Establishing security and privacy in WAVE-enabled vehicular ad hoc networks

Biswas, Subir

11 January 2013

Security and privacy are among the growing concerns of a Vehicular Ad hoc Network (VANET) which requires a high degree of liability from its participants. In this dissertation, We address security, anonymity and privacy challenges of VANETs in the light of the IEEE standards for vehicular communications. VANET provides a variety of road-safety and other applications through wireless devices installed in vehicles and roadside infrastructure. A roadside infrastructure in VANET is generally public, and is prone to several different malicious attacks including node compromise, impersonation, and false message delivery attacks. Therefore, a user of a VANET must verify the integrity of a message that is delivered from a roadside infrastructure. On the other hand, a vehicle-originated message should be anonymous in order to ensure user-privacy in a VANET. However, a vehicle must not be able to take advantage of its anonymity for any misbehavior like sending false messages or malicious updates to other vehicles or a roadside infrastructure. We use proxy signature, identity-based signature, and elliptic curve cryptosystems to provide authentication for infrastructure generated messages, and anonymous authentication for vehicle originated messages. Authentication in a dense traffic condition is a challenge for a receiving entity as it incurs a processing delay at the receiving end. We address this issue with a dynamic approach that selectively verifies received messages based on a message's MAC-layer priority and a sender's information relevance. This approach makes a trade-off between priority and fairness in vehicular message authentication. We develop a network simulator to measure the impact of our authentication schemes over a WAVE protocol stack. Also, we investigate how some of the MAC-layer weaknesses may impair the security of a VANET. Our solutions are lightweight, bandwidth friendly and compatible to the current standards of vehicular communications.

VANET Security

Privacy

Anonymity

Authentication

WAVE

DSRC

Proxy signature

ID-based Signature

ECDSA

EDCA

OBU

RSU

Vehicular Communications

Contention Window

Access Category

DDoS

Software Implementations and Applications of Elliptic Curve Cryptography

Kultinov, Kirill

06 June 2019

No description available.

Computer Science

Information Technology

Elliptic Curve Cryptography

ECC

software implementation of ECC

ECC over finite fields

ECDH

ECDSA

ECC ElGamal

ECC applications

A Polymorphic Finite Field Multiplier

Das, Saptarsi

06 1900

Cryptography algorithms like the Advanced Encryption Standard, Elliptic Curve Cryptography algorithms etc are designed using algebraic properties of finite fields. Thus performance of these algorithms depend on performance of the underneath field operations. Moreover, different algorithms use finite fields of widely varying order. In order to cater to these finite fields of different orders in an area efficient manner, it is necessary to design solutions in the form of hardware-consolidations, keeping the performance requirements in mind. Due to their small area occupancy and high utilization, such circuits are less likely to stay idle and therefore are less prone to loss of energy due to leakage power dissipation. There is another class of applications that rely on finite field algebra namely the various error detection and correction techniques. Most of the classical block codes used for detection of bit-error in communications over noisy communication channels apply the algebraic properties of finite fields. Cyclic redundancy check is one such algorithm used for detection of error in data in computer network. Reed-Solomon code is most notable among classical block codes because of its widespread use in storage devices like CD, DVD, HDD etc. In this work we present the architecture of a polymorphic multiplier for operations over various extensions of GF(2). We evolved the architecture of a textbook shift-and-add multiplier to arrive at the architecture of the polymorphic multiplier through a generalized mathematical formulation. The polymorphic multiplier is capable of morphing itself in runtime to create data-paths for multiplications of various orders. In order to optimally exploit the resources, we also introduced the capability of sub-word parallel execution in the polymorphic multiplier. The synthesis results of an instance of such a polymorphic multipliershowsabout41% savings in area with 21% degradation in maximum operating frequency compared to a collection of dedicated multipliers with equivalent functionality. We introduced the multiplier as an accelerator unit for field operations in the coarse grained runtime reconfigurable platform called REDEFINE. We observed about 40-50% improvement in performance of the AES algorithm and about 52×improvement in performance of Karatsuba-Ofman multiplication algorithm.

Mobile Communication - Security

Poymorphic Multiplier

Finite Field Arithmetic

Cryptography

Elliptic Curve Cryptography (ECC)

Public Key Cryptography Algorithms

Communication Engineering

Elektronické zabezpečení zdravotnické dokumentace v prostředí zdravotnického IS / Security of Electronic Documentation in Medical Environment

Hauserová, Markéta

January 2012

Thesis is analyzing czech laws which are related to medical documentation. Describes the points  which are mandatory for information system, so the medical documentation can be stored electronically. Includes various algorithms for implementation of certain electronic signature and for  identification of person. This thesis deals with asymmetric cryptography, specifically RSA, DSA, and ECDSA. Describes the hash functions and their functions and their characteristics. Describes the principle of the certificate, ways of its obtaining, invalidation and their formats. Analyzes medical information system and suggests ways to create a program for signing medical records. Then based on that analysis, the program is implemented. At the conclusion of the work is discussed, if created program meets the criteria.

