On Prime-Order Elliptic Curves with Embedding Degrees 3, 4 and 6

Karabina, Koray

January 2007

Bilinear pairings on elliptic curves have many cryptographic applications such as identity based encryption, one-round three-party key agreement protocols, and short signature schemes. The elliptic curves which are suitable for pairing-based cryptography are called pairing friendly curves. The prime-order pairing friendly curves with embedding degrees k=3,4 and 6 were characterized by Miyaji, Nakabayashi and Takano. We study this characterization of MNT curves in details. We present explicit algorithms to obtain suitable curve parameters and to construct the corresponding elliptic curves. We also give a heuristic lower bound for the expected number of isogeny classes of MNT curves. Moreover, the related theoretical findings are compared with our experimental results.

Combinatorics and Optimization

Key establishment --- security models, protocols and usage

Ustaoglu, Berkant

January 2008

Key establishment is the process whereby two or more parties derive a shared secret, typically used for subsequent confidential communication. However, identifying the exact security requirements for key establishment protocols is a non-trivial task. This thesis compares, extends and merges existing security definitions and models for key establishment protocols. The primary focus is on two-party key agreement schemes in the public-key setting. On one hand new protocols are proposed and analyzed in the existing Canetti-Krawzcyk model. On the other hand the thesis develops a security model and novel definition that capture the essential security attributes of the standardized Unified Model key agreement protocol. These analyses lead to the development of a new security model and related definitions that combine and extend the Canetti-Krawzcyk pre- and post- specified peer models in terms of provided security assurances. The thesis also provides a complete analysis of a one-pass key establishment scheme. There are security goals that no one-pass key establishment scheme can achieve, and hence the two-pass security models and definitions need to be adapted for one-pass protocols. The analysis provided here includes the description of the required modification to the underlying security model. Finally, a complete security argument meeting these altered conditions is presented as evidence supporting the security of the one-pass scheme. Lastly, validation and reusing short lived key pairs are related to efficiency, which is a major objective in practice. The thesis considers the formal implication of omitting validation steps and reusing short lived key pairs. The conclusions reached support the generally accepted cryptographic conventions that incoming messages should not be blindly trusted and extra care should be taken when key pairs are reused.

cryptography

key establishment schemes

key agreement protocols

Combinatorics and Optimization

Squashing Models for Optical Measurements in Quantum Communication

Beaudry, Normand James

January 2009

Many protocols and experiments in quantum information science are described in terms of simple measurements on qubits. However, in an experimental implementation, the exact description of the measurement is usually more complicated. If there is a claim made from the results of an experiment by using the simplified measurement description, then do the claims still hold when the more realistic description is taken into account? We present a "squashing" model that decomposes the realistic measurement description into first a map, followed by a simplified measurement. The squashing model then provides a connection between a realistic measurement and an ideal measurement. If the squashing model exists for a given measurement, then all claims made about a measurement using the simplified description also apply to the complicated one. We give necessary and sufficient conditions to determine when this model exists. We show how it can be applied to quantum key distribution, entanglement verification, and other quantum communication protocols. We also consider several examples of detectors commonly used in quantum communication to determine if they have squashing models.

quantum communication

optics

cryptography

quantum key distribution

physics

quantum

Physics

A study of security in wireless and mobile payments

Ali, Ahmed

January 2010

Mobile payments are increasing in popularity in recent years. New mobile solutions are being developed in the form of new Internet capable mobile devices such as the IPhone and new wireless networks such as the LTE and WiMAX networks. This report will present, explain and compare some of the most popular wireless networks that enable mobile payments, from a security point of view. The chosen networks are 3G with connection to GSM, and WLAN networks. The main security mechanisms involved in each network, and how they work will be studied. Security requirements and some of the most important threats each network faces will be presented and discussed. The main purpose of the report is to examine if mobile payments offer an acceptable level of security to the average user.

WLAN

3G

GSM

Security

Mobile payments

Cryptography

UMTS

Telecommunication

Telekommunikation

Secure storage of encryption keys

Kothapalli, Purushotham

January 2007

The purpose of this thesis work was to make a survey of presently existing devices available in the market to store encryption keys; how the hacker intrudes into the device; what are the attacks behind theft of the keys; how can we store encryption keys securely? To achieve this purpose, an overview of the storage devices and attacks made by hackers was acquired through academic books and papers, Internet sites and magazines. Basic cryptography and related algorithms were studied for the purpose of knowing how the encryption key is generated from these algorithms. Under the category of storage devices, USBs (Universal Serial Bus), PDAs (Personal Digital Assistant) and Smart Cards were examined. Under the category of attacks on devices, attacks from hackers, attacks from malicious code (Trojan Horses, viruses, worms), attacks from PDAs, attacks from Smart Cards, dictionary attacks and brute force attacks were studied. Based on these requirements we have discussed and analyzed a proposed system to store the encryption keys securely to avoid these attacks.

