nvlap 600138 0

 

MyKripto

nvlap 600138 0

No.TitleAbstractAuthorYear of PublishedPublicationPublisherURL
1 The Study of Randomness Properties Exhibited by LAO-3D Lightweight Block Cipher Algorithm The paper presents the randomness analysis of LAO-3D algorithm. LAO-3D is a lightweight block cipher that is developed using the 3D permutation method. It consists of 64 bits block and 128 bits key sizes that executes in 20 encryption rounds of the substitution–permutation network structure. Lightweight cryptographic algorithms are specifically tailored for devices with limited resources that include small embedded systems, IoT devices, or low-power microcontrollers. These devices often have limited processing power, memory, energy, and inherent security limitations. The presence of randomness helps to ensure that cryptographic operations can be performed efficiently within these constraints, minimizing the computational overhead and energy consumption, and further helps to strengthen the security of these algorithms by adding an extra layer of uncertainty, making it harder for attackers to exploit the limited resources and predictable behaviors of lightweight devices. In performing the randomness testing, fifteen statistical tests from the NIST Statistical Test Suite were used. 1000 samples were produced from the algorithm by adopting nine different data categories. The analysis results indicate that LAO-3D passed all of the statistical tests, and this tested algorithm is random according to the 0.1% significance level. Nik Abdullah Nik Azura & Dr. Abdul Alif Zakaria April 2024 Proceedings of Second International Conference on Intelligent System (ICIS 2023) Springer Link
2 Modified Generalized Feistel Network Block Cipher for the Internet of Things With the advent of the Internet-of-Things (IoT) technologies, millions of low-resource devices are constantly used at the network’s edge. As a result, the large amount of private and sensitive data generated by these devices must be securely transported, stored, and processed, posing a challenge because these resource-constrained IoT devices cannot meet the criteria of conventional encryption ciphers. Due to this limitation on IoT-enabled devices, lightweight cryptography has emerged as a new area of study. Lightweight block ciphers, a subfield of lightweight cryptography, include the substitution–permutation network (SPN) and Feistel-based networks. Feistel networks are further divided into two types: classical Feistel networks and generalized Feistel networks (GFN). While classical Feistel ciphers divide a message into two sub-blocks, GFN divides a message into k sub-blocks for some k > 2 called the partition number. One popular form of GFN is the so-called Type-II. Unfortunately, this type of Feistel structure needs a large number of rounds to obtain a full diffusion property. A full diffusion means all output sub-blocks are affected by all input sub-blocks. Therefore, this paper proposed a new lightweight block cipher by modifying the GFN structure, focusing on providing optimal security to the cipher with a small number of rounds. The algorithm was subjected to a series of statistical and cryptographic randomization analyses in order to investigate the avalanche effect on the ciphertext and the algorithm’s random properties, such as confusion, diffusion, and independence. The avalanche criterion and output randomness results show that this algorithm meets the fundamental security requirement for a lightweight block cipher. Isma Norshahila Mohammad Shah

April 2023

Symmetry MDPI Link
3

Systematic Literature Review: Trend Analysis on the Design of Lightweight Block Cipher 

Lightweight block ciphers have become a standard for security protections on IoT devices. Advanced technology is required to secure the data, thus encryption is the method that can provide information security. From previous studies, comparisons of lightweight algorithms in various literature focus on their performance and implementation. However, a lack of analysis has been done on the relationship between the algorithm components and their security strength. This information is crucial for developers in designing secure algorithms. In this paper, a comprehensive systematic literature review on 101 existing lightweight algorithms is presented. This review focuses on the security aspect of lightweight algorithms that cover the identification of secure design components based on substitution and permutation. Security analysis and the evolution of lightweight algorithms are also presented. This research includes the results and discussions to observe the selections of substitution and permutation functions to analyse their impact on the security strength. Recommendations from the developer’s insight on methods and considerations for designing an algorithm are also presented. Findings from the research indicate that various techniques can be used to develop a secure algorithm. Most importantly, an algorithm must be provided with confusion and diffusion properties in the design to ensure sufficient security. Abdul Alif Zakaria

April 2023

Journal of King Saud University – Computer and Information Sciences  

Elsevier Link
4

Randomness Analysis of the Modified Ultra-Lightweight Block Cipher Algorithm, SLIM) 

Academics and cryptography professionals are actively conducting research in the field of lightweight cryptography to maintain data security in limited resource devices such as RFID tags, medical and healthcare devices as well as sensor networks. One of the lightweight algorithms that have been developed is the SLIM algorithm. SLIM is an ultra-lightweight block cipher algorithm intended for use on the Internet of Health Things. SLIM is a 32-bit block cipher based on the Feistel structure. The SLIM algorithm does have good encryption efficacy, but the algorithm lacks the diffusion and confusion properties that a block cipher should provide as one of its cryptographic security aspects. Therefore, in order to improve the diffusion and confusion properties of the algorithm, a modification to the key scheduling algorithm for the SLIM algorithm has been done. Randomness analysis was then performed to assess the randomness of the algorithms using the NIST Statistical Test Suite. A total of nine data categories namely Strict Key Avalanche, Strict Plaintext Avalanche, Plaintext Ciphertext Correlation, Cipher Block Chaining, Random Plaintext Random Key, Low-Density Key, High-Density Key, Low-Density Plaintext, and High-Density Plaintext was used to generate 100 input sequences for each sample in each data category. The algorithms generate ciphertext blocks, which are then combined to form a binary sequence. According to the results of the comparison study, the proposed algorithms’ randomness analysis results are better than the original algorithm based on the 1% significance level. Isma Norshahila Mohammad Shah

