Verificação oportunista de assinaturas digitais para programas e bibliotecas em sistemas operacionais paginados

Destefani, Guilherme Herrmann

10 2010

Este trabalho apresenta a combinação de uma série de mecanismos de segurança baseados em criptografia com conceitos de sistemas operacionais. Esta combinação cria uma arquitetura inovadora,que aproveita características do funcionamento do sistema operacional para protegê-lo de vulnerabilidades relacionadas com a adulteração de programas e bibliotecas. Esta arquitetura consiste em um mecanismo de geração de assinaturas digitais integradas a programas e bibliotecas, para garantir a autenticidade e a integridade dos mesmos e de cada parte do sistema operacional em execução. O sistema funciona de forma transparente para programadores, e possibilita que o software com assinaturas digitais seja compatível com sistemas que não tenham suporte a verificação de assinatura, simplificando o processo de distribuição. A verificação de assinaturas é integrada com o mecanismo de paginação do microprocessador, de forma a efetuar uma verificação sob demanda somente da parte dos programas e bibliotecas que é efetivamente utilizada. Esta integração diminui o impacto sobre o desempenho e proporciona transparência para os usuários finais e administradores de sistemas. A validação do modelo proposto foi realizada como uma extensão à interface binária de aplicação Unix ELF, implementada na plataforma GNU/Linux. O impacto da assinatura digital para desenvolvedores e distribuidores de sistemas operacionais sob a ótica de complexidade de uso, efeitos do sistema para usuários finais e a sobrecarga no desempenho do sistema foram verificados. / This work discusses a series of security mechanisms based in cryptography, combining them with concepts of operating systems, in order to create an innovative architecture that uses some functionalities characteristics of operating system to protect it against vulnerabilities related with the adulteration of computer programs and libraries. This architecture consists in a mechanism for generation of digital signatures integrated into the computer programs and libraries, in order to guarantee the software and operating system authenticity and integrity while in execution by the target machine. The system is transparent to programmers, and it is also possible that software with digital signatures can be executed on systems without support to verification of signature, what simplifies the software distribution process. The verification of signatures is integrated with the paging mechanism of the microprocessor, making on-demand verification only in the part of the programs and libraries that is going to be effectively used, diminishing the impact on the performance and providing transparency for final users and system administrators. The validation of the model was carried through as an extension to the application binary interface Unix ELF, implemented in the GNU/Linux platform. The impact of the digital signature for developers and distributors of operating systems under the point of view of complexity, effect for final users and overload in performance of the system was verified. xix

Assinaturas digitais

Criptografia de dados

Digital signatures

Data encryption

Verificação oportunista de assinaturas digitais para programas e bibliotecas em sistemas operacionais paginados

Destefani, Guilherme Herrmann

10 2010

Este trabalho apresenta a combinação de uma série de mecanismos de segurança baseados em criptografia com conceitos de sistemas operacionais. Esta combinação cria uma arquitetura inovadora,que aproveita características do funcionamento do sistema operacional para protegê-lo de vulnerabilidades relacionadas com a adulteração de programas e bibliotecas. Esta arquitetura consiste em um mecanismo de geração de assinaturas digitais integradas a programas e bibliotecas, para garantir a autenticidade e a integridade dos mesmos e de cada parte do sistema operacional em execução. O sistema funciona de forma transparente para programadores, e possibilita que o software com assinaturas digitais seja compatível com sistemas que não tenham suporte a verificação de assinatura, simplificando o processo de distribuição. A verificação de assinaturas é integrada com o mecanismo de paginação do microprocessador, de forma a efetuar uma verificação sob demanda somente da parte dos programas e bibliotecas que é efetivamente utilizada. Esta integração diminui o impacto sobre o desempenho e proporciona transparência para os usuários finais e administradores de sistemas. A validação do modelo proposto foi realizada como uma extensão à interface binária de aplicação Unix ELF, implementada na plataforma GNU/Linux. O impacto da assinatura digital para desenvolvedores e distribuidores de sistemas operacionais sob a ótica de complexidade de uso, efeitos do sistema para usuários finais e a sobrecarga no desempenho do sistema foram verificados. / This work discusses a series of security mechanisms based in cryptography, combining them with concepts of operating systems, in order to create an innovative architecture that uses some functionalities characteristics of operating system to protect it against vulnerabilities related with the adulteration of computer programs and libraries. This architecture consists in a mechanism for generation of digital signatures integrated into the computer programs and libraries, in order to guarantee the software and operating system authenticity and integrity while in execution by the target machine. The system is transparent to programmers, and it is also possible that software with digital signatures can be executed on systems without support to verification of signature, what simplifies the software distribution process. The verification of signatures is integrated with the paging mechanism of the microprocessor, making on-demand verification only in the part of the programs and libraries that is going to be effectively used, diminishing the impact on the performance and providing transparency for final users and system administrators. The validation of the model was carried through as an extension to the application binary interface Unix ELF, implemented in the GNU/Linux platform. The impact of the digital signature for developers and distributors of operating systems under the point of view of complexity, effect for final users and overload in performance of the system was verified. xix

