Spelling suggestions: "subject:"dey 1generation"" "subject:"dey 4egeneration""
11 |
Sécurité et protection de la vie privée dans les systèmes RFID, appliquées aux réseaux EPCglobalTOUNSI, Wiem 14 January 2014 (has links) (PDF)
Radio Frequency IDentification (RFID) provides a way to automate identification and to store information in individual RFID tags. These tags can be attached or embedded in an item to be identified and are read when they enter a RFID reader's antenna field. The Electronic Product Code (EPC) Class 1 Generation 2 (Gen2 for short) is a proper example of passive RFID technology. It represents the key component of an RFID architecture named EPCglobal network. However, if the tag carries more than just an identifier, the privacy of the tag holder may be violated. In this thesis, we deal with privacy issues in two levels of the EPCglobal network to only let authorized entities access private data. Our goal is to ensure that the data exchange from RFID tags to middleware and enterprise applications guarantees the privacy requirements, in environments where privacy control is paramount, e.g., home healthcare monitoring systems. The first part of this dissertation is dedicated to securing data exchange between RFID readers and passive tags. We provide a key establishment and derivation protocol for Gen2 systems, called KEDGEN2, to handle the flawed security model of the Gen2 tag memory access. KEDGEN2 achieves secure data exchange, based on a key generation model adapted to Gen2 tags. To prove the security of our model, we specify the protocol using the High Level Protocol Specification Language (HLPSL) and verify the expected security properties, using the Constraint-Logic based Attack Searcher (CL-AtSe) model checking tool. The current version of the protocol guarantees mutual authentication of participants and forward secrecy of the keys in the presence of active adversaries. It also guarantees backward secrecy with active adversaries bounded by limited communication range, which is consistent with typical RFID environments. As for derived keys, we propose adapting the Solitaire cipher, as a Pseudo-random Number Generator. To complement our approach, an additional filter is added and described in the second part of this dissertation. We focus on the collection of tag information through the RFID middleware component. The middleware is a central point that sits between RFID readers and database applications. It is in charge of collecting, filtering and aggregating the requested events from heterogeneous RFID environments. Thus, the system at this point is likely to suffer from parameter manipulation and eavesdropping, raising privacy concerns. We propose a privacy-enhanced approach as a part of the RFID middleware of the EPCglobal network, which does not interfere with the standard interface. Our approach is policy driven using some enhanced contextual concepts of the extended Role Based Access Control model. We use specifically, the PrivOrBAC privacy-aware model to store and manage privacy preferences, taking the declared purpose, the accuracy and the explicit consent, as privacy requirements. To show the feasibility of our approach, we provide a proof-of-concept prototype that we apply to the Fosstrak plateform, an open-source implementation of the EPCglobal specifications.
|
12 |
Self-assembled nanoelectronic networks with tunable molecule-nanoparticle ratios: experiment, modeling, and applicationsVenkataraman, Anusha 04 October 2021 (has links)
Replacing electronic components with molecule-sized analogs or hybrids is often seen as a promising alternative to further miniaturization of conventional electronics in the effort to achieve functional nanoscale circuit elements. In this thesis, electronic transport through self-assembled networks with tunable thiolated (alkane(di)thiol and benzenedithiol) molecule-to-colloidal gold (Au) nanoparticle ratios (1:5–50:1) is studied using a combination of broad area and scanning probe microscope-based measurements. The electronic transport paths through the network can be altered by adjusting the (di)thiol molecule–gold nanoparticle ratio and/or type of molecules in the network. Resistance can be controllably tuned by several orders of magnitude (~105 to 1011 ohms for the Au-thiolated structures studied). Two-terminal current–voltage (I-V) measurements of the Au-thiolated networks display linear behavior at low bias. High bias measurements in case of benzenedithiol networks show nonlinear negative differential resistance (NDR) and hysteresis behavior for different benzenedithiol concentrations, which can be attributed to a combination of field-assisted tunneling and charge trapping occurring in the nanoscale networks. Circuit simulations that account for different