Iranian Society of CryptologyThe ISC International Journal of Information Security2008-20459220170712On the computational complexity of finding a minimal basis for the guess and determine attack1011104911810.22042/isecure.2017.79681.373ENSh. KhazaeiSharif University of Technology, Department of Mathematical Sciences, Iran, TehranF. MoazamiShahid Beheshti University, Cyberspace Research Institute, Iran, TehranJournal Article20170306Guess-and-determine attack is one of the general attacks on stream ciphers. It is a common cryptanalysis tool for evaluating security of stream ciphers. The effectiveness of this attack is based on the number of unknown bits which will be guessed by the attacker to break the cryptosystem. In this work, we present a relation between the minimum numbers of the guessed bits and uniquely restricted matching of a graph. This leads us to see that finding the minimum number of the guessed bits is NP-complete. Although fixed parameter tractability of the problem in term of minimum number of the guessed bits remains an open question, we provide some related results. Moreover, we introduce some closely related graph concepts and problems including alternating cycle free matching, jump number and forcing number of a perfect matching.https://www.isecure-journal.com/article_49118_dba8b0a005401e76ae90b0bb72b3c475.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20459220170728An efficient secure channel coding scheme based on polar codes1111184911910.22042/isecure.2017.84609.380ENB. MafakheriSharif University of Technology, Department of Electrical Engineering, Iran, TehranT. EghlidosSharif University of Technology, Electronics Research Institute, Iran, TehranH. PilaramSharif University of Technology, Department of Electrical Engineering, Iran, TehranJournal Article20170424In this paper, we propose a new framework for joint encryption encoding scheme based on polar codes, namely efficient and secure joint secret key encryption channel coding scheme. The issue of using new coding structure, i.e. polar codes in Rao-Nam (RN) like schemes is addressed. Cryptanalysis methods show that the proposed scheme has an acceptable level of security with a relatively smaller key size in comparison with the previous works. The results indicate that the scheme provides an efficient error performance and benefits from a higher code rate which can approach the channel capacity for large enough polar codes. The most important property of the proposed scheme is that if we increase the block length of the code, we can have a higher code rate and higher level of security without significant changes in the key size of the scheme. The resulting characteristics of the proposed scheme make it suitable for high-speed communications, such as deep space communication systems.https://www.isecure-journal.com/article_49119_7935d4e45b3846f095a598d4f87dbdbc.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20459220170731A new CPA resistant software implementation for symmetric ciphers with smoothed power consumption: SIMON case study1191304911710.22042/isecure.2017.82990.376ENM. Safaei PourSharif University of Technology, Department of Electrical Engineering, Tehran, IranM. SalmasizadehSharif University of Technology, Electronics Research Institute, Iran, TehranJournal Article20170427In this paper we propose a new method for applying hiding countermeasure against CPA attacks. This method is for software implementation, based on smoothing power consumption of the device. This method is evaluated on the SIMON scheme as a case study; however, it is not relying on any specific SIMON features. Our new method includes only AND equivalent and XOR equivalent operations since every cryptographic algorithm can be implemented with two basic operations, namely <em>AND</em> and <em>XOR</em>. Therefore, hamming weight and hamming distance take constant values at each moment of time. This can decrease data-dependency between processed values and consumed power. In order to practically evaluate the resulting implementation overheads and the resistance improvement against CPA, we implement the proposed coding scheme on SIMON, a lightweight block cipher, on a smart card with the ATmega163 microprocessor. We define resistance as the number of traces, which for less than that number; the correct key cannot be distinguished from all other hypothetical keys by its correlation coefficient in any moment of time. The results of this implementation show 350 times more immunity against correlation attacks.https://www.isecure-journal.com/article_49117_fb5fd96d078d298bd2d052f2e0335e0c.