Behrooz Khadem

Behrooz Khadem, Hamid Ghanbari, Amin Masoumi souteh

Today, Internet communication security has become more complex as technology becomes faster and more efficient, especially for resource-limited devices such as embedded devices, wireless sensors, and radio frequency identification (RFID) tags, and Internet of Things (IoT). Lightweight encryption algorithms provide security for these devices to protect data against intruders. But the limitation of using energy in lightweight block ciphers (LBCs) is one of the major challenges for ever-expanding IoT technologies. Also, these LBC are subject to Side-channel attacks, which are among the most cited threats to these ciphers. In this paper, a differential power attack (DPA) to the Midori64 block cipher is designed. According to the proposed method, an attack on the S-boxes of the first round is done to obtain half of the master key bits. Then, the S-boxes of the second round were attacked to obtain remaining the master key bits. The results confirmed that the key is ultimately obtained. With the low volume of computational complexity, we obtained the Midori block cipher key, which was considered secure, just by using 300 samples of the plaintext. Following the running of Midori64 on the AVR microcontroller of the Atmega32 model, the master key of Midori block cipher is discovered with 300 known texts. Furthermore, we obtained the master key with a smaller number of samples than the electromagnetic analysis attack.

Behrooz Khadem, Saeed Rajavzade

Background and Objectives: Substitution-box (s-box) is one of the essential components to create confusion and nonlinear properties in cryptography. To strengthening a cipher against various attacks, including side channel attacks, these boxes need to have numerous security properties. In this paper, a novel method to generate s-boxes is introduced aimed at improving the resistance of s-boxes against side channel attacks. Methods: In the preprocessing phase of this approach, a suitable initial s-box which has some basic security properties is generated by adopting a fast algorithm. Then, in the main stage, using the initial s-box, we generate new s-boxes which not only have the properties of the initial S-box but also have been significantly improved under another set of security properties. To do this, new s-boxes are generated using a genetic algorithm on a particular subset of the linear combination set of coordinate functions of the initial s-box in the preprocessing stage. Results: The performed experiments demonstrate that the values of all security properties of these new s-boxes, especially the measures of transparency order, signal-to-noise ratio, confusion coefficient, bijection property, fixed point, and opposite fixed points, have been substantially improved. For example, our experiments indicate that 70, 220, 2071, 43, and 406 s-boxes are found better than the initial s-box, respectively, in the dimensions of 4x4 through 8x8 Conclusion: In this article, a new s-box construction method is introduced in which the properties related to side channel attacks are improved, without reducing other security properties. Besides, some results obtained from generated s-boxes in the dimensions of 4x4 through 8x8 demonstrated that the generated s-boxes are not only improved relative to the initial s-box, but in some cases, considerably better than some well-known s-boxes.

Behrooz Khadem, Amin Masoumi, M. S. Farash

Wireless Body Sensor Network (WBSN) is a developing technology with constraints in energy consumption, coverage radius, communication reliability. Also, communications between nodes contain very sensitive personal information in which sometimes due to the presence of hostile environments, there are a wide range of security risks. As such, designing authenticated key agreement (AKA) protocols is an important challenge in these networks. Recently, Li et al. proposed a lightweight scheme using the hash and XOR functions which is much more efficient compared with similar schemes based on elliptic curve. However, the investigations revealed that the claim concerning the unlinkability between the sessions of a sensor node is NOT true. The present paper considers the security issues of the scheme proposed by Li et al. and some of its new extensions in order to propose a new AKA scheme with anonymity and unlinkability of the sensor node sessions. The results of theoretical analysis compared with similar schemes indicate that the proposed scheme reduces average energy consumption and average computation time by 61 percent while reduces the average communication cost by 41 percent. Further, it has been shown by formal and informal analysis that, Besides the two anonymity and unlinkability features, the other main features of the security in the proposed scheme are comparable and similar to the recent similar schemes.

