Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Remote Identification and Authentication for High Security Access in Multi User Systems

Remote Identification and Authentication for High Security Access in Multi User Systems

MACSPro'2019 - Modeling and Analysis of Complex Systems and Processes, Vienna
21 - 23 March 2019

Prof. Nikos G. Bardis

Conference website http://macspro.club/

Website https://exactpro.com/
Linkedin https://www.linkedin.com/company/exactpro-systems-llc
Instagram https://www.instagram.com/exactpro/
Twitter https://twitter.com/exactpro
Facebook https://www.facebook.com/exactpro/
Youtube Channel https://www.youtube.com/c/exactprosystems

Exactpro
PRO

March 22, 2019
Tweet

More Decks by Exactpro

Other Decks in Research

Transcript

  1. Remote Identification and Authentication for High Security Access in
    Multi User Systems
    Professor Nikos G. Bardis, Eng., PhD.
    March 22, 2019
    Hellenic Army Academy, Section of Mathematics and Engineering Sciences, Greece

    View Slide

  2. Outline
     Some History…
    Cloud & IoT
    Cyber Security
    Cyber War
     Security Issues for Access Control
     Cryptography – The main tool for security
     Zero-knowledge Identification Schemes
     Modification of Zero-knowledge Identification Schemes
     Performance & Evaluation

    View Slide

  3. MILCOM 1990 Communications and Radar (Data Bases, Networks, Programming…)
    MILCOM 2000 Proceedings. 21st Century Military Communications. Architectures and Technologies for Information
    Superiority (C4I, Internet, web programming…)
    MILCOM 2010 Waveforms and Signal Processing, Networking Protocols and Performance, Cyber Security and Network
    Management, Systems Perspectives (Smart Devices, Cloud Systems, Cyber Security)

    View Slide

  4. Information Field
    The other engagement
    Information

    View Slide

  5. Internetworking: is the practice of connecting a computer
    network with other networks through the use of gateways that
    provide a common method of routing information packets
    between the networks.
    What could be connected to this network?
    Computers
    Mobile Phones
    Smart Grids/Smart City
    IP cameras and Home Appliances
    Wearable Technology (Smart Watches, Pacemakers, etc)
    Sensors (made possible by IoT)
    Distributed Robotics
    Introduction
    Interconnected Devices
    5

    View Slide

  6. Internetworking: is the practice of
    connecting a computer network with other
    networks through the use of gateways that
    provide a common method of routing
    information packets between the networks.
    What could be connected to this network?
    Computers
    IP cameras
    Mobile phones
    Pacemakers
    Others like Sensors (made possible by IoT)
    ARPANET
    SRI
    Utah UCSB
    UCLA
    Current Internet Structure
    What is Internetworking?
    Kaspersky Lab; Internet Map

    View Slide

  7. Firewalls, IPSEC, VPN/tunneling
    Security Policies
    Intrusion Detection Systems (IDSs)
    Signature-Based IDS – Match all incoming traffic with
    signatures stored in a database. If a traffic matches,
    then its an attack (SNORT, BRO IDS).
    Anomaly-Based IDS – Learn accepted network behavior,
    then use this learned behavior to identify future
    behaviors that do not conform to this baseline.
    Firewall
    What about hacking ?

    View Slide

  8. Outline
     Some History…
    Cloud & IoT
    Cyber Security
    Cyber War
     Security Issues for Access Control
     Cryptography – The main tool for security
     Zero-knowledge Identification Schemes
     Modification of Zero-knowledge Identification Schemes
     Performance & Evaluation

    View Slide

  9. Security Issues
    1. Confidentiality
    2. Authentication
    3. Integrity
    4. Non-repudiation
    5. Availability

    View Slide

  10. Connectivity-Its Security Issues
     Smart Grid Cyber Attacks
    These Cyber attacks against grids could bring
    down whole grids, something that could even kill
    people if it happens in winter.
     2015-cyber attack against Ukrainian utility
    company with malware (The Blackenergy
    Malware).
     2016-another cyber attack against Ukraine's
    energy sector in Kiev.
     Israel experienced a serious hack attack on
    its electrical grid in January 2016
    10
    Grant: “Cyber Security Techniques the SCADA Military Environment,” for three years

    View Slide

  11. «Cyber attack is Casus Belli»
    «Cyber warfare in United States is apart of the American military strategy
    of Proactive Cyber Defence and the use of cyber warfare as o platform
    for attack.»
    «The new United States military strategy makes explicit that a cyber
    attack is casus belli just as a traditional act of war.»

    View Slide

  12. Headlines of recent cyber attacks
    All Rights Reserved 2015 12
    Center for Information Networking and
    Telecommunications
    • Russian Hacking of DNC/RNC and threat of US retaliation
    • Yahoo huge security breach; Loss of data for one billion accounts
    2016
     Equifax Data Breach – 145.5 Million Accounts
     Uber Data Breach – 57 Million Records
     WannaCry Cyber Attack – 300,000 Systems
     Stolen NSA Cyber Weapons
     Yahoo! Makes History, Again – 3 Billion
    Accounts
    2017
    2018 • Facebook – 87 million records hacked
    . Sacks Fifth Ave & Lord & Taylor - 5 million accounts

    View Slide

  13. • Experian (T-Mobile)
    – 15 million records
    • Donald Trump Hotels
    • Sony Entertainment
    • Ashley Madison
    – 37 million records
    – 10 thousand government officials
    • Office of Personal Management (OPM)
    – 22 million records
    • Anthem health care
    – 80 million records
    2015
    Headlines of recent cyber attacks (Continued)

    View Slide

  14. Man in the Middle vs Authentication

    View Slide

  15. Denial-of-service (DOS) Attack vs Availability
    Denial-of-Service (DoS) attacks are strategies that
    are often used for occupying the communication
    resources in order to prohibit the transmission of
    measurement and nor control signals and that
    cause a maximum possible deterioration of the
    system performance.
    The most dangerous type of DoS attacks is the
    distributed DoS (DDoS) also called coordinated
    attack, in which a large number of compromised
    machines are used to perform the DoS attack.
    Moreover, DDoS is frequently occurred due to the
    simplicity of creating it, low coast and its high
    impact on systems including the ability of
    completely disconnect an organization. It is shown
    that this attack could cause instability of power
    grids and it could produce long delay jitter on NCS
    packets.

