Global ETD Search

751	Κώδικες πιστοποίησης μηνυμάτων : σχεδιασμός και υλοποιήσεις σε πλατφόρμες υλικού και συγκριτικές αποτιμήσεις / Message authentication codes : designs and implementations in hardware platforms and comparisons Χαράλαμπος, Μιχαήλ 16 June 2011 (has links) Σε αυτή τη μεταπτυχιακή διπλωματική εργασία μελετήθηκαν, αναπτύχτηκαν και συγκριθήκαν αρχιτεκτονικές για κρυπτογραφικές εφαρμογές που χρησιμοποιούνται στης τεχνικές πιστοποίησης μηνυμάτων. Σε αυτές χρησιμοποιήθηκαν και τεχνικές βελτιστοποίησης της απόδοσης. Στην ασφάλεια μετάδοσης των πληροφοριών, η πιστοποίηση μηνύματος είναι μία θεμελιώδης τεχνική, η οποία χρησιμοποιείται για να επιβεβαιώσει ότι τα ληφθέντα μηνύματα προέρχονται από τον σωστό αποστολέα και ότι δεν έχουν τροποποιηθεί κατά τη μετάδοση. Στην πιστοποίηση μηνύματος, απαιτείται η χρήση ενός κώδικα πιστοποίησης μηνύματος (Message Authentication Code-MAC). Οι τεχνικές για να δημιουργηθεί ένα MAC γίνεται με δύο τρόπους: α)Με χρήση μίας hash συνάρτησης σε συνδυασμό με ένα μυστικό κλειδί και αναφέρεται σαν HMAC (Hash-based MAC). β)Με χρήση ενός block cipher αλγορίθμου κρυπτογράφησης σε συνδυασμό με ένα μυστικό κλειδί και αναφέρεται σαν CMAC (Cipher block-based MAC). Θα υλοποιηθούν οι δύο παραπάνω τρόποι-μέθοδοι παραγωγής MAC, σε πλατφόρμες υλικού με γνώμονα την αύξηση της ρυθμαπόδοσης τους. Θα αποτιμηθεί ο ρόλος τους στα κρυπτογραφικά συστήματα ασφαλείας και σε ποιές περιπτώσεις συνίσταται η χρήση της κάθε μίας τεχνικής. Έτσι θα ξεκαθαριστούν οι διαφορές τους και θα καθοριστεί το προφίλ των εφαρμογών στης οποίες κάθε μια εκ των δύο αυτών τεχνικών ταιριάζει καλύτερα. Οι υλοποιήσεις συγκριθήκαν στην ίδια πλατφόρμα υλικού που χρησιμοποιήθηκε για την τελική υλοποίηση ώστε σε κάθε περίπτωση, ανάλογα με της απαιτήσεις της εκάστοτε εφαρμογής, να βρεθεί και η βέλτιστη λύση από πλευράς κόστους. / In the present M.Sc. thesis, several architectures for message authentication codes were studied, developed and compared to each other. Performance optimization techniques were exploited as well. Message Authentication Codes (MACs) are widely used in order to protect both a message's integrity -by ensuring that a different MAC will be produced if the message has changed - as well as its authenticity (only someone who knows the secret key could have generated a valid MAC). A message authentication code is an authentication tag (also called a checksum) derived by applying an authentication scheme, together with a secret key, to a message. Typically MACs are produced through: α) HMAC mechanism which is based on a FIPS approved collision-resistant hash function in combination with a secret key (Hash-based MAC). β)CMAC mechanism which is based on a block cipher algorithm in combination with a secret key (Cipher block-based MAC). The above two ways (mechanisms) for producing MACs were designed and implemented in hardware taking into consideration the increase of their throughput. The cryptographic systems in which the above two are exploited were described. Their key role in these systems was valued through an investigation concerning the way of their incorporation. Thus, the differences between them were clarified determining the applications where each one is better befitted. HMAC and CMAC designs are implemented in the same hardware FPGA platform and compared to each other in terms of operating frequency, area consumption and throughput. In this way, the best solution between them concerning their overall cost can be designated. Κρυπτογραφία 005.82 Cryptography Message authentication codes HMAC CMAC AES HASH functions
752	Κρυπτογραφία και ελλειπτικές καμπύλες : εφαρμογές σε ηλεκτρονικά συστήματα ψηφοφορίας Πανταζή - Μυταρέλλη, Ηρώ 23 January 2012 (has links) Η λέξη κρυπτογραφία προέρχεται από τα συνθετικά "κρυπτός" + "γράφω" και είναι ένας επιστημονικός κλάδος που ασχολείται με την μελέτη, την ανάπτυξη και την χρήση τεχνικών κρυπτογράφησης και αποκρυπτογράφησης με σκοπό την απόκρυψη του περιεχομένου των μηνυμάτων. Η κρυπτογραφία είναι ένας κλάδος της επιστήμης της κρυπτολογίας, η οποία ασχολείται με την μελέτη της ασφαλούς επικοινωνίας. Ο κύριος στόχος της είναι να παρέχει μηχανισμούς για 2 ή περισσότερα μέλη να επικοινωνήσουν χωρίς κάποιος άλλος να είναι ικανός να διαβάζει την πληροφορία εκτός από τα μέλη. Τα κρυπτογραφικά συστήματα που βασίζονται στις ελλειπτικές καμπύλες, αποτελούν ένα πολύ σημαντικό κομμάτι της κρυπτογραφίας δημόσιου κλειδιού και τα τελευταία χρόνια όλο και περισσότεροι επιστήμονες ασχολούνται με τη μελέτη τους. Το πλεονέκτημα των συστημάτων αυτών σε σχέση με τα συμβατικά κρυπτογραφικά συστήματα (π.