Spelling suggestions: "subject:"asymmetric cryptography"" "subject:"asymmetric ryptography""
1 |
Approche arithmétique RNS de la cryptographie asymétrique / RNS arithmetic approach of asymmetric cryptographyEynard, Julien 28 May 2015 (has links)
Cette thèse se situe à l'intersection de la cryptographie et de l'arithmétique des ordinateurs. Elle traite de l'amélioration de primitives cryptographiques asymétriques en termes d'accélération des calculs et de protection face aux attaques par fautes par le biais particulier de l'utilisation des systèmes de représentation des nombres par les restes (RNS). Afin de contribuer à la sécurisation de la multiplication modulaire, opération centrale en cryptographie asymétrique, un nouvel algorithme de réduction modulaire doté d'une capacité de détection de faute est présenté. Une preuve formelle garantit la détection des fautes sur un ou plusieurs résidus pouvant apparaître au cours d'une réduction. De plus, le principe de cet algorithme est généralisé au cas d'une arithmétique dans un corps fini non premier. Ensuite, les RNS sont exploités dans le domaine de la cryptographie sur les réseaux euclidiens. L'objectif est d'importer dans ce domaine certains avantages des systèmes de représentation par les restes dont l'intérêt a déjà été montré pour une arithmétique sur GF(p) notamment. Le premier résultat obtenu est une version en représentation hybride RNS-MRS de l'algorithme du « round-off » de Babai. Puis une technique d'accélération est introduite, permettant d'aboutir dans certains cas à un algorithme entièrement RNS pour le calcul d'un vecteur proche. / This thesis is at the crossroads between cryptography and computer arithmetic. It deals with enhancement of cryptographic primitives with regard to computation acceleration and protection against fault injections through the use of residue number systems (RNS) and their associated arithmetic. So as to contribute to secure the modular multiplication, which is a core operation for many asymmetric cryptographic primitives, a new modular reduction algorithm supplied with fault detection capability is presented. A formal proof guarantees that faults affecting one or more residues during a modular reduction are well detected. Furthermore, this approach is generalized to an arithmetic dedicated to non-prime finite fields Fps . Afterwards, RNS are used in lattice-based cryptography area. The aim is to exploit acceleration properties enabled by RNS, as it is widely done for finite field arithmetic. As first result, a new version of Babai’s round-off algorithm based on hybrid RNS-MRS representation is presented. Then, a new and specific acceleration technique enables to create a full RNS algorithm computing a close lattice vector.
|
2 |
Amélioration d'attaques par canaux auxiliaires sur la cryptographie asymétrique / Improvement of side-channel attack on asymmetric cryptographyDugardin, Margaux 11 July 2017 (has links)
Depuis les années 90, les attaques par canaux auxiliaires ont remis en cause le niveau de sécurité des algorithmes cryptographiques sur des composants embarqués. En effet, tout composant électronique produit des émanations physiques, telles que le rayonnement électromagnétique, la consommation de courant ou encore le temps d’exécution du calcul. Or il se trouve que ces émanations portent de l’information sur l’évolution de l’état interne. On parle donc de canal auxiliaire, car celui-ci permet à un attaquant avisé de retrouver des secrets cachés dans le composant par l’analyse de la « fuite » involontaire. Cette thèse présente d’une part deux nouvelles attaques ciblant la multiplication modulaire permettant d’attaquer des algorithmes cryptographiques protégés et d’autre part une démonstration formelle du niveau de sécurité d’une contre-mesure. La première attaque vise la multiplication scalaire sur les courbes elliptiques implémentée de façon régulière avec un masquage du scalaire. Cette attaque utilise une unique acquisition sur le composant visé et quelques acquisitions sur un composant similaire pour retrouver le scalaire entier. Une fuite horizontale durant la multiplication de grands nombres a été découverte et permet la détection et la correction d’erreurs afin de retrouver tous les bits du scalaire. La seconde attaque exploite une fuite due à la soustraction conditionnelle finale dans la multiplication modulaire de Montgomery. Une étude statistique de ces soustractions permet de remonter à l’enchaînement des multiplications ce qui met en échec un algorithme régulier dont les données d’entrée sont inconnues et masquées. Pour finir, nous avons prouvé formellement le niveau de