    View Slide

  16. Denial-of-service (DOS) Attack vs Integrity (Continued)
    The DoS attacks in radio frequency identification
    (RFID) system can be categorized based on the
    factors causing them as follows:
    1) System Jamming: Electromagnetic jamming is
    done in this type to prohibit tags from
    communicating with readers.
    2) Desynchronization Attack: It is destroying
    synchronization between the tag and the RFID
    reader causing a permanent disabling of the
    authentication capability of an RFID tag.
    3) Tag Data Modification: Changing the data to a
    random number which cannot be identified by the
    reader.
    4) Kill Command Attack: The attacker send a kill
    command with the hacked password causing a
    permanent disabling of the tag.
    5) Random DoS Attack: Which is affecting the
    system by injecting short periods of noise signals

    View Slide

  17. Inside Attack vs Confidentiality
    One important factor in Cyber Physical
    Systems - CPS security is that attacks
    might not only come from outside of the
    system but also from inside, such as
    from employees who do not need much
    additional knowledge about the target
    system.
    The knowledge that insiders often gives
    them unrestricted access to steal or
    modify data in the system or to
    deactivate that system. So, it is
    important to have a secure control
    system to maintain the stability of the
    system during such an attack.

    View Slide

  18. Structure of Remote Systems of Information Services,
    Information and Computer Resources
    User 1
    User 2
    User n
    Internet
    SYSTEM

    View Slide

  19. Multi User
    Systems
    Multiuser
    Systems
    Legitimate
    user
    Legitimate
    user
    Legitimate
    user
    Illegitimate
    user
    Illegitimate
    user
    Illegitimate
    user

    View Slide

  20. Attacker
    Action on the identification
    protocol
    Viruses Dishonest
    personnel
    Reading the passwords of
    legitimate users
    IDENTIFICATION
    SYSTEM
    Legitimate user
    Data transmission channel
    Password
    selection
    Interception of
    passwords and
    repetition
    Substitution of
    legitimate user
    during the session
    password
    data

    View Slide

  21. Threats From the Attacker Side, Controlling the Transmission Line
    User Line of Data
    exchange
    Active attack: User Ousting
    after Identification
    ( middle attack )
    SYSTEM
    Passive attack: listening of
    cycles of exchange of the
    identifying information of the
    user for its reproduction

    View Slide

  22. User identification
    information А
    Viruses
    Staff
    Other users
    Accessing system
    resources under
    the user name А
    System
    Administration
    Imitation the use of
    resources by the
    user А
    SYSTEM
    Subject Goal
    Threats from the Side of the System

    View Slide

  23. Outline
     Some History…
    Cloud & IoT
    Cyber Security
    Cyber War
     Security Issues for Access Control
     Cryptography – The main tool for security
     Zero-knowledge Identification Schemes
     Modification of Zero-knowledge Identification Schemes
     Performance & Evaluation

    View Slide

  24.      













    h
    r
    n
    h
    r
    n
    r
    n
    h
    r
    n
    y
    k
    k
    k
    x
    x
    x
    f
    y
    k
    k
    k
    x
    x
    x
    f
    y
    k
    k
    k
    x
    x
    x
    f
    y
    y
    y
    Y
    k
    k
    k
    K
    x
    x
    x
    X
    )
    ,...,
    ,
    ,
    ,...,
    ,
    (
    )
    ,...,
    ,
    ,
    ,...,
    ,
    (
    )
    ,...,
    ,
    ,
    ,...,
    ,
    (
    ,...,
    ,
    ,...,
    ,
    ,
    ,...,
    ,
    2
    1
    2
    1
    2
    2
    1
    2
    1
    2
    1
    2
    1
    2
    1
    1
    2
    1
    2
    1
    2
    1

    Cryptographic
    Algorithm
    Message X
    Key K
    Cryptogram Y
    Forward cryptography
    Cryptographic
    Algorithm
    Message X
    Key K
    Cryptogram Y
    Reverse cryptography
    UNSOLVED MATHEMATICAL TASK
    SOLVE OF SYSTEM OF
    NONLINEAR BOOLEAN
    EQUATIONS
    UNSOLVED
    MATHEMATICAL
    NUMBER THEORY TASK
    Block
    Ciphers
    Stream
    Ciphers
    Hash-
    Algorithms
    Public key
    Algorithms
    DES, RC-6
    RIJNDAEL
    A5, SNOW,
    SOBER
    SHA-1,
    RIPEMD-160
    RSA, DSA,
    ECC
    Cryptography – The Main Tool for Security

    View Slide








































































  25. 3
    2
    1
    4
    3
    2
    1
    4
    1
    2
    3
    2
    1
    3
    1
    4
    1
    3
    2
    4
    2
    3
    1
    4
    2
    1
    4
    1
    4
    3
    2
    1
    3
    2
    1
    2
    4
    3
    2
    2
    1
    3
    1
    4
    3
    1
    1
    1
    2
    1
    2
    1
    1
    1
    2
    2
    2
    1
    1
    1
    1
    1
    4
    2
    2
    1
    2
    1
    1
    2
    1
    1
    2
    2
    2
    2
    1
    3
    2
    1
    2
    1
    1
    2
    2
    2
    2
    1
    2
    1
    2
    2
    2
    1
    2
    1
    1
    1
    4
    2
    2
    1
    1
    1
    1
    1
    1
    1
    1
    y
    y
    y
    y
    y
    y
    y
    y
    y
    k
    y
    y
    y
    y
    y
    y
    y
    y
    y
    y
    y
    y
    k
    y
    y
    y
    y
    y
    y
    y
    y
    y
    y
    y
    y
    x
    y
    y
    y
    y
    y
    y
    y
    y
    y
    y
    x
    k
    x
    x
    x
    x
    k
    x
    k
    x
    k
    k
    k
    x
    k
    x
    y
    k
    x
    x
    k
    k
    x
    x
    x
    k
    x
    k
    x
    k
    k
    y
    k
    x
    k
    x
    k
    x
    k
    x
    x
    x
    x
    x
    y
    k
    x
    x
    x
    x
    k
    x
    k
    x
    k
    k
    y
    Block Cipher
    1
    x
    2
    x
    3
    x
    1

    n
    x
    n
    x
    1
    y
    2
    y
    3
    y
    1

    n
    y
    n
    y
    1
    k
    2
    k
    1

    r
    k
    r
    k
    Cryptography – The Main Tool for Security (Continued)

