Evaluating the Security Level of a Cryptosystem based on Chaos

Evaluating the Security Level of a Cryptosystem based on Chaos

Jesus D. Terrazas Gonzalez (University of Manitoba, Canada) and Witold Kinsner (University of Manitoba, Canada)
DOI: 10.4018/jssci.2012070105
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

This paper presents tests specially-designed for a cryptosystem based on chaotic continuous cellular automata (CCA). The degree of the cryptosystem security is assessed by evaluating its (i) stationarity, (ii) spectral fractal dimension, and (iii) surrogate data. These tools are verified with known signals before applying them to test the cryptosystem. This paper introduces (i) a robust method to determine the minimum stationary window in a given time series, and (ii) a technique to conceal a chaotic attractor based on surrogate data. These new ideas are relevant because the stationarity of a signal can be determined rapidly, and the chaotic attractor concealment enhances the cryptosystem to increase its security degree.
Article Preview

1. Introduction

Cryptographic applications are of extreme importance to protect data in various communications systems in our modern society. Cryptographic advances provide digital communications with protection of different strengths in isolated or collaborative networks. These applications range from the Data Encryption Standard (DES) developed by IBM in the ‘70s (National Bureau of Standards, 1977), also known as the turning point of modern cryptography, to some of the latest cryptographic developments in quantum cryptography (Dayball, 2012; Kurochkin, 2011) and chaos-based cryptography (Terrazas-Gonzalez & Kinsner, 2012a).

Secure cryptosystems are necessary not only for highly specialized industries or governments, but also for common computer users. Cryptosystems provide varying degrees of security. Cryptosystems designers and researchers try to obtain products with the highest security possible. However, it is important to note that canonically secure systems do not exist. A computational system could suffer threats by its mere existence. Nevertheless, cryptosystems provide the basic defense shields for data confidentiality, integrity, and availability (CIA) in insecure environments (Pfleeger & Pfleeger, 2011). These defenses secure data either in storage or in transit. Cryptographic protections can be expensive in terms of configuration, storage space, bandwidth, and processing time. The design of infrastructure nodes may be impacted as well (i.e., packets may take a different processing path) (Murphy et al., 2011). Nevertheless, every digital protection that we can think of requires cryptography at some point, and the benefits of having authentication, privacy, integrity, and confidentiality is worth the trade.

Vulnerabilities currently present in different parts of the world are mainly exploited through the vast known and unknown threats that are posed in the Internet on a daily basis. These vulnerabilities can affect massive networked control systems (NCS). With this in mind, it is critical that information remains secure and that it could be protected against hacking or any form of exploitation leading to its misuse in different industries (e.g., telemedicine, national defense, or search and rescue) and infrastructures (e.g., water, electrical, oil, nuclear, gas, and chemical plants) (Zhong-Hua & Guoping, 2010).

Industrial spies can access remotely confidential information or production commands from key instruments and equipment. Malicious hackers intercept, tamper, forge, and retransmit data information and production commands transmitted over networks (Zhong-Hua & Guoping, 2010). Disruption of any of the infrastructures of NCS could cause poor product quality, production loss, environmental damage, and endanger public safety and health (Zhong-Hua & Guoping, 2010).

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 9: 4 Issues (2017): 3 Released, 1 Forthcoming
Volume 8: 4 Issues (2016)
Volume 7: 4 Issues (2015)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing