Secure communications based on chaotic systems

Haroun, Mohamed

02 December 2015

This dissertation provides methods to utilize chaos efficiently in secure communications. Chaos has many desirable characteristics such as ergodicity and sensitivity to initial conditions, and is considered an ideal candidate for use in cryptography and secure communications. On the other hand, it suffers from sensitivity to noise and fading if it is used for physical layer transmission, and errors due to the finite precision of the numerical algorithms in digital systems. This limits the use of chaos in cryptographic applications. Accordingly, this dissertation proposes new algorithms to enhance the security of modern communication systems using chaos. The focus is on developing chaotic cryptosystems for wireless systems that are reliable, secure, and have good performance. / Graduate / mharoun@uvic.ca

Secure communications

Design and Characterization of a Hardware Encryption Management Unit for Secure Computing Platforms

Mahar, Anthony J.

18 August 2005

Software protection is increasingly necessary for a number of applications, ranging from commercial systems and digital content distributors, to military systems exposed in the field of operations. As computing devices become more pervasive, and software more complex, insufficiencies with current software protection mechanisms have arisen. Software--only and data--only protection systems have resulted in broken systems that are vulnerable to loss of software confidentiality and integrity. A growing number of researchers have suggested that hardware encryption mechanisms be employed to enforce software protection. Although there are several competing architectures, few offer the necessary protection while remaining compatible with modern computing systems and models. The Virginia Tech Secure Software Platform is the first architecture to achieve both increased protection and usability. This thesis presents the design and implementation of a fast, flexible Encryption Management Unit (EMU) for Virginia Tech Secure Software and compatible platforms. The design is capable of providing decryption of program instructions residing in page--sized sections of memory, without modification to the core processor. The effect of the EMU is modeled with varying application types and system loads. Lastly, a benchmark designed to measure actual performance was created to measure the actual performance of the EMU and validate the models. / Master of Science

encryption

cryptography

secure processors

secure computing

Evaluating security-enhanced interdomain routing protocols in full and partial deployment

Lychev, Robert D.

27 August 2014

The Internet consists of over 50 thousand smaller networks, called Autonomous Systems (ASes) (e.g., AT&T, Sprint, Google), that use the Border Gateway Protocol (BGP) to figure out how to reach each other. One way or another, we all rely on BGP because it is what glues the Internet together, but despite its crucial role, BGP remains vulnerable to propagation of bogus routing information due to malicious attacks or unintentional misconfigurations. The United States Department of Homeland Security (DHS) views BGP security as part of its national strategy for securing the Internet, and there is a big push to standardize a secure variant of BGP (S*BGP) by the Internet Engineering Task Force (IETF). However, S*BGP properties and their impact on the Internet's routing infrastructure, especially in partial deployment, have not yet been fully understood. To address this issue, in this thesis we use methodologies from applied cryptography, algorithms, and large scale simulations to study the following three key properties with respect to their deployment: 1. provable security guarantees, 2. stability in full and partial deployment with or without attackers, 3. benefits and harm resulting from full and partial deployment. With our analysis we have discovered possible security weaknesses in previously proposed secure BGP variants and suggest possible fixes to address them. Our analysis also reveals that security benefits from partially deployed S*BGP are likely to be meager, unless a significant fraction of ASes deploy it. At the same time, complex interactions between S*BGP and the insecure, legacy BGP can introduce new vulnerabilities and instabilities into the Internet's routing infrastructure. We suggest possible strategies for mitigating such pitfalls and facilitating S*BGP deployment in practice.

BGP

Secure routing

SECURE BANDWIDTH EFFICIENT MULTICASTING FOR WIDE AREA NETWORKS

Koneru, Sindoora

01 May 2010

Recently an efficient multicasting protocol has been reported which uses a concept known as pseudo diameter to reduce the number of duplicate packets generated during multicasting in wide area networks (WANs). This work is superior to the Distance Vector Multicast Routing protocols (DVMRP) from the viewpoint of better bandwidth utilization. In this thesis security aspect of the above mentioned multicast protocol has been considered. Asymmetric key cryptography concept has been used effectively to design the protocol.

