141 |
New Approaches for Efficient Fully Homomorphic EncryptionDoroz, Yarkin 14 June 2017 (has links)
"
In the last decade, cloud computing became popular among companies for outsourcing some of their services. Companies use cloud services to store crucial information such as financial and client data. Cloud services are not only cost effective but also easier to manage since the companies avoid maintenance of servers. Although cloud has its advantages, maintaining the security is a big concern. Cloud services might not have any malicious intent, but attacks targeting cloud systems could easily steal vital data belong to the companies. The only protection that assures the security of the information is a strong encryption. However, these schemes only protects the information but prevent you to do any computation on the data. This was an open problem for more than 30 years and it has been solved recently by the introduction of the first fully homomorphic encryption (FHE) scheme by Gentry. The FHE schemes allow you to do arbitrary computation on an encrypted data by still preserving the encryption. Namely, the message is not revealed (decrypted) at any given time while computing the arbitrary circuit. However, the first FHE scheme is not practical for any practical application. Later, numerous research work has been published aiming at making fully homomorphic encryption practical for daily use, but still they were too inefficient to be used in everyday practical applications.
In this dissertation we tackle the efficiency problems of fully homomorphic encryption (FHE) schemes. We propose two new FHE schemes that improve the storage requirement and runtime performance. The first scheme (Doröz, Hu and Sunar) reduces the size of the evaluation keys in existing NTRU based FHE schemes. In the second scheme (F-NTRU) we designed an NTRU based FHE scheme which is not only free of costly evaluation keys but also competitive in runtime performance.
We further proposed two hardware accelerators to increase the performance of arithmetic operations underlying the schemes. The first accelerator is a custom hardware architecture for realizing the Gentry-Halevi fully homomorphic encryption scheme. This contribution presents the first full realization of FHE in hardware. The architecture features an optimized multi-million bit multiplier based on the Schönhage-Strassen multiplication algorithm. Moreover, a number of optimizations including spectral techniques as well as a precomputation strategy is used to significantly improve the performance of the overall design. The other accelerator is optimized for a class of reconfigurable logic for somewhat homomorphic encryption (SWHE) based schemes. Our design works as a co-processor: the most compute-heavy operations are offloaded to this specialized hardware. The core of our design is an efficient polynomial multiplier as it is the most compute-heavy operation of our target scheme. The presented architecture can compute the product of very-large polynomials more efficiently than software implementations on CPUs.
Finally, to assess the performance of proposed schemes and hardware accelerators we homomorphically evaluate the AES and the Prince block ciphers. We introduce various optimizations including a storage-runtime trade-off. Our benchmarking results show significant speedups over other existing instantiations. Also, we present a private information retrieval (PIR) scheme based on a modified version of Doröz, Hu and Sunar’s homomorphic scheme. The scheme is capable of privately retrieving data from a database containing 4 billion entries. We achieve asymptotically lower bandwidth cost compared to other PIR schemes which makes it more practical. "
|
142 |
Attribute-Based Encryption for Boolean FormulasKowalczyk, Lucas January 2019 (has links)
We present attribute-based encryption (ABE) schemes for Boolean formulas that are adaptively secure under simple assumptions. Notably, our KP-ABE scheme enjoys a ciphertext size that is linear in the attribute vector length and independent of the formula size (even when attributes can be used multiple times), and we achieve an analogous result for CP-ABE. This resolves the central open problem in attribute-based encryption posed by Lewko and Waters. Along the way, we develop a theory of modular design for unbounded ABE schemes and answer an open question regarding the adaptive security of Yao’s Secret Sharing scheme for NC1 circuits.