    View Slide

  26. Cryptography – The Main Tool for Security (Continued)
    UNSOLVED MATHEMATICAL TASK
    SOLVE OF SYSTEM OF
    NONLINEAR BOOLEAN
    EQUATIONS
    UNSOLVED
    MATHEMATICAL
    NUMBER THEORY TASK
    Block
    Ciphers
    Stream
    Ciphers
    Hash-
    Algorithms
    Public key
    Algorithms
    DES, RC-6
    RIJNDAEL
    A5, SNOW,
    SOBER
    SHA-1,
    RIPEMD-160
    RSA, DSA,
    ECC

    View Slide

  27. In a practical level the Boolean functions
    are not being used only in public key algorithms
    that have as mathematical base an unsolved tasks of the number theory
    The main advantage of the Boolean functions in cryptography is
    considered to be the high efficiency at their calculation by software and
    hardware means.
    So, for algorithms with roughly the same cryptoresistance, that are based on
    the Boolean functions is executed thousands times faster than modern
    public key algorithms.
    Cryptography – The Main Tool for Security (Continued)

    View Slide

  28. Outline
     Some History…
    Cloud & IoT
    Cyber Security
    Cyber War
     Security Issues for Access Control
     Cryptography – The main tool for security
     Zero-knowledge Identification Schemes
     Modification of Zero-knowledge Identification Schemes
     Performance & Evaluation

    View Slide

  29. Identification is one of the three base Problems of Information
    Security
    Information Security
    Protection from
    unauthorized data
    access via
    encryption
    Data Integrity:
    Digital Signature
    Technology /hashing
    Identification of
    remote
    subscribers

    View Slide

  30. As for the other two base tasks of the information security, the effectiveness of identification is
    determined by a compromise between two criteria: by security level and by the volume of
    available resources which is required for the implementation of the security functions
    The efficiency of remote subscriber
    identification schemes
    Level of security
    Amount of
    computational
    resources required for
    the implementation of
    the security functions
    Efficiency of Remote Access

    View Slide

  31. Existing schemes for identification of remote users
    Non strict identification based on
    using of invariable (const)
    passwords
    Strict identification based on the Zero
    Knowledge concept
    The major
    advantage:
    High speed of
    authentication
    The main
    disadvantage:
    Low security
    level
    The major
    advantage:
    High level of
    security
    The main disadvantage:
    existing realizations
    demand long processing
    times
    Identification of Remote Users

    View Slide

  32. Cryptographically strict identification should provide
    protection:
    From external threats From internal threats
    THE CONCEPT OF "ZERO KNOWLEDGE"
    USER SYSTEM
    The mechanism for
    generating the "correct"
    session passwords
    The mechanism for
    checking the
    "correctness" of
    session passwords
    Session
    password
    The system itself is not capable of generating a
    "correct" session password
    The Concept of Zero Knowledge Identification

    View Slide

  33. Zero-Knowledge Identification
    Tool for password
    generation
    User
    Tool for checking of
    user password
    legitimacy
    System
    Password
    The Concept of Zero Knowledge Identification (Continued)

    View Slide

  34. User System
    Session password
    generation
    mechanism
    Irreversible
    mechanism for
    validating the
    password
    Session
    password
    1/0
    The Concept of Zero Knowledge Identification (Continued)

    View Slide

  35. Existing Zero-Knowledge Identification Schemes
    FFSIS (Feige Fiat
    Shamir Identification
    Scheme)
    Guillou-Quisquater
    Identification Scheme
    Schnorr Identification
    Scheme
    Based on analytically insoluble mathematical problem of number theory, namely:
    discrete logarithmic calculations: find X given XE mod M = Y
    To reduce the possibility of solving the equation XE mod M = Y by trial, the word
    lengths of X, Y, M must be greater than or equal to 1024
    The procedure for checking of user
    password legitimacy requires long
    processing times
    The necessity of several cycles
    of information exchange
    between system and users

    View Slide

  36. Existing identification schemes that implement the concept
    of "zero knowledge"
    Feige Fiat Shamir Identification
    Scheme (FFSIS)
    Scheme Guillou-Quisquater Scheme
    Schnorr
    A2V mod M
    Basic computing
    operation AEBG mod M
    Number of exchanges in
    one session of
    identification
    18 - 22 3
    The Concept of Zero Knowledge Identification (Continued)

    View Slide

  37. MAJOR FAILURE OF EXISTING SCHEMES OF
    IMPLEMENTATION ZERO-KNOWLEDGE IDENTIFICATION
    LOW IDENTIFICATION SPEED
    Use of complex
    multiplicative operations of
    modular arithmetic, which
    are performed on numbers
    of large length 1024 or 2018
    Use to identify multiple
    cycles of data exchange
    between the user and the
    system
    CAUSES
    The Concept of Zero Knowledge Identification (Continued)

    View Slide

  38. NECESSITY OF ACCELERATING ZERO-KNOWLEDGE
    IDENTIFICATION PROCEDURES
    The most effective means of countering the
    middle attack is multi repeated identification
    within the interaction session
    Increase the number of systems
    with remote access working in
    real time
    Rapid growth in the number of
    users of systems with remote
    access
    The Concept of Zero Knowledge Identification (Continued)

    View Slide

  39. Choosing two prime numbers p and q
    Calculation m = p∙q
    Selection v and v-1 such way that:
    s2 mod m = v
    d2 mod m = v-1
    v∙v-1 mod m =1
    m and v - Public key s – Private key
    Exists d and s
    Zero Knowledge Identification Scheme:
    FFSIS: Private and Public key generation

    View Slide

  40. Verifies y∙y∙v mod m= x
    Send y
    Subscriber System
    Randomly selected number r
    Calculates x = r ∙r mod m
    Send x to system Receives x
    Calculates
    y = r ∙ s mod m,
    Randomly generates bit b
    Send b
    Send r
    Verifies r ∙r mod m = x
    if b=1
    if b=0
    1

     v
    s
    If subscriber possesses s that
    y2v mod m = ( r2 s2)v mod m=…=r2 v-1v mod m = r2 mod m= х
    Zero Knowledge Identification Scheme :
    FFSIS : Identification Procedure

    View Slide

  41. Choosing two prime numbers p and q such that q being a factor of p-1
    Choosing a such that a q mod p=1
    Calculation v = a-s mod p
    p and v - Public key s - Private key
    Calculation -s = q-s
    Randomly choosing sZero Knowledge Identification Scheme :
    Schnorr Identification Schemes:Private and Public Key Generation

