Global ETD Search

291	Modélisation au niveau RTL des attaques laser pour l'évaluation des circuits intégrés sécurisés et la conception de contremesures / RTL modeling of laser attacks for early evaluation of secure ICs and countermeasure design Papadimitriou, Athanasios 27 June 2016 (has links) De nombreux aspects de notre vie courante reposent sur l'échange de données grâce à des systèmes de communication électroniques. Des algorithmes de chiffrement puissants garantissent alors la sécurité, la confidentialité et l'authentification de ces échanges. Néanmoins, ces algorithmes sont implémentés dans des équipements qui peuvent être la cible d'attaques. Plusieurs attaques visant les circuits intégrés sont rapportées dans la littérature. Parmi celles-ci, les attaques laser ont été rapportées comme étant très efficace. Le principe consiste alors à illuminer le circuit au moyen d'un faisceau laser afin d'induire un comportement erroné et par analyse différentielle (DFA) afin de déduire des informations secrètes.L'objectif principal de cette thèse est de fournir des outils de CAO efficaces permettant de sécuriser les circuits en évaluant les contre-mesures proposées contre les attaques laser et cela très tôt dans le flot de conception.Cette thèse est effectuée dans le cadre d'une collaboration étroite entre deux laboratoires de Grenoble INP : le LCIS et le TIMA. Ce travail est également réalisé dans le cadre du projet ANR LIESSE impliquant plusieurs autres partenaires, dont notamment STMicroelectronics.Un modèle de faute au niveau RTL a été développé afin d’émuler des attaques laser. Ce modèle de faute a été utilisé pour évaluer différentes architectures cryptographiques sécurisées grâce à des campagnes d'injection de faute émulées sur FPGA.Ces campagnes d'injection ont été réalisées en collaboration avec le laboratoire TIMA et elles ont permis de comparer les résultats obtenus avec d'autres modèles de faute. De plus, l'approche a été validée en utilisant une description au niveau layout de plusieurs circuits. Cette validation a permis de quantifier l'efficacité du modèle de faute pour prévoir des fautes localisées. De plus, en collaboration avec le CMP (Centre de Microélectronique de Provence) des injections de faute laser expérimentales ont été réalisées sur des circuits intégrés récents de STMICROELECTRONICS et les résultats ont été utilisés pour valider le modèle de faute RTL.Finalement, ce modèle de faute RTL mène au développement d'une contremesure RTL contre les attaques laser. Cette contre-mesure a été mise en œuvre et évaluée par des campagnes de simulation de fautes avec le modèle de faute RTL et d'autres modèles de faute classiques. / Many aspects of our current life rely on the exchange of data through electronic media. Powerful encryption algorithms guarantee the security, privacy and authentication of these exchanges. Nevertheless, those algorithms are implemented in electronic devices that may be the target of attacks despite their proven robustness. Several means of attacking integrated circuits are reported in the literature (for instance analysis of the correlation between the processed data and power consumption). Among them, laser illumination of the device has been reported to be one important and effective mean to perform attacks. The principle is to illuminate the circuit by mean of a laser and then to induce an erroneous behavior.For instance, in so-called Differential Fault Analysis (DFA), an attacker can deduce the secret key used in the crypto-algorithms by comparing the faulty result and the correct one. Other types of attacks exist, also based on fault injection but not requiring a differential analysis; the safe error attacks or clocks attacks are such examples.The main goal of the PhD thesis was to provide efficient CAD tools to secure circuit designers in order to evaluate counter-measures against such laser attacks early in the design process. This thesis has been driven by two Grenoble INP laboratories: LCIS and TIMA. The work has been carried out in the frame of the collaborative ANR project LIESSE involving several other partners, including STMicroelectronics.A RT level model of laser effects has been developed, capable of emulating laser attacks. The fault model was used in order to evaluate several different secure cryptographic implementations through FPGA emulated fault injection campaigns. The injection campaigns were performed in collaboration with TIMA laboratory and they allowed to compare the results with other state of the art fault models. Furthermore, the approach was validated versus the layout of several circuits. The layout based validation allowed to quantify the effectiveness of the fault model to predict localized faults. Additionally, in collaboration with CMP (Centre Microélectronique de Provence) experimental laser fault injections has been performed on a state of the art STMicroelectronics IC and the results have been used for further validation of the fault model. Finally the validated fault model led to the development of an RTL (Register Transfer Level) countermeasure against laser attacks. The countermeasure was implemented and evaluated by fault injection campaigns according to the developed fault model, other state of the art fault models and versus layout information. Emulation FPGA Attaques Laser Circuits intégrés RTL Emulation FPGA Attacks Laser Integrated circuits RTL 620
