results calculated using different magic trains or a train...
Transcript of results calculated using different magic trains or a train...
In this paper, we propose a framework for efficient and privacy-preserving outsourced calculation of
rational numbers, which we refer to as POCR. Using POCR, a user can securely outsource the storing
and processing of rational numbers to a cloud server without compromising the security of the
(original) data and the computed results. More specifically, we present a Paillier cryptosystem with
threshold decryption (PCTD), the core cryptographic primitive, to reduce the private key exposure risk
in POCR. We also present the toolkits required in the privacy preserving calculation of integers and
rational numbers to ensure that commonly used outsourced operations can be handled on-the-fly. We
then prove that the proposed POCR achieves the goal of secure integer and rational number calculation
without resulting in privacy leakage to unauthorized parties, as well as demonstrating the utility and
the efficiency of POCR using simulations.
ETPL
DSC -001 Efficient and Privacy-Preserving Outsourced Calculation of Rational
Numbers
Bandwidth measurement is important for many network applications and services, such as peer-to-peer
networks, video caching and anonymity services. To win a bandwidth-based competition for some
malicious purpose, adversarial Internet hosts may falsely announce a larger network bandwidth. Some
preliminary solutions have been proposed to this problem. They can either evade the bandwidth
inflation by a consensus view (i.e., opportunistic bandwidth measurements) or detect bandwidth frauds
via forgeable tricks (i.e., detection through bandwidth’s CDF symmetry). However, smart adversaries
can easily remove the forgeable tricks and report an equally larger bandwidth to avoid the consensus
analyses. To defend against the smart bandwidth inflation frauds, we design magic train, a new
measurement method which combines an unpredictable packet train with estimated round-trip time
(RTT) for detection. The inflation behaviors can be detected through highly contradictory bandwidth
results calculated using different magic trains or a train’s different segments, or large deviation between
the estimated RTT and the RTT reported by the train’s first packet. Being an uncooperative
measurement method, magic train can be easily deployed on the Internet. We have implemented the
magic train using RAW socket and LibPcap, and evaluated the implementation in a controlled testbed
and the Internet. The results have successfully confirmed magic train’s effectiveness in detecting and
preventing smart bandwidth inflation attacks.
ETPL
DSC - 002 Magic Train: Design of Measurement Methods against Bandwidth
Inflation Attacks
Delay tolerant networks (DTNs) are often encountered in military network environments where end-
to-end connectivity is not guaranteed due to frequent disconnection or delay. This work proposes a
provenance-based trust framework, namely PROVEST (PROVEnance-baSed Trust model) that aims
to achieve accurate peer-to-peer trust assessment and maximize the delivery of correct messages
received by destination nodes while minimizing message delay and communication cost under
resource-constrained network environments. Provenance refers to the history of ownership of a valued
object or information. We leverage the interdependency between trustworthiness of information source
and information itself in PROVEST. PROVEST takes a data-driven approach to reduce resource
consumption in the presence of selfish or malicious nodes while estimating a node’s trust dynamically
in response to changes in the environmental and node conditions. This work adopts a model-based
method to evaluate the performance of PROVEST (i.e., trust accuracy and routing performance) using
Stochastic Petri Nets. We conduct a comparative performance analysis of PROVEST against existing
trust-based and non-trust-based DTN routing protocols to analyze the benefits of PROVEST. We
validate PROVEST using a real dataset of DTN mobility traces.
ETPL
DSC -003 PROVEST: Provenance-based Trust Model for Delay Tolerant Networks
Off-The-Shelf (OTS) software components are the cornerstone of modern systems, including safety-
critical ones. However, the dependability of OTS components is uncertain due to the lack of source
code, design artifacts and test cases, since only their binary code is supplied. Fault injection in
components’ binary code is a solution to understand the risks posed by buggy OTS components. In this
paper, we consider the problem of the accurate mutation of binary code for fault injection purposes.
Fault injection emulates bugs in high-level programming constructs (assignments, expressions,
function calls, ...) by mutating their translation in binary code. However, the semantic gap between the
source code and its binary translation often leads to inaccurate mutations. We propose Faultprog, a
systematic approach for testing the accuracy of binary mutation tools. Faultprog automatically
generates synthetic programs using a stochastic grammar, and mutates both their binary code with the
tool under test, and their source code as reference for comparisons. Moreover, we present a case study
on a commercial binary mutation tool, where Faultprog was adopted to identify code patterns and
compiler optimizations that affect its mutation accuracy.
