Global ETD Search

421	On the Applicability of a Cache Side-Channel Attack on ECDSA Signatures : The Flush+Reload attack on the point multiplication in ECDSA signature generation process Josyula, Sai Prashanth January 2015 (has links) Context. Digital counterparts of handwritten signatures are known as Digital Signatures. The Elliptic Curve Digital Signature Algorithm (ECDSA) is an Elliptic Curve Cryptography (ECC) primitive, which is used for generating and verifying digital signatures. The attacks that target an implementation of a cryptosystem are known as side-channel attacks. The Flush+Reload attack is a cache side-channel attack that relies on cache hits/misses to recover secret information from the target program execution. In elliptic curve cryptosystems, side-channel attacks are particularly targeted towards the point multiplication step. The Gallant-Lambert-Vanstone (GLV) method for point multiplication is a special method that speeds up the computation for elliptic curves with certain properties. Objectives. In this study, we investigate the applicability of the Flush+Reload attack on ECDSA signatures that employ the GLV method to protect point multiplication. Methods. We demonstrate the attack through an experiment using the curve secp256k1. We perform a pair of experiments to estimate both the applicability and the detection rate of the attack in capturing side-channel information. Results. Through our attack, we capture side-channel information about the decomposed GLV scalars. Conclusions. Based on an analysis of the results, we conclude that for certain implementation choices, the Flush+Reload attack is applicable on ECDSA signature generation process that employs the GLV method. The practitioner should be aware of the implementation choices which introduce vulnerabilities, and avoid the usage of such ECDSA implementations. Digital signatures Elliptic curve cryptography GLV method Side-channel attack
422	Κρυπτογράφηση και ποιότητα υπηρεσιών (Qos) σε ad-hoc ασύρματα δίκτυα Αμπατζόγλου, Παντελής 03 August 2009 (has links) Τα ασύρματα δίκτυα έχουν αρχίσει να κατακλύζουν την παγκόσμια αγορά υψηλής τεχνολογίας. Αυτό μπορεί να αποδοθεί στα πολλά πλεονεκτήματα που προσφέρουν καθώς και στο ότι πλέον τα περισσότερα προβλήματα που είχαν στο παρελθόν έχουν αντιμετωπιστεί σε πολύ μεγάλο βαθμό. Ακόμα προσφέρουν ιδιαίτερη ευκολία στην ανάπτυξη λύσεων σε ειδικά προβλήματα. Ωστόσο, όλα τα ασύρματα δίκτυα υιοθετούν κάποια μέθοδο ασφάλειας, η οποία έχει κάποιον αντίκτυπο στις επιδόσεις του δικτύου. Σκοπός της παρούσης εργασίας είναι να μελετηθεί η επιβάρυνση που επέρχεται σε ένα ασύρματο δίκτυο με τη χρήση διαφόρων επιπέδων ασφάλειας. Η μέθοδος και το μέγεθος της ασφάλειας αυτής πρέπει να είναι ισορροπημένη, προκειμένου όπως θα αναλυθεί και στη συνέχεια, και να διασφαλιστεί και η καλή συμπεριφορά του δικτύου αλλά και η ακεραιότητα των προσωπικών δεδομένων. Τα προβλήματα που εμπλέκονται είναι αυτή της δρομολόγησης με χρήση κόμβων περιορισμένης μνήμης και υπολογιστικής ισχύος. Δηλαδή, συσκευές οι οποίες δεν έχουν πλεονασμό υπολογιστικής ισχύος αλλά ούτε και μνήμης, καλούνται να κρυπτογραφήσουν, να αποκρυπτογραφήσουν ή να αναμεταδώσουν πακέτα προς τον προορισμό τους. Η μεθοδολογία αντιμετώπισης του προβλήματος που ακλουθείται είναι αυτή των εξομοιώσεων. Ο λόγος για αυτήν την επιλογή είναι ότι μας προσφέρει τη δυνατότητα να μελετήσουμε πληθώρα περιπτώσεων και στη συνέχεια με χρήση αναλυτικών μεθόδων μας δίνεται η δυνατότητα να αναλύσουμε τα αποτελέσματα που προκύπτουν. / - Κρυπτογραφία Ποιότητα υπηρεσιών 005.8 Cryptography Quality of Service (QoS)
423	Υλοποίηση κρυπτο-επεξεργαστικής πλατφόρμας για πιστοποίηση μηνυμάτων στο πρότυπο Galois/Counter Mode (GCM) Σακελλαρίου, Παναγιώτης 19 October 2009 (has links) Η παρούσα διπλωματική προτείνει μια hardware υλοποίηση του μηχανισμού πιστοποίησης μηνυμάτων βασισμένη στο πρότυπο Galois/Counter Mode (GCM) . O αλγόριθμος κρυπτογράφησης Galois/Counter Mode (GCM) εκδόθηκε από τον οργανισμό National Institute of Standards and Technology (NIST) τον Νοέμβριο του 2007. Σε συνεργασία με τον μηχανισμός κρυπτογράφησης μηνυμάτων, υλοποιείται το πρότυπο GCM για online λειτουργία. Στο Κεφάλαιο 1, αρχικά γίνεται μια σύντομη ιστορική αναδρομή στον τομέα της κρυπτογραφίας. Στην συνέχεια παρουσιάζονται οι λόγοι που οδήγησαν στην δημιουργία αυτού του αλγορίθμου. Ακολουθεί μια σύντομη εισαγωγή στον GCM και στους τρόπους με τους οποίος