Encryption

An Analysis of Current 802.11 Wireless Network Layer One and Two Attacks and Possible Preventative Measures

ABSTRACT

The last 2 years has seen a major increase in the number of users of wireless networks, for both public and private use. Initially, there were a number of problems with data security, such as WEP, that made wireless networks vulnerable to attack. While data security has been increased through the use of tougher encryption and other methods, newer attacks based on lower levels are emerging. Layer 1 is the physical medium used to send the signal, in this case radio frequency, with connection and management handled by the MAC sub-layer of layer 2. Tools such as Airjack and Void11 can be used to launch DDoS and man-in-the-middle attacks against layer 2 of wireless networks, with jamming attacks used against the Physical layer.

Design of a High Performance Implementation of the Rijndael Cipher Using Three-Level Architecture

ABSTRACT

For a long period of time, the Data Encryption Standard (DES) was considered as a standard for the symmetric key encryption. It has a key length of 64 bits. Due to the vast growing of processing speed, this small key length can easily be broken. According to the National Institute of Standards and Technology (NIST), the Advanced Encryption Standard (AES) will replace DES, as it is based on a key length of 128-bits or more. In the present paper, a design of a high performance implementation of the AES cipher will be proposed. An experimental performance evaluation of the proposed design will be provided. The experimental study will be applied for different block size lengths of the message to be encrypted. The performance of the proposed design will be evaluated considering a set of criteria such as the average execution encryption time per round, average encryption speed, speedup, and efficiency.

Software Implementation using Hardware-Based Verification for Secure Content Delivery

ABSTRACT

This paper presents a novel method for secure message transmission – the Software Implementation using Hardware-Based Verification for Secure Content Delivery (SIHBVSCD) method.  This method incorporates a two-tier security protocol which allows messages to be verified at both the user level (coming from a particular user) and hardware level (originating from a particular machine) providing protection from espionage and/or clandestine manipulation of information.  SIHBVSCD securely sets up a one-time symmetric key used for transmission, offering advantages over both the high theft/loss likelihood of smartcards and the inability of hardware-based verification for machines that do not contain hardware capable of remote attestation.

Malware-based Information Leakage over IPSec Tunnels

ABSTRACT

IPSec-based protocols are often presented by practitioners of information security as an efficient solution to prevent attacks against data exchange. More generally, use of encryption to protect communication channels or to seclude sensitive networks is seen as the ultimate defence. Unfortunately, this confidence is illusory since such “armoured” protocols can be manipulated or corrupted by an attacker to leak information whenever an access is managed with simple user’s permission. In this paper, we present how an attacker and/or a malware can subvert and bypass IPSec-like protocols to leak data from the system under attack. By using a covert channel, we show how to code the information to be stolen, how to insert it in the legitimate encrypted traffic and finally collect/decode the information on the attacker’s side. We first present how to exploit the covert channel and to steal sensitive data without triggering any alert. Subsequently, the detailed results of extensive experiments to validate the attack techniques on an operational level are given. Finally, some potential prevention and protection techniques are presented to limit such attacks. However, this analysis demonstrates that residual weaknesses are bound to remain unless the communication protocols involved are significantly modified.

Securing the Cloud

ABSTRACT

This paper will review cloud technology utilized to support the Intelligence Community and will specifically address the National Security Agency’s research into vulnerabilities and risks related to cloud-based systems. Current implementation plans will be discussed for a multi- agency private cloud architecture that is under development. The paper will also review security challenges for a cloud architecture and will address specific technologies, such as data tagging, digital policy management, encryption, identity and access management, and auditing, along with intrusion detection and prevention.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Keywords

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.234.6664
  • jiw@gbpts.com