ETPL
DSC - 004 Faultprog: Testing the Accuracy of Binary-Level Software Fault
Injection
More and more users are attracted by P2P networks characterized by decentralization, autonomy and
anonymity. However, users’ unconstrained behavior makes it necessary to use a trust model when
establishing trust relationships between peers. Most existing trust models are based on
recommendations, which, however, suffer from the shortcomings of slow convergence and high
complexity of trust computations, as well as huge overhead of network traffic. Inspired by the
establishment of trust relationships in human society, a guarantee-based trust model, GeTrust, is
proposed for Chord-based P2P networks. A service peer needs to choose its guarantee peer(s) for the
service it is going to provide, and they are both required to pledge reputation mortgages for the service.
The request peer makes evaluations on all the candidates of service peer by referring their service
reputations and their guarantee peers’ reputations, and selects the one with highest evaluation to be its
service provider. In order to enhance GeTrust’s availability and prevent malicious behavior, we also
present incentive mechanism and anonymous reputation management strategy. Simulation results show
that GeTrust is effective and efficient in terms of improving successful transaction rate, resisting
complex attacks, reducing network overhead and lowering computational complexity.
ETPL
DSC -005 GeTrust: A guarantee-based trust model in Chord-based P2P networks
Information Centric Networking (ICN) is a new network architecture that aims to overcome the
weakness of existing IPbased networking architecture. Instead of establishing a connection between
the communicating hosts, ICN focuses on the content, i.e. data, transmitted in network. Content copies
in ICN can be cached at different locations. The content is out of its owner’s control once it is published.
Thus, enforcing access control policies on distributed content copies is crucial in ICN. Attribute-Based
Encryption (ABE) is a feasible approach to enforce such control mechanisms in this environment.
However, applying ABE in ICN faces two challenges: from management perspective, it is complicated
to manage attributes in distributed manners; from privacy protection perspective, unlike in traditional
networks, the enforced content access policies are public to all the ICN users. Thus, it is desirable that
unauthorized content viewers are not able to retrieve the access policy. To this end, a privacy-
preserving access control scheme for ICN and its corresponding attribute management solution are
presented in this paper. The proposed approach is compatible with existing flat name based ICN
architectures.
ETPL
DSC - 006 Attribute-based Access Control for ICN Naming Scheme
Although the dramatic increase in OSN usage, there are still a lot of security and privacy concerns. In
such a scenario, it would be very beneficial to have a mechanism able to assign a risk score to each
OSN user. In this paper, we propose a risk assessment based on the idea that the more a user behavior
diverges from what it can be considered as a ‘normal behavior’, the more it should be considered risky.
In doing this, we have takein into account that OSN population is really heterogeneous in observed
behaviors. As such, it is not possible to define a unique standard behavioral model that fits all OSN
users’ behaviors. However, we expect that similar people tend to follow the similar rules with the
results of similar behavioral models. For this reason, we propose a risk assessment organized into two
phases: similar users are first grouped together, then, for each identified group, we build one or more
models for normal behavior. The carried out experiments on a real Facebook dataset show that the
proposed model outperforms a simplified behavioral-based risk assessment where behavioral models
are built over the whole OSN population, without a group identification phase.
ETPL
DSC -007 Risk Assessment in Social Networks based on User Anomalous Behaviour
In many existing incentive-based mobile sensing applications, the sensing job owner runs an auction
with the mobile phone users to maximize its purchased sensing resource. We notice that both the mobile
phone users and the job owner could behave dishonestly to pursue their own interests. This motivates
us to design secure and dependable auction mechanisms that generate the correct, promising output
even when both of them could cheat. In particular, in this paper, we consider a general auction in which
a buyer, who acts as the auctioneer, purchases the resource under a limited budget from a group of
sellers who act as the bidders. Considering bidders' privacy and their limited computing capacity, we
construct our mechanisms by integrating the innovative game theoretical techniques, logic deductions,
and efficient cryptographic operations. Our mechanisms are not only proved to be strategy-proof
against dishonest bidders in the sense that they are incentivized to bid their private types truthfully, but
also enable all the bidders to efficiently verify the correctness of the auction's outcome, that is
computed by the auctioneer, without revealing their private types to each other. Meanwhile, our
mechanisms are proved to have the theoretical guarantee that the auctioneer/buyer's expected revenue
(i.e. the amount of service it acquires after the auction) is no less than a certain portion of the optimal
revenue that the auctioneer can acquire when it knows all the bidders' types at no cost. Our extensive
evaluations show that our mechanisms achieve good performance in terms of the revenue maximization
and their efficiency.
