Open Access
submit Opinions CrossRef Open Access Subscribe New Journal Ideal

Click on image to enlarge

Indexed in Scopus

Journal of Cyber Security and Mobility

Ashutosh Dutta, Johns Hopkins University, USA
Ruby Lee, Princeton University, USA
Neeli R. Prasad, International Technological University, San Jose, USA
Wojciech Mazurczyk, Warsaw University of Technology, Poland

Associate Editor:
Debdeep Mukhopadhyay, Indian Institute of Technology Kharagpur, India

ISSN: 2245-1439 (Print Version),

ISSN: 2245-4578 (Online Version)
Vol: 5   Issue: 4

Published In:   October 2016

Publication Frequency: Quarterly

Search Available Volume and Issue for Journal of Cyber Security and Mobility

Journal Description        Read Full Articles        Editorial Board        Subscription        Indexed       Opinions

Modifying LFSR of ZUC to Reduce Time for Key-Stream Generation

doi: 10.13052/jcsm2245-1439.541
Raja Muthalagu1 and Subeen Jain2

1Assistant Professor, Department of Electrical and Electronics Engineering, BITS, Pilani, Dubai campus, Dubai, UAE
2Student, Department of Electronics and Communication Engineering, BITS, Pilani, Dubai campus, Dubai, UAE

Abstract: [+]    |    Download File [ 1141KB ]    |   Read Article Online

Abstract: ZUC is stream-cipher which generates 32-bit key-stream by using 128-bit initial key and 123-bit initial vector. It encrypts the plaintext data to produce cipher-text data. The 128-EEA3 encryption and 128-EIA3 authentication algorithms are based on ZUC which are specified for use in 3GPP cellular communications systems. The algorithm is divided in three stages: LFSR (Linear Feedback Shift Register), Bit Reorganization (BR) and, Non-Linear Function. In this paper, we are going to discuss about our modifications proposed for LFSR along with small change in operation of Non-linear Function which can reduce time for generating key-stream. Many attacks based on weakness of LFSR due to its linearity are proposed which in turn makes ZUC susceptible to various attacks based on LFSR. As we know in the structure of LFSR, non-linearity is provided in last block of LFSR by feedback operation while all other being clocked with previous value of LFSR, so we have introduced bit-shifting and circular shift operations on few blocks of LFSR output of which will be taken as input to other blocks of LFSR.

Keywords: LFSR, Key-Stream, ZUC, Security, NIST Statistical Test.

Chemotactic Test Case Recombination for Large-Scale Fuzzing

doi: 10.13052/jcsm2245-1439.542
Konstantin Böttinger

Fraunhofer Institute for Applied and Integrated Security, 85748 Garching, Germany

Abstract: [+]    |    Download File [ 671KB ]    |   Read Article Online

Abstract: We present a bio-inspired method for large-scale fuzzing to detect vulnerabilities in binary executables. In our approach we deploy small groups of feedback-driven explorers that guide colonies of high throughput fuzzers to promising regions in input space. We achieve this by applying the biological concept of chemotaxis: The explorer fuzzers mark test case regions that drive the target binary to previously undiscovered execution paths with an attractant. This allows us to construct a force of attraction that draws the trailing fuzzers to high-quality test cases. By introducing hierarchies of explorers we construct a colony of fuzzers that is divided into multiple subgroups. Each subgroup is guiding a trailing group and simultaneously drawn itself by the traces of their respective explorers. We implement a prototype and evaluate our presented algorithm to show the feasibility of our approach.

Keywords: Fuzzing, Random Testing, Vulnerability Detection.

Ethics and Internet Measurements

doi: 10.13052/jcsm2245-1439.543
Jeroen van der Ham1,2 and Roland van Rijswijk-Deij3,4

1Technical University Delft, The Netherlands
2National Cyber Security Centre, The Netherlands
3University of Twente, The Netherlands
4SURFnet bv, The Netherlands

Abstract: [+]    |    Download File [ 263KB ]    |   Read Article Online

Abstract: Over the past decade the Internet has changed from a helpful tool to an important part of our daily lives for most of the world’s population. Where in the past the Internet mostly served to look up and exchange information, it is now used to stay in touch with friends, perform financial transactions or exchange other kinds of sensitive information. This development impacts researchers performing Internet measurements, as the data traffic they collect is now much more likely to have some impact on users.

Traditional institutions such as Institutional Review Boards (IRBs) or Ethics Committees are not always equipped to perform a thorough review or gauge the impact of Internet measurement studies. This paper examines the impact of this development for Internet measurements and analyses previous cases where Internet measurements have touched upon ethical issues. The paper proposes an early framework to help researchers identify stakeholders and how a network study may impact them. In addition to this, the paper provides advice on creating measurement practices that incorporate ethics by design, and also considers the role of third-party data suppliers in ethical measurement practices.


River Publishers: Journal of Cyber Security and Mobility