sécurité de la contre-mesure contre les attaques par fautes du premier ordre nommée extension modulaire appliquée aux courbes elliptiques. / : Since the 1990s, side channel attacks have challenged the security level of cryptographic algorithms on embedded devices. Indeed, each electronic component produces physical emanations, such as the electromagnetic radiation, the power consumption or the execution time. Besides, these emanations reveal some information on the internal state of the computation. A wise attacker can retrieve secret data in the embedded device using the analyzes of the involuntary “leakage”, that is side channel attacks. This thesis focuses on the security evaluation of asymmetric cryptographic algorithm such as RSA and ECC. In these algorithms, the main leakages are observed on the modular multiplication. This thesis presents two attacks targeting the modular multiplication in protected algorithms, and a formal demonstration of security level of a countermeasure named modular extension. A first attack is against scalar multiplication on elliptic curve implemented with a regular algorithm and scalar blinding. This attack uses a unique acquisition on the targeted device and few acquisitionson another similar device to retrieve the whole scalar. A horizontal leakage during the modular multiplication over large numbers allows to detect and correct easily an error bit in the scalar. A second attack exploits the final subtraction at the end of Montgomery modular multiplication. By studying the dependency of consecutive multiplications, we can exploit the information of presence or absence of final subtraction in order to defeat two protections : regular algorithm and blinding input values. Finally, we prove formally the security level of modular extension against first order fault attacks applied on elliptic curves cryptography.
|
3 |
Aplikační knihovna pro podporu návrhu komunikačních protokolů / Library of Functions for the Support of Communication Protocols DesignTomášek, Karel Unknown Date (has links)
Security protocols are used for establishing secure communication over insecure network. This document gives a brief introduction into description and formal specification in the area of security protocols design. It also includes description of the aplication library, its functions and methods how to use it.
|
4 |
Portál pro podporu výuky kryptografie / Portal for the support of cryptography instructionForman, Tomáš January 2010 (has links)
The main goal of this master's thesis is building of web portal for presentation basic cryptography algorithms. Those algorithms would be explained in the theoretical page in the first place. After that, they would be demonstrated by scripts. One part of this project is designing simplified theoretical element for basic impletion portal of information. Next part is creating web portal by one of the free available CMS´s systems. Programming language JAVA would be used as an instrument for creating demonstration scripts. For creating animations will be used the Flash animation tool. Target of formed web portal is creating community of expert public. It would make new articles, scripts and knowledge. This way, the portal would be kept current. The section which would include failure the most widely used algorithms and instructions how to eliminate it will be part of portal.
|
5 |
Moderní asymetrické kryptosystémy / Modern Asymmetric CryptosystemsWalek, Vladislav January 2011 (has links)
Asymmetric cryptography uses two keys for encryption public key and for decryption private key. The asymmetric cryptosystems include RSA, ElGamal, Elliptic Curves and others. Generally, asymmetric cryptography is mainly used for secure short messages and transmission encryption key for symmetric cryptography. The thesis deals with these systems and implements selected systems (RSA, ElGamal, McEliece, elliptic curves and NTRU) into the application. The application can test the features of chosen cryptosystems. These systems and their performance are compared and evaluated with the measured values. These results can predict the future usage of these systems in modern informatics systems.
|
6 |
Elektronické doklady / Electronic ID CardsMravec, Roman January 2017 (has links)
This master thesis deals with an implementation of Diffie-Hellman protocol on smart card which is based on MULTOS OS. Defines the smart cards based on MULTOS OS and their usage. Output of this thesis are applications for a smart card and for a client using Diffie-Hellman protocol for establishing of a secret key between two communication sides through unsecured communication channel.