αυτός δουλεύει. Στο τέλος του κεφαλαίου αναφέρονται οι πρακτικές εφαρμογές που έχει η χρήση του GCM. Στο Κεφάλαιο 2, αρχικά αναφέρονται οι συμβολισμοί που χρησιμοποιούνται στην διπλωματική καθώς και οι βασικές έννοιες που χρησιμοποιούνται. Στην συνέχεια, αναλύεται το μαθηματικό υπόβαθρο που είναι απαραίτητο για την κατανόηση των εσωτερικών μηχανισμών του GCM. Η ανάλυση που γίνεται σε αυτή την ενότητα αποτελεί και την βασική αρχή στην οποία στηρίχτηκε η δημιουργία του αλγορίθμου. Ακολουθεί η ανάλυση των μαθηματικών συνιστωσών του GCM. Η ενότητα αυτή κατατάσσεται τόσο σε μαθηματική ανάλυση όσο και σε hardware προσέγγιση των επιμέρους συνιστωσών . Ιδιαίτερο ενδιαφέρον παρουσιάζει η τελευταία υποενότητα του κεφαλαίου που παρουσιάζει τον τρόπο με τον οποίο από τον σειριακό πολλαπλασιαστή στο GF(2128) οδηγούμαστε στον παράλληλο πολλαπλασιαστή. Στο Κεφάλαιο 3, αρχικά παρουσιάζεται ο Advanced Encryption Standard (AES) και πιο συγκεκριμένα η forward function αυτού με υποστηριζόμενο κλειδί 128 bit. Στην συνέχεια του κεφαλαίου, παρουσιάζονται τα πλεονεκτήματα για την υλοποίηση με χρήση FPGAs, επίσης γίνεται μια σύντομη περιγραφή των βασικών διαφορών που παρουσιάζονται στις δύο οικογένειες FPGAs που χρησιμοποιήθηκαν. Στο Κεφάλαιο 4 , πραγματοποιείται η ανάλυση του αλγορίθμου GCM βασισμένη στο recommendation του NIST. Παρουσιάζονται όλοι οι επιμέρους αλγόριθμοι που χρησιμοποιούνται καθώς και ο τρόπος με τον οποίον αυτοί αλληλεπιδρούν και συνεργάζονται για την δημιουργία του GCM αλγορίθμου. Στο τέλος του κεφαλαίου, αναφέρονται οι απαιτήσεις για key και IV που πρέπει να ικανοποιούνται για να θεωρείται ο αλγόριθμος κρυπτογραφικά ισχυρός. Στο Κεφάλαιο 5, αρχικά γίνεται μια top down ανάλυση του GCM. Η ανάλυση αυτή χρησιμοποιείται στην δεύτερη ενότητα όπου προτείνεται και αναλύεται η αρχιτεκτονική που χρησιμοποιήθηκε για την hardware υλοποίηση. Στην συνέχεια, αναλύονται τα βασικά δομικά στοιχεία του GCM. Στην τελευταία ενότητα αναφέρεται η δομή που χρησιμοποιήθηκε με σκοπό την υλοποίηση για high speed απαιτήσεις. Στο Κεφάλαιο 6, αρχικά γίνεται εισαγωγή στον μηχανισμό πιστοποίησης μηνυμάτων έτσι όπως αυτό υλοποιήθηκε. Στην συνέχεια , παραθέτονται τα αποτέλεσμα που προέκυψαν από την εξομοίωση του VHDL κώδικα. Ακολουθούν τα αποτελέσματα της σύνθεσης και σύγκριση μεταξύ διαφορετικών τρόπων υλοποίησης. Στο τέλος του κεφαλαίου γίνεται σύγκριση μεταξύ των δύο τεχνολογιών που χρησιμοποιήθηκαν για την σύνθεση. Στο κεφάλαιο 7, αρχικά γίνεται εισαγωγή στον τρόπο με τον οποίο ο μηχανισμός πιστοποίησης και κρυπτογράφησης μηνυμάτων συνεργάζονται. Στην δεύτερη ενότητα παραθέτεται ο τρόπος λειτουργίας του GCM μηχανισμού που υλοποιήθηκε. Ακολουθούν τα αποτελέσματα της εξομοίωσης. Στην τελευταία ενότητα παραθέτονται τα αποτέλεσμα σύνθεσης σε δύο διαφορετικές τεχνολογίες. Στο Παράρτημα Α παρουσιάζεται ο τρόπος χρήσης του Xilinx ISE που χρησιμοποιήθηκε για την σύνθεση του VHDL κώδικα για την τεχνολογία Virtex 5. Τέλος στο Παράρτημα Β παρουσιάζονται κάποια βασικά κομμάτια του κώδικα C. / The Galois/Counter Mode of Operation (GCM), recently standardized by NIST, simultaneously authenticates and encrypts data at speeds not previously possible for both software and hardware implementations. In GCM, data integrity is achieved by chaining Galois field multiplication operations while a symmetric key block cipher such as the Advanced Encryption Standard (AES), is used to meet goals of confidentiality. Κρυπτογράφηση 005.82 Cryptography Galois/Counter Mode (GCM)
424	High speed and actively stabilised quantum key distribution Dixon, Alexander Robert January 2011 (has links) No description available. 530
425	Applications of Quantum Cryptography Nagy, Naya 12 March 2010 (has links) This thesis extends the applicability of quantum cryptography. First, we prove that quantum cryptography at least equals classical cryptography in an important area, namely authentication. The quantum key distribution protocols presented here show that, contrary to previous belief, authentication can be done with quantum methods only. In addition, we have designed quantum security systems in unconventional settings. The security of sensor networks poses specific challenges, as the sensor nodes in particular can be physically picked up by the intruder. Our scheme protects both the integrity of the communication messages and it also protects the identity of the nodes, such that a reading intrusion of a node is detectable. The