Global ETD Search

921	Unités arithmétiques et cryptoprocesseurs matériels pour la cryptographie sur courbe hyperelliptique / Hardware arithmetic units and cryptoprocessors for hyperelliptic curve cryptography Gallin, Gabriel 29 November 2018 (has links) De nombreux systèmes numériques nécessitent des primitives de cryptographie asymétrique de plus en plus performantes mais aussi robustes aux attaques et peu coûteuses pour les applications embarquées. Dans cette optique, la cryptographie sur courbe hyperelliptique (HECC) a été proposée comme une alternative intéressante aux techniques actuelles du fait de corps finis plus petits. Nous avons étudié des cryptoprocesseurs HECC matériels performants, flexibles et robustes contre certaines attaques physiques. Tout d’abord, nous avons proposé une nouvelle architecture d’opérateurs exécutant, en parallèle, plusieurs multiplications modulaires (A × B) mod P, où P est un premier générique de quelques centaines de bits et configurable dynamiquement. Elle permet le calcul de la grande majorité des opérations nécessaires pour HECC. Nous avons développé un générateur d’opérateurs, distribué en logiciel libre, pour l'exploration de nombreuses variantes de notre architecture. Nos meilleurs opérateurs sont jusqu'à 2 fois plus petits et 2 fois plus rapids que les meilleures solutions de l'état de l'art. Ils sont aussi flexibles quant au choix de P et atteignent les fréquences maximales du FPGA. Dans un second temps, nous avons développé des outils de modélisation et de simulation pour explorer, évaluer et valider différentes architectures matérielles pour la multiplication scalaire dans HECC sur les surfaces de Kummer. Nous avons implanté, validé et évalué les meilleures architectures sur différents FPGA. Elles atteignent des vitesses similaires aux meilleures solutions comparables de l’état de l’art, mais pour des surfaces réduites de moitié. La flexibilité obtenue permet de modifier lors de l'exécution les paramètres des courbes utilisées. / Many digital systems require primitives for asymmetric cryptography that are more and more efficient but also robust to attacks and inexpensive for embedded applications. In this perspective, and thanks to smaller finite fields, hyperelliptic curve cryptography (HECC) has been proposed as an interesting alternative to current techniques. We have studied efficient and flexible hardware HECC cryptoprocessors that are also robust against certain physical attacks. First, we proposed a new operator architecture able to compute, in parallel, several modular multiplications (A × B) mod P, where P is a generic prime of a few hundred bits and configurable at run time. It allows the computation of the vast majority of operations required for HECC. We have developed an operator generator, distributed in free software, for the exploration of many variants of our architecture. Our best operators are up to 2 times smaller and twice as fast as the best state-of-the-art solutions. They are also flexible in the choice of P and reach the maximum frequencies of the FPGA. In a second step, we developed modeling and simulation tools to explore, evaluate and validate different hardware architectures for scalar multiplication in HECC on Kummer surfaces. We have implemented, validated and evaluated the best architectures on various FPGA. They reach speeds similar to the best comparable solutions of the state of the art, but for halved surfaces. The flexibility obtained makes it possible to modify the parameters of the curves used during execution. Cybersécurité Cryptographie à clé publique Cryptographie sur courbe hyperelliptique FPGA Multiplication modulaire Opérateurs arithmétiques matériels Cryptoprocesseurs matériels Exploration d'architectures Systèmes embarqués Cybersecurity Asymetric cryptography Hyperelliptic curve cryptography FPGA Modular multiplication Hardware arithmetic units Hardware cryptoprocessors Architectural exploration Embedded systems
922	MiniCA: A web-based certificate authority Macdonell, James Patrick 01 January 2007 (has links) The MiniCA project is proposed and developed to address growing demand for inexpensive access to security features such as privacy, strong authentication, and digital signatures. These features are integral to public-key encryption technologies. The audience for whom the software project is intended includes, technical staff requiring certificates for use in SSL applications (i.e. a secure web-site) at California State University, San Bernardino. Computer networks Security measures Computer networks Access control Public key cryptography Data encryption (Computer science) Data protection Computer networks Access control Computer networks Security measures Data encryption (Computer science) Data protection Public key cryptography. Information Security