292	Etude et implémentation de contre-mesures matérielles pour la protection de dispositifs de cryptographie ECDSA / Studies and implementation of hardware countermeasures for ECDSA cryptosystems Dubeuf, Jérémy 03 May 2018 (has links) La sécurité de l'information repose étroitement sur les circuits intégrés (CI). Malheureusement, les CIs sont soumis à de nombreuses menaces telles que les attaques par canaux auxiliaires ou par injection de fautes. Ce travail se concentre sur les petites vulnérabilités et les contremesures liées à l’algorithme ECDSA. La motivation est qu’une source de vulnérabilité peut être utilisée dans différent scénario d’attaque. En corrigeant la vulnérabilité, les attaques existantes sont évitées mais également les attaques non découvertes ou non publiées utilisant la vulnérabilité en question. De plus, bien que le scalaire sur courbe elliptique soit au cœur de la sécurité de tous les schémas cryptographiques à base de courbe elliptique, l’ensemble du système a besoin d’être sécurisé. Une vulnérabilité concernant simplement quelques bits de secret peut suffire à récupérer la clef privée et donc doit être évité.L’ECDSA peut être implémenté de différentes façons, en logiciel ou via du matériel dédié ou un mix des deux. De nombreuses architectures différentes sont donc possibles pour implémenter un système à base d’ECDSA. Pour cette raison, ces travaux se concentrent principalement sur les contremesures algorithmiques. / Information security heavily relies on integrated circuits (ICs). Unfortunately, ICs face a lot of threats such as side channel or fault attacks. This work focuses on small vulnerabilities and countermeasures for the Elliptic Curve Digital Signature Algorithm (ECDSA). The motivation is that leakage sources may be used in different attack scenarios. By fixing the leakage, existing attacks are prevented but also undiscovered or non-disclosed attacks based on the leakage. Moreover, while the elliptic curve scalar algorithm is at the heart of the security of all elliptic curve related cryptographic schemes, all the ECDSA system needs security. A small leakage of few secret bits may conduct to fully disclose the private key and thus should be avoided.The ECDSA can be implemented in different flavors such as in a software that runs on a microcontroller or as a hardware self-contained block or also as a mix between software and hardware accelerator. Thus, a wide range of architectures is possible to implement an ECDSA system. For this reason, this work mainly focuses on algorithmic countermeasures as they allow being compliant with different kinds of implementations. Cryptosystèmes Attaques Contremesures Matériel Laser Fautes Cryptosystems Attacks Countermeasures Hardware Laser Faults 620
293	Analysis of low-level implementations of cryptographic protocols Gkaniatsou, Andriana Evgenia January 2018 (has links) This thesis examines the vulnerabilities due to low-level implementation deficiencies of otherwise secure communication protocols in smart-cards. Smart-cards are considered to be one of the most secure, tamper-resistant, and trusted devices for implementing confidential operations, such as authentication, key management, encryption and decryption for financial, communication, security and data management purposes. The self-containment of smart-cards makes them resistant to attacks as they do not depend on potentially vulnerable external resources. As such, smart-cards are often incorporated in formally-verified protocols that require strong security of the cryptographic computations. Such a setting consists of a smart-card which is responsible for the execution of sensitive operations, and an Application Programming Interface (API) which implements a particular protocol. For the smart-card to execute any kind of operation there exists a confidential low-level communication with the API, responsible for carrying out the protocol specifications and requests. This communication is kept secret on purpose by some vendors, under the assumption that hiding implementation details enhances the system’s security. The work presented in this thesis analyses such low-level protocol implementations in smart-cards, especially those whose implementation details are deliberately kept secret. In particular, the thesis consists of a thorough analysis of the implementation of PKCS#11 and Bitcoin smart-cards with respect to the low-level communication layer. Our hypothesis is that by focusing on reverse-engineering the low-level implementation of the communication protocols in a disciplined and generic way, one can discover new vulnerabilities and open new attack vectors that are not possible when looking at the highest levels of implementation, thereby compromising the security guarantees of the smart-cards. We present REPROVE, a