network morphologies, tunable via molecule-to-nanoparticle ratio, and defects show good agreement with the experiment and provide a guide to engineer network properties using different molecules. In addition, electronic transport properties of nanoscale networks, which are composed of Au metal clusters interconnected with thiolated molecules (benzene/alkanedithiol) and connected in linear chains and branched extended networks, are examined via first-principles density functional theory-based simulations. Calculated I-V characteristics of the metal-molecular networks exhibited nonlinearities and rectification with NDR peaks that became more pronounced with increasing chain length. The transmission spectra of the linear chains and branched networks showed an increase in the number and width of transmission peaks near the Fermi energy, as the structures were extended, indicating enhanced transmission. Peak-to-valley current NDR ratios as large as ~ 500 and rectification ratios of ~ 10 (0.25 V) were shown for linear and branched circuit elements, respectively, illustrating how charge transport through molecular-scale devices could be controlled with precision by modifying the structure and geometry of molecule-nanoparticle networks. These experimental and simulation results are utilized to propose molecular-scale circuits in applications such as memory, switching, and hardware security. The metal nanoparticle molecular electronic networks presented in this thesis provide an avenue for engineering electronics at the molecular level. / Graduate
|
13 |
INFORMATION THEORY ENABLED SECURE WIRELESS COMMUNICATION, KEY GENERATION AND AUTHENTICATIONGungor, Onur 30 December 2014 (has links)
No description available.
|
14 |
Authentication in quantum key growingCederlöf, Jörgen January 2005 (has links)
<p>Quantum key growing, often called quantum cryptography or quantum key distribution, is a method using some properties of quantum mechanics to create a secret shared cryptography key even if an eavesdropper has access to unlimited computational power. A vital but often neglected part of the method is unconditionally secure message authentication. This thesis examines the security aspects of authentication in quantum key growing. Important concepts are formalized as Python program source code, a comparison between quantum key growing and a classical system using trusted couriers is included, and the chain rule of entropy is generalized to any Rényi entropy. Finally and most importantly, a security flaw is identified which makes the probability to eavesdrop on the system undetected approach unity as the system is in use for a long time, and a solution to this problem is provided.</p>
|
15 |
Authentication in quantum key growingCederlöf, Jörgen January 2005 (has links)
Quantum key growing, often called quantum cryptography or quantum key distribution, is a method using some properties of quantum mechanics to create a secret shared cryptography key even if an eavesdropper has access to unlimited computational power. A vital but often neglected part of the method is unconditionally secure message authentication. This thesis examines the security aspects of authentication in quantum key growing. Important concepts are formalized as Python program source code, a comparison between quantum key growing and a classical system using trusted couriers is included, and the chain rule of entropy is generalized to any Rényi entropy. Finally and most importantly, a security flaw is identified which makes the probability to eavesdrop on the system undetected approach unity as the system is in use for a long time, and a solution to this problem is provided. / ICG QC
|
16 |
Wireless Channel Estimation With Applications to Secret Key GenerationMovahedian, Alireza 14 October 2014 (has links)
This research investigates techniques for iterative channel estimation to maximize channel capacity and communication security.
The contributions of this dissertation are as follows:
i)
An accurate, low-complexity approach to pilot-assisted fast-fading channel estimation for single-carrier modulation with a turbo equalizer and a decoder is proposed.
The channel is estimated using a Kalman filter (KF) followed by a zero-phase filter (ZPF) as a smoother. The combination of the ZPF with the KF of the channel estimator makes it possible to reduce the estimation error to near the Wiener bound.
ii)
A new semi-blind channel estimation technique is introduced for multiple-input-multiple-output channels. Once the channel is estimated using a few pilots, a low-order KF is employed to progressively predict the channel gains for the upcoming blocks.
iii)
The capacity of radio channels is investigated when iterative channel estimation, data detection, and decoding are employed.
