Spelling suggestions: "subject:"cublic key infrastructure"" "subject:"bublic key infrastructure""
41 |
Hyperchaos-based public key encryption : application on a web client server modelFaradja, Philippe Byaombe 19 January 2016 (has links)
M. Tech. Electrical Engineering. / Proposes a public-key encryption scheme based on Qi hyperchaos, which is considered much better than chaos and other hyperchaos in terms of pseudo-randomness. In an environment where digital information is being extensively used, a cat map based hyperchaotic system is proposed. This map is used to design the public key encryption scheme that uses private keys, public keys and shared private keys. This encryption is tested successfully on text messages and images. The application of the hyperchaos-based scheme on a web server client platform concludes this work. MATLAB is used for simulation. PHP, HTML, and C are used in the development of the web form and the chat application.
|
42 |
Um modelo de infra-estrutura de chaves públicas para um correio eletrônico seguro / An infrastructure model of public keys for a secret emailPedrini, Márcia January 2004 (has links)
Com o crescimento constante do uso do Correio Eletrônico, pela sua facilidade de uso e por sua rapidez na entrega da correspondência, cresce também a preocupação com a segurança no tráfego dos dados. Esta segurança é cada vez mais enfatizada, principalmente quando imagina-se a possibilidade de se ter as informações expostas a intrusos da Internet, que surgem com meios cada vez mais sofisticados para violar a privacidade e a segurança das informações. A certificação digital e a infra-estrutura de chaves públicas formam juntas a arquitetura de segurança mais utilizada para garantir os quatro quesitos básicos de segurança em correio eletrônico, que são: autenticação, integridade, não-repúdio, privacidade e datação. O Direto, desenvolvido pela PROCERGS, Companhia de Processamento de Dados do Estado do Rio Grande do Sul, tem como objetivo principal atender a demanda de um software de comunicação de baixo custo, que interligue os diversos órgãos do estado. Por suas características, o sistema está suscetível a potenciais falhas de segurança. O Direto é baseado em software livre, o que diminui o custo do projeto e possibilita o seu uso por qualquer tipo de organização interessada, sem custo algum, com independência de plataforma e flexibilidade de aperfeiçoamento. O modelo proposto e o protótipo desenvolvido visam garantir a segurança das informações trafegadas pelo módulo de correio eletrônico do Direto, estendendo sua interface e incorporando os conceitos de certificados eletrônicos e infra-estrutura de chave pública, atendendo os quatro quesitos básicos de segurança. / With the growth of Eletronic Mail, caused by its ease of use and fast message deliver process, also grows the preocupation in security of transmitted data. This security is more and more emphasized, even more when there is a chance of having information exposed to intruders from the Internet that appears with ways more and more sophisticated for breaking the privacy and security of information. Digital Certification and public-key infrastructure are the current security standards used to ensure the five basic itens of electronic mail security: authenticity, integrity, privacy, non-repudiation and timestamping. Direto, developed by PROCERGS, Companhia de Processamento de Dados do Estado do Rio Grande do Sul, was mainly designed with the purpouse of supporting the demands for a low cost communication software that could link the various state departments amoung themselves. Because of its characteristics, the system is susceptible to potential security failures. Direto is based on free software, thus reducing project costs and enabling it to be used by any kind of organization with no cost, with independence of platform and upgrade flexibility. The proposed model and developed prototype aim to guarantee the security of information transfered by the eletronic mail module of Direto, extending its interface and incorporating the concepts of electronic certification and public-key infrastructure. Thus implementing the five basic itens of security.
