Global ETD Search

201	Parsing of X.509 certificates in a WAP environment / Parsning av X.509 certifikat i en WAP-miljö Asplund, Fredrik January 2002 (has links) This master thesis consists of three parts. The first part contains a summary of what is needed to understand a X.509 parser that I have created, a discussion concerning the technical problems I encountered during the programming of this parser and a discussion concerning the final version of the parser. The second part concerns a comparison I made between the X.509 parser I created and a X.509 parser created"automatically"by a compiler. I tested static memory, allocation of memory during runtime and utilization of the CPU for both my parser (MP) and the parser that had a basic structure constructed by a compiler (OAP). I discuss changes in the parsers involved to make the comparison fair to OAP, the results from the tests and when circumstances such as time and non-standard content in the project make one way of constructing a X.509 parser better than the other way. The last part concerns a WTLS parser (a simpler kind of X.509 parser), which I created. Informationsteknik Computer Security Parser Program comparison Programming Public key encryption WTLS certificate X.509 certificate Informationsteknik Computer and Information Sciences Data- och informationsvetenskap
202	En säkerhetsgranskning av Secure Application Framework Norling, Sebastian January 2013 (has links) Företaget Wireless Independent Provider (WIP) har tagit fram ett säkerhetsramverk vid namn Secure Application Framework (SAF) som är ett väldokumenterat ramverk för att skapa säkra interna företagsappar. Syftet med detta ramverk är att lösa problematiken kring Bring Your Own Device (BYOD) – hur man ska skilja på privat data och företagets data i enheten. Med ett sådant system så finns det mycket att tänka på rörande säkerheten. Genom att identifiera ett antal olika hot och genomföra en riskanalys på dessa kommer man fram till att systemet är skyddat mot majoriteten av hoten, det finns dock förslag till förbättringar på enstaka delar av systemet. Det genomförs även prestandatester och undersökning av lavineffekten för ett antal olika symmetriska krypteringsalgoritmer i syfte att fastslå om den använda algoritmen i systemet har fördelar jämfört med andra moderna krypteringsalgoritmer. Utifrån resultaten som tagits fram i detta arbete så konstateras det att skyddet mot de identifierade hoten är mycket bra samt att det inte finns någonting som skulle motivera ett byte av den symmetriska krypteringsalgoritmen. secure application framework wip kryptering public key infrastructure pki riskanalys lavineffekt prestanda byod Information Systems Computer Sciences Datavetenskap (datalogi) Software Engineering Programvaruteknik
203	Signature et identification pour l'anonymat basées sur les réseaux / Lattice-based signature and identification schemes for anonymity Bettaieb, Slim 26 September 2014 (has links) La cryptographie basée sur les réseaux a connu depuis quelques années un très fort développement notamment du fait qu’il existe des systèmes cryptographiques basés sur les réseaux avec des propriétés de sécurité plus fortes que dans les cas plus classiques de théorie des nombres. Les problèmes difficiles des réseaux, par exemple le problème de trouver des vecteurs courts non nuls, semblent résister aux attaques utilisant des ordinateurs quantiques et les meilleurs algorithmes qui existent pour les résoudre sont exponentiels en fonction du temps. L’objet de cette thèse est la construction de primitives cryptographiques à clé publique pour l’ano- nymat dont la sécurité repose sur des problèmes difficiles des réseaux.Nous nous intéressons aux schémas de signature de cercle. Tout d’abord, nous proposons une nouvelle définition d’anonymat et nous exposons un nouveau schéma de signature de cercle. Ensuite, nous donnons une étude de sécurité rigoureuse suivant deux définitions de résistance la contrefaçon. La première est la résistance à la contrefaçon contre les attaques à sous-cercles choisis et la deuxième est la résistance à la contrefaçon contre les attaques de corruption interne.Nous présentons ensuite un nouveau schéma d’identification de cercle et nous développons une analyse complète de sa sécurité. Enfin, nous montrons que les techniques utilisées pour construire le schéma précédent peuvent être utilisées pour construire un