system that automatically reverse-engineers the low-level communication of PKCS#11 smart-cards, deduces the card’s functionalities and translates PKCS#11 cryptographic functions into communication steps. REPROVE deals with both standard-conforming and proprietary implementations, and does not require access to the card. We use REPROVE to reverse-engineer seven commercially available smart-cards. Moreover, we conduct a security analysis of the obtained models and expose a set of vulnerabilities which would have otherwise been unknown. To the best of our knowledge, REPROVE is the first system to address proprietary implementations and the only system that maps cryptographic functions to communication steps and on-card operations. To that end, we showcase REPROVE’s usefulness to a security ecosystem by integrating it with an existing tool to extract meaningful state-machines of the card’s implementations. To conduct a security analysis of the results we obtained, we define a threat model that addresses low-level PKCS#11 implementations. Our analysis indicates a series of implementation errors that leave the cards vulnerable to attacks. To that end, we showcase how the discovered vulnerabilities can be exploited by presenting practical attacks. The results we obtained from the PKCS#11 smart-card analysis showed that proprietary implementations commonly hide erroneous behaviours. To test the assumption that the same practice is also adopted by other protocols, we further examine the low-level implementation of the only available smart-card based Bitcoin wallets, LEDGER. We extract the different protocols that the LEDGER wallets implement and conduct a through analysis. Our results indicate a set of vulnerabilities that expose the wallets as well as the processed transactions to multiple threats. To that end, we present how we successfully mounted attacks on the LEDGER wallets that lead to the loss of the wallet’s ownership and consequently loss of the funds. We address the lack of well-defined security properties that Bitcoin wallets should conform to by introducing a general threat model. We further use that threat model to propose a lightweight fix that can be adopted by other, not necessarily smart-card-based, wallets.
294	Analysis and Modeling of Services Impacts on System Workload and Performance in Service-based Systems (SBS) January 2012 (has links) abstract: In recent years, service oriented computing (SOC) has become a widely accepted paradigm for the development of distributed applications such as web services, grid computing and cloud computing systems. In service-based systems (SBS), multiple service requests with specific performance requirements make services compete for system resources. IT service providers need to allocate resources to services so the performance requirements of customers can be satisfied. Workload and performance models are required for efficient resource management and service performance assurance in SBS. This dissertation develops two methods to understand and model the cause-effect relations of service-related activities with resources workload and service performance. Part one presents an empirical method that requires the collection of system dynamics data and the application of statistical analyses. The results show that the method is capable to: 1) uncover the impacts of services on resource workload and service performance, 2) identify interaction effects of multiple services running concurrently, 3) gain insights about resource and performance tradeoffs of services, and 4) build service workload and performance models. In part two, the empirical method is used to investigate the impacts of services, security mechanisms and cyber attacks on resources workload and service performance. The information obtained is used to: 1) uncover interaction effects of services, security mechanisms and cyber attacks, 2) identify tradeoffs within limits of system resources, and 3) develop general/specific strategies for system survivability. Finally, part three presents a framework based on the usage profiles of services competing for resources and the resource-sharing schemes. The framework is used to: 1) uncover the impacts of service parameters (e.g. arrival distribution, execution time distribution, priority, workload intensity, scheduling algorithm) on workload and performance, and 2) build service workload and performance models at individual resources. The estimates obtained from service workload and performance models at individual resources can be aggregated to obtain overall estimates of services through multiple system resources. The workload and performance models of services obtained through both methods can be used for the efficient resource management and service performance assurance in SBS. / Dissertation/Thesis / Ph.D. Industrial Engineering 2012 Industrial engineering computer and network services cyber attacks impacts service performance service quality system impacts system survivability
