abstracts - semantic scholar · d. poulakis a new lattice attack on dsa schemes 13 ... multivariate...
TRANSCRIPT
Abstracts
Editor: Nicholas J. Daras
2nd International Conference on
Cryptography, Network Security
and Applications in the Armed Forces
Hellenic Military Academy
April 2, 2014
2 Hellenic Military Academy
Hellenic Military Academy 3
Contents
Invited Speaker 7
R. Rolland Randomness in Cryptography 9
Code Systems and Cryptanalysis 11
D. Poulakis A New Lattice Attack on DSA Schemes 13
T. Mourouzis, N. Courtois and
N. Komninos
Advanced Truncated Differential
Cryptanalysis of GOST Block Cipher
17
P. Angelidakis and C. Pappa The Viterbi Decoding Algorithm in
Convolutional Codes & its Applications in
Wireless Systems of the Armed Forces
22
T. Mourouzis, N. Komninos,
N. Courtois and M. Christofi
Towards a Combined Rotational-Differential
Cryptanalytic Framework
26
Random Number Generators and
Quantum Cryptography
31
A.N. Veneti, G.C. Meletiou and
M.N. Vrahatis
Fractal Dimension as an Assessment Metric
for Pseudorandom Number Generators 33
G. Marinakis Design and Evaluation of Random Number
Generators
35
E. S. Athanasiadou, V. F. Dionysatos,
P. N. Koumantos and P. K. Pavlakos
Existence and Uniqueness of Quantum
Stochastic Flows
36
D. P. Kalogeras Quantum Encryption – Critical Approach and
Implementation
37
Cryptology: Methods and Applications 39
A.Kontogeorgis Elliptic Curves. Construction using Complex
Multiplication.
41
T. G. Kostis Defence against Stealth Aircraft Using
Cognitive Radar Strategies
42
S. D. Hasapis and D. Panagopoulos A Survey of Group-Based Cryptography 44
A. V. Doumas How Many Trials Does It Take To Collect all
Different Types of a Population with
Probability ?
45
4 Hellenic Military Academy
Cryptosystems and Computations 47
E. Konstantinou and A.Kontogeorgis Selecting Class Polynomials for the
Generation of Elliptic Curves
49
G. C. Meletiou, D.S. Triantafyllou and
M. N. Vrahatis
Orbit Computations and Matrix Factorization in Finite Fields
50
N. Kolokotronis and K. Limniotis On the Computation of Best Second-Order Approximations of Boolean Functions
52
V. Markoutis, G.C. Meletiou and M.N. Vrahatis
Hierarchical Secret Sharing through Multivariate Birkhoff Interpolation
55
Network Security 57
K. Demertzis and L. Iliadis A Hybrid Artificial Intelligence System for Cyber
Security
59
V.Vlachos, Ch. Bountolos and
A. Papanikolaou
Taxonomy of Cyber-Warfare Operations 63
N. J. Daras Security and Formation of Network-Centric
Operations
67
I. Triantafyllou and M. Koutras Run and Scan Statistics Models and their
Applications in Transposition Systems and
Networks
69
Cyber Warfare 71
S. Papageorgiou Protecting our Cyber Domain from Cyber Attacks 73
P. Mavropoulos Risk Assessment Methodologies for Cyber Attacks
against Critical Infrastructures: The Maritime
Sub-Sector
76
I. Makripoulias, A.Papathanasiou,
A. Papanikolaou and V. Vlachos
Cyber Warfare and Incident Response 79
N. Papadakis Hacking and Securing Java Web Applications 83
Hellenic Military Academy 5
Information Security 85
S. Kollias, A. Papanikolaou and
V.Vlachos
Large-Scale Early Warning System 87
G. Karapilafis Implementation of Artificial Intelligence in
INFOSEC Tasks and Applications
91
K. Lousios The Concept, Utility-Criticality and Necessity of
Infosec in the Armed Forces
92
D. P. Kalogeras Critical Approaching and Implementing some
Direct Sequence Spread Spectrum (DS/SS)
93
Communications Security 95
N. Ouzounoglou Optical Methods in Cryptography and
Cryptanalysis
97
C. Litsas, A. Pagourtzis,
G. Panagiotakos and D. Sakavalas
On the Resilience and Uniqueness of CPA for
Secure Broadcast
98
D. P. Iracleous, N. Doukas and
K. Bourro
Analysis and Measurements of DNS Amplification
Attacks
102
C. Tselikis, A. Poulakidas,
C. Vangelatos and A. Aggelis
A Performance Engineering Study for Delay
Tolerant Networks
104
Cryptosystems and Chaos Theory 105
C. K. Volos, I. M. Kyprianidis,
I. Stouboulos and Viet-Thanh Pham
Image Encryption Scheme Based on Non-
autonomous Chaotic Systems
107
A. S. Andreatos and C. K. Volos Secure Text Encryption Based on Hardware
Chaotic Noise Generator
109
A. S. Andreatos and A. P. Leros Audio Steganography Telecom System
Based on Hénon Chaotic Map
111
Biometrics and Cryptography 115
D. I. Antonoglou, G. I. Antonoglou,
K. Minasidis and A. I. Golfos
Biometric Science and Applications 117
D. P. Kalogeras RNA/DNA Encryption Method- Another
Encryption Algorithm (YEAY)
120
K. Havenetidis, G.P. Paradisis,
I.S. Karanasiou and G.J. Tsekouras
An Investigation of an Artificial Neural
Network for Personal Identification using
Kinematic Parameters from Specific Body
Parts
121
6 Hellenic Military Academy
Hellenic Military Academy 7
Invited Speaker
8 Hellenic Military Academy
Hellenic Military Academy 9
Randomness in Cryptography
Robert Rolland
eRICS and IML, Université d’Aix-Marseille,
Institut de Mathématiques de Marseille, case 907,
F13288 Marseille cedex 9, France
Ε-mail: [email protected]
Abstract Randomness is among the main tools in cryptography. Many cryptographic
primitives or protocols include a random part. It is the case for stream ciphers,
construction of keys, key exchange in the Ephemeral Unified Model, construction of an
initial value, etc.
Usually, it is simulated by a pseudo-random generator or occasionally for a small
number of isolated values by a built in physical generator. For a very long sequence as
in the case of a stream cipher, we refer to the European Project eSTREAM:
http://www.ecrypt.eu.org/stream/
In the first part, the talk presents a practical study of the concept of randomness in
cryptography. This includes a practical way to construct a seed and a pseudo-random
generator for medium size data in a Linux environment.
The second part is theoretical. In this part we precisely define the notion of
pseudorandom generator. Then we define the notion of distinguisher and the notion of
prediction. Yao’s theorem ([5]) gives an equivalence between the indistinguishability of
a pseudo-random generator and the unpredictability of the next bit from an asymptotic
point of view. In this talk we present modified versions of Yao’s theorem (see [1]) which
can be of interest for the study of practical cryptographic primitives. In particular we
consider non-asymptotic versions. We study the case of one pseudo-random generator,
then the case of a family of pseudo-random generators with the same fixed length and
finally we consider the asymptotic case. We compute in each case the cost of the
reduction (in the sense of complexity theory) between the two algorithms.
Some books on pseudo-random generators as well as probabilistic algorithms and
proofs are given in the following bibliography.
10 Hellenic Military Academy
References
[1] Stéphane Ballet and Robert Rolland: A note on a Yao’s theorem about pseudo-
random generators, Cryptography and Communications, 3 (4) (2011), pp. 189-206.
[2] Pierre Barthélemy, Robert Rolland, and Pascal Véron: Cryptographie : principes et
mises en œuvre, 2e édition Lavoisier, 2012.
[3] Oded Goldreich: Modern Cryptography, Probabilistic Proofs and Pseudo-
randomness. Number 17 in Algorithms and Combinatorics, Springer, 1999.
[4] Michael Luby: Pseudorandomness and Cryptographic Applications. Princeton
University Press, 1996.
[5] Andrew C. Yao: Theory and Applications of Trapdoor Functions, in Proceedings of
the 23rd IEEE Symposium on Foundations of Computer Science, pages 80–91, IEEE
Computer Society, 1982.
Hellenic Military Academy 11
Code Systems and
Cryptanalysis
12 Hellenic Military Academy
Hellenic Military Academy 13
A New Lattice Attack on DSA Schemes
Dimitrios Poulakis
Department of Mathematics, Aristotle University of Thessaloniki
Thessaloniki, GR- 54124, Greece
Ε-mail: [email protected]
Abstract In 1991, the U.S. government's National Institute of Standards and
Technology (NIST) proposed the Digital Signature Algorithm (DSA) [13, 11, 9].
It is an efficient variant of the ElGamal digital signature scheme [4] intended for
applications which require data integrity assurance and data authentication. In 1998, an
elliptic curve analogue called Elliptic Curve Digital Signature Algorithm (ECDSA) was
proposed and standardized [6, 8, 9].
First, we shall recall the descriptions of DSA and ECDSA. For DSA, the signer chooses a
prime of size between and bits with increments of , is a prime of size
with and is a generator of the unique order subgroup of . In 2013,
specifies the sizes of and , respectively, in , ,
and . Further, he chooses and computes
. The public key of the signer is and his private key . He also
chooses a publicly known hash function mapping messages to . To sign
a message , he chooses a random number which is the ephemeral
key, computes and . The signature of
is the pair . The veri_cation of the signature is performed by checking
.
The ECDSA uses an elliptic curve over and a point with order a prime
of size around bits. The signer selects and computes . Its
public key is and his private key . To sign a message having hash value
, he selects a random number which is the
ephemeral key and computes (where and are regarded as integer
between and ). Next, he computes and .
The signature of m is the pair . For the veri_cation of the signature one computes
14 Hellenic Military Academy
, and . He accepts the
signature if and only if .
The only known way to forge signature is to recover either the secret key a, or the
ephemeral key (in this case is very easy to compute ). Thus, the parameters of the
two systems were chosen in such a way that the computation of discrete logarithms is
computationally infeasible.
The use of lattices and the so-called LLL reduction method [10] is a well established
tool for attacking a variety of cryptosystems. Attacks to DSA and to ECDSA using
lattice reduction techniques are given in [1], [7], [14], [15], [2], [16], [5] and [3]. A
common feature of these attacks is that take advantage of the form of equality
.
In this talk, we propose a new lattice attack based on the above equality and the
following theorem:
Theorem 1 Let and be positive integers with and integers , …,
. Set ( ). Then the system of congruences
( )
has at most one solution with
.
The time complexity of computation of is .
The proof of this theorem relies on the algorithm of Micciancio and P. Voulgaris [12]
which solves the Closest Vector Problem.
Let be an integer . Suppose that we have signed messages
( ) and theirs signatures , respectively, with DSA (resp. ECDSA). Then
there are g such that
(resp. and )
and
.
Hellenic Military Academy 15
Setting
and
,
we obtain
( ).
Put
Let be the set of maps . Using Theorem 1 we give an algorithm
which computes a provided that
where . Its running time is . Furthermore, we give a variant of
our algorithm which computes under analoguous assumptions. Eliminating a
from the above congruences we give another
variant of our algorithm which computes an ephemeral key , under some
assumpions, and hence .
References
[1] M. Bellare, S. Goldwasser and Micciancio: “Pseudo-random" number generation
within cryptographic algorithms: the DSS case, In Proc. of Crypto '97, LNCS 1294.
IACR, Palo Alto, CA. Springer-Verlag, Berlin 1997.
[2] I. F. Blake and T. Garefalakis: On the security of the digital signature algorithm, Des.
Codes Cryptogr., 26, no. 1-3 (2002), pp. 87-96.
[3] K. Draziotis and D. Poulakis: Lattice attacks on DSA schemes based on Lagrange's
algorithm, in 5th international Conference on Algebraic Informatics, CAI 2013.
Berlin: Springer. LNCS 8080,pp. 119-131 (2013).
[4] T. ElGamal: A public key cryptosystem and a signature scheme based on discrete
logarithm, IEEE Transactions on Information Theory, 31 (1985), 469-472.
[5] J.-L. Faugère, C. Goyet, and G. Renault: Attacking (EC)DSA Given Only an Implicit
Hint, Selected Area of Cryptography, LNCS 7707, pp. 252-274, Springer-Verlag,
Berlin - Heidelberg 2013.
16 Hellenic Military Academy
[6] D. Johnson, A. J. Menezes and S. A. Vastone: The elliptic curve digital signature
algorithm (ECDSA), Intern. J. of Information Security, 1 (2001) 36-63.
[7] N. A. Howgrave-Graham and N. P. Smart: Lattice Attacks on Digital Signature
Schemes, Des. Codes Cryptogr. 23 (2001) 283-290.
[8] N. Koblitz, A. J. Menezes and S. A. Vastone: The state of elliptic curve cryptography,
Des. Codes Cryptogr. 19 (2000), 173-193.
[9] N. Koblitz and A. J. Menezes: A survey of Public-Key Cryptosystems, SIAM REVIEW,
46 (4) (2004), 599-634.
[10] A. K. Lenstra, H. W. Lenstra Jr., and L. Lovász: Factoring polynomials with
rational coefficients, Math. Ann., 261 (1982), 513-534.
[11] A. J. Menezes, P. C. van Oorschot and S. A. Vanstone: Handbook of Applied
Cryptography, CRC Press, Boca Raton, Florida, 1997.
[12] D. Micciancio and P. Voulgaris: A deterministic single exponential time algorithm for
most lattice problems based on Voronoi cell computations, in Proc. of STOC, ACM,
(2010) pages 351-358.
[13] National Institute of Standards and Technology (NIST): FIPS Publication 186:
Digital Signature Standard, May 1994.
[14] P. Nguyen and I. E. Shparlinski: The Insecurity of the Digital Signature Algorithm
with Partially Known Nonces, J. Cryptology, 15 (2002), 151-176.
[15] P. Nguyen and I. E. Shparlinski: The Insecurity of the Elliptic Curve Digital Signature
Algorithm with Partially Known Nonces, Des. Codes Cryptogr. 30 (2003), 201-217.
[16] D. Poulakis: Some Lattice Attacks on DSA and ECDSA, Applicable Algebra in
Engineering, Communication and Computing, 22 (2011), 347-358.
Hellenic Military Academy 17
Advanced Truncated Differential Cryptanalysis of GOST
Block Cipher
Theodosis Mourouzis 1, Nicolas Courtois 2 and Nikos Komninos 3
1Department of CS, University College London, WC1E 6BT E-mail: [email protected]
2Department of CS, University College London, WC1E 6BT E-mail: [email protected]
3Department of CS, City University London, EC1V 0HB E-mail: [email protected]
Abstract Differential Cryptanalysis (DC) is one of the oldest and most powerful
techniques in the area of symmetric cryptanalysis. It is a chosen plaintext attack and its
discovery was attributed to Eli Biham and Adi Shamir in the later 1980’s since they were
the first to publish a differential attack against the FEAL block cipher and then a
similar attack against DES [5, 6]. However, according to a member of the original IBM
DES team, Don Coppersmith, this technique was already known to IBM as early as
1974, and defending against DC had beem a design goal [4]. In addition, some other
sources state that NSA was aware also of this technique and it was decided that since it
should be kept secret.
In DC, the main task is to study how the differences propagate inside the cipher and
discover some interesting propagations which occur with sufficiently good probability
and can be used to distinguish a given number of rounds of the cipher from a random
permutation. These differences expose the non-uniform distribution of some output
differences given one or several input differences.
The method of DC was studied by many cryptographers and many enhancements have
been proposed, which make this technique even more powerful. The most important
one is by Knudsen who proposed advanced forms of DC based on truncated
differentials [7, 8]. A truncated differential is a collection of (non-zero) differences
instead of a single difference [7, 8]. Thus, the problem of studying single differences is
transformed to the problem of studying the propagation of sets of differences.
However, the space now becomes exponentially large and thus the study is infeasible in
practise, unless some shortcuts are found based on the very specific structure of the
given encryption algorithm. Importantly, many block ciphers which were supposed to
be secure against naive DC, they were broken faster than brute-force based on
truncated differential techniques. It is not easy to claim that a cipher is secure against
this technique, since exhausting all possible combinations of sets of differences is
18 Hellenic Military Academy
infeasible and so far there was no theory which provides a measure of security against
truncated DC. We plan to provide such a theory in our future studies.
In this paper, we study the security of GOST block cipher and its variants with respect
to advanced forms of DC and especially using the notion of truncated differentials. Seki
and Kaneko in 2011 have applied this notion to break around 13 rounds of GOST but no
extension to an attack against the full cipher was feasible under their constructions [12].
GOST is a military-grade cipher which was designed by the former Soviet Union. It is
the official encryption standard of the Russian federation given the number 28147-89
by the Government Committee for Standards of the USSR and it is used by large banks
and implemented in many standard cryptography libraries such as, OpenSSL, Crypto++
and RSA security products. It is a 256-bit symmetric-key block cipher that operates on
64-bit blocks [1]. It follows the Feistel Network design paradigm for block ciphers and
has a very simple round function consisting of XORs, substitutions (S-boxes), rotations
and modular additions which applied for 32 rounds.
Except of its military-grade 256-bit key and in theory it could be secure for 200 years,
GOST has also an amazingly low hardware implementation. GOST requires
approximately one fourth of the size of the circuit needed for AES-128 and DES. Thus, it
seems to be a plausible alternative for AES-256 and 3-DES [2].
With respect to its security analysis, according to the Russian standard, GOST is safe to
be used for encrypting secret and classified information and does not limit the security
level. More precisely, at the beginning of the standard it states that “GOST satisfies all
cryptographic requirements and does not limit the grade of security information to be
protected”.
In addition, according to Bruce Schneier [3], GOST is probably stronger than DES with
respect to DC. Except of Schneier, many other prominent cryptographers and ISO
cryptography experts have studied GOST and all seemed to agree that it could be or
should be secure, since no better way to break it except brute force was known.
Gabidulin et al, were the first who conducted a basic assessment of the security of
GOST against linear and differential cryptanalysis [18]. As they have very naively
claimed, 7 rounds are sufficient for a 128-bit level security against DC and that even if
the S-boxes are replaced by the Identity map it is still secure at this level [18].
Until 2010, all researchers in the cryptographic community claimed that “despite
considerable cryptanalytic efforts spent in the past 200 years, GOST is still not broken”.
Since GOST seems to offer a perfect balance between security and efficient
implementation, when GOST was submitted to ISO 18033-3. By the same year of
submission, many attacks against the full block cipher were discovered and presented
in several conferences; reflection attacks, attacks based on double reflections, related-
key attacks and advanced differential attacks [13, 14, 15, 16]. In 2011, we have discovered
and published some interesting and very strong truncated differential properties of
Hellenic Military Academy 19
GOST and some other of its variants by introducing a refinement of Knudsen’s
approach which partitions the classical truncated differentials into disjoint sub-sets. In
particular Courtois and Mourouzis have introduced the notion of general open sets
which are sets constructed based on the connections between the S-boxes from round
to round and are of partitioning type [9]. Then, using a black-box evolutionary
algorithm [10, 17], they discovered interesting 8-round propagations, which can be
combined effectively and produce distinguishers for 20 rounds of GOST. The notion of
general open sets shows that good truncated differential properties can be found for all
variants of GOST and that they mainly depend on the connections between S-boxes
from round to round and not on their values.