Assinaturas digitais

Criptografia de dados

Digital signatures

Data encryption

Differential power analysis of an AES software implementation

Moabalobelo, Phindile Terrence

16 April 2014

M.Ing. (Electrical and Electronic Engineering) / Please refer to full text to view abstract

Computer security

Data encryption (Computer science)

Algorithms

Cryptography

On Resilience to Computable Tampering

Ball Jr, Maynard Marshall

January 2021

Non-malleable codes, introduced by Dziembowski, Pietrzak, and Wichs (ICS 2010), provide a means of encoding information such that if the encoding is tampered with, the result encodes something either identical or completely unrelated. Unlike error-correcting codes (for which the result of tampering must always be identical), non-malleable codes give guarantees even when tampering functions are allowed to change every symbol of a codeword. In this thesis, we will provide constructions of non-malleable codes secure against a variety tampering classes with natural computational semantics: • Bounded-Communication: Functions corresponding to 2-party protocols where each party receives half the input (respectively) and then may communicate <𝒏/4 bits before returning their (respective) half of the tampered output. •Local Functions (Juntas):} each tampered output bit is only a function of n¹-ẟ inputs bits, where ẟ>0 is any constant (the efficiency of our code depends on ẟ). This class includes NC⁰. •Decision Trees: each tampered output bit is a function of n¹/⁴-⁰(¹) adaptively chosen bits. •Small-Depth Circuits: each tampered output bit is produced by a 𝒄log(n)/log log(n)-depth circuit of polynomial size, for some constant 𝒄. This class includes AC⁰. •Low Degree Polynomials: each tampered output field element is produced by a low-degree (relative to the field size) polynomial. •Polynomial-Size Circuit Tampering: each tampered codeword is produced by circuit of size 𝒏ᶜ where 𝒄 is any constant (the efficiency of our code depends on 𝒄). This result assumes that E is hard for exponential size nondeterministic circuits (all other results are unconditional). We stress that our constructions are efficient (encoding and decoding can be performed in uniform polynomial time) and (with the exception of the last result, which assumes strong circuit lower bounds) enjoy unconditional, statistical security guarantees. We also illuminate some potential barriers to constructing codes for more complex computational classes from simpler assumptions.

Computer science

Data encryption (Computer science)

Malware (Computer software)

Synchronization of chaotic circuits through real channels

Barnes, Wayne

30 March 2010

Chaotic encryption is currently a popular topic in technical journals. A number of articles have been written proposing novel methods of encrypting data using chaotic signals. Most of the encryption schemes rely on the ability of chaotic systems to be synchronized. Pecora and Carroll, the noted experts on this topic, have published a number of papers describing the theory and presenting simulations of synchronized circuits. Their papers are most often cited as the source of synchronization theory. However, no tests have been performed exploring synchronization across anything but ideal channels. This paper presents a brief background of chaotic signals. The basic theory of synchronizing chaotic signals is covered next. Finally a series of experiments are performed testing the ability of a chaotic signal to synchronize over various audio grade channels, the most often used medium for encrypted information. The experiments show that there are considerable problems getting chaotic circuits to synchronize over non-ideal channels. The failure to synchronize is discussed with respect to each channel tested. A number of additional research opportunities are presented. / Master of Science

Data encryption (Computer science)

LD5655.V851 1994.B376

Development of Data Encryption Algorithms for Secure Communication Using Public Images

Ullagaddi, Vishwanath

27 September 2012

No description available.

Electrical Engineering

Data Encryption

Image Encryption

Data hiding in images.

The security of quantum cryptography

Miller, Justin C.

01 January 2004

A common desire in today's world is that of security. Whether it is keeping your e-mail private or stopping the government from hacking into your computer, the idea behind cryptography is to communicate between two parties in different locations, and to secure this information from outsiders. During the last half century there have been numerous advances in encryption schemes and also in the machines that process such information. Modern encryption algorithms have become increasingly more complex with advances in computers and technology, and encryption algorithms such as RSA and DES have been presented as algorithms that have remained secure for decades. These recent advances in encryption schemes will be examined in the first part of this paper. On the other hand, because the security of classical ciphers relies on the secrecy of a key, advances in research and computing may begin to compromise the security of these cryptosystems, as quantum computers would be capable of mathematical calculations that could break many modern encryption algorithms. Unlike classical cryptosystems, quantum cryptography obeys the laws of quantum physics, resulting in a much stronger, provable security. Many great advances have come in recent decades, and the latter part of this paper deals with these advances as well as the phenomena of quantum physics, the evolution of quantum computing, and the study of quantum cryptography.

Mathematics

Network and system security in an information age

Scully, Michael N. B.