February 2023

Sains Malaysiana 

UKM Publisher Link
5 Statistical Analysis of 3D RECTANGLE Encryption Algorithm The statistical analysis of the 3D RECTANGLE to test the randomness of the lightweight block cipher is presented in this paper. Lightweight block ciphers use less computing power than conventional algorithms, making them more suitable for use in low-resource devices. Randomness property is important for an encryption algorithm to ensure that the output does not contain any message pattern. The NIST Statistical Test Suite is used to perform the randomness tests. Nine data categories of block cipher rare used to produce 1,000 cipher text samples from the algorithm. From the conducted testing, the 3D RECTANGLE passed 88.89% of the randomness tests. Based on the 1% significance level, the analysis indicates that 3D RECTANGLE appears to be non-random. The experimental results reveal the weakness of the algorithm that can be addressed in future studies. Dr. Abdul Alif Zakaria (main author) & Dr. Maslina Daud (co-author) December 2022 International Conference on Science, Technology, Engineering and Management (ICSTEM) Research World International Link
6 LAO-3D: A Symmetric Lightweight Block Cipher Based on 3D Permutation for Mobile Encryption Application Data transmissions between smartphone users require security solutions to protect communications. Hence, encryption is an important tool that must be associated with smartphones to keep the user’s data safe. One proven solution to enhance the security of encryption algorithms is by using 3D designs on symmetric block ciphers. Although a 3D cipher design could improve the algorithms, the existing methods enlarge the block sizes that will also expand the key sizes and encryption rounds, thus decreasing their efficiency. Therefore, we propose the LAO-3D block cipher using a 3D permutation that offers security by providing confusion and diffusion characteristics. Five security analyses were conducted to assess the strengths of LAO-3D. The findings suggest that LAO-3D achieves better results compared to other existing lightweight block ciphers, with 98.2% non-linearity, 50% bit error rates for both plaintext and key modifications, surpasses 100% of the randomness test, and is immune to differential and linear cryptanalysis attacks. Moreover, the block cipher obtains competitive performance results in software applications. From the security analyses and performance tests, it is proven that LAO-3D can provide sufficient security at low costs in mobile encryption applications. Dr. Abdul Alif Zakaria (main author) & Dr. Maslina Daud (co-author) September 2022 Symmetry MDPI Link
7 Integration of Security Hardware Module Zymkey 4i With RaspberryPi The use of Raspberry Pi as a personal computer for daily or office use has been perceived as a new norm in the past few years. The motivation for this is the reliability and the reasonable price for it. As the usage of Raspberry Pi has increased especially along the IoT related industry, the demand of hardware security towards the Raspberry Pi has also increased. As Raspberry Pi are relatively new for some users, the implementation of Zymkey 4i as the security module is an added advantage when the Raspberry Pi is being implemented in a large number at one institution. The implementation of the hardware security module had shown great result on securing the Raspberry Pi without it being monitored regularly. Suhairi Mohd Jawi September 2022 Journal of Positive School Psychology Scopus Link
8 Analysis of Permutation Functions for Lightweight Block Cipher Design In this paper, the permutation functions of the lightweight block ciphers are analyzed to observe their impact on the cryptographic strength. Three types of permutation functions are presented in the analysis which includes the Feistel-based permutation, formulation-based permutation, and table-based permutation. In order to execute the avalanche effect and correlation coefficient analysis, one hundred 64-bit plaintexts are generated as the input using a pseudorandom bit generator. From the analysis, the avalanche effect results show that all permutation methods have the ability to maintain the optimum output changes with minor or major modifications of the input. In addition, the correlation coefficient results indicate a weak linear relationship between the cipher input and its corresponding output, thus the output produced from all permutation methods is not linear with the input data. Dr. Abdul Alif Zakaria (main author) & Dr. Maslina Daud (co-author) July 2022 Proceeding of the 8th International Cryptology and Information Security Conference (CRYPTOLOGY2022) Institute for Mathematical Research (INSPEM) Link
9 SPA on Modular Multiplication in Rabin-p KEM Rabin-p key encapsulation mechanism (KEM) is a variant of the Rabinencryption scheme, famously utilizing square root modular problemas its security strength. The Rabin-p KEM algorithm has been selectedas one of the candidates by Malaysian’s MySEAL project that aims toselect new cryptographic algorithms. With suitable devices, the sidechannelattack is a powerful attack that collects secret information viathe physical data leaked out from a cryptographic device. It can exposethe private key of a cryptosystem by targeting the cryptographic implementationof an algorithm. Since Rabin-p is a new key encapsulationmechanism, no previous side-channel attack has been known to causeits implementation to be vulnerable. Thus, this paper shows that theside-channel attack using simple power analysis on Rabin-p KEM resultsin its private key p to be known in feasible time. Also, a variationof this method has been shown to be effective against a single modularmultiplication operation. Finally, this paper also suggests a randomizedapproach for future implementation of Rabin-p to prevent this kind ofattack. Co-Author:Hazlin Abdul Rani July 2022 Proceeding of the 8th International Cryptology and Information Security Conference (CRYPTOLOGY2022) Institute for Mathematical Research (INSPEM) Link
10 A Theoretical Comparative Analysis of DNA Techniques Used in DNA Based Cryptography Cryptography has been extensively employed in the information security field for the purpose of providing security for confidential data. The field of cryptography has recently considered a hybrid cryptographic implementation that combines conventional cryptographic techniques with the knowledge of DNA technologies to formulate what is known as DNA cryptography. DNA based cryptography is considered a branch of sustainability science as it combines transdisciplinary structures from natural sciences (biology) and technological sciences (information security). This paper discusses the various biological DNA techniques that have been implemented in recent DNA cryptographic algorithms. Among them are the Watson-Crick Complementary Rules, DNA Encoding/Decoding Rules, DNA Operation Rules, the Triplet Codon DNA Code, DNA Segmentation, DNA Hybridisation (DNA Annealing) and DNA Transcription and DNA Replication from the Central Dogma Molecular Biology process. A description of the algorithms and a theoretical comparative analysis of these DNA cryptographic algorithms is also presented in this research paper. Comparisons have also been made based on the following parameters: Conventional cryptographic techniques vis-a-vis the techniques used by DNA cryptographic algorithms, the application of these algorithms, their limitations and a security analysis to see how well DNA cryptography perform as against current conventional cryptography. Corresponding Author: Nik Azura Nik AbdullahCo-Author: Nur Hafiza Zakaria, Azni Haslizan Ab Halim, Farida Hazwani Mohd Ridzuan, Azuan Ahmad, Kamaruzzaman Seman And Suriyani Ariffin May 2022 Journal of Sustainability Science and Management UMT Link
11 The Implementation of Hardware Security Based Zymkey 4i in HDVA Technology advancement has made the life of electronics users much easier. During the pandemic, the usage of a smart assistant is found to be useful and convenient in everyday task or reminder. The electronics consumers who want their everyday life to be more convenient, they sacrifice the needs of a basic cybersecurity in their everyday electronic usage. Home Digital Voice Assistant (HDVA) that comes without a monitor can pose a threatening privacy issue towards the user. This research is to provide a countermeasure to the malicious attack towards the HDVA. The result of this implementation shows that Zymkey 4i is feasible in protecting the Raspberry Pi from being tampered by using the device ‘binding’ method from Zymkey 4i.