In particular, Courtois and Mourouzis presented very strong statistical 20 round
distinguisher for three different variants of GOST [9]; TestParamSet,
CryptoProParamSet and ISO 18033-3. All these sets are of major importance since they
are implemented in many standards and used by many organizations. The first one
appears as the default set of S-boxes used in all available implementations. The second
one is used in the hash function implementation and by many large bank
organizations, while the last one is the one which is believed to be the strongest and
was suggested in the ISO standardization process to become a global industrial
standard. Extending a statistical distinguisher to an attack against the full block cipher
is a non-trivial task and involves a series of optimization and combinatorial sub-tasks
to be considered and solved. In fact, it is never guaranteed that it will succeed. Courtois
extended a 20 round distinguisher to a full attack against the GOST cipher which uses
the set of S-boxes TestParamSet of time complexity approximately 2179 GOST
encryptions, memory complexity of about 264 and using the full code-book [16]. In
order to achieve the extension, he exploited the self-similarity of the cipher due to the
very weak schedule and the poor diffusion for a limited number of rounds, up to 8
rounds.
In this paper, we use the ideas presented by Courtois and Mourouzis to study the
security of two variants of GOST, which are considered as the simpler and most secure
variants [9]; the one with the S-boxes replaced by the Identity Map and the ISO version
which is assumed to be the strongest one. The advanced differential attacks we present
are of the form of Depth-First Key search, which uses a 20 round distinguisher in the
middle (or equivalently 26-round distinguisher for the simpler version of GOST with
Identity Map) [11]. The main idea is that we consider a partition of the 32 rounds by
placing in the middle the constructed distinguisher. Then, based on the weak diffusion
we can extend these very strong statistical distinguishers to efficiently good filters for
some external rounds. Then, by guessing some key bits for external rounds and
determining some plaintext and ciphertext pairs of specified input-output differences
we can extend the construction to an attack against the full block cipher. Thus, the
technique we apply is a generic cryptanalytic framework of First-Search key search type
20 Hellenic Military Academy
which involves several optimization tasks obtained from the specific structure of the
given encryption algorithm.
The results we obtain are remarkable and they reflect how powerful the differential
attacks are, if appropriate ad-hoc heuristics are found and several non-trivial
optimization tasks are considered and solved based on the structure of the very specific
encryption algorithm we study. Using the entire codebook, we present an attack of
time complexity approximately 2160 GOST encryptions against the full 32 rounds of the
simplest GOST variant and an attack of time complexity approximately 2244:4 GOST
encryptions against the full 32 rounds of the GOST submitted to ISO [11]. Even more
importantly, the attacks we present are always subject to improvements if better
solutions are found to the underlying optimization steps we consider. These attacks
can be seen as new parametric form of advanced differential attacks, where several
optimization and combinatorial sub-tasks are considered.
References
[1] Aleksandr Malchik: An English translation of GOST Standard by Aleksandr Malchik
with an English Preface co-written with Whitfield Diffie , 1994.
[2] Axel Poschmann, San Ling and Huaxiong Wang, 256 Bit Standardized Crypto for 650
GE GOST Revisited , In CHES 2010, LNCS 6225, pp. 219-233, 2010.
[3] Bruce Schneier, Applied Cryptography, Second Edition ,John Wiley and Sons, 1996.
[4] Don Coppersmith, The Data Encryption Standard (DES) and its strength against
attacks, IBM Journal of Research and Development 38 (3): 243.
doi:10.1147/rd.383.0243, 1994.
[5] Eli Biham and Adi Shamir, Differential Cryptanalysis of the Data Encryption
Standard, Springer-Verlag, ISBN: 0-387-97930-1, 3-540-97930-1, 1993.
[6] Eli Biham and Adi Shamir, Differential cryptanalysis of the full 16-round DES, In
Advances in Cryptology, CRYPTO 92, E. F. Brickel, Ed.,vol. 740 of Lecture Notes in
Computer Science, pp. 487 496, 1992.
[7] Lars Knudsen, Truncated and higher order differentials, In Fast Software Encryption,
pp.196-211, Springer Berlin Heidelberg, 2011.
[8] Lars Knudsen and Matthew Robshaw, The Block Cipher Companion , Springer Berlin
Heidelberg, 1995.
[9] Nicolas T. Courtois and Theodosis Mourouzis, Enhanced Truncated Differential
Cryptanalysis of GOST, In SECRYPT, 2013.
[10] Nicolas T. Courtois and Theodosis Mourouzis, Propagation of Truncated
Differentials in GOST, In SECURWARE, 2013.
[11] Theodosis Mourouzis, Optimizations in Algebraic and Differential Cryptanalysis ,
PhD Thesis, University College London , 2014.
[12] Haruki Seki and Toshinobu Kaneko, Differential cryptanalysis of reduced rounds of
GOST, In Selected Areas in Cryptography, pp. 315-323, Springer Berlin Heidelberg,
2001.
Hellenic Military Academy 21
[13] Takanori Isobe, A single-key attack on the full GOST block cipher, In Fast Software
Encryption, pp. 290-305, Springer Berlin Heidelberg, 2011.
[14] Nicolas T. Courtois, Security Evaluation of GOST 28147-89 In View Of
International Standardisation, IACR Cryptology ePrint Archive, 2011.
[15] Nicolas T. Courtois, Algebraic Complexity Reduction and Cryptanalysis of GOST,
IACR Cryptology ePrint Archive, 2011.
[16] Nicolas T. Courtois, An Improved differential attack on full GOST, IACR
Cryptology ePrint Archive , 2012.
[17] Nicolas T. Courtois, Theodosis Mourouzis, Michal Misztal, Jean-Jacques Quisquater
and Guangyan Song, Can GOST Be Made Secure Against Differential Cryptanalysis?,
In Cryptologia Journal, 2013.
[18] Vitaly Shorin, Vadim Jelezniakov and Ernst Gabidulin, Linear and differential
cryptanalysis of Russian GOST, Electronic Notes in Discrete Mathematics 6, pp. 538-
547 , 2001.
22 Hellenic Military Academy
The Viterbi Decoding Algorithm in Convolutional Codes &
its Applications in Wireless Systems of the Armed Forces
Panagiotis Angelidakis 1 and Christina Pappa 2
21 Bas. Kwnstantiou Street, Maroussi, GR-15122, Greece
E-mails: [email protected] 1, [email protected] 2
Abstract Convolutional codes were first introduced by Elias in 1955 as alternative to
Block codes. En continuity, Wozencraft proposed sequential decoding scheme for
convolutional codes. In 1963, Massey proposed a new method called threshold decoding.
In 1967, Viterbi proposed as an efficient solution the Maximum-Likelihood decoding
scheme that was relatively easy to implement for codes with small memory orders. This
scheme is called Viterbi decoding. Finally, in 1972, Forney was first who came to
conclusion that the Viterbi algorithm could be used to produce the maximum
likelihood estimate of the transmitted sequence over a bandlimited channel with
intersymbol interference – ISI.
So, the objective of our presentation is to present a practical and comprehensible
methodological approach of maximum-likelihood decoding into convolutional codes
that are characterized by a trellis diagram. Maximum-Likelihood decoding is related
with the finding of the shortest path through the trellis code. This algorithm gives the
decoding for convolutional codes following the ’’hard decision’’. For ’’soft decision’’
decoding, we follow a similar process where Hamming distance is replaced by
Euclidean distance.
We present a certain example of the method steps that we follow for the Viterbi
decoding. Let assume the convolutional code
.
Here n express the number of the outputs of the coder and also, the number of the
adders ( math calculations with XOR logic gates), k express the number of the
inputs of the coder. express the length of information sequence. Finally is the
number of the stages of the coder.
1st Step: According to the code parameters , , , we construct the
encoder of this code which is shown in Figure 1.
Hellenic Military Academy 23
Figure 1: The coder of the convolutional code .
2nd Step: Observing the encoder of Figure 1, we can draw the equivalent state diagram.
Figure 2: State diagram.
3rd Step: With the aid of the state diagram, we construct the trellis diagram (Figure 3),
searching for the optimal Viterbi path. The resultant code word is exported from this
optimal path of the trellis diagram.
Figure 3: Trellis diagram & the finding of the optimal Viterbi path.
As it is shown in Figure 3, we can extract the information sequence finding the shortest
path. This corrected output sequence is in opposition
with the received word (i.e., the valid code word v and
the received word , differ in two bits). So, the Viterbi algorithm find and correct these
two corrupted bits.
Additionally, the performance of convolutional codes according to the Viterbi
algorithm decoding depends on the length of information sequence. We present the
24 Hellenic Military Academy
results of simulations for convolutional codes with rates and respectively, with
good distance properties.
Information’s length Generator sequence (octal)
3 5 7 5
4 15 17 6
5 23 35 7
6 53 75 8
7 133 171 10
8 247 371 10
9 561 753 12
10 1167 1545 12
11 2335 3661 14
12 4335 5723 15
13 10533 17661 16
14 21675 27123 16
Table 1: Codes of maximum free distance (with code rate )
Information’s length Generator sequence (octal)
3 5 7 7 8
4 13 15 17 10
5 25 33 37 12
6 47 53 75 13
7 133 145 175 15
8 225 331 367 16
9 557 663 711 18
10 1117 1365 1633 20
11 2353 2671 3175 22
12 4767 5723 6265 24
13 10533 10675 17661 24
14 21645 35661 37133 26
Table 2: Codes of maximum free distance (with code rate )
Viterbi algorithm can be applied to GSM (Global System for Mobile Communications)
and CDMA (Code Division Multiple Access) systems and also to 802.11 wireless LANS.
All these systems are widely used in Armed Forces.
GSM and CDMA are two competing technologies in cellular systems. The basic
difference between these two technologies is how they turn voice data into radio waves
and how the carrier connects to the phone. Other differences include the coverage
area, the data transfer speeds, the capacity of the network and the hardware. Even so,
both technologies can be used in 3G phones. However, 3G-GSM speeds can be faster
than 3G-CDMA speeds.
Hellenic Military Academy 25
Also, The CDMA technology is a good choice for ad hoc networks deployments in army
communications, due to its resistance to jamming and interference. On the other hand,
the performance of an ad hoc CDMA network is limited by strong restrictions.
The communication infrastructure of 802.11 WLANs is characterized by dynamic
changing topology. They do have the ability to provide services and accept services
from other systems. They also provide survivability and QOS (quality of service). On
the other hand, from military point of view, the 802.11 WLANs have several drawbacks,
which are relevant to data security and coverage area.
Finally, the Viterbi algorithm is mainly applied in codes with small information
sequence of length L. For bigger lengths L, we propose other algorithms that face the
weaknesses of the Viterbi decoding.
Acknowledgments
We kindly thank our professor Mr. Konstantinos Karoumpalos, for his helpful
comments and suggestions.
Bibliography
[1] A.J. Viterbi: Error Bounds for Convolutional codes and an asymptotically optimum
decoding algorithm, IEEE Trans. Inf. Theory, IT-13 (1967), pp. 260-269.
[2] G.D. Forney, Jr.: The Viterbi algorithm, Proc. IEEE, 61(1973), pp. 268-278.
[3] G.D. Forney, Jr.: Convolutional codes II: maximum likelihood decoding, Inf. Control,
25(1974), pp. 222-266.
[4] G.D. Forney, Jr.: Maximum likelihood sequence estimation of digital sequences in the
presence of intersymbol interference, IEEE Trans. Inf. Theory, IT-18(1972), 363-378.
[5] J.K. Omura: On the Viterbi Algorithm, IEEE Trans. Inf. Theory, IT-15(1973), pp.177-
179.
[6] John, G. Proakis & Masoud, Salehi: Communication System Engineering, Upper
Saddle River New Jersey, 2001, Prentice- Hall.
[7] K. J. Larsen: Short Convolutional Codes with Maximum Free Distance for Rates 1/2,
1/3 and 1/4, IEEE Trans. Inf. Theory, IT-19(1973), pp.371-372.
[8] Κ. Sam Shanmugam: Digital and Analog Communication Systems, Kansas, 1979,
John Wiley & Sons.
[9] Shu, Lin & Daniel J. Costello, Jr.: Error Control Coding Fundamentals and
Applications, New Jersey, 1983, Prentice- Hall.
[10] Military Communications Conference (MILCOM) 2005, IEEE , 17-20 Oct. 2005,
1059 - 1063 Vol. 2.
26 Hellenic Military Academy
Towards a Combined Rotational-Differential Cryptanalytic Framework
Theodosis Mourouzis 1, Nicolas Courtois 2, Nikos Komninos 3 and Michalis Christofi 4
1Department of CS, University College London, WC1E 6BT E-mail: [email protected]
2Department of CS, University College London, WC1E 6BT E-mail: [email protected]
3Department of CS, City University London, EC1V 0HB E-mail: [email protected]
4Department of CS, King’s College, WC2R 2LS E-mail: [email protected]
Abstract Cryptanalysis is the science of studying given encryption algorithms or any
other cryptographic related mechanism in order to identify potential flaws or
vulnerabilities either in the implementation and the environment or in the
mathematics that underline the mathematical algorithms used. Such flaws can be used
in order to dispute the level of security that the mechanism is claimed to offer and it is
very important if we always enhance existing techniques.
One of the most important and powerful techniques in the area of symmetric
cryptanalysis is the technique of Differential Cryptanalysis (DC). DC can be applied
primarily to block ciphers but also to some extend to stream ciphers and cryptographic
hash functions. Its discovery was attributed to Eli Biham and Adi Shamir in the late
1980s [2, 3], but according to Don Coppersmith this technique was already known to
IBM and NSA as early as 1974 [1]. However, they decided to keep confidential the
description of such powerful attack since it would be possibly able of breaking many
block ciphers or other cryptography standards used in many applications.
The main task in DC is to study the propagation of certain input differences through
different number of rounds and identify some input-output pairs of differences which
propagate with comparatively good probability, compared to what expected in the case
of a random permutation. This non-random behavior of the cipher for reduced number
of rounds can sometimes be extended to a key recovery attack. Several enhancements
were proposed to naive DC such as boomerang attack, impossible differentials and
more importantly truncated differentials as proposed by Knudsen [6, 7]. In truncated
differentials, an attacker studies the propagation of sets of differences instead of single
differences. The problem in attacks involving truncated differentials is the study of the
exponentially large space of differentials. Some adhoc heuristics of the cipher can be
used to speed up the process. For example, Courtois and Mourouzis have suggested
Hellenic Military Academy 27
such heuristics in case of GOST block cipher which can be used in order to construct
reduced round distinguishers for up to 20 rounds [8, 9]. In addition, a framework for
extending a distinguisher to a possibly efficiently good key recovery attack is described
in details in [10].
In addition to DC, we have plenty of other cryptanalytic techniques such as Linear
Cryptanalysis [4, 5], Algebraic Attacks [11] and more recently Rotational Cryptanalysis
by Khovratovich [13]. In linear cryptanalysis, the attacker constructs linear equations
involving plaintext, ciphertext and key bits for a certain number of rounds which can
be used to extend to an attack against the full cipher. In algebraic attacks, an attacker
tries to encode algebraically all cipher’s operations and then using limited data such as
known plaintext-ciphertext pairs tries to solve the underlying system of equations and
derive some key bits. After deriving the algebraic encoding of the given cryptographic
primitive, then ready open-source software can be used to derive the key in an
automated way such as SAT solver. In the other framework, that of rotational
cryptanalysis, the attacker observes the propagation of pairs of inputs or intermediate
states, which have some rotational symmetry towards different number of rounds.
What we end up is a distinguisher in the related-key setting, since here the assumption
of stochastic equivalence is not guaranteed as in case of DC. Such attacks are applicable
to the ARX ciphers which are ciphers widely used in lightweight cryptography since
they have very cheap implementation cost and they involve only three operations;
modular additions, rotations and XOR gates [13].
All these attacks have been studied for many years and many advancements have been
made. Many cryptographers combined such techniques in a cryptanalytic framework
for constructing more efficient techniques. For example, we have algebraic-linear
attacks, where linear equations hold with sufficiently high probability and added to the
algebraic description of the cipher, increasing in this way the probability of being able
to solve the underlying system. Albrecht in his PhD thesis suggested a cryptanalytic
framework of combining algebraic attacks with differential attacks [12] and recently
Mourouzis in his PhD thesis suggested an enhancements of algebraic attacks using
truncated differentials [10].
In this report, we suggest a new cryptanalytic framework of constructing distinguishers
which can be eventually extended to full attacks in the related-key scenario. We name
this new paradigm as ”Relational Cryptanalysis”. The main idea is to exhibit the non-
randomness of a given encryption algorithm by observing the propagation of specific
sets of plaintexts of the form such that these pairs satisfy some rotational and
differential properties of the form
and ,
for some rotational symmetry and fixed set of differences . Except of rotational
and differential properties, we can add any other relation which seems to hold for a
28 Hellenic Military Academy
reduced number of rounds of the cryptographic primitive we study. Intuitively, we
expect that by adding more relations we increase the observed probability of the
propagation and this result to stronger statistical distinguishers.
The main idea behind our statistical distinguishers is to define two sets of relations
and ,
for some relations and and some integers , and then count the number of
expected plaintext pairs
which are related by relations from the set and lead to ciphertext pairs
which are related by relations from set after some rounds . For example, one
relation may denote a specific difference or a set of differences as in truncated
differentials, or a rotational symmetry of the pair of plaintexts by a fixed number of
shifts or any other relation we can find based on the structure of the encryption
algorithm.
We count this number by simulations over random plaintexts and keys and by
repeating this procedure and considering the average number of these pairs we expect
that these events are described by some Gaussian distribution with the mean and
standard deviation computed after running many simulations until the limit of the
probability is obtained. This is essentially a simple application of the Central Limit
Theorem. Thus, it is a non-trivial optimization steps to find the best possible input-
output relations which result in comparatively good probabilities of the propagation we
study. For each encryption standard we need to derive some ad-hoc heuristics derived
from the specific structure in order to have a speed-up in this procedure.
We formalize this new framework inspired from the work of Courtois and Mourouzis
for constructing statistical distinguishers based on truncated differentials for GOST
block cipher and some of its variants [8, 9]. As a proof of concept, we apply this
combined framework using simple toy example ciphers and show that this
combination leads to stronger statistical distinguishers. In addition, we discuss how
this technique can be used in cryptanalysis of hash functions since the attack has full
control over the key and thus working in a related-key scenario makes more sense.
References
[1] Don Coppersmith: The Data Encryption Standard (DES) and its strength against
attacks, IBM Journal of Research and Development 38 (3) (1994) pp. 243.
doi:10.1147/rd.383.0243..
[2] Eli Biham and Adi Shamir: Differential Cryptanalysis of the Data Encryption
Standard, Springer-Verlag, 1993. ISBN: 0-387-97930-1, 3-540-97930-1.
Hellenic Military Academy 29
[3] Eli Biham and Adi Shamir: Differential cryptanalysis of the full 16-round DES, In
Advances in Cryptology, CRYPTO 92, E. F. Brickel, Ed., vol. 740 of Lecture Notes in
Computer Science, pp. 487 496, 1992.
[4] Mitsuru Matsui: The first experimental cryptanalysis of the data encryption
standard, Advances in Cryptology, CRYPTO, 1994.
[5] Mitsuru Matsui: Linear cryptanalysis method for DES cipher, Advances in
Cryptology, EURO-CRYPT, 1993.
[6] Lars Knudsen: Truncated and higher order differentials, In “Fast Software
Encryption”, pp.196-211, Springer Berlin Heidelberg, 2011.
[7] Lars Knudsen and Matthew Robshaw: The Block Cipher Companion, Springer Berlin
Heidelberg, 1995.
[8] Nicolas T. Courtois and Theodosis Mourouzis: Enhanced Truncated Differential
Cryptanalysis of GOST, In SECRYPT, 2013.