01 January 2000

In a time when networks are so readily interconnected around the world, computer security is a paramount concern for information technology professionals. As users, we regularly log onto terminals that are configured and maintained by others, running software developed by others, using operating systems with publicly known flaws, over networks connected by others, using protocols that were never constructed with security in mind. We rely on systems that we are forced to trust, connecting to remote systems we do not know, and only a finite minority of users has even the slightest conception of how these systems handle their information. Availability is the ultimate goal in providing usefulness and utility with an information system, but availability is also a detriment to system security. Avenues of availability are also avenues of potential data attack from malicious users or hackers. A certain level of confidentiality within data systems is necessary to assure the privacy of personal information as well as the secrecy of proprietary data. Users and information systems must be able to authenticate one another's identification while insuring transmissions between them remain unaltered in transit. This thesis is a discussion of network security considerations and network attack methodologies with respect to availability, confidentiality, and reliability. Network administrators must consider balancing these aspects in securing information systems.

Management Information Systems

Essays on Coercion and Signaling in Cyberspace

Jun, Dahsol

January 2024

This dissertation explores how coercive diplomacy works in cyberspace through three interrelated papers, each titled, Coercion in Cyberspace: A Model of Encryption Via Extortion, Variation in Coercion: Costly Signals That Also Undermine Attack Effectiveness, and Seeking Clarity In A Domain of Deception: Signaling and Indices in Cyberspace. As more strategic actors seek to employ cyber weapons as an important part of their military arsenal, refining the theory of cyber coercion is becoming more important in understanding coercive diplomacy and crisis dynamics in cyberspace. Although existing cyber conflict literature argues that cyber weapons make poor tools of coercion, the current theory does not necessarily match important empirical instances of successful coercion using cyber means, such as the ransomware and data extortion. This dissertation seeks to close this gap between theory and practice by specifying the conditions under which cyber coercion works. Relatedly, the dissertation also explores the conditions under which costly signaling works in conveying such coercive threats. The first paper presents a formal model of cyber coercion that relies on data encryption, as a means of explaining why cyber weapons often rely on a different coercive logic. Coercion in International Relations is often conceptualized as the threat to hurt used in reserve, applied in settings such as the use of nuclear weapons or strategic bombing. However, history is ripe with instances of a different logic of coercion that relies on the application of costs up front, followedby a promise to stop. Application of such a coercive logic can be seen in instances such as sanctions, hostage-taking, and sieges. Existing literature argues that cyber weapons make poor tools of coercion, however this only examines cyber weapons under the first logic. However, cyber weapons, when examined under the second logic, are often quite successful, as the prevalence of the ransomware threat demonstrates. This paper specifies the conditions under which coercion using data encryption works in light of the second logic, and what unique commitment problems can undermine coercion in this situation. By applying costs up front, some cyber weapons resolve a key strategic dilemma in which conveying specific information regarding how the attack will unfold can allow the defender to take mitigations that render the planned attack useless. The second paper complements the first paper by presenting a formal model that explores the first logic, and specifies the conditions under which cyber coercion relying on the threat to hurt used in reserve works. A key theory in the existing cyber conflict literature argues that cyber weapons make poor tools of coercion due to the “cyber commitment problem," in which a coercer faces a tradeoff between the need to credibly demonstrate specific capability to follow through with a threat, versus the propensity of the defender to use such information to adopt countermeasures. This tradeoff is not necessarily unique to cyberspace, but applicable to technologies that rely on degrees of deception for attack effectiveness, such as submarine warfare. I present a formal model motivated by cyber weapons but applicable to a broad range of technologies in International Relations, showing that the severity of this tradeoff is not constant but varies depending on exogenous factors, such as the probability that a defensive countermeasure can successfully neutralize a threatened attack. When the probability is high, this shrinks the range of costly signals that a coercer can send to maintain a separating equilibrium, however it does not necessarily mean that costly signaling is not possible. This paper formalizes and expands the logic behind the “cyber commitment problem" and shows that coercion can sometimes work even under the first logic. The third paper examines the role of indices – or observations that are believed to be hard to deceive as opposed to overt signals of intent – in coercive diplomacy and crisis communications in cyberspace. Because actors acting in and through cyberspace have yet to come to a clear shared meaning as to what certain actions in cyberspace conveys in terms of intent and/or resolve, the tendency to instead rely on independent observation and assessment of “indices” to interpret these actions are more pronounced in cyber conflict. This paper uses cybersecurity advisories routinely published by the Cybersecurity and Infrastructure Security Agency (CISA) to examine what kinds of indices were used by the U.S. government to make assessments about an attacker’s intent regarding restraint or escalation. Interestingly, the same kind of cyber attack, for example the malicious compromise of a water utilities facility, is interpreted differently as escalatory or accommodative depending on consideration of “situational indices" such as the larger geopolitical context and attribution to a particular state actor, beyond the technical facts. This paper assesses that indices are being used too broadly, even when they can be manipulated easily or are linked to perceptions and biases instead of facts. Such practices can lead to situations where the same costly signal sent by the sender in the context of coercive diplomacy or crisis communications can be interpreted differently by the receiver depending on the suite of indices they are relying on, raising the risk of misperception and crisis escalation in cyberspace.

International relations

Cyberspace

Cyberterrorism

Data encryption (Computer science)

Computer security

High-performance advanced encryption standard (AES) security co-processor design

Tandon, Prateek

01 December 2003

see PDF

Data encryption (Computer science)

Data encryption (Computer science)