Global ETD Search

141	A comparison of circuit implementations from a security perspective Sundström, Timmy January 2005 (has links) <p>In the late 90's research showed that all circuit implementations were susceptible to power analysis and that this analysis could be used to extract secret information. Further research to counteract this new threat by adding countermeasures or modifying the nderlaying algorithm only seemed to slow down the attack.</p><p>There were no objective analysis of how different circuit implementations leak information and by what magnitude.</p><p>This thesis will present such an objective comparison on five different logic styles. The comparison results are based on simulations performed on transistor level and show that it is possible to implement circuits in a more secure and easier way than what has been previously suggested.</p> Electrical engineering Power analysis DPA logic styles secure implementations security comparison Elektroteknik Electrical engineering Elektroteknik
142	Towards security limits of embedded hardware devices : from practice to theory Peeters, Eric 16 November 2006 (has links) Mobile appliances and especially smart cards have found more and more applications in the past two decades. A little more than ten years ago, the security of those devices still only relied on mathematical complexity and computational infeasibility to force cryptographic systems. Unfortunately, during the execution of cryptographic algorithms, unintentional leakage may be observed. Indeed, the power consumption or the electromagnetic emanations of the device are correlated to the encryption/decryption process. Those unintended channels are called “sidechannel”. Our work was not targeted at the discovery of new “side-channel” sources but rather at a thorough investigation of two of them: the power consumption and the electromagnetic emanation in the near-field domain. In this respect, we dealt with three different aspects of the problem: 1. We carried out many experiments on small microcontrollers but also on FPGAs in order to provide an explanation on the sources and on the set up of an efficient measurement process. Moreover, we provide the first XY scanning pictures of the electromagnetic field radiated by a small microcontroller. 2. Obtaining several measures of the observed side-channel, how is it possible to statistically analyzed these observations? We detail here the different methods available and we introduce an enhancement in the Template Attack process with Principal Component Analysis. 3. Finally, on the basis of this experience, we tried to answer the following question: “Is it possible to provide a theoretical tool to evaluate secure implementations?” The idea was to follow the notion of “Physical Computer” introduced by Micali and Reyzin. In this respect, we provide here two metrics that we consider necessary to evaluate both the strength of the adversary and the information held in the leakage. Respectively we choose the average success rate and the Shannon's mutual information. Electromagnetic analysis Secure hardware Smart card Physical computer Cryptography DPA EMA Side-channel
143	Lossless quantum data compression and secure direct communication Boström, Kim January 2004 (has links) Diese Dissertation behandelt die Kodierung und Verschickung von Information durch einen Quantenkanal. Ein Quantenkanal besteht aus einem quantenmechanischen System, welches vom Sender manipuliert und vom Empfänger ausgelesen werden kann. Dabei repräsentiert der individuelle Zustand des Kanals die Nachricht. <br /> <br /> Die zwei Themen der Dissertation umfassen 1) die Möglichkeit, eine Nachricht in einem Quantenkanal verlustfrei zu komprimieren und 2) die Möglichkeit eine Nachricht von einer Partei zu einer einer anderen direkt und auf sichere Weise zu übermitteln, d.h. ohne dass es einer dritte Partei möglich ist, die Nachricht abzuhören und dabei unerkannt zu bleiben.<br /> <br /> Die wesentlichen Ergebnisse der Dissertation sind die folgenden. <br /> Ein allgemeiner Formalismus für Quantencodes mit variabler Länge wird ausgearbeitet. Diese Codes sind notwendig um verlustfreie Kompression zu ermöglichen. Wegen der Quantennatur des Kanals sind die codierten Nachrichten allgemein in einer Superposition von verschiedenen Längen. Es zeigt sich, daß es unmöglich ist eine Quantennachricht verlustfrei zu komprimieren, wenn diese dem Sender nicht apriori bekannt ist. Im anderen Falle wird die Möglichkeit verlustfreier Quantenkompression gezeigt und eine untere Schranke für die Kompressionsrate abgeleitet. Des weiteren wird ein expliziter Kompressionsalgorithmus konstruiert, der für beliebig vorgegebene Ensembles aus Quantennachrichten funktioniert.