Global ETD Search

611	Secure Computation Towards Practical Applications Krell Loy, Fernando January 2016 (has links) Secure multi-party computation (MPC) is a central area of research in cryptography. Its goal is to allow a set of players to jointly compute a function on their inputs while protecting and preserving the privacy of each player's input. Motivated by the huge growth of data available and the rise of global privacy concerns of entities using this data, we study the feasibility of using secure computation techniques on large scale data sets to address these concerns. An important limitation of generic secure computation protocols is that they require at least linear time complexity. This seems to rule out applications involving big amounts of data. On the other hand, specific applications may have particular properties that allow for ad-hoc secure protocols overcoming the linear time barrier. In addition, in some settings the full level of security guaranteed by MPC protocols may not be required, and some controlled amount of privacy leakage can be acceptable. Towards this end, we first take a theoretical point of view, and study whether sublinear time RAM programs can be computed securely with sublinear time complexity in the two party setting. We then take a more practical approach, and study the specific scenario of private database querying, where both the server's data and the client's query need to be protected. In this last setting we provide two private database management systems achieving different levels of efficiency, functionality, and security. These three results provide an overview of this three-dimensional trade-off space. For the above systems, we describe formal security definitions and stablish mathematical proofs of security. We also take a practical approach roviding an implementation of the systems and experimental analysis of their efficiency. Computer security Data encryption (Computer science) Computer science Cryptography Information technology
612	A secure quorum based multi-tag RFID system Al-Adhami, Ayad January 2018 (has links) Radio Frequency Identification (RFID) technology has been expanded to be used in different fields that need automatic identifying and verifying of tagged objects without human intervention. RFID technology offers a great advantage in comparison with barcodes by providing accurate information, ease of use and reducing of labour cost. These advantages have been utilised by using passive RFID tags. Although RFID technology can enhance the efficiency of different RFID applications systems, researchers have reported issues regarding the use of RFID technology. These issues are making the technology vulnerable to many threats in terms of security and privacy. Different RFID solutions, based on different cryptography primitives, have been developed. Most of these protocols focus on the use of passive RFID tags. However, due to the computation feasibility in passive RFID tags, these tags might be vulnerable to some of the security and privacy threats. , e.g. unauthorised reader can read the information inside tags, illegitimate tags or cloned tags can be accessed by a reader. Moreover, most consideration of reserchers is focus on single tag authentication and mostly do not consider scenarios that need multi-tag such as supply chain management and healthcare management. Secret sharing schemes have been also proposed to overcome the key management problem in supply chain management. However, secret sharing schemes have some scalability limitations when applied with high numbers of RFID tags. This work is mainly focused on solving the problem of the security and privacy in multi-tag RFID based system. In this work firstly, we studied different RFID protocols such as symmetric key authentication protocols, authentication protocols based on elliptic curve cryptography, secret sharing schemes and multi-tag authentication protocols. Secondly, we consider the significant research into the mutual authentication of passive RFID tags. Therefore, a mutual authentication scheme that is based on zero-knowledge proof have been proposed . The main object of this work is to develop an ECC- RFID based system that enables multi-RFID tags to be authenticated with one reader by using different versions of ECC public key encryption schemes. The protocol are relied on using threshold cryptosystems that operate ECC to generate secret keys then distribute and stored secret keys among multi RFID tags. Finally, we provide performance measurement for the implementation of the proposed protocols.
