Pascal Junod scite author profile

In this paper, we report on the performance of the SwissQuantum quantum key distribution (QKD) network. The network was installed in the Geneva metropolitan area and run for more than one and a half years, from the end of March 2009 to the beginning of January 2011. The main goal of this experiment was to test the reliability of the quantum layer over a long period of time in a production environment. A key management layer has been developed to manage the key between the three nodes of the network. This QKD-secure network was used by end-users through an application layer.PACS numbers: 03.67.Dd, 03.67.Hk, ‡ D Stucki and M Legré contributed equivalently to the writing of this paper.

show abstract

How Far Can We Go Beyond Linear Cryptanalysis?

Baignères

2004

View full text Add to dashboard Cite

Abstract. Several generalizations of linear cryptanalysis have been proposed in the past, as well as very similar attacks in a statistical point of view. In this paper, we define a rigorous general statistical framework which allows to interpret most of these attacks in a simple and unified way. Then, we explicitely construct optimal distinguishers, we evaluate their performance, and we prove that a block cipher immune to classical linear cryptanalysis possesses some resistance to a wide class of generalized versions, but not all. Finally, we derive tools which are necessary to set up more elaborate extensions of linear cryptanalysis, and to generalize the notions of bias, characteristic, and piling-up lemma.Keywords: Block ciphers, linear cryptanalysis, statistical cryptanalysis. A Decade of Linear CryptanalysisLinear cryptanalysis is a known-plaintext attack proposed in 1993 by Matsui [21,22] to break DES [26], exploiting specific correlations between the input and the output of a block cipher. Namely, the attack traces the statistical correlation between one bit of information about the plaintext and one bit of information about the ciphertext, both obtained linearly with respect to GF (2) L (where L is the block size of the cipher), by means of probabilistic linear expressions, a concept previously introduced by Tardy-Corfdir and Gilbert [30].Soon after, several attempts to generalize linear cryptanalysis are published: Kaliski and Robshaw [13] demonstrate how it is possible to combine several independent linear correlations depending on the same key bits. In [31], Vaudenay defines another kind of attack on DES, called χ 2 -attack, and shows that one can obtain an attack slightly less powerful than a linear cryptanalysis, but without the need to know precisely what happens in the block cipher. Harpes, Kramer, and Massey [7] replace the linear expressions with so-called I/O sums, i.e., balanced binary-valued functions; they prove the potential effectiveness of such a generalization by exhibiting a block cipher secure against conventional linear cryptanalysis but vulnerable to their generalization. Practical examples are the attack of Knudsen and Robshaw [15] against LOKI91 and the one of Shimoyama and Kaneko [28] against DES which both use non-linear approximations.In [8], Harpes and Massey generalize the results of [7] by considering partitions pairs of the input and output spaces. Let X = {X 1 , X 2 , . . . , X n } and P

show abstract

Obfuscator-LLVM -- Software Protection for the Masses

Junod

Rinaldini²,

Wehrli³

et al. 2015

192

112

View full text Add to dashboard Cite

Software security with respect to reverseengineering is a challenging discipline that has been researched for several years and which is still active. At the same time, this field is inherently practical, and thus of industrial relevance: indeed, protecting a piece of software against tampering, malicious modifications or reverse-engineering is a very difficult task. In this paper, we present and discuss a software obfuscation prototype tool based on the LLVM compilation suite. Our tool is built as different passes, where some of them have been open-sourced and are freely available, that work on the LLVM Intermediate Representation (IR) code. This approach brings several advantages, including the fact that it is language-agnostic and mostly independent of the target architecture. Our current prototype supports basic instruction substitutions, insertion of bogus control-flow constructs mixed with opaque predicates, control-flow flattening, procedures merging as well as a code tamper-proofing algorithm embedding code and data checksums directly in the control-flow flattening mechanism.

show abstract

A fast and versatile quantum key distribution system with hardware key distillation and wavelength multiplexing

et al. 2014

View full text Add to dashboard Cite

We present a compactly integrated, 625 MHz clocked coherent one-way quantum key distribution system which continuously distributes secret keys over an optical fibre link. To support high secret key rates, we implemented a fast hardware key distillation engine which allows for key distillation rates up to 4 Mbps in real time. The system employs wavelength multiplexing in order to run over only a single optical fibre. Using fast gated InGaAs single photon detectors, we reliably distribute secret keys with a rate above 21 kbps over 25 km of optical fibre. We optimized the system considering a security analysis that respects finite-keysize effects, authentication costs and system errors for a security parameter of ε QKD = 4 × 10 −9 .

show abstract

Characterization and Improvement of Time-Memory Trade-Off Based on Perfect Tables

Avoine

Junod

Oechslin³

2008

ACM Trans. Inf. Syst. Secur.

View full text Add to dashboard Cite

Cryptanalytic time-memory trade-offs have been studied for twenty five years and have benefited from several improvements since the original work of Hellman. The ensuing variants definitely improve the original trade-off but their real impact has never been evaluated in practice. We fill this lack by analyzing the perfect form of classic tables, distinguished point-based tables, and rainbow tables. We especially provide a thorough analysis of the latter variant, whose performances have never been formally calculated yet. Our analysis leads to the concept of a characteristic that enables to measure the intrinsic quality of a trade-off. We finally introduce a new technique based on checkpoints that still reduces the cryptanalysis time, by ruling out false alarms probabilistically. Our analysis yields the exact gain of this approach and establishes its efficiency when applied on rainbow tables.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Pascal Junod

Long-term performance of the SwissQuantum quantum key distribution network in a field environment

How Far Can We Go Beyond Linear Cryptanalysis?

Obfuscator-LLVM -- Software Protection for the Masses

A fast and versatile quantum key distribution system with hardware key distillation and wavelength multiplexing

Characterization and Improvement of Time-Memory Trade-Off Based on Perfect Tables

Contact Info

Product

Resources

About