Global ETD Search

131	Efficient Elliptic Curve Processor Architectures for Field Programmable Logic Orlando, Gerardo 27 March 2002 (has links) Elliptic curve cryptosystems offer security comparable to that of traditional asymmetric cryptosystems, such as those based on the RSA encryption and digital signature algorithms, with smaller keys and computationally more efficient algorithms. The ability to use smaller keys and computationally more efficient algorithms than traditional asymmetric cryptographic algorithms are two of the main reasons why elliptic curve cryptography has become popular. As the popularity of elliptic curve cryptography increases, the need for efficient hardware solutions that accelerate the computation of elliptic curve point multiplications also increases. This dissertation introduces elliptic curve processor architectures suitable for the computation of point multiplications for curves defined over fields GF(2^m) and curves defined over fields GF(p). Each of the processor architectures presented here allows designers to tailor the performance and hardware requirements according to their performance and cost goals. Moreover, these architectures are well suited for implementation in modern field programmable gate arrays (FPGAs). This point was proved with prototyped implementations. The fastest prototyped GF(2^m) processor can compute an arbitrary point multiplication for curves defined over fields GF(2^167) in 0.21 milliseconds and the prototyped processor for the field GF(2^192-2^64-1) is capable of computing a point multiplication in about 3.6 milliseconds. The most critical component of an elliptic curve processor is its arithmetic unit. A typical arithmetic unit includes an adder/subtractor, a multiplier, and possibly a squarer. Some of the architectures presented in this work are based on multiplier and squarer architectures developed as part of the work presented in this dissertation. The GF(2^m) least significant bit super-serial multiplier architecture, the GF(2^m) most significant bit super-serial multiplier architecture, and a new GF(p) Montgomery multiplier architecture were developed as part of this work together with a new squaring architecture for GF(2^m). computer arithmetic elliptic curves cryptography Data encryption (Computer science) Curves Elliptic Field programmable gate arrays
132	Secure Computation Towards Practical Applications Krell Loy, Fernando January 2016 (has links) Secure multi-party computation (MPC) is a central area of research in cryptography. Its goal is to allow a set of players to jointly compute a function on their inputs while protecting and preserving the privacy of each player's input. Motivated by the huge growth of data available and the rise of global privacy concerns of entities using this data, we study the feasibility of using secure computation techniques on large scale data sets to address these concerns. An important limitation of generic secure computation protocols is that they require at least linear time complexity. This seems to rule out applications involving big amounts of data. On the other hand, specific applications may have particular properties that allow for ad-hoc secure protocols overcoming the linear time barrier. In addition, in some settings the full level of security guaranteed by MPC protocols may not be required, and some controlled amount of privacy leakage can be acceptable. Towards this end, we first take a theoretical point of view, and study whether sublinear time RAM programs can be computed securely with sublinear time complexity in the two party setting. We then take a more practical approach, and study the specific scenario of private database querying, where both the server's data and the client's query need to be protected. In this last setting we provide two private database management systems achieving different levels of efficiency, functionality, and security. These three results provide an overview of this three-dimensional trade-off space. For the above systems, we describe formal security definitions and stablish mathematical proofs of security. We also take a practical approach roviding an implementation of the systems and experimental analysis of their efficiency. Computer security Data encryption (Computer science) Computer science Cryptography Information technology
133	Understanding Flaws in the Deployment and Implementation of Web Encryption Sivakorn, Suphannee January 2018 (has links) In recent years, the web has switched from using the unencrypted HTTP protocol to using encrypted communications. Primarily, this resulted in increasing deployment of TLS to mitigate information leakage over the network. This development has led many web service operators to mistakenly think that migrating from HTTP to HTTPS will magically protect them from information leakage without any additional effort on their end to guar- antee the desired security properties. In reality, despite the fact that there exists enough infrastructure in place and the protocols have been “tested” (by virtue of being in wide, but not ubiquitous, use for many years), deploying HTTPS is a highly challenging