Global ETD Search

1	Jedno-průchodová schémata autentizovaného šifrování / One-Pass Authenticated Encryption Homer, Miloslav January 2018 (has links) The topic of this thesis are mask based one-pass authenticated encryption schemes with associated data. Formal security requirements (AUTH and PRIV), scheme requirements as well as mask system requirements are specified. The- orems regarding fulfillment of security requirements are proven given specified scheme assumptions. The proof utilizes the game-hopping technique. The the- sis contains enumeration of masking systems as well as a selection of schemes with verification that requirements are fulfilled. Last but not least, this thesis presents an attack on the OPP scheme. Recommendation on fixing this scheme is also provided. 1
2	Vector Instruction Set Extensions for Efficient and Reliable Computation of Keccak Rawat, Hemendra Kumar 27 August 2016 (has links) Recent processor architectures such as Intel Westmere (and later) and ARMv8 include instruction-level support for the Advanced Encryption Standard (AES), for the Secure Hashing Standard (SHA-1, SHA2) and for carry-less multiplication. These crypto-instructions are optimized for a single algorithm and provide significant performance improvements over software written using general-purpose instruction set. However, today's secure systems and protocols do not rely on just one, but a suite of many cryptographic applications that are expected to work in a correct and reliable manner. In this work, we propose a new instruction set for supporting efficient and reliable cryptography on modern processors. For efficiency, we propose flexible instruction set extensions for Keccak, a cryptographic kernel for hashing, authenticated encryption, key-stream generation and random-number generation. Keccak is the basis of the SHA-3 standard and the newly proposed Keyak and Ketje authenticated ciphers. For reliability, we propose a set of trusted instructions to verify the integrity of a cryptographic software library. These instructions are aimed at detecting tamper in the software or in the configurable hardware. We develop the instruction extensions for a 128-bit interface, commonly available in the vector processing unit of many modern processors. Simulation results on GEM5 architectural simulator show that the proposed instructions not only improves the performance of Keccak applications by 2 times (over NEON programming) and 6 times (over assembly programming), but also improves the reliability of applications at a performance overhead of just 6%. / Master of Science SIMD Instruction Set Extensions SHA-3 Hashing Authenticated Encryption Software Integrity
3	Efficiency of Logic Minimization Techniques for Cryptographic Hardware Implementation Raghuraman, Shashank 15 July 2019 (has links) With significant research effort being directed towards designing lightweight cryptographic primitives, logical metrics such as gate count are extensively used in estimating their hardware quality. Specialized logic minimization tools have been built to make use of gate count as the primary optimization cost function. The first part of this thesis aims to investigate the effectiveness of such logical metrics in predicting hardware efficiency of corresponding circuits. Mapping a logical representation onto hardware depends on the standard cell technology used, and is driven by trade-offs between area, performance, and power. This work evaluates aforementioned parameters for circuits optimized for gate count, and compares them with a set of benchmark designs. Extensive analysis is performed over a wide range of frequencies at multiple levels of abstraction and system integration, to understand the different regions in the solution space where such logic minimization techniques are effective. A prototype System-on-Chip (SoC) is designed to benchmark the performance of these circuits on actual hardware. This SoC is built with an aim to include multiple other cryptographic blocks for analysis of their hardware efficiency. The second part of this thesis analyzes the overhead involved in integrating selected authenticated encryption ciphers onto an SoC, and explores different design alternatives for the same. Overall, this thesis is intended to serve as a comprehensive guideline on hardware factors that can be overlooked, but must be considered during logical-to-physical mapping and during the integration of standalone cryptographic blocks onto a complete system. / Master of Science / The proliferation of embedded smart devices for the