|
143 |
Identity-based cryptography from paillier cryptosystem.January 2005 (has links)
Au Man Ho Allen. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2005. / Includes bibliographical references (leaves 60-68). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iii / Chapter 1 --- Introduction --- p.1 / Chapter 2 --- Preliminaries --- p.5 / Chapter 2.1 --- Complexity Theory --- p.5 / Chapter 2.2 --- Algebra and Number Theory --- p.7 / Chapter 2.2.1 --- Groups --- p.7 / Chapter 2.2.2 --- Additive Group Zn and Multiplicative Group Z*n --- p.8 / Chapter 2.2.3 --- The Integer Factorization Problem --- p.9 / Chapter 2.2.4 --- Quadratic Residuosity Problem --- p.11 / Chapter 2.2.5 --- Computing e-th Roots (The RSA Problem) --- p.13 / Chapter 2.2.6 --- Discrete Logarithm and Related Problems --- p.13 / Chapter 2.3 --- Public key Cryptography --- p.16 / Chapter 2.3.1 --- Encryption --- p.17 / Chapter 2.3.2 --- Digital Signature --- p.20 / Chapter 2.3.3 --- Identification Protocol --- p.22 / Chapter 2.3.4 --- Hash Function --- p.24 / Chapter 3 --- Paillier Cryptosystems --- p.26 / Chapter 3.1 --- Introduction --- p.26 / Chapter 3.2 --- The Paillier Cryptosystem --- p.27 / Chapter 4 --- Identity-based Cryptography --- p.30 / Chapter 4.1 --- Introduction --- p.31 / Chapter 4.2 --- Identity-based Encryption --- p.32 / Chapter 4.2.1 --- Notions of Security --- p.32 / Chapter 4.2.2 --- Related Results --- p.35 / Chapter 4.3 --- Identity-based Identification --- p.36 / Chapter 4.3.1 --- Security notions --- p.37 / Chapter 4.4 --- Identity-based Signature --- p.38 / Chapter 4.4.1 --- Security notions --- p.39 / Chapter 5 --- Identity-Based Cryptography from Paillier System --- p.41 / Chapter 5.1 --- Identity-based Identification schemes in Paillier setting --- p.42 / Chapter 5.1.1 --- Paillier-IBI --- p.42 / Chapter 5.1.2 --- CGGN-IBI --- p.43 / Chapter 5.1.3 --- GMMV-IBI --- p.44 / Chapter 5.1.4 --- KT-IBI --- p.45 / Chapter 5.1.5 --- Choice of g for Paillier-IBI --- p.46 / Chapter 5.2 --- Identity-based signatures from Paillier system . . --- p.47 / Chapter 5.3 --- Cocks ID-based Encryption in Paillier Setting . . --- p.48 / Chapter 6 --- Concluding Remarks --- p.51 / A Proof of Theorems --- p.53 / Chapter A.1 --- "Proof of Theorems 5.1, 5.2" --- p.53 / Chapter A.2 --- Proof Sketch of Remaining Theorems --- p.58 / Bibliography --- p.60
|
144 |
A robust anti-tampering scheme for software piracy protection. / 有效防止盜版軟件的防篡改解決方案 / You xiao fang zhi dao ban ruan jian de fang cuan gai jie jue fang anJanuary 2011 (has links)
Tsang, Hing Chung. / Thesis (M.Phil.)--Chinese University of Hong Kong, 2011. / Includes bibliographical references (leaves 79-92). / Abstracts in English and Chinese. / Abstract --- p.i / Acknowledgement --- p.iv / Chapter 1 --- Introduction --- p.1 / Chapter 1.1 --- Motivation --- p.1 / Chapter 1.2 --- Software Cracking --- p.2 / Chapter 1.3 --- Objectives --- p.4 / Chapter 1.4 --- Contributions --- p.5 / Chapter 1.5 --- Thesis Outline --- p.6 / Chapter 2 --- Related Work --- p.8 / Chapter 2.1 --- Hardware-based Protection --- p.8 / Chapter 2.2 --- Network-based Protection --- p.9 / Chapter 2.3 --- Software-based Protection --- p.11 / Chapter 2.3.1 --- Obfuscation --- p.11 / Chapter 2.3.2 --- Code Encryption --- p.13 / Chapter 2.3.3 --- Virtual Machine --- p.15 / Chapter 2.3.4 --- Self-checksumming --- p.16 / Chapter 2.3.5 --- Watermarking --- p.20 / Chapter 2.3.6 --- Self-modifying Code --- p.22 / Chapter 2.3.7 --- Software Aging --- p.23 / Chapter 3 --- Proposed Protection Scheme --- p.24 / Chapter 3.1 --- Introduction --- p.24 / Chapter 3.2 --- Protector --- p.27 / Chapter 3.2.1 --- A Traditional Protector Structure --- p.28 / Chapter 3.2.2 --- Protector Construction --- p.31 / Chapter "3,2.3" --- Protector Implementation - Version 1 --- p.32 / Chapter 3.2.4 --- Protector Implementation - Version 2 --- p.35 / Chapter 3.2.5 --- Tamper Responses --- p.37 / Chapter 3.3 --- Protection Tree --- p.39 / Chapter 3.4 --- Non-deterministic Execution of Functions --- p.43 / Chapter 3.4.1 --- Introduction to n-version Functions --- p.44 / Chapter 3.4.2 --- Probability Distributions --- p.45 / Chapter 3.4.3 --- Implementation Issues --- p.47 / Chapter 3.5 --- Desired Properties --- p.49 / Chapter 4 --- Cracking Complexity and Security Analysis --- p.52 / Chapter 4.1 --- Cracking Complexity --- p.52 / Chapter 4.2 --- Security Analysis --- p.55 / Chapter 4.2.1 --- Automation Attacks --- p.55 / Chapter 4.2.2 --- Control Flow Graph Analysis --- p.55 / Chapter 4.2.3 --- Cloning Attack --- p.56 / Chapter 4.2.4 --- Dynamic Tracing --- p.56 / Chapter 5 --- Experiments --- p.58 / Chapter 5.1 --- Execution Time Overhead --- p.59 / Chapter 5.2 --- Tamper Responses --- p.67 / Chapter 6 --- Conclusion and Future Work --- p.73 / Chapter 6.1 --- Conclusion --- p.73 / Chapter 6.2 --- Comparison --- p.75 / Chapter 6.3 --- Future Work --- p.77 / Bibliography --- p.79
|
145 |
A multiple-precision integer arithmetic library for GPUs and its applicationsZhao, Kaiyong 01 January 2011 (has links)
No description available.