|
7 |
Security in Smart Object Networks / Säkerhet i smartobjektnätverkSethi, Mohit January 2012 (has links)
Internet of Things (IoT) refers to an inter-connected world where physical devices are seamlessly integrated into the Internet and become active participants of business, information and social processes. This involves the inter-connection of a large number of heterogeneous networked entities and networks. Emergence of technologies such as Zigbee, Bluetooth low energy and embedded sensors has transformed simple physical devices into smart objectsthat can understand and react to their environment. Such smart objects form the building blocks for the Internet of Things. The communication infrastructure for these objects is based on an extension of the Internet protocol stack. Although the need for security is widely accepted, there is no clear consensus on how IP-based Internet security protocols can be applied to resource-constrained smart object networks. In this thesis we develop a new secure and energyefficient communication model for the Constrained Application Protocol (CoAP), a light-weight communication protocol designed for smart object networks. We contribute to the standardization of the generic communication architecture by adding security and delegation components for smart objects that sleep for large amounts of time during their operational phase. This architecture ensures data integrity and authenticity over a multi-hop network topology. It also provides a mirroring mechanism that uses a proxy to serve data on behalf of sleeping smart objects, thereby allowing them to act as always-online web servers. A working prototype implementation of the architecture is also developed. The security features in the architecture presented in this thesis are based on using strong public-key cryptography. Contrary to popular belief, our performance evaluation shows that asymmetric public-key cryptography can be implemented on small 8-bit micro-controllers without modifying the underlying cryptographic algorithms. / Internet of Things (IoT, ”Föremålens Internet") syftar på en sammankopplad värld där fysiska apparater är sömlöst integrerade till Internet och blir aktiva deltagare i affärslivs-, informations- och sociala processer. Detta innefattar sammankopplingen av ett stort antal heterogeniskt nätverkade enheter och nätverk. Uppkomsten av teknologier som Zigbee, låg energi Bluetooth och inbyggda sensorer har förvandlat enkla fysiska apparater till smarta objekt som kan förstå och reagera till sin omgivning. Dessa smarta objekt utgör byggstenarna för Föremålens Internet. Kommunikationsinfrastrukturen för dessa objekt bygger på en utvidgning av internetprotokollstacken. Även om behovet av säkerhet är allmänt känt, finns det inget konsensus om hur IP-baserade internetsäkerhetsprotokoll kan tillämpas i resursbegränsade smartobjektnätverk. I denna avhandling utvecklas en ny säker och energisnål kommunikationsmodell för Constrained Application Protocol (CoAP, “Begränsat applikationsprotokoll"), ett lätt kommunikationsprotokoll avsett för smartobjektnätverk. Avhandlingen bidrar till standardiseringen av den generiska kommunikationsarkitekturen genom att tillsätta säkerhets- och delegationskomponenter för smarta objekt som sover under en stor del av sin operativa fas. Denna arkitektur garanterar dataintegritet och autenticitet över en flerhopps nätverkstopologi. Arkitekturen bidrar också med en återspeglingsmekanism som använder sig av en proxyserver för att erbjuda data för sovande smarta objekts del, vilket låter dem agera som alltid-online webbservrar. I avhandlingen utvecklas också en fungerande prototypimplementation av arkitekturen. Säkerhetsegenskaperna i den arkitektur som presenteras i denna avhandling är baserade på användningen av stark publik-nyckel kryptering. I motsatts till den allmänna förväntningen, visar prestationsbedömningen i denna avhandling att asymmetrisk kryptering med publik nyckel kan tillämpas i 8-bitars mikrokontrollrar utan att ändra på de underliggande kryptografiska algoritmerna.
