安全多方計算平行演算法之實證研究 / An Empirical Study on the Parallel Implementation of Secure Multi-Party Computation

王啟典, Wang, Chi-Tien

Unknown Date

安全多方計算是資訊安全研究裡的一個重要主題，其概念為多方在不洩漏各自私有資訊下能一起完成某種函式的計算。在安全多方計算研究領域裡，有一種作法是以scalar product來當作計算的基礎演算邏輯單元，重而建構其他更複雜的安全多方計算。本論文首先針對scalar product發展一套平行性實作架構，藉此我們再實作出多個不同演算法之comparison計算，其中包含了循序演算法以及平行演算法。我們透過實驗來找出適當的平行計算基礎架構與影響執行時間效能的主要因子，並以執行時間效能上的分析來推導相關時間公式。由上述實證研究我們對於不同演算法之comparison計算來作執行時間效能的預測，從實驗結果可以得知我們推導出來之時間公式極為準確，希望能給予使用者在執行comparison計算有所考量，使其在不同執行環境執行comparison計算能有最佳的執行時間效能。 / Loosely speaking, secure multi-party computation (SMC) involves computing functions with inputs from two or more parties in a distributed network while ensuring that no additional information, other than what can be inferred from each participant’s input and output, is revealed to parties not privy to that information. This thesis concerns the parallel implementation of SMC using a scalar-product (SP) based approach. In this approach, SP is considered as the basic building block for constructing more complex SMC. My thesis first develops a concurrent architecture for implementing two-party scalar product computation. Then it implements several algorithms of secure comparison. Finally, a series of experiments are conducted to collect performance statistics for building time functions that can predict the execution time of comparison computation based on that of the scalar product and other parameters, such as CPU core numbers. From the experimental results, we find that these time functions are very accurate. Hence we argue that these time functions can assist users to obtain the better runtime performance for comparison protocols under their specific execution environments.

安全多方計算

Scalar product

平行演算法

時間公式

Secure multi-party computation

Scalar product

Parallel algorithm

Time function

Analyzing the feasibility of using secure application integration methodology (SAIM) for integrating don enterprise resource planning (ERP) application

Marin, Ramon O.

03 1900

Approved for public release, distribution is unlimited / A thorough examination of the Secure Application Integration Methodology (SAIM) for applicability in the Department of the Navy (DON) would provide useful information about a beneficial methodology. SAIM is analyzed, by accessing its step by step directions, for suitability in the integration of the Enterprise Resource Planning (ERP) projects implemented by the SYSTEMS COMMANDS (SYSCOMS). The Navy Enterprise Convergence Team (NECT) that leads the ERP integration effort could benefit from a sound Enterprise Application Integration methodology. Results do not support SAIM as the sole guiding EAI methodology however it could have some value to the NECT. SAIM has three primary benefits which NECT could employ: 1) It provides a complete walkthrough of the EAI process, 2) It emphasizes the importance of an Enterprise Architecture, and 3) It provides useful management checklists along with other important considerations. SAIM also has some significant shortcomings: 1) It does not support all the DON Chief Information Officer requirements, 2) It does not provide Change Management Guidance, 3) It does not take into account the uniqueness of the Navy's environment, and finally 4) SAIM relies on an Enterprise Architecture as its foundation which the Navy does not currently have. / Lieutenant Commander, United States Navy

Artificial intelligence

Military applications

United States

Application software

Enterprise resource planning

Enterprise resource planning

ERP convergence

Enterprise application integration

可預防雙重支付的離線小額匿名交易機制 / Anonymous off-line micro-payment protocol with double spending prevention