Rizzo Mungka Rechie; Yusnani Mohd Yussoff; Lucyantie Mazalan; Suhairi Mohd Jawi Said 

July 2021

2021 International Congress of Advanced Technology and Engineering (ICOTEN)  

IEEE Link
12 The Implementation of Hardware Security Based Zymkey 4i in HDVA Technology advancement has made the life of electronics users much easier. During the pandemic, the usage of a smart assistant is found to be useful and convenient in everyday task or reminder. The electronics consumers who want their everyday life to be more convenient, they sacrifice the needs of a basic cybersecurity in their everyday electronic usage. Home Digital Voice Assistant (HDVA) that comes without a monitor can pose a threatening privacy issue towards the user. This research is to provide a countermeasure to the malicious attack towards the HDVA. The result of this implementation shows that Zymkey 4i is feasible in protecting the Raspberry Pi from being tampered by using the device ‘binding’ method from Zymkey 4i. Co-Author: Suhairi Mohd Jawi July 2021 Proceedings of 2021 International Congress of Advanced Technology and Engineering (ICOTEN) IEEE Link
13 New Vulnerabilities upon Grain v0 Boolean Function through Fault Injection Analysis Algebraic attacks on stream cipher are very important in cryptography as well as in cryptanalysis. Generally, increasing degree of the equation will make an algebraic attack to the equation hardest. In conducting this analysis, we aim to decrease the degree of the targeted Boolean equation by constructing low degree annihilator equation(s). We adopt the Fault Injection Analysis (FIA) methodology to achieve our objectives. In this study, we found annihilator(s) through FIA (inject with value of one (1)) on Boolean function of selected stream ciphers. With the new injected Boolean functions developed, we proceed to utilize Hao’s method to find new annihilator(s). Then we established new annihilator(s) of Grain v0’s Boolean function. As a result, these newly identified annihilator(s) successfully reduce the complexity of the published Boolean function to guess the initial secret key. It also provides much needed information on the security and vulnerability of these selected stream cipher with respect to FIA. Wan Zariman Omar@Othman and Suhairi Mohd Jawi April 2021 OIC-CERT Journal of Cyber Security Volume 3 Issue 1 CyberSecurity Malaysia Link
14 Modifications of Key Schedule Algorithm on RECTANGLE Block Cipher Key schedule algorithm is one of the core elements that significantly affect the security of an encryption algorithm. While its importance is undeniable, the key schedule algorithm has not been given comprehensive attention compared to the encryption algorithm. RECTANGLE block cipher is very efficient in terms of encryption speed performance among the existing lightweight algorithms. However, its non-robust round keys generation seems to be the weakest point of the algorithm. A robust key schedule algorithm should produce round keys with random characteristics, independent, and not correlated to one another as defined in the randomization and confusion properties. Therefore, the objective of this paper is to improve the RECTANGLE key schedule algorithm to increase its randomization and confusion properties against high correlation keys as well as the speed and throughput performances. Three experiments were conducted based on the randomness, key sensitivity, and performance tests. The results show that our modified designs have produced lower correlation keys by 0.16% to 0.45% improvement, more random ciphertext with an increase of 13.34% to 20.00% passing rate, and better performance that recorded 1.30% to 7.82% faster and increased by 1.33% to 8.50% throughput than the original RECTANGLE. Abdul Alif Zakaria and Dr Maslina Daud February 2021 Proceedings of the International Conference on Advances in Cyber Security Springer Link
15 Randomness Tests on Nine Data Categories of RECTANGLE Using NIST Statistical Test Suite RECTANGLE lightweight algorithm is a 64-bit block cipher using 80-bit and 128-bit key variants. A lightweight algorithm takes lesser computational power than a conventional algorithm. Implementing a lightweight algorithm in low-resource devices is more effective. To ensure the output has no pattern, randomness is an essential property for an algorithm. The NIST Statistical Test Suite is used to execute the randomness analysis. To produce 1,000 input sequences for each algorithm, nine data categories are implemented. RECTANGLE-80 and RECTANGLE-128 passed the randomness analysis with 98.73% and 98.48%. The results reveal that RECTANGLE appears to be non-random based on the 0.1% significance level. The analysis findings found weaknesses that can be explored in future research. Abdul Alif Zakaria

December 2020

International Journal of Cryptology Research Malaysian Society for Cryptology Research Link
16

Findings Annihilator (s) via Fault Injection Analysis (FIA) on Boolean Function of LILI-128 