    View Slide

  42. Send y
    Subscriber
    System
    Randomly selected
    number r
    Calculates
    x = ar mod p
    Send x to system
    Receives
    x
    Calculates
    y = (r+s∙e) mod q
    Send e
    Verifies
    ay ∙ ve mod p= x
    Randomly generates
    number e
    Zero Knowledge Identification Scheme :
    Schnoor Identification Procedure
    Send y
    Subscriber
    System
    Randomly selected
    number r
    Calculates
    x = ar mod p
    Send x to system
    Receives
    x
    Calculates
    y = (r+s∙e) mod q
    Send e
    Verifies
    ay ∙ ve mod p= x
    Randomly generates
    number e

    View Slide

  43. Choosing two prime numbers p and q
    J, m and v - Public key B - Private key
    Choosing B such that
    (J∙Bv) mod m =1
    Calculation m = p∙q
    Choosing open password J
    Randomly choosing v
    Zero Knowledge Identification Scheme
    Guillou-Quisquater identification schemes:
    Private and Public Key Generation

    View Slide

  44. Send D
    Subscriber System
    Randomly selected
    number r
    Calculates
    T = rv mod m
    Send T to system
    Receives
    T
    Calculates
    D = r∙Bd mod m
    Send d
    Verifies
    Dv∙ Jd mod m= T
    Randomly generates number
    d
    Zero Knowledge Identification Scheme :
    Guillou-Quisquater Identification Procedure

    View Slide

  45. Basic Calculations for Zero Knowledge
    Identification Schemes
    Schnorr schemes
    Guillou-Quisquater
    schemes
    FFSIS
    A2V mod M AEBG mod M
    The high computational complexity of zero knowledge identification schemes is
    the main reason that limits there of utility
    Zero Knowledge Identification Scheme (Continued)

    View Slide

  46. Possible Approaches of Zero Knowledge Identification
    Schemes Computational Complexity Decreasing
    Using of Precomputation and Parallel Computation for
    Decreasing of Computational Complexity of Modular
    Reduction
    Utilizing of Alternative Algebra
    Operation in which have low
    Computational Complexity
    Working out Zero
    Knowledge Identification
    Schemes based on Boolean
    Transformation
    Zero Knowledge Identification Scheme (Continued)

    View Slide

  47. Outline
     Some History…
    Cloud & IoT
    Cyber Security
    Cyber War
     Security Issues for Access Control
     Cryptography – The main tool for security
     Zero-knowledge Identification Schemes
     Modification of Zero-knowledge Identification Schemes
     Performance & Evaluation

    View Slide

  48. Utilizing of Alternative Algebra Operation in which have Low
    Computational Complexity
    - Galois Fields Arithmetic
    Possible Approaches of Zero Knowledge Identification Schemes
    Computational Complexity Decreasing
    Using of Precomputation and Parallel Computation for
    Decreasing of Computational Complexity of Modular Reduction
    Utilizing of Alternative Algebra
    Operation in which have low
    Computational Complexity
    Working out Zero Knowledge
    Identification Schemes based on
    Boolean Transformation

    View Slide

  49. Operation in Galois fields GF(2m)
    Widespread use in modern cryptosystem
    (Rijndael, Ellipse Curve Cryptosystems)
    Addition - XOR ( denoted as  )
    Multiplication
    ( denoted as AB rem M)
    Multiplication without the inter-bit carry transfers
    ( denoted as AB)
    Calculation of the remainder of the division of the
    polynomial that corresponds to the number А by the
    polynomial corresponding to M
    (denoted as A rem M )
    Exponentiation -
    (denoted as AE rem M)
    AE - exponentiation without carry:
    AE = А  А  ...  А

    View Slide

  50. Basic Calculations for Zero Knowledge
    Identification Schemes
    Schnorr schemes Guillou-Quisquater schemes
    FFSIS
    A2V mod M AEBG mod M
    AAV rem M AEBG rem M
    Modification
    In Galois field algebra
    Galois Fields Arithmetic (Continued)

    View Slide

  51. Choosing prime polynomial P(x) =xn+1+xn+…+x+1 and corresponding number m.
    For example for n=4: P(x)=x5+x4+1 and m=25
    Arbitrarily choosing (n-1) bit length number  (=4)
    Choosing d and s by such way that: d  s =   m  1. ( d =9 and s =13)
    Calculating
    v-1 =s s rem m
    (v-1 =1313 rem 25=7)
    Calculating
    v=d  d rem m
    (v =9  9 rem 25=7 )
    vv-1 rem m =1
    m and v - Public key s - Private key
    Galois Fields Arithmetic
    Modified FFSIS: Private and Public key generation

    View Slide

  52. Sent y
    Subscriber
    System
    Randomly selected number r (r =10)
    Calculates
    x = r r rem m
    (x = 1010 rem 25)=11
    Sent x to system Receives
    x =11
    Calculates
    y = r  s rem m,
    y = (10 13 rem 25=15)
    Randomly generates bit b
    Sent b
    Sent r
    Verifies
    r r rem m = x
    if b=1
    Verifies
    yyv rem m= x
    ( 151514 rem 25= 11)
    if b=0
    Galois Fields Arithmetic
    Modified FFSIS : Identification procedure

    View Slide

  53. Choosing two prime polynomials P(x) and W(x) to which correspondent
    numbers p and w ( for example P(x)=x5+x4+1 and W(x)=x5+x+1,
    correspondently p=25 and w=19)
    Choosing q and a such that aq rem p=1 (q=10; a=46)
    Calculation v = a-s rem m
    ( v = 467 rem 443 =117 )
    m and v – Public key s - Private key
    Calculation -s = q-s
    (-s=10-3=7 )
    Randomly choosing sCalculating m = pw ( m=2519=443)
    Galois Fields Arithmetic
    Modified Schnorr identification schemes:
    Private and Public Key Generation

    View Slide

  54. Verifies
    ay ve rem m= x
    (465  11729 rem 443= 85 )
    Sent y=5
    Subscriber
    System
    Randomly selected
    number rCalculates
    x = ar rem m,
    (x = 468 rem 443=85)
    Sent x to system Receives
    x =85
    Sent e =29
    Randomly generates
    number e (e=29)
    Calculates
    y = (r +s∙e) mod q,
    (y = (8+329) mod 11=5)
    Galois Fields Arithmetic
    Modified Schnoor Identification procedure