林承毅

Unknown Date

近年來手機的普及率日漸增加，手機逐漸成為生活中不可或缺的工具，因此許多生活方式逐漸的偏向由手機端完成，例如:找路不需要再透過地圖,上網查資料不需要再透過電腦，人們逐漸地把實體錢包轉向利用手機支付的電子錢包，像是中國支付寶等支付系統。利用手機當作錢包已經是現今手機發展的主要方向，然而對於手機的安全支付議題也日漸重視，近年來有安全晶片的保護下使用者的手機安全也有一定程度的提升，但是在離線交易的情況下惡意使用者的操作依然是可以欺騙安全晶片並製造出雙重支付的問題。 2016年陳等人提出了一個基於NFC系統的匿名行動付款協定，然而該協定中必須要有銀行端的介入才能執行交易。在本論文中，我們基於陳等人的線上交易協定為基礎下發展了本篇論文的新交易協定，此交易協定可以適用於離線以及線上的環境。 離線環境下的雙重支付行為一直交易的過程中難以預防的攻擊，在本篇論文中我們透過安全晶片、符號化和本論文研究的雜湊鍊來預防雙重支付行為，且能保障使用者在交易過程中的匿名性。 / As the coverage of mobile phone has been constantly increased in recent years, the mobile phones have become an indispensable tool in life. Many ways of lives are gradually done through the mobile terminals, for example: No longer need to find the way through the map or search information through the computer, people have also gradually turned to electronic payment via e-wallets instead of paying via physical wallets, such as AliPay in China. Adopting the mobile phone as a wallet is nowadays the main development direction of mobile phones. Meanwhile, people are paying more and more attention to the topics on the security of mobile payment than before. In recent years, under the protection of secure element, the security of users’ mobile phone has been enhanced to a certain extent. In the case of off-line transactions, malicious users are capable of fooling secure element and making double spending. In 2016, Chen et al. proposed a NFC-Based anonymous mobile payment protocol. In that protocol the transaction can only be executed with the involvement of issuer. In this research, we introduce a new protocol which can support both on-line and off-line transactions. Our protocol is modified from that of Chen et al.’s idea. In our protocol, to prevent a malicious user, we use a secure element which stores sensitive information that cannot be altered by the user. In this way, the cheating behavior of a malicious user can be prevented. On the other hand, by using the token techniques, the anonymity of a user can be achieved from the view of a merchant. In this study, we focus on double spending which can make merchant a lot of cost at off-line transaction. We used hash chain to verify the correctness of transactions and prevent the double spending.

雙重支付

NFC

離線交易

安全交易

Token

Double Spending

NFC

Off-line Payment

Secure Payment

Token

Phénoménologie de la situation médiative / Fenomenologia della situazione mediativa / The mediative situation

Bonfanti, Thierry

02 April 2012

M’interrogeant sur l’inflation du mot « médiation », j’ai passé en revue quelques unes des pratiques les plus courantes invoquant un terme dont j’ai pu en constater, dans certains cas, l’usage abusif. À partir de là, j’ai tenté de tracer les contours d’un concept en mal de définition. J’ai ainsi dégagé deux caractéristiques intrinsèques de la médiation, à savoir la triangularité et la non-directivité ainsi que ses deux prérequis que sont le libre consentement des participants et la légitimation du médiateur. Par ailleurs, j’ai constaté que la médiation ne s’appliquait pas qu’aux situations conflictuelles et que son enjeu n’était pas exclusivement affectif. Il peut être également matériel, donnant alors lieu à une médiation de type « négociatif ». En croisant ces deux variables, j’ai proposé une typologie des pratiques de médiation. Dans une seconde partie de ma thèse, je me suis livré à une analyse phénoménologique de la médiation, me servant de l’enregistrement de jeux de rôles. Cette analyse m’a conduit à élargir mon champ de vision, d’une «médiation» comprise comme « action du médiateur » à une réalité plus complexe que j’ai appelée « situation médiative » où le médiateur agit autant sur les participants qu’il est agi par eux. Cette situation, loin de se réduire à une pratique instituée, constitue un véritable phénomène social, fréquent dans la vie courante. La confiance que les participants accordent au médiateur, le rôle qu’ils lui font jouer en tant que « base de sécurité » comme alternative au face à face et sa fonction d’étayage de la communication constituent des conditions essentielles de la situation médiative avant même les techniques de médiation. / Wondering about the increasing use of the word « mediation », I reviewed some of the most common practices referring to this word which was, in some cases, misused. On this basis, I strived to draw the outline of a concept in need of definition. In doing so, I identified two characteristics of mediation, namely the triangularity and the non-directivity, as well as its two prerequisites, i.e. the consent of the participants and the recognition of the mediator. Moreover, I noted that mediation does not apply only to situations of conflict and that its stake is not exclusively emotional. It could be material, leading to a negotiating mediation. Crossing these two variables, I then propose a typology of mediation practices. In a second part of my thesis, I set up a phenomenological analysis of mediation, using video recordings of role playing. This analysis led me to broaden my own perspective, from a mediation as « mediator’s action » to a more complex scenario that I called « mediative situation », where the mediator influences the participants and is in turn influenced by them. This situation, far from being restricted to an established practice, is indeed a social and frequent phenomenon. The confidence the participants have in the mediator, the role they give him/her as a “secure base” and as an alternative to the face to face situation, and his function in supporting communication, lay the basic condition of the mediative situation, a long way ahead of mediations techniques.