task due to the technical complexity of its underlying protocols (i.e., HTTP, TLS) as well as the complexity of the TLS certificate ecosystem and this of popular client applications such as web browsers. For example, we found that many websites still avoid ubiquitous encryption and force only critical functionality and sensitive data access over encrypted connections while allowing more innocuous functionality to be accessed over HTTP. In practice, this approach is prone to flaws that can expose sensitive information or functionality to third parties. Thus, it is crucial for developers to verify the correctness of their deployments and implementations. In this dissertation, in an effort to improve users’ privacy, we highlight semantic flaws in the implementations of both web servers and clients, caused by the improper deployment of web encryption protocols. First, we conduct an in-depth assessment of major websites and explore what functionality and information is exposed to attackers that have hijacked a user’s HTTP cookies. We identify a recurring pattern across websites with partially de- ployed HTTPS, namely, that service personalization inadvertently results in the exposure of private information. The separation of functionality across multiple cookies with different scopes and inter-dependencies further complicates matters, as imprecise access control renders restricted account functionality accessible to non-secure cookies. Our cookie hijacking study reveals a number of severe flaws; for example, attackers can obtain the user’s saved address and visited websites from e.g., Google, Bing, and Yahoo allow attackers to extract the contact list and send emails from the user’s account. To estimate the extent of the threat, we run measurements on a university public wireless network for a period of 30 days and detect over 282K accounts exposing the cookies required for our hijacking attacks. Next, we explore and study security mechanisms purposed to eliminate this problem by enforcing encryption such as HSTS and HTTPS Everywhere. We evaluate each mechanism in terms of its adoption and effectiveness. We find that all mechanisms suffer from implementation flaws or deployment issues and argue that, as long as servers continue to not support ubiquitous encryption across their entire domain, no mechanism can effectively protect users from cookie hijacking and information leakage. Finally, as the security guarantees of TLS (in turn HTTPS), are critically dependent on the correct validation of X.509 server certificates, we study hostname verification, a critical component in the certificate validation process. We develop HVLearn, a novel testing framework to verify the correctness of hostname verification implementations and use HVLearn to analyze a number of popular TLS libraries and applications. To this end, we found 8 unique violations of the RFC specifications. Several of these violations are critical and can render the affected implementations vulnerable to man-in-the-middle attacks. Computer science Data encryption (Computer science) Web servers Internet--Security measures
134	An algebraic attack on block ciphers Unknown Date (has links) The aim of this work is to investigate an algebraic attack on block ciphers called Multiple Right Hand Sides (MRHS). MRHS models a block cipher as a system of n matrix equations Si := Aix = [Li], where each Li can be expressed as a set of its columns bi1, . . . , bisi . The set of solutions Ti of Si is dened as the union of the solutions of Aix = bij , and the set of solutions of the system S1, . . . , Sn is dened as the intersection of T1, . . . , Tn. Our main contribution is a hardware platform which implements a particular algorithm that solves MRHS systems (and hence block ciphers). The case is made that the platform performs several thousand orders of magnitude faster than software, it costs less than US$1,000,000, and that actual times of block cipher breakage can be calculated once it is known how the corresponding software behaves. Options in MRHS are also explored with a view to increase its efficiency. / by Kenneth Matheis. / Thesis (M.S.C.S.)--Florida Atlantic University, 2010. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2010. Mode of access: World Wide Web. Ciphers Cryptography Data encryption (Computer science) Computer security Coding theory
135	Quantum cryptography and applications in the optical fiber network. / CUHK electronic theses & dissertations collection / Digital dissertation consortium January 2005 (has links) In this thesis research, a novel scheme to implement quantum key distribution based on multiphoton entanglement with a new protocol is proposed. Its advantages are: a larger information capacity can be obtained with a longer transmission distance and the detection of multiple photons is easier than that of a single photon. The security and attacks pertaining to such a system are also studied. / Lastly, a quantum random number generator based on quantum optics has been experimentally demonstrated. This device is a key component for quantum key distribution as it can create truly random numbers, which is an