Application of linear block codes in cryptography

Esmaeili, Mostafa

19 March 2019

Recently, there has been a renewed interest in code based cryptosystems. Amongst the reasons for this interest is that they have shown to be resistant to quantum at- tacks, making them candidates for post-quantum cryptosystems. In fact, the National Institute of Standards and Technology is currently considering candidates for secure communication in the post-quantum era. Three of the proposals are code based cryp- tosystems. Other reasons for this renewed interest include e cient encryption and decryption. In this dissertation, new code based cryptosystems (symmetric key and public key) are presented that use high rate codes and have small key sizes. Hence they overcome the drawbacks of code based cryptosystems (low information rate and very large key size). The techniques used in designing these cryptosystems include random bit/block deletions, random bit insertions, random interleaving, and random bit ipping. An advantage of the proposed cryptosystems over other code based cryp- tosystems is that the code can be/is not secret. These cryptosystems are among the rst with this advantage. Having a public code eliminates the need for permutation and scrambling matrices. The absence of permutation and scrambling matrices results in a signi cant reduction in the key size. In fact, it is shown that with simple random bit ipping and interleaving the key size is comparable to well known symmetric key cryptosystems in use today such as Advanced Encryption Standard (AES). The security of the new cryptosystems are analysed. It is shown that they are immune against previously proposed attacks for code based cryptosystems. This is because scrambling or permutation matrices are not used and the random bit ipping is beyond the error correcting capability of the code. It is also shown that having a public code still provides a good level of security. This is proved in two ways, by nding the probability of an adversary being able to break the cryptosystem and showing that this probability is extremely small, and showing that the cryptosystem has indistinguishability against a chosen plaintext attack (i.e. is IND-CPA secure). IND-CPA security is among the primary necessities for a cryptosystem to be practical. This means that a ciphertext reveals no information about the corresponding plaintext other than its length. It is also shown that having a public code results in smaller key sizes. / Graduate

cryptography

linear block codes

random bit deletion

random bit insertion

random interleaving

code based encryption

post-quantum encryption

Criptografia e curvas elípticas /

Flose, Vania Batista Schunck.

January 2011

Orientador: Henrique Lazari / Banca: Jaime Edmundo Apaza Rodriguez / Banca: Carina Alves / Resumo: Com o crescimento da comunicação nos dias atuais, a segurança na troca de informa- ções tem se tornado cada vez mais importante o que tem dado destaque a Criptografia. A criptografia consiste de técnicas baseadas em conceitos matemáticos que tem por objetivo transmitir informações sigilosas forma segura através de canais monitorados por terceiros. Um ramo da Criptografia que vem crescendo está ligado ao estudo de curvas elípticas, que é uma das áreas mais ricas da matemática. O nome curvas elípticas é de certa forma enganoso, pois diferente do sentido literal da palavra, que leva a pensar em elipses, se trata de equações relacionadas a um determinado tipo de curva algébrica. Neste trabalho, as curvas elípticas serão estudadas do ponto de vista da álgebra e da teoria dos números com o objetivo de conhecer a Criptografia de Curvas Elípticas que é uma variação do Problema do Logaritmo Discreto / Abstract: With the growth of communication these days, security in exchange for information has become increasingly important what has given prominence to Cryptography. Encryption techniques is based on concepts mathematical aims to transmit sensitive information securely through channels monitored by third parties. A branch of cryptography that has growing up is connected to the study of elliptic curves, which is one of the most rich mathematics. The name elliptic curves is somewhat misleading, as di erent from the literal sense of the word, which makes one think of ellipses if equations is related to a certain type of algebraic curve. in this work, elliptic curves are studied from the viewpoint of algebra and of number theory in order to know the Curve Cryptography Elliptic is a variation of the discrete logarithm problem / Mestre

Criptografia.

Curvas elípticas.

Álgebra.

Corpos finitos (Algebra)

Logarítmos.

Teoria dos números.

Criptografia de chaves públicas.