Accord

Base de sécurité

Conciliation

Confiance

Conflit

Etayage

Médiation

Négociation

Non-directivité

Réconciliation

Tiers

Trilogue

Agreement

Conciliation

Trust

Conflict

Mediation

Negotiation

Non-directivity

Reconciliation

Secure base

Support

Third party

Trilogue

303.69

Význam komunitních kruhů a ranních dopisů v primárním vzdělávání / Importance of Community cirles and morning letters in primary education

Pišlová, Zuzana

January 2012

In my diploma thesis I am examining the importance of community circles and morning letters in primary education. I would like to give an explanation of the term community circle especially focusing on the community circles in the programme Step by Step. These were particularly inspiring for me. I am also looking into the community circles from the point of view of the Framework Educational Programme and acquiring key competencies. It is, indeed, in the community circles that the social and communication competencies are developed. The goal of my thesis is above all stating the terms of smooth establishment of a community circle. I hope to offer guidelines for a start-up of community circles and the development of short activities used in morning circles. I also suggest examples of various morning letters useful in any school. Keywords: community circles, morning letter, key competencies, Step by Step program, rules, communication, secure environment

Computational Intelligence and Complexity Measures for Chaotic Information Processing

Arasteh, Davoud

16 May 2008

This dissertation investigates the application of computational intelligence methods in the analysis of nonlinear chaotic systems in the framework of many known and newly designed complex systems. Parallel comparisons are made between these methods. This provides insight into the difficult challenges facing nonlinear systems characterization and aids in developing a generalized algorithm in computing algorithmic complexity measures, Lyapunov exponents, information dimension and topological entropy. These metrics are implemented to characterize the dynamic patterns of discrete and continuous systems. These metrics make it possible to distinguish order from disorder in these systems. Steps required for computing Lyapunov exponents with a reorthonormalization method and a group theory approach are formalized. Procedures for implementing computational algorithms are designed and numerical results for each system are presented. The advance-time sampling technique is designed to overcome the scarcity of phase space samples and the buffer overflow problem in algorithmic complexity measure estimation in slow dynamics feedback-controlled systems. It is proved analytically and tested numerically that for a quasiperiodic system like a Fibonacci map, complexity grows logarithmically with the evolutionary length of the data block. It is concluded that a normalized algorithmic complexity measure can be used as a system classifier. This quantity turns out to be one for random sequences and a non-zero value less than one for chaotic sequences. For periodic and quasi-periodic responses, as data strings grow their normalized complexity approaches zero, while a faster deceasing rate is observed for periodic responses. Algorithmic complexity analysis is performed on a class of certain rate convolutional encoders. The degree of diffusion in random-like patterns is measured. Simulation evidence indicates that algorithmic complexity associated with a particular class of 1/n-rate code increases with the increase of the encoder constraint length. This occurs in parallel with the increase of error correcting capacity of the decoder. Comparing groups of rate-1/n convolutional encoders, it is observed that as the encoder rate decreases from 1/2 to 1/7, the encoded data sequence manifests smaller algorithmic complexity with a larger free distance value.

Advance-time sampling technique

Chaos synchronization

Chaotic encryption

Convolutional coding

Cryptosystem algorithmic complexity

Feedback controlled systems

Lyapunov exponent spectrum

Lempel-Ziv algorithmic complexity

Secure communication.

Hjälp, var tog kunskapen och kompetensen vägen? : En fallstudie av Svea Hovrätt och Uppsala Kommuns arbete med att kompetenssäkra verksamheten