Dawson et al.(2000) and it was submitted to NESSIE project. This LILI-128 algorithm is a LFSR based synchronous stream cipher come with 128 bit key length. LILI-128 was designed to implement in hardware and software based and its offer large period and linear complexity. In this algorithm, the Boolean function given with coefficients, n is equal to ten (10) and its degree, d is equal to six (6). In conducting this attack, we aim to decrease the degree of the targeted Boolean equation by find it vulnerability with constructing low degree annihilator equation (s). We adopt the Fault Injection Analysis (FIA) methodology to achieve our objectives. In this study, we found the vulnerability via annihilator (s) through FIA (inject with value of one (1)) on Boolean function of LILI-128. With these injected Boolean functions, we proceed to utilize Hao’s method to find new annihilator (s). Then we obtained new annihilator (s) on Boolean function of LILI-128 stream cipher. As a result, these newly identified annihilators successfully reduce the complexity of the published Boolean function to guess the initial secret key. It likewise gives truly necessary data on the security of these chose stream cipher concerning Fault Injection Analysis. Wan Zariman Omar, Suhairi Mohd Jawi, Muhammad Rezal Kamel Ariffin, Zahari Mahad, Solahuddin Shamsuddin November 2020 Journal of Advances in Information Technology JAIT Link
17 Findings Annihilator(s) via Fault Injection Analysis (FIA) on Boolean Function of LILI-128 LILI-128 keystream generator was designed by Dawson et al. (2000) and it was submitted to NESSIE project. This LILI-128 algorithm is a LFSR based synchronous stream cipher come with 128 bit key length. LILI-128 was designed to implement in hardware and software based and its offer large period and linear complexity. In this algorithm, the Boolean function given with coefficients, n is equal to ten (10) and its degree, d is equal to six (6). In conducting this attack, we aim to decrease the degree of the targeted Boolean equation by find it vulnerability with constructing low degree annihilator equation(s). We adopt the Fault Injection Analysis (FIA) methodology to achieve our objectives. In this study, we found the vulnerability via annihilator(s) through FIA (inject with value of one (1)) on Boolean function of LILI-128. With these injected Boolean functions, we proceed to utilize Hao’s method to find new annihilator(s). Then we obtained new annihilator(s) on Boolean function of LILI-128 stream cipher. As a result, these newly identified annihilators successfully reduce the complexity of the published Boolean function to guess the initial secret key. It likewise gives truly necessary data on the security of these chose stream cipher concerning Fault Injection Analysis. Wan Zariman Omar; Dr Ts Solahuddin Shamsuddin and Suhairi Mohd Jawi November 2020 Journal of Advances in Information Technology Volume 11 Number 4 Engineering and Technology Publishing Link
18 Extended RECTANGLE Algorithm Using 3D Bit Rotation to Propose a New Lightweight Block Cipher for IoT The Internet of Things (IoT) is a broad range of applications enabled by the connection of devices such as sensors, actuators, and monitors accessible through the Internet. Massive IoT device connectivity and vast data transmission have made the information susceptible to various types of attacks. Therefore, encryption is required for secure communication in an IoT ecosystem. An IoT system is constrained by its complexities that require small computing power. Thus, lightweight block cipher is chosen as the solution to IoT security issues. RECTANGLE block cipher has very efficient encryption speed performance among the existing lightweight algorithms. Although RECTANGLE achieves such high efficiency, lack of focus on its security aspect needs to be addressed. The algorithm is short of confusion and diffusion characteristics that should be offered by a block cipher as one of the cryptographic security properties. Therefore, we extended RECTANGLE using a 3D cipher to improve its security features by enhancing the algorithm confusion and diffusion properties. Security analysis and performance tests were performed to verify the strength of the proposed 3D RECTANGLE. The results show that 3D RECTANGLE performs better than its original version in terms of the correlation between data input and output with an increase of 1.58% for non-linearity results, records approximately 50% bit error rate for sensitiveness against both modifications of plaintext and key, increase of passing rate in the randomness test by 22.22%, and achieves competitive performance results against existing algorithms with 0.9516 ms execution speed and 67.26 bit/ms throughput. Abdul Alif Zakaria and Dr Maslina Daud November 2020 IEEE Access Volume 8 IEEE Xplore Digital Library Link
19 Randomness Analysis on Lightweight Block Cipher, PRESENT Lightweight cryptography is an area of current research conducted by academicians and cryptographic experts to ensure the security of data in limited-resource devices such as RFID tags, medical and health care devices and sensor networks. One of the lightweight algorithms built is the PRESENT algorithm. To this day, PRESENT has been a reference for lightweight block cipher algorithms and is incorporated into Lightweight Cryptography Standard ISO/IEC 29192-2. The capacity to act as a random number generator is one of the key requirements when designing an algorithm. Thus, this study aims to examine the capabilities of the PRESENT algorithm as a random number generator. By using the NIST Statistical Test Suite, a randomness analysis is performed on the PRESENT algorithm. A total of six data categories i.e., Strict Key Avalanche, Strict Plaintext Avalanche, High-Density Key, Low- Density Key, Low-Density Plaintext and High-Density Plaintext were applied to generate 100 input sequences for each algorithm. From the analysis, the outputs generated from the PRESENT algorithm are essentially non-random based on the 1% significance level. Isma Norshahila binti Mohammad Shah November 2020 Journal of Computer Science Science Publications Link
20 Randomness Analysis on RECTANGLE Block Cipher In this paper, we analyze the randomness of the RECTANGLE cipher. RECTANGLE is a lightweight block cipher with 64-bit block size and variants key lengths of 80 and 128 bits. Lightweight block cipher requires less computing power than a block cipher algorithm which makes it more efficient to be implemented in low-resource devices. Randomness is an important property of a cryptography algorithm to make sure the output has no message pattern. The randomness testing was performed using the NIST Statistical Test Suite. A total of nine data categories were applied to generate 1,000 input sequences for each algorithm. RECTANGLE-80 and RECTANGLE-128 passed 98.73% and 98.48% of the randomness tests. Our analysis shows that both RECTANGLE variants seem to be non-random based on the 0.1% significance level. The experimental results from this paper identified some weaknesses that can be addressed in future research. Abdul Alif Zakaria & Dr Maslina Daud June 2020 Proceedings of the 7th International Cryptology and Information Security Conference 2020 Institute for Mathematical Research (INSPEM) Link
