Global ETD Search

81	A framework for cryptography algorithms on mobile devices Lo, Johnny Li-Chang 19 October 2007 (has links) Mobile communication devices have become a popular tool for gathering and disseminating information and data. With the evidence of the growth of wireless technology and a need for more flexible, customizable and better-optimised security schemes, it is evident that connection-based security such as HTTPS may not be sufficient. In order to provide sufficient security at the application layer, developers need access to a cryptography package. Such packages are available as third party mobile cryptographic toolkits or are supported natively on the mobile device. Typically mobile cryptographic packages have reduced their number of API methods to keep the package lightweight in size, but consequently making it quite complex to use. As a result developers could easily misuse a method which can weaken the entire security of a system without knowing it. Aside from the complexities in the API, mobile cryptography packages often do not apply sound cryptography within the implementation of the algorithms thus causing vulnerabilities in its utilization and initialization. Although FIPS 140-2 and CAPI suggest guidelines on how cryptographic algorithms should be implemented, they do not define the guidelines for implementing and using cryptography in a mobile environment. In our study, we do not define new cryptographic algorithms, instead, we investigate how sound cryptography can be applied practically in a mobile application environment and developed a framework called Linca (which stands for Logical Integration of Cryptographic Architectures) that can be used as a mobile cryptographic package to demonstrate our findings. The benefit that Linca has is that it hides the complexity of making incorrect cryptographic algorithm decisions, cryptographic algorithm initialization and utilization and key management, while maintaining a small size. Linca also applies sound cryptographic fundamentals internally within the framework, which radiates these benefits outwards at the API. Because Linca is a framework, certain architecture and design patterns are applied internally so that the cryptographic mechanisms and algorithms can be easily maintained. Linca showed better results when evaluated against two mobile cryptography API packages namely Bouncy Castle API and Secure and Trust Service API in terms of security and design. We demonstrate the applicability of Linca on using two realistic examples that cover securing network channels and on-device data. / Dissertation (MSc (Computer Science))--University of Pretoria, 2007. / Computer Science / MSc / unrestricted Cryptography Software components Frameworks Small message service (SMS) Entropy Standards Protocol Software application. Server Client Mobile devices Protocol Cryptographic packages UCTD
82	Méthodologie de conception de composants intégrés protégés contre les attaques par corrélation / A design methodology for integrated components protected from correlation attacks Laabidi, Selma 19 January 2010 (has links) Les circuits cryptographiques, parce qu'ils contiennent des informations confidentielles, font l'objet de manipulations frauduleuses, appelées communément attaques, de la part de personnes mal intentionnées. Plusieurs attaques ont été répertoriées et analysées. Parmi elles, les attaques DPA (Differential Power Analysis), DEMA (Differential Electromagnetic Analysis), DBA (Differential Behavior Analysis) et les attaques en probing forment la classe des attaques par corrélation et sont considérés comme les plus redoutables car elles permettent de retrouver, à moindre coût, les clefs de chiffrement des algorithmes cryptographiques. Les concepteurs de circuits sécurisés ont été donc amené à ajouter des parades, appelées contre-mesures, afin de protéger les circuits de ces attaques. Ces contremesures doivent impacter au minimum les performances et le coût du circuit. Dans cette thèse, nous nous intéressons dans un premier temps aux attaques par corrélation, le principe de ces attaques est décrit ainsi que les principales contre-mesures pour y parer. Un formalisme décrivant de manière unique ces attaques est aussi proposé. Dans un deuxième temps, nous étudions les outils d'évaluation sécuritaires qui permettent d'estimer la résistance des circuits intégrés face aux attaques par corrélation. Après un état de l'art sur les outils existants, nous décrivons notre outil basé sur une recherche de corrélations entre le modèle du concepteur et le modèle qui peut être prédit par un attaquant. L'analyse de corrélations permet de déterminer les bits les plus sensibles pour mener à bien une attaque. Cet outil est intégré dans le flot de conception permettant ainsi d'évaluer la résistance des algorithmes cryptographiques