χ. RSA) είναι ότι χρησιμοποιούν μικρότερες παραμέτρους και κλειδιά, προσφέροντας τα ίδια επίπεδα ασφάλειας. Για το λόγο αυτό, τα κρυπτογραφικά συστήματα ελλειπτικών καμπυλών προτιμούνται σε συσκευές περιορισμένων πόρων, όπως οι έξυπνες κάρτες (smart cards) και τα κινητά τηλέφωνα. Ένα από τα πιο θεμελιώδη προβλήματα στα κρυπτογραφικά συστήματα ελλειπτικών καμπυλών, είναι η γένεση ελλειπτικών καμπυλών, κατάλληλων να προσφέρουν την ασφάλεια που απαιτείται από τις κρυπτογραφικές εφαρμογές. Τέλος, η ρίψη μίας ηλεκτρονικής ψήφου μέσω του διαδικτύου πρέπει να συνοδεύεται από επαρκείς εγγυήσεις ασφάλειας ότι η ταυτότητα του ψηφοφόρου δε θα αποκαλυφθεί κατά τη διάρκεια της μεταφοράς και της επεξεργασίας της ψήφου, όπως επίσης και ότι το περιεχόμενό της δε θα μεταβληθεί, λόγω μη αποτελεσματικής λειτουργίας του συστήματος ή εξαιτίας εκλογικής λαθροχειρίας. / The word cryptography comes from the geek words “kryptos” (=hidden) and “grapho” (=write) and it is a scientific sector that deals with the study, the development and the use of techniques of coding and decoding in order to hide the content of a message. Cryptography is a part of the science of cryptology, which deals with the study of safe communication. Its main purpose is to provide tools and mechanisms to 2 or more members so as to communicate without interruptions from anyone else. The cryptographic systems, which are based upon elliptic curves, are a very essential part of public key cryptography and during the last years more and more scientists study them. The advantage of these systems compared to conventional cryptographic systems (e.g. RSA) is that they use less parameters and keys, offering the same safety levels. For this reason, the cryptographic elliptic curve systems are used in machines, such as smart cards and cell phones. One of the fundamental problems in such systems is the creation of elliptic curves which offer the safety that is required from the cryptographic applications. Finally, the cast of an electronic vote through the Internet must be accompanied by satisfying security guaranties that the voter's identity will not be revealed during the transfer and the process of his vote, as well as that the content of the vote will not be changed due to a non-effective functionality of the system or due to voting sleight. Κρυπτογραφία Ελλειπτικές καμπύλες Θεωρία αριθμών 005.82 Cryptography Elliptical curves E-voting Number theory
753	Αναγνώριση επιθέσεων σε δίκτυα εφαρμογών με δίκτυα κατανεμημένων αισθητήρων Σπανός, Δημήτρης 19 July 2012 (has links) Η αλματώδης ανάπτυξη του Παγκόσμιου Ιστού και των εφαρμογών του καθιστούν απαραίτητη τη συζήτηση για την ασφάλεια πληροφοριών στα πλαίσιά του. Στην εργασία αυτή παρουσιάζονται τα δομικά κομμάτια που υλοποιούν τον Παγκόσμιο Ιστό, η υποδομή του Διαδικτύου, το περιβάλλον του χρήστη και το περιβάλλον των εξυπηρετητών Ιστού (web browsers). Κάθε ένα από αυτά τα μέρη έχει τις δικές του ευπάθειες ασφάλειας και τις μεθόδους αντιμετώπισης κάθε μιας. Παρουσιάζονται οι κυριότερες απειλές ανά δομικό στοιχείο του Ιστού και κάποιες τεχνικές προφύλαξης από αυτές. Κυρίαρχο ρόλο στις τεχνικές αντιμετώπισης επιθέσεων στον Παγκόσμιο Ιστό παίζουν ο ορθός σχεδιασμός, η ενίσχυση της ασφάλειας των εμπλεκόμενων πρωτοκόλλων, οι τεχνικές κρυπτογράφισης αλλά και η προσωπική ευθύνη κάθε χρήστη του Ιστού. / Rapid growth of World Wide Web leads to a continuous discussion on maintaining information security through it. This essay presents the parts which implement World Wide Web, thus Internet structure, end user environment and web server environment. Each of these parts has different security vulnerabilities and measures of their mitigation. The most important security threats along with mitigation techniques are described. Almost all mitigation techniques come down to use of proper application design, cryptography and personal responsibility of every use and administrator. Παγκόσμιος ιστός Ασφάλεια δικτύου Κρυπτογραφία 005.807 6 World Wide Web Web security Cryptography
