Global ETD Search

1	Digital Signcryption Smith, Clayton D. January 2005 (has links) Signcryption is a new cryptographic primitive which simultaneously provides both confidentiality and authenticity. Previously, these two goals had been considered separately, with encryption schemes providing confidentiality and signature schemes providing authenticity. In cases where both were required, the encryption and signature operations were simply sequentially composed. In 1997, Zheng demonstrated that by combining both goals into a single primitive, it is possible to achieve significant savings both in computational and communication overhead. Since then, a wide variety of signcryption schemes have been proposed. In this thesis, we present a number of the proposed signcryption schemes in terms of a common framework. For the most part, the material has been previously presented in various research papers, but some previously omitted proofs have been filled in here. We begin by giving a formal definition of the signcryption primitive, complete with a security model. Then we look at some of the various proposed signcryption schemes, and consider their relative advantages and disadvantages. Finally, we look ahead at what future progress might be made in the field. Mathematics signcryption confidentiality authenticity encryption signatures cryptography
2	Digital Signcryption Smith, Clayton D. January 2005 (has links) Signcryption is a new cryptographic primitive which simultaneously provides both confidentiality and authenticity. Previously, these two goals had been considered separately, with encryption schemes providing confidentiality and signature schemes providing authenticity. In cases where both were required, the encryption and signature operations were simply sequentially composed. In 1997, Zheng demonstrated that by combining both goals into a single primitive, it is possible to achieve significant savings both in computational and communication overhead. Since then, a wide variety of signcryption schemes have been proposed. In this thesis, we present a number of the proposed signcryption schemes in terms of a common framework. For the most part, the material has been previously presented in various research papers, but some previously omitted proofs have been filled in here. We begin by giving a formal definition of the signcryption primitive, complete with a security model. Then we look at some of the various proposed signcryption schemes, and consider their relative advantages and disadvantages. Finally, we look ahead at what future progress might be made in the field. Mathematics signcryption confidentiality authenticity encryption signatures cryptography
3	Efektyvios šifravimo bei skaitmeninio parašo sistemos / Efficient encryption and digital signature schemes Valkaitis, Mindaugas 04 July 2014 (has links) Šio darbo tikslas – apžvelgti šiuo metu naudojamas klasikines viešojo rakto šifravimo ir skaitmeninio parašo sistemas bei naujos kartos Signcryption kriptosistemą ir atlikti dedikuotos pasirašymo ir šifravimo kriptosistemos efektyvumo palyginimą su pasirašymo arba šifravimo kriptosistemų kompozicija bei pasiūlyti praktinio pritaikymą naujos kartos Signcryption kriptosistemai. Darbe apžvelgtos šios kriptosistemos: 1. RSA (Rivest, Shamir, Adleman) – klasikinė viešojo rakto pasirašymo arba šifravimo kriptosistema, kurios saugumas paremtas didelių skaičių faktorizacijos uždavinio sprendimo sudėtingumu, 2. ElGamalio – klasikinė viešojo rakto pasirašymo arba šifravimo kriptosistema, kurios saugumas paremtas diskretaus logaritmo problemos sprendimo sudėtingumu, 3. Signcryption – naujos kartos viešojo rakto pasirašymo ir šifravimo kriptosistema, realizuota modifikuotos ElGamalio skaitmeninio parašo schemos pagrindu. Minėtos kriptosistemos apžvelgtos teoriškai, sukurta praktinė jų realizacija ir apžvelgti rezultatai bei palygintas jų efektyvumas, kuris apibrėžiamas dviem parametrais: 1. Pranešimo pasirašymo, šifravimo, dešifravimo ir parašo patikrinimo operacijų trukmė, 2. Perduodamos perteklinės informacijos kiekis – pranešimo ilgio padidėjimas atlikus pasirašymo ir šifravimo operacijas. Taip pat apžvelgtos kriptosistemų realizacijoje naudotos papildomos funkcijos bei algoritmai, tokie kaip AES blokiniai šifrai, SHA maišos funkcijų šeima, HMAC kontrolinis parašas bei pasiūlyti du... [toliau žr. visą tekstą] / This submission called “Efficient encryption and digital signature schemes” consists of three parts. I. In Part I theoretical analysis of popular public key cryptosystems RSA (Rivest, Shamir, Adleman) with security based on the large integer factorization problem and ElGamal with security based on the discrete logarithm problem, along with new cryptographic primitive termed as "signcryption" proposed by Y. Zheng which simultaneously fulfills both the functions of digital signature and public key