613	An algebraic attack on block ciphers Unknown Date (has links) The aim of this work is to investigate an algebraic attack on block ciphers called Multiple Right Hand Sides (MRHS). MRHS models a block cipher as a system of n matrix equations Si := Aix = [Li], where each Li can be expressed as a set of its columns bi1, . . . , bisi . The set of solutions Ti of Si is dened as the union of the solutions of Aix = bij , and the set of solutions of the system S1, . . . , Sn is dened as the intersection of T1, . . . , Tn. Our main contribution is a hardware platform which implements a particular algorithm that solves MRHS systems (and hence block ciphers). The case is made that the platform performs several thousand orders of magnitude faster than software, it costs less than US$1,000,000, and that actual times of block cipher breakage can be calculated once it is known how the corresponding software behaves. Options in MRHS are also explored with a view to increase its efficiency. / by Kenneth Matheis. / Thesis (M.S.C.S.)--Florida Atlantic University, 2010. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2010. Mode of access: World Wide Web. Ciphers Cryptography Data encryption (Computer science) Computer security Coding theory
614	An inductive RFID system with build-in asynchronous ECC crypto-processor. / CUHK electronic theses & dissertations collection January 2008 (has links) Radio Frequency Identification (RFID) has received a great deal of attention in past decades. It is an automatic identification system by replying and retrieving data remotely using RFID transponders. Basically, RFID systems can be divided into three main categories: short transmission range, medium transmission range, and long transmission range. / Short and medium range RFIDs generally are passive transponders while long range RFID is of either passive or active type. In this thesis, a short transmission range RFID transponder is presented. This is a passive transponder which generates power for internal circuitry by inductive coupling. For automatic identification applications such as electronic money tickets, the requirements of endurance, weight, size as well as cost appeal to use passive transponder rather than active transponder. Researches on the passive transponders have created a great challenge for engineers in terms of the tradeoff between power constraints, processing power and data transmission range. / The presented RFID transponder system adheres to the ISO 14443 standard Type B specification communication interface, which operates at 13.56MHz carrier frequency with a maximum read range around 50 mm. This research implemented a low power, high security, and long read range RFID transponder. For the analog RF interface, a series of novel architectures are adopted to improve the data transmission range. The digital core in the presented crypto-processor for data security. The asynchronous architecture has the advantages of fast computation time, low power consumption and small area. These are the attractive reasons to implement the core processing units using an asynchronous architecture. / This RFID system was fabricated with a 0.35um two-poly four-metal standard CMOS process with the silicon area of 1516 um x 1625 um. The measurement results show that the analog RF interface can generate a maximum 5.45mW power while the digital core circuit consumes only 2.77mW. In the wireless communication tests, the transponder read range can reach as far as 50 mm. / Leung, Pak Keung. / "June 2008." / Adviser: Choy Chin Sing. / Source: Dissertation Abstracts International, Volume: 70-03, Section: B, page: 1847. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2008. / Includes bibliographical references. / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307. Cryptography Curves, Elliptic--Data processing Radio frequency identification systems
615	Quantum cryptography and applications in the optical fiber network. / CUHK electronic theses & dissertations collection / Digital dissertation consortium January 2005 (has links) In this thesis research, a novel scheme to implement quantum key distribution based on multiphoton entanglement with a new protocol is proposed. Its advantages are: a larger information capacity can be obtained with a longer transmission distance and the detection of multiple photons is easier than that of a single photon. The security and attacks pertaining to such a system are also studied. / Lastly, a quantum random number generator based on quantum optics has been experimentally demonstrated. This device is a key component for quantum key distribution as it can create truly random numbers, which is an essential requirement to perform quantum key distribution. This new generator is composed of a single optical fiber coupler with fiber pigtails, which can be easily used in optical fiber communications. / Next, a quantum key distribution over wavelength division multiplexed (WDM) optical fiber networks is realized. Quantum key distribution