923	Reed-Solomon-koder i ett McElieceskryptosystem : En kodteoretisk genomgång Henriksson, Magnus January 2009 (has links) Detta arbete är ett examensarbete i matematik på kandidatnivå vid Växjö universitet. Det är en studie av kodningsteori i allmänhet med fokusering på cykliska koder och Reed-Solomon-koder i synnerhet. Reed-Solomon-koderna används för att skapa McElieces kryptosystem. En kortfattad analys av McElieces kryptosystems säkerhet görs tillsammans med en genomgång av kända sätt att forcera denna typ av kryptosystem. Här visar det sig att användning av Reed-Solomon-kod försvagar kryptosystemet i förhållande till om den ursprungligt föreslagna Goppa-koden används. För att kunna göra denna säkerhetsanalys görs också en kortfattad genomgång av komplexitetsteori och vad det innebär att ett problem är NP-fullständigt. Nyckelord: Kodningsteori, Kodteori, Cykliska koder, BCH-koder, Reed-Solomon-koder, McElieces kryptosystem, Kryptering, Kodforcering, Komplexitetsteori, NP-fullständigt / This work is produced on bachelor level in mathematics at University of Växjö. It is a study of coding theory with focus on cyclic codes in general and Reed-Solomon codes in detail. Reed-Solomon codes are used for implementing McEliece's crypto system. A short analysis of McEliece's crypto system security is also made together with a description of some known ways to break this type of cryptosystem. It is shown that using Reed-Solomon codes weaken this cryptosystem compared to using the original supposed Goppa codes. The security analyse also need a short summary of complexity theory and what it means that a problem is NP-complete. Keywords: Coding theory, Cyclic codes, BCH codes, Reed-Solomon codes, McEliece's cryptography system, Cryptography, Code breaking, Complexity theory, NP-complete Coding theory Cyclic codes BCH codes Reed-Solomon codes McEliece's cryptography system Cryptography Code breaking Complexity theory Kodningsteori Kodteori Cykliska koder BCH-koder Reed-Solomon-koder McElieces kryptosystem Kryptering Kodforcering Komplexitetsteori MATHEMATICS MATEMATIK
924	Reed-Solomon-koder i ett McElieceskryptosystem : En kodteoretisk genomgång Henriksson, Magnus January 2009 (has links) <p>Detta arbete är ett examensarbete i matematik på kandidatnivå vid Växjö universitet. Det är en studie av kodningsteori i allmänhet med fokusering på cykliska koder och Reed-Solomon-koder i synnerhet. Reed-Solomon-koderna används för att skapa McElieces kryptosystem. En kortfattad analys av McElieces kryptosystems säkerhet görs tillsammans med en genomgång av kända sätt att forcera denna typ av kryptosystem. Här visar det sig att användning av Reed-Solomon-kod försvagar kryptosystemet i förhållande till om den ursprungligt föreslagna Goppa-koden används. För att kunna göra denna säkerhetsanalys görs också en kortfattad genomgång av komplexitetsteori och vad det innebär att ett problem är NP-fullständigt.</p><p><strong>Nyckelord: </strong>Kodningsteori, Kodteori, Cykliska koder, BCH-koder, Reed-Solomon-koder, McElieces kryptosystem, Kryptering, Kodforcering, Komplexitetsteori, NP-fullständigt</p> / <p>This work is produced on bachelor level in mathematics at University of Växjö. It is a study of coding theory with focus on cyclic codes in general and Reed-Solomon codes in detail. Reed-Solomon codes are used for implementing McEliece's crypto system. A short analysis of McEliece's crypto system security is also made together with a description of some known ways to break this type of cryptosystem. It is shown that using Reed-Solomon codes weaken this cryptosystem compared to using the original supposed Goppa codes. The security analyse also need a short summary of complexity theory and what it means that a problem is NP-complete.</p><p><strong>Keywords:</strong> Coding theory, Cyclic codes, BCH codes, Reed-Solomon codes, McEliece's cryptography system, Cryptography, Code breaking, Complexity theory, NP-complete</p> Coding theory Cyclic codes BCH codes Reed-Solomon codes McEliece's cryptography system Cryptography Code breaking Complexity theory Kodningsteori Kodteori Cykliska koder BCH-koder Reed-Solomon-koder McElieces kryptosystem Kryptering Kodforcering Komplexitetsteori MATHEMATICS MATEMATIK