By taking the uncertainty in decoded data bits into account, the channel Linear Minimum Mean Square Error (LMMSE) estimator of an iterative receiver with a given pilot ratio is obtained.
The derived error value is then used to derive a bound on capacity.
It is shown that in slow fading channels, iterative processing provides only a marginal advantage over non-iterative approach to channel estimation.
Knowing the capacity gain from iterative processing versus purely pilot-based channel estimation helps a designer to compare the performance of an iterative receiver against a non-iterative one and select the best balance between performance and cost.
iv)
A Radio channel is characterized by random parameters which can be used to generate shared secret keys by the communicating parties when the channel is estimated.
This research studies upper bounds on the rate of the secret keys extractable from iteratively estimated channels.
Various realistic scenarios are considered where the transmission is half-duplex and/or the channel is sampled under the Nyquist rate.
The effect of channel sampling interval, fading rate and noise on the key rate is demonstrated.
The results of this research can be beneficial for the design and analysis of reliable and secure mobile wireless systems. / Graduate / 0544
|
17 |
Secret Key Generation in the Multiterminal Source Model : Communication and Other AspectsMukherjee, Manuj January 2017 (has links) (PDF)
This dissertation is primarily concerned with the communication required to achieve secret key (SK) capacity in a multiterminal source model. The multiterminal source model introduced by Csiszár and Narayan consists of a group of remotely located terminals with access to correlated sources and a noiseless public channel. The terminals wish to secure their communication by agreeing upon a group secret key. The key agreement protocol involves communicating over the public channel, and agreeing upon an SK secured from eavesdroppers listening to the public communication. The SK capacity, i.e., the maximum rate of an SK that can be agreed upon by the terminals, has been characterized by Csiszár and Narayan. Their capacity-achieving key generation protocol involved terminals communicating to attain omniscience, i.e., every terminal gets to recover the sources of the other terminals. While this is a very general protocol, it often requires larger rates of public communication than is necessary to achieve SK capacity.
The primary focus of this dissertation is to characterize the communication complexity, i.e., the minimum rate of public discussion needed to achieve SK capacity. A lower bound to communication complexity is derived for a general multiterminal source, although it turns out to be loose in general. While the minimum rate of communication for omniscience is always an upper bound to the communication complexity, we derive tighter upper bounds to communication complexity for a special class of multiterminal sources, namely, the hypergraphical sources. This upper bound yield a complete characterization of hypergraphical sources where communication for omniscience is a rate-optimal protocol for SK generation, i.e., the communication complexity equals the minimum rate of communication for omniscience.
Another aspect of the public communication touched upon by this dissertation is the necessity of omnivocality, i.e., all terminals communicating, to achieve the SK capacity. It is well known that in two-terminal sources, only one terminal communicating success to generate a maximum rate secret key. However, we are able to show that for three or more terminals, omnivocality is indeed required to achieve SK capacity if a certain condition is met. For the specific case of three terminals, we show that this condition is also necessary to ensure omnivocality is essential in generating a SK of maximal rate. However, this condition is no longer necessary when there are four or more terminals.
A certain notion of common information, namely, the Wyner common information, plays a central role in the communication complexity problem. This dissertation thus includes a study of multiparty versions of the two widely used notions of common information, namely, Wyner common information and Gács-Körner (GK) common information. While evaluating these quantities is difficult in general, we are able to derive explicit expressions for both types of common information in the case of hypergraphical sources.