in networks is a long-standing problem for practical applications. Here we combine quantum cryptography and WDM to solve this problem because WDM technology is universally deployed in the current and next generation fiber networks. The ultimate target is to deploy quantum key distribution over commercial networks. The problems arising from the networks are also studied in this part. / Quantum cryptography, as part of quantum information and communications, can provide absolute security for information transmission because it is established on the fundamental laws of quantum theory, such as the principle of uncertainty, No-cloning theorem and quantum entanglement. / Then quantum key distribution in multi-access networks using wavelength routing technology is investigated in this research. For the first time, quantum cryptography for multiple individually targeted users has been successfully implemented in sharp contrast to that using the indiscriminating broadcasting structure. It overcomes the shortcoming that every user in the network can acquire the quantum key signals intended to be exchanged between only two users. Furthermore, a more efficient scheme of quantum key distribution is adopted, hence resulting in a higher key rate. / Luo, Yuhui. / "January 2005." / Adviser: K. T. Chan. / Source: Dissertation Abstracts International, Volume: 67-01, Section: B, page: 0338. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2005. / Includes bibliographical references. / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. Ann Arbor, MI : ProQuest Information and Learning Company, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307. Computer networks Cryptography Data encryption (Computer science) Fiber optics Optical communications
616	Uma Arquitetura para Controle e Proteção de Direitos Autorais de Hiperdocumentos na Internet / An architecture for control and copyright protection of hyperdocuments on the internet Prokopetz, Klaus January 1999 (has links) Com o crescimento exponencial da WWW - World Wide Web, muitos hiperdocumentos, ou alguns de seus componentes, podem aparecer ilegalmente em algum site. O maior impedimento para o use generalizado da Internet como meio de disseminação de informações tem sido a facilidade de interceptar, copiar e redistribuir hiperdocumentos ou partes destes, exatamente como na sua forma original. Por esta razão, ate agora as aplicações na rede tem se destinado, com as devidas exceções, para publicações de documentos gratuitos ou de publicidade comercial ou artística [RUA97]. Devemos considerar que não ha e é pouco provável que se obtenha uma maneira absolutamente segura de proteger um hiperdocumento e todos seus componentes do ataque de piratas em um canal inseguro de comunicação como a Internet. No entanto, algumas técnicas podem tomar o hiperdocumento menos vulnerável. Com a certeza de que, dado tempo e recursos necessários, ainda poderá ser pirateado. Todavia, se esta tarefa for onerosa o suficiente a ponto de tornar mais fácil simplesmente adquirir uma copia legal do hiperdocumento ao invés de pirateá-lo, então podemos considerar que o hiperdocumento está seguro. Uma alternativa para dificultar o trabalho dos piratas seria tornar cada copia do hiperdocumento uma versão única, embutindo algum meio de identificação do autor e do leitor que teve acesso aquela cópia. Assim, se uma copia ilegal for encontrada, seria possível identificar o leitor que desencadeou, propositadamente ou não, o processo de copias ilegais e conseqüentemente rastrear os piratas envolvidos. A ideia é nunca disponibilizar uma copia desprotegida. 0 leitor deve ter acesso sempre a cópias marcadas. Estas marcas devem estar embutidas de forma que os piratas não consigam localizá-las, nem retirá-las e, preferencialmente nem desconfiem de sua existência. Neste enfoque, este trabalho propõe uma arquitetura de controle e proteção de direitos autorais. Esta arquitetura encontra uma solução para o problema da pirataria utilizando as técnicas de criptografia e watermark. Para isto, são utilizados dois módulos: um para o autor e outro para o leitor. O primeiro é um aplicativo que a partir da versão original de um hiperdocumento gera uma versão protegida. Esta poderá ser disponibilizada em qualquer site da Internet, sem nenhum controle adicional sobre a mesma. 