CRYPTOGRAPHY AND SECURITY IN COMPUTING Edited by Jaydip Sen Cryptography and Security in Computing Edited by Jaydip Sen Published by InTech Janeza Trdine 9, 51000 Rijeka, Croatia Copyright © 2012 InTech All chapters are Open Access distributed under the Creative Commons Attribution 3.0 license, which allows users to download, copy and build upon published articles even for commercial purposes, as long as the author and publisher are properly credited, which ensures maximum dissemination and a wider impact of our publications. After this work has been published by InTech, authors have the right to republish it, in whole or part, in any publication of which they are the author, and to make other personal use of the work. Any republication, referencing or personal use of the work must explicitly identify the original source. As for readers, this license allows users to download, copy and build upon published chapters even for commercial purposes, as long as the author and publisher are properly credited, which ensures maximum dissemination and a wider impact of our publications. Notice Statements and opinions expressed in the chapters are these of the individual contributors and not necessarily those of the editors or publisher. No responsibility is accepted for the accuracy of information contained in the published chapters. The publisher assumes no responsibility for any damage or injury to persons or property arising out of the use of any materials, instructions, methods or ideas contained in the book. Publishing Process Manager Mirna Cvijic Technical Editor Teodora Smiljanic Cover Designer InTech Design Team First published March, 2012 Printed in Croatia A free online edition of this book is available at www.intechopen.com Additional hard copies can be obtained from orders@intechweb.org Cryptography and Security in Computing, Edited by Jaydip Sen p. cm. 978-953-51-0179-6 Contents Preface IX Part 1 Theoretical and Fundamental Aspects of Cryptography 1 Chapter 1 Provably Secure Cryptographic Constructions 3 Sergey I. Nikolenko Chapter 2 Malicious Cryptology and Mathematics 23 Eric Filiol Chapter 3 Cryptographic Criteria on Vector Boolean Functions 51 José Antonio Álvarez-Cubero and Pedro J. Zufiria Chapter 4 Construction of Orthogonal Arrays of Index Unity Using Logarithm Tables for Galois Fields 71 Jose Torres-Jimenez, Himer Avila-George, Nelson Rangel-Valdez and Loreto Gonzalez-Hernandez Chapter 5 Elliptic Curve Cryptography and Point Counting Algorithms 91 Hailiza Kamarulhaili and Liew Khang Jie Chapter 6 Division and Inversion Over Finite Fields 117 Abdulah Abdulah Zadeh Part 2 Applications of Cryptographic Algorithms and Protocols 131 Chapter 7 Secure and Privacy-Preserving Data Aggregation Protocols for Wireless Sensor Networks 133 Jaydip Sen Chapter 8 Scan-Based Side-Channel Attack on the RSA Cryptosystem 165 Ryuta Nara, Masao Yanagisawa and Nozomu Togawa VI Contents Chapter 9 PGP Protocol and Its Applications 181 Hilal M. Yousif Al-Bayatti, Abdul Monem S. Rahma and Hala Bhjat Abdul Wahab Chapter 10 Comparative Analysis of Master-Key and Interpretative Key Management (IKM) Frameworks 203 Saman Shojae Chaeikar, Azizah Bt Abdul Manaf and Mazdak Zamani Chapter 11 Potential Applications of IPsec in Next Generation Networks 219 Cristina-Elena Vintilă Preface During the last three decades, public academic research in cryptography has exploded. While classical cryptography has been long used by ordinary people, computer cryptography was the exclusive domain of the world’s militaries since the World War II. Today, state-of the-art computer cryptography is practiced outside the secured walls of the military agencies. The laypersons can now employ security practices that can protect against the most powerful adversaries. Since we live in an era of connected world with convergence of computer and networks, the need of information security and assurance is more than it had ever has been before. With the advent of rapidly advancing and amazing technologies that enable instantaneous flow of information the purview of cryptography information security has also changed dramatically. The computer security as it was understood in the 1960s and even later was how to create in a computer system a group of access controls that would implement or emulate processes of the prior paper world, plus the associated issues of protecting such software against unauthorized changes, subversion and illicit use, and of embedding the entire system in a secure physical environment with appropriate management and operational doctrines and procedures. The poorly understood aspect of security, the risk that it might malfunction- or be penetrated- and subvert the proper behaviour of software. For the aspects of communications, personnel, and