21 S-Box Construction Based on Linear Fractional Transformation and Permutation Function Substitution boxes (S-box) with strong and secure cryptographic properties are widely used for providing the key property of nonlinearity in block ciphers. This is critical to be resistant to a standard attack including linear and differential cryptanalysis. The ability to create a cryptographically strong S-box depends on its construction technique. This work aims to design and develop a cryptographically strong 8 × 8 S-box for block ciphers. In this work, the construction of the S-box is based on the linear fractional transformation and permutation function. Three steps involved in producing the S-box. In step one, an irreducible polynomial of degree eight is chosen, and all roots of the primitive irreducible polynomial are calculated. In step two, algebraic properties of linear fractional transformation are applied in Galois Field GF (28). Finally, the produced matrix is permuted to add randomness to the S-box. The strength of the S-box is measured by calculating its potency to create confusion. To analyze the security properties of the S-box, some well-known and commonly used algebraic attacks are used. The proposed S-box is analyzed by nonlinearity test, algebraic degree, differential uniformity, and strict avalanche criterion which are the avalanche effect test, completeness test, and strong S-box test. S-box analysis is done before and after the application of the permutation function and the analysis result shows that the S-box with permutation function has reached the optimal properties as a secure S-box. Liyana Chew Nizam Chew May 2020 Journal of Symmetry  Volume 12 Issue 5 MDPI Link
22 Secure Information Hiding Based on Random Similar Bit Mapping The goal of cryptography is to maintain the secrecy of information while steganography aims to hide the information. A hybrid steganography and cryptography method was introduced to increase the security of data transmission. Random Similar Bit Mapping (RSBM) was proposed to hide a secret message without modifying the image and generates a Position File (PF) which stores the positions of a hidden message. PF is encrypted using Advanced Encryption Standard (AES) algorithm before being sent to the receiver. Two security measures were proposed to estimate the message location in PF based on Correct Position Finding (CPF) for message detection against a brute force attack. This paper compared related works using the proposed security measures to evaluate its security. From the CPF probability analysis, RSBM produced the lowest CPF probability results, while recording the highest CPF time complexity results in CPF time complexity analysis. In conclusion, RSBM ensured high data security which can be implemented in any information hiding application. Abdul Alif Zakaria May 2020 International Journal of Machine Learning and Computing International Association of Computer Science and Information Technology Link
23 Slid Pairs of the Fruit-80 Stream Cipher Fruit is a small-state stream cipher designed for securing communications among resource-constrained devices. The design of Fruit was first known to the public in 2016. It was later improved as Fruit-80 in 2018 and becomes the latest and final version among all versions of the Fruit stream ciphers. In this paper, we analyze the Fruit-80 stream cipher. We found that Fruit-80 generates identical keystreams from certain two distinct pairs of key and IV. Such pair of key and IV pairs is known as a slid pair. Moreover, we discover that when two pairs of key and IV fulfill specific characteristics, they will generate identical keystreams. This shows that slid pairs do not always exist arbitrarily in Fruit-80. We define specific rules which are equivalent to the characteristics. Using the defined rules, we are able to automate the searching process using an MILP solver, which makes searching of the slid pairs trivial. Co-author: Hazlin Abd Rani April 2020 International Journal of Communication Networks and Information Security (IJCNIS) Volume 12 Number 1 Institute of Information Technology Link
24 Enhanced Statistical Analysis Evaluation Using CSM Randomness Test Tool Random numbers are at the heart of modern cryptography, and having access to a source of randomness is crucial for information security. Tests for randomness determine whether a data set has a recognizable pattern which indicates that it is significantly non-random. However, the randomness test is very time consuming which requires a large file size of data to be tested. Also, the randomness test requires a repeated process for a different types of tests. In this research paper, we introduced a cryptographic evaluation tool to evaluate the randomness of a cryptographic algorithm. This tool is an extended work done on the NIST Statistical Test Suite which is the most popular statistical test for the evaluation of the quality of random number generators. All of the results from each of the 15 tests in the test suite are compiled and analyzed simultaneously. The proposed tool finally generated a complete randomness evaluation report which provides a conclusion to indicate whether the tested cryptographic algorithm passes or fails each test. It took about three hours to produce a complete analysis report compared to eight hours using a conventional method. With the presence of this tool, the process of evaluating the randomness of a cryptographic algorithm is simplified and automated which resulted in reducing the evaluation timeframe. Abdul Alif Zakaria; Hazlin Abdul Rani and Nik Azura Nik Abdullah October 2019 International Journal of Cryptology ResearchVolume 9 Issue 1 Institute for Mathematical Research (INSPEM) Link
25 Cryptographic Randomness Analysis on Simon 32/64 Internet of Things (IoT) contains private data that must be protected from irresponsible parties. Conventional cryptography algorithms are not compatible with IoT devices due to its limited resources. A family of lightweight cryptography algorithm, Simon, has been developed to fulfill this constraint. Simon family of lightweight cryptography designed by NSA is efficient for optimal hardware performance. A randomness analysis on Simon32/64 is presented in this paper. Analysis is conducted using NIST Statistical Test Suite to ciphertext sequence generated from nine data categories. From the analysis, it reveals that Simon32/64 failed at least one test from each data categories. Isma Norshahila Mohammad Shah and Hazlin Abdul Rani October 2019 International Journal of Cryptology Research Volume 9 Issue 1 Institute for Mathematical Research (INSPEM) Link
26 New Vulnerabilities Upon Pomaranch Boolean Function Through Fault Injection Analysis (FIA) Pomaranch stream cipher is a synchronous stream cipher submitted to eSTREAM, the ECRYPT Stream Cipher Project and was designed by Jansen et al. and publish in 2006. In this algorithm, the Boolean function given with coefficients, n is equal to five (5) and its degree, d is equal to three (3). In conducting this attack, we aim to decrease the degree of the targeted Boolean equation by find it vulnerability with constructing low degree annihilator equation(s). We adopt the Fault Injection Analysis (FIA) methodology to achieve our objectives. In this study, we found the vulnerability via annihilator(s) through FIA (inject with value of one (1)) on Boolean function of Pomaranch. With these injected Boolean functions, we proceed to utilize Hao s method to find new annihilator(s). Then we obtained new annihilator(s) on Boolean function of Pomaranch stream cipher. As a result, these newly identified annihilators successfully reduce the complexity of the published Boolean function to guess the initial secret key. It likewise gives truly necessary data on the security of these chose stream cipher concerning Fault Injection Analysis. Wan Zariman Omar; Dr Solahuddin Shamsuddin and Suhairi Mohd Jawi October 2019 International Journal of Cryptology Research Volume 9 Issue 1 Institute for Mathematical Research (INSPEM) Link
27