schéma d’identification de cercle à seuil. / Lattice-based cryptography has known during the last decade rapid develop- ments thanks to stronger security properties. In fact, there exist lattice-based cryp- tographic systems whose security is stronger than those based on the conventional number theory approach. The hard problems of lattices, for example the problem of finding short non-zero vectors, seems to resist quantum computers attacks. Mo- reover, the best existing algorithms solving them are exponential in time. The pur- pose of this thesis is the construction of public key cryptographic primitives for anonymity, whose security is based on the latter.In particular, we are interested in ring signature schemes. First, we propose a new formal definition of anonymity and we present a new ring signature scheme. Second, we give a rigorous study of security, following two definitions of unfor- geability. The first of which is unforgeability against chosen-subring attacks and the other one is unforgeability with respect to insider corruption.Afterwards, we present a new ring identification scheme and we develop a full analysis of its security. Finally, we show that the techniques used to build this scheme, can be used to construct a threshold ring identification scheme. Cryptographie à clé publique Réseaux Signature de cercle Anonymat Sécurité prouvée Lattices Ring signature Anonymity Provable security 005.8
204	Design and implementation of high-speed algorithms for public-key cryptosystems Joseph, George 09 June 2005 (has links) The aim of this dissertation is to improve computational efficiency of modular exponentiation-based public-key cryptosystems. The operational speed of these public-key cryptosystems is largely determined by the modular exponentiation operation of the form A = ge mod m where g is the base, e is the exponent and m is the modulus. The required modular exponentiation is computed by a series of modular multiplications. Optimized algorithms are required for various platforms, especially for lower-end platforms. These require the algorithms to be efficient and consume as little resources as possible. In these dissertation algorithms for integer multiplication, modular reduction and modular exponentiation, was developed and implemented in software, as required for public-key cryptography. A detailed analysis of these algorithms is given, as well as exact measurement of the computational speed achieved by each algorithm. This research shows that a total speed improvement of 13% can be achieved on existing modular exponentiation based public-key cryptosystems, in particular for the RSA cryptosystem. Three novel approaches are also presented for improving the decryption speed efficiency of the RSA algorithm. These methods focus on the selection of the decryption exponent by careful consideration of the difference between the two primes p and q. The resulting reduction of the decryption exponent improves the decryption speed by approximately 45%. / Dissertation (MEng (Electronics))--University of Pretoria, 2006. / Electrical, Electronic and Computer Engineering / unrestricted Modular multiplication Modular reduction Rsa decryption Montgomery reduction Karatsuba-ofman multiplication Addition chains Chinese remainder theorem Public-key cryptosystems Rsa Modular exponentiation UCTD
205	Étude théorique et implantation matérielle d'unités de calcul en représentation modulaire des nombres pour la cryptographie sur courbes elliptiques / Theoretical study and hardware implementation of arithmetical units in Residue Number System (RNS) for Elliptic Curve Cryptography (ECC) Bigou, Karim 03 November 2014 (has links) Ces travaux de thèse portent sur l'accélération de calculs de la cryptographie sur courbes elliptiques (ECC) grâce à une représentation peu habituelle des nombres, appelée représentation modulaire des nombres (ou RNS pour residue number system). Après un état de l'art de l'utilisation du RNS en cryptographie, plusieurs nouveaux algorithmes RNS, plus rapides que ceux de l'état de l'art, sont présentés. Premièrement, nous avons proposé un nouvel algorithme d'inversion modulaire en RNS. Les performances de notre algorithme ont été validées via une implantation FPGA, résultant en une inversion modulaire 5 à 12 fois plus rapide que l'état de l'art, pour les paramètres cryptographiques testés. Deuxièmement, un algorithme de