Internet-of-Things necessitates a constant search for smaller and power-efficient hardware. The need to ensure security of such devices has been driving extensive research on lightweight cryptography, which focuses on minimizing the logic footprint of cryptographic hardware primitives. Different designs are optimized, evaluated, and compared based on the number of gates required to express them at a logical level of abstraction. The expectation is that circuits requiring fewer gates to represent their logic will be smaller and more efficient on hardware. However, converting a logical representation into a hardware circuit, known as “synthesis”, is not trivial. The logic is mapped to a “library” of hardware cells, and one of many possible solutions for a function is selected - a process driven by trade-offs between area, speed, and power consumption on hardware. Our work studies the impact of synthesis on logical circuits with minimized gate count. We evaluate the hardware quality of such circuits by comparing them with that of benchmark designs over a range of speeds. We wish to answer questions such as “At what speeds do logical metrics rightly predict area- and power-efficiency?”, and “What impact does this have after integrating cryptographic primitives onto a complete system?”. As part of this effort, we build a System-on-Chip in order to observe the efficiency of these circuits on actual hardware. This chip also includes recently developed ciphers for authenticated encryption. The second part of this thesis explores different ways of integrating these ciphers onto a system, to understand their effect on the ciphers’ compactness and performance. Our overarching aim is to provide a suitable reference on how synthesis and system integration affect the hardware quality of cryptographic blocks, for future research in this area. Logic synthesis Cryptographic hardware Circuit minimization Leon-3 System-on-Chip Authenticated encryption hardware
4	Chiffrement authentifié sur FPGAs de la partie reconfigurable à la partie static / Authenticated Encryption on FPGAs from the Reconfigurable Part to the Static Part Moussa Ali Abdellatif, Karim 07 October 2014 (has links) Les systèmes de communication ont besoin d'accéder, stocker, manipuler, ou de communiquer des informations sensibles. Par conséquent, les primitives cryptographiques tels que les fonctions de hachage et le chiffrement par blocs sont déployés pour fournir le cryptage et l'authentification. Récemment, des techniques ont été inventés pour combiner cryptage et d'authentification en un seul algorithme qui est appelé authentifiés Encryption (AE). La combinaison de ces deux services de sécurité dans le matériel de meilleures performances par rapport aux deux algorithmes séparés puisque l'authentification et le cryptage peuvent partager une partie du calcul. En raison de la combinaison de la programmation de l'exécution d'matériel personnalisé, FPGA deviennent plus communs comme cible d'une mise en œuvre de ces algorithmes. La première partie de cette thèse est consacrée aux architectures d'algorithmes AE, AES-GCM et AEGIS-128 à base de FPGA efficaces et à grande vitesse, afin d'être utilisé dans la partie reconfigurable FPGA pour soutenir les services de sécurité des systèmes de communication. Notre focalisation sur l'état de l'art conduit à la mise en place d'architectures à haute vitesse pour les applications lentes touches changeantes comme les réseaux privés virtuels (VPN). En outre, nous présentons un procédé efficace pour mettre en oeuvre le GF($2^{128}$) multiplicateur, qui est responsable de la tâche d'authentification en AES-GCM, pour supporter les applications à grande vitesse. En outre, un système efficace AEGIS-128 est également mis en œuvre en utilisant seulement cinq tours AES. Nos réalisations matérielles ont été évaluées à l'aide Virtex-5 et Virtex-4 FPGA. La performance des architectures présentées (Thr. / Parts) surpasse ceux signalés précédemment.La deuxième partie de la thèse présente des techniques pour des solutions à faible coût afin de garantir la reconfiguration du FPGA. Nous présentons différentes gammes de mises en œuvre à faible coût de AES-GCM, AES-CCM, et AEGIS-128, qui sont utilisés dans la partie statique du FPGA afin de décrypter et authentifier le bitstream FPGA. Architectures ASIC présentées ont été évaluées à l'aide de 90 et 65 technologies nm et présentent de meilleures performances par rapport aux travaux antérieurs. / Communication systems need to access, store, manipulate, or communicate sensitive