physical security, there were a plethora of rules, regulations, operating procedures and experience to cover them. It was largely a matter of merging all of it with the hardware/software aspects to yield an overall secure system and operating environment. However, the world has changed. We now live in an era of rapidly advancing and amazing communication and computing technologies that enable instantaneous flow of information – anytime, anywhere. Networking of computers is now a rule and not the exception. Many commercial transactions are now web-based and many commercial communities – the financial one in particular – have moved into a web posture. The net effect of all these transformation has been to expose the computer- based information system – its hardware, its software processes, its databases, its communication- to an environment over which no one – not the end user, not the network administrator or system owner, not even the government – has full control. What must, therefore, be done is to provide appropriate technical, procedural, X Preface operational and environmental safeguards against threats as they might appear or be imagined, embedded in an acceptable legal framework. With this rapid transformation of computing and communication world, information-system security has moved from a largely self-contained bounded environment interacting with a generally known and disciplined user community to one of worldwide scope with a body of users that may not be known and are not necessarily trusted. Importantly, security control now must deal with circumstances over which there is a largely no control or expectation of avoiding their impact. Computer security, as it has evolve, shares a similarity with liability assurance; they each face a threat environment that is known in a very general way and can face attacks over a broad spectrum of sources; however, the exact details or even time or certainty of an attack is unknown until an incident actually occurs. In this scenario of uncertainty and threats, cryptography will play a crucial role in developing new security solutions. New cryptographic algorithms, protocols and tools must follow up in order to adapt to the new communication and computing technologies. In addition to classical cryptographic algorithms, new approaches like chaos-based cryptography, DNA-based cryptography and quantum cryptography will be play important roles. The purpose of this book is to present some of the critical security challenges in today’s computing world and to discuss mechanisms for defending against those attacks by using classical and modern approaches of cryptography and other security solutions. With this objective, the book provides a collection of research work in the field of cryptography and its applications in network security by some experts in these areas. The book contains 11 chapters which are divided into two parts. The chapters in Part 1 of the book mostly deal with theoretical and fundamental aspects of cryptography. The chapters in Part 2, on the other hand, discuss various applications of cryptographic protocols and techniques in designing computing and network security solutions. The Part 1 of the book contains six chapters. In Chapter 1: Provably secure cryptographic constructions, Nikolenko presents a survey of some of the existing methods for proving security in cryptosystems and also discusses feebly secure cryptographic primitives. In Chapter 2: Malicious cryptology and mathematics, Filiol discusses existing research work on malicious cryptology, malware-based operational cryptanalysis and other key issues in the emerging field of malicious cryptographic algorithm designs. In Chapter 3: Cryptographic criteria on vector boolean functions, Álvarez-Cubero and Zufiria present cryptographic criteria like nonlinearity, linearity distance, balancedness, algebraic degree, correlation immunity, resiliency and propagation criterion for construction of Vector Boolean functions such as composition, addition or coordinate function etc. In Chapter 4: Construction of orthogonal arrays of index unity Using logarithm tables for Galois fields, Torres-Jimenez et al. present a discussion on orthogonal arrays and their . CRYPTOGRAPHY AND SECURITY IN COMPUTING Edited by Jaydip Sen Cryptography and Security in Computing Edited by Jaydip Sen Published by InTech Janeza Trdine 9,. critical security challenges in today’s computing world and to discuss mechanisms for defending against those attacks by using classical and modern approaches of cryptography and other security. secure system and operating environment. However, the world has changed. We now live in an era of rapidly advancing and amazing communication and computing technologies that enable instantaneous