ETPL
DSC - 008 Designing Secure and Dependable Mobile Sensing Mechanisms with
Revenue Guarantees
In this paper we present a framework and a set of algorithms for determining faults in networks when
large scale outages occur. The design principles of our algorithm, netCSI, are motivated by the fact
that failures are geographically clustered in such cases. We address the challenge of determining faults
with incomplete symptom information due to a limited number of reporting nodes in the network.
netCSI consists of two parts: hypotheses generation algorithm, and ranking algorithm. When
constructing the hypotheses list of potential causes, we make novel use of the positive and negative
symptoms to improve the precision of the results. The ranking algorithm is based on conditional failure
probability models that account for the geographic correlation of the network objects in clustered
failures. We evaluate the performance of netCSI for networks with both random and realistic
topologies. We compare the performance of netCSI with an existing fault diagnosis algorithm, MAX-
COVERAGE, and achieve an average gain of 128% in accuracy for realistic topologies.
ETPL
DSC - 009 netCSI: A Generic Fault Diagnosis Algorithm for Large-Scale Failures in
Computer Networks
Secure QoS routing algorithms are a fundamental part of wireless networks that aim to provide services
with QoS and security guarantees. In vehicular ad hoc networks (VANETs), vehicles perform routing
functions, and at the same time act as end-systems thus routing control messages are transmitted
unprotected over wireless channels. The QoS of the entire network could be degraded by an attack on
the routing process, and manipulation of the routing control messages. In this paper, we propose a
novel secure and reliable multi-constrained QoS aware routing algorithm for VANETs. We employ
the ant colony optimisation (ACO) technique to compute feasible routes in VANETs subject to multiple
QoS constraints determined by the data traffic type. Moreover, we extend the VANET-oriented
evolving graph (VoEG) model to perform plausibility checks on the routing control messages
exchanged among vehicles. Simulation results show that the QoS can be guaranteed while applying
security mechanisms to ensure a reliable and robust routing service.
ETPL
DSC - 010 Secure and Robust Multi-Constrained QoS Aware Routing Algorithm for
VANETs
In recent years, wireless sensor networks have been widely used in healthcare applications, such as
hospital and home patient monitoring. Wireless medical sensor networks are more vulnerable to
eavesdropping, modification, impersonation and replaying attacks than the wired networks. A lot of
work has been done to secure wireless medical sensor networks. The existing solutions can protect the
patient data during transmission, but cannot stop the inside attack where the administrator of the patient
database reveals the sensitive patient data. In this paper, we propose a practical approach to prevent
the inside attack by using multiple data servers to store patient data. The main contribution of this paper
is securely distributing the patient data in multiple data servers and employing the Paillier and ElGamal
cryptosystems to perform statistic analysis on the patient data without compromising the patients'
privacy.
ETPL
DSC - 011 Privacy Protection for Wireless Medical Sensor Data
Credit and debit card data theft is one of the earliest forms of cybercrime. Still, it is one of the most
common nowadays. Attackers often aim at stealing such customer data by targeting the Point of Sale
(for short, PoS) system, i.e. the point at which a retailer first acquires customer data. Modern PoS
systems are powerful computers equipped with a card reader and running specialized software.
Increasingly often, user devices are leveraged as input to the PoS. In these scenarios, malware that can
steal card data as soon as they are read by the device has flourished. As such, in cases where customer
and vendor are persistently or intermittently disconnected from the network, no secure on-line payment
is possible. This paper describes FRoDO, a secure off-line micro-payment solution that is resilient to
PoS data breaches. Our solution improves over up to date approaches in terms of flexibility and
security. To the best of our knowledge, FRoDO is the first solution that can provide secure fully off-
line payments while being resilient to all currently known PoS breaches. In particular, we detail
FRoDO architecture, components, and protocols. Further, a thorough analysis of FRoDO functional
and security properties is provided, showing its effectiveness and viability.
ETPL
DSC - 012 FRoDO: Fraud Resilient Device for Off-Line Micro-Payments
A fundamental problem in the specification of regulatory privacy policies such as the Health Insurance
Portability and Accountability Act (HIPAA) in a computer system is to state the policies precisely,
consistent with their high-level intuition. In this paper, we propose UML sequence diagrams as a
practical means to graphically express privacy policies. A graphical representation allows decision-
makers such as application domain experts and security architects to easily verify and confirm the
expected behavior. Once intuitively confirmed, our work in this article introduces an algorithmic
approach to formalizing the semantics of sequence diagrams in terms of linear temporal logic (LTL)
templates. In all the templates, different semantic aspects are expressed as separate, yet simple LTL
formulas that can be composed to define the complex semantics of sequence diagrams. The
formalization enables us to leverage the analytical powers of automated decision procedures for LTL
formulas to determine if a collection of sequence diagrams is consistent, independent, etc. and also to
verify if a system design conforms to the privacy policies. We evaluate our approach by modeling and
analyzing a substantial subset of HIPAA rules using sequence diagrams.
