Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2005, it - instituto de telecomunicações. Todos os direitos reservados. J.Almeida, J.Barros Instituto de Telecomunicações Universidade do Porto Joint.

Published byChrystal O’Brien’ Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2005, it - instituto de telecomunicações. Todos os direitos reservados. J.Almeida, J.Barros Instituto de Telecomunicações Universidade do Porto Joint."— Presentation transcript:

1 © 2005, it - instituto de telecomunicações. Todos os direitos reservados. J.Almeida, J.Barros Instituto de Telecomunicações Universidade do Porto Joint Compression and Protection 47th Annual Allerton Conference on Communication, Control, and Computing University of Illinois at Urbana-Champaign

2 2 Allerton Conference 2009, University of Illinois at Urbana-Champaign Conventional Encryption Insensitive to the characteristics of the communication system Compression, channel reliability, etc. Encryption of all data Limitations Delay constraints, energy and power constraints, etc.

3 3 Reducing Encryption Complexity Is it really necessary to cipher the complete set of data? Ex: SPOC [Vilela et al. ‘08]. Partial encryption algorithms Data dependable Trade-off between the amount of encrypted data and security. Can source coding help? Intrinsic security Variable length codes are hard to cryptanalyze! Preffix codes – Fraenkel and Klein ‘94 Huffman codes – Gillman, Mohtashemi and Rivest ’96 Ambiguity C0 = {a:0, b:10, c:11}, C1 = {a:1, b:01, c:00} C -1 ( 0001011) = AAABC or CBBA? Allerton Conference 2009, University of Illinois at Urbana-Champaign

4 4 Combining Compression and Protection Features Allerton Conference 2009, University of Illinois at Urbana-Champaign u Encoder Eavesdropper Decoder Key Source Message Source k uz Encoder Compression + encryption Analysis-by-synthesis type of encoding Exploit code properties to reduce size of data to encrypt. Decoder Decompression + decryption. z

5 5 Combining Compression and Protection Features Allerton Conference 2009, University of Illinois at Urbana-Champaign Compression One-time pad Analysis Encryption Entropy coder Multiplexer u x t y = x  t k z t’ k’ x Joint design of analysis and entropy coder blocks. Minimize the size of t’ to reduce the computational complexity of encryption. Encoder Eavesdropper Decoder Key Source Message Source k uz u

6 6 Combining Compression and Protection Features Allerton Conference 2009, University of Illinois at Urbana-Champaign Encoder Eavesdropper Decoder Key Source Message Source k uz u z Decompression One-time pad Decryption Entropy coder Demultiplexer u t x = y  t k t’k’ yy y

7 7 The case of Huffman codes Catastrophic error propagation C = {A: 100, B: 0, C: 111, D: 101, E: 110} Source message: BBCBECDBBB Encoded bitstream: 001110110111101000 Decoded symbols: DBDDCBAB Fliped two bits and changed several source symbols. Allerton Conference 2009, University of Illinois at Urbana-Champaign Exploit this property for encryption Generated keystreams will have long runs of zeros. Runlength entropy coder reduces the amount of information we need to encrypt.

8 8 Huffman Tree and Trellis C = { A:00, B:01, C:10, D:110, E:111 }. Allerton Conference 2009, University of Illinois at Urbana-Champaign

9 9 Trellis based keystreams Cryptogram cannot contain the trellis root states of the original codewords Define path cost function that reflects the cost of the entropy coder Compute the minimum path cost using greedy approach Allerton Conference 2009, University of Illinois at Urbana-Champaign

10 10 Huffman Tree and Error Automaton C = { A:00, B:01, C:10, D:110, E:111 }. Allerton Conference 2009, University of Illinois at Urbana-Champaign

11 11 Error Automaton based keystreams Transition function between automaton states If a codeword leads to a synchronization state modify codeword Choice can be subject to optimization regarding the efficiency of the entropy coder Keystream is the concatenation of the sequence of modifications Error states: {0, 1, 00, 01, 10, 11, 000} Source message: CRYPTOGRAPHY Cryptogram: YYOHRGOCOGA Allerton Conference 2009, University of Illinois at Urbana-Champaign xts --I C000000100 R0100000 Y0010101 P0110001 T1000000 O1010001 G1110001 R0100000 A000100001 P0110001 H1100000 Y001000S