Behrooz Khadem, Salar Mohebalizadeh

Network-connected unmanned aerial vehicle (UAV) communications is a common solution to achieve high-rate image transmission. The broadcast nature of these wireless networks makes this communication vulnerable to eavesdropping. This paper considers the problem of compressed secret image transmission between two nodes, in the presence of a passive eavesdropper. In this paper, we use auto encoder/decoder convolutional neural networks, which by using deep learning algorithms, allow us to compress/decompress images. Also we use network physical layer features to generate high rate artificial noise to secure the data. Using features of the channel with applying artificial noises, reduce the channel capacity of the unauthorized users and prevent eavesdropper from detecting received data. Our simulation experiments show that for received data with SNR fewer than 5 in the authorized node, the MSE is less than 0.05.

Behrooz Khadem, Reza Ghasemi

Nowadays computational complexity of fast walsh hadamard transform and nonlinearity for Boolean functions and large substitution boxes is a major challenge of modern cryptography research on strengthening encryption schemes against linear and differential attacks. Time and memory complexities of the best existing algorithm for computing fast walsh hadamard transform and non linearity for n x m substitution boxes (n >= 16;m >= 16) is O(2^(n+m)). This paper proposes three new acceleration methods that improve the computation time for parallelized walsh matrix up to 39 folds and the computation time for non linearity degree up to 563 folds, defining and accessing walsh matrix transpose, and incorporating an important part of computation process of non linearity in the computation algorithm of walsh matrix. The validity of the proposed algorithms is verified by means of simulation and experimentation and the overall analysis of resource consumption of proposed algorithms was compared with previous ones.

Behrooz Khadem, Reza Ahmadian

With the development of imaging methods in wireless communications, enhancing the security and efficiency of image transfer requires image compression and encryption schemes. In conventional methods, encryption and compression are two separate processes, therefore an adversary can organize his attack more simply but if these two processes are combined, the output uncertainty increases. As a result, adversaries face more difficulties, and schemes will be more secure. This paper introduces a number of the most important criteria for the efficiency and security evaluation of joint image encryption and compression (JIEC) schemes. These criteria were then employed to compare the schemes. The comparison results were analysed to propose suggestions and strategies for future research to develop secure and efficient JIEC schemes.

Behrooz Khadem, Siavosh Abedi, Isa Sa-adatyar

IEEE 802.1X is an international standard for Port-based Network Access Control which provides authentication for devices applicant of either local network or wireless local network. This standard defines the packing of EAP protocol on IEEE 802. In this standard, authentication protocols become a complementary part of network security. There is a variety in EAP family protocols, regarding their speed and security. One of the fastest of these protocols is EAP-MD5 which is the main subject of this paper. Moreover, in order to improve EAP-MD5 security, a series of attacks against it have been investigated. In this paper at first EAP-MD5 protocol is introduced briefly and a series of the dictionary attacks against it are described. Then, based on observed weaknesses, by proposing an appropriate idea while maintaining the speed of execution, its security against dictionary attack is improved.

Behrooz Khadem, Ali Madadi

Time, data and memory trade off attack is one of the most important threats against pseudo- random generators and resisting against it, is considered as a main criteria of designing such generators. In this research, the pseudo-random GMGK generator will be addressed and analyzed in details. Having indicated various weaknesses of this generator, we performed three different versions of structural attack on this generator and showed that proposed TMDTO attacks to this generator can discover blocks of plaintext with lower complexity than exhaustive search of space of key generator. Results indicated that the mentioned generator is lack of the security claimed by authors.

Amir Daneshgar, Behrooz Khadem

In this paper, a word based chaotic image encryption scheme for gray images is proposed, that can be used in both synchronous and self-synchronous modes. The encryption scheme operates in a finite field where we have also analyzed its performance according to numerical precision used in implementation. We show that the scheme not only passes a variety of security tests, but also it is verified that the proposed scheme operates faster than other existing schemes of the same type even when using lightweight short key sizes.