Data Protection and Data Elimination

Budd, Chris

10 1900

ITC/USA 2015 Conference Proceedings / The Fifty-First Annual International Telemetering Conference and Technical Exhibition / October 26-29, 2015 / Bally's Hotel & Convention Center, Las Vegas, NV / Data security is becoming increasingly important in all areas of storage. The news services frequently have stories about lost or stolen storage devices and the panic it causes. Data security in an SSD usually involves two components: data protection and data elimination. Data protection includes passwords to protect against unauthorized access and encryption to protect against recovering data from the flash chips. Data elimination includes erasing the encryption key and erasing the flash. Telemetry applications frequently add requirements such as write protection, external erase triggers, and overwriting the flash after the erase. This presentation will review these data security features.

SSD

data protection

passwords

encryption

SED

data elimination

erase

sanitization

On the effciency of code-based steganography

Ralaivaosaona, Tanjona Fiononana

03 1900

Thesis (MSc)--Stellenbosch University, 2015 / ENGLISH ABSTRACT: Steganography is the art of hiding information inside a data host called the cover. The amount of distortion caused by that embedding can influence the security of the steganographic system. By secrecy we mean the detectability of the existence of the secret in the cover, by parties other than the sender and the intended recipient. Crandall (1998) proposed that coding theory (in particular the notion of covering radius) might be used to minimize embedding distortion in steganography. This thesis provides a study of that suggestion. Firstly a method of constructing a steganographic schemes with small embedding radius is proposed by using a partition of the set of all covers into subsets indexed by the set of embeddable secrets, where embedding a secret s is a maximum likelihood decoding problem on the subset indexed by s. This converts the problem of finding a stego-scheme with small embedding radius to a coding theoretic problem. Bounds are given on the maximum amount of information that can be embedded. That raises the question of the relationship between perfect codes and perfect steganographic schemes. We define a translation from perfect linear codes to steganographic schemes; the latter belong to the family of matrix embedding schemes, which arise from random linear codes. Finally, the capacity of a steganographic scheme with embedding constraint is investigated, as is the embedding efficiency to evaluate the performance of steganographic schemes. / AFRIKAANSE OPSOMMING: Steganografie is die kuns van die wegsteek van geheime inligting in 'n data gasheer genoem die dekking. Die hoeveelheid distorsie veroorsaak deur die inbedding kan die veiligheid van die steganografiese stelsel beïnvloed. Deur geheimhouding bedoel ons die opspoorbaarheid van die bestaan van die geheim in die dekking, deur ander as die sender en die bedoelde ontvanger partye. Crandall (1998) het voorgestel dat kodeerteorie (in besonder die idee van dekking radius) kan gebruik word om inbedding distorsie te verminder in steganografie. Hierdie tesis bied 'n studie van daardie voorstel. Eerstens 'n metode van die bou van 'n steganografiese skema met 'n klein inbedding radius word voorgestel deur die gebruik van 'n partisie van die versameling van alle dekkings in deelversamelings geïndekseer deur die versameling van inbedbare geheime, waar inbedding 'n geheime s is 'n maksimum waarskynlikheid dekodering probleem op die deelversameling geïndekseer deur s. Dit vat die probleem van die vind van 'n stego-skema met klein inbedding radius na 'n kodering teoretiese probleem. Grense word gegee op die maksimum hoeveelheid inligting wat ingebed kan word. Dit bring op die vraag van die verhouding tussen perfekte kodes en perfekte steganographic skemas. Ons definieer 'n vertaling van perfekte lineêre kodes na steganographic skemas; laasgenoemde behoort aan die familie van matriks inbedding skemas, wat ontstaan as gevolg van ewekansige lineêre kodes. Laasten, die kapasiteit van 'n steganografiese skema met inbedding beperking word ondersoek, asook die inbedding doeltreffendheid om die prestasie van steganografiese skemas te evalueer.

Hidden information

Coding

UCTD

Cryptography

Data encryption (Computer science)

