Global ETD Search

31	Automatic verification of cryptographic protocols : privacy-type properties Cheval, Vincent 03 December 2012 (has links) (PDF) Many tools have been developed to automatically verify security properties on cryptographic protocols. But until recently, most tools focused on trace properties (or reachability properties) such as authentication and secrecy. However, many security properties cannot be expressed as trace properties, but can be written as equivalence properties. Privacy, unlinkability, and strong secrecy are typical examples of equivalence properties. Intuitively, two protocols P, Q are equivalent if an adversary can not distinguish P from Q by interacting with these processes. In the literature, several notions of equivalence were studied, e.g. trace equivalence or a stronger one, observational equivalence. However, it is often very difficult to prove by hand any of these equivalences, hence the need for efficient and automatic tools. We first worked on an approach that rely on constraint solving techniques and that is well suited for bounded number of sessions. We provided a new algorithm for deciding the trace equivalence between processes that may contain negative tests and non-determinism. We applied our results on concrete examples such as anonymity of the Private Authentication protocol and the E-passport protocol. We also investigated composition results. More precisely, we focused on parallel composition under shared secrets. We showed that under certain conditions on the protocols, the privacy type properties are preserved under parallel composition and under shared secrets. We applied our result on the e-passport protocol. At last this work presents an extension of the automatic protocol verifier ProVerif in order to prove more observational equivalences. This extension have been implemented in ProVerif and allows us to automatically prove anonymity in the private authentication protocol. [INFO:INFO_OH] Computer Science/Other [INFO:INFO_OH] Informatique/Autre Formal verification Security of cryptographic protocol Symbolic model
32	Formal verification of secured routing protocols Arnaud, Mathilde 13 December 2011 (has links) (PDF) With the development of digital networks, such as Internet, communication protocols are omnipresent. Digital devices have to interact with each other in order to perform the numerous and complex tasks we have come to expect as commonplace, such as using a mobile phone, sending or receiving electronic mail, making purchases online and so on. In such applications, security is important. For instance, in the case of an online purchase, the right amount of money has to be paid without leaking the buyer personal information to outside parties. Communication protocols are the rules that govern these interactions. In order to make sure that they guarantee a certainlevel of security, it is desirable to analyze them. Doing so manually or by testing them is not enough, as attacks can be quite subtle. Some protocols have been used for years before an attack was discovered. Because of their increasing ubiquity in many important applications, e.g. electronic commerce, a very important research challenge consists in developing methods and verification tools to increase our trust on security protocols, and so on the applications that rely on them. For example, more than 28 billion Euros were spent in France using Internet transactions, and the number is growing. Moreover, new types of protocols are continuously appearing in order to face new technological and societal challenges, e.g. electronic voting, electronic passport to name a few. [INFO:INFO_OH] Computer Science/Other [INFO:INFO_OH] Informatique/Autre Cryptographic protocol Digital networks Formal verification