multiplication modulaire RNS a été proposé. Cet algorithme décompose les valeurs en entrée et les calculs, afin de pouvoir réutiliser certaines parties lorsque c'est possible, par exemple lors du calcul d'un carré. Il permet de réduire de près de 25 % le nombre de pré-calculs à stocker et jusqu'à 10 % le nombre de multiplications élémentaires pour certaines applications cryptographiques (p. ex. le logarithme discret). Un algorithme d'exponentiation reprenant les mêmes idées est aussi présenté, réduisant le nombre de multiplications élémentaires de 15 à 22 %, contre un surcoût en pré-calculs à stocker. Troisièmement, un autre algorithme de multiplication modulaire RNS est proposé, ne nécessitant qu'une seule base RNS au lieu de 2 pour l'état de l'art, et utilisable uniquement dans le cadre ECC. Cet algorithme permet, pour certains corps bien spécifiques, de diviser par 2 le nombre de multiplications élémentaires et par 4 les pré-calculs à stocker. Les premiers résultats FPGA donnent des implantations de notre algorithme jusqu'à 2 fois plus petites que celles de l'algorithme de l'état de l'art, pour un surcoût en temps d'au plus 10 %. Finalement, une méthode permettant des tests de divisibilités multiples rapides est proposée, pouvant être utilisée en matériel pour un recodage de scalaire, accélérant certains calculs pour ECC. / The main objective of this PhD thesis is to speedup elliptic curve cryptography (ECC) computations, using the residue number system (RNS). A state-of-art of RNS for cryptographic computations is presented. Then, several new RNS algorithms, faster than state-of-art ones, are proposed. First, a new RNS modular inversion algorithm is presented. This algorithm leads to implementations from 5 to 12 times faster than state-of-art ones, for the standard cryptographic parameters evaluated. Second, a new algorithm for RNS modular multiplication is proposed. In this algorithm, computations are split into independant parts, which can be reused in some computations when operands are reused, for instance to perform a square. It reduces the number of precomputations by 25 % and the number of elementary multiplications up to 10 %, for some cryptographic applications (for example with the discrete logarithm). Using the same idea, an exponentiation algorithm is also proposed. It reduces from 15 % to 22 % the number of elementary multiplications, but requires more precomputations than state-of-art. Third, another modular multiplication algorithm is presented, requiring only one RNS base, instead of 2 for the state-of-art. This algorithm can be used for ECC and well-chosen fields, it divides by 2 the number of elementary multiplications, and by 4 the number of precomputations to store. Partial FPGA implementations of our algorithm halves the area, for a computation time overhead of, at worse, 10 %, compared to state-of-art algorithms. Finally, a method for fast multiple divisibility tests is presented, which can be used in hardware for scalar recoding to accelerate some ECC computations. Cryptographie à clef publique Arithmétique modulaire Arithmétique interne des ordinateurs Architecture des ordinateurs Conception des circuits électroniques Public key cryptography Modular arithmetic Computer arithmetic Computer architecture Electronic circuit design
206	Análise arquitetural de algoritmos criptográficos assimétricos em plataformas embarcadas usadas em RSSF Quirino, Gustavo da Silva 13 March 2013 (has links) This work consists in a performance evaluating of Asymmetrical cryptographic algorithms in embedded platforms used in Wireless Sensor Networks (WSN). The sensor devices have low computing power and energy, therefore safety techniques should not consume large amounts of resources. The asymmetric cryptographic algorithms RSA, ECC and MQQ were evaluated on platforms Desktop, ARM, MSP430 and AVR. The evaluations were performed using the SimpleScalar simulators, Sim-Panalyzer, MSPsim and AVRORA . The evaluation criteria were: processing time, memory usage and processor, as well as energy consumption. The data showed that the algorithm MQQ was more efficient than RSA and ECC algorithms in most assessment criteria, in addition, the ECC algorithm obtained the best results when compared with the RSA algorithm / Esse trabalho consiste na avaliação de desempenho de algoritmos criptográficos assimétrico em plataformas embarcadas usadas em Redes de