|
43 |
Um modelo de infra-estrutura de chaves públicas para um correio eletrônico seguro / An infrastructure model of public keys for a secret emailPedrini, Márcia January 2004 (has links)
Com o crescimento constante do uso do Correio Eletrônico, pela sua facilidade de uso e por sua rapidez na entrega da correspondência, cresce também a preocupação com a segurança no tráfego dos dados. Esta segurança é cada vez mais enfatizada, principalmente quando imagina-se a possibilidade de se ter as informações expostas a intrusos da Internet, que surgem com meios cada vez mais sofisticados para violar a privacidade e a segurança das informações. A certificação digital e a infra-estrutura de chaves públicas formam juntas a arquitetura de segurança mais utilizada para garantir os quatro quesitos básicos de segurança em correio eletrônico, que são: autenticação, integridade, não-repúdio, privacidade e datação. O Direto, desenvolvido pela PROCERGS, Companhia de Processamento de Dados do Estado do Rio Grande do Sul, tem como objetivo principal atender a demanda de um software de comunicação de baixo custo, que interligue os diversos órgãos do estado. Por suas características, o sistema está suscetível a potenciais falhas de segurança. O Direto é baseado em software livre, o que diminui o custo do projeto e possibilita o seu uso por qualquer tipo de organização interessada, sem custo algum, com independência de plataforma e flexibilidade de aperfeiçoamento. O modelo proposto e o protótipo desenvolvido visam garantir a segurança das informações trafegadas pelo módulo de correio eletrônico do Direto, estendendo sua interface e incorporando os conceitos de certificados eletrônicos e infra-estrutura de chave pública, atendendo os quatro quesitos básicos de segurança. / With the growth of Eletronic Mail, caused by its ease of use and fast message deliver process, also grows the preocupation in security of transmitted data. This security is more and more emphasized, even more when there is a chance of having information exposed to intruders from the Internet that appears with ways more and more sophisticated for breaking the privacy and security of information. Digital Certification and public-key infrastructure are the current security standards used to ensure the five basic itens of electronic mail security: authenticity, integrity, privacy, non-repudiation and timestamping. Direto, developed by PROCERGS, Companhia de Processamento de Dados do Estado do Rio Grande do Sul, was mainly designed with the purpouse of supporting the demands for a low cost communication software that could link the various state departments amoung themselves. Because of its characteristics, the system is susceptible to potential security failures. Direto is based on free software, thus reducing project costs and enabling it to be used by any kind of organization with no cost, with independence of platform and upgrade flexibility. The proposed model and developed prototype aim to guarantee the security of information transfered by the eletronic mail module of Direto, extending its interface and incorporating the concepts of electronic certification and public-key infrastructure. Thus implementing the five basic itens of security.
|
44 |
Um modelo de infra-estrutura de chaves públicas para um correio eletrônico seguro / An infrastructure model of public keys for a secret emailPedrini, Márcia January 2004 (has links)
Com o crescimento constante do uso do Correio Eletrônico, pela sua facilidade de uso e por sua rapidez na entrega da correspondência, cresce também a preocupação com a segurança no tráfego dos dados. Esta segurança é cada vez mais enfatizada, principalmente quando imagina-se a possibilidade de se ter as informações expostas a intrusos da Internet, que surgem com meios cada vez mais sofisticados para violar a privacidade e a segurança das informações. A certificação digital e a infra-estrutura de chaves públicas formam juntas a arquitetura de segurança mais utilizada para garantir os quatro quesitos básicos de segurança em correio eletrônico, que são: autenticação, integridade, não-repúdio, privacidade e datação. O Direto, desenvolvido pela PROCERGS, Companhia de Processamento de Dados do Estado do Rio Grande do Sul, tem como objetivo principal atender a demanda de um software de comunicação de baixo custo, que interligue os diversos órgãos do estado. Por suas características, o sistema está suscetível a potenciais falhas de segurança. O Direto é baseado em software livre, o que diminui o custo do projeto e possibilita o seu uso por qualquer tipo de organização interessada, sem custo algum, com independência de plataforma e flexibilidade de aperfeiçoamento. O modelo proposto e o protótipo desenvolvido visam garantir a segurança das informações trafegadas pelo módulo de correio eletrônico do Direto, estendendo sua interface e incorporando os conceitos de certificados eletrônicos e infra-estrutura de chave pública, atendendo os quatro quesitos básicos de segurança. / With the growth of Eletronic Mail, caused by its ease of use and fast message deliver process, also grows the preocupation in security of transmitted data. This security is more and more emphasized, even more when there is a chance of having information exposed to intruders from the Internet that appears with ways more and more sophisticated for breaking the privacy and security of information. Digital Certification and public-key infrastructure are the current security standards used to ensure the five basic itens of electronic mail security: authenticity, integrity, privacy, non-repudiation and timestamping. Direto, developed by PROCERGS, Companhia de Processamento de Dados do Estado do Rio Grande do Sul, was mainly designed with the purpouse of supporting the demands for a low cost communication software that could link the various state departments amoung themselves. Because of its characteristics, the system is susceptible to potential security failures. Direto is based on free software, thus reducing project costs and enabling it to be used by any kind of organization with no cost, with independence of platform and upgrade flexibility. The proposed model and developed prototype aim to guarantee the security of information transfered by the eletronic mail module of Direto, extending its interface and incorporating the concepts of electronic certification and public-key infrastructure. Thus implementing the five basic itens of security.