    View Slide

  55. J, m and v - public key B - private key
    Choosing B(B=39) such that
    (JBv ) rem m =1
    (18395 rem 443=1)
    Choosing open password J
    (J=18)
    Randomly choosing v
    (v=5)
    Choosing two prime polynomials P(x) and W(x) to which correspondent numbers p and w ( for
    example P(x)=x5+x4+1 and W(x)=x5+x+1, correspondently p=25 and w=19)
    Calculating m = pw ( m=2519=443)
    Galois Fields Arithmetic
    Modified Guillou-Quisquater identification schemes:
    Private and Public Key Generation

    View Slide

  56. Sent D =187
    Subscriber
    System
    Randomly selected number
    r (r=22)
    Calculates
    T = rv rem m,
    (T = 225 rem 443=159)
    Sent T =159 Receives
    T =159
    Calculates
    D = rBd rem m,
    (D = 223928 rem43=187)
    Sent d=28
    Verifies
    DvJd rem m= T
    (18751828rem 443= 159 )
    Randomly generates
    number d (d=28)
    Galois Fields Arithmetic
    Modified Guillou-Quisquater identification schemes:
    Identification procedure

    View Slide

  57. The main potentialities of Galois fields arithmetic for
    decreasing of computational complexity of basic operation
    A2∙V mod m AE mod m
    Not necessity to carry
    processing
    The specific property of
    the square of the number A
    without carry
    This property states that “the even bits of the binary code are
    equal to zero and the odd bits are identical to those of the
    number А”.
    Galois Fields Arithmetic (Continued)

    View Slide

  58. EXAMPE OF SQUARE OF 4-BIT LENGTH NUMBER WITHOUT CARRY
    A = a
    0
    + 2a
    1
    + 4a
    2
    + 8a
    3
    A  A = a
    3
    a
    0
    a
    2
    a
    0
    a
    1
    a
    0
    a
    0
    a
    0
    + a
    3
    a
    1
    a
    2
    a
    1
    a
    1
    a
    1
    a
    0
    a
    1
    a
    3
    a
    2
    a
    2
    a
    2
    a
    1
    a
    2
    a
    0
    a
    2
    a
    3
    a
    3
    a
    2
    a
    3
    a
    1
    a
    3
    a
    0
    a
    3
    a
    3
    a
    3
    0 a
    2
    a
    2
    0 a
    1
    a
    1
    0 a
    0
    a
    0
    А  А = a
    0
    + 4a
    1
    + 16a
    2
    + 64a
    3
    Galois Fields Arithmetic (Continued)

    View Slide

  59. ORGANIZATION OF YYV rem m CALCULATION
    For Y=y1
    +y2
    ∙2+…+yn
    ∙2n-1, where y1
    ,…,yn
    {0,1} according to property of the square of the
    number without carry:
    YY = y1
    + y2
    ∙4 + y3
    ∙42 + …. + yn
    ∙4n-1 and
    YY V = y1
    ∙V + y2
    ∙4∙V + y3
    ∙42∙V + …. + yn
    ∙4n-1∙V and
    YY V rem m = y1
    ∙V rem m + y2
    ∙4∙V rem m + …. + yn
    ∙4n-1∙V rem m
    Since V and m are components of public key it can consider as constants. It can be one time
    calculated and stored in table:
    T[1]= V T[2]= 4∙V rem m T[3]= 42∙V rem m … T[n]= 4n-1∙V rem m
    Than YY V rem m = y1
    ∙T[1] + y2
    ∙T[2] + …. + yn
    ∙T[n]
    Galois Fields Arithmetic (Continued)

    View Slide

  60. Estimation of the Effectiveness Software Implementation Modified
    FFSIS in Galois Fields
    s =k/w
    w - processor bit length
    k - number bit length
    Time T
    B
    calculating Y2∙V mod m for Barret modular
    multiplication algorithm:
    T
    B
     24∙(s2 + 2∙s)∙ ,  - processor cycle time
    Time T calculating YYV rem m for proposed organization:
    T  0.5∙k∙s∙

    View Slide

  61. Relationship of the implementation time in software implementation of the
    original and modified FFSIS for k=1024
    Processor
    Word length w
    Algorithm using the standard FFSIS approach for modular
    multiplication
    Classic:2T
    c
    /T Barrett : 2T
    B
    /T
    8 12.3 12.3
    16 6.3 6.2
    32 3.3 3.2
    64 1.8 1.7
    Galois Fields Arithmetic (Continued)

    View Slide

  62. Organization of the Exponentiation YE rem m
    in Galois Fields Calculation
    R = YE rem m
    j >= 0
    e
    j
    = 1
    R = 1
    Basic exponentiation schema
    j = k
    R = RR rem m
    R = RY rem m
    Yes
    j = j -1
    Yes
    if e
    j-1
    =1 and e
    j
    = 1
    R
    j+1
    = R
    j
    2 Y rem m
    if e
    j-1
    =0 and e
    j
    = 1
    R
    j+1
    = R
    j
    4 Y rem m
    if e
    j-2
    =0 and e
    j-1
    =0 and e
    j
    = 1
    R
    j+1
    = R
    j
    8  Y rem m
    if e
    j-3
    =0=e
    j-2
    and e
    j-1
    =0 and e
    j
    = 1
    R
    j+1
    = R
    j
    16  Y rem m

    View Slide

  63. Number
    of tables
    2 3 5 8
    7
    6
    4
    9
    10
    11
    12
     = Т0
    /Te
    – coefficient of acceleration
    Results of Experimental Investigation of Exponentiation Acceleration
    Dependence of Number Tables Pre-computations

    View Slide

  64. Relation between the implementation times for software of the original and
    modified Schnorr and Guillou- Quisquater for k=1024
    Processor Bits
    T
    M
    / T
    m2
    8 16 32 64
    29 14.5 7.4 3.8
    where T
    M
    - time for exponentiation AE mod m using Montgomery algorithm
    T
    m2
    - time for exponentiation AE rem m in Galois
    field using 4 tables precomputations

    View Slide

  65. Relation between the time for execution and the complexity of the scheme
    with hardware implementation of the arithmetic and logic addition (in
    packets for k=1024)
    Efficiency
    Criterion
    Carry scheme for the arithmetic adder
    Sequential Parallel
    Time T
    ASC
    /T
    XOR
    =4.5k
    (4608)
    Т
    APC
    / T
    XOR
    =1.5log
    2
    k (15)
    Complexity S
    ASC
    /S
    XOR
    =6 S
    APC
    /S
    XOR
    =6k2 (6144)
    where T
    ASC
    - actuation time for serial forming carry scheme
    T
    APC
    - actuation time for parallel forming carry scheme
    S
    ASC
    - number of logical elements for serial forming carry scheme
    S
    APC
    - number of logical elements for parallel forming carry scheme

