Spelling suggestions: "subject:"attacks"" "subject:"ttacks""
561 |
Increasing the Robustness of Point Operations in Co-Z Arithmetic against Side-Channel AttacksAlmohaimeed, Ziyad Mohammed 08 August 2013 (has links)
Elliptic curve cryptography (ECC) has played a significant role on secure devices since it was introduced by Koblitz and Miller more than three decades ago. The great demand for ECC is created by its shorter key length while it provides an equivalent security level in comparison to previously introduced public-key cryptosystems (e.g.RSA). From an implementation point of view a shorter key length means a higher
processing speed, smaller power consumption, and silicon area requirement. Scalar multiplication is the main operation in Elliptic Curve Diffie-Hellman (ECDH), which is a key-agreement protocol using ECC. As shown in the prior literature, this operation is both vulnerable to Power Analysis attack and requires a large amount of time. Therefore, a lot of research has focused on enhancing the performance and security of scalar multiplication. In this work, we describe three schemes to counter power analysis cryptographic attacks. The first scheme provides improved security
at the expense of a very small cost of additional hardware overhead; its basic idea is to randomize independent field operations in order to have multiple power consumption traces for each point operation. In the second scheme, we introduce an atomic block that consists of addition, multiplication and addition [A-M-A]. This technique provides a very good scalar multiplication protection but with increased computation cost. The third scheme provides both security and speed by adopting the second tech-
nique and enhancing the instruction-level parallelism at the atomic level. As a result, the last scheme also provides a reduction in computing time. With these schemes the users can optimize the trade-off between speed, cost, and security level according to their needs and resources. / Graduate / 0544 / 0984 / z.mohaimeed@gmail.com
|
562 |
Efficient Packet-Drop Thwarting and User-Privacy Preserving Protocols for Multi-hop Wireless NetworksMahmoud, Mohamed Mohamed Elsalih Abdelsalam 08 April 2011 (has links)
In multi-hop wireless network (MWN), the mobile nodes relay others’ packets for enabling new applications and enhancing the network deployment and performance. However, the selfish nodes drop the packets because packet relay consumes their resources without benefits, and the malicious nodes drop the packets to launch Denial-of-Service attacks. Packet drop attacks adversely degrade the network fairness and performance in terms of throughput, delay, and packet delivery ratio. Moreover, due to the nature of wireless transmission and multi-hop packet relay, the attackers can analyze the network traffic in undetectable way to learn the users’ locations in number of hops and their communication activities causing a serious threat to the users’ privacy. In this thesis, we propose efficient security protocols for thwarting packet drop attacks and preserving users’ privacy in multi-hop wireless networks.
First, we design a fair and efficient cooperation incentive protocol to stimulate the selfish nodes to relay others’ packets. The source and the destination nodes pay credits (or micropayment) to the intermediate nodes for relaying their packets. In addition to cooperation stimulation, the incentive protocol enforces fairness by rewarding credits to compensate the nodes for the consumed resources in relaying others’ packets. The protocol also discourages launching Resource-Exhaustion attacks by sending bogus packets to exhaust the intermediate nodes’ resources because the nodes pay for relaying their packets.
For fair charging policy, both the source and the destination nodes are charged when the two nodes benefit from the communication. Since micropayment protocols have been originally proposed for web-based applications, we propose a practical payment model specifically designed for MWNs to consider the significant differences between web-based applications and cooperation stimulation. Although the non-repudiation property of the public-key cryptography is essential for securing the incentive protocol, the public-key cryptography requires too complicated computations and has a long signature tag. For efficient implementation, we use the public-key cryptography only for the first packet in a series and use the efficient hashing operations for the next packets, so that the overhead of the packet series converges to that of the hashing operations. Since a trusted party is not involved in the communication sessions, the nodes usually submit undeniable digital receipts (proofs of packet relay) to a centralized trusted party for updating their credit accounts. Instead of submitting large-size payment receipts, the nodes submit brief reports containing the alleged charges and rewards and store undeniable security evidences. The payment of the fair reports can be cleared with almost no processing overhead. For the cheating reports, the evidences are requested to identify and evict the cheating nodes. Since the cheating actions are exceptional, the proposed protocol can significantly reduce the required bandwidth and energy for submitting the payment data and clear the payment with almost no processing overhead while achieving the same security strength as the receipt-based protocols.