Sensores Sem Fio (RSSF). Os dispositivos sensores têm baixa capacidade computacional e energética, portanto técnicas de segurança não devem consumir grande quantidade de recursos. Os algoritmos criptográficos assimétricos RSA, ECC e MQQ foram avaliados nas plataformas Desktop, ARM, MSP430 e AVR. A avaliação de desempenho foi realizada com auxílio dos simuladores SimpleScalar, Sim- Panalyzer, MSPsim e AVRORA. Os critérios de avaliação foram: tempo de processamento, uso de memória e processador, além do consumo de energia. Os dados revelaram que o algoritmo MQQ foi mais eficiente que os algoritmos RSA e ECC na maioria dos critérios de avaliação, além disso, o algoritmo ECC obteve os melhores resultados quando comparado com o algoritmo RSA Criptografia de dados (Computação) Desempenho Rede de sensores sem fio Certificado digital Computação Computer science Public key cryptography Wireless sensor networks
207	Protocolo de Identificação baseado em Polinômios Multivariáveis Quadráticos / Multivariate Quadratic Polynomials Identification Protocol Fabio de Salles Monteiro 03 December 2012 (has links) Os sistemas criptográficos de chave pública amplamente utilizados hoje em dia tem sua segurança baseada na suposição da intratabilidade dos problemas de fatoração de inteiros e do logaritmo discreto, sendo que ambos foram demonstrados inseguros sob o advento dos computadores quânticos. Sistemas criptográficos baseados em Multivariáveis Quadráticas (MQ) utilizam como base o problema MQ, que consiste em resolver um sistema de equações polinomiais multivariáveis quadráticas sobre um corpo finito. O problema MQ foi provado como sendo NP-completo e até hoje não se conhece algoritmo, nem mesmo quântico, de tempo polinomial que possa resolver o problema, fazendo com que sistemas criptográficos baseados nesta primitiva mereçam ser investigados e desenvolvidos como reais candidatos a proverem nossa criptografia pós-quântica. Durante a CRYPTO\'2011 Sakumoto, Shirai e Hiwatari introduziram dois novos protocolos de identificação baseados em polinômios multivariáveis quadráticos, os quais chamamos de MQID-3 e MQID-5, e que em especial e pela primeira vez, tem sua segurança reduzida apenas ao problema MQ. Baseados nestas propostas iremos apresentar uma versão aprimorada do protocolo MQID-3 na qual teremos uma redução da comunicação necessária em aproximadamente 9%. / The public-key cryptography widely used nowadays have their security based on the assumption of the intractability of the problems of integer factorization and discrete logarithm, both of which were proven unsafe in the advent of quantum computers. Cryptographic systems based on Multivariate Quadratic polynomials (MQ) are based on the MQ problem, which consists in solve a system of multivariate quadratic polynomials over a finite field. The MQ problem has been proven NP-complete and so far no polynomial time algorithm is known, not even quantum, which would resolve this problem, making worthwhile to be investigated and developed as a real candidate to provide post-quantum cryptography. In CRYPTO\'2011 Sakumoto, Shirai and Hiwatari introduced two new identification protocols based on multivariate quadratic polynomials, which we call MQID-3 and MQID-5, in particular, for the first time, their security is based only on the MQ problem. Using these proposals, we will present an improved version of the protocol MQID-3 that reduces communication by approximately 9%. Chave Pública Multivariável Conhecimento-Zero Criptografia Pós-Quântica Problema MQ Protocolos de Identificação Identification Protocols MQ Problem Multivariate Public-Key Post-Quantum Cryptography Zero-Knowledge
208	Certifikační autorita / Certification authority Herinek, Denis January 2018 (has links) There is a lot of available services on the internet those need to be more secured and trusted. Public key infrastructure is used in sectors where are higher expectations in case of authentication, integrity and confidentality. It is almost impossible to imagine how internet banking or electronic signatures of important documents would work without PKI. There is a lot of open-source realisations of PKI created by users. Digital certificates as a part of PKI are issued by certificate authorities. This diploma thesis consists of open- source realisation of certificate authority and timestamping authority to demonstrate services which they provide.