754	Σχεδίαση και υλοποίηση ασφαλούς υπηρεσίας με χρήση ελλειπτικής κρυπτογραφίας Χριστόπουλος, Ρένος-Νεκτάριος 13 October 2013 (has links) Στην παρούσα διπλωματική υλοποιήθηκε η σχεδίαση και υλοποίηση ασφαλούς υπηρεσίας με χρήση ελλειπτικής κρυπτογραφίας. Τα κρυπτογραφικά συστήματα που βασίζονται στις ελλειπτικές καμπύλες αποτελούν ένα πολύ σημαντικό κομμάτι της κρυπτογραφίας δημόσιου κλειδιού και τα τελευταία χρόνια όλο και περισσότεροι επιστήμονες ασχολούνται με τη μελέτη τους. Το πλεονέκτημα των συστημάτων αυτών σε σχέση με τα συμβατικά κρυπτογραφικά συστήματα είναι ότι χρησιμοποιούν μικρότερες παραμέτρους και κλειδιά, προσφέροντας τα ίδια επίπεδα ασφάλειας. Σχετικά με το πρόβλημα της προστασίας ευαίσθητων δεδομένων σκληρού δίσκου ή άλλου αποθηκευτικού μέσου διευθυνσιοδοτούμενου κατά τομείς (sector-adressed storage media), χρησιμοποιείται η τεχνική της κρυπτογράφησης δίσκου (disk encryption). Ορισμένα από τα υπεύθυνα για την υλοποίηση της κρυπτογράφησης λογισμικά (disk encryption software) χρησιμοποιούν την μέθοδο κρυπτογράφησης σε πραγματικό χρόνο (on-the-fly/real-time encryption). Ο όρος on-the-fly έγκειται στο γεγονός ότι τα αρχεία γίνονται προσβάσιμα αμέσως μόλις προσφερθεί το κλειδί κρυπτογράφησης (encryption key) όλο το διαμέρισμα (volume) «προσαρτάται» (mounted) σαν να ήταν ένας φυσικός δίσκος κάνοντας τα αρχεία να «φαίνονται» αποκρυπτογραφημένα. Στην πλαίσιο αυτό τοποθετείται ο σκοπός του ερευνητικού μέρους της παρούσας εργασίας, που εντοπίζεται το ερώτημα της προσαρμογής βιβλιοθηκών που υλοποιούν κρυπτογραφία ελλειπτικών καμπυλών σε λογισμικό ικανό να κρυπτογραφεί «on the fly» φακέλους αρχείων και κατ΄ επέκταση σκληρούς δίσκους / - Κρυπτογράφηση δίσκου 005.82 Elliptic curve cryptography (ECC) Disk encryption On-the-fly Truecrypt
755	The development of an efficient and secure product entitlement system for Pay-TV in modern attack scenarios Coetzee, Dirk Badenhorst 03 1900 (has links) Thesis (MScEng)--Stellenbosch University, 2013. / ENGLISH ABSTRACT: A secure product entitlement system allows one party, such as a pay-TV operator, to broadcast the same collection of information to several receiving parties while only allowing a certain subset of the receiving parties to access the information. This system must still be secure in the scenario where all receiving parties who are not allowed access to the information, pool their resources in an attempt to gain access to the information. Such a product entitlement system must also be bandwidth e cient since it can be deployed in networks where bandwidth is at a premium. The foundations of modern encryption techniques is reviewed and a survey of existing techniques, used to secure content in broadcast environments, is studied. From this collection of techniques two were identi ed as bandwidth e cient and are discussed in more detail before being implemented. An attempt is then made to design a new secure bandwidth e cient encryption scheme for protecting content in a broadcast environment. Several iterations of the design is detailed, including the security aw which makes each design insecure. The nal design was implemented and compared in several metrics to the two previously selected bandwidth e cient schemes. A framework to test the correctness of the schemes over a network is also designed and implemented. Possible future avenues of research are identi ed with regards to creating a secure broadcast encryption scheme and improving the software solution in which to use such a scheme. / AFRIKAANSE OPSOMMING: 'n Veilige produk-aanspraak-stelsel stel een party, soos byvoorbeeld 'n betaal-TV-operateur, in staat om dieselfde versameling inligting na verskeie partye uit te saai, terwyl slegs 'n bepaalde deelversameling van die ontvangende partye toegelaat sal word om toegang tot die inligting te bekom. Hierdie stelsel moet steeds die inligting beskerm in die geval waar al die ontvangende partye wat toegang geweier word, hul hulpbronne saamsmee in 'n poging om toegang te verkry. So 'n produk-aanspraak-stelsel moet ook bandwydte doeltre end benut, aangesien dit gebruik kan word in netwerke waar bandwydte baie duur is. Die fondamente van die moderne enkripsietegnieke word hersien. 'n Opname van bestaande tegnieke wat gebruik word om inligting te beskerm in 'n uitsaai omgewing word bestudeer. Uit hierdie versameling tegnieke word twee geïdenti seer as tegnieke wat bandwydte doeltre end benut en word meer volledig bespreek voordat dit geïmplementeer word. 