Thersthol, Jonathan, Höglund, Eskil

January 2019

Syftet med studien var att bidra till en djupare förståelse över hur organisationer arbetar med att kompetenssäkra verksamheten och hantera kunskapsförlust till följd av personalomsättning. Den här undersökningen utgörs av en fallstudie av Uppsala kommun och Svea Hovrätt och har en kvalitativ ansats. Det empiriska materialet har samlats in genom semistrukturerade intervjuer med sju respondenter. Studiens teoretiska ramverk vilar på Nonaka och Konnos uppdelning av kunskapsbegreppet i implicit respektive explicit kunskap. Hansen, Nohria och Tierneys begrepp kodifiering och personalisering om överföring och bevarande av kunskap samt Hansson respektive Lindelöws olika modeller över kompetensutveckling och behållande av personal. Studiens resultat visar att det effektivaste sättet att behålla kunskap och kompetens inom organisationen är genom att behålla personalen. Arbetet med att behålla personal inkluderar lönesättning, att organisationen erbjuder utvecklingsmöjligheter och andra hygienfaktorer som anställningstrygghet. Resultatet visar att kompetensutveckling fyller flera syften, både som ett sätt att se till att rätt kompetens finns inom organisationen, men också som ett sätt för att personalen ska trivas och vilja arbeta kvar. Arbetet med kompetensutveckling innehåller delar som introduktionskurser, medarbetarsamtal, seminarier och utbildningar samt uppföljning. Ytterligare ett sätt att kompetenssäkra verksamheten är att bevara den kunskap som finns inom organisation genom kodifiering och personalisering. Det framkommer i studien att det svåra är att dela och behålla implicit kunskap som bygger på erfarenhet när en medarbetare lämnar organisationen. / The purpose of the study was to contribute to a deeper understanding of how organizations work to secure the competence and handle knowledge loss as a result of staff turnover. This study consists of a case study of Uppsala kommun and Svea Hovrätt and has a qualitative approach. The empirical material has been collected through semi-structured interviews with seven respondents. The study's theoretical framework rests upon Nonaka and Konno's breakdown of the concept of knowledge in implicit and explicit knowledge. Hansen, Nohria and Tierneys concepts of codification and personalization on transfer and preservation of knowledge, as well as Hansson and Lindelöw's both models of competence development and retention of staff. The study's results show that the most effective way of retaining knowledge and competence within the organization is by retaining the staff. The work of retaining staff includes wage setting, that the organization offers development opportunities and other hygiene factors such as job security. The result shows that competence development fulfills several purposes, both as a way of ensuring that the right skills are within the organization, but also as a way for the staff to feel comfortable and want to work. The work on competence development includes parts such as introductory courses, staff appraisals, seminars and training courses and follow-up. Another way to secure the competence is to preserve the knowledge that exists within the organization through codification and personalization. It appears from the study that the difficult thing is to share and maintain implicit knowledge based on experience when an employee leaves the organization.

Secure competence

Competence development actions

Share knowledge

Retain knowledge

Knowledge loss

Staff turnover.

Kompetenssäkra

Kompetensutveckling

Kunskapsdelning

Kunskapsbevarande

Kunskapsförlust

Personalomsättning.

Pedagogy

Pedagogik

Contributions à la sécurité des circuits intégrés face aux attaques par canaux auxiliaires / Contributions to the security of integrated circuits against side-channel attacks

Vaquié, Bruno

18 December 2012

Les attaques par canaux cachés telles que les attaques par analyse de la consommation sont une menace pour la sécurité des circuits intégrés. Elles exploitent les fuites physiques émises par les circuits lors des calculs cryptographiques pour récupérer les informations secrètes qu'ils contiennent. De nombreuses contremesures, notamment matérielles, ont donc été proposées par la communauté dans le but de protéger les crypto-systèmes contre ce type d'attaques. Malgré leur efficacité, leur inconvénient majeur est leur surcoût important en surface, vitesse et consommation. Cette thèse a pour objectif de proposer des contremesures avec un faible coût au niveau matériel visant à réduire ces fuites et offrant un bon compromis entre sécurité et surcoûts. Pour cela, nous identifions tout d'abord les principales sources de fuites d'un crypto-système intégrant une architecture matérielle itérative d'un algorithme symétrique. Puis nous proposons plusieurs contremesures, à faible coût matériel, qui visent à réduire ces fuites. Enfin, nous évaluerons la robustesse de nos solutions face aux attaques par canaux cachés. / Side channel attacks such as power analysis attacks are a threat to the security of integrated circuits.They exploit the physical leakage of circuits during the cryptographic computations to retrieve the secret informations they contain. Many countermeasures, including hardware, have been proposed by the community in order to protect cryptosystems against such attacks. Despite their effectiveness, their major drawback is their significant additional cost in area, speed and consumption. This thesis aims at proposing low cost countermeasures able to reduce the leaks and offering a good compromise between security and costs. First we identify the main sources of leakage of a cryptographic system that integrates an iterative hardware architecture of a symetric algorithm. Then we propose several low cost countermeasures, which aim at reducing this leakage. Finally, we evaluate the robustness of our solutions against side channel attacks.