essential requirement to perform quantum key distribution. This new generator is composed of a single optical fiber coupler with fiber pigtails, which can be easily used in optical fiber communications. / Next, a quantum key distribution over wavelength division multiplexed (WDM) optical fiber networks is realized. Quantum key distribution in networks is a long-standing problem for practical applications. Here we combine quantum cryptography and WDM to solve this problem because WDM technology is universally deployed in the current and next generation fiber networks. The ultimate target is to deploy quantum key distribution over commercial networks. The problems arising from the networks are also studied in this part. / Quantum cryptography, as part of quantum information and communications, can provide absolute security for information transmission because it is established on the fundamental laws of quantum theory, such as the principle of uncertainty, No-cloning theorem and quantum entanglement. / Then quantum key distribution in multi-access networks using wavelength routing technology is investigated in this research. For the first time, quantum cryptography for multiple individually targeted users has been successfully implemented in sharp contrast to that using the indiscriminating broadcasting structure. It overcomes the shortcoming that every user in the network can acquire the quantum key signals intended to be exchanged between only two users. Furthermore, a more efficient scheme of quantum key distribution is adopted, hence resulting in a higher key rate. / Luo, Yuhui. / "January 2005." / Adviser: K. T. Chan. / Source: Dissertation Abstracts International, Volume: 67-01, Section: B, page: 0338. / Thesis (Ph.D.)--Chinese University of Hong Kong, 2005. / Includes bibliographical references. / Electronic reproduction. Hong Kong : Chinese University of Hong Kong, [2012] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. [Ann Arbor, MI] : ProQuest Information and Learning, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Electronic reproduction. Ann Arbor, MI : ProQuest Information and Learning Company, [200-] System requirements: Adobe Acrobat Reader. Available via World Wide Web. / Abstracts in English and Chinese. / School code: 1307. Computer networks Cryptography Data encryption (Computer science) Fiber optics Optical communications
136	Asymmetric reversible parametric sequences approach to design a multi-key secure multimedia proxy: theory, design and implementation. January 2003 (has links) Yeung Siu Fung. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2003. / Includes bibliographical references (leaves 52-53). / Abstracts in English and Chinese. / Abstract --- p.ii / Acknowledgement --- p.v / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Multi-Key Encryption Theory --- p.7 / Chapter 2.1 --- Reversible Parametric Sequence --- p.7 / Chapter 2.2 --- Implementation of ARPSf --- p.11 / Chapter 3 --- Multimedia Proxy: Architectures and Protocols --- p.16 / Chapter 3.1 --- Operations to Request and Cache Data from the Server --- p.16 / Chapter 3.2 --- Operations to Request Cached Data from the Multimedia Proxy --- p.18 / Chapter 3.3 --- Encryption Configuration Parameters (ECP) --- p.19 / Chapter 4 --- Extension to multi-level proxy --- p.24 / Chapter 5 --- Secure Multimedia Library (SML) --- p.27 / Chapter 5.1 --- Proxy Pre-fetches and Caches Data --- p.27 / Chapter 5.2 --- Client Requests Cached Data From the Proxy --- p.29 / Chapter 6 --- Implementation Results --- p.31 / Chapter 7 --- Related Work --- p.40 / Chapter 8 --- Conclusion --- p.42 / Chapter A --- Function Prototypes of Secure Multimedia Library (SML) --- p.44 / Chapter A.1 --- CONNECTION AND AUTHENTICATION --- p.44 / Chapter A.1.1 --- Create SML Session --- p.44 / Chapter A.1.2 --- Public Key Manipulation --- p.44 / Chapter A.1.3 --- Authentication --- p.45 / Chapter A.1.4 --- Connect and Accept --- p.46 / Chapter A.1.5 --- Close Connection --- p.47 / Chapter A.2 --- SECURE DATA TRANSMISSION --- p.47 / Chapter A.2.1 --- Asymmetric Reversible Parametric Sequence and En- cryption Configuration Parameters --- p.47 / Chapter A.2.2 --- Bulk Data Encryption and Decryption --- p.48 / Chapter A.2.3 --- Entire Data Encryption and Decryption --- p.49 / Chapter A.3 --- Secure Proxy Architecture --- p.49 / Chapter A.3.1 --- Proxy-Server Connection --- p.49 / Chapter A.3.2 --- ARPS and ECP --- p.49 / Chapter A.3.3 --- Initial Sever Encryption --- p.50 / Chapter A.3.4 --- Proxy Re-Encryption --- p.51 / Chapter A.3.5 --- Client Decryption --- p.51 / Bibliography --- p.52 Data encryption (Computer science) Computer networks--Security measures Web servers--Security measures Multimedia systems