Cryptography. eng

Elliptic curves. eng

Sec-SD: um modelo distribuído para descoberta segura de serviços em redes locais

Lemos, Janaína Conceição Sutil

30 September 2011

Submitted by Silvana Teresinha Dornelles Studzinski (sstudzinski) on 2015-07-06T19:27:00Z No. of bitstreams: 1 JanainaConceicaoSutilLemos.pdf: 790058 bytes, checksum: 85e90c997855bb472d17380ce64d7c95 (MD5) / Made available in DSpace on 2015-07-06T19:27:00Z (GMT). No. of bitstreams: 1 JanainaConceicaoSutilLemos.pdf: 790058 bytes, checksum: 85e90c997855bb472d17380ce64d7c95 (MD5) Previous issue date: 2011-09-30 / Nenhuma / Com a crescente popularização dos dispositivos móveis nos últimos anos, há uma necessidade cada vez maior de conectividade e de serviços nas redes de computadores. Nesse contexto, as tecnologias para descoberta de serviços simplificam a interação entre usuários e dispositivos, facilitando as tarefas administrativas, principalmente quando existe a necessidade de adicionar novos equipamentos. Devido a grande diversidade de ambientes onde essas tecnologias podem ser utilizadas, surge também a necessidade de tratar as questões relacionadas a segurança e ao mesmo tempo, preservar a facilidade de uso do sistema. Neste trabalho é apresentado um sistema para descoberta segura de serviços em redes locais com arquitetura descentralizada, o Sec-SD (Secure Service Discovery Protocol). Através do uso de mecanismos para criptografia e autenticação, o Sec-SD visa estabelecer uma relação de confiança entre as partes envolvidas na descoberta de serviços antes da divulgação de informações relacionadas a estas, prevenindo assim os ataques causados pelo anúncio de falsos serviços, bem como o acesso a serviços restritos por usuários ilegítimos, objetivando ser ao mesmo tempo seguro e de fácil uso para humanos. O presente sistema permite que uma entidade atue simultaneamente como cliente e provedor de serviços, sem a necessidade de utilizar diretórios para anunciar serviços e/ou realizar buscas pelos mesmos, fazendo ainda com que a existência de provedores redundantes para um mesmo serviço seja tratada de forma a ser transparente para os usuários. Para validação, é avaliado o tráfego gerado pelas mensagens do Sec-SD e além disso, foi desenvolvido um protótipo, que é utilizado para integrar funcionalidades para descoberta segura de serviços no LP2P (Local Peer-to-Peer Protocol), que é uma plataforma para compartilhamento de arquivos P2P para redes locais desenvolvida no Grupo de Redes de Computadores e Sistemas Distribuídos do PIPCA – UNISINOS. / Given the growing popularity of mobile devices in recent years, there is an increasing need for connectivity and services in computer networks. In this context, service discovery technologies aim to simplify the interaction between users and devices, facilitating administrative tasks, especially when there is a need to add new equipments. Due to the diversity of environments where these technologies can be used, there also the need to address security issues and, at the same time, to preserv the usability of the system. This work presents a system for secure service discovery on local networks with decentralized architecture, called Sec-SD – Secure Service Discovery Protocol. Sec-SD makes use of cryptography and authentication mechanisms in order to allow only valid users to obtain information about the available services. In this way, is possible to prevent several attacks caused by the advertisement of false services and by service access performed by illegitimate users, aiming to be at the same time secure and easy-of-use for humans. This model allows the same entity to act simultaneously as a client and a service provider, without the use of any directory to register services and/or search for available services. The existence of redundant service providers is also addressed by the model in order to be transparent for human users. For validation, the traffic generated by the Sec-SD messages is evaluated and a prototype is used to provide secure service discovery facilities into a P2P file sharing focused in Local Area Networks called LP2P (Local Peer-to-Peer Protocol), that was developed at PIPCA - UNISINOS.

