Spelling suggestions: "subject:"message authentication core"" "subject:"essage authentication core""
1 |
Resgate de autoria em esquemas de assinatura em anel / Retrieving authorship from ring signature schemesAntonio Emerson Barros Tomaz 23 May 2014 (has links)
A proposta apresentada nesta dissertaÃÃo representa uma expansÃo do conceito original de assinatura em anel. Um esquema de assinatura em anel permite que um membro de um grupo divulgue uma mensagem anonimamente, de tal forma que cada um dos membros do grupo seja considerado o possÃvel autor da mensagem. A ideia principal de uma assinatura em anel à garantir o anonimato do assinante e ainda garantir a autenticidade da informaÃÃo, mostrando que a mensagem partiu de um dos membros do referido grupo. Esta dissertaÃÃo apresenta um esquema de assinatura em anel baseado no esquema de Rivest et al. (2001), em
que o assinante pode, mais tarde, revogar seu anonimato apresentando valores secretos que provam que somente ele seria capaz de gerar tal assinatura. Esta propriedade serà chamada aqui de resgate de autoria. A principal diferenÃa em relaÃÃo ao trabalho de Rivest et al. (2001)
à apresentada antes mesmo de comeÃar a geraÃÃo da assinatura. Os valores utilizados como entrada para a funÃÃo trapdoor serÃo cÃdigos de autenticaÃÃo de mensagem - MACs gerados pelo algoritmo HMAC, um algoritmo de autenticaÃÃo de mensagem baseado em funÃÃo hash
resistente à colisÃo. Essa modificaÃÃo simples permitirà que, no futuro, o assinante revele-se como o verdadeiro autor da mensagem apresentando os valores secretos que geraram os MACs. / The proposal presented in this thesis represents an expansion of the original concept of ring signature. A ring signature scheme allows a member of a group to publish a message anonymously, so that each member of the group can be considered the author of the message. The main idea of a ring signature is to guarantee the anonymity of the subscriber also ensure the authenticity of information, showing that the message came from one of the members of that group. This thesis presents a signature scheme based on (RIVEST et al., 2001), where the subscriber can later revoke anonymity presenting secret values that prove that he would only be able to generate such a signature. This property will be referred to here as rescue of authorship. The main difference to the proposal of Rivest et al. (2001) is presented before we even begin signature generation. The values used as input to the trapdoor function are message authentication codes - MACs generated by the HMAC algorithm, an algorithm for message authentication based on hash function collision resistant. This simple modification will allow, in the future, the subscriber to reveal itself as the true author of the message by showing the secret values to generate those MACs.
|
2 |
Security primitives for ultra-low power sensor nodes in wireless sensor networksHuang, An-Lun 05 May 2008 (has links)
The concept of wireless sensor network (WSN) is where tiny devices (sensor nodes), positioned fairly close to each other, are used for sensing and gathering data from its environment and exchange information through wireless connections between these nodes (e.g. sensor nodes distributed through out a bridge for monitoring the mechanical stress level of the bridge continuously). In order to easily deploy a relatively large quantity of sensor nodes, the sensor nodes are typically designed for low price and small size, thereby causing them to have very limited resources available (e.g. energy, processing power). Over the years, different security (cryptographic) primitives have been proposed and refined aiming at utilizing modern processor’s power e.g. 32-bit or 64-bit operation, architecture such as MMX (Multi Media Extension) and etc. In other words, security primitives have targeted at high-end systems (e.g. desktop or server) in software implementations. Some hardware-oriented security primitives have also been proposed. However, most of them have been designed aiming only at large message and high speed hashing, with no power consumption or other resources (such as memory space) taken into considerations. As a result, security mechanisms for ultra-low power (<500µW) devices such as the wireless sensor nodes must be carefully selected or designed with their limited resources in mind. The objective of this project is to provide implementations of security primitives (i.e. encryption and authentication) suitable to the WSN environment, where resources are extremely limited. The goal of the project is to provide an efficient building block on which the design of WSN secure routing protocols can be based on, so it can relieve the protocol designers from having to design everything from scratch. This project has provided three main contributions to the WSN field. Provides analysis of different tradeoffs between cryptographic security strength and performances, which then provide security primitives suitable for the needs in a WSN environment. Security primitives form the link layer security and act as building blocks for higher layer protocols i.e. secure routing protocol. Implements and optimizes several security primitives in a low-power microcontroller (TI MSP430F1232) with very limited resources (256 bytes RAM, 8KB flash program memory). The different security primitives are compared according to the number of CPU cycles required per byte processed, specific architectures required (e.g. multiplier, large bit shift) and resources (RAM, ROM/flash) required. These comparisons assist in the evaluation of its corresponding energy consumption, and thus the applicability to wireless sensor nodes. Apart from investigating security primitives, research on various security protocols designed for WSN have also been conducted in order to optimize the security primitives for the security protocols design trend. Further, a new link layer security protocol using optimized security primitives is also proposed. This new protocol shows an improvement over the existing link layer security protocols. Security primitives with confidentiality and authenticity functions are implemented in the TinyMote sensor nodes from the Technical University of Vienna in a wireless sensor network. This is to demonstrate the practicality of the designs of this thesis in a real-world WSN environment. This research has achieved ultra-low power security primitives in wireless sensor network with average power consumption less than 3.5 µW (at 2 second packet transmission interval) and 700 nW (at 5 second packet transmission interval). The proposed link layer security protocol has also shown improvements over existing protocols in both security and power consumption. / Dissertation (MEng (Computer Engineering))--University of Pretoria, 2008. / Electrical, Electronic and Computer Engineering / unrestricted
|
3 |
Arquitetura de segurança fim-a-fim para redes de sensores sem fio. / End-to-end security architecture for wireless sensor networks.Oliveira, Bruno Trevizan de 03 August 2012 (has links)
Diversas aplicações de redes de sensores sem fio necessitam de serviços de segurança, como confidencialidade, integridade e autenticação de origem de dados. Contudo, dadas as limitações de processamento, memória e suprimento de energia dos dispositivos, os mecanismos de segurança tradicionais podem causar efeitos indesejáveis na rede, como atraso na comunicação e aumento no consumo de energia, impondo obstáculos para seu uso na tecnologia em questão. Muitas propostas de esquemas de segurança baseados em criptografia simétrica projetados especificamente para redes de sensores sem fio são encontradas na literatura. Contudo, essas soluções são focadas na segurança salto-a-salto. Tal abordagem é adequada para garantir a segurança dos enlaces deste tipo de rede, mas não garante a segurança na comunicação fim-a-fim. Neste trabalho são apresentados cenários e desafios de implementação de segurança neste tipo de rede, e a concepção, o projeto e a implementação de uma arquitetura de segurança para redes de sensores sem fio, que tem como objetivos: prover segurança na comunicação fim-a-fim; permitir a interoperabilidade entre diferentes sistemas; e possibilitar uma maior flexibilidade em relação à utilização de chaves criptográficas em diferentes cenários e topologias. Adicionalmente, a solução proposta suporta ativação e desativação de seus serviços em tempo de execução. O projeto da referida arquitetura, atuante na camada de aplicação da pilha de protocolos de rede, foi construído com base na análise das características de arquiteturas encontradas na literatura, bem como de estratégias adotadas por estas. Para a construção da implementação foram selecionados mecanismos e algoritmos criptográficos a partir da avaliação de desempenho que considerou assimétricas de uso de memória, tempo de execução e consumo de energia. Como resultados são apresentados a especificação da arquitetura, a avaliação qualitativa da mesma e a avaliação de desempenho da implementação desenvolvida como prova de conceito. Além disso, é apresentada uma análise do impacto de diferentes topologias e características de disposição na tarefa de distribuição de chaves criptográficas em redes de sensores sem fio. / Many wireless sensor networks applications need security services, such as confidentiality, data integrity and data source authentication. On the other hand, because of device limitations, security mechanisms may affect the network energy consumption and communication delay, which impose a great challenge for practical implementation of security mechanisms in such scenario. Many solutions based on symmetric cryptography were proposed for the specific challenges of wireless sensor networks. Nevertheless, they are focused on hop-by-hop security. Such approach is suited to provide link-layer security, but it cannot guarantee end-to-end security. This work presents scenarios and challenges to implement security in wireless sensor networks, and the conception, design and implementation of a security architecture, which aims to provide: security in end-to-end communication; interoperability between different systems, and enable greater flexibility in cryptographic keys distribution in different scenarios and topologies. Additionally, the proposed solution supports on-the-y adjustment of its security services. The architecture design, which targets the application layer of the network protocol stack, was based on the main properties of the architectures found in literature as well as adopted strategies. For the implementation, mechanisms and cryptographic algorithms were selected through the performance evaluation that considers memory usage, execution time and power consumption as metrics. The results were the architecture specification and its qualitative analysis, and the performance evaluation of the implementation developed as proof of concept. Furthermore, we present an analysis of topology and deployment impact on key distribution task.