'n Poging word dan aangewend om 'n nuwe veilige bandwydte doeltre ende enkripsietegniek te ontwerp vir die beskerming van inligting wat uitgesaai word. Verskeie iterasies van die ontwerp word uiteengesit, met 'n bespreking van die sekuriteitsfout wat elke ontwerp onveilig maak. Die nale ontwerp is geïmplementeer en aan die hand van verskeie maatstawwe vergelyk met die twee bandwydte doeltre ende tegnieke, wat voorheen gekies is. 'n Raamwerk om die korrektheid van die tegnieke oor 'n netwerk te toets, is ook ontwerp en geïmplementeer. Moontlike toekomstige rigtings van navorsing word geïdenti seer met betrekking tot die skep van 'n veilige uitsaai enkripsietegniek en die verbetering van die sagtewareoplossing wat so 'n tegniek gebruik. Encryption Information security Broadcast networks Cryptography Dissertations -- Electronic engineering Theses -- Electronic engineering Data encryption (Computer science)
756	Conception de mécanismes d'accréditations anonymes et d'anonymisation de données / Design of anonymous credentials systems and data anonymization techniques Brunet, Solenn 27 November 2017 (has links) L'émergence de terminaux mobiles personnels, capables à la fois de communiquer et de se positionner, entraîne de nouveaux usages et services personnalisés. Néanmoins, ils impliquent une collecte importante de données à caractère personnel et nécessitent des solutions adaptées en termes de sécurité. Les utilisateurs n'ont pas toujours conscience des informations personnelles et sensibles qui peuvent être déduites de leurs utilisations. L'objectif principal de cette thèse est de montrer comment des mécanismes cryptographiques et des techniques d'anonymisation de données peuvent permettre de concilier à la fois le respect de la vie privée, les exigences de sécurité et l'utilité du service fourni. Dans une première partie, nous étudions les accréditations anonymes avec vérification par clé. Elles permettent de garantir l'anonymat des utilisateurs vis-à-vis du fournisseur de service : un utilisateur prouve son droit d'accès, sans révéler d'information superflue. Nous introduisons des nouvelles primitives qui offrent des propriétés distinctes et ont un intérêt à elles-seules. Nous utilisons ces constructions pour concevoir trois systèmes respectueux de la vie privée : un premier système d'accréditations anonymes avec vérification par clé, un deuxième appliqué au vote électronique et un dernier pour le paiement électronique. Chaque solution est validée par des preuves de sécurité et offre une efficacité adaptée aux utilisations pratiques. En particulier, pour deux de ces contributions, des implémentations sur carte SIM ont été réalisées. Néanmoins, certains types de services nécessitent tout de même l'utilisation ou le stockage de données à caractère personnel, par nécessité de service ou encore par obligation légale. Dans une seconde partie, nous étudions comment rendre respectueuses de la vie privée les données liées à l'usage de ces services. Nous proposons un procédé d'anonymisation pour des données de mobilité stockées, basé sur la confidentialité différentielle. Il permet de fournir des bases de données anonymes, en limitant le bruit ajouté. De telles bases de données peuvent alors être exploitées à des fins d'études scientifiques, économiques ou sociétales, par exemple. / The emergence of personal mobile devices, with communication and positioning features, is leading to new use cases and personalized services. However, they imply a significant collection of personal data and therefore require appropriate security solutions. Indeed, users are not always aware of the personal and sensitive information that can be inferred from their use. The main objective of this thesis is to show how cryptographic mechanisms and data anonymization techniques can reconcile privacy, security requirements and utility of the service provided. In the first part, we study keyed-verification anonymous credentials which guarantee the anonymity of users with respect to a given service provider: a user proves that she is granted access to its services without revealing any additional information. We introduce new such primitives that offer different properties and are of independent