Findings Annihilator (s) via Fault Injection Attack (FIA) on Boolean Function of Grain v0 

In developing stream cipher algorithms, Boolean function is one of vital elements. Attacks on LFSR-based stream cipher is the challenge for the cryptanalyst to get low-degree annihilator(s). In this paper, we proposed Fault Injection Attack (FIA) on Boolean function of Grain v0, which is the original variant of Grain family algorithm. Fault injection attack (FIA) is used on Boolean function of Grain v0 by replacing certain coefficient with value of one (1) which results in the generation of several injected Boolean functions. With these injected Boolean function, we proceed using HAO’s algorithm to find annihilator(s). As a result, we obtained several new annihilator(s) of Grain v0’s Boolean function. This new annihilator(s) will be utilized to launch algebraic attacks upon Grain v0. Muhammad Rezal Kamel Ariffin, Wan Zariman Omar, Solahuddin Shamsuddin, Zahari Mahad, Suhairi Mohd Jawi 2019

ITM Web of Conferences 

edp sciences 

Link
28 Finding Annihilator(s) via Fault Injection Attach (FIA) on Boolean Function of Grain v0 In developing stream cipher algorithms, Boolean function is one of vital elements. Attacks on LFSR-based stream cipher is the challenge for the cryptanalyst to get low-degree annihilator(s). In this paper, we proposed Fault Injection Attack (FIA) on Boolean function of Grain v0, which is the original variant of Grain family algorithm. Fault injection attack (FIA) is used on Boolean function of Grain v0 by replacing certain coefficient with value of one (1) which results in the generation of several injected Boolean functions. With these injected Boolean function, we proceed using HAO’s algorithm to find annihilator(s). As a result, we obtained several new annihilator(s) of Grain v0’s Boolean function. This new annihilator(s) will be utilized to launch algebraic attacks upon Grain v0. Wan Zariman bin Omar; Dr Solahuddin Shamsuddin and Suhairi Mohd Jawi February 2019 Proceeding of the International Conference on Applied Mathematics, Computational Science and Systems Engineering [Open Access] EDP Sciences Link
29 High Capacity Image Steganography with Minimum Modified Bits Based on Data Mapping and LSB Substitution Steganography is the art and practice of communication using hidden messages. The least significant bits (LSB) based method is the well-known type of steganography in the spatial domain. Usually, achieving the larger embedding capacity in LSB-based methods requires a large number of LSB bits modification which indirectly reduces the visual quality of stego-image and increases the risk of steganalysis detection attacks. In this study, we propose a novel steganography method with data mapping strategy which can reduce the number of bits modification per pixel. In the proposed method, four secret data bits are mapped with the four most significant bits of a cover pixel. Furthermore, the only two LSBs of a pixel are modified to indicate the mapping strategy. Experimental results show that the proposed method is able to achieve 3.48% larger embedding capacity while enhancing the visual quality (i.e., peak signal to noise ratio (PSNR) 3.73 dB) and reducing the modification of 0.76 bits per pixel. Moreover, the proposed method provides security against basic Regular and Singular groups (RS) steganalysis and histogram steganalysis detection attacks. Abdul Alif Zakaria November 2018 Journal of Applied Sciences MDPI Link
30 Randomness Analysis on 3D-AES Block Cipher 3D-AES cryptographic block cipher algorithm has been designed inspired from antigen-antibody interaction, somatic hyper mutation and protein structural features in immune systems. The block cipher algorithm has been designed efficient for the byte permutations in AES algorithm of any 128 to 512 bits plaintext length with 128 bits key length. Randomness tests is important of the properties of cryptography algorithm block cipher to ensure that the algorithm is lack of pattern or predictability message. This paper will present the result of randomness testing using NIST statistical test suite for the 3D-AES block cipher. From the analysis of nine data plaintext or key categories conducted, some failures were identified in some data categories. Nor Azeala Mohd Yusof July 2017 Proceeding of the 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery 2017 Conference Proceeding / IEEE XPlore Digital Library Link
31 Automated Analysis Report Generation Using CSM S-Box Evaluation Tool (CSET) In this research paper, we introduce a cryptographic evaluation tool to evaluate the strength of an S-Box. This tool evaluates the Nonlinearity, Algebraic Degree and Differential Uniformity properties of an S-Box. It also analyses the Avalanche Effect, Completeness and Strong S-Box criteria of the tested S-Box. This tool will finally generates a complete report which provides a conclusion to indicate whether the tested S-Box passes or fails each test. It takes about seven seconds to produce a complete analysis report compared to an hour and a half when using conventional method. With the presence of this tool, process of evaluating an S-box will be simplified and automated which resulted in reducing the evaluation timeframe period significantly. Abdul Alif Zakaria; Nik Azura Nik Abdullah; Wan Zariman Omar; Nor Azeala Mohd Yusof and Hazlin Abdul Rani January 2017 International Journal of Cryptology ResearchVolume 6 Number 1 Institute for Mathematical Research (INSPEM) Link
32 Rules and results for SSL/TLS nonintrusive proxy based on JSON data The purpose of this study is to implement an adaptive, non-intrusive proxy in between a client and SSL/TLS web server using more practical and "middle" approach that can moderate the ongoing and future SSL/TLS sessions. Connection attributes from certificate and SSLProbe results are compared against a set of policies written in JavaScript Object Notation (JSON). The proxy shall handle client session and alerts users when the attributes from the SSL/TLS sites are matched with policy based upon the predefined rules.