encryption in a logically single step, and with a cost significantly smaller than that required by "signature followed by encryption" using popular public key cryptosystem composition is done. For the completeness of analysis description of supplemental algorithms and functions such as AES block cipher, SHA hash functions, HMAC keyed hash function is present. II. In Part II the results of the practical implementation done in Python programming language are analyzed. Effectiveness is described by two factors: 1. Total computation time of signing – encryption – decryption – verification operations; 2. Communication overhead – signed and encrypted message length increase compared to the original plaintext. III. In Part III two effective Signcryption implementation algorithms are proposed: secret sharing without threshold and (k, n) threshold schemes. Results of analysis prove Signcryption being secure and extremely effective signature and encryption cryptosystem. It has very low... [to full text] Public Key Cryptography Digital Signature RSA ElGamal Signcryption Secret Sharing (k N) Threshold Sharing
4	Security techniques for drones Jongho Won (5930405) 10 June 2019 (has links) <div>Unmanned Aerial Vehicles (UAVs), commonly known as drones, are aircrafts without a human pilot aboard. The flight of drones can be controlled with a remote control by an operator located at the ground station, or fully autonomously by onboard computers. Drones are mostly found in the military. However, over the recent years, they have attracted the interest of industry and civilian sectors. <br></div><div>With the recent advance of sensor and embedded device technologies, various sensors will be embedded in city infrastructure to monitor various city-related information. In this context, drones can be effectively utilized in many safety-critical applications for collecting data from sensors on the ground and transmitting configuration instructions or task requests to these sensors.</div><div> <br></div><div>However, drones, like many networked devices, are vulnerable to cyber and physical attacks.<br></div><div>Challenges for secure drone applications can be divided in four aspects: 1) securing communication between drones and sensors, 2) securing sensor localization when drones locate sensors, 3) providing secure drone platforms to protect sensitive data against physical capture attacks and detect modifications to drone software, and 4) protecting secret keys in drones under white-box attack environments.<br></div><div> <br></div><div>To address the first challenge, a suite of cryptographic protocols is proposed. The protocols are based on certificateless cryptography and support authenticated key agreement, non-repudiation and user revocation. To minimize the energy required by a drone, a dual channel strategy is introduced.<br></div><div>To address the second challenge, a drone positioning strategy and a technique that can filter out malicious location references are proposed.<br></div><div>The third challenge is addressed by a solution integrating techniques for software-based attestation and data encryption.<br></div><div>For attestation, free memory spaces are filled with pseudo-random numbers, which are also utilized to encrypt data collected by the drone like a stream cipher.<br></div>A dynamic white-box encryption scheme is proposed to address the fourth challenge. Short secret key are converted into large look-up tables and the tables are periodically shuffled by a shuffling mechanism which is secure against white-box attackers. Computer System Security Drones white-box encryption sensor localization software attestation
5	Efficient Secure Electronic Mail Protocols with Forward Secrecy Hsu, Hsing 07 September 2007 (has links) In 1976, Diffie and Hellman proposed the concept of public key cryptosystem (PKC). The application and research of public key cryptography are arisen in the modern cryptography. In 2005, Sun, Hsieh, and Hwang (S.H.H.) proposed an electronic mail protocol based on classic public key cryptography. The technique of the Certificate of Encrypted Message Being a Signature (CEMBS) that Bao proposed in 1998 is applied on session key sharing of their e-mail system. In the same year, Dent pointed out that the first one of S.H.H.¡¦s e-mail protocols cannot suffice the property of forward secrecy. Thus, Kim, Koo, and Lee (K.K.L.) proposed two e-mail protocols based on signcryption concept which is proposed by Zheng in 1997 to overcome the flaw of S.H.H.¡¦s e-mail protocol in 2006. Lin, Lin, and Wang (L.L.W.) pointed out that the second one of S.H.H.¡¦s protocols cannot achieve forward secrecy and then they improved the protocol. In 2007, Yoon and Yoo claimed that the second one of K.K.L.¡¦s protocols is still vulnerable to two possible forgery attacks. In this thesis, we will make deep discussions about secure e-mail protocols based on PKC with providing the property of forward secrecy and then build a novel e-mail protocol to withstand the above attacks. Our proposed e-mail protocol can achieve the properties of authentication, confidentiality, integrity, non-repudiation and forward secrecy. Forward Secrecy Signcryption Authentication Electronic Mail Protocols Key Agreement Public Keys