Sistemas distribuídos

Descoberta de serviços

Segurança

Criptografia

Autenticação

Distributed systems

Service discovery

Security

Cryptography

Authentication

Authentification d'objets à distance / Remote object authentication protocols

Lancrenon, Jean

22 June 2011

Cette thèse est consacrée à la description et à l'étude de la sécurité de divers protocoles destinés à faire de l'authentification d'objets physiques à distance à base de comparaison de vecteurs binaires. L'objectif des protocoles proposés est de pouvoir réaliser une authentification en garantissant d'une part que les informations envoyées et reçues par le lecteur n'ont pas été manipulées par un adversaire extérieur et d'autre part sans révéler l'identité de l'objet testé à un tel adversaire, ou même, modulo certaines hypothèses raisonnables, aux composantes du système. Nous nous sommes fixés de plus comme objectif d'utiliser des méthodes de cryptographie sur courbe elliptique pour pouvoir profiter des bonnes propriétés de ces dernières, notamment une sécurité accrue par rapport à la taille des clefs utilisées. Nous présentons plusieurs protocoles atteignant l'objectif et établissons pour presque tous une preuve théorique de leur sécurité, grâce notamment à une nouvelle caractérisation d'une notion standard de sécurité. / This thesis is dedicated to the description of several bitrsitring comparison based remote object authentication protocols and the study of their theoretical security. The proposed protocols are designed to carry out the authentication of a given object while simultaneously guaranteeing that the information sent and received by the server cannot be tampered with by outside adversaries and that the identity of the tested object remains hidden from outside and (certain) inside adversaries. Finally it has been our objective to use elliptic curve cryptography, taking advantage of its useful properties, notably a better security level to key-size ratio. We present several protocols reaching these objectives, establishing for almost each protocol a theoretical proof of security using a new characterization of a standard security notion.

Courbe elliptique

Cryptographie

Authentification sécurisée

Morphométrie

Elliptic curve

Cryptography

Private information retrieval

Secure authentication

Morphometric

510

Protecting externally supplied software in small computers

Kent, Stephen Thomas

January 1981

Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1981. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Bibliography: leaves 250-252. / by Stephen Thomas Kent. / Ph.D.

Minicomputers Programming

Data protection

Cryptography

Computers Access control

Contributions to the security of mobile agent systems / Contributions à la sécurité des systèmes d’agents mobiles