|
8 |
Modélisation de la sécurisation d’accès aux réseaux par la technique de cryptographie asymétrique en utilisant la reconnaissance de l’iris et la technologie des agents / Modeling security for network access through asymmetric cryptography using iris recognition and agent technologyEl Khoury, Franjieh 18 December 2009 (has links)
La croissance exponentielle dans l’utilisation du réseau Internet ainsi que l’apparition de nouveaux types d’applications ont augmenté les contraintes du réseau en termes de sécurité. Depuis quelques années, les techniques biométriques ont prouvé une grande précision et fiabilité et ont été utilisées dans plusieurs domaines afin de sécuriser l’accès à différentes ressources. Des solutions intégrant des agents et des systèmes multi-agents (SMA) ont aussi prouvé leur efficacité pour la résolution de nombreux problèmes dans les réeaux. Nous proposons un modèle « IrisCrptoAgentSystem » (ICAS) basé sur la méthode biométrique pour l’authentification utilisant l’iris de l’œil et la méthode de cryptographie asymétrique utilisant l’algorithme « Rivest-Shamir-Adleman » (RSA), et en intégrant des agents. Ce modèle doit assurer un accès sécurisé aux informations et garantir la protection des informations confidentielles. Notre travail porte sur la mise en place de nouvelles méthodes dans le modèle d’authentification biométrique afin de donner plus d’efficacité à notre modèle ICAS. Nous introduisons des aspects prétopologiques dans l’élaboration de la hiérarchie indexée pour classer les gabarits DHVA. Notre approche consiste à améliorer les méthodes relatives à la localisation des contours externe et interne de l’iris. / The exponential growth in the use of the Internet as well as the emergence of new types of applications has increased the network’s constraints in terms f security. Fort the last several years, biometric techniques have proven their applicability and reliability in providing secure access to shared resources in different domains. Furthermore, software agents and multi-agent systems (MAS) have evidently been efficient in resolving several problems in network. Therefore, the aim of this research is to propose a model “IrisCryptoAgentSystem” (ICAS) that is based on a biometric method for authentication using the iris of the eyes and an asymmetric cryptography method using “Rivest-Shamir-Adleman” (RSA) in an agent-based architecture. This model should provide secure access to information and ensure the protection of confidential information. Therefore, our work focuses on the development of new methods in biometric autheitcation in order to provide greater efficiency in the ICAS model. We introduce pretopological aspects in the development of the indexed hierarchy to classify DHVA templates. Our approach aims to improve the existing methods for the localization of the external and the internal edges of the iris.
|
9 |
Elektronická podatelna VUT 2 / Electronic Mail Room of the BUTBeran, Martin January 2007 (has links)
This dissertation thesis attends to problems of electronic registry for VUT. It deals with the principal of electronic registry functioning, electronic signature and it compares offer of the commercial registries. It goes in for the proposal and implementation of the electronic registry for VUT. Since the using of the e- registry on all public service Office was legalized the people can avoid long queues and the employees are avoided from the stress before dead lines. By the communication through the electronic registry is very important the electronical signature. It is almost a full-valued and lawful alternative to the physical signature. For its safety and utility this system employes asymmetric codes and hash algorithm. Presently in many states, where the electronical signature is legalized it is used together with standard X 509 which defines the format of certificates, organization and action of certification authorities. The certification autority ensures safe connection of the person and general key for using of the electronical signature.
|
10 |
Inter-device authentication protocol for the Internet of ThingsWilson, Preethy 18 May 2017 (has links)
The Internet of things (IoT) recently blossomed remarkably and has been transforming the everyday physical entities around us into an ecosystem of information that will enrich our lives in unimaginable ways. Authentication is one of the primary goals of security in the IoT and acts as the main gateway to a secure system which transmits confidential and/or private data.This thesis focuses on a Device-to-Device Mutual Authentication Protocol, designed for the smart home network, which is an essential component of communication in the Internet of Things(IoT).
The protocol has been developed based on asymmetric cryptography to authenticate the devices in the network and for the devices to agree on a shared secret session key. In order to ensure the security of a communications session between the devices, the session keys are changed frequently - ideally after every communication session. The proposed scheme has been programmed in HLPSL, simulated and its efficiency verified
using the SPAN/ AVISPA tool. When SPAN substantiates the protocol simulation and the attacker simulation, the back-ends of the AVISPA tool verifies the safety and security of the proposed authentication protocol. The thesis also evaluates the protocol's security against the attacks successful against protocols proposed by other researchers. / Graduate / 0544 / 0984 / 0537 / pwilson1@uvic.ca
|
Page generated in 0.0785 seconds