137	Privacy preserving in serial data and social network publishing. January 2010 (has links) Liu, Jia. / "August 2010." / Thesis (M.Phil.)--Chinese University of Hong Kong, 2010. / Includes bibliographical references (p. 69-72). / Abstracts in English and Chinese. / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Related Work --- p.3 / Chapter 3 --- Privacy Preserving Network Publication against Structural Attacks --- p.5 / Chapter 3.1 --- Background and Motivation --- p.5 / Chapter 3.1.1 --- Adversary knowledge --- p.6 / Chapter 3.1.2 --- Targets of Protection --- p.7 / Chapter 3.1.3 --- Challenges and Contributions --- p.10 / Chapter 3.2 --- Preliminaries and Problem Definition --- p.11 / Chapter 3.3 --- Solution:K-Isomorphism --- p.15 / Chapter 3.4 --- Algorithm --- p.18 / Chapter 3.4.1 --- Refined Algorithm --- p.21 / Chapter 3.4.2 --- Locating Vertex Disjoint Embeddings --- p.30 / Chapter 3.4.3 --- Dynamic Releases --- p.32 / Chapter 3.5 --- Experimental Evaluation --- p.34 / Chapter 3.5.1 --- Datasets --- p.34 / Chapter 3.5.2 --- Data Structure of K-Isomorphism --- p.37 / Chapter 3.5.3 --- Data Utilities and Runtime --- p.42 / Chapter 3.5.4 --- Dynamic Releases --- p.47 / Chapter 3.6 --- Conclusions --- p.47 / Chapter 4 --- Global Privacy Guarantee in Serial Data Publishing --- p.49 / Chapter 4.1 --- Background and Motivation --- p.49 / Chapter 4.2 --- Problem Definition --- p.54 / Chapter 4.3 --- Breach Probability Analysis --- p.57 / Chapter 4.4 --- Anonymization --- p.58 / Chapter 4.4.1 --- AG size Ratio --- p.58 / Chapter 4.4.2 --- Constant-Ratio Strategy --- p.59 / Chapter 4.4.3 --- Geometric Strategy --- p.61 / Chapter 4.5 --- Experiment --- p.62 / Chapter 4.5.1 --- Dataset --- p.62 / Chapter 4.5.2 --- Anonymization --- p.63 / Chapter 4.5.3 --- Evaluation --- p.64 / Chapter 4.6 --- Conclusion --- p.68 / Bibliography --- p.69 Data protection Data mining Database security
138	APPLICATION OF BLOCKCHAIN NETWORK FOR THE USE OF INFORMATION SHARING Unknown Date (has links) The Blockchain concept was originally developed to provide security in the Bitcoin cryptocurrency network, where trust is achieved through the provision of an agreed-upon and immutable record of transactions between parties. The use of a Blockchain as a secure, publicly distributed ledger is applicable to fields beyond finance, and is an emerging area of research across many other fields in the industry. This thesis considers the feasibility of using a Blockchain to facilitate secured information sharing between parties, where a lack of trust and absence of central control are common characteristics. Implementation of a Blockchain Information Sharing system will be designed on an existing Blockchain network with as a communicative party members sharing secured information. The benefits and risks associated with using a public Blockchain for information sharing will also be discussed. / Includes bibliography. / Thesis (M.S.)--Florida Atlantic University, 2019. / FAU Electronic Theses and Dissertations Collection Blockchains (Databases) Data encryption (Computer science) Personal data protection Bitcoin
139	Novel Cryptographic Primitives and Protocols for Censorship Resistance Dyer, Kevin Patrick 24 July 2015 (has links) Internet users rely on the availability of websites and digital services to engage in political discussions, report on newsworthy events in real-time, watch videos, etc. However, sometimes those who control networks, such as governments, censor certain websites, block specific applications or throttle encrypted traffic. Understandably, when users are faced with egregious censorship, where certain websites or applications are banned, they seek reliable and efficient means to circumvent such blocks. This tension is evident in countries such as a Iran and China, where the Internet censorship infrastructure is pervasive and continues to increase in scope and effectiveness. An arms race is unfolding with two competing threads of research: (1) network operators' ability to classify traffic and subsequently enforce policies and (2) network users' ability to control how network operators classify their traffic. Our goal is to understand and progress the state-of-the-art for both sides. First, we present novel traffic analysis attacks against encrypted communications. We show that state-of-the-art cryptographic protocols leak private information about users' communications, such as the websites they visit, applications they use, or languages used for communications. Then, we investigate means to mitigate these privacy-compromising attacks. Towards this, we present a toolkit of cryptographic primitives and protocols that simultaneously (1) achieve traditional notions of cryptographic security, and (2) enable users to conceal information about their communications, such as the protocols used or websites visited. We demonstrate the utility of these primitives and protocols in a variety of real-world settings. As a primary use case, we show that these new primitives and protocols protect network communications and bypass policies of state-of-the-art hardware-based and software-based network monitoring devices. Computer networks -- Security measures Internet -- Censorship -- Prevention Computer Sciences Information Security
140	Construction and formal security analysis of cryptographic schemes in the public key setting Baek, Joonsang, 1973- January 2004 (has links) Abstract not available Cryptography Computer security Computer networks -- Security measures Data protection Data encryption (Computer science)

Search results