0 segundo é um plug-in para browser da Internet, que interpreta a versão protegida, confere a identificação do leitor e, antes de disponibilizar o hiperdocumento, insere neste uma marca de identificação do autor e do leitor. Adicionalmente, o modulo leitor pode comunicar para o autor todas as tentativas de acesso, autorizadas ou não, ao seu hiperdocumento. A solução utiliza técnicas de criptografia para garantir a segurança do hiperdocumento durante seu armazenamento no site do autor, durante sua transferência ate o computador do leitor e para identificação do leitor. Depois o controle de acesso e proteção ao hiperdocumento é garantido por técnicas de watermark. / With the fast development of the World Wide Web (WWW), many hyperdocuments - or parts of them - may appear illegally at several sites. The ease with which hyperdocuments can be intercepted, copied and redistributed is the most important obstacle for the use of the Internet as a means to disseminate information. That is why, until now, the WWW has been used mostly (with a few exceptions) for the publication of free documents or for commercial and artistic advertising [RUA97]. Currently, there is no way that is absolutely secure to protect hyperdocuments against hackers — and it is unlikely that there will be one any time soon. However, there are techniques that can make hyperdocuments less vulnerable, even if this protection can also be broken given enough time and effort. Still, if piracy becomes costly enough so that it is easier to simply obtain hyperdocuments by legal means, than we can assume that the hyperdocument is secure. One option to make piracy harder would be to make each copy of a hyperdocument a unique version, encoding some sort of identification of both the author and the reader having access to that specific copy. This would allow identification of readers who started (deliberately or not) the process of illegally copying a document, and also tracing of the hackers involved. The idea is not to release an unprotected copy ever. Readers must have access to identified copies only. The identification marks should be embedded in such a way that it would not be possibly to either recognize or remove them. Ideally, hyperdocument hackers would not be aware of the existence of such marks. The present thesis proposes an architecture for control and protection of copyright, utilizing the techniques of cryptography and watermark. For that, two modules are employed, one for the author and another one for the reader. The first module creates a protected version of an original hyperdocument. This version can be published at any Internet site without additional security control. The second is a plug-in module for Internet browsers. It reads the protected version, checks the reader's identification and inserts the author's and the reader's identification mark in the hyperdocument before releasing it. In addition, the second module informs the author of how many attempts (authorized or not) have been made to access the hyperdocument. The solution presented herein utilizes cryptographic techniques to ensure that a hyperdocument will be secure while stored at the author's site, during download to the reader's computer, and during reader identification. After that, watermark techniques ensure protection and access to the hyperdocument. Automação : Escritórios Hiperdocumento Direito autoral : Internet Marca d'agua digital Criptografia Hyperdocument Copyright Stegnography Watermark Cryptography
617	Contributions à la cryptographie ADN : applications à la transmission sécurisée du texte et de l'image / Contributions to DNA cryptography : applications to text and image secure transmission Tornea, Olga 13 November 2013 (has links) La cryptographie ADN est un domaine nouveau et prometteur pour la sécurité de l'information. C'est une combinaison des solutions classiques de cryptographie avec les avantages du matériel génétique. En effet, il est possible de bénéficier des avantages des systèmes cryptographiques classiques et de les rendre plus efficaces sur certaines méthodes grâce à l’utilisation de l'ADN. Il y a différentes façons d'utiliser l'ADN pour sécuriser le contenu de l'information. Cette thèse propose deux solutions différentes pour utiliser l'ADN dans la cryptographie : sous sa forme biologique ou alors sous forme numérique. D ‘une part, l'ADN biologique peut être utilisé pour le stockage et pour cacher des données à l'intérieur de celui-ci. L'information secrète est placée dans une molécule de l'ADN et caché parmi d'autres molécules d'ADN. D’autre part, les nombres aléatoires peuvent être générés à partir de séquences numériques d'ADN. Ils représentent une solution pour la génération et la transmission des clés OTP (One-Time-Pad) symétriques. La transmission d'une très longue clé de cryptage n'est pas nécessaire, car chaque séquence possède un numéro d'identification unique dans la base de données. Ce numéro, ou une combinaison de ces numéros, peut alors être transmis. Enfin, la sécurité et la compression sont très importantes lors de la transmission et du stockage des données informatiques. Cependant, la plupart des systèmes de cryptage peuvent augmenter la taille des données, ou encore augmenter la complexité calcul. Ces inconvénients peuvent être résolus en combinant la compression de données avec le cryptage dans un seul processus ou en effectuant le cryptage sélectif des données. / DNA cryptography is a new and promising field in information security. It combines classical solutions in cryptography with the strength of the genetic material. By introducing DNA into the common symmetric key cryptography, it is possible to benefit from the advantages of