295	Técnicas para o projeto de hardware criptográfico tolerante a falhas Moratelli, Carlos Roberto January 2007 (has links) Este trabalho tem como foco principal o estudo de um tipo específico de ataque a sistemas criptográficos. A implementação em hardware, de algoritmos criptográficos, apresenta uma série de vulnerabilidades, as quais, não foram previstas no projeto original de tais algoritmos. Os principais alvos destes tipos de ataque são dispositivos portáteis que implementam algoritmos criptográfico em hardware devido as limitações de seus processadores embarcados. Um exemplo deste tipo de dispositivo são os Smart Cards, os quais, são extensamente utilizados nos sistemas GSM de telefonia móvel e estão sendo adotados no ramo bancário. Tais dispositivos podem ser atacados de diferentes maneiras, por exemplo, analisando-se a energia consumida pelo dispositivo, o tempo gasto no processamento ou ainda explorando a suscetibilidade do hardware a ocorrência de falhas transientes. O objetivo de tais ataques é a extração de informações sigilosas armazenadas no cartão como, por exemplo, a chave criptográfica. Ataques por injeção maliciosa de falhas no hardware são comumente chamados de DFA (Differencial Fault Attack) ou simplesmente fault attack. O objetivo deste trabalho foi estudar como ataques por DFA ocorrem em diferentes algoritmos e propor soluções para impedir tais ataques. Os algoritmos criptográficos abordados foram o DES e o AES, por serem amplamente conhecidos e utilizados. São apresentadas diferentes soluções capazes de ajudar a impedir a execução de ataques por DFA. Tais soluções são baseadas em técnicas de tolerância a falhas, as quais, foram incorporadas à implementações em hardware dos algoritmos estudados. As soluções apresentadas são capazes de lidar com múltiplas falhas simultaneamente e, em muitos casos a ocorrência de falhas torna-se transparente ao usuário ou atacante. Isso confere um novo nível de segurança, na qual, o atacante é incapaz de ter certeza a respeito da eficácio de seu método de injeção de falhas. A validação foi realizada através de simulações de injeção de falhas simples e múltiplas. Os resultados mostram uma boa eficácia dos mecanismos propostos, desta forma, elevando o nível de segurança nos sistemas protegidos. Além disso, foram mantidos os compromissos com área e desempenho. / This work focuses on the study of a particular kind of attack against cryptographic systems. The hardware implementation of cryptographic algorithms present a number of vulnerabilities not taken into account in the original design of the algorithms. The main targets of such attacks are portable devices which include cryptographic hardware due to limitations in their embedded processors, like the Smart Cards, which are already largely used in GSM mobile phones and are beginning to spread in banking applications. These devices can be attacked in several ways, e.g., by analysing the power consummed by the device, the time it takes to perform an operation, or even by exploring the susceptibility of the hardware to the occurrence of transient faults. These attacks aim to extract sensitive information stored in the device, such as a cryptographic key. Attacks based on the malicious injection of hardware faults are commonly called Differential Fault Attacks (DFA), or simply fault attacks. The goal of the present work was to study how fault attacks are executed against different algorithms, and to propose solutions to avoid such attacks. The algorithms selected for this study were the DES and the AES, both well known and largely deployed. Different solutions to help avoid fault attacks are presented. The solutions are based on fault tolerance techniques, and were included in hardware implementations of the selected algorithms.The proposed solutions are capable to handle multiple simultaneous faults, and, in many cases, the faults are detected and corrected in a way that is transparent for the user and the attacker. This provides a new level of security, where the attacker is unable to verify the efficiency of the fault injection procedure. Validation was performed through single and multiple fault injection simulations. The results showed the efficiency of the proposed mechanisms, thus providing more security to the protected systems. A performance and area compromise was kept as well. Eletrônica Cartao inteligente Seguranca : Sistemas Criptografia Smart cards Hardware criptográfico Fault attacks Tolerância a falhas