[9] Nicolas T. Courtois and Theodosis Mourouzis: Propagation of Truncated
Differentials in GOST, In SECURWARE, 2013.
[10] Theodosis Mourouzis: Optimizations in Algebraic and Differential Cryptanalysis,
PhD Thesis, University College London , 2014.
[11] Gregory Bard: Algorithms for solving linear and polynomial systems of equations over
finite fields to cryptanalysis, PhD Thesis, 2007.
[12] Martin R. Albrecht: Algorithmic Algebraic Techniques and their Application to Block
Cipher Cryptanalysis, PhD Thesis Dissertation, Royal Holloway, University of
London, 2010.
[13] Dmitry Khovratovich and Ivica Nikolic: Rotational Cryptanalysis of ARX, University
of Luxembourg, 2010.
30 Hellenic Military Academy
Hellenic Military Academy 31
Random Number Generators
and Quantum Cryptoraphy
32 Hellenic Military Academy
Hellenic Military Academy 33
Fractal Dimension as an Assessment Metric for
Pseudorandom Number Generators
A.N. Veneti1, G.C. Meletiou2 and M.N. Vrahatis3
1 Computational Intelligence Laboratory, Department of Mathematics, University of
Patras, GR-26110 Patras, Greece
and
Department of Mathematics, University of Patras, GR-26110 Patras, Greece
E-mail: [email protected]
2 A.T.E.I. of Epirus, P.O. 110, GR-47100 Arta, Greece, and
University of Patras Artificial Intelligence Research Center, University of Patras,
GR-26110 Patras, Greece
E-mail: [email protected]
3 Computational Intelligence Laboratory, Department of Mathematics, University of Patras, GR-26110 Patras, Greece
and
Department of Mathematics, University of Patras, GR-26110 Patras, Greece
E-mail: [email protected]
Abstract Scientific experimental results are highly dependent on the "quality" and
quantity of random numbers used for these experiments. Especially in areas such as
stochastic modeling and simulation, deterministic random number generators, known
as pseudorandom number generators are preferred because of reproducibility of the
results and their portability.
Trying to identify pseudorandom number generators which appear to be
random, we examine the suitability of Fractal Dimension measurement for assessing
Pseudorandom Number Generators. The established techniques that are used to
evaluate a generator are focused on statistical features that are designed to detect
correlations into generated random number sequences. On the other hand, Fractal
Dimension is a metric that can express the randomness of the results of a
pseudorandom number generator as it "quantifies" the distribution of pseudorandom
numbers in Euclidean space.
We attempt to evaluate some Pseudorandom Number Generators, like classical
Knuth generator, Blum-Blum-Scoob generator, the generator based on RSA
cryptosystem and the generator based on the discrete logarithm problem. The
computational experiments presented in our work attempt to assess the performance
and the sensitivity of the examined generators.
34 Hellenic Military Academy
References
[1] Pierre L’ Ecuyer: Random number generation, Springer Berlin Heidelberg, 2012.
[2] I. Vattulainen et al.: A comparative study of some pseudorandom number
generators, Computer Physics Communications 86(3) (1995), pp.209-226.
[3] A. J. Menezes, P. C. Van Oorschot and S. A. Vanstone: Handbook of applied
cryptography, CRC press, 2010.
[4] Park, Stephen K., and Keith W. Miller: Random number generators: good ones are
hard to find, Communications of the ACM 31(10) (1988) pp.1192-1201.
[5] C. Casimir: Not Knowing Your Random Number Generator Could Be Costly: Random
Generators-Why Are They Important,
http://www.sml.ee.upatras.gr/uploadedfiles/07-rng0-
!!!!!random_number_generators.pdf
[6] P. Savicky and M. Robnik-Šikonja: Learning random numbers: A Matlab anomaly,
Applied Artificial Intelligence 22(3) (2008) pp. 254-265.
[7] C. Sevcik: A procedure to estimate the fractal dimension of waveforms, arXiv
preprint arXiv: 1003.5266 (2010)
[8] P. D. Alevizos and M.N. Vrahatis: Optimal Dynamic Box-Counting Algorithm,
International Journal of Bifurcation and Chaos 20(12) (2010) pp. 4067-4077
Hellenic Military Academy 35
Design and Evaluation of Random Number Generators
George Marinakis
National Intelligence Service
4, Panagioti Kanellopoulou Str.
GR-101 77, Athens, Greece
E-mail: [email protected]
Abstract In a cryptographic system the most secret component is the key. Therefore,
an essential attention is needed when the keys are produced, loaded, renovated and
distributed (key management). Cryptographic keys are generated using various types of
random number generators (RNGs). If these RNGs are not secure, they will constitute
the weakest point of the cryptosystem, which might be susceptible to various attacks.
In this study we examine the basic components and the security weaknesses of
deterministic and non-deterministic RNGs and we propose procedures and measures
for their secure design and evaluation.
36 Hellenic Military Academy
Existence and Uniqueness of Quantum Stochastic Flows
Evagelia S. Athanasiadou 1, Vasileios F. Dionysatos 2,
Panagiotis N. Koumantos 3 and Panagiotis K. Pavlakos 4
1,2,4 Department of Mathematics, University of Athens, Panepistimiopolis GR-15784 Athens, Greece
4 Department of Physics, University of Athens, Panepistimiopolis GR-15784 Athens, Greece
E-mails: [email protected] 1, [email protected] 2, [email protected] 3, [email protected] 4
Abstract In this work we develop quantum stochastic solution flows of stochastic
(diffusion) differential equations of the form
on a suitable Von Neumann ( , Clifford) algebra of operators with a finite regular
trace. By
it is denoted a linear operator such that (the Hamiltonian operator) is the
infinitesimal generator of an analytic semigroup and is a given quantum stochastic
process taking values in an ordered Banach space of operators (possibly unbounded
operators) on .
The algebra is acting on the Fock space generated by a Hilbert space with
conjugation , in a Quantum Mechanical or Quantum Field System, including
interactions involving quantized Bose-Einstein and Fermion fields (specifically spin
Dirac particles) with an external field via a cutoff Yukawa-type interaction.
Hellenic Military Academy 37
Quantum Encryption – Critical Approach and Implementation
Dionysios P. Kalogeras, Hellenic Army.
(Phd (cand) in Telecommunications, MSc In Networking and Data
Communications, Dipl in Radioelectrology, BSc in Physics
Kanigos st 14 Pireas, GR-18534, Greece
E-mail: [email protected]
Keywords: quantum encryption, quantum secure communication
Abstract It is widely known that security in data communication is a major concern
nowadays. Among the encryption technologies that are available at present, shared key
is the most reliable which depends on secure key generation and distribution.
Quantum encryption algorithms and methods are one od the most discussed
theoretically methods.
A quantum key distribution protocol based on quantum encryption used the Einstein-
Podolsky-Rosen pairs act as the quantum key to encode and decode the classical
cryptography key is discussed. Two schemes are proposed for multiparty quantum
remote secret conference in which each legitimate conferee can read out securely the
secret message announced by another one, but a vicious eavesdropper can get nothing
about it.
The open source matlab Qlib tool is used to simulate the successful transfer of random
qubit to output and which governs perfect communication between Alice and Bob.
38 Hellenic Military Academy
Hellenic Military Academy 39
Cryptology:
Methods and Applications
40 Hellenic Military Academy
Hellenic Military Academy 41
Elliptic Curves. Construction using Complex Multiplication
Aristeidis Kontogeorgis 2
Department of Mathematics, National and Kapodistrian University of Athens, GR-157 84 Panepisimioupolis, Athens, Greece
E-mail: [email protected]
Abstract This presentation aims at giving a short introduction to the theory of Elliptic
curves over a given field, their invariants and their construction so that the talk
“Selecting Class Polynomials for the Generation of Elliptic Curves” of Prof.
Konstantinou will be comprehensible by the audience of the conference.
In particular the interplay between elliptic curves over the complex numbers and finite
fields will be explained. We will finally arrive at the method of complex multiplication,
which is considered to be one of the most efficient methods in construction elliptic
curves over finite fields with given number of points.
42 Hellenic Military Academy
Defence against Stealth Aircraft using Cognitive Radar Strategies
Theodoros G. Kostis
Department of Mathematics and Engineering Sciences,
Hellenic Military Academy,
Vari, GR-16673, Greece
and
Hellenic Quality Assurance & Accreditation Agency for Higher Education, Athens, Greece
E-mail: [email protected]
Keywords Cognitive Radar, Stealth Aircraft, Monostastic AESA/PESA
Abstract Cognitive radar is a promising tool for providing enhanced information about
a target. Analytically the enhancement from ordinary radar systems is the improved
knowledge about a target that is acquired by employing artificial intelligence methods
before declaring detection to the human operator. This is especially useful when the
target is stealth by design and tries to hide as much data about its presence as possible.
Currently detection decision is based on algorithms that declare detection if a certain
amount of energy from a point is above an adjustable threshold from noise
(Continuous False Alarm Rate - CFAR). The detection is enhanced by utilizing many
passes from the same point before the detection declaration (alert-confirm) or
directing portion of the radar energy to tracking and portion to surveillance (trackwhile
scan). With this technology no adaptive real-time changes in waveform according to
the environment or target conditions are made. In contrast cognitive radar theory
involves storing this radar data and creating a feedback loop in order to adjust the next
radar waveform transmission by utilising the memory of the radarreceiver.
The radar detection problem with a stealth aircraft is that the frontal area of the
platform is treated to have as low as a radar cross section as possible.
We propose a possible algorithm that might provide a satisfactory amount of cognition
especially for stealth air targets by using a monostatic radar that is situated in front of
the oncoming aerial target. In other words we would like the radar to be able to be
Hellenic Military Academy 43
more firm about a decision of whether a stealth aerial target is present that would not
have been detected with a conventional radar.
The radar sensor is an active or passive electronically scanned array (AESA or PESA)
antenna. This type of antenna has many elements that provide the functions of the
radar cube, which are beamforming, Doppler processing, synthetic aperture radar
(SAR/ISAR), pulse compression and space-time adaptive processing (STAP).
The proposed cognitive radar methodology introduces an expert system that will
choose to group element outputs according to the radar cube representation. For
example the proposed cognition radar system would learn how to automatically steer
the beamforming function in order to better support the magnifying glass effect of
STAP about an area of interest.
Analytically the methodology involves two parallel steps. The first looks for compatible
spectral varieties in an area with all radar cube formations. This is done by examining
the mutual information of successive passes. Heavy dependence means that the
detected energy has a similar profile, thus it is coming from a non random event like
noise and it has high probability of being an aircraft. Then the prevalent energy
contents are declared as detections. In parallel an eigenfunction analysis is performed
on these detections in order to verify that the detections form a logical track from an
aerial target. Should this be so the cognitive radar alerts about the presence of the faint
stealth target.
Therefore the novelty suggested in this paper is the enhancement of the detection of a
stealthy target by using only one radar looking at the frontal area of the aircraft. The
cost is the utilisation of an expert system and high computer processing power.
In conclusion, the artificial intelligent system that supports the expert system of the
cognitive radar tries to optimally entangle all radar cube functions in order to make a
educated decision of which is the best radar mode for a particular surveillance sector.
44 Hellenic Military Academy
A survey of group-based cryptography
Sotirios D. Hasapis 1 and Demetrius Panagopoulos 2
1 19, S. Davaki Str., Keratsini GR-18757, Greece
E-mail: [email protected]
2 3, Pelopa Str., Gerakas GR-15344, Greece
E-mail: [email protected]
Abstract The article is a short exposition of group-based cryptography. After a short
introduction, the exposition begins with several public key cryptosystems that are
based on group theory.
Next, group-based secret sharing protocols are presented. The relation between group
theory and hash functions and group theory and random generators is studied in the
following two sections.
The article concludes with a few remarks on some recent developments on group
theoretic analogs of classical combinatorial optimization problems.
Hellenic Military Academy 45
How many trials does it take to collect all different types of
a population with probability ?
Aristides V. Doumas
(joint work with) Vassiis G. Papanicolaou
Department of Mathematics, National Technical University of Athens
Zografou Campus, GR-157 80 Athens, Greece
E-mail: [email protected]
Keywords Coupon collector's problem(CCP), higher asymptotics, limit distributions.
Abstract Consider a population whose members are of different types (e.g.colors).
For we denote by the probability that a member of the population is of
type , where
and .
The members of the population are sampled independently with replacement and their
types are recorded. The so-called “coupon collector problem" (CCP) deals with
questions arising in the above procedure. Some key quantities are the moments of the
number TN of trials it takes until all types are detected (at least once).
The coupon collector problem (in its simplest form) had appeared in W. Feller's
classical work (An Introduction to Probability Theory and Its Applications, Vol. I & II,
1966) and has attracted the attention of various researchers since it has found many
applications in several areas of science (computer science, search algorithms,
mathematical programming, cryptography, optimization, learning processes,
engineering, ecology, as well as linguistics.
We discuss briefly the case of equal probabilities namely,
.
Motivated by a well known limiting result of P. Erdös and A. Rényi a few examples are
also presented.
For the general case of unequal probabilities, let
46 Hellenic Military Academy
be a sequence of strictly positive numbers. Then, for each integer , one can create
a probability measure
on the set of types by taking
where
.
A key feature, is that the sequence which produces the 's can be of two (mutually
exclusive) kinds. We develop techniques of computing the asymptotics of the first and
second moment of the number of coupons that a collector has to buy in order to
find all existing different coupons as . In particular, we cover some important
families of distributions (e.g. linear and Zipf). From these asymptotics we obtain the
leading behavior of the variance
of .
Then, we combine our results with the general limit theorems of . Neal in order to
derive the limit distribution of (appropriately normalized), which, for a large class of
probabilities, it turns out to be the standard Gumbel distribution. We also give various
illustrative examples.
Hellenic Military Academy 47
Cryptosystems and
Computations
48 Hellenic Military Academy
Hellenic Military Academy 49
Selecting Class Polynomials for the Generation of Elliptic
Curves
Elisavet Konstantinou1 and Aristeidis Kontogeorgis 2
1Department of Information and Communication Systems Engineering University of the Aegean, GR-83200, Karlovassi, Samos, Greece
E-mail: [email protected]
2Department of Mathematics, National and Kapodistrian University of Athens, GR-157 84 Panepisimioupolis, Athens, Greece
E-mail: [email protected]
Abstract Complex Multiplication (CM) method is a frequently used method for the
generation of ordinary elliptic curves (ECs) in prime fields Fp. This method eventually
entails the use of the roots (modulo the prime number p) of a certain class of
polynomials, called Hilbert polynomials that are characterized by high computational
requirements. However, there are several polynomials, called class polynomials, which
can also be used for the construction of elliptic curves instead of their much more
computationally demanding Hilbert counterparts. The latter do not directly construct
the desired EC, but they can be used to generate the EC provided that one can
transform their roots to the roots of their corresponding (generated by the same
discriminant - ) Hilbert polynomials. Hence, a natural question that arises is which
class field polynomial to use.
In this work, we will present in a unifying manner all possible class field polynomials
that can be used in the CM method and we will provide a theoretical asymptotic bound
for the bit precision requirements of all polynomials. Based on extensive experimental
assessments, we will give a hierarchy of the polynomials regarding their actual
precision requirements and compare these requirements with their theoretical
estimates. Among all known class polynomials, we will show that Weber polynomials
constructed with discriminants - have the smallest height and require the
least precision for their construction. Surprisingly, we will see that this fact does not
necessarily lead to the most efficient computations, since the congruences of
the discriminants affect the degrees of the polynomials.
50 Hellenic Military Academy
Orbit Computations and Matrix Factorization
in Finite Fields
Gerasimos C. Meletiou1, Demetrius S. Triantafyllou2 and Michael N. Vrahatis3
1 A.T.E.I. of Epirus, P.O.110, GR-47100 Arta, Greece,
and
University of Patras Artificial Intelligence Research Center, University of
Patras,GR-26110 Patras, Greece
E-mail: [email protected]
2 Department of Mathematics and Engineering Sciences,
Hellenic Military Academy,
Vari, GR-16673, Greece
E-mail: [email protected]
3Computational Intelligence Laboratory, Department of Mathematics, University of
Patras, GR-26110 Patras, Greece,
E-mail: [email protected]
Abstract The Discrete Logarithm function and the Diffie-Hellman mapping are
revisited. We use Vandermonde matrices for their representation. Both of the above
mentioned cryptographic functions admit expression as a product of matrices.
First we consider orbits of repeated applications of the cryptographic
transformations. The length of the orbit is related to the robustness of the
cryptosystem. We determine it either by computational experiments or with
theoretical tools. We investigate the behavior of powers of matrices constructed from
the generators a of multiplicative groups for several primes in . We study the
convergence of the powers of these matrices to the identity matrix in respect of the
generator a, the prime numbers p and the elements of the main diagonal of the
matrices. Several examples and graphs are given concluding to useful remarks.
Finally, matrix factorization approach (LU factorization) is used. Obtaining
lower bounds of the length of the orbits is one of our goals. Facing the computational
equivalence of the Discrete Logarithm problem and the Diffie-Hellman problem is
another goal.
References
Hellenic Military Academy 51
[1] W. Diffie and M. Hellman: New directions in cryptography, IEEE Trans. Inf. Th.,
22(6) (1976), pp. 644–654.
[2] L. Glebsky and I. Shparlinski: Short Cycles in Repeated Exponentiation Modulo a
Prime, Des. Cod. Crypt., 56(1) (2009), pp. 35–42.
[3] B.N. Datta: Numerical Linear Algebra and Applications, Second Edition,
SIAM, United States of America, 2010.
[4] G.H. and Van Loan, C.F.: Matrix Computations, Third Edition, The John Hopkins University Press, Baltimore, London, 1989.
[5] G. Meletiou and G. Mullen: A note on Discrete Logarithms in finite fields, A.A.E.C.C. 3 (1992), pp. 75–79.
[6] G. C Meletiou, E.C. Laskari, D.K. Tasoulis and M.N. Vrahatis: Matrix
representations of Cryptographic Functions, Journal of Applied Mathematics and
Bioinformatics, 3(1) (2013), pp, 205-213.
[7] G. Meletiou and A. Winterhof: Interpolation of the Double Discrete Logarithm,
LNCS, 5130(2008), pp. 1–10.
[8] D. Triantafyllou, Numerical Linear Algebra methods in Data Encoding and
Decoding, Journal of Applied Mathematics & Bioinformatics, 3(1) (2013), pp. 193-
203.
[9] A. Winterhof: A note on the interpolation of the Diffie-Hellman mapping, Bull.
Austral. Math. Soc., 64(3) (2001), pp. 475–477.
52 Hellenic Military Academy
On the Computation of Best Second-Order Approximations of Boolean Functions
Nicholas Kolokotronis 1 and Konstantinos Limniotis 2,3
1Department of Computer Science and Technology, University of Peloponnese, End of Karaiskaki Street, 22100 Tripolis, Greece
E-mail: [email protected]
2Hellenic Data Protection Authority, Kifissia 1-3, 11523, Athens, Greece E-mail: [email protected]
3Dept. of Informatics and Telecommuncations, National and Kapodistrian University of Athens, 15784, Athens, Greece
E-mail: [email protected]
Abstract Boolean functions have a prominent role in cryptography. Their most
important applications are in the analysis and design of building blocks used in
symmetric cryptosystems, namely s-boxes in block ciphers and filter/combining
functions in stream ciphers. A fundamental property that a Boolean function is
required to have is high non-linearity; it determines the degree to which any
linear/affine function approximates , which in turn exhibits whether any linear
cryptanalytic attacks could be prevented. Nonlinearity has been extensively studied in
the literature, although there are still many open problems, such as computing the
maximum possible nonlinearity that any function with odd number of variables may
achieve ([1]).