the classical cryptosystems and solve some of its limitations. There are different ways how DNA can be used to secure information content. It is about using the biological medium of DNA for storing and hiding data. Secret information can be placed in microscopic size of DNA and hidden among a great amount of other DNA structures. Biomolecular computation is possible with specially designed DNA structures. Random numbers can be generated from DNA sequences which can be found in genetic databases in digital form. Genetic databases represent a feasible solution to the One-Time-Pad (OTP) symmetric key generation and transmission problem. The one-time use is ensured due to the great variety of the publicly available, very long (thousands of bases) sequences. Transmission of a very long key is not required because each sequence has a unique identification number in the database and this number can be sent instead. Compression along with information security have always been topics of interest because, as technology advances, the amount of data that is desired to be transmitted, stored, or used in real time applications is becoming greater. Some of the encryption schemes can increase the size of the data, or bring unwanted additional computations. These drawbacks can be solved by several techniques to combine compression with encryption in one process or by performing a selective encryption of the data. Cryptographie Base de données génomiques ADN Compression des données Cryptography Genomic database One time pad Compression
618	Contribution aux opérateurs arithmétiques GF(2m) et leurs applications à la cryptographie sur courbes elliptiques / Contributions to GF(2m) Operators for Cryptographic Purposes Métairie, Jérémy 19 May 2016 (has links) La cryptographie et la problématique de la sécurité informatique deviennent des sujets de plus en plus prépondérants dans un monde hyper connecté et souvent embarqué. La cryptographie est un domaine dont l'objectif principal est de ''protéger'' l'information, de la rendre inintelligible à ceux ou à celles à qui elle n'est pas destinée. La cryptographie repose sur des algorithmes solides qui s'appuient eux-mêmes sur des problèmes mathématiques réputés difficiles (logarithme discret, factorisation des grands nombres etc). Bien qu'il soit complexe, sur papier, d'attaquer ces systèmes de protection, l'implantation matérielle ou logicielle, si elle est négligée (non protégée contre les attaques physiques), peut apporter à des entités malveillantes des renseignements complémentaires (temps d’exécution, consommation d'énergie etc) : on parle de canaux cachés ou de canaux auxiliaires. Nous avons, dans cette thèse, étudié deux aspects. Le premier est l'apport de nouvelles idées algorithmiques pour le calcul dans les corps finis binaires GF(2^m) utilisés dans le cadre de la cryptographie sur courbes elliptiques. Nous avons proposé deux nouvelles représentations des éléments du corps : la base normale permutée et le Phi-RNS. Ces deux nouveautés algorithmiques ont fait l'objet d'implémentations matérielles en FPGA dans laquelle nous montrons que ces premières, sous certaines conditions, apportent un meilleur compromis temps-surface. Le deuxième aspect est la protection d'un crypto-processeur face à une attaque par canaux cachés (dite attaque par «templates»). Nous avons implémenté, en VHDL, un crypto-processeur complet et nous y avons exécuté, en parallèle, des algorithmes de «double-and-add» et «halve-and-add» afin d'accélérer le calcul de la multiplication scalaire et de rendre, de par ce même parallélisme, notre crypto-processeur moins vulnérable face à certaines attaques par canaux auxiliaires. Nous montrons que le parallélisme seul des calculs ne suffira pas et qu'il faudra marier le parallélisme à des méthodes plus conventionnelles pour assurer, à l'implémentation, une sécurité raisonnable. / Cryptography and security market is growing up at an annual rate of 17 % according to some recent studies. Cryptography is known to be the science of secret. It is based on mathematical hard problems as integers factorization, the well-known discrete logarithm problem. Although those problems are trusted, software or hardware implementations of cryptographic algorithms can suffer from inherent weaknesses. Execution time, power consumption (...) can differ depending on secret informations such as the secret key. Because of that, some malicious attacks could be used to exploit these weak points and therefore can be used to break the whole crypto-system. In this thesis, we are interested in protecting our physical device from the so called side channel attacks as well as interested in proposing new GF(2^m) multiplication algorithms used over elliptic curves cryptography. As a protection, we first thought that parallel scalar multiplication (using halve-and-add and double-and-add algorithms both executed at the same time) would be a great countermeasure against template attacks. We showed that it was not the case and that parallelism could not be used as protection by itself : it had to be combined with more conventional countermeasures. We also proposed two new GF(2^m) representations we respectively named permuted normal basis (PNB) and Phi-RNS. Those two representations, under some requirements, can offer a great time-area trade-off on FPGAs. RNS Corps finis Courbes elliptiques Cryptographie Arithmétique Hardware RNS Finite Field Elliptic curves Cryptography Arithmetic Hardware