Second, the payment reports are processed to extract financial information to reward the cooperative nodes, and contextual information such as the broken links to build up a trust system to measure the nodes’ packet-relay success ratios in terms of trust values. A node’s trust value is degraded whenever it does not relay a packet and improved whenever it does. A node is identified as malicious and excluded from the network once its trust value reaches to a threshold. Using trust system is necessary to keep track of the nodes’ long-term behaviors because the network packets may be dropped normally, e.g., due to mobility, or temporarily, e.g., due to network congestion, but the high frequency of packet drop is an obvious misbehavior. Then, we propose a trust-based and energy-aware routing protocol to route traffics through the highly trusted nodes having sufficient residual energy in order to establish stable routes and thus minimize the probability of route breakage. A node’s trust value is a real and live measurement to the node’s failure probability and mobility level, i.e., the low-mobility nodes having large hardware resources can perform packet relay more efficiently. In this way, the proposed protocol stimulates the nodes not only to cooperate but also to improve their packet-relay success ratio and tell the truth about their residual energy to improve their trust values and thus raise their chances to participate in future routes.
Finally, we propose a privacy-preserving routing and incentive protocol for hybrid ad hoc wireless network. Micropayment is used to stimulate the nodes’ cooperation without submitting payment receipts. We only use the lightweight hashing and symmetric-key-cryptography operations to preserve the users’ privacy. The nodes’ pseudonyms are efficiently computed using hashing operations. Only trusted parties can link these pseudonyms to the real identities for charging and rewarding operations. Moreover, our protocol protects the location privacy of the anonymous source and destination nodes.
Extensive analysis and simulations demonstrate that our protocols can secure the payment and trust calculation, preserve the users’ privacy with acceptable overhead, and precisely identify the malicious and the cheating nodes. Moreover, the simulation and measurement results demonstrate that our routing protocols can significantly improve route stability and thus the packet delivery ratio due to stimulating the selfish nodes’ cooperation, evicting the malicious nodes, and making informed decisions regarding route selection. In addition, the processing and submitting overheads of the payment-reports are incomparable with those of the receipts in the receipt-based incentive protocols. Our protocol also requires incomparable overhead to the signature-based protocols because the lightweight hashing operations dominate the nodes’ operations.
|
563 |
Side-Channel Analysis: Countermeasures and Application to Embedded Systems DebuggingMoreno, Carlos January 2013 (has links)
Side-Channel Analysis plays an important role in cryptology, as
it represents an important class of attacks against cryptographic
implementations, especially in the context of embedded systems
such as hand-held mobile devices, smart cards, RFID tags, etc.
These types of attacks bypass any intrinsic mathematical security
of the cryptographic algorithm or protocol by exploiting observable
side-effects of the execution of the cryptographic operation that
may exhibit some relationship with the internal (secret) parameters
in the device. Two of the main types of side-channel attacks are
timing attacks or timing analysis, where the relationship between
the execution time and secret parameters is exploited; and power
analysis, which exploits the relationship between power consumption
and the operations being executed by a processor as well as the
data that these operations work with. For power analysis, two
main types have been proposed: simple power analysis (SPA) which
relies on direct observation on a single measurement, and
differential power analysis (DPA), which uses multiple
measurements combined with statistical processing to extract
information from the small variations in power consumption
correlated to the data.
In this thesis, we propose several countermeasures to these
types of attacks, with the main themes being timing analysis
and SPA. In addition to these themes, one of our contributions
expands upon the ideas behind SPA to present a constructive
use of these techniques in the context of embedded systems
debugging.
In our first contribution, we present a countermeasure against
timing attacks where an optimized form of idle-wait is proposed
with the goal of making the observable decryption time constant
for most operations while maintaining the overhead to a minimum.
We show that not only we reduce the overhead in terms of execution
speed, but also the computational cost of the countermeasure,
which represents a considerable advantage in the context of
devices relying on battery power, where reduced computations
translates into lower power consumption and thus increased
battery life. This is indeed one of the important themes for
all of the contributions related to countermeasures to side-
channel attacks.
Our second and third contributions focus on power analysis;
specifically, SPA. We address the issue of straightforward
implementations of binary exponentiation algorithms (or scalar
multiplication, in the context of elliptic curve cryptography)
making a cryptographic system vulnerable to SPA. Solutions
previously proposed introduce a considerable performance
penalty. We propose a new method, namely Square-and-Buffered-
Multiplications (SABM), that implements an SPA-resistant binary
exponentiation exhibiting optimal execution time at the cost of
a small amount of storage --- O(\sqrt(\ell)), where \ell is the
bit length of the exponent. The technique is optimal in the
sense that it adds SPA-resistance to an underlying binary
exponentiation algorithm while introducing zero computational
overhead.
