Global ETD Search

361	Oblivious transfer protocols for securing electronic commerce Zhang, Jun Qi, University of Western Sydney, College of Science, Technology and Environment, School of Computing and Information Technology January 2002 (has links) Security is a major issue for electronic commerce. Crytography is the foundation of security and oblivious transfer (OT) protocols are one primitive of modern cryptography. The main goal of this dissertation is to develop new and more efficient OT protocols and explore their applications in electronic commerce. A new m out of n OT scheme is proposed, its implementation, security and efficiency are discussed, and it is compared with a previous OT scheme. The analysis shows that the previous OT protocol can be regarded as a special case of the new proposed OT scheme. The new OT scheme's applicability in blind signatures is explored. A new non-interactive m out of n OT scheme is proposed that includes a newly developed public keys generation algorithm based on the discrete log problem and an OT protocol based on the Diffie-Hellman problem. The security of this scheme is discussed. A new buying digital goods scheme is proposed using the new m out of n priced OT which is based on the priced OT protocol developed by Bill Aiello, Yuval Isahai, and Omer Reingold. Tools used in this scheme are discussed and its security is analyzed. A concrete homomorphic protocol is given / Master of Science (Hons) oblivious transfer protocols cryptography computer security electronic commerce
362	Structures et Algorithmes pour la coopération pair-à-pair Steiner, Moritz 08 December 2008 (has links) (PDF) Des réseaux de type pair-à-pair "overlay" sont des systèmes distribués sans aucune organisation hiérarchique ni contrôle centralisé. Les pairs forment un réseau overlay au dessus de l'Internet. Les deux parties de cette thèse traitent les réseaux pair-à-pair overlay. La première partie utilise un réseau non structuré afin de construire un environnement virtuel partagé à grande échelle. Nous présentons une étude complète d'un overlay basé sur la triangulation de Delaunay. Avant tout nous décrivons les algorithmes auto-organisant pour l'insertion et la suppression d'un pair. Afin de réduire la pénalité de latence introduite par le routage dans l'overlay, nous proposons d'augmenter chaque nœud par quelques liens raccourcis qui créent un petit monde. Nous montrons que très peu de liens sont suffisants pour réduire la latence de manière significative. La deuxième partie de cette thèse donne des aperçus du comportement des utilisateurs d'un réseau pair-à-pair structuré dans le monde réel. Nous détaillons le fonctionnement de KAD, une table de hachage distribuée basé sur Kademlia, un système de partage de fichier avec plusieurs millions d'utilisateurs simultanés. Nous avons exploré le réseau de KAD pendant plus d'une année. C'est ainsi que nous avons obtenu des informations sur la distribution géographique, les temps de sessions, la disponibilité et le temps de vie des pairs. Nous sommes fascinés et effrayés par les possibilités que KAD offre. Le montage d'une attaque Sybil est très facile et permet de récupérer des données personnelles des utilisateurs, de compromettre le fonctionnement correct de la recherche dans KAD et de conduire une attaque DDOS. Pair-à-pair Mesures Performances
363	Evaluation of Cryptographic Packages Raheem, Muhammad January 2009 (has links) <p>The widespread use of computer technology for information handling resulted in the need for higher data protection.The usage of high profile cryptographic protocols and algorithms do not always necessarily guarantee high security. They are needed to be used according to the needs of the organization depending upon certain characteristics and available resources.The communication system in a cryptographic environment may become vulnerable to attacks if the cryptographic packages don’t meet their intended goals.</p><p>This master’s thesis is targeted towards the goal of evaluating contemporary cryptographic algorithms and protocols collectively named as cryptographic packages as per security needs of the organization with the available resources.</p><p>The results have shown that there certainly is a need for careful evaluations of cryptographic packages given with available resources otherwise it could turn into creating more severe problems such as network bottlenecks, information and identity loss, non trustable environment and computational infeasibilities resulting in huge response times. In contrast, choosing the right package with right security parameters can lead to a secure and best performance communication environment.</p> Cryptography Security Encryption Confidentiality Integrity Hash Computer engineering Datorteknik
364	Quantum Key Distribution - current state of the technology and prospects in the near future Vestgöte, Karl January 2009 (has links) <p>The thesis presents the basics of Quantum Key Distribution, a survey of the present techniques, a look at the possible future, and finally a comparison to the alternative technique of using public key or manual distribution of keys.</p><p>Techniques to integrate QKD with the existing telecom fiber infrastructure have been studied, and so has the EU-funded project SECOQC.</p><p>Last the security and efficiency of QKD have been examined, with focus on what level of security that is required, existing security solutions have been used as a comparison.</p> Quantum Key Distribution Quantum Network Quantum Cryptography Information technology Informationsteknik