33	Verification and composition of security protocols with applications to electronic voting Ciobâcǎ, Ştefan 09 December 2011 (has links) (PDF) This thesis is about the formal verification and composition of security protocols, motivated by applications to electronic voting protocols. Chapters 3 to 5 concern the verification of security protocols while Chapter 6 concerns composition.We show in Chapter 3 how to reduce certain problems from a quotient term algebra to the free term algebra via the use of strongly complete sets of variants. We show that, when the quotient algebra is given by a convergent optimally reducing rewrite system, finite strongly complete sets of variants exist and are effectively computable.In Chapter 4, we show that static equivalence for (classes of) equational theories including subterm convergent equational theories, trapdoor commitment and blind signatures is decidable in polynomial time. We also provide an efficient implementation.In Chapter 5 we extend the previous decision procedure to handle trace equivalence. We use finite strongly complete sets of variants introduced in Chapter 3 to get rid of the equational theory and we model each protocol trace as a Horn theory which we solve using a refinement of resolution. Although we have not been able to prove that this procedure always terminates, we have implemented it and used it to provide the first automated proof of vote privacy of the FOO electronic voting protocol.In Chapter 6, we study composition of protocols. We show that two protocols that use arbitrary disjoint cryptographic primitives compose securely if they do not reveal or reuse any shared secret. We also show that a form of tagging is sufficient to provide disjointness in the case of a fixed set of cryptographic primitives. [INFO:INFO_OH] Computer Science/Other [INFO:INFO_OH] Informatique/Autre Cryptographic protocols Formal verification Sécurity
34	Adaptive Cryptographic Access Control for Dynamic Data Sharing Environments Kayem, ANNE 21 October 2008 (has links) Distributed systems, characterized by their ability to ensure the execution of multiple transactions across a myriad of applications, constitute a prime platform for building Web applications. However, Web application interactions raise issues pertaining to security and performance that make manual security management both time-consuming and challenging. This thesis is a testimony to the security and performance enhancements afforded by using the autonomic computing paradigm to design an adaptive cryptographic access control framework for dynamic data sharing environments. One of the methods of enforcing cryptographic access control in these environments is to classify users into one of several groups interconnected in the form of a partially ordered set. Each group is assigned a single cryptographic key that is used for encryption/decryption. Access to data is granted only if a user holds the "correct" key, or can derive the required key from the one in their possession. This approach to access control is a good example of one that provides good security but has the drawback of reacting to changes in group membership by replacing keys, and re-encrypting the associated data, throughout the entire hierarchy. Data re-encryption is time-consuming, so, rekeying creates delays that impede performance. In order to support our argument in favor of adaptive security, we begin by presenting two cryptographic key management (CKM) schemes in which key updates affect only the class concerned or those in its sub-poset. These extensions enhance performance, but handling scenarios that require adaptability remain a challenge. Our framework addresses this issue by allowing the CKM scheme to monitor the rate at which key updates occur and to adjust resource (keys and encrypted data versions) allocations to handle future changes by anticipation rather than on demand. Therefore, in comparison to quasi-static approaches, the adaptive CKM scheme minimizes the long-term cost of key updates. Finally, since self-protecting CKM requires a lesser degree of physical intervention by a human security administrator, we consider the case of "collusion attacks" and propose two algorithms to detect as well as prevent such attacks. A complexity and security analysis show the theoretical improvements our schemes offer. Each algorithm presented is supported by a proof of concept implementation, and experimental results to show the performance improvements. / Thesis (Ph.D, Computing) -- Queen's University, 2008-10-16 16:19:46.617 Access Control Database Security Autonomic Computing Cryptographic Key Management Dynamic Data Sharing