Suhairi Mohd Jawi, Fakariah Hani Mohd Ali 

September 2016

International Conference on IT Convergence and Security (ICITCS)  

IEEE Link
33 Rules and Results for SSL/TLS Nonintrusive Proxy Based on JSON Data The purpose of this study is to implement an adaptive, non-intrusive proxy in between a client and SSL/TLS web server using more practical and "middle"" approach that can moderate the ongoing and future SSL/TLS sessions. Connection attributes from certificate and SSLProbe results are compared against a set of policies written in JavaScript Object Notation (JSON). The proxy shall handle client session and alerts users when the attributes from the SSL/TLS sites are matched with policy based upon the predefined rules." Suhairi Mohd Jawi September 2016 Proceeding of the 6th International Conference on IT Convergence and Security (ICITS 2016) IEEE Xplore Link
34 CSM S-Box Evaluation Tool (CSET) : Tool to Evaluate the Strength of an S-Box In this research paper, we introduce a cryptographic evaluation tool to evaluate the strength of an S-Box. This tool evaluates the Nonlinearity, Algebraic Degree and Differential Uniformity properties of an S-Box. It also analyses the Avalanche Effect, Completeness and Strong S-Box criteria of the tested S-Box. This tool will finally generates a complete report which provides a conclusion to indicate whether the tested S-Box passes or fails each test. It takes about seven seconds to produce a complete analysis report compared to an hour and a half when using conventional method. With the presence of this tool, process of evaluating an S-box will be simplified and automated which resulted in reducing the evaluation timeframe period significantly. Nik Azura Nik Abdullah; Abdul Alif Zakaria; Wan Zariman Omar; Nor Azeala Mohd Yusof & Hazlin Abdul Rani May 2016 Proceeding of the 5th International Cryptography and Information Security Conference (CRYPTOLOGY 2016) Institute for Mathematical Research (INSPEM) Link
35 The Comparative Study Of Randomness Analysis Between Modified Version Of LBlock Block Cipher And Its Original Design In this research paper, we present and compare the randomness analysis conducted towards LBlock block cipher and its modified version namely Modified LBlock. Among the important requirement when designing a block cipher algorithm is that the algorithm can act as a random number generator. Therefore, the aim of performing modification towards LBlock algorithm is to enhance its randomness results. Modification were made by replacing the eight 4 X 4 S-boxes with four different 16 X 16 S-boxes which has the same security strength as S-box of AES. During experimentation, this research project considers a full rounds of LBlock and Modified LBlock algorithms which both algorithms accepts a 64-bit plaintext, utilizes an 80-bit key, executes in 32 rounds and produces a 64-bit ciphertext. Nine different data categories were used to generate inputs (plaintext and key), with each having 100 samples. Blocks of ciphertext were generated from these algorithms and were concatenated to construct a binary sequence. NIST Statistical Test Suite consisting of sixteen tests was used to conduct testing and analysis, and the significance level was set to 1%. From the comparative analysis done, it is concluded that the randomness analysis results for Modified LBlock block cipher has 42.96% improvement compared to its original design when tested under 1% significance level and using the same samples.. Nik Azura Nik Abdullah; Liyana Chew Nizam Chew & Abdul Alif Zakaria

November 2015

International Journal of Computer and Information Technology    IJCIT Link
36 Randomness Analysis on Speck Family Of Lightweight Block Cipher Speck family of lightweight block cipher was publicly released by National Security Agency (NSA), USA in June 2013. Speck has been designed with ten instances which provides excellent performance in both hardware and software. Speck is optimized for performance on microcontrollers. This paper will present the result of randomness testing using NIST statistical test suite for SPECK cipher family, which are Speck128/128, Speck128/192, and Speck128/256. Nine data categories are applied to generate the input sequence (either plaintext or key) for each algorithm. Randomness is important for cryptography module to ensure that the cipher is unpredictable before it becomes available. From the analysis conducted, some failures were identified in some data categories.. Liyana Chew Nizam Chew; Isma Norshahila Mohammad Shah; Nik Azura Nik Abdullah; Norul Hidayah Ahmad Zawawi; Hazlin Abdul Rani & Abdul Alif Zakaria

January 2015

International Journal of Cryptology Research  

Malaysian Society for Cryptology Research  

Link
               
No.TitleAuthorYear of PublishedPublicationURL
1 Understanding The Technology Behind Cryptocurrencies Dr. Abdul Alif Zakaria Vol 54 2024 CyberSecurity Malaysia Link
2 The Importance of Data Privacy Legislation Compliance in Cross-Border Transactions Dr. Abdul Alif Zakaria, Wan Zariman Omar, Mayasarah Maslizan & Naqliyah Zainuddin Vol 52 2022 CyberSecurity Malaysia Link
3

