- About
-
The Global ETD Search service is a free service for researchers
to find electronic theses and dissertations. This service is
provided by the
Networked Digital Library of Theses and Dissertations.
Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
Search results
Showing 681 to 690 of 1463 (0.021 seconds)| 681 |
Encryption in Delocalized Access SystemsAhlström, Henrik, Skoglund, Karl-Johan January 2008 (has links)
<p>The recent increase in performance of embedded processors has enabled the use of computationally heavy asymmetric cryptography in small and power efficient embedded systems. The goal of this thesis is to analyze whether it is possible to use this type of cryptography to enhance the security in access systems.</p><p>This report contains a literature study of the complications related to access systems and their functionality. Also a basic introduction to cryptography is included.</p><p>Several cryptographic algorithms were implemented using the public library LibTomCrypt and benchmarked on an ARM7-processor platform. The asymmetric coding schemes were ECC and RSA. The tested symmetric algorithms included AES, 3DES and Twofish among others. The benchmark considered both codesize and speed of the algorithms.</p><p>The two asymmetric algorithms, ECC and RSA, are possible to be used in an ARM7 based access system. Although, both technologies can be configured to finish the calculations within a reasonable time-frame of 10 Sec, ECC archives a higher security level for the same execution time. Therefore, an implementation of ECC would be preferable since it is faster and requires less resources. Some further suggestions of improvements to the implementation is discussed in the final chapters.</p>
|
| 682 |
Re-authentication of Critical Operations / Återautentisering av Kritiska OperationerYachouh, Marwan January 2002 (has links)
<p>This is a study on the development of a re-authentication prototype. Re- authentication serves as a receipt for e.g. system administrators that authorise them to carry out a critical operation in a system that already is protected by a security architecture. A critical operation is a kind of operation that can cause serious damage to a network node or a set of network nodes, if it is done without one giving it a second thought. The purpose is to prevent mistakes and secure the users’ audit trail. </p><p>The main task is to propose and implement a re-authentication prototype, that is to enable the incorporation of the re-authentication prototype to an already complete security architecture and yet preserve the security and performance level of the architecture. </p><p>This thesis deals with this problem by using digitally signed certificates to provide the necessary security issues. The certificates used are called re- authentication certificates and follows the X.509 attribute certificate standard. The re-authentication certificate is optimised so that it only holds authorisation information regarding one critical operation. An access control decision function is used to decide if the re-authentication certificate and its owner are authentic. On basis of that decision the user can get the authority to execute critical operations. </p><p>The finished prototype confirms that a re-authentication can be incorporated with the security architecture. The report also shows that the security status of the architecture is preserved. The performance of the prototype is rather difficult to prove since the prototype implementation only initialises the objects that are required to prove the security issues. A performance test can therefore never prove how the prototype will perform in an authentic environment. The performance is assumed to be adequate since it uses the same authentication function that is used by the security architecture.</p>
|
| 683 |
A VLSI architecture for Rijndael, the advanced encryption standard [electronic resource] / by Naga M. Kosaraju.Kosaraju, Naga M. January 2003 (has links)
Title from PDF of title page. / Document formatted into pages; contains 93 pages. / Thesis (M.S.Cp.E.)--University of South Florida, 2003. / Includes bibliographical references. / Text (Electronic thesis) in PDF format. / ABSTRACT: The increasing application of cryptographic algorithms to ensure secure communications across virtual networks has led to an ever-growing demand for high performance hardware implementations of the encryption/decryption methods. The inevitable inclusion of the cryptographic algorithms in network communications has led to the development of several encryption standards, one of the prominent ones among which, is the Rijndael, the Advanced Encryption Standard. Rijndael was chosen as the Advanced Encryption Standard (AES) by the National Institute of Standard and Technology (NIST), in October 2000, as a replacement for the Data Encryption Standard (DES). This thesis presents the architecture for the VLSI implementation of the Rijndael, the Advanced Encryption Standard algorithm. Rijndael is an iterated, symmetric block cipher with a variable key length and block length. The block length is fixed at 128 bits by the AES standard [4]. / ABSTRACT: The key length can be designed for 128,192 or 256 bits. The VLSI implementation, presented in this thesis, is based on a feed-back logic and allows a key length specification of 128-bits. The present architecture is implemented in the Electronic Code Book(ECB) mode of operation. The proposed architecture is further optimized for area through resource-sharing between the encryption and decryption modules. The architecture includes a Key-Scheduler module for the forward-key and reverse-key scheduling during encryption and decryption respectively. The subkeys, required for each round of the Rijndael algorithm, are generated in real-time by the Key-Scheduler module by expanding the initial secret key. The proposed architecture is designed using the Custom-Design Layout methodology with the Cadence Virtuoso tools and tested using the Avanti Hspice and the Nanosim CAD tools. / ABSTRACT: Successful implementation of the algorithm using iterativearchitecture resulted in a throughput of 232 Mbits/sec on a 0.35[mu] CMOS technology. Using 0.35[mu] CMOS technology, implementation of the algorithm using pipelining architecture resulted in a throughput of 1.83 Gbits/sec. The performance of this implementation is compared with similar architectures reported in the literature. / System requirements: World Wide Web browser and PDF reader. / Mode of access: World Wide Web.