925	Universal homophonic coding Stevens, Charles Cater 11 1900 (has links) Redundancy in plaintext is a fertile source of attack in any encryption system. Compression before encryption reduces the redundancy in the plaintext, but this does not make a cipher more secure. The cipher text is still susceptible to known-plaintext and chosen-plaintext attacks. The aim of homophonic coding is to convert a plaintext source into a random sequence by randomly mapping each source symbol into one of a set of homophones. Each homophone is then encoded by a source coder after which it can be encrypted with a cryptographic system. The security of homophonic coding falls into the class of unconditionally secure ciphers. The main advantage of homophonic coding over pure source coding is that it provides security both against known-plaintext and chosen-plaintext attacks, whereas source coding merely protects against a ciphertext-only attack. The aim of this dissertation is to investigate the implementation of an adaptive homophonic coder based on an arithmetic coder. This type of homophonic coding is termed universal, as it is not dependent on the source statistics. / Computer Science / M.Sc. (Computer Science) Arithmetic coding Adaptive models Cryptography Data compression Homophonic coding Homophonic substitution Modelling randomness Statistical testing Secrecy Unconditional scurity 005.82 Data compression (Computer science) Computer security Data encryption (Computer science) Cryptography (Computer science) Ciphers -- Computer science Homophonic coding
926	Balancing energy, security and circuit area in lightweight cryptographic hardware design / L'équilibre entre consommation énergétique, sécurité et surface de circuit dans la conception de matériel cryptographique léger Portella, Rodrigo 27 October 2016 (has links) Cette thèse aborde la conception et les contremesures permettant d'améliorer le calcul cryptographique matériel léger. Parce que la cryptographie (et la cryptanalyse) sont de nos jours de plus en plus omniprésentes dans notre vie quotidienne, il est crucial que les nouveaux systèmes développés soient suffisamment robustes pour faire face à la quantité croissante de données de traitement sans compromettre la sécurité globale. Ce travail aborde de nombreux sujets liés aux implémentations cryptographiques légères. Les principales contributions de cette thèse sont : - Un nouveau système d'accélération matérielle cryptographique appliqué aux codes BCH ; - Réduction de la consommation des systèmes embarqués et SoCs ; - Contre-mesures légères des attaques par canal auxiliaire applicables à l'algorithme de chiffrement reconfigurable AES ;- CSAC : Un pare-feu sécurisé sur la puce cryptographique ; - Attaques par analyse fréquentielle ; - Un nouveau protocole à divulgation nulle de connaissance appliquée aux réseaux de capteurs sans fil ; - OMD : Un nouveau schéma de chiffrement authentifié. / This thesis addresses lightweight hardware design and countermeasures to improve cryptographic computation. Because cryptography (and cryptanalysis) is nowadays becoming more and more ubiquitous in our daily lives, it is crucial that newly developed systems are robust enough to deal with the increasing amount of processing data without compromising the overall security. This work addresses many different topics related to lightweight cryptographic implementations. The main contributions of this thesis are: - A new cryptographic hardware acceleration scheme applied to BCH codes; - Hardware power minimization applied to SoCs and embedded devices; - Timing and DPA lightweight countermeasures applied to the reconfigurable AES block cipher; - CSAC: A cryptographically secure on-chip firewall; - Frequency analysis attack experiments; - A new zero-knowledge zero-knowledge protocol applied to wireless sensor networks; - OMD: A new authenticated encryption scheme. Cryptographie symétrique Cryptographie légère Authentification Chiffrement Contre-mesure matérielle Cryptosystème matériel Attaque par canal auxiliaire Attaque par fautes Symmetric-key cryptography Lightweight cryptography Authentication Encryption Hardware design Hardware cryptosystem Hardware countermeasure DPA Fault attacks 004.8
927	Sécurité des protocoles cryptographiques fondés sur la théorie des codes correcteurs d'erreurs / Security of cryptographic protocols based on coding theory Tale kalachi, Herve 05 July 2017 (has links) Contrairement aux protocoles cryptographiques fondés sur la théorie des nombres, les systèmes de chiffrement basés sur les codes correcteurs d’erreurs semblent résister à l’émergence des ordinateurs quantiques. Un autre avantage de ces systèmes est que le chiffrement et le déchiffrement sont très rapides, environ cinq fois plus rapide pour le chiffrement, et 10 à 100 fois plus rapide pour le déchiffrement par rapport à RSA. De nos jours, l’intérêt de la communauté scientifique pour la cryptographie basée sur les codes est fortement motivé par la dernière annonce de la “National