619	Melhorando o ataque de reação contra o QC-MDPC McEliece / Improving the efficiency of the reaction attack on the QC-MDPC McEliece Thales Areco Bandiera Paiva 11 December 2017 (has links) O QC-MDPC McEliece foi considerado um dos mais promissores esquemas criptográficos de chave pública que oferecem segurança contra ataques por computadores quânticos. O tamanho das chaves públicas do QC-MDPC McEliece é competitivo com o das chaves do RSA, e o esquema tem uma redução de segurança aparentemente forte. Por três anos, o esquema não sofreu ataques críticos, até que na Asiacrypt de 2016 Guo, Johansson, e Stankovski mostraram um ataque de reação contra o QC-MDPC McEliece que explora um aspecto não considerado em sua redução de segurança: a probabilidade de o algoritmo de decriptação falhar é menor quando a chave secreta e o vetor usado para encriptar a mensagem compartilham certas propriedades, chamadas de espectros. Dessa forma, um atacante pode, ao detectar falhas de decriptação, obter informação sobre o espectro, que será usada para reconstruir a chave secreta. Guo et al. apresentaram um algoritmo para a reconstrução da chave a partir do espectro recuperado, para o qual é possível apontar três problemas. O primeiro é que seu algoritmo não é eficiente quando o espectro da chave não foi recuperado quase completamente, o que resulta em o atacante ter que enviar um grande número de testes de decriptação à portadora da chave secreta. O segundo problema é que o desempenho de seu algoritmo não escala bem para níveis de segurança mais altos. O terceiro e último problema é que, por ser baseado numa busca em profundidade, seu algoritmo não pode ser paralelizado trivialmente. Para aumentar a eficiência do ataque, dois novos algoritmos de reconstrução são propostos neste trabalho. Estes algoritmos são mais eficientes, usam menos informação sobre a chave secreta, e podem ser paralelizados trivialmente. O primeiro algoritmo é probabilístico e tem complexidade assintótica ligeiramente melhor do que a do original. Entretanto, o desempenho do algoritmo probabilístico piora rapidamente, embora mais lentamente do que o algoritmo de Guo et al., conforme a quantidade de informação sobre o espectro diminui. O segundo algoritmo explora uma relação linear entre os blocos da chave secreta. Este é mais eficiente, tanto assintoticamente quanto na prática, que os dois outros algoritmos, e é eficiente mesmo com 50% menos informação sobre o espectro do que o necessário para o algoritmo original. Isso permite que o atacante encontre a chave secreta fazendo apenas em torno de 20% do número de testes necessários pelo algoritmo de Guo\'s et al., considerando-se o nível de segurança de 80 bits. O desempenho de ambos os algoritmos são analisados e comparados com o do algoritmo original, e as análises são feitas tanto para a complexidade teórica quanto para o desempenho na prática, considerando a implementação dos algoritmos em linguagem C. / The QC-MDPC McEliece scheme was considered one of the most promising public key encryption schemes for efficient post-quantum secure encryption. As a variant of the McEliece scheme, it is based on the syndrome decoding problem, an NP-hard problem from Coding Theory. The key sizes are competitive with the ones of the widely used RSA cryptosystem, and it came with an apparently strong security reduction. For three years, the scheme has not suffered major threats, until the end of 2016, when Guo, Johansson, and Stankovski presented at Asiacrypt a reaction attack on the QC-MDPC that exploits one aspect that was not considered in the security reduction: the probability of a decoding failure to occur is lower when the secret key and the error used for encryption share certain properties, which they called spectrums. By detecting decoding failures, the attacker can obtain information on the spectrum of the secret key and then use this information to reconstruct the key. Guo et al. presented an algorithm for key reconstruction for which we can point three weaknesses. The first one is that it cannot deal efficiently with partial information on the spectrum of the secret key, resulting in the attacker having to send a great number of decoding trials. The second one is that it does not scale well for higher security levels. The third one is that the algorithm, which is based on a depth-first search, cannot be trivially parallelized. To improve the efficiency of the attack, we propose two different key reconstruction algorithms that are more efficient, use less information on the secret key, and can