Universal hashing for ultra-low-power cryptographic hardware applications

Yuksel, Kaan.

January 2004

Thesis (M.S.)--Worcester Polytechnic Institute. / Keywords: self-powered; universal hashing; ultra-low-power; message authentication codes; provable security. Includes bibliographical references (p. 55-61).

The characterization of olive oils by various chromatographic and spectroscopic techniques

Quinn, Marguerite Claire

January 1997

No description available.

664

Authentication; Extraction technology

Enhancing Security in 802.11 and 802.1 X Networks with Intrusion Detection

Pattam, Shoban

20 January 2006

The convenience and low cost of 802.11-based Wireless Local Area Networks (WLANs) complemented with 802.1 X authentication has led to widespread deployment in the consumer, industrial and military sectors. The combination of wireless signals radiating further than the intended coverage area, flaws in 802.11's basic security mechanisms and vulnerabilities found in 802.1 X have been widely publicized. Military bases and navy ships are open targets for wireless attacks. Wireless Intrusion Detection System (WIDS), provides an additional (external) layer of security by combining intrusion detection, fire walling, packet filtering and determining the physical location of the intruder.

Information management

Authentication

An Efficient Scheme to Provide Real-time Memory Integrity Protection

Hu, Yin

30 April 2009

Memory integrity protection has been a longstanding issue in trusted system design. Most viruses and malware attack the system by modifying data that they are not authorized to access. With the development of the Internet, viruses and malware spread much faster than ever before. In this setting, protecting the memory becomes increasingly important. However, it is a hard problem to protect the dynamic memory. The data in the memory changes from time to time so that the schemes have to be fast enough to provide real-time protection while in the same time the schemes have to use slow crytographical functions to keep the security level. In this thesis, we propose a new fast authentication scheme for memory. As in previous proposals the scheme uses a Merkle tree to guarantee dynamic protection of memory. We use the universal hash function family NH for speed and couple it with an AES encryption in order to achieve a high level of security. The proposed scheme is much faster compared to similar schemes achieved by cryptographic hash functions such as SHA-1 due to the finer grain incremental hashing ability provided by NH. With a modified version of the proposed scheme, the system can access the data in memory without checking the integrity all the time and still keeps the same security level. This feature is mainly due to the incremental nature of NH. Moreover, we show that combining with caches and parallelism, we can achieve fast and simple software implementation.

Integrity Protection

Memory Authentication

Design and Implementation of an Intelligent SIP User Agent to Avoid ¡§Invite/Bye¡¨ Attack

Huang, Tun-ling

29 July 2008

As Voice-over-IP (VoIP) technology developed, VoIP services alternate the traditional PSTN gradually with their advantage of low rates. Instead of using the public switched telephone network, VoIP services exchange voice information over Internet. As the result, VoIP services have to suffer from the weaknesses of the IP network infrastructure and VoIP devices are easier to be attacked than traditional phones. In our research, we analyze authentication mechanisms of Session Initiation Protocol, and address the weakness of current authentication mechanisms and the security threats to SIP. We use limited resources to implement an authentication mechanism in our embedded SIP user agent. The results of the Invite/Bye attack experiments confirm that our authentication mechanism in Direct Call and Proxy Call can both avoid malicious Invite/Bye attack.

VoIP

Authentication

Security

A RSU-Based Message Authentication Scheme in Vehicular Networks

Liao, Yu-cheng

15 July 2009

In the recent years, it comes into more notice for Vehicular Ad-hoc Network (VANET) due to good applications of VANET. For example, those applications include the driving secure and some serviced applications (e.g., loading electric maps, web Service, and so on). The delivered message about driving secure is called the traffic messages, and the delivered message about serviced applications is called the routine message. The traffic message is more important than the routine message. When vehicle is driven on the road and the events are happened (example of accident, or jam), it can broadcast these happened events to notify others on the same road by VANET and let others to earlier get the awareness to avoid the more serious accident or traffic jam. In fact, these traffic messages are related to the life of driver and passengers. Thus, we must pay attention to the correctness of these traffic messages when these messages are sent in VANET, i.e., it will result the serious traffic disorder if these messages are altered or forged by illegal offenders and we don¡¦t permit this situation to occur. Hence, the network security in VANET is the emphasis in this paper. There are some studies that have proposed some scheme for message authentication in VANET. However, there still exist some imperfections in these schemes (for example, the communication overhead is too heavy). Thus, this thesis proposes two schemes to improve these drawbacks based on some schemes which had been proposed. The first proposed scheme verifies message with the RSU¡¦s aid in the RSU scenario. The second proposed scheme uses the clustering to work a rotation for verifying message for no RSU scenario. The two schemes can efficiently reduce the communication overhead to form an integrity message authentication system.

RSU

Authentication

Security

VANET

Design and Implementation of VoIP System with Accounting Application and Load Balance

Wu, Cheng-Yang

15 July 2009

As the maturation of the VoIP technique, VoIP can not only satisfy the communicating requirement of telecommunication but also provide network multimedia services. In the VoIP technique, Session Initiation Protocol (SIP) is precisely one of main protocol that is proposed by Next Generation Network (NGN) to be the first choice of voice and multimedia network control protocol. SIP also may make the union with traditional PSTN even to substitute, and is easier to use and to operate for the PSTN user. In our research, we make a network billing system in view of the SIP environment, and with the increasing of the VoIP population, using single server is unable to afford so much loading. It is possible that the large load makes the service stop anytime. Using RADIUS (remote authentication dial-in user service), an AAA (authentication, authorization, accounting) protocol, can be used for conveying accounting information between an SIP proxy server and an accounting server. To make the VoIP service work anytime, through the features of DNS (Domain Name System) and RADIUS to achieve the service that load balancing and VoIP can be provided anytime.

Accounting

Authorization

VoIP

Authentication

National authentication framework implementation study

Mok, Chuan-Hao.

January 2009

Thesis (M.S. in Computer Science)--Naval Postgraduate School, December 2009. / Thesis Advisor(s): Lundy, Bert ; Fulp, J. D. "December 2009." Description based on title screen as viewed on January 27, 2010. Author(s) subject terms: authentication, identity, OpenID, Infocard, SAML, WS-Federation, PKI, National Authentication Framework. Includes bibliographical references (p. 59-62). Also available in print.

The classification of e-authentication protocols for targeted applicability

Chia, Wan Yin.

January 2009

Thesis (M.S. in Computer Science)--Naval Postgraduate School, December 2009. / Thesis Advisor(s): Fulp, J. D. ; Huffmire, Ted. "December 2009." Description based on title screen as viewed on February 01, 2010. Author(s) subject terms: Authentication protocols, taxonomy, protocol classification, protocol applicability, operating environment. Includes bibliographical references (p. 69-72). Also available in print.

Computer networks Authentication.

Personal identification/authentication by using hand geometry /

Wong, Chin Man.

January 2003

Thesis (M. Phil.)--Hong Kong University of Science and Technology, 2003. / Includes bibliographical references (leaves 104-109). Also available in electronic version. Access restricted to campus users.

Identification Authentication Hand