    View Slide

  66. Zero Knowledge Identification Schemes based on Boolean
    Transformation
    Possible Approaches of Zero Knowledge Identification Schemes
    Computational Complexity Decreasing
    Using of Precomputation and Parallel Computation for
    Decreasing of Computational Complexity of Modular Reduction
    Utilizing of Alternative Algebra
    Operation in which have low
    Computational Complexity
    Working out Zero Knowledge
    Identification Schemes based on
    Boolean Transformation

    View Slide

  67. A Scheme for the Deployment of the Proposed Boolean Transformation
    for Zero-knowledge Identification (I)
    REGISTRATION
    Subscriber A System
    Random selection of the secret
    session passwords:
    X1
    , X2
    , ...., Xm
    Forming Boolean transformation FA
    (X),
    which is depended of the secret codes
    X1
    , X2
    , ...., Xm
    and UA
    Transmission of the formed
    transformation FA
    (X) and UA
    Storage of the secret codes
    X1
    , X2
    , ...., Xm
    Transmission of the
    established program
    for forming Boolean
    transformations F(X)
    and codes U
    Storage the description
    of the Boolean
    transformation FA
    (X)
    and code UA

    View Slide

  68. A Scheme for the Deployment of the Proposed Boolean Transformation
    for Zero-knowledge Identification (II)
    IDENTIFICATION SESSION
    Subscriber A System
    Selection of one of the codes
    X  {X1
    , X2
    , ...., Xm
    }, and
    elimination from the set of secret
    codes
    Transmission of selected code X
    Reception of the code X
    and calculation of Y =
    F(X)
    If Y= UA
    then access to
    the resources is allowed
    and the reuse of X is
    blocked

    View Slide

  69. X
    x1
    x2
    … xk
    xk+1
    ,…,x2k
    x(h-1)k
    ,…,xn
    u1
    u2
    … uk
    uk+1
    ,…,u2k
    u(h-1)k
    ,…,un
    U
    Operation of diffusion
    and confluence
    1
    2
    h
    1
    2
    h
    1
    2
    h
    Operation of
    nonlinear
    transformation
    confluence
    h

    View Slide

  70. Comparative Estimation of the Time for Identification
    (program implementation on a 64- bit processor)
    FFSIS (Feige Fiat Shamir Identification
    Scheme) for length 1024
    Proposed method of Identification for
    key length -256 and number of
    fragments h=8
    Required number
    of cycles
    exchange
    32 1
    Time for processing of the user code for
    one cycle exchange
    The realization of Boolean
    transformation requires 512 commands
    One cycle is carried out 165 times more rapidly
    The fulfillment of 3 operations of modular
    multiplication requires 84864 commands
    The proposed method identification ensures a decrease by 5280 times of the
    identification time in comparison with FFSIS
    Experimental research it showed that a real acceleration of identification by 3 orders of
    magnitude

    View Slide

  71. At the heart of any cryptographic transformation is an irreversible
    transformation, that is, a transformation for which it is analytically
    impossible to find the opposite
    Irreversible transformations of
    modular arithmetic
    Irreversible Boolean
    transformations
    ARE USED
    ADVANTAGES
    Algorithms RSA, El-Gamal, DSS Algorithms DES, Rijndael, Hash -SHA,
    Ripemd-160
    High speed
    The possibility of constructing complex
    cryptographic structures
    Zero Knowledge Identification Schemes based on Irreversible Boolean Transformation

    View Slide

  72. (Block Ciphers - ВС) Algorithm for encryption / decryption of a data
    block D fixed length using a single key K.
    ВС
    Key К
    С
    D
    ВС
    Key К
    С D
    D=R(C,K).
    Standardized cipher blocks certified by the relevant authorities:
    Rijndael, DES, MARS, Serpend
    C=F(D,K)

    View Slide

  73. 1) The system send the user's identification code U
    2) The user determines the number n Identification cycles
    3) The user generates a random code pn
    - Session password on the last, n-th
    identification cycle. Index j is assigned a value n-1: j =n-1.
    4) The user calculates qj
    = F( j |U, pj
    ), where j | U - Concatenation of the identification
    cycle number and identification code.
    5) The user calculates pj-1
    = F(pj
    , qj
    )
    6) Index increment j: j = j-1. If j>0, Then it returns to the re-execution step.4.
    7) The user sends the code p0
    to the system.
    8) Session Password Codes p0
    , p1
    ,…,pn
    stored in user memory.
    Formal Description of the User Registration
    Procedure

    View Slide

  74. User
    System
    BC
    j
    pj-1

    R
    U
    U
    BC
    j =? j
    U
    pj-1
    =? pj-1

    U =?U
    BC
    BC
    j+1
    U
    pj-+1
    BC
    j
    U
    BC
    =? pj-1

    pj

    pj-
    Figure 1 – Structure of cryptographic transformations performed at the j- th session of user authentication
    Interaction of Authentication between System and Users

    View Slide

  75. User Registration Procedure
    1) The system formulates randomly the user authentication code U.
    2) The system encrypts the code U with user public key Kuo
    : L = (U, Kuo
    ) where  - a public key algorithm like
    RSA, with Kuo
    – the public user key of algorithm , and sends to the user the code L.
    3) The user receives from the system the code L and using his private key Kup
    restores the code U=-1(L, Kup
    ).
    4) The user defines the number n that represents the sequence number of the authentication cycle.
    5) The user produces the random session password pn at the end of the nth authentication cycle. The index j
    assumes the value n-1: j = n-1.
    6) The user calculates qj = F( j|U, pj
    ), where j|U is the concatenation of the number of the authentication cycle
    and the authentication code U.
    7) The user calculates pj-1
    = F(pj
    , qj
    )
    8) The index j is decremented: j=j-1. If j>0, then return to step 6.
    9) The user encrypts the code р0
    using the key U: X = F(p0
    , U) and sends the code X to the system.
    10) The system according to the received code Х restores the code p0
    : p0
    =F(X,U) and saves it in memory.