We also study fault-tolerant SK capacity in this dissertation. The maximum rate of SK that can be generated even if an arbitrary subset of terminals drops out is called a fault-tolerant SK capacity. Now, suppose we have a fixed number of pairwise SKs. How should one distribute them amongpairs of terminals, to ensure good fault tolerance behavior in generating a groupSK? We show that the distribution of the pairwise keys according to a Harary graph provides a certain degree of fault tolerance, and bounds are obtained on its fault-tolerant SK capacity.
|
18 |
Um esquema de segurança para quadros de controle em redes IEEE 802.11FRANÇA NETO, Ivan Luiz de 14 August 2015 (has links)
Submitted by Haroudo Xavier Filho (haroudo.xavierfo@ufpe.br) on 2016-03-11T14:34:26Z
No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
DissertacaoIvanFranca.pdf: 1367108 bytes, checksum: 8ceed302b395b606d9ac49b5a05987db (MD5) / Made available in DSpace on 2016-03-11T14:34:26Z (GMT). No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
DissertacaoIvanFranca.pdf: 1367108 bytes, checksum: 8ceed302b395b606d9ac49b5a05987db (MD5)
Previous issue date: 2015-08-14 / Os quadros de controle IEEE 802.11 desempenham funções importantes na rede sem fio. Dentre elas estão o controle de acesso ao meio de comunicação, a recuperação de quadros armazenados no Ponto de Acesso e a confirmação do recebimento de blocos de quadros ou de certos tipos de quadros. Apesar da importância dos quadros de controle, eles são vulneráveis a ataques de forjação, manipulação e reinjeção devido a inexistência de mecanismos de proteção. Este trabalho propõe um esquema de segurança para quadros de controle em redes IEEE 802.11 a fim de evitar esses ataques. A proposta se diferencia dos trabalhos relacionados por prover um alto grau de segurança em todos os seus módulos com baixo impacto na vazão da rede. Além disso, a proposta não incorre nas fraquezas que eles possuem na contenção dos ataques de reinjeção e no processo de geração e distribuição de chaves. / IEEE 802.11 control frames play important role in the wireless network. Among them are the medium access control, the retrieving of buffered frames in the Access Point, and the acknowledgment of block of frames or certain types of frames. Despite their importance, control frames remain vulnerable to forging, tampering, and replay attacks due to lack of protection mechanisms. This work proposes a security scheme for IEEE 802.11 control frames to prevent such attacks. Our proposal differs from related work by providing a high level of security in all modules along with low impact on network throughput. Furthermore, the proposal avoid the weaknesses that they have in the restraint the replay attacks and in the key generation and distribution process.
|
19 |
Analyse et modélisation du canal radio pour la génération de clés secrètes / Analysis and modeling of the radio channel for secret key generationMazloum, Taghrid 12 February 2016 (has links)
La sécurité des communications sans fil omniprésentes devient, ces dernières années, de plus en plus une exigence incontournable. Bien que la cryptographie symétrique assure largement la confidentialité des données, la difficulté concerne la génération et la distribution de clés secrètes. Récemment, des études indiquent que les caractéristiques inhérentes du canal de propagation peuvent être exploitées afin de consolider la sécurité. En particulier, le canal radio fournit en effet une source d'aléa commune à deux utilisateurs à partir de laquelle des clés secrètes peuvent être générées. Dans la présente dissertation, nous nous intéressons au processus de génération de clés secrètes (SKG), tout en reliant les propriétés du canal radio à la qualité des clés générées. D'abord nous développons un modèle du canal stochastique, traitant la sécurité du point de vue de l'espion, qui montre une mémoire de canal résiduelle bien au-delà d'une distance de quelques longueurs d'onde (scénarios spatialement non-stationnaires). Ensuite, nous exploitons les degrés de liberté (DOF) du canal et analysons leur impact sur la performance de SKG dans différentes conditions, tout en considérant des canaux plus réalistes en environnements extérieur et intérieur (respectivement grâce à des données déterministes simulées et à des mesures). Les résultats montrent que, même pour des bandes modérées (comme standardisées dans la norme IEEE 802.11), le seul DoF de fréquence ou de son association avec le DoF spatial est souvent suffisant pour générer des longues clés, à condition d'utiliser une méthode efficace de quantification des coefficients complexes du canal. / Nowadays, the security of ubiquitous wireless communications becomes more and more a crucial requirement. Even though data is widely protected via symmetric ciphering keys, a well-known difficulty is the generation and distribution of such keys. In the recent years therefore, a set of works have addressed the exploitation of inherent characteristics of the fading propagation channel for security. In particular, secret keys could be generated from the wireless channel, considered as a shared source of randomness, available merely to a pair of communicating entities. ln the present dissertation, we are interested in the approach of secret key generation (SKG) from wireless channels, especially in relating the radio channel properties to the generated keys quality. We first develop a stochastic channel model, focusing on the security with respect to the eavesdropper side, which shows a residual channel memory weil beyond a few wavelengths distance (spatially nonstationary scenarios). Then, we analyze the channel degrees of freedom (DoF) and their impact on the SKG performance in different channel conditions, especially by considering more realistic channels in both outdoor and indoor environments (respectively through simulated ray tracing data and through measurements). The results show that, even for moderately wide band (such as standardized in IEEE 802.11), the sole frequency DOF or its association with the spatial DOF is often enough for generating long keys, provided an efficient quantization method of the complex channel coefficients is used.