More recently, the nonlinearity of order , which extends the classical notion of
nonlinearity, has gained much attention, owing to the fact that more sophisticated
cryptanalytic techniques have been introduced, such as low order approximation
attacks, which can threaten the security of cryptosystems that are resistant against
linear cryptanalytic techniques. More precisely, even if a Boolean function may be not
well approximated by any function of degree , it can not be considered as secure if it is
close to a function of low degree (where is the notable case).
Not much is known about the structure of functions with maximum –order
nonlinearity, as these values are unknown in general. Even the second–order
nonlinearity is unknown for all Boolean functions, with the exception of a small
Hellenic Military Academy 53
number of variables, or some special cases ([4]). Moreover, proving bounds on the
–order nonlinearity is also a hard task, even for . Many results in this area are
stated in terms of other cryptographic properties, e.g. the lower bounds in [2, 11]; other
lower (resp. upper) bounds can be found in [4, 5, 7]–[6, 10, 12]–[14] (resp. [3, 5]). Finally,
computing the –order nonlinearity of a given Boolean function, as well as its best
–order approximations, is known to be a difficult task even for small values of .
In this paper, the problem of computing best 2-nd order approximations of Boolean
functions is studied. We shall first provide an overview of recent results in the area,
emphasizing on known classes of functions whose best 2-nd order approximations can
be efficiently computed due to their special properties - that is the separability ([9]). In
this context, best 2-nd order approximations of known cryptographic functions, lying
in the above classes, will be presented. Moreover, such classes of functions will be
studied from a different point of view, via departing from their algebraic normal form,
which is the basic presentation to reveal the separability property, and focusing on
their Fourier spectra, with the aim to further generalize the currently known results.
References
[1] C. Carlet: Boolean functions for cryptography and error correcting codes, chapter in
“Boolean Methods and Models”, E.Y. Crama and P. Hammer (eds.) Cambridge
University Press, 2006.
[2] C. Carlet: On the higher order nonlinearities of algebraic immune functions, in C.
Dwork (ed.) “Crypto 2006”, LNCS 4117 (2006), pp. 584–601, Springer, Heidelberg.
[3] C. Carlet and S. Mesnager: Improving the upper bounds on the covering radii of
binary Reed-Muller codes, IEEE Trans. Inform. Theory, 53(2007), pp. 162–173.
[4] C. Carlet: Recursive lower bounds on the nonlinearity profile of Boolean functions and
their applications, IEEE Trans. Inform. Theory, 54 (2008), pp. 1262–1272.
[5] G. Cohen and S. Litsyn: On the covering radius of Reed-Muller codes, Discrete Math.,
106107 (1992), pp. 147-155.
[6] T. Iwata and K. Kurosawa: Probabilistic higher order differential attack and higher
order bent functions, in K.Y. Lam, E. Okamoto, and C. Xing (eds.) “Asiacrypt 1999”,
LNCS 1716(1999), pp. 62–74, Springer, Heidelberg..
54 Hellenic Military Academy
[7] S. Gangopadhyay, S. Sarkar and R. Telang: On the lower bounds of the second order
nonlinearity of some Boolean functions, Inform. Sci., vol. 180, no. 2, pp. 266–273,
2010.
[8] M. Garg and S. Gangopadhyay: Good second-order nonlinearity of a bent function via
Niho power function, IACR Cryptology ePrint Archive, report 171, 2011. [available at:
http://eprint.iacr.org/2011/171.pdf ].
[9] N. Kolokotronis, K. Limniotis and N. Kalouptsidis: Best affine and quadratic
approximations of particular classes of boolean functions, IEEE Trans. Inform.
Theory, 55 (11) (2009), pp. 5211–5222.
[10] X. Li, Y. Hu and J. Gao: The lower bounds on the second order nonlinearity of
cubic Boolean functions, IACR Cryptology ePrint Archive, report 009, 2010.
[available at: http://eprint.iacr.org/2010/009.pdf ]
[11] S. Mesnager: Improving the lower bound on the higher order nonlinearity of Boolean
functions with prescribed algebraic immunity, IEEE Trans. Inform. Theory, 54
(2008), pp. 3656–3662.
[12] D. Singh: Second order nonlinearities of some classes of cubic Boolean functions
based on secondary constructions, Int. J. Comput. Sci. Inform. Technol., 2 (2) (2011),
pp. 786–791.
[13] G. Sun and C. Wu: The lower bounds on the second order nonlinearity of three classes
of Boolean functions with high nonlinearity, Inform. Sci., 179 (3) (2009), pp. 267–278.
[14] G. Sun and C. Wu: The lower bound on the second–order nonlinearity of a class of
Boolean functions with high nonlinearity, Appl. Algebra Engrg. Comm. Comput.
(AAECC), 22(2011), pp. 37–45.
Hellenic Military Academy 55
Hierarchical Secret Sharing through Multivariate Birkhoff Interpolation
Vassileios Markoutis1, Gerasimos C. Meletiou2 and Michael N. Vrahatis3
1Department of Mathematics, University of Patras, GR-26110 Patras, Greece,
E-mail: [email protected]
2A.T.E.I. of Epirus, P.O.110, GR-47100 Arta, Greece,
and
University of Patras Artificial Intelligence Research Center, University of
Patras,GR-26110 Patras, Greece
E-mail: [email protected]
3Computational Intelligence Laboratory, Department of Mathematics, University of
Patras, GR-26110 Patras, Greece,
E-mail: [email protected]
Abstract The Shamir's well-known threshold secret sharing scheme ([1], [2]) is been
generalized by Tassa ([3], [4]). The set of participants is divided into levels and a hierarchical
structure is introduced. In this paper Lagrangian interpolation is replaced by Birkhoff
interpolation (a generalization of Lagrange and Hermite) and this is the novelty of the scheme.
In this presentation, we introduce Birkhoff interpolation over multivariate polynomials.
Again the set of participants is divided into levels. However the hierarchical relation between
levels is a kind of partial order.
References
[1] A. Shamir: How to share a secret, Communications of the ACM 22 (1979), pp. 612–613.
[2] G. J. Simmons: How to (really) share a secret, Advances in Cryptology – CRYPTO 88,
LNCS 403 (1990) pp. 390–448.
[3] Tassa Tamir: Hierarchical Threshold Secret Sharing, J. Cryptology 20(2007), pp. 237–264.
[4] Tassa Tamir and Dyn Nira: Multipartite Secret Sharing by Bivariate Interpolation, J.
Cryptology 22(2009), pp. 227–258.
56 Hellenic Military Academy
Hellenic Military Academy 57
Network Security
58 Hellenic Military Academy
Hellenic Military Academy 59
A Hybrid Artificial Intelligence System for Cyber Security
Konstantinos Demertzis (2Lt)1 and Lazaros Iliadis2
1, 2 Democritus University of Thrace,
Department of Forestry & Management of the Environment & Natural Resources
193 Pandazidou st., GR-68200 N Orestiada, Greece
E-mails: [email protected] and [email protected] 2
Keywords: Security, Network Intrusion and Anomalies, Machine Learning, Evolving
Spiking Neural Networks, Multi Layer Neural Networks
Abstract The evolution of network services is closely connected with the
understanding and modeling of their corresponding traffic. The obtained conclusions
are related to a wide range of applications, like the design of the transfer lines’ capacity,
the scalar taxing of customers, the security violations and the spotting of errors and
anomalies. Intrusion detection systems (IDS) monitor and analyze the events in traffic,
in order to locate indications for potential intrusion and integrity violation attacks,
resulting in the violation of trust and availability of information resources. They act in a
complimentary mode with the existing security infrastructure, aiming in the early
warning of the administrator, offering him details that will let him reach proper
decisions and correction actions.
This paper presents the proposal of an online network-based IDS which uses minimum
computational power to analyze only the basic characteristics of network flow, in order
to spot the existence and the type of a potential anomaly in a network. It is a Hybrid
Machine Learning-based Anomaly Detection System, which employs classification
performed by Evolving Spiking Neural Networks (eSNN), in order to properly label a
potential anomaly (PAN) in the net. On the other hand it uses a Multi Layer Feed
Forward (MLFF) ANN in order to classify the exact type of the intrusion.
1. The propose Intrusion Detection System
There are three approaches for designing and building IDS [1]. The Statistical, the
Knowledge based and the Machine Learning one which is in the main core of this
research effort.
1.1. Knowledge-based Anomaly Detection
The Knowledge Based Intrusion Detection systems (KBIDES) classify the data vectors
based on a carefully designed Rule Set or they use models obtained from past
experience in a heuristic mode.
60 Hellenic Military Academy
1.2. Machine Learning-based Anomaly Detection
The Machine Learning Anomaly Detection (MLAD) approach automates the analysis of
the data vectors, and they result in the implementation of systems that have the
capacity to improve their performance as times passes.
1.2.1. The Hybrid Evolving Spiking Anomaly Detection Model
The Hybrid Evolving Spiking Anomaly Detection Model (HESADM) that has been
developed and discussed herein is based in the “Thrope” neural model which intensifies
the importance of the spikes taking place in an earlier moment, whereas the neural
plasticity is used to monitor the learning algorithm by using one-pass learning [2] [3].
The classification process, converts the data vectors in a sequence of spikes (analogues
of biological signals) by using an encoding scheme called Rank Order Population
Encoding (ROPE)[4]. The topology of the e-SNN is strictly the one of a feed forward
ANN, whereas the weights’ updates are done in the synapses of the neurons in the
Input Hidden and Output layers. Figure 1 is a graphical display of the ROPE approach.
Figure 1. The ROPE approach
The e-SNN method was used to identify the anomalies and Intrusions whereas a Multi
Layer Feed Forward (MLFF) ANN was used to classify their types.
2. The Data Set used
The KDDCup 1999 Data [5] set was used to test our approach. This data set was created
in the LincolnLab of MIT and it is the most popular free data set used in evaluation of
IDS. It contains recordings of the total network flow of a local network which was
installed in the Lincoln Labs and it simulates the military network of the USA air force.
The method of events’ analysis includes a connection between a source IP address and
Hellenic Military Academy 61
a destination IP, during which a sequence of TCP packages is exchanged, by using a
specific protocol and a strictly defined operation time.
The KDDCup 1999 Data includes 41 characteristics which are organized in the
following 4 basic categories: Content Features, Traffic Features, Time-based Traffic
Features, Host-based Traffic Features. Also the attack are divided in four categories,
namely: Denial of Service (DoS), Remote to Local (r2l), User to Root (u2r), Probe.
3. Results
The following table 1 shows the successful classification performance of the e-SNN
towards the detection of the intrusions and Anomalies.
Table 1: Results of the (e-SNN) Intrusion Detection approach
Normal Full.data
k-Fold No. of evolved neurons
Elapsed time Classification
Accuracy Class 0 Class1
k-1 662 neurons 164 neurons 1002.99 sec 100.0%
k-2 652 neurons 163 neurons 988.81 sec 100.0%
k-3 628 neurons 154 neurons 986.11 sec 99.5%
k-4 654 neurons 157 neurons 1062.42 sec 100.0%
k-5 640 neurons 165 neurons 956.58 sec 100.0%
k-6 640 neurons 105 neurons 947.57 sec 98.2%
k-7 642 neurons 160 neurons 1025.50 sec 100.0%
k-8 664 neurons 159 neurons 1097.47 sec 99.9%
k-9 645 neurons 166 neurons 1087.74 sec 100.0%
k-10 652 neurons 165 neurons 1031.92 sec 100.0%
average normal Full.data 10-Fold Classification
Accuracy 99,76%
A MLFF ANN was developed with 41 input neurons, corresponding to the 41 input
parameters of the KDDdataset, 33 neurons in the Hidden Layer and 5 in the output one
corresponding to the following output parameters: DoS, r2l, u2r, Probe, normal. The
performance of the classification shown in the following confusion matrices is very
high and it supports the validity of out model.
62 Hellenic Military Academy
Figure 2. The confusion Matrix with the performance of the intrusion type
classification.
References
[1] P. Garcıa-Teodoro, J. Dıaz-Verdejo, G. Macia-Fernandez, E. Vazquez: Anomaly-
based network intrusion detection: Techniques, systems and challenges, Elsevier
computers & security 28(2009), pp. 18–28.
[2] Nikola Kasabov: “Evolving Connectionist Systems: The Knowledge Engineering
Approach”, Springer-Verlag New York, 2006, Inc., NJ, USA.
[3] Simei Gomes Wysoski, Lubica Benuskova, and Nikola K. Kasabov: Adaptive learning
procedure for a network of spiking neurons and visual pattern recognition. In
“Advanced Concepts for Intelligent Vision Systems”, pages 1133–1142, Berlin /
Heidelberg, Springer, 2006.
[4] Simon J. Thorpe and Jacques Gautrais: Rank order coding. In “CNS ’97: Proceedings
of the 6th annual conference on Computational neuroscience: trends in research”,
pages 113–118, New York, NY, USA, Plenum Press, 1998.
[5] [5] Salvatore J. Stolfo, Wei Fan, Wenke Lee, Andreas Prodromidis, and Philip K.
Chan: “Cost-based Modeling and Evaluation for Data Mining with Application to
Fraud and Intrusion Detection: Results from the JAM Project”, DARPA Information
Survivability Conference and Exposition, 2000, DISCEX '00.
Hellenic Military Academy 63
Taxonomy of Cyber-Warfare Operations
Vasileios Vlachos 1, Charalabos Bountolos2 and Alexandros Papanikolaou 3
1, 2, 3 Department of Computer Science and Engineering, Technological Educational Institute of Thessaly, GR-411 10, Larissa, Greece
E-mails: [email protected], [email protected], [email protected]
Abstract The latest leaks of the ex-NSA employee Edward Snowden, as well as former
research based on open source intelligence feeds confirm that an alarming number of
stealth cyber-espionage operations were taken place over the last years in worldwide
scale. The scope of this paper is to taxonomies the most important ones as well as the
key players, agencies, stakeholders or groups in the cyberspace that conduct these or
similar operations. More importantly, this work surveys the landscape in Greece and
discusses the responsibilities and roles of the Greek agencies that are responsible for
the protection of the Greek cyberspace and the critical infrastructure of Greece. This
paper is organized as follows: In Section 2, we survey the most dangerous activities
from the most powerful and well-equipped states regarding their capabilities to execute
covert cyber-warfare and cyber-espionage. Section 3 presents our methodology
regarding the acquisition of the data and information discussed in this paper and
Section 4 emphasizes on the alarming results of this research regarding the awareness
of the Greek state to encounter similar threats.
1. Related Work
Most of the related work is based on Open Source Intelligence (OSINT) feeds. The
methodology is well known and has been carried out from various researchers. The
scope of these was mostly targeted to identify attacks against the US military and
industrial complex during 2001 to 2010. The origins of these threats according to this
research can be traced to China. Another significant piece of information, which was
acquired again by utilizing Open Source Intelligence, identifies the coordination of
cyber criminals and a particular former superpower during the conflicts in Estonia
(2007) and Georgia (2008). In cases of activism the perpetrators revealed themselves
their exact methodology as well as the illegally acquired data in order to gain more
publicity so as to pass their political views to a broader audience. Finally, an important
part of the recent evidence regarding US cyber operation has been revealed from
whistleblowers and leakers as was the case with the former NSA operative Edward
Snowden.
2. Taxonomy
Table 1 summarizes most of the latest findings during the last years. Our taxonomy
includes the following data in order to provide a more accurate overview of the goals
64 Hellenic Military Academy
and motives as well the means and the techniques of most actors that are actively
involved in cyber operations. The first column identifies the origin of cyber-attacks.
Since most countries will not publicly admit that perform any kind of cyber espionage
of cyber offensive operations, one might dispute these findings. On the other hand, in
most cases there are strong indications both technical (IP addresses, messages revealed
in particular part of malware that has been utilized) or political (admission of state
officials, transcripts, leaked documents, political motives) that are hard to disregard.
The second column is the victim of an attack. In most cases the target of similar
operations are known and is difficult to cast doubts on this. Nevertheless, for various
reasons, the victims sometimes choose not to confirm that they have been the subjects
of attacks, but sufficient evidence reveals supports that they were indeed suffered from
similar covert cyber activities. The third column refers to the operations code names as
they were identified from the scientific and research community. Usually the first
researchers that were able to detect specific operations had the privilege to name them
accordingly. Another way to call these operations was the original code names from
various leaked documents. Finally, in some cases some cryptic messages in various
attacks (e.g. Gauss, Duqu) were sufficient to identify the whole cyber campaign. The
fourth column lists the tools (e.g. SQL injections) and the techniques (e.g. spear
phishing) that have been used to exploit the victim’s information systems in order for
the attackers to gain access in to them. The fifth column discusses the specific group or
agency that conducted the operation. Sometimes it is a state agency with a certain
degree of accuracy due to leaked or obtained evidence. In other cases it is an
approximation based on the techniques, tools, methodologies and other findings.
Despite the fact that most cyber-criminal groups or patriot hackers operate under the
auspices of a specific state, they tend to use the same attack vectors that utilise in their
daily activities and can therefore easily be identified. Finally, the sixth column
summarises some other items of particular interest on the specific attacks.
Table 1: Summary of transnational cyber-warfare incidents
Source country Target Operation codename
Techniques and tools
used
Confessed responsibility for the attack
Νotes
USA Iran Olympic Games. Probably the most significant covert manipulation of the electromagnetic
STUXNET malware
NSA – ANT Group
Cyber attacks on Iran’s nuclear facilities at Natanz. It is one of the first known uses of offensive cyber weapons. Stuxnet
Hellenic Military Academy 65
spectrum since World War II, when cryptanalysts broke the Enigma cipher that allowed access to Nazi codes.
damaged hundreds of centrifuges at the Natanz nuclear plant. Internet-connected nuclear centrifuge that runs Siemens Simatic WinCC SCADA systems software, working in conjunction with 33 or more frequency converter drives.
USA and Canada Canada Passengers Tracking Operation is the trial run of “game-changing”.
Spying agencies tracking your location by capturing the MAC addresses of your devices.
NSA and CSEC Mandated to collect foreign signals intelligence to protect Canada and Canadians. CSEC is legally authorised to collect and analyse metadata. Slurped information from the free Internet hotspots to track anyone who passed through the airport terminal.
Russia and/or China
Western Europe, N. America, Tibetan activists, energy companies in Asia, military organisations, embassies, aerospace, trade and commerce.
Red October or Rocra, Advanced Cyber Espionage Campaign
Spear phishing emails, Chinese-made malware, Java exploit to infect machines.
Steal Diplomatic and Government information, scientific research, record keystrokes and webcam images, scan for open ports, grab and upload interesting files from PCs, servers and mobile devices.
China Oil and gas companies
Night Dragon Attacks
SQL injection attacks to compromise perimeter security, social engineering, phishing attacks.
Steal confidential and proprietary information, including project-financing details, relating to a number of oil and gas field projects.
China Google, companies from a wide range of businesses including the Internet, finance, technology, media and chemical sectors.
Aurora Trojan horse, phishing scams, malware
PLA Unit 61398 – “Comment Crew”.
Theft of intellectual property from Google, dozens of Gmail accounts belonging to human rights activists had been compromised and accessed by unauthorised parties.
China 14 different countries across N. America, Europe, India and E. Asia. Governments and corporations.