We then present several new SPA-resistant algorithms that result
from a novel way of combining the SABM method with an alternative
binary exponentiation algorithm where the exponent is split in
two halves for simultaneous processing, showing that by combining
the two techniques, we can make use of signed-digit representations
of the exponent to further improve performance while maintaining
SPA-resistance. We also discuss the possibility of our method
being implemented in a way that a certain level of resistance
against DPA may be obtained.
In a related contribution, we extend these ideas used in SPA and
propose a technique to non-intrusively monitor a device and trace
program execution, with the intended application of assisting in
the difficult task of debugging embedded systems at deployment
or production stage, when standard debugging tools or auxiliary
components to facilitate debugging are no longer enabled in the
device. One of the important highlights of this contribution is
the fact that the system works on a standard PC, capturing the
power traces through the recording input of the sound card.
|
564 |
The impact of 9/11 on the South African anti-terrorism legislation and the constitutionality thereof.Kokott, Katrin January 2005 (has links)
This paper aimed at analysing what was South Africa's response to its international obligations regarding the 9/11 events and how does such response comply with the country's constitutional framework. This study gave a brief outline of the most significant legislative changes in a number of countries and then concentrate on the South African anti-terrorism legislation. It identified the provisions of the Act that have been discussed most controversial throughout the drafting process and analysed whether they comply with constitutional standards. Particular emphasis was laid on the possible differences between the South African Act and comparative legislation that derive directly from the apartheid history of the country.
|
565 |
Applications of finite field computation to cryptology : extension field arithmetic in public key systems and algebraic attacks on stream ciphersWong, Kenneth Koon-Ho January 2008 (has links)
In this digital age, cryptography is largely built in computer hardware or software as discrete structures. One of the most useful of these structures is finite fields. In this thesis, we explore a variety of applications of the theory and applications of arithmetic and computation in finite fields in both the areas of cryptography and cryptanalysis. First, multiplication algorithms in finite extensions of prime fields are explored. A new algebraic description of implementing the subquadratic Karatsuba algorithm and its variants for extension field multiplication are presented. The use of cy- clotomic fields and Gauss periods in constructing suitable extensions of virtually all sizes for efficient arithmetic are described. These multiplication techniques are then applied on some previously proposed public key cryptosystem based on exten- sion fields. These include the trace-based cryptosystems such as XTR, and torus- based cryptosystems such as CEILIDH. Improvements to the cost of arithmetic were achieved in some constructions due to the capability of thorough optimisation using the algebraic description. Then, for symmetric key systems, the focus is on algebraic analysis and attacks of stream ciphers. Different techniques of computing solutions to an arbitrary system of boolean equations were considered, and a method of analysing and simplifying the system using truth tables and graph theory have been investigated. Algebraic analyses were performed on stream ciphers based on linear feedback shift registers where clock control mechanisms are employed, a category of ciphers that have not been previously analysed before using this method. The results are successful algebraic attacks on various clock-controlled generators and cascade generators, and a full algebraic analyses for the eSTREAM cipher candidate Pomaranch. Some weaknesses in the filter functions used in Pomaranch have also been found. Finally, some non-traditional algebraic analysis of stream ciphers are presented. An algebraic analysis on the word-based RC4 family of stream ciphers is performed by constructing algebraic expressions for each of the operations involved, and it is concluded that each of these operations are significant in contributing to the overall security of the system. As far as we know, this is the first algebraic analysis on a stream cipher that is not based on linear feedback shift registers. The possibility of using binary extension fields and quotient rings for algebraic analysis of stream ciphers based on linear feedback shift registers are then investigated. Feasible algebraic attacks for generators with nonlinear filters are obtained and algebraic analyses for more complicated generators with multiple registers are presented. This new form of algebraic analysis may prove useful and thereby complement the traditional algebraic attacks. This thesis concludes with some future directions that can be taken and some open questions. Arithmetic and computation in finite fields will certainly be an important area for ongoing research as we are confronted with new developments in theory and exponentially growing computer power.