209	Hypereliptické křivky a jejich aplikace v kryptografii / Hyperelliptic curves and their application in cryptography Perzynová, Kateřina January 2010 (has links) Cílem této práce je zpracovat úvod do problematiky hypereliptických křivek s důrazem na konečná pole. T práci je dále popsán úvod do teorie divizorů na hypereliptických křivkách, jejich reprezentace, aritmetika nad divizory a jejich využití v kryptografii. Teorie je hojně demonstrována příklady a výpočty v systému Mathematica.
210	Authentication issues in low-cost RFID / Problèmes liés à l’authentification dans les RFID à bas coûts El Moustaine, Ethmane 13 December 2013 (has links) Cette thèse se concentre sur les problèmes liés à l’authentification dans la technologie RFID. Cette technologie est l’une des technologies les plus prometteuses dans le domaine de l’informatique ubiquitaire, elle est souvent désignée comme la prochaine révolution après Internet. Cependant, à cause des ressources très limitées en termes de calcul, mémoire et énergie sur les étiquettes RFID, les algorithmes classiques de sécurité ne peuvent pas être implémentés sur les étiquettes à bas coût rendant ainsi la sécurité et la vie privée un important sujet de recherche aujourd’hui. Dans un premier temps, nous étudions le passage à l’échelle dans les systèmes RFID à bas coût en développant un module pour ns-3 qui simule le standard EPC Class 1 Generation 2 pour établir un cadre stricte pour l’identification sécurisée des RFID à bas coût, ce qui nous conduit à l’utilisation de la cryptographie à clés publiques. Ensuite, nous proposons un protocole d’authentification basé sur une adaptation que nous avons introduit sur le célèbre cryptosystème NTRU. Ce protocole est spécialement conçu pour les RFID à bas coût comme les étiquettes n’implémentent que des opérations simples (xor, décalages, addition) et il garantit le passage à l’échelle. Enfin, nous considérons l’identification à divulgation nulle de connaissance, ce type d’approches est très utile dans de nombreuses applications RFID. Nous proposons deux protocoles à divulgation nulle de connaissance basés sur cryptoGPS et cryptoGPS randomisé. Ces approches consistent à stocker sur le serveur des coupons pré-calculés, ainsi la sécurité et la vie privée sont mieux supportées que dans les autres approches de ce type / This thesis focuses on issues related to authentication in low-cost radio frequency identification technology, more commonly referred to as RFID. This technology it is often referred to as the next technological revolution after the Internet. However, due to the very limited resources in terms of computation, memory and energy on RFID tags, conventional security algorithms cannot be implemented on low-cost RFID tags making security and privacy an important research subject today. First of all, we investigate the scalability in low-cost RFID systems by developing a ns-3 module to simulate the universal low-cost RFID standard EPC Class-1 Generation-2 in order to establish a strict framework for secure identification in low-cost RFID systems. We show that, the symmetrical key cryptography is excluded from being used in any scalable low-cost RFID standard. Then, we propose a scalable authentification protocol based on our adaptation of the famous public key cryptosystem NTRU. This protocol is specially designed for low-cost RFID systems, it can be efficiently implemented into low-cost tags. Finally, we consider the zero-knowledge identification i.e. when the no secret sharing between the tag and the reader is needed. Such identification approaches are very helpful in many RFID applications when the tag changes constantly the field of administration. We propose two lightweight zero-knowledge identification approaches based on GPS and randomized GPS schemes. The proposed approaches consist in storing in the back-end precomputed values in the form of coupons. So, the GPS-based variant can be private and the number of coupons can be much higher than in other approaches thus leading to higher resistance to denial of service attacks for cheaper tags RFID Authentification Sécurité Cryptographie à clé publique Vie privée Divulgation nulle de connaissance Les courbes elliptiques NTRU RFID Authentification Security Public key cryptography Privacy Zero-knowledge identification Elliptic curve NTRU

Search results