35	e-αξιολόγηση : εφαρμογές της κρυπτογραφίας στην αξιολόγηση μέσω τεχνολογιών πληροφορικής και επικοινωνιών Γαλάνης, Βασίλειος 19 April 2010 (has links) Η εργασία αυτή έχει σα σκοπό τη διερεύνηση των εφαρμογών της κρυπτογραφίας στην ασφάλεια της διαδικασίας της αξιολόγησης σε περιβάλλοντα όπου γίνεται χρήση τεχνολογιών επικοινωνίας και πληροφορικής, κατασκευάζοντας μια κατηγορία πρωτοκόλλων που καλείται e-αξιολόγηση. Πιό συγκεκριμένα, ξεκινώντας από την όσο το δυνατόν πλήρη περιγραφή ενός συστήματος e-αξιολόγησης τόσο σε επίπεδο hardware όσο και σε επίπεδο software, σκοπός μας είναι να εισάγουμε κατάλληλες κρυπτογραφικές τεχνικές έτσι ώστε να καλύπτουμε τις απαιτήσεις ασφαλείας της διαδικασίας της e-αξιολόγησης και να δώσουμε παραδείγματα αντίστοιχων εφαρμογών όπου είναι γίνεται χρήση της ηλεκτρονικής αξιολόγησης. Στο πρώτο μέρος της εργασίας διερευνούμε τον τρόπο με τον οποίο ενσωματώνεται η έννοια της ασφάλειας στη διαδικασία της αξιολόγησης, τους λόγους για τους οποίους υπάρχει ανάγκη για ενσωμάτωση τεχνικών ασφαλείας στην αξιολόγηση και τα οφέλη που αποκομίζουμε από αυτές καθώς και μία γρήγορη παρουσίαση του συνόλου των τεχνικών που χρησιμοποιούνται. Στη συνέχεια του κεφαλαίου αυτού, παρουσιάζουμε που και πως ενσωματώνονται εφαρμογές κρυπτογραφίας στο σύνολο των τεχνικών ασφαλείας που χρησιμοποιούνται στη διαδικασία αξιολόγησης. Στο δεύτερο μέρος κάνουμε μια παρουσίαση των κρυπτογραφικών πρωτοκόλλων και τεχνικών που έχουν εφαρμογή στην e-αξιολόγηση, καθώς και μια παρουσίαση του μαθηματικού τους υπόβαθρου. Στο τρίτο μέρος κάνουμε μια παρουσίαση των εφαρμογών της ηλεκτρονικής αξιολόγησης στην εκπαίδευση. / The goal of this work is to research the application of cryptography in the security of the process of evaluation in on-line environments, creating a framework of protocols which is collectively called e-evaluation. More specifically, we begin by providing a description of an e-evaluation system in both the hardware and the software level and introducing suitable cryptographic techniques so as to satisfy the security requirements of the e-evaluation process, giving examples of applications where there is use of electronic evaluation procedures. In the first part of this work we research the way the concept of security is integrated within the process of evaluation, the reasons for which there is need for integrating security techniques in that process and the benefits we gain by them. Then we provide a short description of techniques being use in the electronic evaluation process as well as where and how cryptography is applied in them. In the second part, we provide a description of the cryptographic techniques and protocols that have applications in the e-evaluation framework and their mathematical background. In the third and final part, we make a presentation of the applications of e-evaluation in education. e-αξιολόγηση Κρυπτογραφία Ασφάλεια δεδομένων 005.82 e-evaluation Cryptography Data security Cryptographic protocols e-voting
36	Συμμετρικοί αλγόριθμοι κρυπτογράφησης δεδομένων : η περίπτωση του αλγορίθμου AES Λυκούδης, Κωνσταντίνος 28 February 2013 (has links) Στη σύγχρονη ζωή του ανθρώπου η ανταλλαγή και η διακίνηση της πληροφορίας αποτελεί πλέον αναπόσπαστο κομμάτι. Η τεράστια ανάπτυξη των δικτύων υπολογιστών και η επικοινωνία πληροφοριών κάθε μορφής έφερε ένα τεράστιο πρόβλημα στην επιφάνεια, την ανάγκη για προστασία αυτής της πληροφορίας. Το πρόβλημα αυτό καλείται να το αντιμετωπίσει η επιστήμη της Κρυπτογραφίας όπου μέσα από διάφορους μετασχηματισμούς προσπαθεί θα μετατρέψει τα δεδομένα σε μια ακατανόητη μορφή η οποία θα είναι δυνατόν να αντιστραφεί μόνο από τον νόμιμο παραλήπτη. Για το λόγο αυτό έχουν αναπτυχθεί πληθώρα αλγορίθμων κρυπτογράφησης όπου παρόλο που η δουλειά τους είναι η ίδια, χειρίζονται και μετασχηματίζουν τα δεδομένα με διαφορετικό τρόπο. Στην παρούσα εργασία γίνεται παρουσίαση του αλγορίθμου AES (Advanced Encryption Standard) που αποτελεί το τρέχον πρότυπο από το NIST (National Institute of Standards and Technology). Ο AES ο οποίος είναι και γνωστός ως Rijndael, είναι ένας συμμετρικός αλγόριθμος τμήματος και βασίζεται στα δίκτυα