|
45 |
Digitala signaturer : ett verktyg för säkerhet?Rynmark, Anneli, Almkvist, Inger Lison January 2002 (has links)
Statliga myndigheter använder i allt större utsträckning öppna system, så som Internet, i sin kommunikation med medborgare, företag och andra myndigheter, därmed ställs allt högre krav på säkerhet och tillit. I takt med den ökade användningen av elektronisk kommunikation uppstår nya problem. Några av dessa är att vi inte med säkerhet vet vem vi kommunicerar med, vem som beställer tjänster och att vi inte kan vara säkra på att information kommer till rätt person eller har ändrats på vägen. Verktyg som finns för att lösa dessa problem och öka säkerheten är digitala signaturer och elektronisk identifiering. Med detta som bakgrund ställde vi oss följande frågor, vilken teknik ska statliga myndigheter använda för elektronisk identifiering och signering? Vilken teknik ska användas för att uppfylla kraven på säker elektronisk överföring? Kan statliga myndigheter ersätta traditionella namnunderskrifter med kvalificerade elektroniska signaturer? Syftet med vår uppsats blir därför att i första hand redogöra för hur statliga myndigheter avser att ersätta traditionella namnunderskrifter med kvalificerade elektroniska signaturer. Genom litteraturstudierna skaffade vi oss kunskaper om både teknik och användningsområden för digitala signaturer och genom att beskriva dessa tekniker får läsarna en introduktion i ämnet. Våra intervjuer gav oss en övergripande bild av hur statliga myndigheter avser att ersätta traditionella namnunderskrifter och hur de tänker förse medborgare med elektroniska identitetshandlingar så att myndigheternas e-tjänster kan användas. Vid intervjuerna framkom också att lagen om kvalificerade elektroniska signaturer föreskriver Public Key Infrastructure, PKI, och inte accepterar några andra tekniska lösningar, därför har myndigheterna valt denna teknik. För att se hur statliga myndigheter, i verkligheten, har ersatt traditionella namnunderskrifter med kvalificerade elektroniska signaturer och hur kraven på säker elektronisk identifiering och överföring uppfylls har vi gjort en fallstudie på Riksskatteverket, RSV. Vi intervjuade en projektledare på RSVs IT- enhet och ansvarig på statskontorets enhet för IT- infrastruktur och såg att RSV har försett företag med elektroniska identitetshandlingar. Med hjälp av dessa handlingar kan företag lämna sin månatliga skattedeklaration, via Internet. Genom PKI har myndigheterna de tekniker och metoder som behövs för elektronisk identifiering, signering, kryptering och säker elektronisk överföring. Med PKI kan myndigheterna med säkerhet identifiera avsändare, signera elektroniskt, kryptera dokument och ersätta traditionella namnunderskrifter med elektroniska signaturer. Trots att alla ingredienser finns så kan myndigheterna i dagsläget inte nå den höga säkerhetsnivån som krävs för att kunna ersätta traditionella namnunderskrifter med kvalificerade elektroniska signaturer.
|
46 |
Security Analysis and Recommendations for CONIKS as a PKI Solution for Mobile AppsSpendlove, George Bradley 01 December 2018 (has links)
Secure mobile apps, including end-to-end encrypted messaging apps such as Whats-App and Signal, are increasingly popular today. These apps require trust in a centralized key directory to automatically exchange the public keys used to secure user communication. This trust may be abused by malicious, subpoenaed, or compromised directories. A public key infrastructure (PKI) solution that requires less trust would increase the security of these commonly used apps.CONIKS is a recent PKI proposal that features transparent key directories which publish auditable digests of the public keys they present to queriers. By monitoring its key every time a new digest is published, a client can verify that its key is published correctly, reducing the need to trust the directory. CONIKS features improved security at the cost of unique auditing and monitoring requirements. In this thesis, we examine CONIKS' suitability as a PKI solution for secure mobile apps. We present a threat analysis of possible attacks on the CONIKS protocol and explore several important implications of CONIKS' system description, including recommendations for whistleblowing and key change policies. We also analyze mobile device usage data to estimate whether typical mobile device Internet connectivity is sufficient to fulfill CONIKS' monitoring requirement.
|
47 |
Realizace certifikační autority a digitálního podpisu / Implementation of certification authority and digital signatureTroják, Martin January 2008 (has links)
This master´s thesis deals with problems of certification authorities and digital signature. There are analyzed principles of digital certificates and certification authorities. It describes the the most widely used cryptosystems and hash functions, which are used in communications with certificates and digital signature. Analysis is focused on Public key infrastructure standard, which describes rules of creating of certification authority and digital signature. There is also described detailed principle of digital signature. Next chapters deals with studying of protocol SSL, principles of functions and usage of SSL. Practical part of this thesis realizes certification authority and information system. There is shown used software and configuration of it. Last part describes procedures during using aplication and her realization.