information. Therefore, cryptographic primitives such as hash functions and block ciphers are deployed to provide encryption and authentication. Recently, techniques have been invented to combine encryption and authentication into a single algorithm which is called Authenticated Encryption (AE). Combining these two security services in hardware produces better performance compared to two separated algorithms since authentication and encryption can share a part of the computation. Because of combining the programmability with the performance ofcustom hardware, FPGAs become more common as an implementation target for such algorithms. The first part of this thesis is devoted to efficient and high-speed FPGA-based architectures of AE algorithms, AES-GCM and AEGIS-128, in order to be used in the reconfigurable part of FPGAs to support security services of communication systems. Our focus on the state of the art leads to the introduction of high-speed architectures for slow changing keys applications like Virtual Private Networks (VPNs). Furthermore, we present an efficient method for implementing the GF($2^{128}$) multiplier, which is responsible for the authentication task in AES-GCM, to support high-speed applications. Additionally, an efficient AEGIS-128is also implemented using only five AES rounds. Our hardware implementations were evaluated using Virtex-5 and Virtex-4 FPGAs. The performance of the presented architectures (Thr./Slices) outperforms the previously reported ones.The second part of the thesis presents techniques for low cost solutions in order to secure the reconfiguration of FPGAs. We present different ranges of low cost implementations of AES-GCM, AES-CCM, and AEGIS-128, which are used in the static part of the FPGA in order to decrypt and authenticate the FPGA bitstream. Presented ASIC architectures were evaluated using 90 and 65 nm technologies and they present better performance compared to the previous work. Chiffrement authentifié FPGAs ASIC Reconfiguration sécurisé Conception numérique Sécurité FPGAs Authenticated Encryption 004
5	Cryptanalyse des algorithmes de chiffrement symétrique / Cryptanalysis of symmetric encryption algorithms Chaigneau, Colin 28 November 2018 (has links) La sécurité des transmissions et du stockage des données est devenue un enjeu majeur de ces dernières années et la cryptologie, qui traite de la protection algorithmique de l'information, est un sujet de recherche extrêmement actif. Elle englobe la conception d'algorithmes cryptographiques, appelée cryptographie, et l'analyse de leur sécurité, appelée cryptanalyse.Dans cette thèse, nous nous concentrons uniquement sur la cryptanalyse, et en particulier celle des algorithmes de chiffrement symétrique, qui reposent sur le partage d'un même secret entre l'entité qui chiffre l'information et celle qui la déchiffre. Dans ce manuscrit, trois attaques contre des algorithmes de chiffrement symétriques sont présentées. Les deux premières portent sur deux candidats de l'actuelle compétition cryptographique CAESAR, les algorithmes AEZ et NORX, tandis que la dernière porte sur l'algorithme Kravatte, une instance de la construction Farfalle qui utilise la permutation de la fonction de hachage décrite dans le standard SHA-3. Les trois algorithmes étudiés présentent une stratégie de conception similaire, qui consiste à intégrer dans une construction nouvelle une primitive, i.e. une fonction cryptographique élémentaire, déjà existante ou directement inspirée de travaux précédents.La compétition CAESAR, qui a débuté en 2015, a pour but de définir un portefeuille d'algorithmes recommandés pour le chiffrement authentifié. Les deux candidats étudiés, AEZ et NORX, sont deux algorithmes qui ont atteint le troisième tour de cette compétition. Les deux attaques présentées ici ont contribué à l'effort de cryptanalyse nécessaire dans une telle compétition. Cet effort n'a, en l'occurrence, pas permis d'établir une confiance suffisante pour justifier la présence des algorithmes AEZ et NORX parmi les finalistes.AEZ est une construction reposant sur la primitive AES, dont l'un des principaux objectifs est d'offrir une résistance optimale à des scénarios d'attaque plus permissifs que ceux généralement considérés pour les algorithmes de chiffrement authentifié. Nous montrons ici que dans de tels scénarios il est possible, avec une probabilité anormalement élevée, de retrouver l'ensemble des secrets utilisés dans l'algorithme.NORX est un algorithme de chiffrement authentifié qui repose sur une variante de la construction dite en éponge employée par