problem of access control in a hierarchy refers to a large number of users, organized in a hierarchy, having selective access rights to a database. Our quantum solution introduces quantum keys to the effect that the cryptographic scheme is dynamically adaptable to changes in the user structure, and it exhibits increased security levels. To the best of our knowledge, this thesis is the first to introduce quantum keys, that is secret keys defined by an array of qubits. We show that quantum keys make it possible for two parties to communicate with one-time pads without having to meet in advance. Also, opposite to previous cryptographic ``common sense", the security level of a quantum cryptosystem with quantum keys and quantum messages increases while being used, meaning the security increases over time. / Thesis (Ph.D, Computing) -- Queen's University, 2010-03-12 11:38:07.086 Quantum Cryptography Sensor Networks One-Time Pads Databases Authentication
426	Constructing pairing-friendly algebraic curves of genus 2 curves with small rho-value CHOU, KUO MING JAMES 09 November 2011 (has links) For pairing-based cryptographic protocols to be both efficient and secure, the underlying genus 2 curves defined over finite fields used must satisfy pairing-friendly conditions, and have small rho-value, which are not likely to be satisfied with random curves. In this thesis, we study two specific families of genus 2 curves defined over finite fields whose Jacobians do not split over the ground fields into a product of elliptic curves, but geometrically split over an extension of the ground field of prescribed degree n=3, 4, or 6. These curves were also studied extensively recently by Kawazoe and Takahashi in 2008, and by Freeman and Satoh in 2009 in their searches of pairing-friendly curves. We present a new method for constructing and identifying suitable curves in these two families which satisfy the pairing-friendly conditions and have rho-values around 4. The computational results of the rho-values obtained in this thesis are consistent with those found by Freeman and Satoh in 2009. An extension of our new method has led to a cryptographic example of a pairing-friendly curve in one of the two families which has rho-value 2.969, and it is the lowest rho-value ever recorded for curves of this type. Our method is different from the method proposed by Freeman and Satoh, since we can prescribe the minimal degree n =3,4 or 6 extension of the ground fields which the Jacobians of the curves split over. / Thesis (Ph.D, Mathematics & Statistics) -- Queen's University, 2011-11-08 18:57:59.988 Pairing-friendly genus 2 curves
427	Two sides of one tapestry : efficient implementation of the wavelet cryptosystem and a fast correlation attack via LDPC codes Noorkami, Maneli 08 1900 (has links) No description available. Coding theory Data encryption (Computer science) Cryptography Telecommunication Security measures
428	A dynamic trust-based context-aware secure authentication framework for pervasive computing environments Abi-Char, Pierre 30 March 2010 (has links) (PDF) To provide personalized services to users in pervasive environments, we should consider both user's privacy, trust and security requirements. Traditional authentication and access control mechanisms are not able to adapt their security policies to a changing context while insuring privacy and trust issues. This thesis introduces a new global vision for the protection of pervasive environments, based on context-aware principle. The aim of this thesis is to get a flexible and scalable framework including user authentication, user privacy preserving and trust management in order to optimize the access control strategy to personalized services. The first contribution include the proposal of a mutual authentication protocol supported by both robust key establishment schemes based on elliptic curves (MaptoPoint/Curve algorithm, Weil Pairing) and a dynamic model based on attributes issued from contextual data. The second contribution include the design of a new architecture built on an attribute based model and organized over 3 layers: the privacy control layer which insure the protection of the user private life by controlling their personal data, the access layer which associate authentication and access control processes while providing mechanisms dedicated to trust parameters management , and finally the service layer for service access management according to the user profile and his environment. The third contribution the implementation and the deployment of a prototype within the service delivery platform in Handicom lab of Telecom & Management SudParis. [INFO] Computer Science [INFO] Informatique Authentication Pervasive computing Cryptography