SECURE BANDWIDTH EFFICIENT MULTICASTING

On the Fundamental Limits of Secure Summation and MDS Variable Generation

Zhao, Yizhou

07 1900

Secure multiparty computation refers to the problem where a number of users wish to securely compute a function on their inputs without revealing any unnecessary information. This dissertation focuses on the fundamental limits of secure summation under different constraints. We first focus on the minimal model of secure computation, in which two users each hold an input and wish to securely compute a function of their inputs at the server. We propose a novel scheme base on the algebraic structure of finite field and modulo ring of integers. Then we extend the minimal model of secure computation, in which K users wish to securely compute the sum of their inputs at the server. We prove a folklore result on the limits of communication cost and randomness cost. Then we characterized the optimal communication cost with user dropouts constraint, when some users may lose connection to the server and the server wishes to compute the sum of remaining inputs. Next, we characterize the optimal communication and randomness cost for symmetric groupwise keys and find the feasibility condition for arbitrary groupwise keys. Last, we study the secure summation with user selection, such that the server may select any subset of users to compute the sum of their inputs. This leads us to the MDS variable generation problem. We characterize the optimal individual key rate and the result is interestingly the harmonic number.

Secure Summation

Capacity Region

Designing secure information systems and software:critical evaluation of the existing approaches and a new paradigm

Siponen, M. (Mikko)

24 August 2002

Abstract This dissertation is composed of three contributions. First, it recognizes a set of key security issues for information systems (IS), and examines the extent to which these issues have been studied and resolved by existing research efforts. Second, it analyses and discusses the existing approaches for designing secure information systems (SIS), shedding light on their underlying foundations. Third, based on the findings, a framework is put forth, addressing the fundamental shortcomings of the existing SIS design approaches. A meta-notation for adding security into IS development methods is presented as a framework-based example. An action research intervention is accomplished to test the relevance, suitability and feasibility of the meta-notation in practice. Overall, this dissertation sets forth a novel approach for extending security in IS/software development methods.

IS security

development of secure IS

EASEmail: Easy Accessible Secure Email

Segeberg, Ryan B.

15 May 2009

Traditional email encryption methods are difficult to set up, as they require senders to obtain a message recipient's public key before a secure communication can be sent. Easy Accessible Secure Email (EASEmail) addresses the key establishment and exchange issues of encrypted email by using a lightweight symmetric key server. Users can send a secure email without establishing or exchanging keys with the recipient in advance. With usability as its primary goal, EASEmail strives to bring usable secure email communication to the masses.

secure email

usability

Computer Sciences

Securing Print Services for Telemetry Post-Processing Applications

Hines, Larry, Kalibjian, Jeff

10 1900

ITC/USA 2006 Conference Proceedings / The Forty-Second Annual International Telemetering Conference and Technical Exhibition / October 23-26, 2006 / Town and Country Resort & Convention Center, San Diego, California / One of the primary goals of telemetry post processing is to format received data for review and analysis. This occurs by both displaying processed data on video monitors and by printing out the results to hardcopy media. Controlling access (i.e. viewing) of telemetry data in soft form (i.e. video monitor) is achieved by utilizing the existing framework of authentication and authorization on the client/server machines hosting the telemetry data (and post processing applications). Controlling access to hardcopy output has historically been much more problematic. This paper discusses how to implement secure printing services for telemetry post processing applications.

Secure printing

secure print management server

secure print policy

security officer

authentication

authorization

Varför utsätter vissa ungdomar andra för mobbning? : En studie om ungdom- och föräldrarelationens påverkan på ungdomars mobbningsbeteende

Magnenat, Stephanie, Tsang, Blue Yee

January 2015

The aim of the study has been to see if parent- youth relations have an impact on teenagers bullying behaviour and whether we can find any differences between boys and girls. To study this field we have used a quantitative approach using materials from Stockholmsenkäten 2014. In order to analyse the material we have used cross tables, indexes and multivariate cross tables analysis with associated significance test. In this study the attachment theory has been used. The results indicate that parent- youth relations seems to have an impact on teenagers bullying behaviour. The teenagers who bully others are more likely to have a bad parent- youth relations characterized by an insecure attachment to their parents. The opposite tends to apply for those who do not expose others to bullying, these teenagers usually have a good parent- youth relations where they have a secure attachment to their parents. Furthermore the result also indicate that the nature of the parent- youth relations along with if the adolescents expose others to bullying did not differ between boys and girls.

parent- youth relations

bullying

attachment

secure base

DATA SECURITY IN SOLID STATE DISKS

Fitzgerald, Alan

10 1900

ITC/USA 2005 Conference Proceedings / The Forty-First Annual International Telemetering Conference and Technical Exhibition / October 24-27, 2005 / Riviera Hotel & Convention Center, Las Vegas, Nevada / Solid state disk characteristics make them ideal for data collection in both harsh environments and secure telemetry application. In comparison to their magnetic counterparts, solid state disks are faster, more reliable, extremely durable and, with changing economies and geometries, more affordable and available in higher capacities than ever before. This paper will discuss solid state disk storage, access controls, and data elimination in relation to various telemetry scenarios. The reader will be introduced to the operational considerations of solid state disk data security and the underlying technical concepts of how these are implemented.

Flash disk

solid state disk

secure erase