296	Técnicas para o projeto de hardware criptográfico tolerante a falhas Moratelli, Carlos Roberto January 2007 (has links) Este trabalho tem como foco principal o estudo de um tipo específico de ataque a sistemas criptográficos. A implementação em hardware, de algoritmos criptográficos, apresenta uma série de vulnerabilidades, as quais, não foram previstas no projeto original de tais algoritmos. Os principais alvos destes tipos de ataque são dispositivos portáteis que implementam algoritmos criptográfico em hardware devido as limitações de seus processadores embarcados. Um exemplo deste tipo de dispositivo são os Smart Cards, os quais, são extensamente utilizados nos sistemas GSM de telefonia móvel e estão sendo adotados no ramo bancário. Tais dispositivos podem ser atacados de diferentes maneiras, por exemplo, analisando-se a energia consumida pelo dispositivo, o tempo gasto no processamento ou ainda explorando a suscetibilidade do hardware a ocorrência de falhas transientes. O objetivo de tais ataques é a extração de informações sigilosas armazenadas no cartão como, por exemplo, a chave criptográfica. Ataques por injeção maliciosa de falhas no hardware são comumente chamados de DFA (Differencial Fault Attack) ou simplesmente fault attack. O objetivo deste trabalho foi estudar como ataques por DFA ocorrem em diferentes algoritmos e propor soluções para impedir tais ataques. Os algoritmos criptográficos abordados foram o DES e o AES, por serem amplamente conhecidos e utilizados. São apresentadas diferentes soluções capazes de ajudar a impedir a execução de ataques por DFA. Tais soluções são baseadas em técnicas de tolerância a falhas, as quais, foram incorporadas à implementações em hardware dos algoritmos estudados. As soluções apresentadas são capazes de lidar com múltiplas falhas simultaneamente e, em muitos casos a ocorrência de falhas torna-se transparente ao usuário ou atacante. Isso confere um novo nível de segurança, na qual, o atacante é incapaz de ter certeza a respeito da eficácio de seu método de injeção de falhas. A validação foi realizada através de simulações de injeção de falhas simples e múltiplas. Os resultados mostram uma boa eficácia dos mecanismos propostos, desta forma, elevando o nível de segurança nos sistemas protegidos. Além disso, foram mantidos os compromissos com área e desempenho. / This work focuses on the study of a particular kind of attack against cryptographic systems. The hardware implementation of cryptographic algorithms present a number of vulnerabilities not taken into account in the original design of the algorithms. The main targets of such attacks are portable devices which include cryptographic hardware due to limitations in their embedded processors, like the Smart Cards, which are already largely used in GSM mobile phones and are beginning to spread in banking applications. These devices can be attacked in several ways, e.g., by analysing the power consummed by the device, the time it takes to perform an operation, or even by exploring the susceptibility of the hardware to the occurrence of transient faults. These attacks aim to extract sensitive information stored in the device, such as a cryptographic key. Attacks based on the malicious injection of hardware faults are commonly called Differential Fault Attacks (DFA), or simply fault attacks. The goal of the present work was to study how fault attacks are executed against different algorithms, and to propose solutions to avoid such attacks. The algorithms selected for this study were the DES and the AES, both well known and largely deployed. Different solutions to help avoid fault attacks are presented. The solutions are based on fault tolerance techniques, and were included in hardware implementations of the selected algorithms.The proposed solutions are capable to handle multiple simultaneous faults, and, in many cases, the faults are detected and corrected in a way that is transparent for the user and the attacker. This provides a new level of security, where the attacker is unable to verify the efficiency of the fault injection procedure. Validation was performed through single and multiple fault injection simulations. The results showed the efficiency of the proposed mechanisms, thus providing more security to the protected systems. A performance and area compromise was kept as well. Eletrônica Cartao inteligente Seguranca : Sistemas Criptografia Smart cards Hardware criptográfico Fault attacks Tolerância a falhas
297	Intrusion Detection and Prevention in IP Based Mobile Networks Tevemark, Jonas January 2008 (has links) Ericsson’s Packet Radio Access Network (PRAN) is a network solution for packet transport in mobile networks, which utilizes the Internet Protocol (IP). The IP protocol offers benefits in responsiveness and performance adaptation to data bursts when compared to Asynchronous Transfer Mode (ATM), which is still often used. There are many manufacturers / operators providing IP services, which reduce costs. The IP’s use on the Internet brings greater end-user knowledge, wider user community and more programs designed for use in IP environments. Because of this, the spectrum of possible attacks against PRAN broadens. This thesis provides information on what protection an Intrusion Prevention System (IPS) can add to the current PRAN solution. A risk analysis is performed to identify assets in and threats against PRAN, and to discover attacks that can be mitigated by the use of an IPS. Information regarding placement of an IPS in the PRAN network is given and tests of a candidate system are performed. IPS features in hardware currently used by Ericsson as well as missing features are pinpointed . Finally, requirements for an IPS intended for use in PRAN are concluded. Computer security Computer networks Network attacks Intrusion detection Intrusion prevention Information Systems