DNA Techniques In DNA Based Cryptography

Nik Azura Nik Abdullah, Norul Hidayah Ahmad Zawawi, Liyana Chew Nizam Chew & Faridatul Akhma Ishak

Vol 53 2022

CyberSecurity Malaysia

Link
4 Blockchain Technology and the Rise of Smart Contracts Hazlin Abdul Rani, Isma Norshahila Mohammad Shah, Nor Azeala Mohd Yusof, Muhammad Naqib Bin Zahid Vol 52 2022 CyberSecurity Malaysia  Link
5 Securing Data In Cloud Using BYOE And BYOK Nor Azeala Mohd Yusof Volume 51 2021 CyberSecurity Malaysia Link
6 Signal, Is It Secure Enough? Nor Azeala Mohd Yusof & Isma Norshahila Mohammad Shah Volume 50 2021 CyberSecurity Malaysia Link
7 A Brief Review Of Authenticated Encryption Nik Azura Binti Nik Abdullah, Norul Hidayah Binti Ahmad Zawawi, Liyana Chew Binti Nizam Chew & Faridatul Akhma
Binti Ishak
Volume 49 2020 CyberSecurity Malaysia Link
8 BLOCKCHAIN: Beyond The Cryptocurrency Isma Norshahila binti Mohammad, Hazlin binti Abdul Rani & Muhammad Syazwan Fizani bin Sahran Volume 48 2020 CyberSecurity Malaysia Link
9 Are You The Weakest Link? Hazlin binti Abdul Rani, Wan Shafiuddin Zainudin, Noor Asmah Halimi & Finlayson Anak Ludan Volume 47 2019 CyberSecurity Malaysia Link
10 The Knowledge Of Mobile-Commerce Nik Azura Nik Abdullah, Norul Hidayah Ahmad Zawawi, Liyana Chew Nizam Chew, Abdul Alif Zakaria &
Faridatul Akhma Ishak
Volume 47 2019 CyberSecurity Malaysia Link
11 Existing Cryptographic Algorithm for the National Trusted Cryptographic Algorithm List (AKSA MySEAL) Nor Azeala binti Mohd Yusof, Norul Hidayah binti Lot Ahmad Zawawi & Nik Azura binti Nik Abdullah Volume 45 2018 CyberSecurity Malaysia Link
12 Blockchain & Cyber Security Faridatul Akhma binti Ishak, Abdul Alif bin Zakaria, Suhairi Mohd bin Jawi & Hazlin binti Abdul Rani Volume 45 2018 CyberSecurity Malaysia Link
13 Pengenalan Kepada Matematik Dalam Kriptografi Wan Zariman bin Omar, Wan Maisarah binti Md. Isa, Amir Hamzah bin Abd Ghafar, Nur Lina bin Abdullah &
Hazlin binti Abdul Rani
Volume 45 2018 CyberSecurity Malaysia Link
14 Revolusi Komputer: Teknologi Kuantum Wan Zariman Omar & Prof. Madya Dr. Zuriati Ahmad Zulkarnain (Universiti Putra Malaysia) Volume 43 2017 CyberSecurity Malaysia Link
15 Blockchain Implementation (Proof-of-Concept) Abdul Alif bin Zakaria Volume 42 2017 CyberSecurity Malaysia Link
16 Approved Cryptographic Algorithms in ISO/IEC Standards. Nik Azura binti Nik Abdullah, Norul Hidayah binti Lot Ahmad Zawawi, Liyana Chew binti Nizam Chew, Nor Azeala binti
Mohd Yusof
Volume 42 2017 CyberSecurity Malaysia Link
17 Approved Cryptographic Algorithm in NCA1 Projects Nik Azura Bt Nik Abdullah, Norul Hidayah Bt Lot Ahmad Zawawi, Liyana Chew Bt Nizam Chew, Nor Azeala Bt Mohd Yusof,
Faridatul Akhma Binti Ishak
Volume 42 2017 CyberSecurity Malaysia Link
18 Cryptography and Virus Isma Norshahila binti Mohammad, Abdul Alif bin Zakaria Volume 42 2017 CyberSecurity Malaysia Link
19 Lightweight Cryptography in Internet of Things Isma Norshahila binti Mohammad, Hazlin binti Abdul Rani Volume 42 2017 CyberSecurity Malaysia Link
20 Pengenalan kepada Bitcoin Wan Zariman Omar, Wan Maisarah Md Isa & Abdul Alif Zakaria Volume 41 2016 CyberSecurity Malaysia Link
21 Steganography Series: Peak Signal-to-Noise Ratio Abdul Alif Bin Zakaria Volume 40 2016 CyberSecurity Malaysia Link
22 National Cryptographic Algorithm Projects Isma Norshahila binti Mohammad, Nik Azura binti Nik Abdullah Shah, Norul Hidayah binti Lot@Ahmad Zawawi, Liyana
Chew binti Nizam Chew
Volume 40 2016 CyberSecurity Malaysia Link
23 FIPS 140-2 Evaluation Laboratory Accreditation and Its Programs Norul Hidayah binti Lot@ Ahmad Zawawi, Liyana Chew binti Nizam Chew, Nik Azura binti Nik Abdullah, Isma Norshahila
binti Mohammad Shah
Volume 40 2016 CyberSecurity Malaysia Link

MyKripto

CDD is a department within CyberSecurity Malaysia under the Proactive Technology & Services Division.

CRYPTOGRAPHY DEVELOPMENT DEPARTMENT

Email: mykripto [at] cybersecurity.my 

Phone: +60 3 8800 7999

Fax: +60 3 8008 7000

CSM MARKETING

Email: marketing [at] cybersecurity.my 

Phone: +60 3 8800 7999

Fax: +60 3 8008 7000

Search