|
566 |
Protocol engineering for protection against denial-of-service attacksTritilanunt, Suratose January 2009 (has links)
Denial-of-service attacks (DoS) and distributed denial-of-service attacks (DDoS) attempt to temporarily disrupt users or computer resources to cause service un- availability to legitimate users in the internetworking system. The most common type of DoS attack occurs when adversaries °ood a large amount of bogus data to interfere or disrupt the service on the server. The attack can be either a single-source attack, which originates at only one host, or a multi-source attack, in which multiple hosts coordinate to °ood a large number of packets to the server. Cryptographic mechanisms in authentication schemes are an example ap- proach to help the server to validate malicious tra±c. Since authentication in key establishment protocols requires the veri¯er to spend some resources before successfully detecting the bogus messages, adversaries might be able to exploit this °aw to mount an attack to overwhelm the server resources. The attacker is able to perform this kind of attack because many key establishment protocols incorporate strong authentication at the beginning phase before they can iden- tify the attacks. This is an example of DoS threats in most key establishment protocols because they have been implemented to support con¯dentiality and data integrity, but do not carefully consider other security objectives, such as availability. The main objective of this research is to design denial-of-service resistant mechanisms in key establishment protocols. In particular, we focus on the design of cryptographic protocols related to key establishment protocols that implement client puzzles to protect the server against resource exhaustion attacks. Another objective is to extend formal analysis techniques to include DoS- resistance. Basically, the formal analysis approach is used not only to analyse and verify the security of a cryptographic scheme carefully but also to help in the design stage of new protocols with a high level of security guarantee. In this research, we focus on an analysis technique of Meadows' cost-based framework, and we implement DoS-resistant model using Coloured Petri Nets. Meadows' cost-based framework is directly proposed to assess denial-of-service vulnerabil- ities in the cryptographic protocols using mathematical proof, while Coloured Petri Nets is used to model and verify the communication protocols using inter- active simulations. In addition, Coloured Petri Nets are able to help the protocol designer to clarify and reduce some inconsistency of the protocol speci¯cation. Therefore, the second objective of this research is to explore vulnerabilities in existing DoS-resistant protocols, as well as extend a formal analysis approach to our new framework for improving DoS-resistance and evaluating the performance of the new proposed mechanism. In summary, the speci¯c outcomes of this research include following results; 1. A taxonomy of denial-of-service resistant strategies and techniques used in key establishment protocols; 2. A critical analysis of existing DoS-resistant key exchange and key estab- lishment protocols; 3. An implementation of Meadows's cost-based framework using Coloured Petri Nets for modelling and evaluating DoS-resistant protocols; and 4. A development of new e±cient and practical DoS-resistant mechanisms to improve the resistance to denial-of-service attacks in key establishment protocols.
|
567 |
The strength of Muslim American couples in the face of heightened discrimination from September 11th and the Iraq War : a project based upon an independent investigation /Goodman, Brianne. January 2008 (has links)
Thesis (M.S.W.)--Smith College School for Social Work, Northampton, Mass., 2008. / Typescript. Includes bibliographical references (leaves 143-149).
|
568 |
11 Eylül sonrası terörizmin kazandığı yeni boyut ve uluslararası terörizmin Türkiye'ye yansımaları /Muratoğlu, Enver. Metin, Yüksel. January 2007 (has links) (PDF)
Tez (Yüksek Lisans) - Süleyman Demirel Üniversitesi, Sosyal Bilimler Enstitüsü, Kamu Yönetimi Anabilim Dalı, 2007. / Kaynakça var.
|
569 |
Migration and memory : reflections on schooling and community by Sikh immigrant youth /Verma, Rita. January 2004 (has links)
Thesis (Ph. D.)--University of Wisconsin--Madison, 2004. / Includes bibliographical references (p. 274-280). Also available on the Internet.
|
570 |
"Ett lugnt hörn när det är kaos i världen" : en studie om varför barnprogrammet Bolibompa ser ut som det gör under och dagarna efter en katastrofIsaksson, Linnea, Jeppsson, Elise January 2008 (has links)
<p>This study intends to examine why the Swedish children’s programme Bolibompa is produced the way it is during a larger catastrophe. Our intention was to find out how the editorial staff, in the children’s department in the public service television of Sweden (SVT),was handling the Estonia disaster, the September 11 attacks and the Asian Tsunami. To accomplish that, we first had to find out how the children’s programme looked during these catastrophes and also understand how the editorial staff was working with children’s programme during ordinary days.</p><p>To achieve our purpose we have been interviewing five persons from SVT, who was involved in producing the children’s programme during these three catastrophes. The method we used was qualitative research interview and theories of socialisation, media effects, social responsibility and theories of rhetoric mass media guided our study.</p><p>We found out that the editorial staff was producing the children’s programme differently during each catastrophe. When the Estonia disaster occurred, the children’s programme was delayed because of extended news. Next to the children’s programme a host was talking directly to the children trying to explain the accident. The day after the September 11 attacks the host of the children’s programme was discussing the catastrophe with invited guests in the TV studio. The editorial staff thought that many children were frightened at the time and that explains why they decided to keep a conversation. During the Asian Tsunami, SVT was broadcasting a Christmas special, and the children’s programmes weren’t changed at all,mostly because a break in the Christmas series would cause a lot of problems.</p>
|
Page generated in 0.0722 seconds