|
4 |
Arquitetura de segurança fim-a-fim para redes de sensores sem fio. / End-to-end security architecture for wireless sensor networks.Bruno Trevizan de Oliveira 03 August 2012 (has links)
Diversas aplicações de redes de sensores sem fio necessitam de serviços de segurança, como confidencialidade, integridade e autenticação de origem de dados. Contudo, dadas as limitações de processamento, memória e suprimento de energia dos dispositivos, os mecanismos de segurança tradicionais podem causar efeitos indesejáveis na rede, como atraso na comunicação e aumento no consumo de energia, impondo obstáculos para seu uso na tecnologia em questão. Muitas propostas de esquemas de segurança baseados em criptografia simétrica projetados especificamente para redes de sensores sem fio são encontradas na literatura. Contudo, essas soluções são focadas na segurança salto-a-salto. Tal abordagem é adequada para garantir a segurança dos enlaces deste tipo de rede, mas não garante a segurança na comunicação fim-a-fim. Neste trabalho são apresentados cenários e desafios de implementação de segurança neste tipo de rede, e a concepção, o projeto e a implementação de uma arquitetura de segurança para redes de sensores sem fio, que tem como objetivos: prover segurança na comunicação fim-a-fim; permitir a interoperabilidade entre diferentes sistemas; e possibilitar uma maior flexibilidade em relação à utilização de chaves criptográficas em diferentes cenários e topologias. Adicionalmente, a solução proposta suporta ativação e desativação de seus serviços em tempo de execução. O projeto da referida arquitetura, atuante na camada de aplicação da pilha de protocolos de rede, foi construído com base na análise das características de arquiteturas encontradas na literatura, bem como de estratégias adotadas por estas. Para a construção da implementação foram selecionados mecanismos e algoritmos criptográficos a partir da avaliação de desempenho que considerou assimétricas de uso de memória, tempo de execução e consumo de energia. Como resultados são apresentados a especificação da arquitetura, a avaliação qualitativa da mesma e a avaliação de desempenho da implementação desenvolvida como prova de conceito. Além disso, é apresentada uma análise do impacto de diferentes topologias e características de disposição na tarefa de distribuição de chaves criptográficas em redes de sensores sem fio. / Many wireless sensor networks applications need security services, such as confidentiality, data integrity and data source authentication. On the other hand, because of device limitations, security mechanisms may affect the network energy consumption and communication delay, which impose a great challenge for practical implementation of security mechanisms in such scenario. Many solutions based on symmetric cryptography were proposed for the specific challenges of wireless sensor networks. Nevertheless, they are focused on hop-by-hop security. Such approach is suited to provide link-layer security, but it cannot guarantee end-to-end security. This work presents scenarios and challenges to implement security in wireless sensor networks, and the conception, design and implementation of a security architecture, which aims to provide: security in end-to-end communication; interoperability between different systems, and enable greater flexibility in cryptographic keys distribution in different scenarios and topologies. Additionally, the proposed solution supports on-the-y adjustment of its security services. The architecture design, which targets the application layer of the network protocol stack, was based on the main properties of the architectures found in literature as well as adopted strategies. For the implementation, mechanisms and cryptographic algorithms were selected through the performance evaluation that considers memory usage, execution time and power consumption as metrics. The results were the architecture specification and its qualitative analysis, and the performance evaluation of the implementation developed as proof of concept. Furthermore, we present an analysis of topology and deployment impact on key distribution task.