Institute of Standards and Technology" (NIST), qui a récemment initié le projet intitulé “Post-Quantum cryptography Project". Ce projet vise à définir de nouveaux standards pour les cryptosystèmes résistants aux attaques quantiques et la date limite pour la soumission des cryptosystèmes à clé publique est fixée pour novembre 2017. Une telle annonce motive certainement à proposer de nouveaux protocoles cryptographiques basés sur les codes, mais aussi à étudier profondément la sécurité des protocoles existants afin d’écarter toute surprise en matière de sécurité. Cette thèse suit cet ordre d’idée en étudiant la sécurité de plusieurs protocoles cryptographiques fondés sur la théorie des codes correcteurs d’erreurs. Nous avons commencé par l’étude de la sécurité d’une version modifiée du cryptosystème de Sidelnikov, proposée par Gueye et Mboup [GM13] et basée sur les codes de Reed-Muller. Cette modification consiste à insérer des colonnes aléatoires dans la matrice génératrice (ou de parité) secrète. La cryptanalyse repose sur le calcul de carrés du code public. La nature particulière des codes de Reed-Muller qui sont définis au moyen de polynômes multivariés binaires, permet de prédire les valeurs des dimensions des codes carrés calculés, puis permet de récupérer complètement en temps polynomial les positions secrètes des colonnes aléatoires. Notre travail montre que l’insertion de colonnes aléatoires dans le schéma de Sidelnikov n’apporte aucune amélioration en matière de sécurité. Le résultat suivant est une cryptanalyse améliorée de plusieurs variantes du cryptosystème GPT qui est un schéma de chiffrement en métrique rang utilisant les codes de Gabidulin. Nous montrons qu’en utilisant le Frobenius de façon appropriée sur le code public, il est possible d’en extraire un code de Gabidulin ayant la même dimension que le code de Gabidulin secret mais avec une longueur inférieure. Le code obtenu corrige ainsi moins d’erreurs que le code secret, mais sa capacité de correction d’erreurs dépasse le nombre d’erreurs ajoutées par l’expéditeur et par conséquent, un attaquant est capable de déchiffrer tout texte chiffré, à l’aide de ce code de Gabidulin dégradé. Nos résultats montrent qu’en fin de compte, toutes les techniques existantes visant à cacher la structure algébrique des codes de Gabidulin ont échoué. Enfin, nous avons étudié la sécurité du système de chiffrement de Faure-Loidreau [FL05] qui est également basé sur les codes de Gabidulin. Inspiré par les travaux précédents et, bien que la structure de ce schéma diffère considérablement du cadre classique du cryptosystème GPT, nous avons pu montrer que ce schéma est également vulnérable à une attaque polynomiale qui récupère la clé privée en appliquant l’attaque d’Overbeck sur un code public approprié. Comme exemple, nous arrivons en quelques secondes à casser les paramètres qui ont été proposés comme ayant un niveau de sécurité de 80 bits. / Contrary to the cryptosystems based on number theory, the security of cryptosystems based on error correcting codes appears to be resistant to the emergence of quantum computers. Another advantage of these systems is that the encryption and decryption are very fast, about five times faster for encryption, and 10 to 100 times faster for decryption compared to RSA cryptosystem. Nowadays, the interest of scientific community in code-based cryptography is highly motivated by the latest announcement of the National Institute of Standards and Technology (NIST). They initiated the Post-Quantum cryptography Project which aims to define new standards for quantum resistant cryptography and fixed the deadline for public key cryptographic algorithm submissions for November 2017. This announcement motivates to study the security of existing schemes in order to find out whether they are secure. This thesis thus presents several attacks which dismantle several code-based encryption schemes. We started by a cryptanalysis of a modified version of the Sidelnikov cryptosystem proposed by Gueye and Mboup [GM13] which is based on Reed-Muller codes. This modified scheme consists in inserting random columns in the secret generating matrix or parity check matrix. The cryptanalysis relies on the computation of the square of the public code. The particular nature of Reed-Muller which are defined by means of multivariate binary polynomials, permits to predict the values of the dimensions of the square codes and then to fully recover in polynomial time the secret positions of the random columns. Our work shows that the insertion of random columns in the Sidelnikov scheme does not bring any security improvement. The second result is an improved cryptanalysis of