429	Design and Analysis of Security Schemes for Low-cost RFID Systems Chai, Qi 01 1900 (has links) With the remarkable progress in microelectronics and low-power semiconductor technologies, Radio Frequency IDentification technology (RFID) has moved from obscurity into mainstream applications, which essentially provides an indispensable foundation to realize ubiquitous computing and machine perception. However, the catching and exclusive characteristics of RFID systems introduce growing security and privacy concerns. To address these issues are particularly challenging for low-cost RFID systems, where tags are extremely constrained in resources, power and cost. The primary reasons are: (1) the security requirements of low-cost RFID systems are even more rigorous due to large operation range and mass deployment; and (2) the passive tags' modest capabilities and the necessity to keep their prices low present a novel problem that goes beyond the well-studied problems of traditional cryptography. This thesis presents our research results on the design and the analysis of security schemes for low-cost RFID systems. Motivated by the recent attention on exploiting physical layer resources in the design of security schemes, we investigate how to solve the eavesdropping, modification and one particular type of relay attacks toward the tag-to-reader communication in passive RFID systems without requiring lightweight ciphers. To this end, we propose a novel physical layer scheme, called Backscatter modulation- and Uncoordinated frequency hopping-assisted Physical Layer Enhancement (BUPLE). The idea behind it is to use the amplitude of the carrier to transmit messages as normal, while to utilize its periodically varied frequency to hide the transmission from the eavesdropper/relayer and to exploit a random sequence modulated to the carrier's phase to defeat malicious modifications. We further improve its eavesdropping resistance through the coding in the physical layer, since BUPLE ensures that the tag-to-eavesdropper channel is strictly noisier than the tag-to-reader channel. Three practical Wiretap Channel Codes (WCCs) for passive tags are then proposed: two of them are constructed from linear error correcting codes, and the other one is constructed from a resilient vector Boolean function. The security and usability of BUPLE in conjunction with WCCs are further confirmed by our proof-of-concept implementation and testing. Eavesdropping the communication between a legitimate reader and a victim tag to obtain raw data is a basic tool for the adversary. However, given the fundamentality of eavesdropping attacks, there are limited prior work investigating its intension and extension for passive RFID systems. To this end, we firstly identified a brand-new attack, working at physical layer, against backscattered RFID communications, called unidirectional active eavesdropping, which defeats the customary impression that eavesdropping is a ``passive" attack. To launch this attack, the adversary transmits an un-modulated carrier (called blank carrier) at a certain frequency while a valid reader and a tag interacts at another frequency channel. Once the tag modulates the amplitude of reader's signal, it causes fluctuations on the blank carrier as well. By carefully examining the amplitude of the backscattered versions of the blank carrier and the reader's carrier, the adversary could intercept the ongoing reader-tag communication with either significantly lower bit error rate or from a significantly greater distance away. Our concept is demonstrated and empirically analyzed towards a popular low-cost RFID system, i.e., EPC Gen2. Although active eavesdropping in general is not trivial to be prohibited, for a particular type of active eavesdropper, namely a greedy proactive eavesdropper, we propose a simple countermeasure without introducing extra cost to current RFID systems. The needs of cryptographic primitives on constraint devices keep increasing with the growing pervasiveness of these devices. One recent design of the lightweight