Journal & Conference Proceeding Publications

In this research, we present the analysis on Lightweight Block Cipher; KATAN. This block cipher consists of three algorithms with block sizes of 32/48/64-bit and utilizes an 80-bit key. NIST Statistical Test Suite is used to determine the randomness of output sequence produced by all algorithms. Nine data categories are applied to generate the output sequence. From our analysis, we found out that all three algorithms are not random based on the 1% significance level.

In this research paper, we present the statistical analysis on full round lightweight block cipher; LBlock. This block cipher has a fixed block size of 64-bit, utilizes an 80-bit key and executes in 32 rounds. To determine the randomness of ciphertext produced by this algorithm, NIST Statistical Test Suite is used. Inputs (plaintext and key) for this block cipher algorithm are generated using nine different types of data. From the analysis done, it is concluded that the LBlock block cipher is not random based on 1?% significance level only.

In this paper, we present a statistical analysis on the members of the lightweight block cipher, SIMON. SIMON family of block ciphers was proposed by the National Security Agency (NSA) in June 2013. It consist variety of blocks and key sizes. Even though it is designed to be flexible on variety of platforms but it is tuned for optimal performance on hardware. In this paper, analysis was performed on SIMON64/96, SIMON96/96 and SIMON128/128 by using NIST Statistical Test Suite. These algorithms were tested using the output sequence generated from nine data categories. From the analysis conducted, it is conclude that the outputs from the sample tested on the algorithms are non-random.

Technical security metrics provide measurements in ensuring the effectiveness of technical security controls or technology devices/objects that are used in protecting the information systems. However, lack of understanding and method to develop the technical security metrics may lead to unachievable security control objectives and inefficient implementation. This paper proposes a model of technical security metrics to measure the effectiveness of network security management. The measurement is based on the security performance for (1) network security controls such as firewall, Intrusion Detection Prevention System (IDPS), switch, wireless access point and network architecture; and (2) network services such as Hypertext Transfer Protocol Secure (HTTPS) and virtual private network (VPN). The methodology used is Plan-Do-Check-Act process model. The proposed technical security metrics provide guidance for organizations in complying with requirements of ISO/IEC 27001 Information Security Management System (ISMS) standard. The proposed model should also be able to provide a comprehensive measurement and guide to use ISO/IEC 27004 ISMS Measurement standard.

Not Applicable