Shady Rat Spear phishing, remote administration tools (RATs), zero-day attacks.
The governments of the US, Canada and S. Korea, as well as the UN, the International Olympic Committee and 12 US defence contractors. Loss of intellectual property and secrets. Long-term
This taxonomy is a summary of the most important cyber offensive operations of the last decade. The actual number of cyber security is constantly increasing and therefore is extremely difficult to be summarised and discussed. On the other, hand not all of
66 Hellenic Military Academy
them have the same impact on their targets, nor they use equally advanced techniques. The modus operandi of each actor is quite different and will be discussed in more detail in the next session. This taxonomy lists cyber-attacks that either deployed highly advanced techniques or had significant implications for their victims. In the first category fit the operations conducted by state security agencies that put to use highly advanced technologies and techniques just like zero-day exploits or the interception of the transcontinental communication cables. The other category involves low-tech attacks based on crowd sourcing, activism and political motivation. Tools like the LOIC Low Orbit Ion Cannon of the activist group Anonymous was extremely simplistic leaving the attackers complete exposed to the authorities as it did not changed or hide the source IP address, but due the overwhelming number of volunteers that participated managed to create significant damage. Finally, another group of attacks is in the middle of the spectrum. Cyber criminals and patriotic hackers operate with sophisticated malware that is jointly developed by various members and it is difficult to detect. In both cases these groups cooperate with states to perform cyber-warfare operations as they can provide possible deniability to their employers.
3. Discussion and Concluding Remarks
The outcome of this taxonomy aims to identify the current trends and threats in
modern cyber warfare operations. The findings that were present emphasize the
diversity of techniques, tools and methodologies which are applied in the cyberspace
from the different actors. The use highly sophisticated technological means as the
interception of communication cables or the trojanisation of hardware equipment as
well as the political pressure to obtain data from data and service providers (Microsoft,
Google, Facebook, Yahoo) are in the reach of powerful states and require significant
persuasive means to remain undetected. On the other hand advanced persistent threats
(APT) have now become more affordable to cyber criminals and small countries which
can either build them or acquire them as part of FaaS (Fraud as a Service) model which
is prevalent in various underground scenes and hacking forums. In addition to that
even the most simplistic techniques can be proven useful for the orchestration of
effective Distributed Denial of Service Attacks (DDoS). The table above summarizes
most of these latest developments in cyber warfare tactics. Due to the available space
limitations it is not possible to analyze them in more detail, but the current landscape
depicts the different strategic approaches of the state actors either through direct
attacks operated through security services or indirect with questionable proxy entities.
The involvement of security agencies that function secretly without providing the
necessary evidence to the government and the juridical system or the collaboration
with cyber criminals or patriot hackers increase the possibility of the escalation of
serious cyber conflicts with unpredictable consequences.
Hellenic Military Academy 67
Security and Formation of Network-Centric Operations
Nicholas J. Daras
Department of Mathematics and Engineering Sciences, Hellenic Military Academy,
Vari, GR-16673, Greece
E-mails: [email protected] , [email protected]
Keywords: Network centric operations, multi-layer graph model, vertex pursuit game,
network centric warfare strategic formation, network centric operations – graphs,
operational utility function.
Abstract This paper explores various concepts related to the Network Centric Warfare
framework and investigates security and formation aspects of network centric
operations. It is divided into 5 sections.
The first section deals with definitions and background information of key terms such
as Cyber Warfare, Information Warfare, C4ISR, and Network Centric. Special emphasis
is given to Network Centric Operations (NCO) Conceptual Framework.
The second section briefly reports and analyzes the three main thematic NCO-pillars:
Net Centric Theoretical Foundations / Mathematical Modeling, Net Centric
Technologies and Related Issues and Operational Experiences.
Next, in the third section we apply graph theory concepts to NCO. To do so, we
consider Wong-Jiru’s multi-layer graph model of NCO and we describe interlayer
relationships. Our analysis proceeds with definitions and implications of several NCO-
layered metrics (: out-degree, in-degree, density, reachability, point connectivity,
distance, number of geodesics, maximum flow, network centrality, Freeman degree
centrality, betweenness centrality, closeness centrality, edge betweenness, flow
betweenness). The section ends with the mention of key advantages of the multi-layer
NCO model.
The fourth section investigates the security problem of network centric operations by
applying methods of vertex pursuit games. Specifically, we suppose an intruder (or
attacker) has invaded into the complex process of a Network Centric Operation with
the intention to destroy or cause sabotage at the vertices of one or more of its five
layers (:Processes, People, Applications, Systems, Physical Network). The intruder
could represent virus or hacker, or other malicious agents intent on avoiding capture. A
set of searchers are attempting to capture the intruders. Although placing a searcher on
each vertex of a layer guarantees the capture of the intruders, we discuss and
investigate the more interesting (and more difficult) problem to find the minimum
number of searchers required capturing the intruders. A motivation for minimizing the
number of searchers comes from the fact that fewer searchers require fewer resources.
68 Hellenic Military Academy
Network Centric Operations that require a smaller number of searchers may be viewed
as more secure than those where many searchers are needed.
Finally, in section 5 we take up with the problem of network centric warfare strategic
formation. After introducing distance-based operational utility functions, we keep to
the study of two layer distance-based operational utilities and of best response NCO-
graphs. Then, we consider pairwise operational stability in the network centric
operations and we conclude with a study of the network centric operations formation
with arbitrary operational utility functions.
References
[1] D. S. Alberts, J. J. Garstka and F. P. Stein: Network Centric Warfare: Developing and
Leveraging Information Superiority, 2nd Edition (Revised). Washington, DC: CCRP
Publication Series, 2002.
[2] B. Alspach: Sweeping and searching in graphs: a brief survey, Matematiche 59 (2006),
pp. 5-37.
[3] A. Bonato: A Course on the Web Graph, American Mathematical Society Graduate Studies Series in Mathematics, Providence, Rhode Island, 2008.
[4] F.R.K. Chung, L. Lu, Complex graphs and networks, American Mathematical
Society, U.S.A., 2004. [5] J. Gao, S. V. Buldyrev, S. Havlin, and H. E. Stanley: Robustness of a network formed
by n interdependent networks with a one-to-one correspondence of dependent nodes, Phys. Rev. E, 85 (2012), p. 066134.
[6] A. Grover: Cyber War’s Final Frontier: Network Centric Warfare Framework,
http://www.itffroc.org/articles/ag_cyberwar.pdf
[7] M. Kurant and P. Thiran: Layered Complex Networks, Physical Review Letters, PRL 96 (2006) pp., 138701.
[8] Network Centric Operations Conceptual Framework. Version 1.0
http://www.dtic.mil/dtic/tr/fulltext/u2/a457620.pdf
[9] S. Neufeld, R. Nowakowski: A game of cops and robbers played on products of
graphs, Discrete Math. 186 (1998), pp. 253-268.
[10] E. M. Shahrivar and S. Sundaram: Strategic Multi-Layer Network Formation, 52nd IEEE Conference on Decision and Control, December 10-13, 2013. Florence, Italy, pp. 582-587.
[11] A. Wong-Jiru, Major, USAF: Graph Theoretical Analysis of Network Centric
Operations Using Multi-Layer Models, Thesis, Air Force Institute of Technology,
Department of the Air Force, Air University, Wright-Patterson Air Force Base, Ohio,
September 2006.
Hellenic Military Academy 69
Run and Scan Statistics Models and their Applications in
Transposition Systems and Networks
Ioannis Triantafyllou 1 and Markos Koutras 2 1
Department of Statistics and Insurance Science, University of Piraeus,
80 Karaoli and Dimitriou Str., 18534 Piraeus, Greece
E-mails: [email protected] 1, [email protected] 2
Keywords: Almost Perfect Run, Scan statistic, Consecutive type systems, reliability
function, system's lifetime, transposition systems, network security
Abstract In this paper we present several results related to the family of consecutive-
type systems. A linear (circular) consecutive k−out−of−n: F system consists of n
components which are linearly (circularly) arranged and the system fails if and only if
at least k consecutive components fail; for a review see [4], [5] and the monograph [8].
The probability model associated with this system is closely related to the distribution
of runs of fixed size in a sequence of binary trials. The most popular applications of
these systems pertain to telecommunication and pipeline network modeling as well as
integrated circuits design.
A natural and intuitively appealing generalization of the runs principle arises if
instead of looking at fixed-length strings of successes, we allow the appearance of a
small number of failures. Therefore, the focus is on clusters of consecutive trials which
contain large proportion of successes. Such a formation is traditionally called “scan” or
alternatively, if a high concentration of successes within it is attained, almost perfect
(success) run (see [2] and [6]). The scan statistic has been used in the related literature
to produce reliability structures with more flexible operation principle, as compared to
the consecutive k−out−of−n: F system, as well as for studying Shewhart control charts
with sensitizing runs rules (see [8], [7] and the recent publications by Balakrishnan,
Koutras and Bersimis ([1]) and Bersimis, Koutras and Papadopoulos ([3])).
In this work we present several results for the family of consecutive type structures i.e.
systems whose operation mode is associated with the appearance of runs or almost
perfect runs (scans) of working components. We indicate how these results can be
exploited for the study of the string matching problem, namely the problem of finding
an exact pattern in a string or finding similar patterns in two strings (also known as
approximate string matching). Finally, we focus on specific applications in the field of
1
1 Work supported by the Aristeia II action under the operational programme “Education and
Lifelong Learning”.
70 Hellenic Military Academy
transposition systems and networks which are of major importance in military
activities.
References
[1] N. Balakrishnan, M. V. Koutras and S. Bersimis: Run and Frequency Quota Rules in
Process Monitoring and Acceptance Sampling, Journal of Quality Technology, 41
(2009), pp. 66-81.
[2] N. Balakrishnan and M. V. Koutras: Runs and Scans with Applications, John Wiley &
Sons, N. Y., 2002.
[3] S. Bersimis, M. V. Koutras and G. K. Papadopoulos: Waiting time for an almost
perfect run and applications in statistical process control, Methodology and
Computing in Applied Probability, 16(2014), pp. 207-222.
[4] M. T. Chao, J. C. Fu and M. V. Koutras: Survey of the reliability studies of
consecutive-k-out-of-n:F and related systems, IEEE Transactions on Reliability,
44(1995), pp. 120-127.
[5] S. Eryilmaz: Review of recent advances in reliability of consecutive-k-out-of-n: F and
related systems, Proceedings of the Institution of Mechanical Engineering-Part O-
Journal of Risk and Reliability, 224, (2010), pp. 225237.
[6] J. Glaz, J. Naus and S. Wallenstein: Scan Statistics, in Springer Series in Statistics,
Springer, Berlin Heidelberg New York, 2001.
[7] M. V. Koutras, S. Bersimis, and P. E. Maravelakis: Statistical Process Control using
Shewhart Control Charts with Supplementary Runs Rules, Methodology and
Computing in Applied Probability, 9 (2007), pp. 207-224.
[8] W. Kuo and M. J. Zuo: Optimal Reliability Modeling: Principles and Applications,
John Wiley & Sons, N.J., 2003.
Hellenic Military Academy 71
CyberWarfare
72 Hellenic Military Academy
Hellenic Military Academy 73
Protecting our Cyber Domain from Cyber Attacks
Spyridon Papageorgiou, Cdr (HN)
MSc, GCIH, GPEN, GWAPT, GREM, OSCE, GCFA
Director, Hellenic National Defence General Staff
Cyber Defense Directorate, Greece
E-mails: [email protected] , [email protected]
Abstract The rapid development of Information and Communication Technologies
(ICTs) over the last decades has contributed a lot to the advancement of humanity. The
access of new technologies in every aspect of human life has been extended to such a
degree that, major public sector industries, such as National Security, Education,
Government, Health, Public Safety, as well as sectors such as Nutrition, Energy,
Economics and Transportation & Communication, are closely related to the new ICTs.
Thus, information and communication systems and technologies are currently playing
an important role in ensuring a State’s proper functioning and the well-being of its
citizens, and cyberspace, the common ground of all these, acts as the connecting link
between them.
Cyber space with its openness, interconnection and dependency, confronts great
vulnerability. The increasing number of cyber attack incidents reported on a regular
basis has transformed ‘Cyberspace’ into a battlefield, bringing to light ‘Cyber warfare’ as
the ‘fifth dimension of war’. Attacks from cyber space pose a direct threat to our safety
and the proper functioning of our state. Cyber attacks have a profound negative impact
on our daily lives. Worldwide cyber attacks are an important threat to national
security, alongside international terrorism.
Safety and security in cyber space have become top priorities worldwide.
Nowadays, it is a fact that every nation, every organization, everyone is relying more
and more on CIS technology and everything that interacts with it. This fact makes
Cyber-security an indispensable part of daily activities in every level: personal,
organizational, national and international. Cyber-security, as the European
Commission states in its most recent Communication on EU’s Cyber-security Strategy,
‘... commonly refers to the safeguards and actions that can be used to protect the cyber
domain, both in the civilian and military fields, from those threats that are associated
with or that may harm its interdependent networks and information infrastructure’.
Those threats, commonly referred to as cyber-attacks include actions ‘... taken to
undermine the functions of a computer network for a political or national security
purpose’.
So the term cyber-security refers to technologies and processes designed to
protect national infrastructures in cyber space, the exchange of data in cyber space and,
74 Hellenic Military Academy
above all, the people using cyber space from unauthorized access, vulnerabilities and
attacks delivered via the Internet by cyber criminals. Cyber – security preserves the
availability and integrity of the networks and infrastructure and the confidentiality of
the information contained therein.
Every nation has the responsibility to protect its Internet infrastructure from
cyber attacks. Citizens must feel confident that their data will be transmitted and
received fast and reliably way. The free access to liable and fully operating Internet, the
protection of personal data and privacy as well as the integrity and availability of
interconnected networks are the basis for national prosperity and security. We have to
understand that, "cyber-security and cyber defense is everyone's responsibility".
Probably the most typical problem arising with respect to cyber attacks and to the
way they are developed, is the inability to positively identify the key actor of the attacks,
resulting thus in major difficulties to handle the issue of ‘attribution’. To put it
differently, we can never be absolutely certain who is behind a cyber attack. This is due
to the fact that it is very difficult to decode and identify the location of the system that
originated the attack (it is a very time consuming process). Furthermore, the cost to the
attacker is much smaller than the respective one to the victim, since the victim of the
attack has to spend a lot of money in order to detect the origin of the attack and the
identity of the perpetrator. Inevitably, the question posed by everyone is the following
‘’who are the attackers?’’ Non-state actors (e.g. criminals, black hat hackers, organized
crime, hacktivists or terrorists) as well as state actors (e.g. secret services and the
military) may misuse cyber space for their own purposes. The threats in cyber space are
practically infinite. It is, therefore, top priority of Greece to help make cyber space
sufficiently safe and secure at personal, organizational, national and international level.
For a national cyber security regime, we must follow this general approach. We
have to work in parallel, in a top down and bottom up approach. Working in parallel,
will allow us to gain time and achieve our goals in less time. In our top down approach
the aim is to move from strategy (strategic level) down to implementation (tactical
level). In our bottom up approach we will move from the tactical level to the strategic
level. So, we have to work in parallel writing the institutional documents and
implementing all the corresponding cyber security infrastructures in order to achieve
cyber security. We must realize that the threat to our national security from cyber
attacks is real and growing. Cyber Threat is real, is growing and is evolving every day.
Working on the strategic level, the first thing to do is to write down all the
related institutional documents. Writing a national cyber security strategy should be
our top priority. Within the cyber security strategy, we have to ensure the overall
coordination of all relevant public and private stakeholders both at the political-
strategic level and the operational level. We have to establish a Cyber Security National
Hellenic Military Academy 75
Authority responsible for coordinating all relevant stakeholders at a political-strategic
level.
At operational level we have to take advantage of existing operational structures.
Operational structures can be the CERTs (Military, National, Academic, private) and
the Internet service Providers (ISPs). All the operational stakeholders must be
coordinated from the Cyber Security National Authority giving roles and
responsibilities in our existing cyber security structures. Both public and private sectors
can develop a common understanding of their perspective roles and responsibilities
related to cyber security. It will be necessary to lay down, in detail, responsibilities,
powers and spheres of action of all stakeholders, their role in the event of crisis, their
role in the event of a cyber attack in our critical infrastructures, as well as their
interaction with the Cyber Security National Authority and among them. We must be
specific on how they will interact on a day to day basis.
The aim of the government is to define the role, responsibilities and power of
state and non-state actors in cyber space and to create adequate framework conditions
for cooperation among all players. One of the most important aspects of a cyber
security strategy is the development of trust among national stakeholders. A minimum
of cyber security standard must be achieved in order to meet the needs and
expectations of all stakeholders.
Further action will include the preparation of a Cyber Security Communication
Strategy and the improvement of the resilience of critical infrastructures. Additionally,
we must promote national cyber security awareness. In order to ensure a high level of
cyber security, technical expertise based on state-of-the-art research and development
is required. Cyber security issues must be effectively addressed. International
cooperation is a key factor for an effective Cyber Defence Strategy. An action plan with
a specific timeline must be followed to implement all decisions taken at a strategic
level.
As a conclusion, a common approach can increase the long-term security,
stability and resilience of a State’s critical information and communication
infrastructures.
76 Hellenic Military Academy
Risk Assessment Methodologies
for Cyber Attacks against Critical Infrastructures:
The Maritime Sub-Sector
Panos Mavropoulos, LtGen (ret)
Agiou Nectariou 30, 14122 Neo Iraklio
E-mail: [email protected]
Abstract Cyber threats, within or through cyber space, are growing in recent years
both in severity and in covering all aspects of human activity. National and
supranational authorities assumed the responsibility to work for the protection of the
most important and sensitive infrastructures which for this very reason are called
critical. For a critical infrastructure protection program though, a risk assessment
component is indispensable ([1]). There is clearly a problem of risk assessment
methodology in extremely complex system-of-systems, as is the case of the maritime
sub-sector of the transport critical infrastructure sector.
The scope of this work is to review existing risk assessment methodologies and to
check their applicability vis-à-vis very complex systems (system-of-systems); an effort
will be made to develop a risk assessment approach suitable for the maritime sector.
This work will be based on the previous similar work by Giannopoulos et al ([2]), with
particular focus on the maritime sub-sector.
1. Methodology
The prerequisite of a sound critical infrastructure protection program is a reliable, well
thought and carefully crafted risk assessment. Risks, threats and vulnerabilities for
critical infrastructure sectors should be first identified and then analyzed. Risk
assessment, and Operator Security Plans, is already compulsory for maritime ports and
port facilities under existing European legislation ([3]).
There are a significant number of risk assessment methodologies for the critical
infrastructure. In general, the usual approach to risk assessment is rather common and
linear. All those methodologies comprise the same series of stages, namely the
determination and taxonomy of threats, the determination of vulnerability of the
systems under analysis and the evaluation of the possible impact on the systems. This
is a well-known and established approach for evaluating risks and forms the backbone
of almost all existing risk assessment methodologies ([3]).
According to Giannopoulos and others the risk assessment methodology is based on
three criteria, namely the scope of the methodology, the audience to which it is
addressed (policy makers, decision makers, research institutes) and their domain of
applicability (asset level, infrastructure/system level, system of systems level) ([2]). The
Hellenic Military Academy 77
domain of applicability defines to a large extent the target group of the methodology.
For example, a risk assessment methodology applicable to systems at national or even
supranational level is mostly addressed to policy makers and relevant authorities and
less to operators or to asset managers at local level. Considering the maritime subsector
as a system of systems, the target audience of its risk assessment is rather policy makers
and relevant authorities than operators.