Towards Secure and Trustworthy Wireless Ad hoc Networks

Ren, Yonglin

19 June 2012

Due to the attractive advantages of wireless communication technologies, wireless networking and mobile computing has developed expeditiously and gained ample prevalence. Thereby, many practical applications are being designed for the use of wireless ad hoc networks in both military and civilian scenarios. However, some security concerns have arisen from such networks, especially in that misbehaving nodes pose a major threat during the construction of a trusted network. Therefore, security is one of the key challenges in wireless ad hoc networks, requiring significant attention due to their own features and concerns. This thesis presents several computational models and security strategies for the design of secure, trustworthy networks, which are able to make rational decisions when encountering potential threats. In this thesis, we first propose a distributed network management model for secure group communication. Our approach simplifies the complexity of traditional group management and supports the inclusion of other security mechanisms for the purpose of secure communications. As a decentralized management method, trust can perform well in a dynamic and agile environment. Our proposed trust system defines the concept of trust, establishes the trust relationship between distributed nodes, involves the novel and effective computational model, and specifies a set of trust-based rules in this system for wireless nodes. We also propose a hybrid cryptosystem through the application of both symmetric and asymmetric key algorithms to provide reliable and secure protection of data confidentiality. With the design of selective encryption, uncertainty is incorporated into data encryption and the overhead spent on the data protection is significantly reduced. Thus, the communicating parties not only obtain reliable security protection, but also improve the efficiency of data communication. Through security analysis and simulation experiments, we have shown how decentralized management is useful in wireless and ad hoc scenarios, how trust provides feasible solutions for misbehavior detection, and how our proposed strategies offer security properties.

Wireless Security

Trust Management

Hybrid Cryptosystem

Selective Encryption

Design and implementation of a collaborative secure storage solution

Kangas, Fredrik, Wihlborg, Sebastian

January 2016

In the modern enterprises it is common that support and maintenance of IT environments are outsourced to third parties. In this setting, unencrypted confidential data may pose a problem since administrators maintaining the outsourced system can access confidential information if stored unencrypted. This thesis work, performed at ELITS, presents a solution to this problem; a design of a collaborative storage system where all files at rest (i.e. stored on disk) and in transit remain encrypted is proposed. The design uses a hybrid encryption scheme to protect the encryption keys used. The keys can safely be stored in a centralized database as well as sent to the clients without risk of unauthorized parties gaining access to the stored data. The design was also implemented as a proof of concept in order to establish that it was possible to realize.

Hybrid encryption system

Secure storage

Collaborative encrypted storage

Frequency and encryption usage, investigation of the wireless landscape. : A study of access points in Karlskrona

Karlsson, Emelia, Lidmark, Joel

January 2019

Background. Wireless connectivity is simple and convenient for the user. This is the reasons why it is predominantly used today for local networks at home. However the potential drawbacks facing this technology is unknown to many of its users. This study is aimed at examining some of these issues in the context of what is used today.Objectives. This study intends to research what types of security features and frequency settings are being used today. It also aims to evaluate what this means in the context of security and usability effecting the user.Methods. The approach of this study is to gather networks in different geographical areas. To do this a Raspberry Pi with an external antenna is used. When the data collection is completed, the networks are broken down into categories. Results. The results show significant frequency overlap on the most commonly used channels. There are vastly more overlap in areas with apartment buildings compared to other residential areas. The results also show that most networks are using secure encryption settings. Conclusions. Careful selection of channels is required to minimise interference, but methods for doing so is specific for each environment. Security wise there are no big concerns except when it comes to password selection.

security

encryption

wireless

cryptography

interference

Computer Sciences

Datavetenskap (datalogi)

Tópicos de criptografia para ensino médio / Encryption topics for high school

Rodrigues, Marcelo Araujo

17 May 2016

Esta dissertação apresenta, aos alunos e professores do ensino Médio, uma noção elementar da criptografia, através de alguns tipos de cifras, a trinca americana e do método de criptografia RSA. Para que isso fosse possível houve a introdução de conceitos básicos entre eles, conjuntos, funções, divisibilidade, números primos, congruência, teorema de Fermat e teorema de Euler, que garantem o funcionamento de algumas dessas cifras, da trinca americana e do sistema RSA. Com relação à trinca americana, que é um sistema que permite comunicar uma troca de chave, iremos propor uma composição de cifras, para que haja uma troca de mensagens e seja um exemplo motivador que introduza o sistema de RSA. Além disso, esses conceitos básicos podem ser úteis ao serem levados à sala de aula como motivação para o aprendizado dos alunos, seja para calcular com mais agilidade e simplicidade determinados exercícios, seja para resolver uma situação problema ou mesmo para descobrir uma nova maneira de visualizar conteúdos já vistos em sala de aula. / This dissertation presentes, to students and high school teachers, an elementary notion of cryptography through some types of cyphers, the asymmetric key algorithm and the RSA encryption method. To make this possible, we introduce basic concepts among them, set theory, functions, divisibility, primes, congruence, Fermat\'s theorem and Euler\'s theorem, which guarantee the functioning of some of these encryptions. Relating to the asymmetric key algorithm, which is a system that allows you to communicate a key exchange, we will propose a set of cyphers, so that it is possible a secure message exchange, which is also a motivating example to introduce the RSA system. In addition, these basic concepts can be useful when being taken to the classroom as the motivation for the learning of students, whether to calculate with more agility and simplicity certain exercises, whether to resolve a situation-problem or even to discover a new way to discuss subjects usually seen in the classroom.

Arithmetic

Aritmética

Congruence

Congruência

Criptografia.

Divisibilidade

Divisibility

Encryption.