au niveau RTL (Register Transfer Level) et portes. / The cryptographic circuits, because they contain confidential information, are subject to fraudulent manipulations called attacks from malicious people. Several attacks have been identified and analyzed. Among them DPA (Differential Power Analysis), DEMA (Differential Electromagnetic Analysis), DBA (Differential Behaviour Analysis) and probing attacks form the class of correlation attacks and are considered as the most dangerous because they allow to retrieve, at lower cost, secret keys of cryptographic algorithms. Designers of secure circuits have thus added counter-measures to protect their circuits from these attacks. Counter-measures overhead got to have a minimum of impact on circuit’s cost and performances. In this thesis, we first focus on correlation attacks; the principle of these attacks is described as well as the main counter-measures to address them. A formalism describing these attacks is also proposed. Second, we study the safe evaluation tools to estimate the resistance of integrated circuits towards correlation attacks. After a state of the art on the existing tools, we describe our tool based on a search of correlations between the designer's model and the model which can be predicted by an attacker. The analysis of the correlations determines the most sensitive bits to complete an attack. This tool is integrated into the design flow to asses the strength of cryptographic algorithms at RTL (Register Transfer Level) and gate levels. An application of our flow on several models of the algorithm AES (Advanced Encryption Standard) with and without counter-measures is proposed. The obtained results have demonstrated the effectiveness of our technique.Les circuits cryptographiques, parce qu'ils contiennent des informations confidentielles, font l'objet de manipulations frauduleuses, appelées communément attaques, de la part de personnes mal intentionnées. Plusieurs attaques ont été répertoriées et analysées. Parmi elles, les attaques DPA (Differential Power Analysis), DEMA (Differential Electromagnetic Analysis), DBA (Differential Behavior Analysis) et les attaques en probing forment la classe des attaques par corrélation et sont considérés comme les plus redoutables car elles permettent de retrouver, à moindre coût, les clefs de chiffrement des algorithmes cryptographiques. Les concepteurs de circuits sécurisés ont été donc amené à ajouter des parades, appelées contre-mesures, afin de protéger les circuits de ces attaques. Ces contremesures doivent impacter au minimum les performances et le coût du circuit. Dans cette thèse, nous nous intéressons dans un premier temps aux attaques par corrélation, le principe de ces attaques est décrit ainsi que les principales contre-mesures pour y parer. Un formalisme décrivant de manière unique ces attaques est aussi proposé. Dans un deuxième temps, nous étudions les outils d'évaluation sécuritaires qui permettent d'estimer la résistance des circuits intégrés face aux attaques par corrélation. Après un état de l'art sur les outils existants, nous décrivons notre outil basé sur une recherche de corrélations entre le modèle du concepteur et le modèle qui peut être prédit par un attaquant. L'analyse de corrélations permet de déterminer les bits les plus sensibles pour mener à bien une attaque. Cet outil est intégré dans le flot de conception permettant ainsi d'évaluer la résistance des algorithmes cryptographiques au niveau RTL (Register Transfer Level) et portes. algorithmes cryptographiques attaques DPA (Differential Power Analysis) sécurité corrélation flot de conception cryptographic algorithms attacks DPA (Differential Power Analysis) security correlation design flow
83	Lattice - Based Cryptography - Security Foundations and Constructions / Cryptographie reposant sur les réseaux Euclidiens - Fondations de sécurité et Constructions Roux-Langlois, Adeline 17 October 2014 (has links) La cryptographie reposant sur les réseaux Euclidiens est une branche récente de la cryptographie dans laquelle la sécurité des primitives repose sur la difficulté présumée de certains problèmes bien connus dans les réseaux Euclidiens. Le principe de ces preuves est de montrer que réussir une attaque contre une primitive est au moins aussi difficile que de résoudre un problème particulier, comme le problème Learning With Errors (LWE) ou le problème Small Integer Solution (SIS). En montrant que ces problèmes sont au moins aussi difficiles à résoudre qu'un problème difficile portant sur les réseaux, présumé insoluble en temps polynomial, on en conclu que les primitives construites sont sûres. Nous avons travaillé sur l'amélioration de la sécurité et des constructions de primitives cryptographiques. Nous avons étudié la difficulté des problèmes SIS et LWE et de leurs variantes structurées sur les