The interdependencies, inherent in systems-of-systems, make the work of analysis even
more difficult. According Rinaldi and others’ work there are four types of
interdependencies to be taken into account in the case of critical infrastructure, namely
the physical, the cyberspace, the geographical and the logical ([5]). This makes the risk
analysis particularly difficult, especially in the case of the maritime sector, which
presents an outstanding complexity.
The interdependencies amongst the critical infrastructures, considered in the maritime
sub-sector of the transportation sector can be categorized in three levels or categories.
Internal or sub-sectoral interdependencies amongst the maritime subsystems (ships,
ports, maritime, insurance or freight lease companies, etc), first level external or
sectoral interdependencies amongst the subsectors of the transportation sector of
critical infrastructures (air, rail, road transportation, etc), and second level external or
intra-sectoral interdependencies amongst the sectors of critical infrastructures (health,
economy, energy, satellite navigation and transport, etc).
The domain of applicability of a risk assessment methodology may be the most
important feature. The risk assessment methodologies for critical infrastructure
protection can be divided into two major categories, namely the sectoral approach,
where each sector is treated separately with its own risk methodologies and risk
ranking; and the systems approach, where critical infrastructures are treated as an
interconnected network ([3]).
The existing methodologies in general were developed as sectoral and were later
extended to be applied to more complex systems at system level, with all the
limitations of such an approach. A top-down approach would be more suitable for
complex system-of-systems and will be attempted here.
2. Applications
The maritime system, as an integral system, is an important element of the
transportation sector, which is considered as one of the most important national and
even supranational critical infrastructures. The maritime system itself consists of a
variety of diverse subsystems (navigation, ships, ports, port facilities, shipping,
insurance and freight companies, etc) all of which should work smoothly. As a major
part of transportation critical infrastructure sector, the maritime system drew the
attention of decision makers for its protection. Its complexity makes the
78 Hellenic Military Academy
corresponding risk assessment a real challenge; the existing methodologies seem
inadequate to cope with the complexity of the system.
The European Network and Security Agency (ENISA) published the first European
Union report ever on cyber security challenges in the Maritime Sector. The report,
amongst others, highlights the particularities of the maritime sector vis-à-vis cyber
security ([4]).
Maritime cyber security awareness is currently low, to non-existent, at the level of
Member States, shipping companies, port authorities, national cyber security
offices, etc.
Due to the high ICT complexity, it is major challenge to ensure adequate maritime
cyber security.
Current maritime regulations and policies consider only physical aspects of
security and safety.
3. Prospected outcomes
The development of an ad hoc risk assessment methodology is by far a very ambitious
scope to be tackled in the context of a, limited space, research paper. Instead, the
prospect is to be able to develop criteria for the evaluation of existing risk assessment
methodologies vis-à-vis the particular characteristics of the maritime sector.
References
[1] Council Directive 2008/114/EC: On the identification and designation of European
critical infrastructures and the assessment of the need to improve their protection.
Official Journal of the European Union, 2008.
[2] European Commission, Joint Research Center: Risk Assessment Methodologies for
Critical Infrastructure Protection. Part I: A state of the art, by Giannopoulos, G,
Fillipini, R and Schimmer, M. Luxembourg, 2012.
[3] European Commission, SWD (2012) 190 final: On the review of the European
program for critical infrastructure protection (EPCIP). Brussels, 2012.
[4] European Network and Information Agency. Analysis of Cyber Security Aspects in
the Maritime Sector. Heraklion, 2011.
[5] S.M. Rinaldi, J. P. Peerenboom and T. K. Kelly: Identifying, Understanding and
Analyzing Critical Infrastructure Interdependencies. IEEE Control Systems
Magazine, December 2001, pp. 11-25.
Hellenic Military Academy 79
Cyber Warfare and Incident Response
Ioannis Makripoulias 1, Anastasios Papathanasiou2,
Alexandros Papanikolaou3, Vasileios Vlachos4
1,2Cyber Crime Prosecution Subdivision, Financial Police and Cyber Crime Unit,
Hellenic Police
E-mails: [email protected] 1 , [email protected] 2
3,4Department of Computer Science and Engineering, Technological Educational
Institute of Thessaly, Greece
E-mails: [email protected] 3, [email protected] 4
Keywords: critical infrastructure, cyberspace, cyber-attack, cyber-security
Abstract Nowadays, in the so-called “Information Age”, the battlefield is not
necessarily some part of land, sea or air. Cyberspace is the current place for
confrontation among countries and for performing their military operations in a
manner similar to those on land, sea, air and space [1]. Similarly to a “traditional” war
where among each party’s interests is to locate and bomb the enemy’s strategic targets,
in the case of cyber-warfare the enemy’s critical infrastructures are usually among the
primary targets.
The term critical infrastructures covers all these infrastructures that are necessary for a
country’s normal operation. Critical infrastructures include water supply, power supply,
transport, telecommunications, power production, public health, government
mechanism, raw materials production, security (police, fire service, army, etc.) and
finance (banks, stock market, etc.). A formal definition of critical infrastructures has
been formed by both the EU [2] and the USA [3]. It is quite a worrying fact that critical
infrastructures constitute a much weaker target than military ones, since the analysis of
their information systems and the discovery of vulnerabilities are significantly easier
tasks, due to the existence of open-source intelligence (OSINT). The importance of
protecting critical infrastructures effectively emerges from the fact that the President of
the USA recently issued the Executive Order 13636 on improving critical infrastructure
cyber-security [4]. Moreover, NIST recently published a technical report [5] containing
a framework for improving cyber-security on critical infrastructures, applicable to any
organisation, regardless of size and cyber-security risk. In this report, multiple
approaches to cyber-security are presented, as well as the latest related standards,
guidelines and practices.
The sources of the attacks against critical infrastructures vary according to the motives
of the attackers, such as private interests (e.g. industrial espionage), organised crime,
terrorist organisations, state entities (e.g. acts of war) or even personal satisfaction
80 Hellenic Military Academy
(e.g. hackers). A cyber-attack against critical infrastructures aims at intercepting
data/communications, downgrading the quality of offered services (or even totally
interrupting them), or even destroying the infrastructure itself.
In Greece, there are several entities, either directly or indirectly responsible for matters
of cyber-defence and cyber-security, as well as for the protection of critical
infrastructures, such as state authorities, services, state mechanisms and independent
authorities. The most important of them that are directly related to critical
infrastructures and national security are: the Hellenic National Defence General Staff
(HNDGS), the Cyber-Defence Division of the HNDGS, the National Intelligence
Service, which is an Information Security Authority (Law 3649/2008) and the Hellenic
Police through its Division of Crisis Management (Hellenic Police Headquarters) and
its Cybercrime Prosecution Subdivision (P.D. 9/2011).
In this work we present how the competent security authorities deal with incidents of
cyber-crime and cyber-attacks.
1. Methodology for Handling Cyber-attacks
As soon as a cyber-attack against critical infrastructures is detected, the competent
immediate response authorities attempt to confront these attacks by following specific
procedures which are presented in the sub-sections below.
1.1 Identification of the Attack
In order to confront a cyber-attack, an accurate identification of the attack must
initially take place, aiming to determine its targets and the nature of the threat (data
interception, infrastructure destruction attempt, service downgrade, etc.).
1.2 Securing Data and Infrastructures
A critical step in confronting a cyber-attack is to secure the critical data and
infrastructures immediately. There are two main cases:
The attack is in progress: In this case, effort is made to secure any critical data
and infrastructures, without interrupting the attack before the necessary
information regarding the nature of the attack has been gathered.
The attack has been completed: In this case, effort is made in order to prevent
the same attack from reoccurring in the near future.
1.3 Collection of Evidence and Exhibits
Once the systems that were the target of the attack have been identified, it is
determined whether they have to be taken to specialised laboratories or be examined
on site. During this process, it is absolutely imperative to carefully follow all necessary
procedures, in order to ensure the integrity of the collected exhibits and data, as it
happens in every cyber-crime incident (compute hash values of the collected data, safe
transportation and storage of the physical media, etc.).
Hellenic Military Academy 81
1.4 Acquiring a System Image
Every exhibit that has been collected gets imaged, namely an identical copy of its
storage media (including RAM memory) is made. Any analysis will be performed on the
acquired images, thus preserving the integrity of both the system and the data.
1.5 Data Analysis
The following types of analysis may be performed on each affected system, depending
on the particular characteristics of each case:
Computer analysis: Involves analysing the system’s software, stored data, log files,
RAM contents at that time and any storage media that are attached to the system.
The aim is to reveal the means that were used for the attack (e.g. some specially-
crafted malware), the attack source (through log files examination) and the exact
objective of the attack (unauthorised data access or modification).
Network analysis: During this process all networked devices that may be keeping
log files, such as routers and firewalls are analysed. Protocols are analysed in all
layers, in an attempt to identify the source of the attack and the means through
which the attack was conducted.
Malware analysis: Most cyber-attacks include at some point the use of malicious
software. Therefore, the malware has to be captured and have its malicious code
analysed, in order to unveil its precise operation. Out of this evidence, the exact
target of the attack may be identified, as well as its origin.
Mobile analysis: If, at any instance throughout the attack, cellular network
communication took place, then the analysis of the devices that were used is
required, as well as any useful information from the cellular network.
1.6 Results Extraction and Revision of Configuration
Once the results of the analysis have been extracted, they are reviewed and the systems
are patched or reconfigured, so as to eliminate the identified vulnerabilities. A re-
evaluation of the security measures follows, in order to determine the new level of the
security measures.
1.7 Data Collection from the Source and Counter-Attack Actions
Under certain circumstances, a counter-attack may also be justified. Nevertheless, for a
counter-attack to be launched, certain preconditions must be satisfied and the relevant
authorisations from the competent security agencies and military services must have
been given. Indicative examples of such actions are listed below, in increasing order of
offensiveness:
Gain access to the source and collect additional data: This is further divided into
two cases, depending on the nature of the attack and the physical location of the
source:
82 Hellenic Military Academy
o Application for supplying the required data via a trans-national
agreement.
o Attempt to break into the source and acquire the needed data.
Denial of Service (DoS) attack against the source: A denial of service attack is
launched against the source, aiming at inhibiting or even disrupting the attack,
given that the latter is still in progress.
Destruction of the source: In the case that this is feasible and the required
preconditions are satisfied (act of war), it is possible to attempt gaining access to
the source and destroying it, or even attack against other war targets.
Deception: Using this approach, should the attack be aiming at gaining
unauthorised access to data and while the attack is still in progress, the attacker
is supplied with false data. In this way, any unlawfully acquired data by the
attacker is rendered useless, since it is impossible to distinguish the false from
the real data.
References
[1] W. Gragido and J. Pirc: “Cybercrime and Espionage: An Analysis of Subversive
Multi-Vector Threats”, Syngress, 2011.
[2] “Council Directive 2008/114/EC of 8 December 2008 on the identification and
designation of European critical infrastructures and the assessment of the need to
improve their protection”, http://eur-
lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2008:345:0075:0082:EN:PDF
[3] “Uniting and strengthening America by providing appropriate tools required to
intercept and obstruct terrorism (USA Patriot Act) act of 2001”, Public Law 107–56,
Oct. 26, 2001.
[4] “Improving Critical Infrastructure Cybersecurity”, Executive Order 13636, Feb. 12,
2013.
[5] “Framework for Improving Critical Infrastructure Cybersecurity”, Technical Report,
National Institute of Standards and Technology (NIST), Feb. 12, 2014. Version 1.0.
Hellenic Military Academy 83
Hacking and Securing Java Web Applications
Nikolaos Papadakis
Department of Mathematics and Engineering Sciences, Hellenic Military Academy,
Vari, GR-16673, Greece
E-mail: [email protected]
Abstract The 95% of web applications have vulnerabilities including: cross-site
scripting, SQL injection, parameter tampering, cookie poisoning, database server, web
server, buffer overflow, etc.
In this presentation the most important and frequent mistakes from a Java programmer
stand point are presented aiming at showing how to build Java web applications
secured from the most common security hacks.
The OWASP Top 10 list of vulnerabilities is also presented. The Open Web Application
Security Project (OWASP) is an open-source web application security project. The
OWASP community includes corporations, educational organizations, and individuals
from around the world.
Each vulnerability category, according to the OWASP Top 10 list, is examined and
relative corrections are provided by presenting simple and easy to understand
examples.
84 Hellenic Military Academy
Hellenic Military Academy 85
Information Security
86 Hellenic Military Academy
Hellenic Military Academy 87
Large-Scale Early Warning System
Spyridon Kollias 1, Alexandros Papanikolaou 2 and Vasileios Vlachos 3
1Department of Computer Science, University of Piraeus, Karaoli & Dimitriou Str. 80, GR- 185 34, Piraeus, Greece
E-mail: [email protected]
2Department of Computer Science and Engineering, Technological Educational Institute of Thessaly, GR-411 10, Larissa, Greece
E-mail: [email protected]
3Department of Computer Science and Engineering, Technological Educational Institute of Thessaly, GR-411 10, Larissa, Greece
E-mail: [email protected]
Abstract Contemporary hostile activities against IT systems demonstrate that existing
security applications are not capable of repelling all threats efficiently. In particular
latest empirical data and theoretical studies demand for a diversified system, which will
enhance the security in a different level of abstraction. We present a Large-Scale Early
Warning System named PROTOS (PROactive Threat Observatory System).
4. Aims
PROTOS is a large-scale early warning and protection system against previously
unknown malware threats. The system aims to provide timely and accurate
information on malicious software epidemics and Distributed Denial of Service (DDoS)
Attacks against its members. Moreover, the PROTOS system is designed to provide
basic protection to the PROTOS clients by automatically hardening of the operation
system when virulent computer worms propagate uncontrollable. The automatic
configuration of the security level of the operating system, the security software and
other custom applications intend to delay the propagation of malicious worms until
software patches and security signatures are available to PROTOS users. Therefore, the
PROTOS system is an appropriate protective mechanism against unknown distributed
threats in the form of computer viruses, worms or other malicious applications that
targeted (DDoS) or untargeted (malware epidemics).
5. Methodology
The operation of this system is based on the basic principles of epidemiology and
public health. The established best practices suggest that during a flu epidemic the
susceptible population should take some protective measures until a vaccine is
available. These safety-related restrictions focus on the avoidance of crowded places
and the strict enforcement of hygiene rules. The PROTOS system is a metaphor of this
88 Hellenic Military Academy
approach to the Internet ecosystem. A number of distributed sensors gather
information about the malicious activity as is perceived by each PROTOS sensor. The
rate of change of the recorded security incidents is transmitted regularly every minute
to the PROTOS server. The latter aggregates the data from all the sensors and applies
some basic epidemiological metrics to identify whether a worm epidemic is on the rise
threatening all the system or a specific member of the PROMIS Group is under a DDoS
attack. The typical operation of a PROTOS sensor is as follows: It checks the firewall
log file every 30 seconds and calculates the number of the intercepted attacks in the
form of dropped/denied packets and establishes the local malicious activity, as well as
the epidemic rate according to Σφάλμα! Το αρχείο προέλευσης της αναφοράς δεν βρέθηκε.
and Σφάλμα! Το αρχείο προέλευσης της αναφοράς δεν βρέθηκε.. In these equations, is the
ordinal number of a fixed time interval, is the client identifier, is the number of
security incidents received by node in the time interval . The “time-window” used in
a number of time intervals is .
Equation 1: The rate of the intercepted malicious activity.
Equation2: The epidemic rate.
Thereafter, the PROTOS sensor transmits this information to the PROTOS server,
which computes the global malicious activity, based on Σφάλμα! Το αρχείο προέλευσης της
αναφοράς δεν βρέθηκε..
Equation 2: The global malicious activity.
If the global malicious activity exceeds a predefined upper threshold the PROTOS
Server instructs the PROTOS Sensors to increase their security level by applying a set of
predefined countermeasures. Similarly if the global malicious activity is under the
lower threshold, the PROTOS Sensors are returned to their normal operation based on
the scenarios below:
If , then increase the security policy by disabling non-essential
services, for example HTML preview in mail clients or by increasing the web
Hellenic Military Academy 89
browser’s security settings, where is the predefined threshold to increase
the security settings of PROTOS.
If , then decrease the security policy by reactivating the
abovementioned services, where is the predefined threshold to decrease the
security settings of PROTOS.
If , do nothing.
6. Applications
PROTOS will be deployed on all computers of the Greek National School Network.
Also, several instances can be deployed in large scale private intranets to protect the
users from any inside threat without disseminate any information to the public. One
such example is shown in Σφάλμα! Το αρχείο προέλευσης της αναφοράς δεν βρέθηκε.. A
specialized central server of PROTOS will aggregate the information from the different
instances which want to participate to the PROTOS intelligence in order to propose the
current level of threat with better accuracy.
7. Results
PROTOS is expected to have a significant number of sensors in the early stage of its
lifecycle. Hence from the very beginning, PROTOS data can be used by administrators,
as well as by individuals in conjunction with other security mechanisms to protect their
systems. Furthermore, the heterogeneous environment that the PROTOS system
operates in, provides a more holistic approach of computer security in a specific time
domain. PROTOS consists of different subsystems, the most important of which is the
PROTOS sensor, which is responsible for collecting intelligence from individual
computers’ default security mechanisms and applications, regardless of their role in the
network. The more the sensors, the better the estimation of the current computer
security level will be. In addition, the collected local malicious activity has to undergo
some additional processing, in order to enable the estimation of the system’s security
level. The PROTOS server performs come extra processing on all the information that
has been sent to it and an aggregate result shows whether there is a significant change
in the rates of global security level, in real time. As soon as an increase or a decrease in
the malicious activity is detected, the warning system can notify the users or
administrators accordingly. PROTOS is counting over 150 distinct sensors in beta
version and visualizes the extracted information, so as to provide the user with an
initial view of the wider picture. The PROTOS sensors are be able to change the
security level, should an increase of malicious activity is detected, until it falls back to
the normal level. Future work demands to implement forecasting methods, in order to
foresee any imminent threats, nevertheless such methods are debatable and require a
lot of study.
90 Hellenic Military Academy
Figure 1: PROTOS live plot.
References
[6] S. Staniford, V. Paxson and N. Weaver: How to 0wn the Internet in Your Spare Time, in the 11th USENIX Security Symposium, pp. 149-167, 2002.
[7] N. Weaver, V. Paxson and S. Staniford: A Worst-Case Worm, in Third Annual Workshop on Economics and Information Security (WEIS04), 2004.
[8] S. Staniford, D. Moore, V. Paxson and N. Weaver: The top speed of flash worms, in ACM workshop on Rapid malcode (WORM ’04), pp. 33-42, ACM Press, 2004.
[9] S. Staniford: Containment of Scanning Worms in Enterprise Networks, Journal of Computer Security, 2004.
[10] Taxonomy of Computer Worms, First Workshop on Rapid Malcode (WORM), 2003.
Hellenic Military Academy 91
Implementation of Artificial Intelligence in INFOSEC Tasks
and Applications
Lieutenant Karapilafis Georgios
Garivaldi 26, Thessaloniki, GR-54642, Greece
E-mail: [email protected]
Abstract Today, Information and System Security is one of the most challenging areas
of research and development in modern communication. More than ever, information
has immeasurable value. In data communication systems, data security is of prime
concern. Similar brain performance of Artificial Neural Networks, their adaptive
learning and performance of real time operations could give a significantly high
potential of developing a wide range of even better Information and System security
applications, including cryptographic methods, biometrics, Intrusion Detection
Systems, anti-phishing methods etc. Merging Artificial Neural Network and INFOSEC
related tasks could give a great potential on security concerns.