block cipher is Hummingbird-2. We study its cryptographic strength under a novel technique we developed, called Differential Sequence Attack (DSA), and present the first cryptanalytic result on this cipher. In particular, our full attack can be divided into two phases: preparation phase and key recovery phase. During the key recovery phase, we exploit the fact that the differential sequence for the last round of Hummingbird-2 can be retrieved by querying the full cipher, due to which, the search space of the secret key can be significantly reduced. Thus, by attacking the encryption (decryption resp.) of Hummingbird-2, our algorithm recovers 36-bit (another 28-bit resp.) out of 128-bit key with $2^{68}$ ($2^{60}$ resp.) time complexity if particular differential conditions of the internal states and of the keys at one round can be imposed. Additionally, the rest 64-bit of the key can be exhaustively searched and the overall time complexity is dominated by $2^{68}$. During the preparation phase, by investing $2^{81}$ effort in time, the adversary is able to create the differential conditions required in the key recovery phase with at least 0.5 probability. As an additional effort, we examine the cryptanalytic strength of another lightweight candidate known as A2U2, which is the most lightweight cryptographic primitive proposed so far for low-cost tags. Our chosen-plaintext-attack fully breaks this cipher by recovering its secret key with only querying the encryption twice on the victim tag and solving 32 sparse systems of linear equations (where each system has 56 unknowns and around 28 unknowns can be directly obtained without computation) in the worst case, which takes around 0.16 second on a Thinkpad T410 laptop. RFID Physical layer security Privacy Lightweight cryptography Electrical and Computer Engineering
430	Cryptographic End-to-end Verification for Real-world Elections Essex, Aleksander January 2012 (has links) In this dissertation we study the problem of making electronic voting trustworthy through the use of cryptographic end-to-end (E2E) audits. In particular, we present a series of novel proposals for cryptographic election verification with a focus on real-world practicality. We begin by outlining fundamental requirements of E2E election verification, important properties for a real-world settings, and provide a review of previous and concurrent related work. Our research results are then presented across three parts. In the first part we examine how E2E election verification can be made more procedurally familiar to real-world voters and election administrators. We propose and implement an E2E add-on for conventional optical-scan based voting systems, and highlight our experiences running an election using this system in a United States municipality. In the second part we examine how E2E election verification can be made more conceptually and procedurally simple for election verifiers/auditors. We present a non-cryptographic E2E system based on physical document security assumptions as an educational tool. We extend this system to a cryptographic setting to show how the procedures of cryptographic election verification can be completed with relatively tiny software code bases, or by using common-place programs such as a desktop spreadsheet. We then present an approach that allows verifiers to conduct cryptographic audits without having to plan for it prior to an election. In the third part we examine how the methods in the first part can be extended to provide a level of privacy/distribution of trust similar to that of classical cryptographic voting protocols, while maintaining the (comparatively) intuitive optical-scan interface. To that end, we propose a novel paradigm for secure distributed document printing that allows optical-scan ballots to be printed in a way that still lets voters check their ballots have been counted, while keeping their voting preferences secret from election officials and everyone else. Finally we outline how the results obtained in each of the three parts can be combined to create a cryptographically end-to-end verifiable voting system that simultaneously offers a conventional optical-scan ballot, ballot secrecy assured by a distribution of trust, and a simple, cryptographically austere set of audit procedures. computer science security applied cryptography trustworthy elections Computer Science

Search results