Nurdan Saran scite author profile

Doğanaksoy

2009

In 1980, Hellman proposed the Time Memory Trade Off (TMTO) attack and applied it on block cipher DES (Data Encryption Standard). Time Memory Trade Off attack is one of the methods that inverts a one way function. The resistance to TMTO attacks is an important criterion in the design of a modern cipher. Unlike the exhaustive search and table lookup methods, TMTO is a probabilistic method, that is, the search operation may not find a preimage even if there exists one. Up to now, there are some approximate bounds for success rates of Hellman table by Hellman and Kusuda et al. In this study, we give a more precise approximation for the coverage of a single Hellman table.There is no precise guideline in the literature that points out how to choose parameters for Hellman TMTO. We present a detailed analysis of the success rate of Hellman table via new parameters and also show how to choose parameters to achieve a higher success rate. The results are experimentally confirmed. We also discuss the Hellman's TMTO Curve.

A survey on server-based electronic identification and signature schemes to improve eIDAS: with a new proposal for Turkey

Erdogan¹,

2021

The design, development, and implementation of e-Government applications aim to improve the quality of daily life and facilitate the mobility of citizens by reducing the constraints imposed by existing borders. This study examines previous research in the literature on electronic identification (eID) credentials technologies and the projects carried out in Europe. This study focuses especially on server-based e-signing methods. In the light of these reviews, the applicability of a server-based mobile electronic signature model without disrupting local initiatives has been examined as a case study. As an exemplary case, Turkey’s eID structure is examined from a technical and legal perspective. When creating the proposed server-based eID model, it was especially inspired by Austria’s server-based approach in use. In this process, the suitability of the existing structure with the server-based e-signing method was examined. In addition, some suggestions were made to eliminate the problems that may prevent the use of the proposed server-based e-signing method. This study revealed that a server-based electronic signature approach would develop a more user-friendly and flexible solution in identity management. It was concluded that using a server-based signature approach would help achieve international standards for cross-border online identification methods.

New Distinguishers Based on Random Mappings against Stream Ciphers

Turan

Çalık

et al.

Statistical randomness testing plays an important role in security analysis of cryptosystems. In this study, we aim to propose a new framework of randomness testing based on random mappings. Considering the probability distributions of coverage and ρ-lengths, we present three new distinguishers; (i) coverage test, (ii) ρ-test and (iii) DPcoverage test and applied them on Phase III Candidates of eSTREAM project. We experimentally observed some statistical weaknesses of Pomaranch using the coverage test.

Distribution-preserving data augmentation

Nar

2021

In the last decade, deep learning has been applied in a wide range of problems with tremendous success. This success mainly comes from large data availability, increased computational power, and theoretical improvements in the training phase. As the dataset grows, the real world is better represented, making it possible to develop a model that can generalize. However, creating a labeled dataset is expensive, time-consuming, and sometimes not likely in some domains if not challenging. Therefore, researchers proposed data augmentation methods to increase dataset size and variety by creating variations of the existing data. For image data, variations can be obtained by applying color or spatial transformations, only one or a combination. Such color transformations perform some linear or nonlinear operations in the entire image or in the patches to create variations of the original image. The current color-based augmentation methods are usually based on image processing methods that apply color transformations such as equalizing, solarizing, and posterizing. Nevertheless, these color-based data augmentation methods do not guarantee to create plausible variations of the image. This paper proposes a novel distribution-preserving data augmentation method that creates plausible image variations by shifting pixel colors to another point in the image color distribution. We achieved this by defining a regularized density decreasing direction to create paths from the original pixels’ color to the distribution tails. The proposed method provides superior performance compared to existing data augmentation methods which is shown using a transfer learning scenario on the UC Merced Land-use, Intel Image Classification, and Oxford-IIIT Pet datasets for classification and segmentation tasks.

Cassandra ve MongoDB NoSQL Veri Tabanlarının Karşılaştırmalı Güvenlik Analizi

2019

Bu çalışmada, MongoDB 3.6.3 ve Cassandra 3.11.1 NoSQL veri tabanlarının güvenliğinin çok düğümlü yapılandırmada ve iki adımda karşılaştırılmalı analiz sonuçları sunulmaktadır. İlk adımda, her iki veritabanının güvenlik özelliklerinin literatürden seçilen on farklı ölçüte göre karşılaştırmalı bir analizi gerçekleştirilmiştir. İkinci adımda ise, Yahoo Cloud Serving Benchmark aracını kullanarak her iki NoSQL veri tabanının veri şifreleme ve şifre çözümleme performansları karşılaştırılmıştır. Bu çalışma ile karar vericilere ve araştırmacılara NoSQL veri tabanlarının güvenlik özellikleriyle ilgili analiz sürecinde yol göstermek ve NoSQL veri tabanlarıyla ilgili en önemli güvenlik özelliklerini ortaya çıkarmak amaçlanmıştır. Güvenlik karşılaştırma sonuçları, her iki NoSQL veri tabanının da kayda değer güvenlik özelliklerine sahip olduğunu göstermektedir. Bununla birlikte, Cassandra'nın daha fazla güvenlik ölçütünü desteklediği ortaya çıkmıştır. Ayrıca, çalışma zamanı ve performans ile ilgili yapılan karşılaştırmada MongoDB kurumsal sürümünün şifreleme/şifre çözümleme performansının Cassandra kurumsal sürümünden ortalama %53 daha hızlı olduğu ve dakikada işleyebildiği veri miktarının ortalama %45 daha fazla olduğu bulunmuştur. Bu sonuç şifrelemenin bir gereklilik olduğu ortamlarda MongoDB'nin kullanılmasının daha uygun olduğunu göstermektedir.