365	A study of security in wireless and mobile payments Ali, Ahmed January 2010 (has links) <p>Mobile payments are increasing in popularity in recent years. New mobile solutions are being developed in the form of new Internet capable mobile devices such as the IPhone and new wireless networks such as the LTE and WiMAX networks.</p><p>This report will present, explain and compare some of the most popular wireless networks that enable mobile payments, from a security point of view. The chosen networks are 3G with connection to GSM, and WLAN networks. The main security mechanisms involved in each network, and how they work will be studied. Security requirements and some of the most important threats each network faces will be presented and discussed. The main purpose of the report is to examine if mobile payments offer an acceptable level of security to the average user.</p> WLAN 3G GSM Security Mobile payments Cryptography UMTS Telecommunication Telekommunikation
366	Secure storage of encryption keys Kothapalli, Purushotham January 2007 (has links) <p>The purpose of this thesis work was to make a survey of presently existing devices available in the market to store encryption keys; how the hacker intrudes into the device; what are the attacks behind</p><p>theft of the keys; how can we store encryption keys securely?</p><p>To achieve this purpose, an overview of the storage devices and attacks made by hackers was acquired through academic books and papers, Internet sites and magazines. Basic cryptography and related</p><p>algorithms were studied for the purpose of knowing how the encryption key is generated from these algorithms.</p><p>Under the category of storage devices, USBs (Universal Serial Bus), PDAs (Personal Digital Assistant) and Smart Cards were examined. Under the category of attacks on devices, attacks from hackers,</p><p>attacks from malicious code (Trojan Horses, viruses, worms), attacks from PDAs, attacks from Smart Cards, dictionary attacks and brute force attacks were studied.</p><p>Based on these requirements we have discussed and analyzed a proposed system to store the encryption keys securely to avoid these attacks.</p> Cryptography Storage of encryption keys in devices Attacks on devices Proposed secure system
367	Design and Implementation of the Ephemerizer System Xu, Shangjin January 2007 (has links) <p>This thesis describes the system design and implementation of the secure Ephemerizer System that was first introduced by Radia Perlman in 2005. The system is designed to enable users to keep data for a finite period of time before making the data unrecoverable by destroying the keys with which the data was encrypted. The task of the Ephemerizer System service is to create, advertise, and destroy keys required for the Ephemerizer System's functionalities.</p><p>We designed the Ephemerizer System Service's security by placing the sensitive key management modules into a Trusted Computing Base (TCB). Our compartmentalized approach distributes security requirements at different sensitivity levels into different protection domains. In our approach, we implement the trusted protection domain (our TCB) on a tamper-resistant Javacard.</p><p>We placed the key storage database into the partly trusted protection domain to improve scalability and availability of the Ephemerizer System. The partly trusted protection domain requires memory isolation and other security mechanisms provided by the underlying operating system. We implemented several mechanisms on the TCB, such as the signature engine, cryptographic modules, the on-card expiration validator, and on-card time verification. We make the Ephemerizer System available to users as a web service and expose it though a uniform API. This approach enables the seamless integration of the Ephemerizer System into business processes on heterogeneous platforms.</p> Ephemerizer Javacard Cryptography Trusted Computing Base Webservices Computer science Datavetenskap
368	ASIC design and implementation of a parallel exponentiation algorithm using optimized scalable Montgomery multipliers Kurniawan, Budiyoso 14 March 2002 (has links) Modular exponentiation and modular multiplication are the most used operations in current cryptographic systems. Some well-known cryptographic algorithms, such as RSA, Diffie-Hellman key exchange, and DSA, require modular exponentiation operations. This is performed with a series of modular multiplications to the extent of its exponent in a certain fashion depending on the exponentiation algorithm used. Cryptographic functions are very likely to be applied in current applications that perform information exchange to secure, verify, or authenticate data. Most notable is the use of such applications in Internet based information exchange. Smart cards, hand-helds, cell phones and many other small devices also need to perform information exchange and are likely to apply cryptographic functions. A hardware solution to perform a cryptographic function is generally faster and more secure than a software solution. Thus, a fast and area efficient modular exponentiation hardware solution would provide a better infrastructure for current cryptographic techniques. In certain cryptographic algorithms, very large precisions are used. Further, the precision may vary. Most of the