|
20 |
Towards Practical and Secure Channel Impulse Response-based Physical Layer Key GenerationWalther, Paul 03 January 2022 (has links)
Der derzeitige Trend hin zu “smarten” Geräten bringt eine Vielzahl an Internetfähigen und verbundenen Geräten mit sich. Die entsprechende Kommunikation dieser Geräte muss zwangsläufig durch geeignete Maßnahmen abgesichert werden, um die datenschutz- und sicherheitsrelevanten Anforderungen an die übertragenen Informationen zu erfüllen. Jedoch zeigt die Vielzahl an sicherheitskritischen Vorfällen im Kontext von “smarten” Geräten und des Internets der Dinge auf, dass diese Absicherung der Kommunikation derzeit nur unzureichend umgesetzt wird.
Die Ursachen hierfür sind vielfältig: so werden essentielle Sicherheitsmaßnahmen im Designprozess mitunter nicht berücksichtigt oder auf Grund von Preisdruck nicht realisiert. Darüber hinaus erschwert die Beschaffenheit der eingesetzten Geräte die Anwendung klassischer Sicherheitsverfahren. So werden in diesem Kontext vorrangig stark auf Anwendungsfälle zugeschnittene Lösungen realisiert, die auf Grund der verwendeten Hardware meist nur eingeschränkte Rechen- und Energieressourcen zur Verfügung haben.
An dieser Stelle können die Ansätze und Lösungen der Sicherheit auf physikalischer Schicht (physical layer security, PLS) eine Alternative zu klassischer Kryptografie bieten. Im Kontext der drahtlosen Kommunikation können hier die Eigenschaften des Übertragungskanals zwischen zwei legitimen Kommunikationspartnern genutzt werden, um Sicherheitsprimitive zu implementieren und damit Sicherheitsziele zu realisieren. Konkret können etwa reziproke Kanaleigenschaften verwendet werden, um einen Vertrauensanker in Form eines geteilten, symmetrischen Geheimnisses zu generieren. Dieses Verfahren wird Schlüsselgenerierung basierend auf Kanalreziprozität (channel reciprocity based key generation, CRKG) genannt.
Auf Grund der weitreichenden Verfügbarkeit wird dieses Verfahren meist mit Hilfe der Kanaleigenschaft des Empfangsstärkenindikators (received signal strength indicator, RSSI) realisiert. Dies hat jedoch den Nachteil, dass alle physikalischen Kanaleigenschaften auf einen einzigen Wert heruntergebrochen werden und somit ein Großteil der verfügbaren Informationen vernachlässigt wird.
Dem gegenüber steht die Verwendung der vollständigen Kanalzustandsinformationen (channel state information, CSI). Aktuelle technische Entwicklungen ermöglichen es zunehmend, diese Informationen auch in Alltagsgeräten zur Verfügung zu stellen und somit für PLS weiterzuverwenden.