|
48 |
Systematic Evaluations Of Security Mechanism DeploymentsSze Yiu Chau (7038539) 13 August 2019 (has links)
<div>In a potentially hostile networked environment, a large diversity of security mechanisms with varying degree of sophistication are being deployed to protect valuable computer systems and digital assets. </div><div><br></div><div>While many competing implementations of similar security mechanisms are available in the current software development landscape, the robustness and reliability of such implementations are often overlooked, resulting in exploitable flaws in system deployments. In this dissertation, we systematically evaluate implementations of security mechanisms that are deployed in the wild. First, we examine how content distribution applications on the Android platform control access to their multimedia contents. With respect to a well-defined hierarchy of adversarial capabilities and attack surfaces, we find that many content distribution applications, including that of some world-renowned publications and streaming services, are vulnerable to content extraction due to the use of unjustified assumptions in their security mechanism designs and implementations. Second, we investigate the validation logic of X.509 certificate chains as implemented in various open-source TLS libraries. X.509 certificates are widely used in TLS as a means to achieve authentication. A validation logic that is overly restrictive could lead to the loss of legitimate services, while an overly permissive implementation could open door to impersonation attacks. Instead of manual analysis and unguided fuzzing, we propose a principled approach that leverages symbolic execution to achieve better coverage and uncover logical flaws that are buried deep in the code. We find that many TLS libraries deviate from the specification. Finally, we study the verification of RSA signatures, as specified in the PKCS#1 v1.5 standard, which is widely used in many security-critical network protocols. We propose an approach to automatically generate meaningful concolic test cases for this particular problem, and design and implement a provenance tracking mechanism to assist root-cause analysis in general. Our investigation revealed that several crypto and IPSec implementations are susceptible to new variants of the Bleichenbacher low-exponent signature forgery.</div>
|
49 |
Security for Rural Public ComputingUr Rahman, Sumair January 2008 (has links)
Current research on securing public computing infrastructure like Internet kiosks has focused on the use of smartphones to establish trust in a computing platform or to offload the processing of sensitive information, and the use of new cryptosystems such as Hierarchical Identity-based Encryption (HIBE) to protect kiosk user data. Challenges posed by rural kiosks, specifically (a) the absence of specialized hardware features such as Trusted Platform Modules (TPMs) or a modifiable BIOS in older recycled PCs, (b) the potential use of periodically disconnected links between kiosks and the Internet, (c) the absence of a production-ready implementation of HIBE and (d) the limited availability of smartphones in most developing regions make these approaches difficult, if not impossible, to implement in a rural public computing scenario. In this thesis, I present a practical, unobtrusive and easy-to-use security architecture for rural public computing that uses a combination of physical and cryptographic mechanisms to protect user data, public computing infrastructure and handheld devices that access this infrastructure. Key contributions of this work include (a) a detailed threat analysis of such systems with a particular focus on rural Internet kiosks and handheld devices, (b) a security architecture for rural public computing infrastructure that does not require any specialized hardware, (c) an application-independent and backward-compatible security API for securely sending and receiving data between these systems and the Internet that can operate over delay tolerant links,
(d) an implementation of my scheme for rural Internet kiosks and (e) a performance evaluation of this implementation to demonstrate its feasibility.
|
50 |
Security for Rural Public ComputingUr Rahman, Sumair January 2008 (has links)
Current research on securing public computing infrastructure like Internet kiosks has focused on the use of smartphones to establish trust in a computing platform or to offload the processing of sensitive information, and the use of new cryptosystems such as Hierarchical Identity-based Encryption (HIBE) to protect kiosk user data. Challenges posed by rural kiosks, specifically (a) the absence of specialized hardware features such as Trusted Platform Modules (TPMs) or a modifiable BIOS in older recycled PCs, (b) the potential use of periodically disconnected links between kiosks and the Internet, (c) the absence of a production-ready implementation of HIBE and (d) the limited availability of smartphones in most developing regions make these approaches difficult, if not impossible, to implement in a rural public computing scenario. In this thesis, I present a practical, unobtrusive and easy-to-use security architecture for rural public computing that uses a combination of physical and cryptographic mechanisms to protect user data, public computing infrastructure and handheld devices that access this infrastructure. Key contributions of this work include (a) a detailed threat analysis of such systems with a particular focus on rural Internet kiosks and handheld devices, (b) a security architecture for rural public computing infrastructure that does not require any specialized hardware, (c) an application-independent and backward-compatible security API for securely sending and receiving data between these systems and the Internet that can operate over delay tolerant links,
(d) an implementation of my scheme for rural Internet kiosks and (e) a performance evaluation of this implementation to demonstrate its feasibility.
|
Page generated in 0.0616 seconds