be trivially parallelized. The first algorithm, which is a simple probabilistic extension of Guo\'s et al. algorithm, is more efficient and runs increasingly faster, for higher security levels, than the original one. However, for security levels higher than 80 bits, the probabilistic algorithm cannot run efficiently without too much information on the spectrum of the secret key, even though it needs less information than the original algorithm. The second algorithm is based on a linear relation between the blocks of the secret key. It can run efficiently with around 50% less information than needed by Guo\'s et al. key reconstruction algorithm. This makes it possible for an attacker to recover the secret key sending approximately 20% of the of the number of decoding trials needed by Guo\'s et al. algorithm, for the security level of 80 bits. The performance of each presented algorithm is analyzed and compared with that of the original one. The analysis are made theoretically, considering a probabilistic analysis of the algorithms, and in practice, considering the corresponding implementations in C language. Ataque de reação Criptografia pós-quântica QC-MDPC Post-quantum cryptography QC-MDPC Reaction attack
620	Criptografia quântica em redes de informação crítica - aplicação a telecomunicações aeronáuticas. / Quantum cryptography in critical information networks - application to aeronautical telecommunications. Carlos Henrique Andrade Costa 17 June 2008 (has links) Ocorre atualmente um movimento de aumento da importância que a manutenção da segurança da informação vem adquirindo em redes de informação de crítica. Ao longo das últimas décadas a utilização de ferramentas criptográficas, especialmente aquelas baseadas em problemas de díficil solução computacional, foram suficientes para garantir a segurança dos sistemas de comunicação. Contudo, o desenvolvimento da nova técnica de processamento de informação conhecida como computação quântica e os resultados téoricos e experimentais apresentados por esta mostram que é possível inviabilizar alguns dos sistemas de criptografia atuais amplamente utilizados. A existência de tal vulnerabilidade representa um fator crítico em redes em que falhas de segurança da informação podem estar associadas a riscos de segurança física. Uma alternativa para os métodos criptográficos atuais consiste na utilização de sistemas quânticos na obtenção de um método criptográfico, o que se conhece como criptografia quântica. Este novo paradigma tem seu fundamento resistente mesmo na presença de capacidade tecnológica ilimitada, incluindo o cenário com disponibilidade de computação quântica. Este trabalho tem como objetivo levantar os impactos que o desenvolvimento da computação quântica têm sobre a segurança dos atuais sistemas criptográficos, apresentar e desenvolver alternativas de protocolos de criptografia quântica disponíveis, e realizar um estudo de caso por meio da avaliação da utilização de criptografia quântica no contexto da Aeronautical Telecommunication Network (ATN). Isto é feito por meio do desenvolvimento de um ambiente de simulacão que permite avaliar o comportamento de um protocolo de criptografia quântica em um cenário em um ambiente com requisitos de missão crítica, como é o caso da ATN. / The importance of security maintenance in critical information networks has been rising in recent times. Over the past decades, the utilization of cryptography tools, mainly those based on computationally intractable problems, was enough to ensure the security of communications systems. The development of the new information processing technique known as quantum computation and the theoretical and experimental results showed by this approach demonstrated that could be possible to cripple the current widely used cryptography techniques. This vulnerability represents a critical issue for networks where a security fault could be associated to a safety fault. An alternative for the current cryptography methods consists in the utilization of quantum systems to obtain a new cryptographic method. The new paradigm presented by this approach has solid principles even in the presence of unlimited computational capacity, including the scenario with availability of quantum computation. The aim of this work is the assessment of impacts that the development of quantum computation has over the current cryptographic methods security, the presentation and development of alternatives based on quantum cryptography protocols, and the development of a case study using the case of Aeronautical Telecommunication Network (ATN). This aim is reached by means of the development of a simulation environment that allows the evaluation of a quantum cryptography protocol behavior in an environment with mission critical requirements, like the ATN case. Computação quântica Criptologia Informação (segurança) Rede de telecomunicações Aeronautical telecommunications Critical information networks Quantum computation Quantum cryptography

Search results