Idrissi, Hind

15 July 2016

Récemment, l’informatique distribuée a connu une grande évolution en raison de l’utilisation du paradigme des agents mobiles, doté d’innovantes capacités, au lieu du système client-serveur où les applications sont liées à des nœuds particuliers dans les réseaux. Ayant capturé l’intérêt des chercheurs et de l’industrie, les agents mobiles sont capables de migrer de manière autonome d’un nœud à un autre à travers le réseau, en transférant de leur code et leurs données, ce qui leur permet d’effectuer efficacement des calculs, de recueillir des informations et d’accomplir des tâches. Cependant, en dépit de ses avantages significatifs, ce paradigme souffre encore de certaines limitations qui font obstacle à son expansion, principalement dans le domaine de la sécurité. Selon les efforts actuellement déployés pour évaluer la sécurité des agents mobiles, deux catégories de menaces sont considérées. La première catégorie concerne les attaques menées sur l’agent mobile lors de son voyage à travers des hôtes ou des entités malveillantes, tandis que la seconde catégorie traite les attaques effectuées par un agent mobile illicite afin d’affecter la plate-forme d’hébergement et de consommer ses ressources. Ainsi, il est substantiellement nécessaire de concevoir une infrastructure de sécurité complète pour les systèmes d’agents mobiles, qui comprend la méthodologie, les techniques et la validation. L’objectif de cette thèse est de proposer des approches qui fournissent cette technologie avec des fonctionnalités de sécurité, qui correspondent à sa structure globale sans compromettre ses capacités de mobilité, l’interopérabilité et l’autonomie. Notre première approche est basée sur la sérialisation XML et des primitives cryptographiques, afin d’assurer une mobilité persistante de l’agent ainsi qu’une communication sécurisée avec les plates-formes d’hébergement. Dans la seconde approche, nous avons conçu une alternative à la première approche en utilisant la sérialisation binaire et la cryptographie à base de l’identité. Notre troisième approche introduit l’aspect d’anonymat à l’agent mobile, et lui fournit un mécanisme de traçage pour détecter les intrusions le long de son voyage. La quatrième approche a été développée dans le but de restreindre l’accès aux ressources de la plate-forme de l’agent, en utilisant une politique de contrôle d’accès bien définie à base la cryptographie à seuil. A ce stade, on s’est intéressé à expérimenter l’utilité des agents mobiles avec des fonctionnalités de sécurité, dans la préservation de la sécurité des autres technologies, telles que le Cloud Computing. Ainsi, nous avons proposé une architecture innovante du Cloud, en utilisant des agents mobiles dotés de traces cryptographiques pour la détection d’intrusion et d’un protocole de révocation à base de seuil de confiance pour la prévention. / Recently, the distributed computing has witnessed a great evolution due to the use of mobile agent paradigm, endowed with innovative capabilities, instead of the client-server system where the applications are bound to particular nodes in networks. Having captured the interest of researchers and industry, the mobile agents areable to autonomously migrate from one node to another across the network, transferring their code and data, which allows them to efficiently perform computations, gather information and accomplish tasks. However, despite its significant benefits, this paradigm still suffering from some limitations that obstruct its expansion, primarily in the area of security. According to the current efforts to investigate the security of mobile agents, two categories of threats are considered. The first one concerns the attacks carried out on the mobile agent during its travel or stay by malicious hosts or entities, while the second one deals the attacks performed by a malicious mobile agent in order to affect the hosting platform and consume its resources. Thus, it is substantially needed to conceive a complete security infrastructure for mobile agent systems, which includes methodology, techniques and validation. The aim of this thesis is to propose approaches which provide this technology with security features, that meet with its overall structure without compromising its mobility, interoperbility and autonomy capabilities. Our first approach was based on XML serialization and cryptographic primitives, in order to ensure a persistent mobility of agent as well as a secure communication with hosting platforms. In the second approach, we have conceived an alternative to the first approach using binary serialization and Identity-based cryptography. Our third approach was proposed to introduce anonymity aspect to the mobile agent, and provide him with a tracing mechanism to detect intrusions along its trip. The fourth approach was developed in order to restrict the access to the resources of the agent platform, using a well-defined access control policy based on threshold cryptography. At this stage, we find it interesting to experiment the utility of mobile agents with security features in preserving the security of other technologies such as cloud computing. Thus, we have developed an innovative cloud architecture using mobile agents endowed with cryptographic traces for intrusion detection and a revocation protocol based on trust threshold for prevention.

Sécurité des agents mobiles

Cryptographie

Serialisation

Contrôle d’accès

Détection et prévention d'intrusion

Mobile agents security

Cryptography

Serialization

Access Control

Intrusion detection and prevention

Popiratelné šifrování / Deniable encryption

Šebek, Marcel

January 2012

In the thesis we study deniable encryption, as proposed by Canetti et al. (CRYPTO 1997). Standard encryption schemes guarantee good security level unless the adversary is able to force the sender and/or receiver to reveal her secret knowledge. Assuming that the adversary knows true ciphertext, the se- cret inputs usually commits the sender/receiver to the true plaintext. On the contrary, deniable scheme is equipped with algorithms that provide alternative secrets which makes the adversary believe that different plaintext was encrypted. We recall the most important results in the area, in particular, the schemes of Canetti et al. (CRYPTO 1997), the scheme of Klonowski et al. (SOFSEM 2008) based on ElGamal encryption, schemes of O'Neill et al. (CRYPTO 2011), and schemes and impossibility result of Bendlin et al. (ASIACRYPT 2011). In ad- dition to presenting known results in an unified environment, we deeply investi- gate simulatable-encryption based schemes. In particular, we construct a scheme that is bideniable, and both of its induced schemes are receiver-deniable (in the flexible/multi-distributional setting). We also disprove part of the results of Bendlin et al. (ASIACRYPT 2011) by showing that their construction of fully bideniable scheme is wrong. This result is verified using computer simulation....