    View Slide

  76. jth Cycle of User Authentication Procedure
    1) Upon the user's request, the system generates a random code R. This code together with the
    number j of the authentication cycle, previous session password pj-1
    and code U encrypted by
    the system using as identification key U of user: D = F( j |R | U | pj-1
    , U) and the received code
    D is sent to the user.
    2) The user receives code D, decrypts it with private key U, restoring the values j , U , pj-1
    , and R.
    3) The user compares received codes j, U and pj-1
    with the values that are stored in it: if j = j, U=U
    and pj-1
    = pj-1
    , then confirms that the system knows the codes U, j and pj-1
    , thus ensuring
    interaction with the system.
    For synchronization of system and users authentication cycle:
    (a). If j  j , U U and pj-1
     pj-1
    , then the user does not interact with system and session
    authentication.
    If j j, U=U and pj-1
    pj-1
    , then the user interacts with the system, but the synchronization of the
    parameters has been lost.
    (b) To restore the synchronization of identification parameters, the user determines =1+max( j, j).
    Encrypts codes  and p with the key U: W=F(| p
    , U) and the received code W send to the
    system. Sets the identification session number j=+1.
    System upon receipt the code W restores the values  and p
    via the transformation F(W,U). Sets the
    identification session number j=+1 and pj-1
    =p
    . After restoring the synchronization goes to step 4.
    The user generates the code Qj
    as XOR of jth session password pj
    and the random code selected by
    the system R: Qj
    = pj
     R. The generated in this way code Qj
    sent it to the system.
    4) The system restores the value jth session password pj
    : pj
    = Qj
     R and calculates d = F( j|U, pj
    ).
    The system calculates =F(pj
    , d). If  = pj-1
    , then the user authentication was successful and
    access to system resources is permitted.

    View Slide

  77. Special Means for Resistant Against Middle Attack
    User send Sequences of code
    Fast identification
    System Controlled
    jth session with user
    BC
    u
    Pd send BC
    u
    Pj ==

    View Slide

  78. Experiment Results of Comparing Performance Analysis Proposed
    Scheme and Knows
    Known Zero Knowledge
    Schemes Acceleration Level
    Software Implementation Hardware Implementation
    FFSIS 2.3 103 ~ 105
    Guillou-Quisquater 2.8 103 ~ 105
    Schnorr 3.1 103 ~ 105
    The basic reason for achieved accelerating consist of changing of
    Algebraic basis: substitution modular arithmetic algebra by
    Boolean Algebra

    View Slide

  79. Modular Arithmetic Operations for IoT and Cloud
    Applications
    Possible Approaches of Zero Knowledge Identification Schemes
    Computational Complexity Decreasing
    Using of Pre-computation and Parallel Computation for
    Decreasing of Computational Complexity of Modular Reduction
    Utilizing of Alternative Algebra
    Operation in which have low
    Computational Complexity
    Working out Zero Knowledge
    Identification Schemes based on
    Boolean Transformation

    View Slide

  80. Modular Arithmetic Operations for IoT and Cloud Applications
    Secure Parallel Modular Exponentiation
    The proposed technique for modular exponentiation is based on performing simple operations
    on the user computational resources, shifting the complex operations to high performance
    cloud resources and operates by separating the procedure for modular exponentiation
    in two components.
    An algorithm for the software implementation of modular multiplication is proposed, which
    uses pre-computations with a constant modulus to reduce the computational load
    imposed upon the processor. The developed modular multiplication algorithm provides
    faster execution on low complexity hardware in comparison with the existing algorithms
    and is oriented towards the variable value of the modulus, especially with the software
    implementation on micro controllers and smart cards whose architectures include a small
    number of bits
    A potential attacker receives no information by intercepting the data existing in the cloud

    View Slide

  81. Modular Arithmetic Operations for IoT and Cloud Applications
    Secure Parallel Modular Exponentiation
    Τhe mathematical basis of the majority of public key algorithms is the modular exponentiation operation
    AE mod M. In practice, using cryptography with a public key module M is part of the public key, E - is a
    component of the private key, and A - is an informational component. Hence, the objective of hacking
    is to obtain code E. The level of protection provided by such algorithms directly depends on the bit
    depth n of numbers used in the operation of the modular exponentiation. In most practical applications,
    bit depth is 1024, 2048 or 4096. Computational complexity of modular exponentiation is O(n2). This
    means that while doubling the bit depth of used numbers, the amount of computation increases by
    approximately four times. Thus, the computational complexity of the tests for exponent selection code is
    of the order O(2n).
    Ιncreasing of bit depth significantly slows down calculations, related to information security
    functions. This situation may be overcome by using computing resources of cloud systems for
    modular exponentiation, in such a manner that that when calculating the AE mod M, the secret
    exponent E code and the processed number A are not disclosed.

    View Slide

  82. Modular Arithmetic Operations for IoT and Cloud Applications
    Secure Parallel Modular Exponentiation
    The basic modular arithmetic operation used within the context of information security
    algorithms is modular multiplication, i.e., the calculation
    R=AB mod M
    The assumptions that need to be made are:
    that the result R, coefficient A, multiplicand B and modulus M are n bit binary numbers,
    that the most significant bit of the modulus is equal to 1, i.e. 2n-1M 2n
    that the co-factors are lower than the modulus, i.e. A

    View Slide

  83. Modular Arithmetic Operations for IoT and Cloud Applications
    Secure Parallel Modular Exponentiation
    It is also assumed that the operation of modular multiplication is performed on a
    k bit general purpose processor, microprocessor or micro-controller.
    Consequently, each one of the numbers which participate in the operation of
    modular multiplication can be represented in the form of s=n/k bit words:
     









     





    1
    0
    1
    0
    1
    0
    2
    ,
    2
    ,
    2
    s
    j
    s
    j
    k
    j
    j
    s
    j
    k
    j
    j
    k
    j
    j
    m
    M
    b
    B
    a
    A
    where aj
    , bj
    , mj
    are k bit words and j0,…,s-1.
    R=AB mod M

    View Slide

  84. Modular Arithmetic Operations for IoT and Cloud Applications
    Secure Parallel Modular Exponentiation
    Elementary arithmetic considerations show that the product of two k – bit numbers
    requires (2 ∙ k) – bits for its accurate representation. By denoting:
     qm
    – the number of multiplications required
     tm
    – the execution time needed for each command
     qa
    – the number of additions required
     ta
    - the execution time of each addition
    the estimate for computational complexity of the particular software implementation
    of the n bit modular multiplication is:
    a
    a
    m
    m
    t
    q
    t
    q 