6	Cifrassinatura sem certificados em curvas supersingulares sobre corpos binarios / Certificateless signcryption on supersingular elliptic curves over bilinear fields Morais, Eduardo Moraes de, 1983- 14 August 2018 (has links) Orientador: Ricardo Dahab / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-14T04:06:33Z (GMT). No. of bitstreams: 1 Morais_EduardoMoraesde_M.pdf: 1060073 bytes, checksum: 349e64f9f2a5456f3af935607dfa5e3d (MD5) Previous issue date: 2009 / Resumo: A criptografia baseada em identidades representa uma alternativa ao modelo de certificação digital, exigindo menor esforço para solucionar o problema de autenticidade da chave pública, mas perdendo a custódia da chave privada, que será gerada por uma autoridade de confiança. O modelo de criptografia sem certificados soluciona o problema da custódia da chave privada sem a utilização de certificados digitais. Neste modelo, o usuário tem a posse de uma parte da chave privada e com isso a chave pública passa a ser constituída de uma parte gerada pela autoridade de confiança e uma parte gerada pelo usuário. A cifrassinatura é uma primitiva criptográfica que reúne as vantagens do ciframento e da assinatura em uma única operação, permitindo maior eficiência e segurança. A literatura possui diversas propostas de ciframento sem certificados e assinatura sem certificados, mas não tem uma proposta genérica de cifrassinatura sem certificados. Este trabalho propõe um protocolo de cifrassinatura sem certificados eficiente, que pode ser implementado usando dois emparelhamentos bilineares. Considerando a importância de emparelhamentos bilineares para a construção do protocolo proposto, este trabalho apresenta os conceitos matemáticos necessários para a obtenção de emparelhamentos bilineares eficientes e resistentes a ataques ao problema do logaritmo discreto sobre a curva elíptica e sobre o corpo de extensão resultante do cálculo do emparelhamento bilinear. São apresentados também algoritmos eficientes para aritmética de precisão arbitrária, aritmética de curvas elípticas e cálculo de emparelhamentos. Além disso, são discutidos modelos formais de segurança, como por exemplo o modelo do oráculo aleatório. Finalmente, o modelo de criptografia baseada em identidades e o modelo de criptografia sem certificados são discutidos e com isso é possível apresentar a proposta de cifrassinatura sem certificados e argumentar que esta proposta _e segura e eficiente / Abstract: Identity based cryptography is an alternative to digital certification, which requires less computational effort to solve the problem of public key authenticity. On the other hand, identity based cryptography has the problem of key escrow, because the private key is generated by a trust authority. The certificateless cryptography model solves the key escrow problem without digital certificates. In this model, the user computes a parcial private key that is used to compose the entire private key. In the same way, the public key has two parts: one generated by the user and the other generated by the trust authority. Signcryption is a cryptographic primitive that has the advantages of encryption and signature together in a single operation, allowing the construction of secure and efficient protocols. The literature has many certificateless encryption and certificateless signature protocols, but there is no generic and efficient certificateless signcryption scheme. This work proposes an efficient certificateless signcryption protocol, that can be implemented with just two bilinear pairings. Considering the importance of bilinear pairings for the construction of the proposed protocol, this work presents the mathematical concepts for efficient bilinear pairings, that can resist against discrete logarithm atacks on the elliptic curve and on the extension field. This works also presents efficient algorithms for big number arithmetic, elliptic curve arithmetic and the Miller algorithm for pairings. It also presents formal security models, such as the random oracle model. Finally, identity based cryptography and certificateless cryptography models are defined and the proposed certificateless signcryption scheme is presented and we argue that it is secure and eficient, although no formal proof is given / Mestrado / Criptografia / Mestre em Ciência da Computação Curvas elípticas Cifrassinatura Criptografia - Certificados e licenças Formas bilineares Elliptic curves Signcryption Cryptography - Certificate and license Bilinear forms
