block cipher mode of operation for authenticated encryption known as ++AE (plus-plus-AE). We show that this mode has a fundamental flaw: the scheme does not verify the most significant bit of any block in the plaintext message. This flaw can be exploited by choosing a plaintext message and then constructing multiple forged messages in which the most significant bit of certain blocks is flipped. All of these plaintext messages will generate the same authentication ta...
Source
#1Iftekhar SalamH-Index: 4
#2Leonie SimpsonH-Index: 8
Last.Kenneth Koon-Ho WongH-Index: 7
view all 5 authors...
This paper investigates the application of fault attacks to the authenticated encryption stream cipher algorithm MORUS. We propose fault attacks on MORUS with two different goals: one to breach the confidentiality component, and the other to breach the integrity component. For the fault attack on the confidentiality component of MORUS, we propose two different types of key recovery. The first type is a partial key recovery using a permanent fault model, except for one of the variants of MORUS wh...
Source
#1Iftekhar Salam (QUT: Queensland University of Technology)H-Index: 4
#2Hassan Qahur Al Mahri (QUT: Queensland University of Technology)H-Index: 1
Last.Kenneth Koon-Ho Wong (QUT: Queensland University of Technology)H-Index: 7
view all 6 authors...
This paper describes two different fault injection attacks on the authenticated encryption stream cipher Tiaoxin-346, a third round candidate in the CAESAR cryptographic competition. The first type of fault injection uses a bit-flipping fault model to conduct a forgery attack. The number of faulty bits required for this forgery attack is twice the number of bit modifications made in the input message. The second type of fault injection uses a random fault model in a differential fault attack to ...
Source
#1Khalid AlissaH-Index: 1
#2Jason Reid (QUT: Queensland University of Technology)H-Index: 9
Last.Ed Dawson (QUT: Queensland University of Technology)H-Index: 32
view all 3 authors...
YAWL provides a complete workflow system. It uses its own formal language to define the process model, which can then be translated by the YAWL engine into a working workflow system. The current structure of YAWL allows the process modeller to assign users/roles to perform tasks, but these assignments may not be in compliance with the organisation's authorisation policy. Violating the authorisation policy might lead to significant security risks. This paper introduces SPCC: an authorisation poli...
Source
Aug 1, 2017 in TrustCom (Trust, Security And Privacy In Computing And Communications)
#1Hassan Qahur Al Mahri (QUT: Queensland University of Technology)H-Index: 1
#2Leonie Simpson (QUT: Queensland University of Technology)H-Index: 8
Last.Kenneth Koon-Ho Wong (QUT: Queensland University of Technology)H-Index: 7
view all 5 authors...
This paper investigates differential fault attacks against AEZ v4.2 authenticated encryption scheme. AEZ uses three different 128-bit keys (I, J, L) and can potentially work without a nonce or with a repeated nonce. Under these conditions, this paper identifies the best place to apply differential fault attacks. We exploit the structure of AEZ to minimise the total number of faults required for key recovery. We propose an approach that can reduce the number of fault injections required to retrie...
1 CitationsSource
Aug 1, 2017 in TrustCom (Trust, Security And Privacy In Computing And Communications)
#1Iftekhar Salam (QUT: Queensland University of Technology)H-Index: 4
#2Leonie Simpson (QUT: Queensland University of Technology)H-Index: 8
Last.Kenneth Koon-Ho Wong (QUT: Queensland University of Technology)H-Index: 7
view all 6 authors...
We investigated the application of cube attacks to MORUS, a candidate in the CAESAR competition. We applied the cube attack to a version of MORUS where the initialization phase is reduced from 16 steps to 4. Our analysis shows that the cube attack can successfully recover the secret key of MORUS-640 with a total complexity of about 2^10 for this reduced version, and similarly for MORUS-1280 with complexity 2^9. Additionally, we obtained cubes resulting in distinguishers for 5 steps of the initia...
12 CitationsSource
12345678910