In dieser Arbeit analysieren wir Fragestellungen, die sich aus einem Wechsel hin zu CSI als verwendetes Schlüsselmaterial ergeben. Konkret untersuchen wir CSI in Form von Ultrabreitband-Kanalimpulsantworten (channel impulse response, CIR).
Für die Untersuchungen haben wir initial umfangreiche Messungen vorgenommen und damit analysiert, in wie weit die grundlegenden Annahmen von PLS und CRKG erfüllt sind und die CIRs sich grundsätzlich für die Schlüsselgenerierung eignen. Hier zeigen wir, dass die CIRs der legitimen Kommunikationspartner eine höhere Ähnlichkeit als die eines Angreifers aufzeigen und das somit ein Vorteil gegenüber diesem auf der physikalischen Schicht besteht, der für die Schlüsselgenerierung ausgenutzt werden kann.
Basierend auf den Ergebnissen der initialen Untersuchung stellen wir dann grundlegende Verfahren vor, die notwendig sind, um die Ähnlichkeit der legitimen Messungen zu verbessern und somit die Schlüsselgenerierung zu ermöglichen. Konkret werden Verfahren vorgestellt, die den zeitlichen Versatz zwischen reziproken Messungen entfernen und somit die Ähnlichkeit erhöhen, sowie Verfahren, die das in den Messungen zwangsläufig vorhandene Rauschen entfernen.
Gleichzeitig untersuchen wir, inwieweit die getroffenen fundamentalen Sicherheitsannahmen aus Sicht eines Angreifers erfüllt sind. Zu diesem Zweck präsentieren, implementieren und analysieren wir verschiedene praktische Angriffsmethoden. Diese Verfahren umfassen etwa Ansätze, bei denen mit Hilfe von deterministischen Kanalmodellen oder durch ray tracing versucht wird, die legitimen CIRs vorherzusagen. Weiterhin untersuchen wir Machine Learning Ansätze, die darauf abzielen, die legitimen CIRs direkt aus den Beobachtungen eines Angreifers zu inferieren. Besonders mit Hilfe des letzten Verfahrens kann hier gezeigt werden, dass große Teile der CIRs deterministisch vorhersagbar sind. Daraus leitet sich der Schluss ab, dass CIRs nicht ohne adäquate Vorverarbeitung als Eingabe für Sicherheitsprimitive verwendet werden sollten.
Basierend auf diesen Erkenntnissen entwerfen und implementieren wir abschließend Verfahren, die resistent gegen die vorgestellten Angriffe sind. Die erste Lösung baut auf der Erkenntnis auf, dass die Angriffe aufgrund von vorhersehbaren Teilen innerhalb der CIRs möglich sind. Daher schlagen wir einen klassischen Vorverarbeitungsansatz vor, der diese deterministisch vorhersagbaren Teile entfernt und somit das Eingabematerial absichert. Wir implementieren und analysieren diese Lösung und zeigen ihre Effektivität sowie ihre Resistenz gegen die vorgeschlagenen Angriffe. In einer zweiten Lösung nutzen wir die Fähigkeiten des maschinellen Lernens, indem wir sie ebenfalls in das Systemdesign einbringen. Aufbauend auf ihrer starken Leistung bei der Mustererkennung entwickeln, implementieren und analysieren wir eine Lösung, die lernt, die zufälligen Teile aus den rohen CIRs zu extrahieren, durch die die Kanalreziprozität definiert wird, und alle anderen, deterministischen Teile verwirft. Damit ist nicht nur das Schlüsselmaterial gesichert, sondern gleichzeitig auch der Abgleich des Schlüsselmaterials, da Differenzen zwischen den legitimen Beobachtungen durch die Merkmalsextraktion effizient entfernt werden. Alle vorgestellten Lösungen verzichten komplett auf den Austausch von Informationen zwischen den legitimen Kommunikationspartnern, wodurch der damit verbundene Informationsabfluss sowie Energieverbrauch inhärent vermieden wird.
|
Page generated in 0.1121 seconds