Resgate de autoria em esquemas de assinatura em anel / Retrieving authorship from ring signature schemes

Antonio Emerson Barros Tomaz

23 May 2014

A proposta apresentada nesta dissertaÃÃo representa uma expansÃo do conceito original de assinatura em anel. Um esquema de assinatura em anel permite que um membro de um grupo divulgue uma mensagem anonimamente, de tal forma que cada um dos membros do grupo seja considerado o possÃvel autor da mensagem. A ideia principal de uma assinatura em anel à garantir o anonimato do assinante e ainda garantir a autenticidade da informaÃÃo, mostrando que a mensagem partiu de um dos membros do referido grupo. Esta dissertaÃÃo apresenta um esquema de assinatura em anel baseado no esquema de Rivest et al. (2001), em que o assinante pode, mais tarde, revogar seu anonimato apresentando valores secretos que provam que somente ele seria capaz de gerar tal assinatura. Esta propriedade serà chamada aqui de resgate de autoria. A principal diferenÃa em relaÃÃo ao trabalho de Rivest et al. (2001) à apresentada antes mesmo de comeÃar a geraÃÃo da assinatura. Os valores utilizados como entrada para a funÃÃo trapdoor serÃo cÃdigos de autenticaÃÃo de mensagem - MACs gerados pelo algoritmo HMAC, um algoritmo de autenticaÃÃo de mensagem baseado em funÃÃo hash resistente à colisÃo. Essa modificaÃÃo simples permitirà que, no futuro, o assinante revele-se como o verdadeiro autor da mensagem apresentando os valores secretos que geraram os MACs. / The proposal presented in this thesis represents an expansion of the original concept of ring signature. A ring signature scheme allows a member of a group to publish a message anonymously, so that each member of the group can be considered the author of the message. The main idea of a ring signature is to guarantee the anonymity of the subscriber also ensure the authenticity of information, showing that the message came from one of the members of that group. This thesis presents a signature scheme based on (RIVEST et al., 2001), where the subscriber can later revoke anonymity presenting secret values that prove that he would only be able to generate such a signature. This property will be referred to here as rescue of authorship. The main difference to the proposal of Rivest et al. (2001) is presented before we even begin signature generation. The values used as input to the trapdoor function are message authentication codes - MACs generated by the HMAC algorithm, an algorithm for message authentication based on hash function collision resistant. This simple modification will allow, in the future, the subscriber to reveal itself as the true author of the message by showing the secret values to generate those MACs.

CÃdigos de autenticaÃÃo de mensagem

FunÃÃes hash

FunÃÃes trapdoor

Ring signature

Message authentication code

MAC

Hash functions

Trapdoor functions

RSA

Cryptography

TELEINFORMATICA

Projeto e avaliação de um co-processador  criptográfico pós-quântico. / Design and evaluation of a post-quantum cryptographic co-processor.

Pedro Maat Costa Massolino

14 July 2014

Primitivas criptografias assimétricas são essenciais para conseguir comunicação segura numa rede ou meio público. Essas primitivas podem ser instaladas como bibliotecas de software ou como coprocessadores de hardware. Coprocessadores de hardware são muito utilizados em cenários como Systems on Chip (SoC), dispositivos embarcados ou servidores de aplicações específicas. Coprocessadores existentes baseados em RSA ou curvas ellipticas (ECC) fazem um processamento intenso por causa da aritmética modular de grande precisão, portanto não estão disponíveis em plataformas com quantidade de energia mais restrita. Para prover primitivas assimétricas para esses dispositivos, será avaliado um esquema de cifração assimétrica que utiliza artimética de pequena precisão, chamado McEliece. McEliece foi proposto com códigos de Goppa binários durante o mesmo ano que o RSA, porém com chaves públicas 50 vezes maiores. Por causa de chaves tão grandes ele não ganhou muita atenção como RSA e ECC. Com a adoção de códigos Quase-Diádicos de Goppa binários é possível obter níveis de segurança práticos com chaves relativamente pequenas. Para avaliar uma implementação em hardware para esse esquema, foi proposto uma arquitetura escalável que pode ser configurada de acordo com os requisitos do projeto. Essa arquitetura pode ser utilizada em todos os níveis de segurança, de 80 até 256 bits de segurança, da menor unidade até as maiores. Nossa arquitetura foi implementada na família de FPGAs Spartan 3 para códigos de Goppa binários, onde foi possível decifrar em 5854 ciclos com 4671 Slices, enquanto que na literatura os melhores resultados obtidos são de 10940 ciclos para 7331 Slices. / Asymmetric cryptographic primitives are essential to enable secure communications on public networks or public mediums. These cryptographic primitives can be deployed as software libraries or hardware coprocessors. Hardware coprocessors are mostly employed in Systems on Chip (SoC) scenarios, embedded devices, or application-specific servers. Available solutions based on RSA or Elliptic Curve Cryptography (ECC) are highly processing intensive because of the underlying extended precision modular arithmetic, and hence they are not available on the most energy constrained platforms. To provide asymmetric primitives in those restricted devices, we evaluate another asymmetric encryption scheme implementable with lightweight arithmetic, called McEliece. McEliece was proposed with binary Goppa codes during same year of RSA with public keys 50 times larger. Because of such large keys it has not gained as much attention as RSA or ECC. With the adoption of binary Quasi- Dyadic Goppa (QD-Goppa) codes it is possible to attain practical security levels with reasonably small keys. To evaluate a hardware implementation of this scheme, we investigate a scalable architecture that can be reconfigured according to project requirements. This architecture is suitable for all usual security levels, from 80 to 256-bit security, from the smallest unit to bigger ones. With our architecture implemented on a Spartan 3 FPGA for binary Goppa codes it is possible to decrypt in 5854 cycles with 4671 Slices, whilst in literature best results were in 10940 cycles with 7331 Slices.