298	Técnicas para o projeto de hardware criptográfico tolerante a falhas Moratelli, Carlos Roberto January 2007 (has links) Este trabalho tem como foco principal o estudo de um tipo específico de ataque a sistemas criptográficos. A implementação em hardware, de algoritmos criptográficos, apresenta uma série de vulnerabilidades, as quais, não foram previstas no projeto original de tais algoritmos. Os principais alvos destes tipos de ataque são dispositivos portáteis que implementam algoritmos criptográfico em hardware devido as limitações de seus processadores embarcados. Um exemplo deste tipo de dispositivo são os Smart Cards, os quais, são extensamente utilizados nos sistemas GSM de telefonia móvel e estão sendo adotados no ramo bancário. Tais dispositivos podem ser atacados de diferentes maneiras, por exemplo, analisando-se a energia consumida pelo dispositivo, o tempo gasto no processamento ou ainda explorando a suscetibilidade do hardware a ocorrência de falhas transientes. O objetivo de tais ataques é a extração de informações sigilosas armazenadas no cartão como, por exemplo, a chave criptográfica. Ataques por injeção maliciosa de falhas no hardware são comumente chamados de DFA (Differencial Fault Attack) ou simplesmente fault attack. O objetivo deste trabalho foi estudar como ataques por DFA ocorrem em diferentes algoritmos e propor soluções para impedir tais ataques. Os algoritmos criptográficos abordados foram o DES e o AES, por serem amplamente conhecidos e utilizados. São apresentadas diferentes soluções capazes de ajudar a impedir a execução de ataques por DFA. Tais soluções são baseadas em técnicas de tolerância a falhas, as quais, foram incorporadas à implementações em hardware dos algoritmos estudados. As soluções apresentadas são capazes de lidar com múltiplas falhas simultaneamente e, em muitos casos a ocorrência de falhas torna-se transparente ao usuário ou atacante. Isso confere um novo nível de segurança, na qual, o atacante é incapaz de ter certeza a respeito da eficácio de seu método de injeção de falhas. A validação foi realizada através de simulações de injeção de falhas simples e múltiplas. Os resultados mostram uma boa eficácia dos mecanismos propostos, desta forma, elevando o nível de segurança nos sistemas protegidos. Além disso, foram mantidos os compromissos com área e desempenho. / This work focuses on the study of a particular kind of attack against cryptographic systems. The hardware implementation of cryptographic algorithms present a number of vulnerabilities not taken into account in the original design of the algorithms. The main targets of such attacks are portable devices which include cryptographic hardware due to limitations in their embedded processors, like the Smart Cards, which are already largely used in GSM mobile phones and are beginning to spread in banking applications. These devices can be attacked in several ways, e.g., by analysing the power consummed by the device, the time it takes to perform an operation, or even by exploring the susceptibility of the hardware to the occurrence of transient faults. These attacks aim to extract sensitive information stored in the device, such as a cryptographic key. Attacks based on the malicious injection of hardware faults are commonly called Differential Fault Attacks (DFA), or simply fault attacks. The goal of the present work was to study how fault attacks are executed against different algorithms, and to propose solutions to avoid such attacks. The algorithms selected for this study were the DES and the AES, both well known and largely deployed. Different solutions to help avoid fault attacks are presented. The solutions are based on fault tolerance techniques, and were included in hardware implementations of the selected algorithms.The proposed solutions are capable to handle multiple simultaneous faults, and, in many cases, the faults are detected and corrected in a way that is transparent for the user and the attacker. This provides a new level of security, where the attacker is unable to verify the efficiency of the fault injection procedure. Validation was performed through single and multiple fault injection simulations. The results showed the efficiency of the proposed mechanisms, thus providing more security to the protected systems. A performance and area compromise was kept as well. Eletrônica Cartao inteligente Seguranca : Sistemas Criptografia Smart cards Hardware criptográfico Fault attacks Tolerância a falhas