<br /> <br /> Ein quantenkryptografisches Prokoll - das “Ping-Pong Protokoll” - wird vorgestellt, welches die sichere direkte übertragung von klassischen Nachrichten durch einen Quantenkanal ermöglicht. Die Sicherheit des Protokolls gegen beliebige Abhörangriffe wird bewiesen für den Fall eines idealen Quantenkanals. Im Gegensatz zu anderen quantenkryptografischen Verfahren ist das Ping-Pong Protokoll deterministisch und kann somit sowohl für die Übermittlung eines zufälligen Schlüssels als auch einer komponierten Nachricht verwendet werden. Das Protokoll is perfekt sicher für die Übertragung eines Schlüssels und quasi-sicher für die direkte Übermittlung einer Nachricht. Letzteres bedeutet, dass die Wahrscheinlichkeit eines erfolgreichen Abhörangriffs exponenziell mit der Länge der Nachricht abnimmt. / This thesis deals with the encoding and transmission of information through a quantum channel. A quantum channel is a quantum mechanical system whose state is manipulated by a sender and read out by a receiver. The individual state of the channel represents the message.<br /> <br /> The two topics of the thesis comprise 1) the possibility of compressing a message stored in a quantum channel without loss of information and 2) the possibility to communicate a message directly from one party to another in a secure manner, that is, a third party is not able to eavesdrop the message without being detected.<br /> <br /> The main results of the thesis are the following. <br /> A general framework for variable-length quantum codes is worked out. These codes are necessary to make lossless compression possible. Due to the quantum nature of the channel, the encoded messages are in general in a superposition of different lengths. It is found to be impossible to compress a quantum message without loss of information if the message is not apriori known to the sender. In the other case it is shown that lossless quantum data compression is possible and a lower bound on the compression rate is derived. Furthermore, an explicit compression scheme is constructed that works for arbitrarily given source message ensembles. <br /> <br /> A quantum cryptographic protocol - the “ping-pong protocol” - is presented that realizes the secure direct communication of classical messages through a quantum channel. The security of the protocol against arbitrary eavesdropping attacks is proven for the case of an ideal quantum channel. In contrast to other quantum cryptographic protocols, the ping-pong protocol is deterministic and can thus be used to transmit a random key as well as a composed message. <br /> The protocol is perfectly secure for the transmission of a key, and it is quasi-secure for the direct transmission of a message. The latter means that the probability of successful eavesdropping exponentially decreases with the length of the message. Physics
144	Secure Multiparty Computation Via Oblivious Polynomial Evaluation Ozarar, Mert 01 September 2012 (has links) (PDF) The number of opportunities for cooperative computation has exponentially been increasing with growing interaction via Internet technologies. These computations could occur between trusted partners, between partially trusted partners, or even between competitors. Most of the time, the communicating parties may not want to disclose their private data to the other principal while taking the advantage of collaboration, hence concentrating on the results rather than private and perhaps useless data values. For performing such computations, one party must know inputs from all the participants / however if none of the parties can be trusted enough to know all the inputs, privacy will become a primary concern. Hence the techniques for Secure Multiparty Computation (SMC) are quite relevant and practical to overcome such kind of privacy gaps. The subject of SMC has evolved from earlier solutions of combinational logic circuits to the recent proposals of anonymity-enabled computation. In this thesis, we put together the significant research that has been carried out on SMC. We demonstrate the concept by concentrating on a specific technique called Oblivious Polynomial Evaluation (OPE) together with concrete examples. We put critical issues, challenges and the level of adaptation achieved before the researchers. We also provide some future research opportunities based on the literature survey.