Cryptographie

Attaques par canaux cachés

Contremesures matérielles

Registres sécurisés

Algorithme DES

Attaques DPA et CPA

Cryptography

Side Channel Attacks

Hardware countermeasure

Secure register

Des

DPA and CPA

Rijndael Circuit Level Cryptanalysis

Pehlivanoglu, Serdar

05 May 2005

The Rijndael cipher was chosen as the Advanced Encryption Standard (AES) in August 1999. Its internal structure exhibits unusual properties such as a clean and simple algebraic description for the S-box. In this research, we construct a scalable family of ciphers which behave very much like the original Rijndael. This approach gives us the opportunity to use computational complexity theory. In the main result, we generate a candidate one-way function family from the scalable Rijndael family. We note that, although reduction to one-way functions is a common theme in the theory of public-key cryptography, it is rare to have such a defense of security in the private-key theatre. In this thesis a plan of attack is introduced at the circuit level whose aim is not break the cryptosystem in any practical way, but simply to break the very bold Rijndael security claim. To achieve this goal, we are led to a formal understanding of the Rijndael security claim, juxtaposing it with rigorous security treatments. Several of the questions that arise in this regard are as follows: ``Do invertible functions represented by circuits with very small numbers of gates have better than worst case implementations for their inverses?' ``How many plaintext/ciphertext pairs are needed to uniquely determine the Rijndael key?'

computational complexity

private-key cryptography

Advanced Encryption Standard

Rijndael

cryptanalysis

K-secure

hermetic

block cipher

circuit complexity

Cryptography

Computational complexity

Data encryption (Computer science)

Alianças defensivas em grafos

Dias, Elisângela Silva

26 March 2010

Submitted by Jaqueline Silva (jtas29@gmail.com) on 2014-09-04T17:02:47Z No. of bitstreams: 2 Dissertacao Elisangela Silva Dias.pdf: 846122 bytes, checksum: 357f425f14050b1601ed04cbcd4d9165 (MD5) license_rdf: 23148 bytes, checksum: 9da0b6dfac957114c6a7714714b86306 (MD5) / Made available in DSpace on 2014-09-04T17:02:47Z (GMT). No. of bitstreams: 2 Dissertacao Elisangela Silva Dias.pdf: 846122 bytes, checksum: 357f425f14050b1601ed04cbcd4d9165 (MD5) license_rdf: 23148 bytes, checksum: 9da0b6dfac957114c6a7714714b86306 (MD5) Previous issue date: 2010-03-26 / A defensive alliance in graph G = (V;E) is a set of vertices S V satisfying the condition that every vertex v 2 S has at most one more neighbor in V 􀀀S than S. Due to this type of alliance, the vertices in S together defend themselves to the vertices in V 􀀀S. This dissertation introduces the basic concepts for the understanding of alliances in graphs, along with a variety of alliances and their numbers and provides some mathematical properties for these alliances, focusing mainly on defensive alliances in graphs. It shows theorems, corollaries, lemmas, propositions and observations with appropriate proofs with respect to the minimum degree of a graph G d(G), the maximum degree D(G), the algebraic connectivity μ, the total dominanting set gt(G), the eccentricity, the edge connectivity l(G), the chromatic number c(G), the (vertex) independence number b0(G), the vertex connectivity k(G), the order of the largest clique w(G) and the domination number g(G). It also shows a generalization of defensive alliances, called defensive kalliance, and the definition and properties of a security set in G. A secure set S V of graph G = (V;E) is a set whose every nonempty subset can be successfully defended of an attack, under appropriate definitions of “attack” and “defence”. / Uma aliança defensiva no grafo G = (V;E) é um conjunto de vértices S V satisfazendo a condição de que todo vértice v 2 S tem no máximo um vizinho a mais em V 􀀀S que em S. Devido a este tipo de aliança, os vértices em S juntam para se defenderem dos vértices em V 􀀀S. Nesta dissertação, são introduzidos os conceitos básicos para o entendimentos das alianças em grafos, junto com uma variedade de tipos de alianças e seus respectivos números, bem como são fornecidas algumas propriedades matemáticas para estas alianças, focando principalmente nas alianças defensivas em grafos. Apresentamos teoremas, corolários, lemas, proposições e observações com as devidas provas com relação ao grau mínimo de um grafo G d(G), ao grau máximo D(G), à conectividade algébrica μ, ao conjunto dominante total gt(G), à excentricidade, à conectividade de arestas l(G), ao número cromático c(G), ao número de independência (de vértices) b0(G), à conectividade de vértices k(G), à ordem da maior clique w(G) e ao número de dominação g(G). Também é mostrada a generalização de alianças defensivas, chamada k-aliança defensiva, e a definição e propriedades de um conjunto seguro em G. Um conjunto seguro S V do grafo G = (V;E) é um conjunto no qual todo subconjunto não-vazio pode ser defendido com sucesso de um ataque, sob as definições apropriadas de “ataque” e “defesa”.

Alianças em grafos

Alianças defensivas

Conjuntos seguros

Alliances in graphs

Defensive alliances

Secure sets