ETPL
DSC - 013 Sequence Diagram Aided Privacy Policy Specification
A fundamental problem in the specification of regulatory privacy policies such as the Health Insurance
Portability and Accountability Act (HIPAA) in a computer system is to state the policies precisely,
consistent with their high-level intuition. In this paper, we propose UML sequence diagrams as a
practical means to graphically express privacy policies. A graphical representation allows decision-
makers such as application domain experts and security architects to easily verify and confirm the
expected behavior. Once intuitively confirmed, our work in this article introduces an algorithmic
approach to formalizing the semantics of sequence diagrams in terms of linear temporal logic (LTL)
templates. In all the templates, different semantic aspects are expressed as separate, yet simple LTL
formulas that can be composed to define the complex semantics of sequence diagrams. The
formalization enables us to leverage the analytical powers of automated decision procedures for LTL
formulas to determine if a collection of sequence diagrams is consistent, independent, etc. and also to
verify if a system design conforms to the privacy policies. We evaluate our approach by modeling and
analyzing a substantial subset of HIPAA rules using sequence diagrams.
ETPL
DSC - 014 Sequence Diagram Aided Privacy Policy Specification
Bandwidth measurement is important for many network applications and services, such as peer-to-peer
networks, video caching and anonymity services. To win a bandwidth-based competition for some
malicious purpose, adversarial Internet hosts may falsely announce a larger network bandwidth. Some
preliminary solutions have been proposed to this problem. They can either evade the bandwidth
inflation by a consensus view (i.e., opportunistic bandwidth measurements) or detect bandwidth frauds
via forgeable tricks (i.e., detection through bandwidth’s CDF symmetry). However, smart adversaries
can easily remove the forgeable tricks and report an equally larger bandwidth to avoid the consensus
analyses. To defend against the smart bandwidth inflation frauds, we design magic train, a new
measurement method which combines an unpredictable packet train with estimated round-trip time
(RTT) for detection. The inflation behaviors can be detected through highly contradictory bandwidth
results calculated using different magic trains or a train’s different segments, or large deviation between
the estimated RTT and the RTT reported by the train’s first packet. Being an uncooperative
measurement method, magic train can be easily deployed on the Internet. We have implemented the
magic train using RAW socket and LibPcap, and evaluated the implementation in a controlled testbed
and the Internet. The results have successfully confirmed magic train’s effectiveness in detecting and
preventing smart bandwidth inflation attacks.
ETPL
DSC - 015 Magic Train: Design of Measurement Methods against Bandwidth
Inflation Attacks
In vehicular ad-hoc network (VANET), the reliability of communication is associated with driving
safety. However, research shows that the safety-message transmission in VANET may be congested
under some urgent communication cases. More spectrum resource is an effective way to solve
transmission congestion. Hence, we introduce cognitive radio (CR) enabled VANET (CR-VANET),
where CR device can detect possible idle spectrum for VANET communications and assist to timely
broadcast safety-message. Given high-speed mobility of vehicles and dynamically-changing
availability of channels, a novel prediction algorithm is proposed to pick out the channel with the
greatest probability of availability, which can meet the quality of service (QoS) requirement of urgent
communications and effectively avoid conflict with licensed users. Specifically, the spatiotemporal
correlations among historical spectrum sensing data are exploited to form prior knowledge of channel
availability probability, and Bayesian inference is used to derive posterior probability of channel
availability. Comparing with other spectrum detection methods, the proposed algorithm has more than
8 percent detection performance improvement at false alarm probability 0.2, and thus can avoid access
conflict with licensed users dramatically. Furthermore, the proposed algorithm always has larger packet
reception probability (PRP) and lower transmission delay compared with conventional VANET
broadcasting. Hence, the proposed algorithm can improve reliability of safety-message transmission
and enhance driving safety significantly.