interest. We use these constructions to design three privacy-preserving systems: a keyed-verification anonymous credentials system, a coercion-resistant electronic voting scheme and an electronic payment system. Each of these solutions is practical and proven secure. Indeed, for two of these contributions, implementations on SIM cards have been carried out. Nevertheless, some kinds of services still require using or storing personal data for compliance with a legal obligation or for the provision of the service. In the second part, we study how to preserve users' privacy in such services. To this end, we propose an anonymization process for mobility traces based on differential privacy. It allows us to provide anonymous databases by limiting the added noise. Such databases can then be exploited for scientific, economic or societal purposes, for instance. Cryptographie Vie privée Sécurité Anonymisation de données Cryptography Privacy Security Data anonymization
757	The Design and Analysis of Hash Families For Use in Broadcast Encryption January 2012 (has links) abstract: Broadcast Encryption is the task of cryptographically securing communication in a broadcast environment so that only a dynamically specified subset of subscribers, called the privileged subset, may decrypt the communication. In practical applications, it is desirable for a Broadcast Encryption Scheme (BES) to demonstrate resilience against attacks by colluding, unprivileged subscribers. Minimal Perfect Hash Families (PHFs) have been shown to provide a basis for the construction of memory-efficient t-resilient Key Pre-distribution Schemes (KPSs) from multiple instances of 1-resilient KPSs. Using this technique, the task of constructing a large t-resilient BES is reduced to finding a near-minimal PHF of appropriate parameters. While combinatorial and probabilistic constructions exist for minimal PHFs with certain parameters, the complexity of constructing them in general is currently unknown. This thesis introduces a new type of hash family, called a Scattering Hash Family (ScHF), which is designed to allow for the scalable and ingredient-independent design of memory-efficient BESs for large parameters, specifically resilience and total number of subscribers. A general BES construction using ScHFs is shown, which constructs t-resilient KPSs from other KPSs of any resilience ≤w≤t. In addition to demonstrating how ScHFs can be used to produce BESs , this thesis explores several ScHF construction techniques. The initial technique demonstrates a probabilistic, non-constructive proof of existence for ScHFs . This construction is then derandomized into a direct, polynomial time construction of near-minimal ScHFs using the method of conditional expectations. As an alternative approach to direct construction, representing ScHFs as a k-restriction problem allows for the indirect construction of ScHFs via randomized post-optimization. Using the methods defined, ScHFs are constructed and the parameters' effects on solution size are analyzed. For large strengths, constructive techniques lose significant performance, and as such, asymptotic analysis is performed using the non-constructive existential results. This work concludes with an analysis of the benefits and disadvantages of BESs based on the constructed ScHFs. Due to the novel nature of ScHFs, the results of this analysis are used as the foundation for an empirical comparison between ScHF-based and PHF-based BESs . The primary bases of comparison are construction efficiency, key material requirements, and message transmission overhead. / Dissertation/Thesis / M.S. Computer Science 2012 Computer science Broadcast Encryption Cryptography Key Pre-distribution Scattering Hash Family