hardware designs for modular multiplication and modular exponentiation are fixed-precision solutions. A scalable Montgomery Multiplier (MM) to perform modular multiplication has been proposed and can operate on input values of any bit-size, but the maximum bit-size should be known and is the limiting factor. The multiplier can calculate any operand size less than the maximal precision. However, this design's parameters should be optimized depending on the operand precision for which the design is used. A software application was developed in C to find the optimized design for the scalable MM module. It performs area-time trade-off for the most commonly used precisions in order to obtain a fast and area efficient solution for the common case. A modular exponentiation system is developed using this scalable multiplier design. Since the multiplier can operate on any operand size up to a certain maximum value, the exponentiation system that utilizes the multiplier will inherit the same capability. This thesis work presents the design and implementation of an exponentiation algorithm in hardware utilizing the optimized scalable Montgomery Multiplier. The design uses a parallel exponentiation algorithm to reduce the total computation time. The modular exponentiation system experimental results are analyzed and compared with software and other hardware implementations. / Graduation date: 2002 Modular functions Cryptography
369	Fast Galois field arithmetic for elliptic curve cryptography and error control codes Sunar, Berk 06 November 1998 (has links) Today's computer and network communication systems rely on authenticated and secure transmission of information, which requires computationally efficient and low bandwidth cryptographic algorithms. Among these cryptographic algorithms are the elliptic curve cryptosystems which use the arithmetic of finite fields. Furthermore, the fields of characteristic two are preferred since they provide carry-free arithmetic and at the same time a simple way to represent field elements on current processor architectures. Arithmetic in finite field is analogous to the arithmetic of integers. When performing the multiplication operation, the finite field arithmetic uses reduction modulo the generating polynomial. The generating polynomial is an irreducible polynomial over GF(2), and the degree of this polynomial determines the size of the field, thus the bit-lengths of the operands. The fundamental arithmetic operations in finite fields are addition, multiplication, and inversion operations. The sum of two field elements is computed very easily. However, multiplication operation requires considerably more effort compared to addition. On the other hand, the inversion of a field element requires much more computational effort in terms of time and space. Therefore, we are mainly interested in obtaining implementations of field multiplication and inversion. In this dissertation, we present several new bit-parallel hardware architectures with low space and time complexity. Furthermore, an analysis and refinement of the complexity of an existing hardware algorithm and a software method highly efficient and suitable for implementation on many 32-bit processor architectures are also described. / Graduation date: 1999 Cryptography Algebra -- Data processing
370	Block ciphers : security proofs, cryptanalysis, design, and fault attacks Piret, Gilles-François 31 January 2005 (has links) Block ciphers are widely used building blocks for secure communication systems; their purpose is to ensure confidentiality of the data exchanged through such systems, while achieving high performance. In this context, a variety of aspects must be taken into account. Primarily, they must be secure. The security of a block cipher is usually assessed by testing its resistance against known attacks. However as attacks may exist that are currently unknown, generic security proofs are also tried to be obtained. On the other hand, another attack methodology is also worth considering. Contrary to the others, it aims at the implementation of the algorithm rather than the cipher itself. It is known as side-channel analysis. Finally, performance of a block cipher in terms of throughput is very important as well. More than any other cryptographic primitive, block ciphers allow a tradeoff to be made between security and performance. In this thesis, contributions are given regarding these various topics. In the first part of the thesis, we deal with two particular types of attacks, namely the square attack and key schedule cryptanalysis. We also consider security proofs in the so-called Luby-Rackoff model, which deals with adversaries having unbounded computation capabilities. More precisely, we are interested in the Misty structure, when the round functions are assumed to be involutions. The second part of the thesis is devoted to design and implementation aspects. First, we present a fault attack on substitution-permutation networks, which requires as few as two faulty ciphertexts to retrieve the key. We also study the security of DeKaRT, which is an algorithm intended to protect smart cards against probing attacks. Finally we present the design of ICEBERG, a block cipher deliberately oriented towards good performance in hardware, and give an adequate analysis of its security. Cryptography Chiffrement symétrique Cryptologie Symmetric encryption Cryptographie Cryptology

Search results