Spelling suggestions: "subject:"data encryption"" "subject:"mata encryption""
111 |
Verificação oportunista de assinaturas digitais para programas e bibliotecas em sistemas operacionais paginadosDestefani, Guilherme Herrmann 10 2010 (has links)
Este trabalho apresenta a combinação de uma série de mecanismos de segurança baseados
em criptografia com conceitos de sistemas operacionais. Esta combinação cria uma
arquitetura inovadora,que aproveita características do funcionamento do sistema operacional
para protegê-lo de vulnerabilidades relacionadas com a adulteração de programas
e bibliotecas.
Esta arquitetura consiste em um mecanismo de geração de assinaturas digitais integradas
a programas e bibliotecas, para garantir a autenticidade e a integridade dos mesmos
e de cada parte do sistema operacional em execução. O sistema funciona de forma transparente
para programadores, e possibilita que o software com assinaturas digitais seja
compatível com sistemas que não tenham suporte a verificação de assinatura, simplificando
o processo de distribuição.
A verificação de assinaturas é integrada com o mecanismo de paginação do microprocessador,
de forma a efetuar uma verificação sob demanda somente da parte dos programas
e bibliotecas que é efetivamente utilizada. Esta integração diminui o impacto sobre
o desempenho e proporciona transparência para os usuários finais e administradores de
sistemas.
A validação do modelo proposto foi realizada como uma extensão à interface binária
de aplicação Unix ELF, implementada na plataforma GNU/Linux. O impacto da assinatura
digital para desenvolvedores e distribuidores de sistemas operacionais sob a ótica de
complexidade de uso, efeitos do sistema para usuários finais e a sobrecarga no desempenho
do sistema foram verificados. / This work discusses a series of security mechanisms based in cryptography, combining
them with concepts of operating systems, in order to create an innovative architecture
that uses some functionalities characteristics of operating system to protect it against
vulnerabilities related with the adulteration of computer programs and libraries.
This architecture consists in a mechanism for generation of digital signatures integrated
into the computer programs and libraries, in order to guarantee the software and operating
system authenticity and integrity while in execution by the target machine. The system is
transparent to programmers, and it is also possible that software with digital signatures
can be executed on systems without support to verification of signature, what simplifies
the software distribution process.
The verification of signatures is integrated with the paging mechanism of the microprocessor,
making on-demand verification only in the part of the programs and libraries that
is going to be effectively used, diminishing the impact on the performance and providing
transparency for final users and system administrators.
The validation of the model was carried through as an extension to the application
binary interface Unix ELF, implemented in the GNU/Linux platform. The impact of the
digital signature for developers and distributors of operating systems under the point of
view of complexity, effect for final users and overload in performance of the system was
verified.
xix
|
112 |
Verificação oportunista de assinaturas digitais para programas e bibliotecas em sistemas operacionais paginadosDestefani, Guilherme Herrmann 10 2010 (has links)
Este trabalho apresenta a combinação de uma série de mecanismos de segurança baseados
em criptografia com conceitos de sistemas operacionais. Esta combinação cria uma
arquitetura inovadora,que aproveita características do funcionamento do sistema operacional
para protegê-lo de vulnerabilidades relacionadas com a adulteração de programas
e bibliotecas.
Esta arquitetura consiste em um mecanismo de geração de assinaturas digitais integradas
a programas e bibliotecas, para garantir a autenticidade e a integridade dos mesmos
e de cada parte do sistema operacional em execução. O sistema funciona de forma transparente
para programadores, e possibilita que o software com assinaturas digitais seja
compatível com sistemas que não tenham suporte a verificação de assinatura, simplificando
o processo de distribuição.
A verificação de assinaturas é integrada com o mecanismo de paginação do microprocessador,
de forma a efetuar uma verificação sob demanda somente da parte dos programas
e bibliotecas que é efetivamente utilizada. Esta integração diminui o impacto sobre
o desempenho e proporciona transparência para os usuários finais e administradores de
sistemas.
A validação do modelo proposto foi realizada como uma extensão à interface binária
de aplicação Unix ELF, implementada na plataforma GNU/Linux. O impacto da assinatura
digital para desenvolvedores e distribuidores de sistemas operacionais sob a ótica de
complexidade de uso, efeitos do sistema para usuários finais e a sobrecarga no desempenho
do sistema foram verificados. / This work discusses a series of security mechanisms based in cryptography, combining
them with concepts of operating systems, in order to create an innovative architecture
that uses some functionalities characteristics of operating system to protect it against
vulnerabilities related with the adulteration of computer programs and libraries.
This architecture consists in a mechanism for generation of digital signatures integrated
into the computer programs and libraries, in order to guarantee the software and operating
system authenticity and integrity while in execution by the target machine. The system is
transparent to programmers, and it is also possible that software with digital signatures
can be executed on systems without support to verification of signature, what simplifies
the software distribution process.
The verification of signatures is integrated with the paging mechanism of the microprocessor,
making on-demand verification only in the part of the programs and libraries that
is going to be effectively used, diminishing the impact on the performance and providing
transparency for final users and system administrators.