758	Uma Arquitetura para Controle e Proteção de Direitos Autorais de Hiperdocumentos na Internet / An architecture for control and copyright protection of hyperdocuments on the internet Prokopetz, Klaus January 1999 (has links) Com o crescimento exponencial da WWW - World Wide Web, muitos hiperdocumentos, ou alguns de seus componentes, podem aparecer ilegalmente em algum site. O maior impedimento para o use generalizado da Internet como meio de disseminação de informações tem sido a facilidade de interceptar, copiar e redistribuir hiperdocumentos ou partes destes, exatamente como na sua forma original. Por esta razão, ate agora as aplicações na rede tem se destinado, com as devidas exceções, para publicações de documentos gratuitos ou de publicidade comercial ou artística [RUA97]. Devemos considerar que não ha e é pouco provável que se obtenha uma maneira absolutamente segura de proteger um hiperdocumento e todos seus componentes do ataque de piratas em um canal inseguro de comunicação como a Internet. No entanto, algumas técnicas podem tomar o hiperdocumento menos vulnerável. Com a certeza de que, dado tempo e recursos necessários, ainda poderá ser pirateado. Todavia, se esta tarefa for onerosa o suficiente a ponto de tornar mais fácil simplesmente adquirir uma copia legal do hiperdocumento ao invés de pirateá-lo, então podemos considerar que o hiperdocumento está seguro. Uma alternativa para dificultar o trabalho dos piratas seria tornar cada copia do hiperdocumento uma versão única, embutindo algum meio de identificação do autor e do leitor que teve acesso aquela cópia. Assim, se uma copia ilegal for encontrada, seria possível identificar o leitor que desencadeou, propositadamente ou não, o processo de copias ilegais e conseqüentemente rastrear os piratas envolvidos. A ideia é nunca disponibilizar uma copia desprotegida. 0 leitor deve ter acesso sempre a cópias marcadas. Estas marcas devem estar embutidas de forma que os piratas não consigam localizá-las, nem retirá-las e, preferencialmente nem desconfiem de sua existência. Neste enfoque, este trabalho propõe uma arquitetura de controle e proteção de direitos autorais. Esta arquitetura encontra uma solução para o problema da pirataria utilizando as técnicas de criptografia e watermark. Para isto, são utilizados dois módulos: um para o autor e outro para o leitor. O primeiro é um aplicativo que a partir da versão original de um hiperdocumento gera uma versão protegida. Esta poderá ser disponibilizada em qualquer site da Internet, sem nenhum controle adicional sobre a mesma. 0 segundo é um plug-in para browser da Internet, que interpreta a versão protegida, confere a identificação do leitor e, antes de disponibilizar o hiperdocumento, insere neste uma marca de identificação do autor e do leitor. Adicionalmente, o modulo leitor pode comunicar para o autor todas as tentativas de acesso, autorizadas ou não, ao seu hiperdocumento. A solução utiliza técnicas de criptografia para garantir a segurança do hiperdocumento durante seu armazenamento no site do autor, durante sua transferência ate o computador do leitor e para identificação do leitor. Depois o controle de acesso e proteção ao hiperdocumento é garantido por técnicas de watermark. / With the fast development of the World Wide Web (WWW), many hyperdocuments - or parts of them - may appear illegally at several sites. The ease with which hyperdocuments can be intercepted, copied and redistributed is the most important obstacle for the use of the Internet as a means to disseminate information. That is why, until now, the WWW has been used mostly (with a few exceptions) for the publication of free documents or for commercial and artistic advertising [RUA97]. Currently, there is no way that is absolutely secure to protect hyperdocuments against hackers — and it is unlikely that there will be one any time soon. However, there are techniques that can make hyperdocuments less vulnerable, even if this protection can also be broken given enough time and effort. Still, if piracy becomes costly enough so that it is easier to simply obtain hyperdocuments by legal means, than we can assume that the hyperdocument is secure. One option to make piracy harder would be to make each copy of a hyperdocument a unique version, encoding some sort of identification of both the author and the reader having access to that specific copy. This would allow identification of readers who started (deliberately or not) the process of illegally copying a document, and also tracing of the hackers involved. The idea is not to release an unprotected copy ever. Readers must have access to identified copies only. The identification marks should be embedded in such a way that it would not be possibly to either recognize or remove them. Ideally, hyperdocument hackers would not be aware of the existence of such marks. The present thesis proposes an architecture for control