μετάθεσης – αντικατάστασης, ενώ είναι υλοποιήσιμος και γρήγορος τόσο σε λογισμικό όσο και σε υλικό. Αντίθετα με τον προκάτοχο του DES, δεν χρησιμοποιεί το δίκτυο Feistel. Εφαρμόζεται σε έναν πίνακα Bytes 4x4 (128 bits), που ορίζεται ως κατάσταση (state), με τους περισσότερους μετασχηματισμούς να πραγματοποιούνται σε ένα πεπερασμένο πεδίο. Ο αλγόριθμος AES, δίνει τη δυνατότητα κρυπτογράφησης με τρία κλειδιά διαφορετικού μήκους, 128 bits κλειδί με 10 κύκλους επανάληψης, 192 bits κλειδί με 12 κύκλους επανάληψης και 256 bits κλειδί με 14 κύκλους επανάληψης παρουσιάζοντας κάθε φορά μεγάλη ανθεκτικότητα σε κρυπταναλυτικές επιθέσεις.Στα πλαίσια της εργασίας έγινε λεπτομερής ανάλυση των μετασχηματισμών που χρησιμοποιεί ο AES στην κρυπτογράφηση και αποκρυπτογράφηση σύμφωνα με το πρότυπο Fips-197 αρχικά σε θεωρητικό επίπεδο και έπειτα πραγματοποιήθηκαν υλοποιήσεις σε λογισμικό και σε υλικό. Συγκεκριμένα, στο 1ο κεφάλαιο της εργασίας γίνεται μια εισαγωγή στην Κρυπτογραφία, παρουσιάζοντας τις βασικές της έννοιες και την ιστορική της εξέλιξη από τα πρώτα χρόνια εμφάνισης της ως σήμερα. Στο κεφάλαιο 2, αρχικά παρουσιάζονται τα υπάρχοντα κρυπτοσυστήματα, αναδεικνύοντας κάθε φορά τον τρόπο με τον οποίο λειτουργούν, τους αλγόριθμους που υπάγονται σε αυτά και τις εφαρμογές που έχουν. Στη συνέχεια γίνεται σύγκριση μεταξύ των αλγορίθμων ενός συστήματος αλλά και μεταξύ των κρυπτοσυστημάτων. Το κεφάλαιο 3 αποτελεί το κυρίως σώμα της εργασίας καθώς σε αυτό παρουσιάζεται και επεξηγείται ο αλγόριθμος AES. Δίνεται το απαραίτητο μαθηματικό υπόβαθρο και αναλύονται οι μετασχηματισμοί του αλγορίθμου. Παρουσιάζεται ο τρόπος που επεκτείνονται τα κλειδιά του αλγορίθμου καθώς και οι διαδικασίες κρυπτογράφησης και αποκρυπτογράφησης. Τέλος γίνεται αναφορά σε ζητήματα ασφάλειας και στην αντοχή του AES σε κρυπταναλυτικές επιθέσεις, καθώς και στις εφαρμογές που χρησιμοποιείται. Στο 4ο κεφάλαιο παρουσιάζονται και συγκρίνονται οι μέθοδοι υλοποίησης του αλγορίθμου. Περιγράφεται μια υλοποίηση σε λογισμικό με τη χρήση της γλώσσας προγραμματισμού C++, η οποία επεκτείνεται και σε μια διαδικτυακή υλοποίηση και μια υλοποίηση σε υλικό με τη χρήση της περιγραφικής γλώσσας VHDL και το σχεδιαστικό εργαλείο Quartus II. Τέλος στο 5ο κεφάλαιο εξάγονται συμπεράσματα και γίνονται προτάσεις για μελλοντική εργασία. / In modern life the exchange and transfer of information has become an integral part. The enormous development of computer networks and the information communication of every form, has brought a new massive problem on the surface, the need to protect this information.The science of Cryptography is challenged to face this problem, so through various transformations is trying to convert tha data in a incomprehensive form, which will be possible to be inverted only from the legal receiver. For this reason a variety of algorithms have been developed and although their work is the same, they handle and convert data in different ways. In the present thesis the AES (Advanced Encryption Standard) algorithm is presented, which is the current standard of NIST (National Institute of Standards and Technology). AES, which is also known as Rijndael, is a symmetric block cipher and is based on substitution - permutation networks, while it can be efficiently implemented both in software and hardware. Unlike it's predecessor DES, it does not use Feistel network. It is applied in 4x4 Bytes matrix (128 bits), which is defined as state, with the most transformations to be performed in a finite field. AES algorithm provides encryption capability with three keys of different size: key of 128 bits with 10 rounds, key of 192 bits with 12 rounds and key of 256 bits with 14 rounds. This thesis includes detailed analysis of transformations that AES uses in ecryption and decryption according to the Fips-197 standard, along with software and hardware implementations. Specifically, in the first chapter an introduction to Cryptography is made, presenting basic concepts and a historical overview. In chapter 2, contemporary cryptosystems are introduced. In chapter 3 the AES algorithm is presented and explained. The necessary mathematical background is provided and the transformations of the algorithm are analysed. The way the algorithm keys are expanded is presented, as well as the encryption and decryption processes. In chapter 4 the implementations of AES are presented and compared. An implementation in software is described using the programming language C++, and an implementation in hardware is given using the VHDL language and the design tool Altera Quartus II. Finally in chapter 5 the conclusions are given and proposals are made for future work. Αλγόριθμος AES 005.82 Cryptographic algorithms AES advanced encryption standard