exemple dans la fonction de hachage Keccak. Sa permutation interne est inspirée de celles utilisées dans BLAKE et ChaCha. Nous montrons qu'il est possible d'exploiter une propriété structurelle de cette permutation afin de récupérer la clé secrète utilisée. Pour cela, nous tirons parti du choix des concepteurs de réduire les marges de sécurité dans le dimensionnement de la construction en éponge.Enfin, la dernière cryptanalyse remet en cause la robustesse de l'algorithme Kravatte, une fonction pseudo-aléatoire qui autorise des entrées et sorties de taille variable. Dérivée de la permutation Keccak-p de SHA-3 au moyen de la construction Farfalle, Kravatte est efficace et parallélisable. Ici, nous exploitons le faible degré algébrique de la permutation interne pour mettre au jour trois attaques par recouvrement de clé : une attaque différentielle d'ordre supérieur, une attaque algébrique "par le milieu" et une attaque inspirée de la cryptanalyse de certains algorithmes de chiffrement à flot. / Nowadays, cryptology is heavily used to protect stored and transmitted data against malicious attacks, by means of security algorithms. Cryptology comprises cryptography, the design of these algorithms, and cryptanalysis, the analysis of their security.In this thesis, we focus on the cryptanalysis of symmetric encryption algorithms, that is cryptographic algorithms that rely on a secret value shared beforehand between two parties to ensure both encryption and decryption. We present three attacks against symmetric encryption algorithms. The first two cryptanalyses target two high profile candidates of the CAESAR cryptographic competition, the AEZ and NORX algorithms, while the last one targets the Kravatte algorithm, an instance of the Farfalle construction based on the Keccak permutation. Farfalle is multipurpose a pseudo-random function (PRF) developed by the same designers' team as the permutation Keccak used in the SHA-3 hash function.The CAESAR competition, that began in 2015, aims at selecting a portfolio of algorithms recommended for authenticated encryption. The two candidates analysed, AEZ and NORX, reached the third round of the CAESAR competition but were not selected to be part of the finalists. These two results contributed to the cryptanalysis effort required in such a competition. This effort did not establish enough confidence to justify that AEZ and NORX accede to the final round of the competition.AEZ is a construction based on the AES primitive, that aims at offering an optimal resistance against more permissive attack scenarios than those usually considered for authenticated encryption algorithms. We show here that one can recover all the secret material used in AEZ with an abnormal success probability.NORX is an authenticated encryption algorithm based on a variant of the so-called sponge construction used for instance in the SHA-3 hash function. The internal permutation is inspired from the one of BLAKE and ChaCha. We show that one can leverage a strong structural property of this permutation to recover the secret key, thanks to the designers' non-conservative choice of reducing the security margin in the sponge construction.Finally, the last cryptanalysis reconsiders the robustness of the Kravatte algorithm. Kravatte is an efficient and parallelizable PRF with input and output of variable length. In this analysis, we exploit the low algebraic degree of the permutation Keccak used in Kravatte to mount three key-recovery attacks targeting different parts of the construction: a higher order differential attack, an algebraic meet-in-the-middle attack and an attack based on a linear recurrence distinguisher. Cryptographie symétrique Cryptanalyse Chiffrement par bloc Chiffrement à flot Chiffrement authentifié Symmetric cryptography Cryptanalysis Block ciphers Stream ciphers Authenticated encryption 005.82
6	Akcelerace vektorových a krytografických operací na platformě x86-64 / Acceleration of Vector and Cryptographic Operations on x86-64 Platform Šlenker, Samuel January 2017 (has links) The aim of this thesis was to study and subsequently process a comparison of older and newer SIMD processing units of modern microprocessors on the x86-64 platform. The thesis provides an overview of the fastest computations of vector operations with matrices and vectors, including corresponding source codes. Furthermore, the thesis is focused on authenticated encryption, specifically on block cipher AES operating in Galois Counter Mode, and on a discussion of possibilities of instruction sets for cryptographic support.