anneaux d'entiers de corps cyclotomiques, et les modules libres sur ceux-ci. Nous avons montré d'une part qu'il existe une preuve de difficulté classique pour le problème LWE (la réduction existante de Regev en 2005 était quantique), d'autre part que les variantes sur les modules sont elles-aussi difficiles. Nous avons aussi proposé deux nouvelles variantes de signatures de groupe dont la sécurité repose sur SIS et LWE. L'une est la première reposant sur les réseaux et ayant une taille et une complexité poly-logarithmique en le nombre d'utilisateurs. La seconde construction permet de plus la révocation d'un membre du groupe. Enfin, nous avons amélioré la taille de certains paramètres dans le travail sur les applications multilinéaires cryptographiques de Garg, Gentry et Halevi. / Lattice-based cryptography is a branch of cryptography exploiting the presumed hardness of some well-known problems on lattices. Its main advantages are its simplicity, efficiency, and apparent security against quantum computers. The principle of the security proofs in lattice-based cryptography is to show that attacking a given scheme is at least as hard as solving a particular problem, as the Learning with Errors problem (LWE) or the Small Integer Solution problem (SIS). Then, by showing that those two problems are at least as hard to solve than a hard problem on lattices, presumed polynomial time intractable, we conclude that the constructed scheme is secure.In this thesis, we improve the foundation of the security proofs and build new cryptographic schemes. We study the hardness of the SIS and LWE problems, and of some of their variants on integer rings of cyclotomic fields and on modules on those rings. We show that there is a classical hardness proof for the LWE problem (Regev's prior reduction was quantum), and that the module variants of SIS and LWE are also hard to solve. We also give two new lattice-based group signature schemes, with security based on SIS and LWE. One is the first lattice-based group signature with logarithmic signature size in the number of users. And the other construction allows another functionality, verifier-local revocation. Finally, we improve the size of some parameters in the work on cryptographic multilinear maps of Garg, Gentry and Halevi in 2013. Learning with Errors Signature de Groupe Lattice-based cryptography Learning with Errors Group signatures Cryptographic multilinear maps
84	Zabezpečení komunikace a ochrana dat v Internetu věcí / Secure Communication and Data Protection in the Internet of Things Chadim, Pavel January 2018 (has links) This Master's thesis „Secure communication and data protection in the internet of things“ is dealing with crypthografy and crypthographic libraries, which are compared with eachother according to supporting algorithm and standard. For comparing therewere used following libraries: openSSL, wolfSSL, nanoSSL and matrixSSL. Practical part of the thesis is focused on testing the productivity of each ciphers and protocols of openSSL and wolfSSL libraries on RaspberryPi 2 device. Further, the thesis shows the design of communication scenario client-server in the Internet of Things (IoT). Simple authentication protocol client-server was implemented and simulated on RaspberryPi 2 device.
85	Kryptografické protokoly pro ochranu soukromí / Cryptographic protocols for privacy protection Hanzlíček, Martin January 2018 (has links) This work focuses on cryptographic protocol with privacy protection. The work solves the question of the elliptic curves and use in cryptography in conjunction with authentication protocols. The outputs of the work are two applications. The first application serves as a user and will replace the ID card. The second application is authentication and serves as a user authentication terminal. Both applications are designed for the Android operating system. Applications are used to select user attributes, confirm registration, user verification and show the result of verification.
86	Útoky postranními kanály / Side channel attacks Popovský, Michal January 2009 (has links) It is very difficult in real-time breaking the cryptographic algorithms used at present. The Classical cryptoanalysis is based on finding weaknesses in the mathematical structure of the algorithm. Discovery of side channels caused a substantial change in this science. Side-channel attacks are based on incorrect physical implementation of cryptographic algorithms. This new way attack changes notions about cryptography and security of systems. This master´s thesis contains a detailed description of the whole problem of side channels and deals with side-channel attacks on the RSA asymmetric algorithm. This thesis includes the design and realization of laboratory exercise, which is focused on the time attack on the RSA algorithm implementation.