several variants of the GPT cryptosystem which is a rank-metric scheme based on Gabidulin codes. We prove that any variant of the GPT cryptosystem which uses a right column scrambler over the extension field as advocated by the works of Gabidulin et al. [Gab08, GRH09, RGH11] with the goal to resist Overbeck’s structural attack [Ove08], are actually still vulnerable to that attack. We show that by applying the Frobeniusoperator appropriately on the public key, it is possible to build a Gabidulin code having the same dimension as the original secret Gabidulin code, but with a lower length. In particular, the code obtained by this way corrects less errors than thesecret one but its error correction capabilities are beyond the number of errors added by a sender, and consequently an attacker is able to decrypt any ciphertext with this degraded Gabidulin code. We also considered the case where an isometrictransformation is applied in conjunction with a right column scrambler which has its entries in the extension field. We proved that this protection is useless both in terms of performance and security. Consequently, our results show that all the existingtechniques aiming to hide the inherent algebraic structure of Gabidulin codes have failed. To finish, we studied the security of the Faure-Loidreau encryption scheme [FL05] which is also a rank-metric scheme based on Gabidulin codes. Inspired by our precedent work and, although the structure of the scheme differs considerably from the classical setting of the GPT cryptosystem, we show that for a range of parameters, this scheme is also vulnerable to a polynomial-time attack that recovers the private key by applying Overbeck’s attack on an appropriate public code. As an example we break in a few seconds parameters with 80-bit security claim. Codes correcteurs d'erreurs Cryptographie quantique Cryptographie post-quantique Codes de Reed-Muller Codes de Reed Solomon Error-correcting codes Quantic cryptography Post-quantic cryptography Reed-Muller codes Reed-Solomon codes 005.82
928	Kryptoanalýza algoritmu post-kvantové kryptografie / Cryptoanalysis of a Post-quantum Cryptography Algorithm Štumpf, Daniel January 2020 (has links) National Institute of Standards and Technology (NIST) is currently running a stan- dardization process for a post-quantum cryptography primitives. Depending on the al- gorithms building blocks these primitives can be divided into five categories. In the first part of this thesis we described all five categories and compared their characteristics. The most important aspect of the schemes for NIST is security against both classical and quantum adversaries. We chose one of the five categories (namely, we picked lattice- based cryptosystems) for further cryptanalysis. As we think that the security analysis of some of the second round candidates in the NIST standardization project is not suffi- ciently well described in their specification documents and some known attacks are not considered at all, we provide a unified security analysis of these schemes. We described two currently known attacks (primal and dual attacks) against lattice-based schemes, estimated cost of these attacks against the lattice-based candidates in the second round of the NIST standardization project and compared these values with the security claimed by these candidates. In most cases our estimations matches those published in the speci- fication documents and therefore we conclude that the security estimates claimed by the candidates are...
929	Elektronická podatelna VUT 2 / Electronic Mail Room of the BUT Beran, Martin January 2007 (has links) This dissertation thesis attends to problems of electronic registry for VUT. It deals with the principal of electronic registry functioning, electronic signature and it compares offer of the commercial registries. It goes in for the proposal and implementation of the electronic registry for VUT. Since the using of the e- registry on all public service Office was legalized the people can avoid long queues and the employees are avoided from the stress before dead lines. By the communication through the electronic registry is very important the electronical signature. It is almost a full-valued and lawful alternative to the physical signature. For its safety and utility this system employes asymmetric codes and hash algorithm. Presently in many states, where the electronical signature is legalized it is used together with standard X 509 which defines the format of certificates, organization and action of certification authorities. The certification autority ensures safe connection of the person and general key for using of the electronical signature.