7	Algoritmos de autenticação de mensagens para redes de sensores. / Message authentication algorithms for wireless sensor networks. Simplício Junior, Marcos Antonio 12 March 2010 (has links) Prover segurança às informações trafegadas nos mais diversos tipos de redes é algo essencial. Entretanto, redes altamente dependentes de dispositivos com recursos limitados (como sensores, tokens e smart cards) apresentam um desafio importante: a reduzida disponibilidade de memória e energia destes dispositivos, bem como sua baixa capacidade de processamento, dificultam a utilização de diversos algoritmos criptográficos considerados seguros atualmente. Este é o caso não apenas de cifras simétricas, que proveem confidencialidade aos dados, mas também de MACs (Message Authentication Code, ou Código de Autenticação de Mensagem), que garantem sua integridade e autenticidade. De fato, algumas propostas recentes de cifras de bloco dedicadas a plataformas limitadas (e.g., o Curupira-2) proveem segurança e desempenho em um nível mais adequado a este tipo de cenário do que soluções tradicionais. Seguindo uma linha semelhante, o presente trabalho concentra-se no projeto e análise MACs leves e seguros voltados a cenários com recursos limitados, com foco especial em redes de sensores sem fio (RSSF). Marvin é o nome do algoritmo de MAC proposto neste trabalho. Marvin adota a estrutura Alred, que reutiliza porções de código de uma cifra de bloco subjacente e, assim, introduz um reduzido impacto em termos de ocupação de memória. Este algoritmo apresenta uma estrutura bastante flexível e é altamente paralelizável, permitindo diversas otimizações em função dos recursos disponíveis na plataforma alvo. Como vantagem adicional, Marvin pode ser usado tanto em cenários que necessitam apenas da autenticação de mensagens quanto em esquemas de AEAD (Authenticated- Encryption with Associated Data, ou Encriptação Autenticada com Dados Associados), que aliam encriptação e autenticação. O esquema de AEAD proposto neste trabalho, denominado LetterSoup, explora as características da estrutura do Mar vin e adota uma cifra de bloco operando no modo LFSRC (Linear Feedback Shift Register Counter, ou Contador-Registrador de Deslocamento Linear com Retroalimentação). Além da especificação de ambos os algoritmos, este documento apresenta uma análise detalhada da segurança e desempenho dos mesmos em alguns cenários representativos. / Security is an important concern in any modern network. However, networks that are highly dependent on constrained devices (such as sensors, tokens and smart cards) impose a difficult challenge: their reduced availability of memory, processing power and (specially) energy hinders the deployment of many modern cryptographic algorithms known to be secure. This inconvenience affects not only the deployment of symmetric ciphers, which provide data confidentiality, but also Message Authentication Codes (MACs), used to attest the messages integrity and authenticity. Due to the existence of dedicated block ciphers whose performance and security are adequate for use in resource-constrained scenarios (e.g., the Curupira-2), the focus of this document is on the design and analysis of message authentication algorithms. Our goal is to develop a secure and lightweight solution for deployment on resource constrained scenarios, with especial focus on Wireless Sensor Networks (WSNs). Marvin is the name of the MAC algorithm proposed in this document. Marvin adopts the Alred structure, allowing it to reuse parts of an underlying block cipher machinery; as a result, Marvins implementation builds on the ciphers efficiency and introduces little impact in terms of memory occupation. Moreover, this algorithm presents a flexible and highly parallelizable structure, allowing many implementation optimizations depending on the resources available on the target platform. Marvin can be used not only as an authentication-only function, but also in an Authenticated- Encryption with Associated Data (AEAD) scheme, combining authentication and encryption. In this document, we define a new AEAD proposal called LetterSoup, which is based on the LFSRC (Linear Feedback Shift Register Counter) mode of operation and builds on Marvin. Together with the specification of both algorithms, we provide a detailed security analysis and evaluate their performance in some representative scenarios. Constrained platforms Criptografia Cryptography Message Authentication Codes (MACs) Redes com recursos limitados Redes de sensores sem fio Wireless sensor networks