|
| 684 |
IP Security für LinuxParthey, Mirko 19 January 2001 (has links) (PDF)
Die Nutzung des Internet für sicherheitskritische Anwendungen erfordert kryptographische Schutzmechanismen. IP Security (IPsec) definiert dafür geeignete Protokolle. Diese Arbeit gibt einen Überblick über IPsec. Eine IPsec-Implementierung für Linux (FreeS/WAN) wird auf Erweiterbarkeit und Praxistauglichkeit untersucht. / Using the Internet in security-critical areas requires cryptographic protection, for which IP Security (IPsec) defines suitable protocols. This paper gives an overview of IPsec. A Linux implementation of IPsec is examined under the aspects of extendability and usability.
|
| 685 |
A survey and security strength classification of PKI certificate revocation management implementations /MacMichael, John L. January 2003 (has links) (PDF)
Thesis (M.S. in Information Technology Management)--Naval Postgraduate School, December 2003. / Thesis advisor(s): J.D. Fulp, D.F. Warren. Includes bibliographical references. Also available online.
|
| 686 |
Prevention and Detection of Intrusions in Wireless Sensor NetworksButun, Ismail 01 January 2013 (has links)
Wireless Sensor Networks (WSNs) continue to grow as one of the most exciting and challenging research areas of engineering. They are characterized by severely constrained computational and energy
resources and also restricted by the ad-hoc network operational
environment. They pose unique challenges, due to limited power
supplies, low transmission bandwidth, small memory sizes and limited energy. Therefore, security techniques used in traditional networks cannot be directly adopted. So, new ideas and approaches are needed, in order to increase the overall security of the network. Security applications in such resource constrained WSNs with minimum overhead provides significant challenges, and is the main focus of this dissertation.
There is no "one size fits all" solution in defending WSNs against intrusions and attacks. Therefore, intrusions and attacks against WSNs should be carefully examined to reveal specific vulnerabilities associated with them, before beginning the design of any kind of intrusion prevention and detection systems. By following this rationale, the dissertation starts with providing information regarding the WSNs, types of attacks towards WSNs, and the methods on how to prevent and detect them. Then, in order to secure WSNs, a security provisioning plan is provided.
In general, the following processes may be involved in securing WSNs: Intrusion Prevention, Intrusion Detection, and Intrusion
Mitigation. This dissertation presents solutions (algorithms and
schemes) to the first two lines of defenses of the security
provisioning plan, namely, Intrusion Prevention and Intrusion
Detection.
As a first line of defense in securing WSNs, this dissertation
presents our proposed algorithm ("Two-Level User Authentication" scheme) as an Intrusion Prevention System (IPS) for WSNs. The algorithm uses two-level authentication between a sensor node and a user. It is designed for heterogeneous WSNs, meaning that
the network consists of two components: regular nodes and more
powerful cluster heads. The proposed scheme is evaluated both
analytically and also in a simulation environment, by comparing it
to the current state-of-the-art schemes in the literature.
A comprehensive and systematic survey of the state-of-the-art in
Intrusion Detection Systems (IDSs) that are proposed for Mobile
Ad-Hoc Networks (MANETs) and WSNs is presented. Firstly, detailed
information about IDSs is provided. This is followed by the analysis
and comparison of each scheme along with their advantages and
disadvantages from the perspective of security. Finally, guidelines
on IDSs that are potentially applicable to WSNs are provided. Overall, this work would be very helpful to the researchers in developing their own IDSs for their WSNs.
Clustering (of the nodes) is very important for WSNs not only in
data aggregation, but also in increasing the overall performance of
the network, especially in terms of total life-time. Besides, with the help of clustering, complex intrusion prevention and detection algorithms can be implemented. Therefore, background on the
clustering algorithms is provided and then a clustering algorithm
for WSNs is proposed, that is both power and connectivity aware. The proposed algorithm provides higher energy efficiency and increases the life-time of the network. In evaluating the proposed clustering algorithm (in a simulation environment by comparing its' performance to the previously proposed algorithm, namely Kachirski et al.'s algorithm), it is demonstrated that the proposed algorithm
improves energy efficiency in WSNs.
Finally, an IDS framework based on multi-level clustering for
hierarchical WSNs is proposed. It is based upon (the nodes use our
proposed clustering algorithm while forming their clusters) the
clustering algorithm that is proposed in this dissertation. The
framework provides two types of intrusion detection approaches,
namely "Downwards-IDS (D-IDS)" to detect the abnormal behavior (intrusion) of the subordinate (member) nodes and "Upwards-IDS (U-IDS)" to detect the abnormal behavior of the cluster heads. By using analytical calculations, the optimum parameters for the D-IDS (number of maximum hops) and U-IDS (monitoring group size) of the framework are evaluated and presented.
