DSpace Community: KAIST School of Computing
http://hdl.handle.net/10203/8
KAIST School of Computing2018-06-12T03:20:33ZCreating Haptic Illusion of Compliance for Tangential Force Input using Vibrotactile Actuator
http://hdl.handle.net/10203/238199
Title: Creating Haptic Illusion of Compliance for Tangential Force Input using Vibrotactile Actuator
Authors: Heo, Seongkook; Lee, Geehyuk2018-08-23T00:00:00ZAre Mutation Scores Correlated with Real Fault Detection? A Large Scale Empirical study on the Relationship Between Mutants and Real Faults
http://hdl.handle.net/10203/242197
Title: Are Mutation Scores Correlated with Real Fault Detection? A Large Scale Empirical study on the Relationship Between Mutants and Real Faults
Authors: Papadakis, Mike; Shin, Donghwan; Yoo, Shin; Bae, Doo Hwan2018-05-31T00:00:00ZDomain Isolated Kernel: A lightweight sandbox for untrusted kernel extensions
http://hdl.handle.net/10203/241291
Title: Domain Isolated Kernel: A lightweight sandbox for untrusted kernel extensions
Authors: Manes, Valentin J. M.; Jang, Daehee; Ryu, Chanho; Kang, Brent Byunghoon
Abstract: Monolithic kernel is one of the prevalent configurations out of various kernel design models. While monolithic kernel excels in performance and management, they are unequipped for runtime system update; and this brings the need for kernel extension. Although kernel extensions are a convenient measure for system management, it is well established that they make the system prone to rootkit attacks and kernel exploitation as they share the single memory space with the rest of the kernel. To address this problem, various forms of isolation (e.g., making into a process), are so far proposed, yet their performance overhead is often too high or incompatible for a general purpose kernel. In this paper, we propose Domain Isolated Kernel (DlKernel), a new kernel architecture which securely isolates the untrusted kernel extensions with minimal performance overhead. DlKernel leverages hardware based memory domain feature in ARM architecture; and prevents system manipulation attacks originated from kernel extensions, such as rootkits and exploits caused by buggy kernel extensions. We implemented DlKernel on top of Linux 4.13 kernel with 1500 LOC. Performance evaluation indicates that DlKernel imposes negligible overhead which is observed by cycle level microbenchmark. (C) 2018 Elsevier Ltd. All rights reserved.2018-05-01T00:00:00ZKey alternating ciphers based on involutions
http://hdl.handle.net/10203/242179
Title: Key alternating ciphers based on involutions
Authors: Lee, Jooyoung
Abstract: In this work, we study the security of Even---Mansour type ciphers whose encryption and decryption are based on a common primitive, namely an involution. Such ciphers possibly allow efficient hardware implementation as the same circuit is shared for encryption and decryption, and thus expected to be more suitable for lightweight environment in which low power consumption and implementation costs are desirable. With this motivation, we consider a single-round Even---Mansour cipher using an involution as its underlying primitive. The decryption of such a cipher is the same as encryption only with the order of the round keys reversed. It is known that such a cipher permits a birthday-bound attack using only construction queries, but whether it provides provable security in the range below the birthday bound has remained. We prove that the Even---Mansour cipher based on a random involution is as secure as the permutation-based one when the number of construction queries is limited by the birthday bound. In order to achieve security beyond the birthday bound, we propose a two-round Even---Mansour-like construction, dubbed $$\mathsf {EMSI}$$EMSI, based on a single involution I using a fixed permutation $$\sigma $$ź in the middle layer. Specifically, $$\mathsf {EMSI}$$EMSI encrypts a plaintext u by computing $$\begin{aligned} v=I\left( \sigma \left( I(u\oplus k_0)\right) \oplus k_1\right) \oplus k_2 \end{aligned}$$v=IźI(uźk0)źk1źk2with the key schedule $$\gamma =(\gamma _0,\gamma _1,\gamma _2)$$ź=(ź0,ź1,ź2) generating three round keys $$k_0=\gamma _0(k)$$k0=ź0(k), $$k_1=\gamma _1(k)$$k1=ź1(k) and $$k_2=\gamma _2(k)$$k2=ź2(k) from an n-bit master key k. We prove that if the key schedule $$\gamma =(\gamma _0,\gamma _1,\gamma _2)$$ź=(ź0,ź1,ź2) satisfies a certain condition, and $$\sigma $$ź is a linear orthomorphism, then this construction is secure up to $$2^{\frac{2n}{3}}$$22n3 construction and permutation queries. $$\mathsf {EMSI}$$EMSI is the first construction that uses a single involution--a primitive weaker than a truly random permutation--and that provides security beyond the birthday bound at the same time. Encryption and decryption of $$\mathsf {EMSI}$$EMSI are the same except for the key schedule and the middle layer. Since encryption and decryption are both based on a common primitive, $$\mathsf {EMSI}$$EMSI is expected to be particularly suitable for modes of operation that use both encryption and decryption of the underlying block cipher such as OCB3.2018-05-01T00:00:00Z