8	Algoritmos de autenticação de mensagens para redes de sensores. / Message authentication algorithms for wireless sensor networks. Marcos Antonio Simplício Junior 12 March 2010 (has links) Prover segurança às informações trafegadas nos mais diversos tipos de redes é algo essencial. Entretanto, redes altamente dependentes de dispositivos com recursos limitados (como sensores, tokens e smart cards) apresentam um desafio importante: a reduzida disponibilidade de memória e energia destes dispositivos, bem como sua baixa capacidade de processamento, dificultam a utilização de diversos algoritmos criptográficos considerados seguros atualmente. Este é o caso não apenas de cifras simétricas, que proveem confidencialidade aos dados, mas também de MACs (Message Authentication Code, ou Código de Autenticação de Mensagem), que garantem sua integridade e autenticidade. De fato, algumas propostas recentes de cifras de bloco dedicadas a plataformas limitadas (e.g., o Curupira-2) proveem segurança e desempenho em um nível mais adequado a este tipo de cenário do que soluções tradicionais. Seguindo uma linha semelhante, o presente trabalho concentra-se no projeto e análise MACs leves e seguros voltados a cenários com recursos limitados, com foco especial em redes de sensores sem fio (RSSF). Marvin é o nome do algoritmo de MAC proposto neste trabalho. Marvin adota a estrutura Alred, que reutiliza porções de código de uma cifra de bloco subjacente e, assim, introduz um reduzido impacto em termos de ocupação de memória. Este algoritmo apresenta uma estrutura bastante flexível e é altamente paralelizável, permitindo diversas otimizações em função dos recursos disponíveis na plataforma alvo. Como vantagem adicional, Marvin pode ser usado tanto em cenários que necessitam apenas da autenticação de mensagens quanto em esquemas de AEAD (Authenticated- Encryption with Associated Data, ou Encriptação Autenticada com Dados Associados), que aliam encriptação e autenticação. O esquema de AEAD proposto neste trabalho, denominado LetterSoup, explora as características da estrutura do Mar vin e adota uma cifra de bloco operando no modo LFSRC (Linear Feedback Shift Register Counter, ou Contador-Registrador de Deslocamento Linear com Retroalimentação). Além da especificação de ambos os algoritmos, este documento apresenta uma análise detalhada da segurança e desempenho dos mesmos em alguns cenários representativos. / Security is an important concern in any modern network. However, networks that are highly dependent on constrained devices (such as sensors, tokens and smart cards) impose a difficult challenge: their reduced availability of memory, processing power and (specially) energy hinders the deployment of many modern cryptographic algorithms known to be secure. This inconvenience affects not only the deployment of symmetric ciphers, which provide data confidentiality, but also Message Authentication Codes (MACs), used to attest the messages integrity and authenticity. Due to the existence of dedicated block ciphers whose performance and security are adequate for use in resource-constrained scenarios (e.g., the Curupira-2), the focus of this document is on the design and analysis of message authentication algorithms. Our goal is to develop a secure and lightweight solution for deployment on resource constrained scenarios, with especial focus on Wireless Sensor Networks (WSNs). Marvin is the name of the MAC algorithm proposed in this document. Marvin adopts the Alred structure, allowing it to reuse parts of an underlying block cipher machinery; as a result, Marvins implementation builds on the ciphers efficiency and introduces little impact in terms of memory occupation. Moreover, this algorithm presents a flexible and highly parallelizable structure, allowing many implementation optimizations depending on the resources available on the target platform. Marvin can be used not only as an authentication-only function, but also in an Authenticated- Encryption with Associated Data (AEAD) scheme, combining authentication and encryption. In this document, we define a new AEAD proposal called LetterSoup, which is based on the LFSRC (Linear Feedback Shift Register Counter) mode of operation and builds on Marvin. Together with the specification of both algorithms, we provide a detailed security analysis and evaluate their performance in some representative scenarios. Criptografia Redes com recursos limitados Redes de sensores sem fio Constrained platforms Cryptography Message Authentication Codes (MACs) Wireless sensor networks

Search results