12 12 Information Leakage Assume adversary that (a) knows the compression algorithm in use (b) knows the encryption algorithm in use... assume also that the one-time pad is correctly used Eavesdropper tries to infer x (eq. t) based on y and the algorithm No key recovery attacks! When do things go wrong? When there is not enough diversity in codeword sizes Allerton Conference 2009, University of Illinois at Urbana-Champaign

13 13 Information Leakage - Trellis Allerton Conference 2009, University of Illinois at Urbana-Champaign Eavesdropper knows that his trellis path root states are forged Prunes the trellis Random choices Increases the size of data to encrypt

14 14 Information Leakage - Automaton Allerton Conference 2009, University of Illinois at Urbana-Champaign Adversary knows that the 1st codeword has size different from his observation Loss of synchronization was induced Ignore the size of the 1st codeword and start to decode afterwards Use keystream to control how modifications are induce Increases the size of data to encrypt

15 15 Results Allerton Conference 2009, University of Illinois at Urbana-Champaign

16 16 Results Allerton Conference 2009, University of Illinois at Urbana-Champaign

17 17 Conclusions Joint compression and data protection Abstraction from compression algorithm Analysis-by-synthesis encoding Reduction of size of encrypted information Link between entropy coder and analysis block Trade-off between security, computational and data overheads Huffman codes Catastrophic error propagation + RL entropy coder Encryption algorithms based on loss of synchronization principles Further developments Cryptanalysis of the proposed algorithms Study trade-offs for other entropy coders Develop analysis algorithms for other source coders Allerton Conference 2009, University of Illinois at Urbana-Champaign http://nip.dcc.fc.up.pt

Download ppt "© 2005, it - instituto de telecomunicações. Todos os direitos reservados. J.Almeida, J.Barros Instituto de Telecomunicações Universidade do Porto Joint."

Similar presentations

Convolutional Codes Representation and Encoding  Many known codes can be modified by an extra code symbol or by deleting a symbol * Can create codes of.

Convolutional Codes Representation and Encoding  Many known codes can be modified by an extra code symbol or by deleting a symbol * Can create codes of.
Applied Algorithmics - week7

Applied Algorithmics - week7
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format

Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format
Greedy Algorithms Amihood Amir Bar-Ilan University.

Greedy Algorithms Amihood Amir Bar-Ilan University.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Public Key Encryption Algorithm

Public Key Encryption Algorithm
Chapter 6 Information Theory

Chapter 6 Information Theory
Compression & Huffman Codes

Compression & Huffman Codes
SWE 423: Multimedia Systems

SWE 423: Multimedia Systems
Compression & Huffman Codes Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Compression & Huffman Codes Fawzi Emad Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
Information Theory Eighteenth Meeting. A Communication Model Messages are produced by a source transmitted over a channel to the destination. encoded.

Information Theory Eighteenth Meeting. A Communication Model Messages are produced by a source transmitted over a channel to the destination. encoded.
© 2005, it - instituto de telecomunicações. Todos os direitos reservados. Gerhard Maierbacher Scalable Coding Solutions for Wireless Sensor Networks IT.

© 2005, it - instituto de telecomunicações. Todos os direitos reservados. Gerhard Maierbacher Scalable Coding Solutions for Wireless Sensor Networks IT.
An Introduction to Cryptology and Coding Theory Discrete Math 2006.

An Introduction to Cryptology and Coding Theory Discrete Math 2006.
CSE 326 Huffman coding Richard Anderson. Coding theory Conversion, Encryption, Compression Binary coding Variable length coding A B C D E F.

CSE 326 Huffman coding Richard Anderson. Coding theory Conversion, Encryption, Compression Binary coding Variable length coding A B C D E F.
Hash Functions Nathanael Paul Oct. 9, 2002. Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)

Hash Functions Nathanael Paul Oct. 9, Hash Functions: Introduction Cryptographic hash functions –Input – any length –Output – fixed length –H(x)
Variable-Length Codes: Huffman Codes

Variable-Length Codes: Huffman Codes
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.
Chapter 2 Basic Encryption and Decryption (part B)

Chapter 2 Basic Encryption and Decryption (part B)
Fundamentals of Multimedia Chapter 7 Lossless Compression Algorithms Ze-Nian Li and Mark S. Drew 건국대학교 인터넷미디어공학부 임 창 훈.

Fundamentals of Multimedia Chapter 7 Lossless Compression Algorithms Ze-Nian Li and Mark S. Drew 건국대학교 인터넷미디어공학부 임 창 훈.

Similar presentations

Ads by Google