7	Lightweight security protocols for IP-based Wireless Sensor Networks and the Internet of Things / Protocoles de sécurité efficaces pour les réseaux de capteurs IP sans-fil et l'Internet des Objets Nguyen, Kim Thuat 08 December 2016 (has links) L'Internet des Objets (IdO) permet à des milliards de dispositifs informatiques embarqués de se connecter les uns aux autres. Les objets concernés couvrent la plupart de nos appareils de la vie quotidienne, tels que les thermostats, les réfrigérateurs, les fours, les machines à laver et les téléviseurs. Il est facile d'imaginer l'ampleur du danger, si ces dispositifs venaient à nous espionner et révélaient nos données personnelles. La situation serait encore pire si les applications critiques IdO, par exemple, le système de contrôle des réacteurs nucléaires, le système de sécurité du véhicule ou les dispositifs médicaux, étaient compromis. Afin de garantir la sécurité et lutter contre des menaces de sécurité dans l'IdO, des solutions de sécurité robustes doivent être considérées. Cependant, les appareils pour l’IdO sont limités en mémoire, capacités de calcul et énergie, et disposent de moyens de communication peu fiables, ce qui les rend vulnérables à des attaques variées. Dans ce contexte, nous nous concentrons sur deux défis majeurs, à savoir des protocoles de sécurité légers en termes de calculs et d’infrastructure, et des mécanismes d'établissement de clés légers, les solutions existantes actuellement étant beaucoup trop coûteuses pour les dispositifs IdO. En réponse au premier défi, nous avons, d'une part, proposé ECKSS - un nouveau schéma de signcryption léger qui évite l'utilisation de PKI. Cette proposition permet de chiffrer et signer simultanément des messages en garantissant la confidentialité et la non-falsification du canal de communication. De plus, les échanges de message sont authentifiés sans recourir à des certificats. Par ailleurs, nous avons aussi proposé OEABE qui est un mécanisme de délégation pour le chiffrement à base d’attributs CP-ABE (Ciphertext-Policy Attribute-Based Encryption). CP-ABE est un schéma de chiffrement par attributs qui permet aux utilisateurs de préciser au moment du chiffrement qui pourra déchiffrer leurs données. Notre solution, OEABE, permet à un dispositif contraint en ressources de générer rapidement un chiffré CP-ABE tout en précisant les droits d’accès à ses données. Cette solution est d’autant plus utile que le volume de données générées par les dispositifs IdO est en augmentation exponentielle chaque année. Quant au deuxième défi, nous avons proposé tout d'abord deux modes de distribution de clés pour le protocole standard de gestion de clés MIKEY. Ils s’appuient sur notre schéma de signcryption ECKSS et héritent ainsi de la légèreté d'ECKSS à la fois en termes de calculs et de dispensent d'utilisation de PKI. Les résultats expérimentaux, obtenus à partir d’une plateforme de capteurs Openmote, ont prouvé l'efficacité de nos solutions comparativement aux autres méthodes de MIKEY. Nous avons aussi proposé un schéma d'échange de clés, appelé AKAPR qui est très adapté dans le cas où les deux parties qui participent à la négociation de clés sont très contraintes en ressources / The Internet of Things (IoT) enables billions of embedded computing devices to connect to each other. The smart things cover our everyday friendly devices, such as, thermostats, fridges, ovens, washing machines, and TV sets. It is easy to imagine how bad it would be, if these devices were spying on us and revealing our personal information. It would be even worse if critical IoT applications, for instance, the control system in nuclear reactors, the vehicle safety system or the connected medical devices in health-care, were compromised. To counteract these security threats in the IoT, robust security solutions must be considered. However, IoT devices are limited in terms of memory, computation and energy capacities, in addition to the lack of communication reliability. All these inconvenients make them vulnerable to various attacks, as they become the weakest links of our information system. In this context, we seek for effective security mechanisms in order to establish secure communications between unknown IoT devices, while taking into account the security requirements and the resource constraints of these devices. To do so, we focus on two major challenges, namely, lightweight security protocols in terms of processing and infrastructure and lightweight key establishment mechanisms, as existing solutions are too much resource consuming. To address this first challenge, we first propose ECKSS - a new lightweight signcryption scheme which does not rely on a PKI. This proposal enables to encrypt and sign messages simultaneously while ensuring the confidentiality and unforgeability of the communication channels. In addition, the