930	A Side-Channel Attack on Masked and Shuffled Implementations of M-LWE and M-LWR Cryptography : A case study of Kyber and Saber / En sidokanalsattack på implementationer av M-LWE- och M-LWR-kryptografi skyddade med maskering och slumpad operationsordning : En studie av Kyber och Saber Backlund, Linus January 2023 (has links) In response to the threat of a future, large-scale, quantum computer, the American National Institute of Standards and Technology (NIST) initiated a competition for designs of quantum-resistant cryptographic primitives. In 2022, the lattice-based Module-Learning With Errors (M-LWE) scheme Kyber emerged as the winner to be standardized. The standardization procedure and development of secure implementations call for thorough evaluation and research. One of the main threats to implementations of cryptographic algorithms today is Side-Channel Analysis (SCA), which is the topic of this thesis. Previous work has presented successful power-based attacks on implementations of lattice cryptography protected by masking and even masking combined with shuffling. Shuffling makes SCA harder as the order of independent instructions is randomized, reducing the correlation between operations and power consumption. This randomization is commonly implemented by shuffling the order of the indexes used to iterate over a loop, using the modern Fisher-Yates algorithm. This work describes a new attack that defeats the shuffling countermeasure by first attacking the generation of the index permutation itself. The attack first recovers the positions of the first and last indexes, 0 and 255, and then rotates the encrypted messages using a ciphertext malleability applicable to many ring-based LWE schemes to shift two bits into the known positions from which they can be recovered. This procedure is repeated to recover full messages in 128 rotations. The attack is tested and evaluated on masked and shuffled implementations of Kyber as well as Saber, another similar finalist of the NIST competition which is based on the Module-Learning With Rounding (M-LWR) problem. Compared to the previous attack on masked and shuffled Saber, which required 61,680 traces, the 4,608 needed for this attack demonstrates a 13-fold improvement. / Som svar på hotet från en framtida, storskalig kvantdator initierade amerikanska National Institute of Standards and Technology (NIST) en tävling för design av kvantsäker kryptografi. Den gitter-baserade Module-Learning With Errors algoritmen Kyber valdes 2022 till vinnare och därmed till att standardiseras. Standardiseringsprocessen och utvecklingen av säkra implementationer manar till utvärderingar och forskning. Ett av de primära hoten mot implementationer av kryptografiska algoritmer är sidokanalsanalys, vilket är fokus i detta arbete. Tidigare attacker har genom effektanalys demonsterat lyckade attacker på implementationer av gitter-baserade algoritmer skyddade genom maskering samt maskering och slumpad ordning av operationer. Slumpad ordning av oberoende operationer gör sidokanalsanalys svårare då korrelationen till effektförbrukningen minskar. Denna slumpordning brukar vanligtiv implementeras genom att slumpmässigt permutera, med den moderna implementationen av Fisher-Yates, de index som används i en kodslinga. I detta arbete presenteras en ny attack som till först extraherar positionen av det första och det sista indexen, 0 och 255, innan de två motsvarande meddelandebitarna extraheras. Bitarna i meddelandet roteras till de kända positionerna med en metod för skiffertextmanipulation som är vanlig bland ring-baserade LWE-designer. Denna process upprepas 128 gånger för att få fram hela meddelandet. Attacken has testats och utvärderats på implementationer, skyddade genom maskering kombinerad med slumpad operationsordning, av både Kyber och en liknande NIST-finalist, Saber. Jämfört med den tidigare attacken på Saber med samma skyddsåtgärder minskar den nya metoden det antal mätningar som krävs från 61,608 till 4,608, vilket motsvarar en 13-falding förbättring. Public-key Cryptography Post-Quantum Cryptography Kyber Saber Side-Channel Attack Power Analysis Asymetrisk Kryptering Kvantsäker Kryptografi Kyber Saber Sidokanalsattack Effektanalys Elektroteknik och elektronik

Search results