ETPL
DSC - 016 Historical Spectrum Sensing Data Mining for Cognitive Radio Enabled
Vehicular Ad-Hoc Networks
In vehicular networks, broadcast communications are critically important, as many safety-related
applications rely on single-hop beacon messages broadcast to neighbor vehicles. However, it becomes
a challenging problem to design a broadcast authentication scheme for secure vehicle-to-vehicle
communications. Especially when a large number of beacons arrive in a short time, vehicles are
vulnerable to computation-based Denial of Service (DoS) attacks that excessive signature verification
exhausts their computational resources. In this paper, we propose an efficient broadcast authentication
scheme called Prediction-Based Authentication (PBA) to not only defend against computation-based
DoS attacks, but also resist packet losses caused by high mobility of vehicles. In contrast to most
existing authentication schemes, our PBA is an efficient and lightweight scheme since it is primarily
built on symmetric cryptography. To further reduce the verification delay for some emergency
applications, PBA is designed to exploit the sender vehicle's ability to predict future beacons in
advance. In addition, to prevent memory-based DoS attacks, PBA only stores shortened re-keyed
Message Authentication Codes (MACs) of signatures without decreasing security. We analyze the
security of our scheme and simulate PBA under varying vehicular network scenarios. The results
demonstrate that PBA fast verifies almost 99 percent messages with low storage cost not only in high-
density traffic environments but also in lossy wireless environments.
ETPL
DSC - 017 PBA: Prediction-Based Authentication for Vehicle-to-Vehicle
Communications
Vehicular social network (VSN) is envisioned to serve as an essential data sensing, exchanging and
processing platform for the future Intelligent Transportation Systems. In this paper, we aim to address
the location privacy issue in VSNs. In traditional pseudonym-based solutions, the privacy-preserving
strength is mainly dependent on the number of vehicles meeting at the same occasion. We notice that
an individual vehicle actually has many chances to meet several other vehicles. In most meeting
occasions, there are only few vehicles appearing concurrently. Motivated by these observations, we
propose a new privacy-preserving scheme, called MixGroup, which is capable of efficiently exploiting
the sparse meeting opportunities for pseudonym changing. By integrating the group signature
mechanism, MixGroup constructs extended pseudonym-changing regions, in which vehicles are
allowed to successively exchange their pseudonyms. As a consequence, for the tracking adversary, the
uncertainty of pseudonym mixture is accumulatively enlarged, and therefore location privacy
preservation is considerably improved. We carry out simulations to verify the performance of
MixGroup. Results indicate that MixGroup significantly outperforms the existing schemes. In addition,
MixGroup is able to achieve favorable performance even in low traffic conditions.
ETPL
DSC - 018 MixGroup: Accumulative Pseudonym Exchanging for Location Privacy
Enhancement in Vehicular Social Networks
Cooperation between vehicles facilitates traffic management, road safety and infotainment
applications. Cooperation, however, requires trust in the validity of the received information. In this
paper, we tackle the challenge of securely exchanging parking spot availability information. Trust is
crucial in order to support the decision of whether the querying vehicle should rely on the received
information about free parking spots close to its destination and thus ignore other potentially free spots
on the way. Therefore, we propose Parking Communities, which provide a distributed and dynamic
means to establish trusted groups of vehicles helping each other to securely find parking in their
respective community area. Our approach is based on high-performance state-of-the-art encryption and
signature algorithms as well as a well-understood mathematical trust rating model. This approach
allows end-to-end encrypted request-response communications in combination with geocast and can
be used as an overlay to existing vehicular networking technologies. We provide a comprehensive
comparison with other security architectures and simulation results showing the feasibility of our
approach.
ETPL
DSC - 019 Trustworthy Parking Communities: Helping Your Neighbor to Find a
Space
More and more users are attracted by P2P networks characterized by decentralization, autonomy and
anonymity. However, users’ unconstrained behavior makes it necessary to use a trust model when
establishing trust relationships between peers. Most existing trust models are based on
recommendations, which, however, suffer from the shortcomings of slow convergence and high
complexity of trust computations, as well as huge overhead of network traffic. Inspired by the
establishment of trust relationships in human society, a guarantee-based trust model, GeTrust, is
proposed for Chord-based P2P networks. A service peer needs to choose its guarantee peer(s) for the
service it is going to provide, and they are both required to pledge reputation mortgages for the service.
The request peer makes evaluations on all the candidates of service peer by referring their service
reputations and their guarantee peers’ reputations, and selects the one with highest evaluation to be its
service provider. In order to enhance GeTrust’s availability and prevent malicious behavior, we also
present incentive mechanism and anonymous reputation management strategy. Simulation results show
that GeTrust is effective and efficient in terms of improving successful transaction rate, resisting
complex attacks, reducing network overhead and lowering computational complexity.
