David Arroyo | Universidad Autónoma de Madrid (original) (raw)
Books by David Arroyo
Since 1990s chaotic dynamical systems have been widely used to design new strategies to encrypt i... more Since 1990s chaotic dynamical systems have been widely used to design new strategies to encrypt information. Indeed, the dependency to initial conditions and control parameters, along with the ergodicity of their temporal evolution allow the establishment of chaos as the base of new cryptosystems, i.e., of new schemes of confusion and diffusion of information. However, an optimum design in the context of chaos-based cryptography demands a thorough knowledge not only of the foundations of cryptography, but also of the dynamics and inner structure of chaos. Therefore, any proposal to use chaos in the context of cryptography must respect a series of design rules, in order to avoid the reconstruction of the dynamics of the underlying chaotic system, and to determine an optimum use of the virtues of the chaotic dynamics. Although it is possible to use chaos to design analog cryptosystems based on synchronization techniques, this Thesis is focused on the application of chaotic maps, i.e., chaotic dynamical systems defined in discrete time to cryptography. In this sense, a set of mathematical tools are defined to establish the adequacy of a chaotic map as the base of a cryptosystem, and the requirements that an encryption architecture must satisfy to avoid the dynamical reconstruction of the underlying chaotic map. More precisely, this Thesis provides an extension and systematization of the results derived from the cryptanalysis of chaos-based cryptosystems. The above goal comprises three different stages: 1.- Definition of a set of mathematical tools that allow the selection of the adequate configurations of a dynamical system to implement strategies of confusion and diffusion of information. 2.- Study of the most popular chaotic maps in the field of chaos-based cryptography to determine whether these maps can be used to design new cryptosystems without incurring in security problems. 3.- Summary and conclusions of the first two stages. The aim is to define a set of rules or recommendations as a guide for the design of chaos-based cryptosystems. Recalling the first stage, its main purpose is the search of procedures to infer or estimate the initial conditions and/or the control parameters from the orbits of a chaotic map. Different scenarios are considered depending on whether complete orbits are accesible or it is only possible to work with sampled or discretized versions of the orbits. In all scenarios the goal consist in building bijective functions with respect to the initial conditions and/or the control parameters. The requirements to build these bijective functions are clarified, along with the procedures to guide the estimation of the initial conditions and/or the control parameters. In order to test the set of mathematical tools and the estimation methods, the logistic map and its associated topological conjugate maps are thoroughly studied, since these maps are the most widely used in the design of new digital chaotic cryptosystems. Specially relevant is the study of the symbolic dynamics and order patterns of unimodal maps. The study of this family of chaotic maps leads to a series of very useful results to define a set of recommendations for both the evaluation of the security of chaos-based cryptosystems and the design of encryption schemes based on chaos.
The idea of using chaotic transformations in cryptography is explicit in the foundational papers ... more The idea of using chaotic transformations in cryptography is explicit in the foundational papers of Shannon on secrecy systems. Although the word “chaos” was not minted till the 1970s, Shannon clearly refers to this very concept when he proposes the construction of secure ciphers by means of measure-preserving, mixing maps which depend ‘sensitively’ on their parameters. The implementation of Shannon’s intuitions had to wait till the development of Chaos Theory in the 1980s. Indeed, it was around 1990 when the first chaos-based ciphers were proposed. Moreover, in 1990 chaos synchronization entered the scene and shortly thereafter, the first applications to secure communications followed. The idea is remarkably simple: mask the message with a chaotic signal and use synchronization at the receiver to filter out the chaotic signal. The realization though had to overcome the desynchronization induced by the message itself. After this initial stage, the number of proposals which exploited the properties of chaotic maps for cryptographical purposes, grew in a spectacular way.
Papers by David Arroyo
Current anonymizing networks have become an important tool for guaranteeing users' privacy. Howev... more Current anonymizing networks have become an important tool for guaranteeing users' privacy. However, these platforms can be used to perform illegitimate actions, which sometimes makes service providers see traffic coming from these networks as a probable threat. In order to solve this problem, we propose to add support for fairness mechanisms to the Tor network. Specifically, by introducing a slight modification to the key negotiation process with the entry and exit nodes, in the shape of group signatures. By means of these signatures, we set up an access control method to prevent misbehaving users to make use of the Tor network. Additionally, we establish a predefined method for denouncing illegitimate actions, which impedes the application of the proposed fairness mechanisms as a threat eroding users' privacy. As a direct consequence, traffic coming from Tor would be considered less suspicious by service providers.
Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Ga... more Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Garcia, PA Hiskett, Robert J. Collins, Gerald S. Buller, AB. Orue. Summary Some basic considerations for the experimental realisation ...