The validation of the model was carried through as an extension to the application
binary interface Unix ELF, implemented in the GNU/Linux platform. The impact of the
digital signature for developers and distributors of operating systems under the point of
view of complexity, effect for final users and overload in performance of the system was
verified.
xix
|
113 |
Differential power analysis of an AES software implementationMoabalobelo, Phindile Terrence 16 April 2014 (has links)
M.Ing. (Electrical and Electronic Engineering) / Please refer to full text to view abstract
|
114 |
On Resilience to Computable TamperingBall Jr, Maynard Marshall January 2021 (has links)
Non-malleable codes, introduced by Dziembowski, Pietrzak, and Wichs (ICS 2010), provide a means of encoding information such that if the encoding is tampered with, the result encodes something either identical or completely unrelated. Unlike error-correcting codes (for which the result of tampering must always be identical), non-malleable codes give guarantees even when tampering functions are allowed to change every symbol of a codeword.
In this thesis, we will provide constructions of non-malleable codes secure against a variety tampering classes with natural computational semantics:
• Bounded-Communication: Functions corresponding to 2-party protocols where each party receives half the input (respectively) and then may communicate <𝒏/4 bits before returning their (respective) half of the tampered output.
•Local Functions (Juntas):} each tampered output bit is only a function of n¹-ẟ inputs bits, where ẟ>0 is any constant (the efficiency of our code depends on ẟ). This class includes NC⁰.
•Decision Trees: each tampered output bit is a function of n¹/⁴-⁰(¹) adaptively chosen bits.
•Small-Depth Circuits: each tampered output bit is produced by a 𝒄log(n)/log log(n)-depth circuit of polynomial size, for some constant 𝒄. This class includes AC⁰.
•Low Degree Polynomials: each tampered output field element is produced by a low-degree (relative to the field size) polynomial.
•Polynomial-Size Circuit Tampering: each tampered codeword is produced by circuit of size 𝒏ᶜ where 𝒄 is any constant (the efficiency of our code depends on 𝒄). This result assumes that E is hard for exponential size nondeterministic circuits (all other results are unconditional).
We stress that our constructions are efficient (encoding and decoding can be performed in uniform polynomial time) and (with the exception of the last result, which assumes strong circuit lower bounds) enjoy unconditional, statistical security guarantees. We also illuminate some potential barriers to constructing codes for more complex computational classes from simpler assumptions.
|
115 |
Synchronization of chaotic circuits through real channelsBarnes, Wayne 30 March 2010 (has links)
Chaotic encryption is currently a popular topic in technical journals. A number of articles have been written proposing novel methods of encrypting data using chaotic signals. Most of the encryption schemes rely on the ability of chaotic systems to be synchronized. Pecora and Carroll, the noted experts on this topic, have published a number of papers describing the theory and presenting simulations of synchronized circuits. Their papers are most often cited as the source of synchronization theory. However, no tests have been performed exploring synchronization across anything but ideal channels.
This paper presents a brief background of chaotic signals. The basic theory of synchronizing chaotic signals is covered next. Finally a series of experiments are performed testing the ability of a chaotic signal to synchronize over various audio grade channels, the most often used medium for encrypted information.
The experiments show that there are considerable problems getting chaotic circuits to
synchronize over non-ideal channels. The failure to synchronize is discussed with respect to each channel tested. A number of additional research opportunities are presented. / Master of Science
|
116 |
Development of Data Encryption Algorithms for Secure Communication Using Public ImagesUllagaddi, Vishwanath 27 September 2012 (has links)
No description available.
|
117 |
The security of quantum cryptographyMiller, Justin C. 01 January 2004 (has links)
A common desire in today's world is that of security. Whether it is keeping your e-mail private or stopping the government from hacking into your computer, the idea behind cryptography is to communicate between two parties in different locations, and to secure this information from outsiders. During the last half century there have been numerous advances in encryption schemes and also in the machines that process such information. Modern encryption algorithms have become increasingly more complex with advances in computers and technology, and encryption algorithms such as RSA and DES have been presented as algorithms that have remained secure for decades. These recent advances in encryption schemes will be examined in the first part of this paper. On the other hand, because the security of classical ciphers relies on the secrecy of a key, advances in research and computing may begin to compromise the security of these cryptosystems, as quantum computers would be capable of mathematical calculations that could break many modern encryption algorithms. Unlike classical cryptosystems, quantum cryptography obeys the laws of quantum physics, resulting in a much stronger, provable security. Many great advances have come in recent decades, and the latter part of this paper deals with these advances as well as the phenomena of quantum physics, the evolution of quantum computing, and the study of quantum cryptography.