37	Formalisation de preuves de sécurité concrète / Formal Methods For Concrete Security Proofs Daubignard, Marion 12 January 2012 (has links) Cette thèse se propose de remédier à l'absence de formalisme dédié aux preuves de sécurité concrète à travers 3 contributions. Nous présentons d'abord la logique CIL (Computational Indistinguishability Logic), qui permet de raisonner sur les systèmes cryptographiques. Elle contient un petit nombre de règles qui correspondent aux raisonnements souvent utilisés dans les preuves. Leur formalisation est basée sur des outils classiques comme les contextes ou les bisimulations. Deuxièmement, pour plus d'automatisation des preuves, nous avons conçu une logique de Hoare dédiée aux chiffrement asymétrique dans le modèle de l'oracle aléatoire. Elle est appliquée avec succès sur des exemples de schémas existants. Enfin, nous proposons un théorème générique de réduction pour la preuve d'indifférentiabilité d'un oracle aléatoire de fonctions de hachage cryptographiques. La preuve du théorème, formalisée en CIL, en démontre l'applicabilité. Les exemples de Keccak et Chop-Merkle-Damgard illustrent ce résultat. / In this thesis, we address the lack of formalisms to carry out concrete security proofs. Our contributions are threefold. First, we present a logic, named Computational Indistinguishability Logic (CIL), for reasoning about cryptographic systems. It consists in a small set of rules capturing reasoning principles common to many proofs. Their formalization relies on classic tools such as bisimulation relations and contexts. Second, and in order to increase proof automation, it presents a Hoare logic dedicated to asymmetric encryption schemes in the Random Oracle Model that yields an automated and sound verification method. It has been successfully applied to existing encryption schemes. Third, it presents a general reduction theorem for proving indifferentiability of iterative hash constructions from a random oracle. The theorem is proven in CIL demonstrating the usefulness of the logic and has been applied to constructions such as the SHA-3 candidate Keccak and the Chop-MD construction. Cryptographie Prouvable Vérification de Preuves Systèmes de Chiffrement Protocoles Cryptographiques Provable cryptography Verification of proofs Encryption schemes Cryptographic protocols
38	Uma proposta de um sistema criptografico de chave publica utilizando codigos convolucionais classicos e quanticos / A proposal of a cryptographic system of public key using classical and quantum convolutional codes Santos, Polyane Alves 12 August 2018 (has links) Orientador: Reginaldo Palazzo Junior / Dissertação (mestrado) - Universidade Estadual de Campinas, Faculdade de Engenharia Eletrica e de Computação / Made available in DSpace on 2018-08-12T20:22:38Z (GMT). No. of bitstreams: 1 Santos_PolyaneAlves_M.pdf: 825808 bytes, checksum: f4b4d556a54cfca0cb0a84dd5e07a7a3 (MD5) Previous issue date: 2008 / Resumo: A proposta de um sistema criptográfico de chave pública que utiliza códigos convolucionais de memória-unitária clássicos e quânticos apresentada neste trabalho, está baseada na utilização de transformações armadilha que, ao serem aplicadas as submatrizes reduzem a capacidade de correção de erros do código. Este processo proporciona um aumento no grau de privacidade da informação a ser enviada devido a dois fatores: para a determinação de códigos ótimos de memória unitária è necessário resolver o Problema da Mochila e a redução da capacidade de correção de erro dos códigos ocasionada pelo embaralhamento das colunas das submatrizes geradoras. São também apresentados neste trabalho, novos códigos