Elliptic Curve Cryptography for Lightweight Applications.

Hitchcock, Yvonne Roslyn

January 2003

Elliptic curves were first proposed as a basis for public key cryptography in the mid 1980's. They provide public key cryptosystems based on the difficulty of the elliptic curve discrete logarithm problem (ECDLP) , which is so called because of its similarity to the discrete logarithm problem (DLP) over the integers modulo a large prime. One benefit of elliptic curve cryptosystems (ECCs) is that they can use a much shorter key length than other public key cryptosystems to provide an equivalent level of security. For example, 160 bit ECCs are believed to provide about the same level of security as 1024 bit RSA. Also, the level of security provided by an ECC increases faster with key size than for integer based discrete logarithm (dl) or RSA cryptosystems. ECCs can also provide a faster implementation than RSA or dl systems, and use less bandwidth and power. These issues can be crucial in lightweight applications such as smart cards. In the last few years, ECCs have been included or proposed for inclusion in internationally recognized standards. Thus elliptic curve cryptography is set to become an integral part of lightweight applications in the immediate future. This thesis presents an analysis of several important issues for ECCs on lightweight devices. It begins with an introduction to elliptic curves and the algorithms required to implement an ECC. It then gives an analysis of the speed, code size and memory usage of various possible implementation options. Enough details are presented to enable an implementer to choose for implementation those algorithms which give the greatest speed whilst conforming to the code size and ram restrictions of a particular lightweight device. Recommendations are made for new functions to be included on coprocessors for lightweight devices to support ECC implementations Another issue of concern for implementers is the side-channel attacks that have recently been proposed. They obtain information about the cryptosystem by measuring side-channel information such as power consumption and processing time and the information is then used to break implementations that have not incorporated appropriate defences. A new method of defence to protect an implementation from the simple power analysis (spa) method of attack is presented in this thesis. It requires 44% fewer additions and 11% more doublings than the commonly recommended defence of performing a point addition in every loop of the binary scalar multiplication algorithm. The algorithm forms a contribution to the current range of possible spa defences which has a good speed but low memory usage. Another topic of paramount importance to ECCs for lightweight applications is whether the security of fixed curves is equivalent to that of random curves. Because of the inability of lightweight devices to generate secure random curves, fixed curves are used in such devices. These curves provide the additional advantage of requiring less bandwidth, code size and processing time. However, it is intuitively obvious that a large precomputation to aid in the breaking of the elliptic curve discrete logarithm problem (ECDLP) can be made for a fixed curve which would be unavailable for a random curve. Therefore, it would appear that fixed curves are less secure than random curves, but quantifying the loss of security is much more difficult. The thesis performs an examination of fixed curve security taking this observation into account, and includes a definition of equivalent security and an analysis of a variation of Pollard's rho method where computations from solutions of previous ECDLPs can be used to solve subsequent ECDLPs on the same curve. A lower bound on the expected time to solve such ECDLPs using this method is presented, as well as an approximation of the expected time remaining to solve an ECDLP when a given size of precomputation is available. It is concluded that adding a total of 11 bits to the size of a fixed curve provides an equivalent level of security compared to random curves. The final part of the thesis deals with proofs of security of key exchange protocols in the Canetti-Krawczyk proof model. This model has been used since it offers the advantage of a modular proof with reusable components. Firstly a password-based authentication mechanism and its security proof are discussed, followed by an analysis of the use of the authentication mechanism in key exchange protocols. The Canetti-Krawczyk model is then used to examine secure tripartite (three party) key exchange protocols. Tripartite key exchange protocols are particularly suited to ECCs because of the availability of bilinear mappings on elliptic curves, which allow more efficient tripartite key exchange protocols.

Elliptic curve (EC)

elliptic curve cryptosystem (ECC)

discrete logarithm problem (DLP)

speed

code size

memory usage

ram usage

fixed curve

random curve

Pollard's rho method

Canetti-Krawczyk proof model

key exchange protocols

security proof

tripartite key exchange

pairings

password-based authentication

point addition

projective coordinates

Jacobian coordinates

Chudnovsky Jacobian coordinates

modified Jacobian coordinates

binary method

simultaneous multiple exponentiation

two-in-one scalar multiplication

coprocessor

smart card

lightweight device

simple power analysis (spa)

side channel attack

equivalent security.