Advances in Intelligent Systems and Computing, 2015
Advances in Intelligent Systems and Computing, 2015
Computers & Security, 2014
ABSTRACT Privacy has become a major concern in the Internet, resulting in an increased popularity... more ABSTRACT Privacy has become a major concern in the Internet, resulting in an increased popularity of anonymizing systems aimed to protect users’ identities. However, service providers sometimes interpret this anonymity as a risk, since dishonest users may take advantage of it. A possible solution is to create a practical implementation of fairness mechanisms to reach an equilibrium between anonymity and its different types of revocation. Furthermore, in order to reach a wide acceptance, any new mechanism must be easily deployable in current systems and must be adaptable (from the functionality perspective) to the needs that may arise in different situations. To that end, we propose a set of extensions to the CRL and OCSP procedures of the X.509 infrastructure, and a new protocol for easing the task of providing evidence of illegitimate actions. On one hand, the adaptability of our scheme relies on the already widely deployed X.509 infrastructure. On the other hand, the functionality provided by our proposal is mainly built upon group signatures, which gives it a vast variety of schemes to choose from, depending on the specific needs that may arise.
Advances in Intelligent Systems and Computing, 2014
ABSTRACT In this work, we apply a secure protocol design methodology to a protocol based on a rec... more ABSTRACT In this work, we apply a secure protocol design methodology to a protocol based on a recently proposed email-based registration protocol. With this task, we aim to emphasize the need of incorporating such techniques as a main component of the protocol design process, not just as a desirable feature. The process herein described highlights the advantages in terms of the obtained security guarantees added to the final design, and also helps in the endeavor of further evaluating the applied methodology and the analyzed protocol.
Lecture Notes in Computer Science, 2013
ABSTRACT Anonymity in information systems has been a very active field of study in recent years. ... more ABSTRACT Anonymity in information systems has been a very active field of study in recent years. Indeed, it provides fundamental improvements in privacy by protecting users’ identities. However, it also serves as a shield for malicious parties, since it makes tracing users difficult. Many anonymous signature schemes and systems have been proposed to overcome this problem through the incorporation of some kind of credential revocation. However, these revocation functions have been proposed at a theoretical level or, at the most, as part of highly customized systems. Moreover, another critical requirement for any practical information system is usability, which calls for the standardization of the underlying primitives. In the context of the distribution and management of digital identities the most widely known standard is X.509 Public Key Infrastructure (PKI). Several proposals have been made to extend X.509 certificates to support anonymous signature schemes. However, further work is required in order to succcessfully implement revocation functionalities in such environments. Since in X.509 the procedures for identity revocation mainly rely on either Certificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP), we propose a set of extensions for both revocation standards in order to incorporate support for anonymous signature schemes. With these extensions, we achieve revocation functionality similar to that for current PKIs.
Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Ga... more Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Garcia, PA Hiskett, Robert J. Collins, Gerald S. Buller, AB. Orue. Summary Some basic considerations for the experimental realisation ...
Knowledge-Based Systems, 2014
The deployment of Internet based applications calls for adequate users management procedures, bei... more The deployment of Internet based applications calls for adequate users management procedures, being online registration a critical element. In this respect, Email Based Identification and Authentication (EBIA) is an outstanding technique due to its usability. However, it does not handle properly some major issues which make it unsuitable for systems where security is of concern. In this work we modify EBIA to propose a protocol for users registration. Moreover, we assess the security properties of the protocol using the automatic protocol verifier ProVerif. Finally, we show that the modifications applied to EBIA are necessary to ensure security since, if they are removed, attacks on the protocol are enabled. Our proposal keeps the high usability features of EBIA, while reaching a reasonable security level for many applications. Additionally, it only requires minor modifications to current Internet infrastructures.
In this work we propose a methodology for incorporating the verification of the security properti... more In this work we propose a methodology for incorporating the verification of the security properties of network protocols as a fundamental component of their design. This methodology can be separated in two main parts: context and requirements analysis along with its informal verification; and formal representation of protocols and the corresponding procedural verification. Although the procedural verification phase does not require any specific tool or approach, automated tools for model checking and/or theorem proving offer a good trade-off between effort and results. In general, any security protocol design methodology should be an iterative process addressing in each step critical contexts of increasing complexity as result of the considered protocol goals and the underlying threats. The effort required for detecting flaws is proportional to the complexity of the critical context under evaluation, and thus our methodology avoids wasting valuable system resources by analyzing simple flaws in the first stages of the design process. In this work we provide a methodology in coherence with the step-by-step goals definition and threat analysis using informal and formal procedures, being our main concern to highlight the adequacy of such a methodology for promoting trust in the accordingly implemented communication protocols. Our proposal is illustrated by its application to three communication protocols: MANA III, WEP's Shared Key Authentication and CHAT-SRP.