87	Kryptoanalýza moderních kryptografických modulů / Cryptanalysis of modern cryptographic devices Fördős, András January 2015 (has links) The thesis focuses on power analysis of modern cryptographic modules. The first part contains a brief introduction to the topic of the power side channel and basic methods of analyzes. The text describes the process of comparison of modules and a short description of devices found. In the practical part two modules has been selected for the implementation of the encryption algorithm AES-128. The first module was the chip card Gemalto .NET v2 and the second one was the Raspberry Pi. A workplace has been created for these modules which allowed to measure the power consumption of the algorithm AES. Differential Power Analysis has been made using the captured results. In its conclusion the work presents the results in tables and samples of source codes. Graphs were made from the results captured on the Raspberry Pi and from the results of the Differential Power Analysis.
88	Útoky na kryptografické moduly / Attacks on Cryptographic Modules Daněček, Petr January 2008 (has links) The conventional way of cryptanalysis is based on the cryptographic algorithms weak points examine. The attack model of conventional cryptanalysis covers mathematical description of the cryptographic algorithm used. This model is not with the relation to the physical model implementation and the real environment. Cryptographic algorithms currently used in the combination with strong cipher keys are almost unbreakable and the conventional cryptanalysis is ineffective. The new way of cryptanalysis employs the side channels. The model of cryptanalysis using side channels is enhanced with physical revelation of module performing the cryptographic operations. This dissertation thesis deals with cryptographic module description and studies influence of side channels to the security of this module.
89	Ukládání důvěrných informací pro Windows Mobile / Confidential Information Storage for Windows Mobile System Štorek, Vojtěch January 2010 (has links) Confidential information such as passwords, cryptographic keys, certificates, etc. are used every day on various places. Mobile phone can be a good storage for such informations, but is necessary to ensure data security. Main goal of this project is to create a program for Windows Mobile phones which will keep all the informations in one place protected by password. Designed program lets user to store passwords, cryptographic keys, various files, important contacts, credit card numbers, etc. Some of the stored informations can be downloaded from remote server via FTP protocol or from smart card. It is also possible that two clients will synchronize their informations via Network and other usefull functions.
90	Une étude de l’écosystème TLS / A study of the TLS ecosystem Levillain, Olivier 23 September 2016 (has links) SSL/TLS, un protocole de sécurité datant de 1995, est devenu aujourd'hui une brique essentielle pour la sécurité des communications, depuis les sites de commerce en ligne ou les réseaux sociaux jusqu'aux réseaux privés virtuels (VPN), en passant par la protection des protocoles de messagerie électronique, et de nombreux autres protocoles. Ces dernières années, SSL/TLS a été l'objet de toutes les attentions, menant à la découverte de nombreuses failles de sécurité et à des améliorations du protocole. Dans cette thèse, nous commençons par explorer l'écosystème SSL/TLS sur Internet en énumérant les serveurs HTTPS sur l'espace IPv4; nous proposons pour cela des méthodologies de collecte et d'analyse permettant d'obtenir des résultats reproductibles et comparables entre différentes campagnes de mesure. Au-delà de ces observations, nous nous sommes intéressés en détail à deux aspects essentiels de la sécurité TLS: comment parer les attaques sur le Record Protocol, et comment implémenter des parsers sûrs et efficaces. Finalement, en se basant sur les nombreuses failles d'implémentation qui ont affecté presque toutes les piles TLS ces dernières années, nous tirons quelques enseignements concernant les difficultés liées à l'écriture d'une bibliothèque TLS de confiance / SSL/TLS, a 20-year old security protocol, has become a major component securing network communications, from HTTPS e-commerce and social network sites to Virtual Private Networks, from e-mail protocols to virtually every possible protocol. In the recent years, SSL/TLS has received a lot of attentions, leading to the discovery of many security vulnerabilities, and to protocol improvements. In this thesis, we first explore the SSL/TLS ecosystem at large using IPv4 HTTPS scans, while proposing collection and analysis methodologies to obtain reproducible and comparable results across different measurement campaigns. Beyond these observations, we focused on two key aspects of TLS security: how to mitigate Record Protocol attacks, and how to write safe and efficient parsers. Finally, building on the numerous implementation flaws in almost all TLS stacks in the last years, we propose some thoughts about the challenges in writing a secure TLS library SSL/TLS Sécurité des systèmes d'information Protocoles cryptographiques Mesures réseau Implémentation de protocoles réseau Parsers SSL/TLS IT security Cryptographic protocols Network campaigns Network protocol implementation Parsers

Search results