145	Energy Conservation and Security Enhancement in Wireless End-to-end Secure Connections Narimani, Kiarash 05 September 2007 (has links) Wireless channels are vulnerable to interception. In some applications an end-to-end secure data transfer is required. However the use of cryptographic functions in communication over a wireless channel increases sensitivity to channel errors. As a result, the connection characteristics in terms of delay, throughput, and transmission energy worsen. Transmission energy is a key issue in some secure end-to-end wireless applications especially if they are running on mobile handheld devices with a limited source of energy such as batteries. That is why in most secure end-to-end wireless connections, the connection is dropped in poor channel conditions. In this thesis, models are proposed by which the performance is improved and transmission energy is lowered. A combination of a cross-layer controller, K Best Likelihood (K-BL) channel decoder, and a keyed error detection algorithm in the novel model supports the authorized receivers by a higher throughput, lower delay mean, and less transmission energy in a certain range of the Signal to Noise Ratio (SNR). This is done at the expense of additional computation at the receiving end. Ttradeoffs are examined and the simulation results of the new model are compared with those of conventional wireless communication systems. Another model is devised to mitigate the energy consumption of the Turbo Code channel decoder. The overall decoding energy consumption for each packet can be lowered by reducing the average number of iterations in the Turbo Code channel decoder. The proposed models achieve better energy consumption by reducing the number of iterations in a channel decoder that uses the Turbo decoder and by reducing the number of retransmissions in a trellis channel decoder. Furthermore, the security enhancement of the novel models is assessed in terms of the extent to which the enhancement is fully achieved. Energy Conservation Wireless Connections End-to-end Secure Electrical and Computer Engineering
146	A comparison of circuit implementations from a security perspective Sundström, Timmy January 2005 (has links) In the late 90's research showed that all circuit implementations were susceptible to power analysis and that this analysis could be used to extract secret information. Further research to counteract this new threat by adding countermeasures or modifying the nderlaying algorithm only seemed to slow down the attack. There were no objective analysis of how different circuit implementations leak information and by what magnitude. This thesis will present such an objective comparison on five different logic styles. The comparison results are based on simulations performed on transistor level and show that it is possible to implement circuits in a more secure and easier way than what has been previously suggested. Electrical engineering Power analysis DPA logic styles secure implementations security comparison Elektroteknik Electrical engineering Elektroteknik
147	SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions Kovan, Gerry January 2005 (has links) Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol. This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security. This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented. Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services. Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures
148	Energy Conservation and Security Enhancement in Wireless End-to-end Secure Connections Narimani, Kiarash 05 September 2007 (has links) Wireless channels are vulnerable to interception. In some applications an end-to-end secure data transfer is required. However the use of cryptographic functions in communication over a wireless channel increases sensitivity to channel errors. As a result, the connection characteristics in terms of delay, throughput, and transmission energy worsen. Transmission energy is a key issue in some secure end-to-end wireless applications especially if they are running on mobile handheld devices with a limited source of energy such as batteries. That is why in most secure end-to-end wireless connections, the connection is dropped in poor channel conditions. In this thesis, models are proposed by which the performance is improved and transmission energy is lowered. A combination of a cross-layer controller, K Best Likelihood (K-BL) channel decoder, and a keyed error detection algorithm in the novel model supports the authorized receivers by a higher throughput, lower delay mean, and less transmission energy in a certain range of the Signal to Noise Ratio (SNR). This is done at the expense of additional computation at the receiving end. Ttradeoffs are examined and the simulation results of the new model are compared with those of conventional wireless communication systems. Another model is devised to mitigate the energy consumption of the Turbo Code channel decoder. The overall decoding energy consumption for each packet can be lowered by reducing the average number of iterations in the Turbo Code channel decoder. The proposed models achieve better energy consumption by reducing the number of iterations in a channel decoder that uses the Turbo decoder and by reducing the number of retransmissions in a trellis channel decoder. Furthermore, the security enhancement of the novel models is assessed in terms of the extent to which the enhancement is fully achieved. Energy Conservation Wireless Connections End-to-end Secure Electrical and Computer Engineering