and protection of copyright, utilizing the techniques of cryptography and watermark. For that, two modules are employed, one for the author and another one for the reader. The first module creates a protected version of an original hyperdocument. This version can be published at any Internet site without additional security control. The second is a plug-in module for Internet browsers. It reads the protected version, checks the reader's identification and inserts the author's and the reader's identification mark in the hyperdocument before releasing it. In addition, the second module informs the author of how many attempts (authorized or not) have been made to access the hyperdocument. The solution presented herein utilizes cryptographic techniques to ensure that a hyperdocument will be secure while stored at the author's site, during download to the reader's computer, and during reader identification. After that, watermark techniques ensure protection and access to the hyperdocument. Automação : Escritórios Hiperdocumento Direito autoral : Internet Marca d'agua digital Criptografia Hyperdocument Copyright Stegnography Watermark Cryptography
759	Miroirs, Cubes et Feistel Dissymétriques / Mirrors, cubes and unbalanced Feistel schemes Volte, Emmanuel 28 November 2014 (has links) La première partie est consacrée à l'étude d'attaques génériques sur des schémas de Feistel dissymétriques. Ces attaques sont en fait des distingueurs qui calculent sur une partie des clairs-chiffrés le nombre de paires vérifiant un système d'égalités et de non-égalités sur un groupe fini. La recherche de ce type d'attaques a été automatisée et améliorée, notamment en tenant compte de goulots d'étranglement. Plus généralement, des travaux sur ce type de systèmes, que l'on désigne par les termes << théorie du miroir >> sont exposés dans cette partie. En particulier, on décrit le problème de la somme de deux bijections sur un groupe fini.La deuxième partie décrit un des candidats à la compétition SHA-3 : la fonction de hachage CRUNCH. Cette fonction reprend un schéma de Feistel dissymétrique et utilise la somme de deux bijections. De plus, un nouveau mode d'enchaînement a été utilisé.Dans la dernière partie on traite de problème d'authentification à divulgation nulle de connaissance. D'abord avec les polynômes à plusieurs variables, puis avec un problème difficile lié aux groupes symétriques. Une illustration est donnée avec le groupe du Rubik's Cube.Enfin une méthode originale pour tenter de trouver une solution aux équations de Brent est donnée en annexe. / The first part is dedicated to the study of generic attacks in unbalanced Feistel schemes. All these attacks are distinguishers that counts how many number of couples (plain text, cipher text) verify a system of equalities and non-equalities on a finite groupe. With the help of algorithms we have found all the possible attacks, and some attacks with a neck bottle have been rejected automatically. More generally, we describe some works about the "mirror theory" that deals about that kind of systems. We specially describe the problem of the sum of two bijections in a finite group.The second part describes one of the candidate of the SHA-3 competition : the hash function called CRUNCH. This function includes the sum of two bijections, and each bijection is an unbalanced Feistel Scheme. A new chaining process for long messages is given.In the last part we deal with zero-knowledge authentication problems. The first protocol is based on multivariate polynomials. The second is linked to a difficult problem in symmetric groups. We take the example of the Rubik's cube group.Finally, we reveal some works on Brent equations. We build an algorithm that may find one solution. Cryptographie Authentification Groupe fini Feistel Dissymétriques Attaques Cryptography Authentication Finite group Unbalanced Feistel Attack