299	Análise e contra-ataque à poluição e whitewashing em sistemas P2P de vídeo ao vivo Almeida, Rafael Barra de 25 January 2013 (has links) Submitted by Renata Lopes (renatasil82@gmail.com) on 2017-05-30T19:30:25Z No. of bitstreams: 1 rafaelbarradealmeida.pdf: 1586266 bytes, checksum: b824fb31f42c6ab41350af41be08ad11 (MD5) / Approved for entry into archive by Adriana Oliveira (adriana.oliveira@ufjf.edu.br) on 2017-06-01T11:36:00Z (GMT) No. of bitstreams: 1 rafaelbarradealmeida.pdf: 1586266 bytes, checksum: b824fb31f42c6ab41350af41be08ad11 (MD5) / Made available in DSpace on 2017-06-01T11:36:00Z (GMT). No. of bitstreams: 1 rafaelbarradealmeida.pdf: 1586266 bytes, checksum: b824fb31f42c6ab41350af41be08ad11 (MD5) Previous issue date: 2013-01-25 / FAPEMIG - Fundação de Amparo à Pesquisa do Estado de Minas Gerais / Aplicações de transmissão de vídeo ao vivo na Internet têm ganhado bastante populari dade nos últimos anos. A facilidade para se publicar e ter acesso a esse tipo de conteúdo tem atraído grande atenção. A arquitetura P2P ganhou lugar de destaque neste contexto, principalmente, por ser mais tolerante a falhas e superar os problemas de escalabilidade presentes no modelo cliente-servidor. No entanto, devido às suas características, como ausência de controle centralizado, as redes P2P podem ser suscetíveis a ataques e com portamentos maliciosos. Este trabalho analisa o impacto causado por ataques de poluição e whitewashing em sistemas P2P de transmissão de vídeo ao vivo. Para combater estes tipos de ataques, me canismos simples e descentralizados de reputação são propostos e implementados através de um protótipo de aplicação executado em um ambiente de rede real, con gurado no PlanetLab. Os resultados mostram que ataques de poluição são bastante prejudiciais a sistemas P2P de transmissão de vídeo ao vivo. Quando apenas 10% dos peers agem de maneira maliciosa, os demais participantes do sistema recebem mais de 90% de dados poluídos. Além disso, a sobrecarga média na banda de rede chega a 230% em momentos de pico, forçando os participantes a utilizar 3 vezes mais banda de rede do que seria necessário em um sistema sem ataques de poluição. Os mecanismos de reputação propostos, testados no ambiente do PlanetLab, bloqueiam ataques de poluição rapidamente, reduzindo a porcentagem de dados poluídos recebidos a 6% e a sobrecarga a 5%. Para o caso de ataque combinado de poluição e whitewashing, o mecanismo de reputação proposto diminui a sobrecarga no sistema de 112% para 20% e a porcentagem de dados poluídos de 70% para 19%. / Live streaming video applications on the Internet are becoming more popular in the last years. The ease of publishing and accessing content through such applications has at tracted great attention from users and researchers. The P2P architecture has obtained a prominent place in this context, mainly because it is more fault tolerant and overcome the scalability issues present in the client-server model. However, due to its distributed characteristics, the P2P networks can be more susceptible to attacks and malicious be havior. In this work, we analyze the impact of pollution attacks and whitewashing in P2P live streaming systems. To combat these attacks, simple mechanisms and decentralized reputation are proposed and implemented by a prototype application running on a real network environment, set in PlanetLab. Our results show that pollution attacks are harmful to P2P live streaming systems. When 10% of peers are malicious, the remaining peers in the system receive more than 90% of data polluted. Furthermore, the average overhead in network bandwidth reaches 230% at peak times, forcing the peers to use three times the bandwidth required in a system without pollution attacks. The proposed reputation mechanism, tested on PlanetLab testbed, quickly blocks isolated pollution attacks, reducing the amount of polluted data received to 6% and the overhead to 5%. In the case of pollution attack combined with whitewashing, the proposed reputation mechanism reduces the overhead in the system from 112% to 20% and the amount of polluted data from 70% to 19%. P2P Segurança Ataques de poluição Whitewashing P2P Security Pollution Attacks Whitewashing
300	A simple and low cost platform to perform Power Analysis Attacks Carmona, Manuel Bejarano January 2012 (has links) Power Analysis Attacks use the fact that power consumption in modern microprocessors and cryptographic devices depends on the instructions executed on them and so, it varies with time. This leak- age is mainly used to deduce cryptographic keys as well as algorithms by direct observation of power traces. Power Analysis is a recent field of study that has been developed for the last decade. Since then, the techniques used have evolved into more complex forms, that some- times require a variety of skills that makes the subject difficult to start with. Nowadays it is changeling to tackle the problem without expen- sive equipment; what is more, the off-the-shelf solutions to do Power Analysis Attacks are rare and expensive. This thesis aim to provide a low cost and open platform as an entry point to Power Analysis for a price under 10 USD. Besides that, it is designed to be able to per- form Simple Power Analysis and Differential Power Analysis attacks to a 8 bit microcontroller, including the software needed to automate the process of taking the measurements. Finally, the platform can be extended to cover a wide range of microcontrollers, microprocessors and cryptographic devices by simple insertion in a bread board, which makes it the perfect device for new comers to the field. Computer Sciences Datavetenskap (datalogi) Telecommunications Telekommunikation

Search results