Cryptography

Storage of encryption keys in devices

Attacks on devices

Proposed secure system

Applications of Bilinear Maps in Cryptography

Gagne, Martin

January 2002

It was recently discovered by Joux [30] and Sakai, Ohgishi and Kasahara [47] that bilinear maps could be used to construct cryptographic schemes. Since then, bilinear maps have been used in applications as varied as identity-based encryption, short signatures and one-round tripartite key agreement. This thesis explains the notion of bilinear maps and surveys the applications of bilinear maps in the three main fields of cryptography: encryption, signature and key agreement. We also show how these maps can be constructed using the Weil and Tate pairings in elliptic curves.

Mathematics

cryptography

bilinear map

elliptic curve

pairing

identity-based

Perfect Hash Families: Constructions and Applications

Kim, Kyung-Mi

January 2003

Let <b>A</b> and <b>B</b> be finite sets with |<b>A</b>|=<i>n</i> and |<b>B</b>|=<i>m</i>. An (<i>n</i>,<i>m</i>,<i>w</i>)-<i>perfect hash</i> family</i> is a collection <i>F</i> of functions from <b>A</b> to <b>B</b> such that for any <b>X</b> &#8838; <b>A</b> with |<b>X</b>|=<i>w</i>, there exists at least one ? &#8712; <i>F</i> such that ? is one-to-one when restricted to <b>X</b>. Perfect hash families are basic combinatorial structures and they have played important roles in Computer Science in areas such as database management, operating systems, and compiler constructions. Such hash families are used for memory efficient storage and fast retrieval of items such as reserved words in programming languages, command names in interactive systems, or commonly used words in natural languages. More recently, perfect hash families have found numerous applications to cryptography, for example, to broadcast encryption schemes, secret sharing, key distribution patterns, visual cryptography, cover-free families and secure frameproof codes. In this thesis, we survey constructions and applications of perfect hash families. For constructions, we divided the results into three parts, depending on underlying structure and properties of the constructions: combinatorial structures, linear functionals, and algebraic structures. For applications, we focus on those related to cryptography.

Mathematics

Perfect Hash Families

Combinatorial Structures

Cryptography

Probability Methods

On Prime-Order Elliptic Curves with Embedding Degrees 3, 4 and 6

Karabina, Koray

January 2007

Bilinear pairings on elliptic curves have many cryptographic applications such as identity based encryption, one-round three-party key agreement protocols, and short signature schemes. The elliptic curves which are suitable for pairing-based cryptography are called pairing friendly curves. The prime-order pairing friendly curves with embedding degrees k=3,4 and 6 were characterized by Miyaji, Nakabayashi and Takano. We study this characterization of MNT curves in details. We present explicit algorithms to obtain suitable curve parameters and to construct the corresponding elliptic curves. We also give a heuristic lower bound for the expected number of isogeny classes of MNT curves. Moreover, the related theoretical findings are compared with our experimental results.

Combinatorics and Optimization

On the Security of Some Variants of RSA

Hinek, M. Jason

January 2007

The RSA cryptosystem, named after its inventors, Rivest, Shamir and Adleman, is the most widely known and widely used public-key cryptosystem in the world today. Compared to other public-key cryptosystems, such as elliptic curve cryptography, RSA requires longer keylengths and is computationally more expensive. In order to address these shortcomings, many variants of RSA have been proposed over the years. While the security of RSA has been well studied since it was proposed in 1977, many of these variants have not. In this thesis, we investigate the security of five of these variants of RSA. In particular, we provide detailed analyses of the best known algebraic attacks (including some new attacks) on instances of RSA with certain special private exponents, multiple instances of RSA sharing a common small private exponent, Multi-prime RSA, Common Prime RSA and Dual RSA.

Cryptography

Cryptanalysis

Variants of RSA

Lattice Attacks

Computer Science

Key establishment --- security models, protocols and usage

Ustaoglu, Berkant

January 2008

Key establishment is the process whereby two or more parties derive a shared secret, typically used for subsequent confidential communication. However, identifying the exact security requirements for key establishment protocols is a non-trivial task. This thesis compares, extends and merges existing security definitions and models for key establishment protocols. The primary focus is on two-party key agreement schemes in the public-key setting. On one hand new protocols are proposed and analyzed in the existing Canetti-Krawzcyk model. On the other hand the thesis develops a security model and novel definition that capture the essential security attributes of the standardized Unified Model key agreement protocol. These analyses lead to the development of a new security model and related definitions that combine and extend the Canetti-Krawzcyk pre- and post- specified peer models in terms of provided security assurances. The thesis also provides a complete analysis of a one-pass key establishment scheme. There are security goals that no one-pass key establishment scheme can achieve, and hence the two-pass security models and definitions need to be adapted for one-pass protocols. The analysis provided here includes the description of the required modification to the underlying security model. Finally, a complete security argument meeting these altered conditions is presented as evidence supporting the security of the one-pass scheme. Lastly, validation and reusing short lived key pairs are related to efficiency, which is a major objective in practice. The thesis considers the formal implication of omitting validation steps and reusing short lived key pairs. The conclusions reached support the generally accepted cryptographic conventions that incoming messages should not be blindly trusted and extra care should be taken when key pairs are reused.

cryptography

key establishment schemes

key agreement protocols

Combinatorics and Optimization