Funções

Functions

Lattice-based digital signature and discrete gaussian sampling

Ricosset, Thomas

12 November 2018

Lattice-based cryptography has generated considerable interest in the last two decades due toattractive features, including conjectured security against quantum attacks, strong securityguarantees from worst-case hardness assumptions and constructions of fully homomorphicencryption schemes. On the other hand, even though it is a crucial part of many lattice-basedschemes, Gaussian sampling is still lagging and continues to limit the effectiveness of this newcryptography. The first goal of this thesis is to improve the efficiency of Gaussian sampling forlattice-based hash-and-sign signature schemes. We propose a non-centered algorithm, with aflexible time-memory tradeoff, as fast as its centered variant for practicable size of precomputedtables. We also use the Rényi divergence to bound the precision requirement to the standarddouble precision. Our second objective is to construct Falcon, a new hash-and-sign signaturescheme, based on the theoretical framework of Gentry, Peikert and Vaikuntanathan for latticebasedsignatures. We instantiate that framework over NTRU lattices with a new trapdoor sampler.

Cryptography

Lattices

Gaussian sampling

Digital signature

Fully homomorphic encryption

Quantum Circuits for Symmetric Cryptanalysis

Unknown Date

Quantum computers and quantum computing is a reality of the near feature. Companies such as Google and IBM have already declared they have built a quantum computer and tend to increase their size and capacity moving forward. Quantum computers have the ability to be exponentially more powerful than classical computers today. With this power modeling behavior of atoms or chemical reactions in unusual conditions, improving weather forecasts and traffic conditions become possible. Also, their ability to exponentially speed up some computations makes the security of todays data and items a major concern and interest. In the area of cryptography, some encryption schemes (such as RSA) are already deemed broken by the onset of quantum computing. Some encryption algorithms have already been created to be quantum secure and still more are being created each day. While these algorithms in use today are considered quantum-safe not much is known of what a quantum attack would look like on these algorithms. Specifically, this paper discusses how many quantum bits, quantum gates and even the depth of these gates that would be needed for such an attack. The research below was completed to shed light on these areas and offer some concrete numbers of such an attack. / Includes bibliography. / Dissertation (Ph.D.)--Florida Atlantic University, 2018. / FAU Electronic Theses and Dissertations Collection

Quantum computing

Cryptography

Cryptanalysis

Data encryption (Computer science)

Computer algorithms

On secure messaging

Cohn-Gordon, Katriel

January 2018

What formal guarantees should a secure messaging application provide? Do the most widely-used protocols provide them? Can we do better? In this thesis we answer these questions and with them give a formal study of modern secure messaging protocols, which encrypt the personal messages of billions of users. We give definitions and analyses of two protocols: one existing (Signal) and one new (ART). For Signal, we begin by extending and generalising classic computational models, in order to apply them to its complex ratcheting key derivations. With a threat model in mind we also define a security property, capturing strong secrecy and authentication guarantees including a new one which we call "post-compromise security". We instantiate Signal as a protocol in our model, stating its security theorem and sketching a computational reduction. Signal only supports encrypting messages between two devices, and so most implementers have built custom protocols on top of it to support group conversations. These protocols usually provide weaker security guarantees, and in particular usually do not have post-compromise security. We propose a new protocol called ART, whose goal is to bring Signal's strong security properties to conversations with multiple users and devices. We give a design rationale and a precise definition of ART, and again generalise existing computational models in order to formally specify its security properties and sketch a security reduction. ART has enjoyed widespread interest from industry, and we aim to turn it into an open standard for secure messaging. To that end, we have brought it to the IETF and formed a working group called Messaging Layer Security, with representatives from academia as well as Facebook, Google, Twitter, Wire, Cisco and more. Through MLS, we hope to bring ART's strong guarantees to practical implementations across industry. After concluding our analyses we pause for a moment, and start looking towards the future. We argue that for complex protocols like Signal and ART we are reaching the limits of computational methods, and that the future for their analysis lies with symbolic verification tools. To that end we return to the symbolic model and give a number of case studies, in each one showing how a traditional limitation of symbolic models can in fact be seen as a modelling artefact.

Identity based cryptography from pairings.