|
5 |
HASH STAMP MARKING SCHEME FOR PACKET TRACEBACKNEIMAN, ADAM M. January 2005 (has links)
No description available.
|
6 |
Fault Tolerant Cryptographic Primitives for Space ApplicationsJuliato, Marcio January 2011 (has links)
Spacecrafts are extensively used by public and private sectors to support a variety of services. Considering the cost and the strategic importance of these spacecrafts, there has been an increasing demand to utilize strong cryptographic primitives to assure their security. Moreover, it is of utmost importance to consider fault tolerance in their designs due to the harsh environment found in space, while keeping low area and power consumption. The problem of recovering spacecrafts from failures or attacks, and bringing them back to an operational and safe state is crucial for reliability. Despite the recent interest in incorporating on-board security, there is limited research in this area. This research proposes a trusted hardware module approach for recovering the spacecrafts subsystems and their cryptographic capabilities after an attack or a major failure has happened. The proposed fault tolerant trusted modules are capable of performing platform restoration as well as recovering the cryptographic capabilities of the spacecraft. This research also proposes efficient fault tolerant architectures for the secure hash (SHA-2) and message authentication code (HMAC) algorithms. The proposed architectures are the first in the literature to detect and correct errors by using Hamming codes to protect the main registers. Furthermore, a quantitative analysis of the probability of failure of the proposed fault tolerance mechanisms is introduced. Based upon an extensive set of experimental results along with probability of failure analysis, it was possible to show that the proposed fault tolerant scheme based on information redundancy leads to a better implementation and provides better SEU resistance than the traditional Triple Modular Redundancy (TMR). The fault tolerant cryptographic primitives introduced in this research are of crucial importance for the implementation of on-board security in spacecrafts.
|
7 |
Fault Tolerant Cryptographic Primitives for Space ApplicationsJuliato, Marcio January 2011 (has links)
Spacecrafts are extensively used by public and private sectors to support a variety of services. Considering the cost and the strategic importance of these spacecrafts, there has been an increasing demand to utilize strong cryptographic primitives to assure their security. Moreover, it is of utmost importance to consider fault tolerance in their designs due to the harsh environment found in space, while keeping low area and power consumption. The problem of recovering spacecrafts from failures or attacks, and bringing them back to an operational and safe state is crucial for reliability. Despite the recent interest in incorporating on-board security, there is limited research in this area. This research proposes a trusted hardware module approach for recovering the spacecrafts subsystems and their cryptographic capabilities after an attack or a major failure has happened. The proposed fault tolerant trusted modules are capable of performing platform restoration as well as recovering the cryptographic capabilities of the spacecraft. This research also proposes efficient fault tolerant architectures for the secure hash (SHA-2) and message authentication code (HMAC) algorithms. The proposed architectures are the first in the literature to detect and correct errors by using Hamming codes to protect the main registers. Furthermore, a quantitative analysis of the probability of failure of the proposed fault tolerance mechanisms is introduced. Based upon an extensive set of experimental results along with probability of failure analysis, it was possible to show that the proposed fault tolerant scheme based on information redundancy leads to a better implementation and provides better SEU resistance than the traditional Triple Modular Redundancy (TMR). The fault tolerant cryptographic primitives introduced in this research are of crucial importance for the implementation of on-board security in spacecrafts.
|
Page generated in 0.1327 seconds