Since 1990s chaotic dynamical systems have been widely used to design new strategies to encrypt i... more Since 1990s chaotic dynamical systems have been widely used to design new strategies to encrypt information. Indeed, the dependency to initial conditions and control parameters, along with the ergodicity of their temporal evolution allow the establishment of chaos as the base of new cryptosystems, i.e., of new schemes of confusion and diffusion of information. However, an optimum design in the context of chaos-based cryptography demands a thorough knowledge not only of the foundations of cryptography, but also of the dynamics and inner structure of chaos. Therefore, any proposal to use chaos in the context of cryptography must respect a series of design rules, in order to avoid the reconstruction of the dynamics of the underlying chaotic system, and to determine an optimum use of the virtues of the chaotic dynamics. Although it is possible to use chaos to design analog cryptosystems based on synchronization techniques, this Thesis is focused on the application of chaotic maps, i.e., chaotic dynamical systems defined in discrete time to cryptography. In this sense, a set of mathematical tools are defined to establish the adequacy of a chaotic map as the base of a cryptosystem, and the requirements that an encryption architecture must satisfy to avoid the dynamical reconstruction of the underlying chaotic map. More precisely, this Thesis provides an extension and systematization of the results derived from the cryptanalysis of chaos-based cryptosystems. The above goal comprises three different stages: 1.- Definition of a set of mathematical tools that allow the selection of the adequate configurations of a dynamical system to implement strategies of confusion and diffusion of information. 2.- Study of the most popular chaotic maps in the field of chaos-based cryptography to determine whether these maps can be used to design new cryptosystems without incurring in security problems. 3.- Summary and conclusions of the first two stages. The aim is to define a set of rules or recommendations as a guide for the design of chaos-based cryptosystems. Recalling the first stage, its main purpose is the search of procedures to infer or estimate the initial conditions and/or the control parameters from the orbits of a chaotic map. Different scenarios are considered depending on whether complete orbits are accesible or it is only possible to work with sampled or discretized versions of the orbits. In all scenarios the goal consist in building bijective functions with respect to the initial conditions and/or the control parameters. The requirements to build these bijective functions are clarified, along with the procedures to guide the estimation of the initial conditions and/or the control parameters. In order to test the set of mathematical tools and the estimation methods, the logistic map and its associated topological conjugate maps are thoroughly studied, since these maps are the most widely used in the design of new digital chaotic cryptosystems. Specially relevant is the study of the symbolic dynamics and order patterns of unimodal maps. The study of this family of chaotic maps leads to a series of very useful results to define a set of recommendations for both the evaluation of the security of chaos-based cryptosystems and the design of encryption schemes based on chaos.
The idea of using chaotic transformations in cryptography is explicit in the foundational papers ... more The idea of using chaotic transformations in cryptography is explicit in the foundational papers of Shannon on secrecy systems. Although the word “chaos” was not minted till the 1970s, Shannon clearly refers to this very concept when he proposes the construction of secure ciphers by means of measure-preserving, mixing maps which depend ‘sensitively’ on their parameters. The implementation of Shannon’s intuitions had to wait till the development of Chaos Theory in the 1980s. Indeed, it was around 1990 when the first chaos-based ciphers were proposed. Moreover, in 1990 chaos synchronization entered the scene and shortly thereafter, the first applications to secure communications followed. The idea is remarkably simple: mask the message with a chaotic signal and use synchronization at the receiver to filter out the chaotic signal. The realization though had to overcome the desynchronization induced by the message itself. After this initial stage, the number of proposals which exploited the properties of chaotic maps for cryptographical purposes, grew in a spectacular way.
Current anonymizing networks have become an important tool for guaranteeing users' privacy. Howev... more Current anonymizing networks have become an important tool for guaranteeing users' privacy. However, these platforms can be used to perform illegitimate actions, which sometimes makes service providers see traffic coming from these networks as a probable threat. In order to solve this problem, we propose to add support for fairness mechanisms to the Tor network. Specifically, by introducing a slight modification to the key negotiation process with the entry and exit nodes, in the shape of group signatures. By means of these signatures, we set up an access control method to prevent misbehaving users to make use of the Tor network. Additionally, we establish a predefined method for denouncing illegitimate actions, which impedes the application of the proposed fairness mechanisms as a threat eroding users' privacy. As a direct consequence, traffic coming from Tor would be considered less suspicious by service providers.
Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Ga... more Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Garcia, PA Hiskett, Robert J. Collins, Gerald S. Buller, AB. Orue. Summary Some basic considerations for the experimental realisation ...