January 2006

Yuen Tsz Hon. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2006. / Includes bibliographical references (leaves 109-122). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iii / List of Notations --- p.viii / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Identity Based Cryptography --- p.3 / Chapter 1.2 --- Hierarchical Identity Based Cryptosystem --- p.4 / Chapter 1.3 --- Our contributions --- p.5 / Chapter 1.4 --- Publications --- p.5 / Chapter 1.4.1 --- Publications Produced from This Thesis --- p.5 / Chapter 1.4.2 --- Publications During Author's Study in the Degree --- p.6 / Chapter 1.5 --- Thesis Organization --- p.6 / Chapter 2 --- Background --- p.8 / Chapter 2.1 --- Complexity Theory --- p.8 / Chapter 2.1.1 --- Order Notation --- p.8 / Chapter 2.1.2 --- Algorithms and Protocols --- p.9 / Chapter 2.1.3 --- Relations and Languages --- p.11 / Chapter 2.2 --- Algebra and Number Theory --- p.12 / Chapter 2.2.1 --- Groups --- p.12 / Chapter 2.2.2 --- Elliptic Curve --- p.13 / Chapter 2.2.3 --- Pairings --- p.14 / Chapter 2.3 --- Intractability Assumptions --- p.15 / Chapter 2.4 --- Cryptographic Primitives --- p.18 / Chapter 2.4.1 --- Public Key Encryption --- p.18 / Chapter 2.4.2 --- Digital Signature --- p.19 / Chapter 2.4.3 --- Zero Knowledge --- p.21 / Chapter 2.5 --- Hash Functions --- p.23 / Chapter 2.6 --- Random Oracle Model --- p.24 / Chapter 3 --- Literature Review --- p.26 / Chapter 3.1 --- Identity Based Signatures --- p.26 / Chapter 3.2 --- Identity Based Encryption --- p.27 / Chapter 3.3 --- Identity Based Signcryption --- p.27 / Chapter 3.4 --- Identity Based Blind Signatures --- p.28 / Chapter 3.5 --- Identity Based Group Signatures --- p.28 / Chapter 3.6 --- Hierarchical Identity Based Cryptography --- p.29 / Chapter 4 --- Blind Identity Based Signcryption --- p.30 / Chapter 4.1 --- Schnorr's ROS problem --- p.31 / Chapter 4.2 --- BIBSC and Enhanced IBSC Security Model --- p.32 / Chapter 4.2.1 --- Enhanced IBSC Security Model --- p.33 / Chapter 4.2.2 --- BIBSC Security Model --- p.36 / Chapter 4.3 --- Efficient and Secure BIBSC and IBSC Schemes --- p.38 / Chapter 4.3.1 --- Efficient and Secure IBSC Scheme --- p.38 / Chapter 4.3.2 --- The First BIBSC Scheme --- p.43 / Chapter 4.4 --- Generic Group and Pairing Model --- p.47 / Chapter 4.5 --- Comparisons --- p.52 / Chapter 4.5.1 --- Comment for IND-B --- p.52 / Chapter 4.5.2 --- Comment for IND-C --- p.54 / Chapter 4.5.3 --- Comment for EU --- p.55 / Chapter 4.6 --- Additional Functionality of Our Scheme --- p.56 / Chapter 4.6.1 --- TA Compatibility --- p.56 / Chapter 4.6.2 --- Forward Secrecy --- p.57 / Chapter 4.7 --- Chapter Conclusion --- p.57 / Chapter 5 --- Identity Based Group Signatures --- p.59 / Chapter 5.1 --- New Intractability Assumption --- p.61 / Chapter 5.2 --- Security Model --- p.62 / Chapter 5.2.1 --- Syntax --- p.63 / Chapter 5.2.2 --- Security Notions --- p.64 / Chapter 5.3 --- Constructions --- p.68 / Chapter 5.3.1 --- Generic Construction --- p.68 / Chapter 5.3.2 --- An Instantiation: IBGS-SDH --- p.69 / Chapter 5.4 --- Security Theorems --- p.73 / Chapter 5.5 --- Discussions --- p.81 / Chapter 5.5.1 --- Other Instantiations --- p.81 / Chapter 5.5.2 --- Short Ring Signatures --- p.82 / Chapter 5.6 --- Chapter Conclusion --- p.82 / Chapter 6 --- Hierarchical IBS without Random Oracles --- p.83 / Chapter 6.1 --- New Intractability Assumption --- p.87 / Chapter 6.2 --- Security Model: HIBS and HIBSC --- p.89 / Chapter 6.2.1 --- HIBS Security Model --- p.89 / Chapter 6.2.2 --- Hierarchical Identity Based Signcryption (HIBSC) --- p.92 / Chapter 6.3 --- Efficient Instantiation of HIBS --- p.95 / Chapter 6.3.1 --- Security Analysis --- p.96 / Chapter 6.3.2 --- Ordinary Signature from HIBS --- p.101 / Chapter 6.4 --- Plausibility Arguments for the Intractability of the OrcYW Assumption --- p.102 / Chapter 6.5 --- Efficient HIBSC without Random Oracles --- p.103 / Chapter 6.5.1 --- Generic Composition from HIBE and HIBS --- p.104 / Chapter 6.5.2 --- Concrete Instantiation --- p.105 / Chapter 6.6 --- Chapter Conclusion --- p.107 / Chapter 7 --- Conclusion --- p.108 / Bibliography --- p.109

Public key cryptography

Computers--Access control

Data encryption (Computer science)