    If ratio of the execution times for the multiplication and addition commands on the
    processor is w = tmul
    /ta
    ,, then the execution time of the modular multiplication can be
    represented as
    )
    ( a
    m
    a
    q
    q
    w
    t 


    View Slide

  85. Modular Arithmetic Operations for IoT and Cloud Applications
    Secure Parallel Modular Exponentiation
    Algorithm 1: Classical scheme for word-by-word Modular Multiplication.
    R=0;
    for(i=0; iY=0;
    for (j=0; jY+= (ai
    *bj
    )<R += Reduce(Y);
    if (iB<<=k;
    Reduce(B);
    Reduce(R);








    1
    0
    2
    s
    i
    k
    i
    i
    j
    j
    b
    a
    B
    a
    The operation of multiplication is performed on a word-by-word
    basis. More specifically, the jth (j=0,… , s-1) of the k bit word of
    the coefficient aj
    is multiplied by shifting each of the s words of
    multiplicand in B. The obtained products, which are 2∙k bits long,
    are added, forming (n+k) bits, a result which is a partial
    representation of the product shown in Equation.
    Following this, the modular reduction of the partial expression is
    carried out, obtaining jth partial residual Rj
    = aj
    B mod M. The
    result of the modular multiplication R=AB mod M is formed as
    the sum of the modular reductions of the partial expression of the
    product: R=(R0
    +R1
    +…+Rs-1
    )mod M.

    View Slide

  86. Acceleration of Modular Multiplication in Information Security
    Τhe extensively popular RSA algorithm uses a complex procedure to obtain the three
    numbers d, e and M with lengths n between 1024 and 2048 bits that satisfy the identity
    AdeA
    The process of the coding of the block A of a certain message consists of the calculation of
    C=Ae mod M
    and the decoding of block A is realized with the calculation of
    A=Cd mod M
    The pair of numbers composes the public key, while the pair composes the private key

    View Slide

  87. Acceleration of Modular Multiplication in Information Security
    One of the above keys, depending on the protocol that the RSA uses, is public while the other one is
    private.
    The analysis of the practical use of an RSA algorithm shows that the keys change relatively rarely
    so that with the use of the same key, tens of thousands of information blocks are processed.
    This makes it possible to consider that in the process of computational implementation, the RSA key and
    consequently the modulus are both in effect constant. Analogous reasoning can also be applied to a
    number of other standardized information security algorithms that are widely applied in practice.

    View Slide

  88. Acceleration of Modular Multiplication in Information Security
    The fact that the modulus M is constant makes it possible to simplify the calculation of modular
    reduction in the multiplication process via the use of pre-computed results. Such pre-
    computations depend only on the value of the modulus M and therefore they may be carried
    out off-line and be recovered whenever there is a change of the modulus.
    The results of the pre-computations can be stored in the tabular form in main memory and are
    used repeatedly with each modular multiplication calculation.
    In the modular multiplication implementation,
    part of the computational resources is strictly used for the calculation of multiplication
    and the
    other part for the implementation of modular reduction

    View Slide

  89. Acceleration of Modular Multiplication in Information Security

    View Slide

  90. Outline
     Some History…
    Cloud & IoT
    Cyber Security
    Cyber War
     Security Issues for Access Control
     Cryptography – The main tool for security
     Zero-knowledge Identification Schemes
     Modification of Zero-knowledge Identification Schemes
     Performance & Evaluation

    View Slide

  91. Performance & Evaluation
    TABLE OF REQUIRED CALCULATIONS AND CYCLES TABLE OF RELATIONSHIP WITH AES 256

    View Slide

  92. 1. Bardis, Nikos G., et al. "Methods for increasing the efficiency of the remote user authentication in integrated systems." Trends in
    Computer Science 12.1 (2003): 99-107.
    2. Bardis, Nikolaos G., et al. "Two level efficient user authentication scheme." 4th IEEE International Conference on Digital
    Ecosystems and Technologies. IEEE, 2010.
    3. Stavroulakis, P., Markovskyi, O. P., Bardis, N. G., & Doukas, N. (2011, December). Efficient zero—Knowledge identification based
    on one way Boolean transformations. In 2011 IEEE GLOBECOM Workshops (GC Wkshps) (pp. 275-280). IEEE.
    4. Bardis, N. G., Markovskyi, O. P., Doukas, N., & Drigas, A. (2012, October). Fast implementation zero knowledge identification
    schemes using the Galois Fields arithmetic. In 2012 IX International Symposium on Telecommunications (BIHTEL) (pp. 1-6). IEEE.
    5. Doukas, Nikolaos, Nikolaos Bardis, and Oleksandr P. Markovskyi. "Authentication and Integrity in Streaming Video Transmission."
    Mathematics and Computers in Science and Engineering Series 12 (2013).
    6. Doukas, N., Drigas, A., Bardis, N. G., & Karadimas, N. V. (2013). Accessible secure information society applications via the use of
    optimised cryptographic calculations. Journal of Applied Mathematics and Bioinformatics, 3(4), 181.
    7. Bardis, Nikolaos. "Secure, green implementation of modular arithmetic operations for IoT and cloud applications." Green IT
    Engineering: Components, Networks and Systems Implementation. Springer, Cham, 2017. 43-64.
    8. Kolisnyk, M., Kharchenko, V., Piskachova, I., & Bardis, N. G. (2017). A Markov Model of IoT System Availability Considering DDoS
    Attacks and Energy Modes of Server and Router. In ICTERI (pp. 699-712).
    9. Bardis, Nikolaos G., Nikolaos Doukas, and Oleksandr P. Markovskyi. "Zero-Knowledge Identification Method Based on Block
    Ciphers." 2017 International Conference on Control, Artificial Intelligence, Robotics & Optimization (ICCAIRO). IEEE, 2017.
    10. Stavroulakis, P., Kolisnyk, M., Kharchenko, V., Doukas, N., Markovskyi, O. P., & Bardis, N. G. (2017, July). Reliability, Fault
    Tolerance and Other Critical Components for Survivability in Information Warfare. In International Conference on E-Business and
    Telecommunications (pp. 346-370). Springer, Cham.
    11. Doukas, Nikolaos, Oleksandr P. Markovskyi, and Nikolaos G. Bardis. "Reliability, Fault Tolerance and Other Critical Components
    for Survivability in Information Warfare." E-Business and Telecommunications: 14th International Joint Conference, ICETE 2017,
    Madrid, Spain, July 24–26, 2017, Revised Selected Paper. Springer, 2019.
    REFERENCES

    View Slide