ASIC

Circuitos digitais

Códigos corretores de erro

Criptografia

FPGA

SoC

ASIC

Cryptography

Digital circuits

Error correcting codes

FPGA

SoC

Algoritmos criptográficos para redes de sensores. / Cryptographic algorithms for sensor networks.

Marcos Antonio Simplicio Junior

03 April 2008

É crescente a necessidade de prover segurança às informações trocadas nos mais diversos tipos de redes. No entanto, redes amplamente dependentes de dispositivos com recursos limitados (como sensores, tokens e smart cards) apresentam um desafio importante: a reduzida disponibilidade de memória, capacidade de processamento e (principalmente) energia dos mesmos dificulta a utilização de alguns dos principais algoritmos criptográficos considerados seguros atualmente. É neste contexto que se insere o presente documento, que não apenas apresenta uma pesquisa envolvendo projeto e análise de algoritmos criptográficos, mas também descreve um novo algoritmo simétrico denominado CURUPIRA. Esta cifra de bloco baseia-se na metodologia conhecida como Estratégia de Trilha Larga e foi projetada especialmente para ambientes onde existe escassez de recursos. O CURUPIRA possui estrutura involutiva, o que significa que os processos de encriptação e decriptação diferem apenas na seqüência da geração de chaves, dispensando a necessidade de algoritmos distintos para cada uma destas operações. Além disto, são propostas duas formas diferentes para seu algoritmo de geração de chaves, cada qual mais focada em segurança ou em desempenho. Entretanto, ambas as formas caracterizam-se pela possibilidade de computação das sub-chaves de round no momento de sua utilização, em qualquer ordem, garantindo uma operação com reduzido uso de memória RAM. / The need for security is a great concern in any modern network. However, networks that are highly dependent of constrained devices (such as sensors, tokens and smart cards) impose a difficult challenge: their reduced availability of memory, processing power and (more importantly) energy hinders the deployment of many important cryptographic algorithms known to be secure. In this context, this document not only presents the research involving the design and analysis of cryptographic algorithms, but also proposes a new symmetric block cipher named CURUPIRA. The CURUPIRA follows the methodology known as theWide Trail Strategy and was specially developed having constrained platforms in mind. It displays an involutional structure, which means that the encryption and decryption processes differ only in the key schedule and, thus, there is no need to implement them separately. Also, two distinct scheduling algorithms are proposed, whose main focus are either on tight security or improved performance. In spite of this difference, both of them allow the keys to be computed on-the-fly, in any desired order, assuring a reduced consumption of RAM memory during their operation.

Criptografia

Redes de sensores

Segurança

Block ciphers

Constrained networks

Involutional ciphers

Sensor networks

Symmetric cryptography

Wide trail strategy