Overall, this dissertation research contributes to the first two lines of defenses towards the security of WSNs, namely, IPS and IDS.
Furthermore, the final contribution of this dissertation is towards
the topology formation of the WSNs (especially for the hierarchical
WSNs), namely, clustering; which would be very useful in implementation of the IPS and IDS systems that are presented in this dissertation.
|
| 687 |
A scalable and secure networking paradigm using identity-based cryptographyKwok, Hon-man, Sammy., 郭漢文. January 2011 (has links)
published_or_final_version / Electrical and Electronic Engineering / Doctoral / Doctor of Philosophy
|
| 688 |
Weak mutually unbiased bases with applications to quantum cryptography and tomographyShalaby, Mohamed Mahmoud Youssef January 2012 (has links)
Mutually unbiased bases is an important topic in the recent quantum system researches. Although there is much work in this area, many problems related to mutually unbiased bases are still open. For example, constructing a complete set of mutually unbiased bases in the Hilbert spaces with composite dimensions has not been achieved yet. This thesis defines a weaker concept than mutually unbiased bases in the Hilbert spaces with composite dimensions. We call this concept, weak mutually unbiased bases. There is a duality between such bases and the geometry of the phase space Zd × Zd, where d is the phase space dimension. To show this duality we study the properties of lines through the origin in Zd × Zd, then we explain the correspondence between the properties of these lines and the properties of the weak mutually unbiased bases. We give an explicit construction of a complete set of weak mutually unbiased bases in the Hilbert space Hd, where d is odd and d = p1p2; p1, p2 are prime numbers. We apply the concept of weak mutually unbiased bases in the context of quantum tomography and quantum cryptography.
|
| 689 |
Two-level chaos-based cryptography for image security.Matondo, Sandra Bazebo. January 2012 (has links)
M. Tech. Electrical engineering. / Discusses a desirable chaos-based encryption scheme for image storage and transmission is one that can resist different types of attacks in less time and with successful decryption. To resist different kinds of attacks, a higher security level is required. As a result, there is a need to enhance the security level of existing chaos-based image encryption schemes using hyper-chaos. To increase the level of security using hyper-chaos, the research will present a scheme that combines two different techniques that are used to improve the degree of security of chaos-based cryptography; a classical chaos-based cryptographic technique and a hyper-chaos masking technique. The first technique focuses on the efficient combination and transformation of image characteristics based on hyper-chaos pseudorandom numbers. The second technique focuses on driving the hyper-chaos system by using the results of the first technique to change the transmitted chaos dynamic as well as using synchronisation and a high-order differentiator for decryption. To achieve the objective of our research the following sub-problems are addressed.
|
| 690 |
Efficient, provably secure code constructionsAgrawal, Shweta Prem 31 May 2011 (has links)
The importance of constructing reliable and efficient methods for securing digital information in the modern world cannot be overstated. The urgency of this need is reflected in mainstream media--newspapers and websites are full of news about critical user information, be it credit card numbers, medical data, or social security information, being compromised and used illegitimately. According to news reports, hackers probe government computer networks millions of times a day, about 9 million Americans have their identities stolen each year and cybercrime costs large American businesses 3.8 million dollars a year. More than 1 trillion worth of intellectual property has already been stolen from American businesses. It is this evergrowing problem of securing valuable information that our thesis attempts to address (in part). In this thesis, we study methods to secure information that are fast, convenient and reliable. Our overall contribution has four distinct threads. First, we construct efficient, "expressive" Public Key Encryption systems (specifically, Identity Based Encryption systems) based on the hardness of lattice problems. In Identity Based Encryption (IBE), any arbitrary string such as the user's email address or name can be her public key. IBE systems are powerful and address several problems faced by the deployment of Public Key Encryption. Our constructions are secure in the standard model. Next, we study secure communication over the two-user interference channel with an eavesdropper. We show that using lattice codes helps enhance the secrecy rate of this channel in the presence of an eavesdropper. Thirdly, we analyze the security requirements of network coding. Network Coding is an elegant method of data transmission which not only helps achieve capacity in several networks, but also has a host of other benefits. However, network coding is vulnerable to "pollution attacks" when there are malicious users in the system. We design mechanisms to prevent pollution attacks. In this setting, we provide two constructions -- a homomorphic Message Authentication Code (HMAC) and a Digital Signature, to secure information that is transmitted over such networks. Finally, we study the benefits of using Compressive Sensing for secure communication over the Wyner wiretap channel. Compressive Sensing has seen an explosion of interest in the last few years with its elegant mathematics and plethora of applications. So far however, Compressive Sensing had not found application in the domain of secrecy. Given its inherent assymetry, we ask (and answer in the affirmative) the question of whether it can be deployed to enable secure communication. Our results allow linear encoding and efficient decoding (via LASSO) at the legitimate receiver, along with infeasibility of message recovery (via an information theoretic analysis) at the eavesdropper, regardless of decoding strategy. / text
|
Page generated in 0.0416 seconds