760	Estudo do desempenho de filtros acústicos-ópticos sintonizáveis como componentes biestáveis e sua utilização na criptografia em redes ópticas / Study the performance of acoustic-optical filters and tunable bistable components and their use in cryptography in optical networks Sabóia, Karlo David Alves January 2009 (has links) SABÓIA, Karlo David Alves. Estudo do desempenho de filtros acústicos-ópticos sintonizáveis como componentes biestáveis e sua utilização na criptografia em redes ópticas. 2009. 138 f. Tese (Doutorado em Física) - Programa de Pós-Graduação em Física, Departamento de Física, Centro de Ciências, Universidade Federal do Ceará, Fortaleza, 2009. / Submitted by Edvander Pires (edvanderpires@gmail.com) on 2015-10-15T17:52:52Z No. of bitstreams: 1 2009_tese_kdasaboia.pdf: 1920593 bytes, checksum: 4fd70f8b99a1d192f94bef6debcb1a7a (MD5) / Approved for entry into archive by Edvander Pires(edvanderpires@gmail.com) on 2015-10-21T20:34:18Z (GMT) No. of bitstreams: 1 2009_tese_kdasaboia.pdf: 1920593 bytes, checksum: 4fd70f8b99a1d192f94bef6debcb1a7a (MD5) / Made available in DSpace on 2015-10-21T20:34:18Z (GMT). No. of bitstreams: 1 2009_tese_kdasaboia.pdf: 1920593 bytes, checksum: 4fd70f8b99a1d192f94bef6debcb1a7a (MD5) Previous issue date: 2009 / The performance of acoustic-optic tunable filters (AOTF) as a bistable component, applied to cryptography in optical networks, has been studied with analytical and numerical methods. Initial investigations of such filters highlighted their main transmissions, and analyzed their behavior by nonlinear effects with formation of optical bistability when a feedback was introduced in the system. Subsequently, it was proposed the use of an AOTF device, together with simultaneous modulation of ultrashort pulses by position (PPM) and amplitude (PAM), for generation of a cryptographic system for application in optical networks. Numerical simulations were performed using the Runge-Kutta fourth order method. The results for the study of bistability showed the dependence of the hysteresis curve with respect to the product of coupling constant by the length of the device and the conversion power-coupling constant factor (G). It was shown that the range of bistability varies significantly with both G and the product of coupling constant by the length of the device. The variation of the product of coupling constant by the length of the device directly increases the size of the bistability range while the increase in G causes the bistability occurrence for initial powers to decrease. The results obtained in the study of the AOTF as a cryptographer showed that it is possible to define a pair of parameters, called PPM/PAM pair, directly related to the modulations used in the process, which will serve as key to communications between two users in an optical network. The device would be used to encode and decode data. / O Estudo do Desempenho de Filtros Acústico-Ópticos Sintonizáveis (AOTF) como Componentes Biestáveis e sua Utilização na Criptografia em Redes Ópticas apresenta, primeiramente, um estudo analítico e numérico de tais filtros destacando suas principais propriedades de transmissão e analisando seu comportamento devido aos efeitos não-lineares e o surgimento da biestabilidade óptica quando um sistema de feedback é introduzido. Em seguida, propõe o uso do AOTF, somado à modulação de pulsos ultracurtos por posição (PPM) e por amplitude (PAM), simultaneamente, para gerar um sistema criptográfico a ser utilizado em redes ópticas. As simulações numéricas foram realizadas utilizando-se o método de Runge-Kutta de Quarta Ordem. Os resultados obtidos para o estudo da biestabilidade mostraram a dependência da curva de histerese com relação ao produto da constante de acoplamento pelo comprimento do dispositivo e ao fator de conversão potência-constante de propagação (G). Mostrou-se que o intervalo da biestabilidade varia significativamente tanto com G como com produto da constante de acoplamento pelo comprimento do dispositivo, mas suas contribuições são diferentes. A variação do produto da constante de acoplamento pelo comprimento do dispositivo aumenta o tamanho do intervalo da biestabilidade, enquanto que o aumento de G faz com que a biestabilidade ocorra para potências iniciais cada vez menores. Os resultados obtidos no estudo do AOTF como criptógrafo mostraram que é possível definir um par de parâmetros, chamado par PPM/PAM, diretamente relacionado com as modulações usadas no processo, que servirá como elemento fundamental para a comunicações entre dois usuários em uma rede óptica usando um AOTF para codificar a mensagem e outro para decodificar. Ótica Biestabilidade Criptografia Optics Acoustic-optic tunable filter Bistability Cryptography

Search results