ETPL
DSC - 020 GeTrust: A guarantee-based trust model in Chord-based P2P networks
In this paper, we study a group key agreement problem where a user is only aware of his neighbors
while the connectivity graph is arbitrary. In our problem, there is no centralized initialization for users.
A group key agreement with these features is very suitable for social networks. Under our setting, we
construct two efficient protocols with passive security. We obtain lower bounds on the round
complexity for this type of protocol, which demonstrates that our constructions are round efficient.
Finally, we construct an actively secure protocol from a passively secure one.
ETPL
DSC - 022 Group Key Agreement with Local Connectivity
Cloud services are prominent within the private, public and commercial domains. Many of these
services are expected to be always on and have a critical nature; therefore, security and resilience are
increasingly important aspects. In order to remain resilient, a cloud needs to possess the ability to react
not only to known threats, but also to new challenges that target cloud infrastructures. In this paper we
introduce and discuss an online cloud anomaly detection approach, comprising dedicated detection
components of our cloud resilience architecture. More specifically, we exhibit the applicability of
novelty detection under the one-class support Vector Machine (SVM) formulation at the hypervisor
level, through the utilisation of features gathered at the system and network levels of a cloud node. We
demonstrate that our scheme can reach a high detection accuracy of over $90$ percent whilst detecting
various types of malware and DoS attacks. Furthermore, we evaluate the merits of considering not only
system-level data, but also network-level data depending on the attack type. Finally, the paper shows
that our approach to detection using dedicated monitoring components per VM is particularly
applicable to cloud scenarios and leads to a flexible detection system capable of detecting new malware
strains with no prior knowledge of their functionality or their underlying instructions.
ETPL
DSC - 021 Malware Detection in Cloud Computing Infrastructures
In this article, the authors analyze the security and dependability challenges for developing dependable
and secure Cloud applications. They also provide an overview of their research and development that
aims to ameliorate some of the obstacles.
ETPL
DSC - 023 Developing Dependable and Secure Cloud Applications
Although the dramatic increase in OSN usage, there are still a lot of security and privacy concerns. In
such a scenario, it would be very beneficial to have a mechanism able to assign a risk score to each
OSN user. In this paper, we propose a risk assessment based on the idea that the more a user behavior
diverges from what it can be considered as a ‘normal behavior’, the more it should be considered risky.
In doing this, we have takein into account that OSN population is really heterogeneous in observed
behaviors. As such, it is not possible to define a unique standard behavioral model that fits all OSN
users’ behaviors. However, we expect that similar people tend to follow the similar rules with the
results of similar behavioral models. For this reason, we propose a risk assessment organized into two
phases: similar users are first grouped together, then, for each identified group, we build one or more
models for normal behavior. The carried out experiments on a real Facebook dataset show that the
proposed model outperforms a simplified behavioral-based risk assessment where behavioral models
are built over the whole OSN population, without a group identification phase.
ETPL
DSC - 024 Risk Assessment in Social Networks based on User Anomalous
Behaviour
With the advancement and deployment of leading-edge telecommunication technologies for sensing
and collecting traffic related information, the vehicular ad-hoc networks (VANETs) have emerged as
a new application scenario that is envisioned to revolutionize the human driving experiences and traffic
flow control systems. To avoid any possible malicious attack and resource abuse, employing
lightweight cryptosystems is widely recognized as one of the most effective approaches for the
VANETs to achieve confidentiality, integrity and authentication. As a typical substitution-permutation
network lightweight cryptosystem, LED supports 64-bit and 128-bit secret keys, which are flexible to
provide security for the RFID and other highly-constrained devices in the VANETs. Since its
introduction, some research of fault analysis has been devoted to attacking the last three rounds of
LED. It is an open problem to know whether provoking faults at a former round of LED allows
recovering the secret key. In this paper, we give an answer to this problem by showing a novel
impossible differential fault analysis on one round earlier of all LED keysize variants. Mathematical
analysis and simulating experiments show that the attack could recover the 64-bit and 128-bit secret
keys of LED by introducing 48 faults and 96 faults in average, respectively. The result in this study
describes that LED is vulnerable to a half byte impossible differential fault analysis. It will be beneficial
to the analysis of the same type of other iterated lightweight cryptosystems in the VANETs.
ETPL
DSC - 025 Impossible Differential Fault Analysis on the LED Lightweight
Cryptosystem in the Vehicular Ad-Hoc Networks