convolucionais quânticos concatenados [(4, 1, 3)]. / Abstract: The proposal of a cryptographic system of public key that uses classical and quantum convolutional codes of unit-memory presented in this work, is based on the use of trapdoors functions which when applied to submatrices reduce the capacity of correction of errors of the code. This process gives us an increase in the degree of privacy of information being sent, because of two factors, namely: to establish good unit-memory codes is necessary to solve the knapsack problem, and the reduction of the capacity of correcting errors of codes provided by scrambling the columns of generating submatrices. We also present in this work, news quantum convolutional codes [(4, 1, 3)]. / Mestrado / Telecomunicações e Telemática / Mestre em Engenharia Elétrica Criptografia Teoria da codificação Cryptographic Codification Quantum error correction codes
39	An Evaluation of User Attitudes Towards Anonymity in Bitcoin Pajunen, Mihkel January 2017 (has links) Bitcoin has emerged as the leading cryptographic currency since its inception in 2009 and at the time of writing holds a market capitalization of $28.4 billion. This ever-increasing figure has attracted adopters seeking to advance their investments, often leaving purely technical aspects on the sidelines. As is the case with any innovative technology, misconceptions are plentiful and information is not always conclusive. The research effort presented in this paper consists of a quantitative study seeking to address the subject of user anonymity in the Bitcoin network by employing an online survey on one of the most prominent Bitcoin forums. This includes 50 eligible participants, whose motivation is derived through the application of temporal motivation theory. The survey seeks to form an understanding of user attitudes towards the aspect of anonymity by following a methodological approach for exploring common tendencies among the representatives and will serve as the underlying data set from which conclusions can be drawn. Furthermore, this paper will present a literary study of the actual state of anonymity in this peer-to-peer technology by reviewing current findings highlighted in the area, thus presenting a comprehensive view of anonymity in the Bitcoin network, which will contrast the user study. Bitcoin cryptographic currency pseudo-anonymity peer-to-peer Other Computer and Information Science Annan data- och informationsvetenskap
40	Säkerhetsutvärdering certifikatserver i stället för aktiva kort / Security evaluation certificate server instead of smartcard Jensen, Jonas January 2005 (has links) Business and organizations use computer network in a greater extension than ever before, especially for business-critical use. That increase the demand of security for all systems, both against internal and external threats. The demand on the authentication method used today increases. Today they normally uses password or some kind of smart card. I will performa literature study that will investigate the possibility to increase the security in authentication of users without the use of extra hardware. The method uses a server that stores all cryptographic keys for the user centrally to achieve stronger security. This report is based on a previous report which tested to implement this solution, in this report I will question the security of this system. I will then give an architecture proposal where this method is used to authenticate and allow cryptographic recourses for the user. The conclusions you can get from this report is that the possibilities with comparable ease increase the security without investing in new hardware. But the solution will not be comparable by a ``smart card solution''in security levels. That means that the method described in this thesis is suitable for organizations that either do not need that strong security as smart card give or want a good solution without being forced to use some external hardware. Informationsteknik Authentication securityserver certificate server reverse turing test cryptographic smartcard Informationsteknik Computer and Information Sciences Data- och informationsvetenskap

Search results