149	ESPR: Efficient Security Scheme for Position-Based Routing in Vehicular Ad Hoc Networks Alsharif, Nizar 07 1900 (has links) Vehicular Ad hoc Network (VANET) is a promising emerging technology that enables road safety, traffic management, and passengers and drivers comfort applications. Many applications require multi-hop routing; position-based routing (PBR) is a well-recognized routing paradigm that performs well in the vehicular context to enable these applications. However, there are many security challenges and various routing attacks which may prevent the deployment of PBR protocols. In this study, we propose a novel security scheme called ESPR to secure PBR protocols in VANETs. ESPR considers both digital signature and keyed Hash Message Authentication Code (HMAC) to meet the unique requirements of PBR. In ESPR, all legitimate members share a secret key. ESPR scheme applies a novel probabilistic key distribution to allow unrevoked members to update the shared secret key. Furthermore, it defines a set of plausibility checks that enables network members to detect and avoid PBR attacks autonomously. By conducting security analysis and performance evaluation, ESPR scheme demonstrated to outperform its counterparts in terms of communication overhead and delay while achieving robust and secure operation. ESPR Secure Routing Position-Based Routing VANETs Security Electrical and Computer Engineering
150	Chaos synchronization and its application to secure communication Zhang, Hongtao January 2010 (has links) Chaos theory is well known as one of three revolutions in physical sciences in 20th-century, as one physicist called it: Relativity eliminated the Newtonian illusion of absolute space and time; quantum theory eliminated the Newtonian dream of a controllable measurable process; and chaos eliminates the Laplacian fantasy of deterministic predictability". Specially, when chaos synchronization was found in 1991, chaos theory becomes more and more attractive. Chaos has been widely applied to many scientific disciplines: mathematics, programming, microbiology, biology, computer science, economics, engineering, finance, philosophy, physics, politics, population dynamics, psychology, and robotics. One of most important engineering applications is secure communication because of the properties of random behaviours and sensitivity to initial conditions of chaos systems. Noise-like dynamical behaviours can be used to mask the original information in symmetric cryptography. Sensitivity to initial conditions and unpredictability make chaotic systems very suitable to construct one-way function in public-key cryptography. In chaos-based secure communication schemes, information signals are masked or modulated (encrypted) by chaotic signals at the transmitter and the resulting encrypted signals are sent to the corresponding receiver across a public channel (unsafe channel). Perfect chaos synchronization is usually expected to recover the original information signals. In other words, the recovery of the information signals requires the receiver's own copy of the chaotic signals which are synchronized with the transmitter ones. Thus, chaos synchronization is the key technique throughout this whole process. Due to the difficulties of generating and synchronizing chaotic systems and the limit of digital computer precision, there exist many challenges in chaos-based secure communication. In this thesis, we try to solve chaos generation and chaos synchronization problems. Starting from designing chaotic and hyperchaotic system by first-order delay differential equation, we present a family of novel cell attractors with multiple positive Lyapunov exponents. Compared with previously reported hyperchaos systems with complex mathematic structure (more than 3 dimensions), our system is relatively simple while its dynamical behaviours are very complicated. We present a systemic parameter control method to adjust the number of positive Lyapunov exponents, which is an index of chaos degree. Furthermore, we develop a delay feedback controller and apply it to Chen system to generate multi-scroll attractors. It can be generalized to Chua system, Lorenz system, Jerk equation, etc. Since chaos synchronization is the critical technique in chaos-based secure communication, we present corresponding impulsive synchronization criteria to guarantee that the receiver can generate the same chaotic signals at the receiver when time delay and uncertainty emerge in the transmission process. Aiming at the weakness of general impulsive synchronization scheme, i.e., there always exists an upper boundary to limit impulsive intervals during the synchronization process, we design a novel synchronization scheme, intermittent impulsive synchronization scheme (IISS). IISS can not only be flexibly applied to the scenario where the control window is restricted but also improve the security of chaos-based secure communication via reducing the control window width and decreasing the redundancy of synchronization signals. Finally, we propose chaos-based public-key cryptography algorithms which can be used to encrypt synchronization signals and guarantee their security across the public channel. chaos hyperchaos chaotic attractor chaos synchronization network synchronization secure communication chaos communication Electrical and Computer Engineering

Search results