The application of hash chains and hash structures to cryptography

Page, Thomas

January 2009

In this thesis we study how hash chains and other hash structures can be used in various cryptographic applications. In particular we focus on the applications of entity authentication, signatures and key establishment. We study recursive application of hash functions to create hash chains, hash trees and other hash structures. We collate all these to form a catalogue of structures that we apply to various cryptographic applications. We study existing work on authentication and create many entity authentication schemes based on structures from our catalogue. We present a novel algorithm to find efficient signature schemes from any given hash structure. We study some suggestions for suitable hash structures and define a particular scalable hash structure complete with a simple message to signature map that is the most efficient such scheme of which we know. We explore k-time signature schemes and identify two new properties, which we call perforated and porous. We look at the application of hash structures to key establishment schemes. We compare the existing schemes and make improvements on many. We present a new key establishment scheme, and show a link between certain k-time signatures and certain key establishment schemes. We look at the other applications of hash structures, and suggest areas in which our catalogue could be used for further development.

500

Improved Internet Security Protocols Using Cryptographic One-Way Hash Chains

Alabrah, Amerah

01 January 2014

In this dissertation, new approaches that utilize the one-way cryptographic hash functions in designing improved network security protocols are investigated. The proposed approaches are designed to be scalable and easy to implement in modern technology. The first contribution explores session cookies with emphasis on the threat of session hijacking attacks resulting from session cookie theft or sniffing. In the proposed scheme, these cookies are replaced by easily computed authentication credentials using Lamport's well-known one-time passwords. The basic idea in this scheme revolves around utilizing sparse caching units, where authentication credentials pertaining to cookies are stored and fetched once needed, thereby, mitigating computational overhead generally associated with one-way hash constructions. The second and third proposed schemes rely on dividing the one-way hash construction into a hierarchical two-tier construction. Each tier component is responsible for some aspect of authentication generated by using two different hash functions. By utilizing different cryptographic hash functions arranged in two tiers, the hierarchical two-tier protocol (our second contribution) gives significant performance improvement over previously proposed solutions for securing Internet cookies. Through indexing authentication credentials by their position within the hash chain in a multi-dimensional chain, the third contribution achieves improved performance. In the fourth proposed scheme, an attempt is made to apply the one-way hash construction to achieve user and broadcast authentication in wireless sensor networks. Due to known energy and memory constraints, the one-way hash scheme is modified to mitigate computational overhead so it can be easily applied in this particular setting. The fifth scheme tries to reap the benefits of the sparse cache-supported scheme and the hierarchical scheme. The resulting hybrid approach achieves efficient performance at the lowest cost of caching possible. In the sixth proposal, an authentication scheme tailored for the multi-server single sign-on (SSO) environment is presented. The scheme utilizes the one-way hash construction in a Merkle Hash Tree and a hash calendar to avoid impersonation and session hijacking attacks. The scheme also explores the optimal configuration of the one-way hash chain in this particular environment. All the proposed protocols are validated by extensive experimental analyses. These analyses are obtained by running simulations depicting the many scenarios envisioned. Additionally, these simulations are supported by relevant analytical models derived by mathematical formulas taking into consideration the environment under investigation.

One way hash chains

authentication

internet sessions

session cookies

caching

merkle hash trees and hash calendar

Computer Sciences

Engineering

Optimization algorithms for video service delivery / Algorithmes d'optimisation de service vidéo

Abousabea, Emad Mohamed Abd Elrahman

12 September 2012

L'objectif de cette thèse est de fournir des algorithmes d'optimisation pour l'accès aux services vidéo qu’ils soient non-gérés (Internet TV) ou gérés (IPTV). Nous étudions des statistiques récentes concernant les services vidéo non-gérés comme YouTube et nous proposons des techniques d'optimisation appropriées qui pourraient améliorer l'accès aux fichiers vidéos et réduire le coût de cet accès. En outre, l’analyse des coûts joue un rôle important dans les décisions qui concernent la mise en cache des fichiers vidéos et celles liées au choix des périodes temporelles d'hébergement de ces fichiers sur les serveurs. En ce qui concerne les services vidéo gérés appelés IPTV, nous avons mené des expériences sur une architecture ouverte IPTV-collaboration entre différents opérateurs. Ce modèle est analysé selon un critère de coût d’investissement et d'exploitation à l'intérieur de la sphère domestique. En outre, nous avons introduit une solution d’optimisation dynamique de l'arbre « minimum spanning tree » (MST) pour le service IPTV multicast. Lors d’un accès nomade, les arbres statiques pourraient être incapables de fournir le service de manière efficace vu que l'utilisation de la bande passante augmente aux côté des points de streaming (racines de la topologie). Finalement, nous étudions des mesures de sécurité fiables en streaming vidéo basées sur la méthodologie de la chaîne de hachage et nous proposons un nouvel algorithme hybride. Nous effectuons des comparaisons entre les différentes manières utilisées dans la réalisation de la fiabilité des chaînes de hachage basées sur les classifications génériques / The aim of this thesis is to provide optimization algorithms for accessing video services either in unmanaged or managed ways. We study recent statistics about unmanaged video services like YouTube and propose suitable optimization techniques that could enhance files accessing and reduce their access costs. Moreover, this cost analysis plays an important role in decision making about video files caching and hosting periods on the servers. Under managed video services called IPTV, we conducted experiments for an open-IPTV collaborative architecture between different operators. This model is analyzed in terms of CAPEX and OPEX costs inside the domestic sphere. Moreover, we introduced a dynamic way for optimizing the Minimum Spanning Tree (MST) for multicast IPTV service. In nomadic access, the static trees could be unable to provide the service in an efficient manner as the utilization of bandwidth increases towards the streaming points (roots of topologies). Finally, we study reliable security measures in video streaming based on hash chain methodology and propose a new algorithm. Then, we conduct comparisons between different ways used in achieving reliability of hash chains based on generic classifications

Serveurs de partage de vidéos

Optimisation

Mise en cache vidéo

Fiabilité IPTV

Chaînes de hachage

Video Sharing Servers

Optimization

Caching Videos

IPTV reliability

Hash Chains

Optimization algorithms for video service delivery

ABOUSABEA, Emad Mohamed Abd Elrahman

12 September 2012

The aim of this thesis is to provide optimization algorithms for accessing video services either in unmanaged or managed ways. We study recent statistics about unmanaged video services like YouTube and propose suitable optimization techniques that could enhance files accessing and reduce their access costs. Moreover, this cost analysis plays an important role in decision making about video files caching and hosting periods on the servers. Under managed video services called IPTV, we conducted experiments for an open-IPTV collaborative architecture between different operators. This model is analyzed in terms of CAPEX and OPEX costs inside the domestic sphere. Moreover, we introduced a dynamic way for optimizing the Minimum Spanning Tree (MST) for multicast IPTV service. In nomadic access, the static trees could be unable to provide the service in an efficient manner as the utilization of bandwidth increases towards the streaming points (roots of topologies). Finally, we study reliable security measures in video streaming based on hash chain methodology and propose a new algorithm. Then, we conduct comparisons between different ways used in achieving reliability of hash chains based on generic classifications

[INFO:INFO_OH] Computer Science/Other

[INFO:INFO_OH] Informatique/Autre

Video Sharing Servers

Optimization

Caching Videos

IPTV reliability

Hash Chains