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20459220170726Cipher text only attack on speech time scrambling systems using correction of audio spectrogram13114548950ENH. GhasemzadehDepartment of Communicative Sciences and Disorders, Michigan State University, Michigan, USM. Tajik KhasssDepartment of Electrical and Computer Engineering, Tabriz University, Tabriz, IranH. MehraraDepartment of Electrical Engineering, Khajeh Nasir Toosi University of Technology, Tehran, IranJournal Article20160801Recently permutation multimedia ciphers were broken in a chosen-plaintext scenario. That attack models a very resourceful adversary which may not always be the case. To show insecurity of these ciphers, we present a cipher-text only attack on speech permutation ciphers. We show inherent redundancies of speech can pave the path for a successful cipher-text only attack. To that end, regularities of speech are extracted in time and frequency using short time Fourier transform. We show that spectrograms of cipher-texts are in fact scrambled puzzles. Then, different techniques including estimation, image processing, and graph theory are fused together in order to create and solve these puzzles. Conducted tests show that the proposed method achieves accuracy of 87.8% and intelligibility of 92.9%. These scores are 50.9% and 34.6%, respectively, higher than scores of previous method. Finally a novel method, based on moving spectrogram distance, is proposed that can give accurate estimation of segment length of the scrambler system.https://www.isecure-journal.com/article_48950_1c1823f38bb7e8c2ac70c8d40dfdce66.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20459220170731Phishing website detection using weighted feature line embedding1471594935010.22042/isecure.2017.83439.377ENM. ImaniFaculty of Electrical and Computer Engineering, Tarbiat Modares University, Tehran, IranGh. A. MontazerFaculty of Information Technology Engineering, Tarbiat Modares University, Tehran, IranJournal Article20170428The aim of phishing is tracing the users' s private information without their permission by designing a new website which mimics the trusted website. The specialists of information technology do not agree on a unique definition for the discriminative features that characterizes the phishing websites. Therefore, the number of reliable training samples in phishing detection problems is limited. Moreover, among the available training samples, there are abnormal samples that cause classification error. For instance, it is possible that there are phishing samples with similar features to legitimate ones and vice versa. A supervised feature extraction method, called weighted feature line embedding, is proposed in this paper to solve these problems. The proposed method virtually generates training samples by utilizing the feature line metric. Hence, it can solve the small sample size problem. Moreover, by assigning appropriate weights to each pair of feature points, it corrects the undesirable quality of abnormal samples. The features extracted by our method improve the performance of phishing website detection specially by using small training sets.https://www.isecure-journal.com/article_49350_c28c74eaa7e5791d181e534e06aa9789.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20459220170720Analyzing new features of infected web content in detection of malicious web pages1611814887610.22042/isecure.2017.9.2.2ENJ. Hajian NezhadDepartment of Computer Engineering, ImamReza University, Mashhad, IranMajid Vafaei JahanDepartment of Computer Engineering, Islamic Azad University, Mashhad, IranM. Tayarani-NDepartment of Electrical and Computer Science, University of Glasgow, Glasgow,U.KZ. SadrnezhadDepartment of Computer Engineering, Islamic Azad University, Mashhad, IranJournal Article20160716Recent improvements in web standards and technologies enable the attackers to hide and obfuscate infectious codes with new methods and thus escaping the security filters. In this paper, we study the application of machine learning techniques in detecting malicious web pages. In order to detect malicious web pages, we propose and analyze a novel set of features including HTML, JavaScript (jQuery library) and XSS attacks. The proposed features are evaluated on a data set that is gathered by a crawler from malicious web domains, IP and address black lists. For the purpose of evaluation, we use a number of machine learning algorithms. Experimental results show that using the proposed set of features, the C4.5-Tree algorithm offers the best performance with 97.61% accuracy, and F1-measure has 96.75% accuracy. We also rank the quality of the features. Experimental results suggest that nine of the proposed features are among the twenty best discriminative features.https://www.isecure-journal.com/article_48876_a67e5cafef411c85ee8472d978647705.pdfIranian Society of CryptologyThe ISC International Journal of Information Security2008-20459220170720Persian Abstract1831897356410.22042/isecure.2017.9.2.8ENJournal Article20170720Persian abstracts of the issue's articlehttps://www.isecure-journal.com/article_73564_d63e48c7913b3b70ff7012ed2e325fc1.pdf