This paper discusses the implementation of Artificial Intelligence in INFOSEC
applications and the new perspective this could give.
92 Hellenic Military Academy
The Concept, Utility-Criticality and Necessity of INFOSEC in
the Armed Forces
Major Konstantinos Lousios
Infosec officer/HNDGS
MSc Informatics – Msc Information Systems
5, Kleomahous Str., Chalkida 34100, Greece
E-mail: [email protected]
Abstract The aim of this paper is to present the concept of InfoSec (Information
Security) as it is known internationally, analyzing critical aspects, based on both
theoretical knowledge of computer science, and practice - daily use and application of
including this term.
The presentation of the risks they face today all kinds of computers, networks and
information systems and the measures to be taken by users, network administrators
and security officers both in the environment of everyday life and the free market, and
in limited context of the Armed Forces, outlines its usefulness and how critical is the
InfoSec, for the operation and security of many applications with impact on a larger
scale in homeland security and national defense.
From the above, it is a logical consequence the need for better knowledge, wider
application and continuous monitoring of developments in the field of knowledge
InfoSec.
The systematic and integrated way of applying methods of protecting computers and
networks, through standardized procedures, describing its effectiveness and gives a
practical implementation of security conditions.
Hellenic Military Academy 93
Critical Approaching and Implementing some Direct
Sequence Spread Spectrum (DS/SS)
Dionysios P. Kalogeras, Hellenic Army.
(Phd (cand) in Telecommunications, MSc In Networking and Data
Communications, Dipl in Radioelectrology, BSc in Physics
Kanigos st 14 Pireas, GR-18534, Greece
E-mail: [email protected]
Keywords: frequency hoping, direct sequence, jammers
Abstract Spread spectrum techniques were originated in answer to the needs of
military communications. They are based on signaling schemes, which greatly expand
the transmitted spectrum relative to the data rate. Spread spectrum communication
systems have many applications, including interference rejection, multiple accessing,
multi- path suppression, low probability of intercept transmission, and accurate
ranging. Of all the potential applications, the ability of a spread spectrum system to
withstand interference, both intentional and unintentional, is probably its greatest
asset.
This paper discuses the DS/SS techniques as also presents some simulating results
using Matlab.
94 Hellenic Military Academy
Hellenic Military Academy 95
Communications Security
96 Hellenic Military Academy
Hellenic Military Academy 97
Optical Methods in Cryptography and Cryptanalysis
Nikolaos Ouzounoglou
School of Electrical and Computer Engineering,
National Technical University of Athens, 15780 Athens, Greece,
E-mail: [email protected]
Abstract Optical methods can be utilized in two different principles in Cryptography and
Cryptanalysis in practice:
(a) Utilize optical circuits as counterparts of electronic circuits to increase the
information processing speeds compared to traditional electronic digital circuits and
also make parallel implementation more efficient and easy.
(b) Utilize quantum properties of light waves and develop quantum properties to
develop cryptography and cryptanalysis optical circuits.
The difference between the two approaches relies on the fact that in the former case optical
waves are used as classical electromagnetic waves while in the latter case quantum
electrodynamics principles are utilized.
Comparison of the two approaches leads to conclusion related to practical use of the two
approaches and their limitation in terms of presently available technologies.
98 Hellenic Military Academy
On the Resilience and Uniqueness of CPA for Secure
Broadcast
Chris Litsas 1, Aris Pagourtzis 2, Giorgos Panagiotakos 3 and Dimitris Sakavalas 4
School of Electrical and Computer Engineering,
National Technical University of Athens, 15780 Athens, Greece,
E-mail: [email protected] 1, [email protected] 2,
[email protected] 3, [email protected] 4
Abstract A fundamental problem in distributed networks is Secure Broadcast, in which
the goal is to distribute a message correctly despite the presence of Byzantine faults.
That is, an adversary may control several nodes and be able to make them deviate from
the protocol arbitrarily by blocking, rerouting, or even altering a message that they
should normally relay intact to specific nodes. In general, agreement problems have
been primarily studied under the threshold adversary model, where a fixed upper
bound t is set for the number of corrupted players and broadcast can be achieved if and
only if t<n=3, where n is the total number of players. The Broadcast problem has been
extensively studied in complete networks under the threshold adversary model mainly
in the period from 1982, when it was introduced by Lamport, Shostak and Pease ([8]),
to 1998, when Garay and Moses ([4]) presented the first fully polynomial Broadcast
protocol optimal in resilience and round complexity.
The case of a threshold adversary in incomplete networks has been studied to a much
lesser extent ([1-3, 7]), mostly through protocols for Secure Message Transmission
which, combined with a Broadcast protocol for complete networks, yield Broadcast
protocols for incomplete networks. Naturally, connectivity constraints are required to
hold in addition to the bound. Namely, at most corruptions can be
tolerated, where is network connectivity, and this bound is tight ([1]).
In the case of an honest dealer, particularly useful in wireless networks, the
impossibility threshold of does not hold; for example, in complete networks the
problem becomes trivial. However, in incomplete networks the situation is different. A
small number of traitors (corrupted players) may manage to block the entire protocol if
they control a critical part of the network, e.g. if they form a separator of the graph. It
therefore makes sense to define criteria depending on the structure on the graph
(graph parameters), in order to bound the number or restrict the distribution of
traitors that can be tolerated.
An approach in this direction is to consider topological restrictions on the adversary's
corruption capacity. The importance of local restrictions comes, among others, from
the fact that they may be used to derive local criteria which the players can employ in
Hellenic Military Academy 99
order to achieve Broadcast in ad hoc networks. Such an example is the locally
bounded adversary model, introduced in [6], in which at most corruptions are
allowed in the neighborhood of every node.
1. Related Work
Koo ([6]) proposed a simple, yet powerful protocol for the locally bounded model,
the Certified Propagation Algorithm (CPA), and applied it to networks of specific
topology. In 2005 Pelc and Peleg considered the locally bounded model in generic
graphs and provided upper and lower bounds on the number of corrupted players
that can be locally tolerated in order to achieve Broadcast in terms of an appropriate
graph parameters ([9]). They left the deduction of tighter bounds as an open problem.
To this end, Ichimura and Shigeno proposed an efficiently computable graph
parameter which implies a tighter, but not exact, characterization of the class of graphs
on which CPA achieves Broadcast ([5]). It has remained open since 2005 to derive a
tight parameter revealing the exact number of traitors that can be locally tolerated by
CPA in a graph G with dealer . Here we provide a necessary and sufficient condition
in terms of a new graph parameter as explained below. Our approach allows to provide
an affirmative answer to the open problem of CPA Uniqueness ([9]).
2. Our results
In this paper we study the behavior of CPA in generic (incomplete) networks, with an
honest dealer. As we will see, this case essentially captures the difficulty of the general
problem, where even the dealer may be corrupted. Our first contribution is the exact
determination of the maximum number of corrupted players that can be
locally tolerated by CPA, for any graph and dealer . We do this by developing three
graph parameters:
is determined via an appropriate level-ordering of the nodes of the
graph. We show that is a sufficient condition for CPA to be t-
locally resilient and that ) is a necessary condition, implying that
. We prove that our parameter coincides
with the parameter of [5]. We further propose an efficient algorithm for
computing which is faster than the algorithm for computing
proposed in [5]. Note that this immediately gives an asymptotic 2-
approximation for ; we provide an example that shows that the ratio of this
algorithm is tight.
, depending also on a value , is a parameter that immediately reveals
whether CPA is locally resilient for graph and dealer D, by simply checking
whether . Therefore, via this parameter, we provide a
necessary and sufficient condition for CPA to be locally resilient. Such a
condition was not known until very recently, when a necessary and sufficient
condition was independently given in [10]. However, the way in which the
100 Hellenic Military Academy
condition of [10] is defined implies a super exponential time algorithm to check
it (actually no algorithm is given in [10]). On the other hand, we will see that
even a naïve algorithm to compute would need single exponential
time.
, gives the maximum number of
corrupted players that CPA can tolerate in every node's neighborhood, hence
exactly determining .
In addition, using the parameter we prove that CPA is unique among the
locally safe ad hoc broadcast algorithms. That is, if a t-locally safe ad hoc broadcast
algorithm is resilient for a graph with dealer , then CPA is also resilient for ,
. Thus we provide and affirmative answer to the open problem of CPA Uniqueness
posed in [9].
Since the existence of a t-locally resilient Broadcast algorithm in a graph with dealer
obviously depends on the topology of , for a given local number of corruptions we
may define and compare the classes of graphs (with a designated dealer-node)
determined by the properties and topological conditions that have appeared in the
literature so far, including the ones defined in our work. An overview of the
corresponding classes and their relation is depicted in Figure 1.
Fig. 1. Overview of conditions related to the existence of t-locally resilient algorithms.
Parameters and are defined in [9] and is from [5].
Continuous lines show strict inclusions.
3. Applications
As distributed computing becomes more popular and widely used in contemporary
networking, the need for strong theoretical support for reliable communication
between parts of the network increases. In certain applications fault-tolerance and
Hellenic Military Academy 101
security become a crucial issue. For example, for a distributed system that handles the
communication of an army in a battlefield faulty transmissions and malicious
interference have to be eliminated. Moreover, numerous mission-critical applications
which are typically performed in a distributed environment, such as flight control
systems and control systems in nuclear power plants, require the existence of systems
which can cope with failures of some devices. The importance of the the problem
studied in this work lies in the fact that Broadcast is a basic communication primitive
which can be used to compose more complex procedures that require communication
in an unreliable distributed environment.
102 Hellenic Military Academy
Analysis and Measurements of DNS Amplification Attacks
Dimitrius P. Iracleous 1, Nicolas Doukas 2 and K. Bourro 3
1 Department of Mathematics and Engineering Sciences, Hellenic Military Academy,
Vari, GR-16673, Greece
and
University of Herthfordshire
E-mail: [email protected]
2 Department of Mathematics and Engineering Sciences, Hellenic Military Academy,
Vari, GR-16673, Greece
E-mail: [email protected]
3University of Herthfordshire
Abstract A DoS attack is a malicious attempt by a single person or a group of people to
cause the victim, site, or node to deny service to its customers. Distributed denial of
service attack (DDoS attack) is an extended form this attack (DoS) and can be
implemented in many ways. A popular form of DDoS takes advantage of Domain Name
Server (DNS) to amplify an attack and can be initialized by one or multiple computers
to a specific target.
The main mechanism used is simple and it consists of a DNS query of a type called
'ANY' by sending a DNS name lookup request to an open DNS server with the source
address spoofed to be the target’s address.
Should this query be sent to an authoritative or non-authoritative DNS server, this
returns all known information about a DNS zone in a single. As anyone can see the size
of the response is much larger than the request. In order to deal with it and to be able
to increase to a huge amount of traffic attackers can benefit botnets for creating a large
number of spoofed DNS queries or even a mis-configured Domain Name System (DNS)
server which could be exploited to participate in a distributed denial of service (DDoS)
attack. Therefore, a lot of malicious hosts coordinate to flood the victim from multiple
points.
A strong example of a DDOS -not a DNS amplification attack- is the one that
happened last September (year 2013) to a web site that wants to remain anonymous but
happens to be protected by cloud security vendor Incapsula who managed to cope with
the attack.
It was a massive nine-hour barrage attack that leveled an unrelenting 100 Gigabits
of traffic at its peak, where leveraged raw bandwidth was under the control of the
attacker and was not a DNS reflection or amplification attack. The most outstanding
Hellenic Military Academy 103
thing about this attack is that it did not use any amplification, which means that they
had 100 Gigabits of available bandwidth on their own and that type of bandwidth is not
cheap or readily available. In addition now with an amplification attack and to be
certain the CloudFlare (300 Gbps data traffic) we can see though these two types of
attacks exploits to become very noticeable lack of proper configuration and
customization from DNS Servers (DNS Open Recursor problem- ANY) in substance
amplification may approved stronger attacks because their target is not only one server
or one web-site and its network traffic but the network traffic in internet as well.
In this work a theoretical analysis of the problem is given, as well as the basic
mitigation approaches. Also two real servers are attacked and the results are measured
and evaluated. The results will be provided to an Intrusion Detection System (IDS) to
properly detect similar malicious activities
References
[1] T. Deshpande, P. Katsaros, S. Basagiannis & S.A. Smolka: Formal analysis of the DNS
bandwidth amplification attack and its countermeasures using probabilistic model
checking, in High-Assurance Systems Engineering (HASE), 2011 IEEE 13th
International Symposium, November 2011, pp. 360-367.
[2] G. Kambourakis, T. Moschos, D. Geneiatakis & S. Gritzalis: Detecting DNS
amplification attacks, in Critical Information Infrastructures Security, 2008, pp. 185-
196). Springer Berlin Heidelberg.
[3] F. Guo, J. Chen, & T.C. Chiueh: Spoof detection for preventing dos attacks against
dns servers, in Distributed Computing Systems, ICDCS 2006, 26th IEEE
International Conference, 2006, pp. 37-37.
[4] C. Sun, B. Liu, & L. Shi: Efficient and low-cost hardware defense against DNS
amplification attacks, in Global Telecommunications Conference, November 2008,
IEEE GLOBECOM 2008, pp. 1-5.
[5] G. Kambourakis, T. Moschos, D. Geneiatakis & S. Gritzalis: A fair solution to DNS
amplification attacks, in Digital Forensics and Incident Analysis, August 2007,
WDFIA 2007, Second International Workshop, pp. 38-47.
[6] G. Zhang, S. Ehlert, T. Magedanz, & D. Sisalem: Denial of service attack and
prevention on SIP VoIP infrastructures using DNS flooding, in Proceedings of the 1st
international conference on Principles, systems and applications of IP
telecommunications, July 2007, pp. 57-66. ACM.
104 Hellenic Military Academy
A Performance Engineering Study for Delay Tolerant
Networks
Christos Tselikis1, Athanasios Poulakidas2,
Charalampos Vangelatos3 and Aggelis Aggelis4
Hellenic Aerospace Industry S.A., Athens Head Office
Athens Tower, 2-4 Mesogion Ave., GR-115 27, Greece
E-mails: [email protected] 1, [email protected] 2,
Abstract This work overviews the usage of Delay Tolerant Networks (DTN) in military
scenarios where disrupted communications (due to long distances, movement, harsh
terrain or weather conditions) become prevalent. The DTN architecture (RFC 4838)
and the Bundle Protocol standard (RFC 5050) provide the specifications for DTN
implementations which can be suitably customized to overcome those hard conditions
and assist to establish and sustain end-to-end tactical communications. We focus on
three possible scenarios, namely a) bridging of mobile troops with DTN-aware UAV, b)
surveillance with DTN-aware UAV using direct communication between a Base Station
and the UAV and c) bridging of tactical data networks using DTN over satellite links.
For those scenarios we are particularly interested in developing high-performance,
DTN-enabled Linux-based router/gateway devices with embedded security capabilities.
We analyze the factors that can affect the DTN performance. In this respect, in
laboratory conditions we conduct performance measurements using different DTN
configurations of the DTNRG’s DTN2 Reference Implementation. The experimental
results are interpreted in order to optimize our developments in software and
hardware.
Hellenic Military Academy 105
Cryptosystems and Chaos
Theory
106 Hellenic Military Academy
Hellenic Military Academy 107
Image Encryption Scheme Based on Non-autonomous
Chaotic Systems
Christos K. Volos1, Ioannis M. Kyprianidis2
Ioannis Stouboulos3 and Viet-Thanh Pham4
1 Department of Mathematics and Engineering Sciences, Hellenic Military Academy
Vari, GR-16673, Greece
E-mail: [email protected]
2,3Physics Department, Aristotle University of Thessaloniki
Thessaloniki, GR-54124, Greece
E-mail: [email protected] 2, [email protected] 3
4School of Electronics and Telecommunications, Hanoi University of Technology
01 Dai Co Viet, Hanoi, Vietnam
E-mail: [email protected]
Abstract In recent years, confidentiality of information, and especially in military
operations, is an essential feature since the communications over open networks occur
more and more frequently. Also, digital image information has become very important
because of the vitality and visualization. So, reliable, fast and secure communication
systems must be implemented to transmit images or photographs in many
applications, such as photographs from military satellites, drawings of military
establishment, fingerprint images of authentication systems etc.
As it is known, digital images have some very characteristic features such as, bulk
data capacity, strong correlation among adjacent pixels, redundancy of data, being less
sensitive compared to the text data and existence of patterns and backgrounds.
Therefore, because of these features, traditional ciphers like AES, DES, IDEA and RSA,
are not suitable for real time image encryption as these ciphers require a large
computational time and high computing power. Nowadays, there are two major
approaches that are used to protect digital images from attackers. The first one is the
information hiding, such as digital watermarking of an image [1], while the second one
is the encryption, which includes conventional encryption techniques and others such
as chaotic encryption [2-3].
Furthermore, in the last decades, nonlinear systems and especially chaotic systems
have aroused tremendous interest because of their applications in several disciplines
including meteorology, physics, engineering, economics, biology, and philosophy [4].
Chaos theory studies the behavior of dynamical systems that are highly sensitive on
initial conditions, an effect which is popularly referred to as the “Butterfly Effect”. This
means, that small differences in initial conditions (such as those due to rounding errors
in numerical computation) yield widely diverging outcomes for such dynamical
108 Hellenic Military Academy
systems, rendering long-term prediction impossible in general. This happens even
though these systems are deterministic, meaning that their future behavior is fully
determined by their initial conditions, with no random elements involved. In other
words, the deterministic nature of these systems does not make them predictable.
Nowadays it is known, that cryptography and chaos have a structural relationship
due to their many similar properties [5]. As a result of this close relationship several
chaotic cryptosystems have been presented. One of the most interesting way through
which chaotic cryptosystems can be realized is via the implementation of Chaotic
Random Bit Generator (CRBG). Until now, the great majority of such generators are
based on autonomous nonlinear dynamical systems, in order to use the independence
of these systems to external sources. However, in the present work a novel CRBG,
which is based on a non-autonomous dynamical system, is examined. For ridding from
the system the influence of the external source and increasing the security of the
proposed generator, the Poincaré section for sampling the signal has been used.
So, the first step to design the proposed image encryption scheme, is to choose one
of the most well-known non-autonomous chaotic systems, the Duffing – van der Pol,
which is used in the CRBG. The produced bitstream is a result of the X-OR function in
the outputs of two threshold circuits that use two same variables (x) by the two Duffing
– van der Pol’s Poincaré maps. Next, this bit sequence is subjected to the de-skewing
technique to extract unbiased bits with no correlation and so to increase their
complexity, as it is confirmed by the statistical test suite, FIPS-140-2.
The values of the system’s parameters and initial conditions are the keys of the
proposed cryptographic scheme. The produced bits sequence is used to encrypt and
decrypt digital images. Statistical analysis by using histogram analysis, correlation of
two adjacent pixels, differential analysis and information entropy, confirmed the
robustness of the encryption process against various known statistical attacks.
References
[1] M. M. Yeung and S. Pankanti: Verification cryptosystems: issues and challenges, Journal of Electronic Imaging, 9(2000), pp. 468-476.
[2] L. Zhang, X. Liao and X. Wang: An image encryption approach based on chaotic maps, Chaos, Solitons & Fractals, 24(2005), pp.759-765.