Advances in Intelligent Systems and Computing, 2015
Advances in Intelligent Systems and Computing, 2015
Computers & Security, 2014
ABSTRACT Privacy has become a major concern in the Internet, resulting in an increased popularity... more ABSTRACT Privacy has become a major concern in the Internet, resulting in an increased popularity of anonymizing systems aimed to protect users’ identities. However, service providers sometimes interpret this anonymity as a risk, since dishonest users may take advantage of it. A possible solution is to create a practical implementation of fairness mechanisms to reach an equilibrium between anonymity and its different types of revocation. Furthermore, in order to reach a wide acceptance, any new mechanism must be easily deployable in current systems and must be adaptable (from the functionality perspective) to the needs that may arise in different situations. To that end, we propose a set of extensions to the CRL and OCSP procedures of the X.509 infrastructure, and a new protocol for easing the task of providing evidence of illegitimate actions. On one hand, the adaptability of our scheme relies on the already widely deployed X.509 infrastructure. On the other hand, the functionality provided by our proposal is mainly built upon group signatures, which gives it a vast variety of schemes to choose from, depending on the specific needs that may arise.
Advances in Intelligent Systems and Computing, 2014
ABSTRACT In this work, we apply a secure protocol design methodology to a protocol based on a rec... more ABSTRACT In this work, we apply a secure protocol design methodology to a protocol based on a recently proposed email-based registration protocol. With this task, we aim to emphasize the need of incorporating such techniques as a main component of the protocol design process, not just as a desirable feature. The process herein described highlights the advantages in terms of the obtained security guarantees added to the final design, and also helps in the endeavor of further evaluating the applied methodology and the analyzed protocol.
Lecture Notes in Computer Science, 2013
ABSTRACT Anonymity in information systems has been a very active field of study in recent years. ... more ABSTRACT Anonymity in information systems has been a very active field of study in recent years. Indeed, it provides fundamental improvements in privacy by protecting users’ identities. However, it also serves as a shield for malicious parties, since it makes tracing users difficult. Many anonymous signature schemes and systems have been proposed to overcome this problem through the incorporation of some kind of credential revocation. However, these revocation functions have been proposed at a theoretical level or, at the most, as part of highly customized systems. Moreover, another critical requirement for any practical information system is usability, which calls for the standardization of the underlying primitives. In the context of the distribution and management of digital identities the most widely known standard is X.509 Public Key Infrastructure (PKI). Several proposals have been made to extend X.509 certificates to support anonymous signature schemes. However, further work is required in order to succcessfully implement revocation functionalities in such environments. Since in X.509 the procedures for identity revocation mainly rely on either Certificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP), we propose a set of extensions for both revocation standards in order to incorporate support for anonymous signature schemes. With these extensions, we achieve revocation functionality similar to that for current PKIs.
Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Ga... more Experimental quantum key distribution. at a wavelength of λ~850nm. V. Fernandez, D. Arroyo, MJ Garcia, PA Hiskett, Robert J. Collins, Gerald S. Buller, AB. Orue. Summary Some basic considerations for the experimental realisation ...
Knowledge-Based Systems, 2014
The deployment of Internet based applications calls for adequate users management procedures, bei... more The deployment of Internet based applications calls for adequate users management procedures, being online registration a critical element. In this respect, Email Based Identification and Authentication (EBIA) is an outstanding technique due to its usability. However, it does not handle properly some major issues which make it unsuitable for systems where security is of concern. In this work we modify EBIA to propose a protocol for users registration. Moreover, we assess the security properties of the protocol using the automatic protocol verifier ProVerif. Finally, we show that the modifications applied to EBIA are necessary to ensure security since, if they are removed, attacks on the protocol are enabled. Our proposal keeps the high usability features of EBIA, while reaching a reasonable security level for many applications. Additionally, it only requires minor modifications to current Internet infrastructures.
In this work we propose a methodology for incorporating the verification of the security properti... more In this work we propose a methodology for incorporating the verification of the security properties of network protocols as a fundamental component of their design. This methodology can be separated in two main parts: context and requirements analysis along with its informal verification; and formal representation of protocols and the corresponding procedural verification. Although the procedural verification phase does not require any specific tool or approach, automated tools for model checking and/or theorem proving offer a good trade-off between effort and results. In general, any security protocol design methodology should be an iterative process addressing in each step critical contexts of increasing complexity as result of the considered protocol goals and the underlying threats. The effort required for detecting flaws is proportional to the complexity of the critical context under evaluation, and thus our methodology avoids wasting valuable system resources by analyzing simple flaws in the first stages of the design process. In this work we provide a methodology in coherence with the step-by-step goals definition and threat analysis using informal and formal procedures, being our main concern to highlight the adequacy of such a methodology for promoting trust in the accordingly implemented communication protocols. Our proposal is illustrated by its application to three communication protocols: MANA III, WEP's Shared Key Authentication and CHAT-SRP.
Discrete Dynamics in Nature and Society, 2009
The European Physical Journal Special Topics, Jun 2013