message exchanges are authenticated without relying on certificates. Moreover, we also propose OEABE which is a delegation-based mechanism for the encryption of the Ciphertext-Policy Attribute-Based Encryption (CP-ABE). CP-ABE is anattribute-based public key encryption scheme that gives users the flexibility to determine who can decrypt their data at runtime. Our solution enables a resource-constrained device to generate rapidly a CP-ABE ciphertext with authorization access rights to its data. This solution is particularly useful as the volume of data issued from IoT devices grows exponentially every year. To solve the second challenge, we first propose two new key distribution modes for the standard key management protocol MIKEY, based on our signcryption scheme ECKSS. These modes inherit the lightness of ECKSS and avoid the use of PKI. The experimental results, conducted in the Openmote sensor platform, have proven the efficiency of our solutions compared with other existing methods of MIKEY. Then, we propose a new key agreement scheme, named AKAPR. In case the two communicating parties are involved in the key negotiation procedure, AKAPR is very suitable in the context of IoT. As such, it can operate even if the two communicating parties are highly resource-constrained Internet des Objets Protocoles de sécurité Signcryption Mécanisme de distribution de clés Chiffrement par attributs Proxy re-chiffrement Internet of Things Security protocols Signcryption Key distribution mechanism Attribut-based encryption Authenticated key agreement Proxy re-encryption
8	Cifrassinatura sem certificados / Certificateless signcryption Nascimento, Érick Nogueira do, 1986- 19 August 2018 (has links) Orientador: Ricardo Dahab / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-19T18:18:25Z (GMT). No. of bitstreams: 1 Nascimento_ErickNogueirado_M.pdf: 1495712 bytes, checksum: 78071cf5caaca7655f9e7fd705e3fb92 (MD5) Previous issue date: 2011 / Resumo: A criptografia de chave pública está cada vez mais presente nos sistemas computacionais, provendo a estes diversas propriedades de segurança, dentre as quais: confidencialidade, integridade, autenticidade e irretratabilidade. O modelo de criptografia de chave pública explicitamente certificado é o mais comumente empregado, e compreende uma infraestrutura de chave pública (PKI) composta por procedimentos, hardware, software e pessoal administrativo para a sua operação. Tal infraestrutura é complexa e onerosa, o que torna o seu uso proibitivo em diversas situações. Neste trabalho foram abordados paradigmas de criptografia de chave pública alternativos ao paradigma PKI, com foco no paradigma sem certificados. Dentro deste paradigma, e com ênfase em segurança demonstrável, foram estudados os esquemas de cifrassinatura, os quais provêem eficientemente e simultaneamente as propriedades da encriptação de chave pública com as propriedades da assinatura digital: confidencialidade, integridade, autenticidade e irretratabilidade. Este trabalho tem como contribuições: (i) ataque contra a propriedade de indistinguibilidade do IBSC McCullagh-Barreto [MB04], (ii) proposta de correção do esquema CLSC Barbosa-Farshim [BF08], o qual havia sido quebrado por Selvi et al [SVR10b], (iii) exposição sistemática sobre segurança demonstrável, criptografia de chave pública sem certificados e cifrassinatura sem certificados / Abstract: Public-key cryptography is ever more present on computational systems, providing them several security properties, including: confidentiality, integrity, authenticity and nonrepudiation. The explicitly certified public-key cryptography model is the most commonly employed one, and it consists of a public-key infrastructure (PKI) which requires procedures, hardware, software and management personnel for its operations. Such infrastructure is complex and costly, making its use prohibitive in many cenarios. This work approached alternative paradigms for public-key cryptography, with focus on the certificateless paradigm. On this paradigm, and with emphasis on provable security, we studied signcryption schemes, which provide efficiently and simultaneously the properties of public-key encryption with those of digital signature: confidentiality, integrity, authenticity and non-repudiation. This work has the following contributions: (i) attack against the indistinguishability property of IBSC McCullagh-Barreto [MB04] (ii) correction for the CLSC Barbosa- Farshim [BF08], which had been broken by Selvi et al [SVR10b], (iii) systematic exposition about provable security, certificateless public-key cryptography and certificateless signcryption / Mestrado / Ciência da Computação / Mestre em Ciência da Computação Criptografia Criptografia - Certificados e licenças Cifrassinatura Crypotography Information tecnology - Security Computer network protocols Signcryption

Search results