|
118 |
Network and system security in an information ageScully, Michael N. B. 01 January 2000 (has links)
In a time when networks are so readily interconnected around the world, computer security is a paramount concern for information technology professionals. As users, we regularly log onto terminals that are configured and maintained by others, running software developed by others, using operating systems with publicly known flaws, over networks connected by others, using protocols that were never constructed with security in mind. We rely on systems that we are forced to trust, connecting to remote systems we do not know, and only a finite minority of users has even the slightest conception of how these systems handle their information. Availability is the ultimate goal in providing usefulness and utility with an information system, but availability is also a detriment to system security. Avenues of availability are also avenues of potential data attack from malicious users or hackers. A certain level of confidentiality within data systems is necessary to assure the privacy of personal information as well as the secrecy of proprietary data. Users and information systems must be able to authenticate one another's identification while insuring transmissions between them remain unaltered in transit. This thesis is a discussion of network security considerations and network attack methodologies with respect to availability, confidentiality, and reliability. Network administrators must consider balancing these aspects in securing information systems.
|
119 |
Essays on Coercion and Signaling in CyberspaceJun, Dahsol January 2024 (has links)
This dissertation explores how coercive diplomacy works in cyberspace through three interrelated papers, each titled, Coercion in Cyberspace: A Model of Encryption Via Extortion, Variation in Coercion: Costly Signals That Also Undermine Attack Effectiveness, and Seeking Clarity In A Domain of Deception: Signaling and Indices in Cyberspace. As more strategic actors seek to employ cyber weapons as an important part of their military arsenal, refining the theory of cyber coercion is becoming more important in understanding coercive diplomacy and crisis dynamics in cyberspace. Although existing cyber conflict literature argues that cyber weapons make poor tools of coercion, the current theory does not necessarily match important empirical instances of successful coercion using cyber means, such as the ransomware and data extortion. This dissertation seeks to close this gap between theory and practice by specifying the conditions under which cyber coercion works. Relatedly, the dissertation also explores the conditions under which costly signaling works in conveying such coercive threats.
The first paper presents a formal model of cyber coercion that relies on data encryption, as a means of explaining why cyber weapons often rely on a different coercive logic. Coercion in International Relations is often conceptualized as the threat to hurt used in reserve, applied in settings such as the use of nuclear weapons or strategic bombing. However, history is ripe with instances of a different logic of coercion that relies on the application of costs up front, followedby a promise to stop. Application of such a coercive logic can be seen in instances such as sanctions, hostage-taking, and sieges. Existing literature argues that cyber weapons make poor tools of coercion, however this only examines cyber weapons under the first logic. However, cyber weapons, when examined under the second logic, are often quite successful, as the prevalence of the ransomware threat demonstrates. This paper specifies the conditions under which coercion using data encryption works in light of the second logic, and what unique commitment problems can undermine coercion in this situation. By applying costs up front, some cyber weapons resolve a key strategic dilemma in which conveying specific information regarding how the attack will unfold can allow the defender to take mitigations that render the planned attack useless.
The second paper complements the first paper by presenting a formal model that explores the first logic, and specifies the conditions under which cyber coercion relying on the threat to hurt used in reserve works. A key theory in the existing cyber conflict literature argues that cyber weapons make poor tools of coercion due to the “cyber commitment problem," in which a coercer faces a tradeoff between the need to credibly demonstrate specific capability to follow through with a threat, versus the propensity of the defender to use such information to adopt countermeasures. This tradeoff is not necessarily unique to cyberspace, but applicable to technologies that rely on degrees of deception for attack effectiveness, such as submarine warfare. I present a formal model motivated by cyber weapons but applicable to a broad range of technologies in International Relations, showing that the severity of this tradeoff is not constant but varies depending on exogenous factors, such as the probability that a defensive countermeasure can successfully neutralize a threatened attack. When the probability is high, this shrinks the range of costly signals that a coercer can send to maintain a separating equilibrium, however it does not necessarily mean that costly signaling is not possible. This paper formalizes and expands the logic behind the “cyber commitment problem" and shows that coercion can sometimes work even under the first logic.
The third paper examines the role of indices – or observations that are believed to be hard to deceive as opposed to overt signals of intent – in coercive diplomacy and crisis communications in cyberspace. Because actors acting in and through cyberspace have yet to come to a clear shared meaning as to what certain actions in cyberspace conveys in terms of intent and/or resolve, the tendency to instead rely on independent observation and assessment of “indices” to interpret these actions are more pronounced in cyber conflict. This paper uses cybersecurity advisories routinely published by the Cybersecurity and Infrastructure Security Agency (CISA) to examine what kinds of indices were used by the U.S. government to make assessments about an attacker’s intent regarding restraint or escalation. Interestingly, the same kind of cyber attack, for example the malicious compromise of a water utilities facility, is interpreted differently as escalatory or accommodative depending on consideration of “situational indices" such as the larger geopolitical context and attribution to a particular state actor, beyond the technical facts. This paper assesses that indices are being used too broadly, even when they can be manipulated easily or are linked to perceptions and biases instead of facts. Such practices can lead to situations where the same costly signal sent by the sender in the context of coercive diplomacy or crisis communications can be interpreted differently by the receiver depending on the suite of indices they are relying on, raising the risk of misperception and crisis escalation in cyberspace.
|
120 |
High-performance advanced encryption standard (AES) security co-processor designTandon, Prateek 01 December 2003 (has links)
see PDF
|
Page generated in 0.1219 seconds