[3] Ch. K. Volos, I. M. Kyprianidis and I. N. Stouboulos: Image encryption process based on chaotic synchronization phenomena, Signal Processing, 93(2013), 1328-1340.
[4] C. Grebogi and J. Yorke: The impact of chaos on science and society, United Nations University Press, 1997.
[5] G. Alvarez and S. Li: Some basic cryptographic requirements for chaos based cryptosystems, International Journal of Bifurcation and Chaos, 16(2006), pp.2129-2151.
Hellenic Military Academy 109
Secure Text Encryption Based on
Hardware Chaotic Noise Generator
Antonios S. Andreatos1 and Christos K. Volos2
1Division of Computer Engineering and Information Science
Hellenic Air Force Academy, Dekeleia Air Force Base
Dekeleia, Attica, TGA-1010, Greece
E-mail: [email protected]
2Department of Mathematics and Engineering Sciences,
Hellenic Military Academy
Vari, GR-16673, Greece
E-mail: [email protected]
Abstract In the last decades, the success of many military operations critically depends
on our ability to create confidential channels of communication. In more detail, at
military operations, generals require command and control systems to relay orders
down to the chain of command without the fear of enemy interception. So, in these
operations secrecy is essential for success. This secrecy is achieved with the use of
cryptography.
Especially, the textual information security can be satisfied with the direct
application of many well-established encryption schemes, such as Data Encryption
Scheme (DES), International Data Encryption Algorithm (IDEA) and Advanced
Encryption Scheme (AES) [1]. However, this field is constantly evolving, as a great
number of research groups’ work in this field in order to achieve encryption systems
with improved characteristics regarding their safety.
In addition, nonlinear systems and especially systems, which show chaotic behavior
have attracted the interest of the research community, due to the great number of
applications in various scientific fields, such as social sciences, ecology, electronic
circuits, lasers, chemical reactions, fluid dynamics, mechanical systems etc [2, 3].
Chaotic systems revealed that despite of the knowledge of their evolution rules and
initial conditions, their future seemed to be arbitrary and unpredictable.
Furthermore, due to the aforementioned characteristic, an interesting relationship
between chaos theory and cryptography has been developed in the last two decades.
This occurs because many properties of chaotic systems such as: sensitivity on initial
conditions or system’s parameters, ergodicity, deterministic dynamics and structural
complexity can be considered analogous to the diffusion with small change in plaintext
or secret key, confusion, deterministic pseudo-randomness and algorithmic complexity
properties of traditional cryptosystems [4]. As a result of this close relationship, several
chaos-based cryptosystems, which play important role especially in military operations
110 Hellenic Military Academy
because of the significant strategic advantage that these systems provide, have been put
forward since 1990.
Also, in the last decade, the security of many cryptographic systems is more and
more based on random number generators. These generators, that produce random
sequences of numbers, can be classified into three major types: True Random Number
Generators (TRNGs), Pseudo-Random Number Generators (PRNGs) and Hybrid
Random Number Generators (HRNGs) [5], depending on the source of randomness.
So, this work is devoted to a novel Chaotic Random Number Generator (CRNG)
based on two chaotic systems (Chua [5] and Suykens [6]) belonging to the well-known
double-scroll family. The values of the systems’ parameters and initial conditions are
the keys of the proposed cryptographic scheme. The produced “random” numbers
sequences are used to encrypt and decrypt texts, which is a very useful application,
especially in the case of military operations, as it was mentioned.
The proposed cryptosystem is realized by the Arduino, an open-source physical
computing platform based on a simple microcontroller board. The generated by the
proposed CRNG number sequences are subjected to statistical tests of randomness to
detect the specific characteristics expected of random number sequences. Finally, the
advantages of the specific technique and some thoughts for future work will be
discussed.
References
[1] J. Katz and Y. Lindell: Introduction to Modern Cryptography: Principles and Protocols, CRC Press, 2008.
[2] L. D. Kiel and E. W. Elliott: Chaos Theory in the Social Sciences: Foundations and Applications, Michigan University Press, 1997.
[3] S. Banerjee: Applications of Chaos and Nonlinear Dynamics in Engineering – Vol. 1, Springer, 2011.
[4] G. Alvarez and S. Li: Some basic cryptographic requirements for chaos based cryptosystems, Int. J. Bifurcat. Chaos, 16(2006), pp. 2129-2151.
[5] T. Shu: Uniform Random Numbers: Theory and Practice, Kluwer Academic Publishers, 1995.
[5] L. O. Chua: Chua’s circuit 10 year later, Int. J. Bifurcat. Chaos, 22(1994), pp. 279-305.
[6] J. A. K. Suykens and J. Vanderwalle: Genaration of n-Double Scrolls (n = 1, 2, 3, 4,…), IEEE Trans. Circuits Syst. I, 40(11) (1993), 861-867.
Hellenic Military Academy 111
Audio Steganography Telecom System Based on Hénon
Chaotic Map
Antonios S. Andreatos 1 and Apostolos P. Leros 1,2
1 Div. of Computer Engineering & Information Science
Hellenic Air Force Academy, Dekeleia Air Force Base
Dekeleia, Attica, TGA-1010, Greece
E-mails: [email protected] , [email protected]
2 Department of Automation, School of Technological Applications
Technological Educational Institute of Sterea Hellas,
GR-34400 Psachna, Evia, Greece
E-mail: [email protected]
Keywords: Stegosystem, Steganography, cryptography, cover audio signal, Hénon
map, chaotic map, Random Number Generator, simulation, Matlab.
Abstract This paper presents an audio steganography telecom system based on
Hénon's chaotic map. Cryptography and steganography techniques are employed.
Initially the plain text is encrypted using a symmetric cryptographic function based on
Henon's map, to produce the ciphertext; next, the ciphertext is randomly distributed
(hidden) in a cover audio signal, in a stochastic mode. A pseudo-random number
generator has been employed to achieve this feature. The resulting stego sound is
transmitted over the (insecure) channel.
At the receiver the ciphertext is firstly retrieved from the incoming stego signal; then,
the same Hénon map system is used to produce an identical chaotic signal, which is
subtracted from the ciphertext in order to produce the initial plain text (Figure 1).
Simulation results from Matlab will be presented (Figure 2). The whole system presents
interesting security features. The Hénon map is produced by the solution of two
coupled first-order differential equations:
Using the proposed system we can encrypt clear text messages (in ASCII). The
following example presents the encryption of a paragraph from Pericles' Funeral
Oration as recorded by Thucydides (II, 41):
Cleartext:
Rather, the admiration of the present and succeeding ages will be ours, since we have
not left our power without witness, but have shown it by mighty proofs; and far from
needing a Homer for our panegyrist, or other of his craft whose verses might charm for
112 Hellenic Military Academy
the moment only for the impression which they gave to melt at the touch of fact, we
have forced every sea and land to be the highway of our daring, and everywhere,
whether for evil or for good, have left imperishable monuments behind us.
Ciphertext:
Pcsejf2"yjb&Ydrkrauhmq!rf
xl^#pwg{jpn!eka#qw^idh]lsc#emev#•gok#_d#lxtm,#thide"ye#j`xi!jlt#ofes(kwn"svzfv
#}eufpsx"zarldyv,#^wt hbrd#ybtsu#gz#cv(gg^irw!nympdr;#iqb#cbo&punr#pmbgjqh
^#Egohp#fr| nnt lesciwsjpv%#np#vqjht'ck!mcp#gv`bp#tiowj!somsgv
pnccq"fkgwr!dpr#sjh%pnpfns"jno•%dps"yhg#iivhjqxktl#upsda!the}#]_{b#wl#rkpx#]
x#|jb#qrzel"np#l`cw'$yj#n`•e#eopgc^$ezZuq sf`%ajb i`ke#|u
_d"rha(fmgpq^x#jb"o}u h[rlkl3&eo[#ariuxvlgp`-
#•ejqihw!eoo#cygm#lu#`os#arme."g_yh"qdbv#hkkgyhpha]oj$nluogkmut!cafgol!{o0
Figure 1 presents a simplified block diagram of the proposed crypto-stego-system.
Fig. 1 – Simplified block diagram of the proposed Stegosystem (draft)
Figure 2 presents an audio stego signal containing the above ciphertext.
Hellenic Military Academy 113
Fig. 2 – Stego signal
transmitted over the
insecure
channel
The
system
works
with
both
mono and stereo audio signals. In case of stereo audio signals, the ciphertext is
randomly spread in both channels with equal probability.
References
[1] M. A. Hénon: A Two-dimensional Mapping with a Strange Attractor, Commun.
Mathematical Physics 50 (1976), pp. 69-77.
[2] Chen Ching-Kun, Lin Chun-Liang and Chiu Yen-Ming: Data Encryption Using ECG
Signals with Chaotic Hénon Map, International Conference on Information Science
and Applications (ICISA), 21-23 April 2010.
[3] Hassan Al-Shameri Wadia Faid: Dynamical Properties of the Hénon Mapping, Int.
Journal of Math. Analysis, 49 (6) (2012), pp. 2419 - 2430.
[4] A.S. Andreatos and A. P. Leros: A StegoSystem with advanced security features –
Simulated in Matlab, in Proc. of PCI 2012, 16th Panhellenic Conference on
Informatics. October 5- 7, 2012, University of Piraeus, Greece.
[5] T. Morkel, J.H.P. Eloff and M.S. Olivier: An overview of Image Steganography, in
Proc. Fifth Annual Information Security South Africa Conference (ISSA2005),
Sandton, South Africa, June/July 2005.
[6] Dr E. Walia and P. Jain: An analysis of LSB & DCT based Steganography, Global
Journal of Computer Science and Technology, 10 (1) (2010), pp. 4-8.
114 Hellenic Military Academy
Hellenic Military Academy 115
Biometrics and Cryptography
116 Hellenic Military Academy
Hellenic Military Academy 117
Biometric Science and Applications
Dimitrios I. Antonoglou 1, Georgios I. Antonoglou 2,
Konstantinos Minasidis 3 and Alexandros I. Golfos 4
11 M.B.A., M.Sc., B.Sc. Health economist, Police Officer
Police Directorate of Thessaloniki
Cash Management Department
Nikomideias 17 - A. Ilioupoli
Thessaloniki, PC 56431
E-mail: [email protected]
2 MD, MSc Health Administration, Police Officer
Security Police Subdirectorate of Southeast Attica
Nikomideias 17 - A. Ilioupoli
Thessaloniki, PC 56431
E-mail: [email protected]
3 MSc, BSc Economist
Second Lieutenant of Economics
Central Fund Army of Chania
Camp " Stefanaki " - Vlites
Chania , PC 73,200
E-mail: [email protected]
4 MSc, BSc Economist
Second Lieutenant of Economics
Central Fund Army of Chania
Camp " Stefanaki " - Vlites
Chania , PC 73,200
E-mail: [email protected]
Abstract Security is one of the most important factors to ensure an entity, public or
private. The most common protection schemes are based on the use of codes and smart
cards. However, these traditional patterns are characterized by a weakness that make
them vulnerable and that’s why biometric technology is the most effective modern
solution.
The term biometric refers to the automated recognition of a person based on
physiological characteristics or behavior. A biometric system is essentially a pattern
recognition system, which verifies the identity by determining the authenticity of a
particular biological feature. This is an emerging authentication method, which in
recent years seems to be gaining ground over traditional methods that use passwords
or PINs, for two main reasons. The first is that the person does not need to bring with
118 Hellenic Military Academy
him a document or remember passwords. The second is a dramatically enhanced
security, due to the use of unique, human characteristics for recognition. It is no
coincidence therefore that the biometric technology is evolving rapidly and today finds
application in many diverse environments.
Biometrics is an advanced method for identifying a person's identity based on some
physical characteristics that are unique to each person, such as fingerprint, palm , iris
of the eye , etc. This method is utilized already in official documents of state services,
such as passports. Those subject to the control of physical characteristics, in order to
prove their identity, should do an action, for example touch their finger to a fingerprint
"reader" or look at an iris recognition device , which ensures to a large extent of their
identification. But this also creates certain psychological "nuisance". For the same
reason the biometric method that seems to be gaining ground and penetrates in many
applications is the face recognition. A combination of systems, based primarily in
cameras and computer programs, may proceed to identify an individual without having
to take some action. These systems scan through a camera the facial geometry that
consists of a number of parameters such as distance between the eyes , the size of the
mouth , face shape and many others. These elements combined together can create a
model, which is unique for each person. The method of recognizing the person may be
considered a more functional and user-friendly, but a much more complex and
technologically difficult, because analyzing a combination of characteristics of man.
Today, however, "smart" programs that analyze images of the face from the cameras
that can extract reliable conclusions to identify an individual are developed. Facial
recognition can be used in many applications, primary in controlling physical access to
different places, where only those people that are authorized can enter. Also , it is very
likely that in the future face recognition systems will be developed for security reasons,
which will control who is licensed or not to operate a computer or even who will be
able to drive a car or not . Meanwhile, face recognition with modern technological
methods can be exploited by security services to search suspects in public places, for
example in airports.
The purpose of this presentation is to introduce the reader to the concept of
biometrics, by identifying its strengths and weaknesses. This is achieved by recording
the workings of biometric systems, referring to the prevailing biometric technologies of
the market and the general area, investigating the various biometric applications,
recording the concerns about privacy issues, and finally covering safety issues
associated with the use of biometric technology.
Initially, there is a distinction of biometric systems in certification systems and
recognition systems, as well as in physical systems and logical access, and the
differences between them are developed. After this familiarization of the reader with
the purposes and methods of biometric, all the known biometric technologies are
developed, that exploit features of the physiology of the individual. Specifically, the
Hellenic Military Academy 119
scanning of finger, face, iris, hand, retinal, as well as the scanning AFIS, is examined in
separate sections. The issues that concern us are the components, how they work, the
dominant technologies, the applications, and the advantages and disadvantages of each
technology.
Depending on the role of the individual, applications are distinguished in civil,
administrative staff applications and commercial applications or customer applications.
Based on this classification, we move further and develop the main biometric
applications, the forensic identification, recognition society, surveillance, access to
computers and networks, physical access, electronic trade and commerce at the point
of sale. For each one of these applications typical uses, the technologies, vertical
markets, new trends, cost of development, and implementation issues are considered.
Finally, the Service of Greek Police, Division of Forensic Laboratories is presented,
which is dedicated to biometric methods in the area of security and in particular the
object, the powers, composition and working methods and methodology.
Throughout the spectrum of this paper, it is demonstrated that the biometric solution
is applied in many cases, and that it moves into the realm of scientific experiment.
Indeed, biometric security today solves problems, protects personal information, and is
a source of revenue for many companies. The challenge of course is to be able to be
spreaded more extensively and to conquer the market, maintaining the same level of
reliability and responsibility. Afterwards, all the conditions that must be met for the
dissemination and establishment are developed.
120 Hellenic Military Academy
RNA/DNA Encryption Method- Another Encryption Algorithm (YEAY)
Dionysios P. Kalogeras, Hellenic Army.
(Phd (cand) in Telecommunications, MSc In Networking and Data
Communications, Dipl in Radioelectrology, BSc in Physics
Kanigos st 14 Pireas, GR-18534, Greece
E-mail: [email protected]
Keywords: DNA encryption, encryption algorithm
Abstract The DNA cryptography is a new and very promising direction in
cryptography research. DNA can be used in cryptography for storing and transmitting
the information, as well as for computation. Although in its primitive stage, DNA
cryptography is shown to be very effective. Currently, several DNA computing
algorithms are proposed for quite some cryptography, cryptanalysis and steganography
problems, and they are very powerful in these areas. However, the use of the DNA as a
means of cryptography has high tech lab requirements and computational limitations,
as well as the labor intensive extrapolation means so far. These make the efficient use
of DNA cryptography difficult in the security world now. Therefore, more theoretical
analysis should be performed before its real applications.
The fundamental idea behind this encryption method is the exploitation of DNA
cryptographic strength and easy application. In this project, real DNA is used to
perform the cryptography process; The theoretical analysis and experiments show this
method to be efficient in computation, storage and transmission; and it is very
powerful against certain attacks. Thus, this method can be of many uses in
cryptography, such as an enhancement insecurity and speed to the other cryptography
methods. There are also extensions and variations to this method, which have
enhanced security, effectiveness and applicability.
A Matlab program is used on order to decide for the algorithm strength and web
services are proposed for application into this method.
Hellenic Military Academy 121
An Investigation of an Artificial Neural Network Method for
Personal Identification using Kinematic Parameters from
Specific Body Parts
Konstantinos Havenetidis 1, George P. Paradisis 2 ,
Irene S. Karanasiou 3, and George J. Tsekouras 3
1 Department of Physical and Cultural Education, Hellenic Military Academy,
Vari, GR-16673, Greece
E-mails: [email protected] , [email protected]
2 Department of Physical Education and Sports Science, National and Kapodistrian
University of Athens, 141 Ethnikis Antistasis Str.,
Dafni, GR- 172 37, Greece
E-mail: [email protected]
3Department of Mathematics & Engineering Sciences, Hellenic Army Academy,
Vari, GR-16673, Greece
E-mail: [email protected]
4Electric Circuits Laboratory, Electrical Engineering and Computer Engineering
Department, Hellenic Naval Academy, Terma Hatzikiriakou, Hatzikiriakio, Piraeus,
GR-18539, Greece
E-mail: [email protected]
Keywords: Artificial neural network, body motion, kinematic parameters, person
identification
Abstract A preliminary study [1] indicated that body motion analysis can be used as an
artificial neural network method for personal identification. However, lack of
additional data and statistical power prevented results’ generalization. AIM: The
present study investigated the use of additional kinematic data via a body motion
analysis system in order to accurately identify individuals throughout specific periods
of time.
1. Methodology
Sixteen males participated in a series of running trials interspersed with an eight-week
training period. Body motion analysis comprised data from video recordings during
running. After video analysis, various kinematic parameters related to motion of
specific body parts (trunk, hip, knee, calf) were compared in order to measure body
motion analysis’ recognition efficiency. These kinematic parameters were used as
122 Hellenic Military Academy
inputs for a classical artificial neural network (ANN), in order to recognize each
individual, whilst, the output represented the identity of the individual. The ANN’s is
optimized regarding the values of crucial parameters such as the number of neurons,
the time parameter and the initial value of the learning rate, etc. using the evaluation
set. Three identification indices were selected. The general identification index (Ig)
which expressed the % of the correct positive and correct negative identifications to the
total population. The false negative index (If-neg) which expressed the % of the
incorrect identifications of a non-authentic individual and the false positive index (If-
pos) which expressed the % of the incorrect identifications of an authentic individual.
2. Results
The statistics showed that even with the use of 15 additional kinematic parameters the
efficiency of the identification process was not improved. On the contrary, the present
average percentages of the Ig, If-neg and If-pos were lower compared to those obtained
in previous experiments (92.4% vs 98%, 73.3% vs 12.8% and 2.9% vs 1.1% respectively).
Further analysis showed that separately some kinematic parameters provided either
higher If-neg or If-pos values whilst others presented low values in both identification
indices.
3. Conclusions
It seems that the need for satisfying the biometric criterion of social acceptability have
led the investigators to use parameters derived from specific body parts which
diminished the video analysis efficiency and consequently person identification ability
of body motion analysis. Further studies should examine the combination of
distinguishable body motion parameters alongside with other forms of biometric
characteristics.
References
[1] K. Havenetidis, G.P. Paradisis, I.S. Karanasiou and G.J. Tsekouras: The use of body motion as a tool for personal identification, Journal of Computation & Modelling, 4(1) (2014), pp. 311-326.