|
146 |
Crumpled and Abraded Encryption: Implementation and Provably Secure ConstructionGriffy, Scott Sherlock 22 May 2019 (has links)
Abraded and crumpled encryption allows communication software such as messaging platforms to ensure privacy for their users while still allowing for some investigation by law enforcement. Crumpled encryption ensures that each decryption is costly and prevents law enforcement from performing mass decryption of messages. Abrasion ensures that only large organizations like law enforcement are able to access any messages. The current abrasion construction uses public key parameters such as prime numbers which makes the abrasion scheme difficult to analyze and allows possible backdoors. In this thesis, we introduce a new abrasion construction which uses hash functions to avoid the problems with the current abrasion construction. In addition, we present a proof-of-concept for using crumpled encryption on an email server.
|
147 |
A Hybrid Privacy-Preserving Mechanism for Participatory Sensing SystemsVergara, Idalides Jose 18 September 2014 (has links)
Participatory Sensing (PS) is a new data collection paradigm in which people use their cellular phone resources to sense and transmit data of interest to address a collective problem that would have been very difficult to assess otherwise. Although many PS-based applications can be foreseen to solve interesting and useful problems, many of them have not been fully implemented due to privacy concerns. As a result, several privacy-preserving mechanisms have been proposed. This dissertation presents the state-of-the-art of privacy-preserving mechanisms for PS systems. It includes a new taxonomy and describes the most important issues in the design, implementation, and evaluation of privacy-preserving mechanisms. Then, the most important mechanisms available in the literature are described, classified and qualitatively evaluated based on design issues. The dissertation also presents a model to study the interactions between privacy-preserving, incentive and inference mechanisms and the effects that they may have on one another, and more importantly, on the quality of information that the system provides to the final user.
Then, a new hybrid privacy-preserving mechanism is proposed. This algorithm dynamically divides the area of interest into cells of different sizes according to the variability of the variable of interest being measured and chooses between two privacy-preserving mechanisms depending on the size of the cell. In small cells, where participants can be identified easier, the algorithm uses a double-encryption technique to protect the privacy of the participants and increase the quality of the information. In bigger cells, where the variability of the variable of interest is low, data anonymization and obfuscation techniques are used to protect the actual location (privacy) of the participant. The proposed mechanism is evaluated along with other privacy-preserving mechanisms using a real PS system for air pollution monitoring. The systems are evaluated considering the quality of information provided to the final user, energy consumption, and the level of privacy protection. This last criterion is evaluated when the adversary is able to compromise one or several records in the system. The experiments show the superior performance of proposed mechanism and the existing trade-offs in terms of privacy, quality of information, and energy consumption.
|
148 |
Theory, Synthesis, and Application of Adiabatic and Reversible Logic Circuits For Security ApplicationsMorrison, Matthew Arthur 23 November 2013 (has links)
Programmable reversible logic is emerging as a prospective logic design style for implementation in modern nanotechnology and quantum computing with minimal impact on circuit heat generation. Adiabatic logic is a design methodology for reversible logic in CMOS where the current flow through the circuit is controlled such that the energy dissipation due to switching and capacitor dissipation is minimized. Recent advances in reversible logic using and quantum computer algorithms allow for improved computer architectures. Production of cost-effective Secure Integrated Chips, such as Smart Cards, requires hardware designers to consider tradeoffs in size, security, and power consumption. In order to design successful security-centric designs, the low-level hardware must contain built-in protection mechanisms to supplement cryptographic algorithms such as AES and Triple DES by preventing side channel attacks, such as Differential Power Analysis (DPA). Dynamic logic obfuscates the output waveforms and the circuit operation, reducing the effectiveness of the DPA attack. Significant research exists in the design and analysis of locally optimal adiabatic elements towards mitigation of side channel attacks. However, none of these works have addressed the use of adiabatic logic in implementation of flexible and programmable hardware security policies. Nor has adiabatic logic been employed in hardware security applications such as trustworthy voting systems and data encryption standards.
In this dissertation, I address theory, synthesis, and application of adiabatic and reversible logic circuits for security applications. First, two major debates in reversible computing are addressed. These debates must be addressed in order to devise computational logic primitives in
any emerging quantum computing technology. First, we address whether charged based computing is limited due to the use of charge as a state variable. We propose the use of body biasing in CMOS adiabatic systems as a design methodology for reducing the need for gradually changing the energy barriers. Simulation results in HSPICE at 22nm are presented which show behavior of a source-memory device operating at sub-Landauer operation. Second, we address whether reversible logic can be used to design sequential computing structures, such as memory devices. we present an analysis of Quantum Turing Machines with sequential reversible logic structures, to show that the entropy gain is substantially less than the Landauer Barrier of kTln(2), which is the limiting factor for irreversible computing. A mathematical proof is presented showing bit erasure does not occur in sequential reversible logic structures, and that these devices are physically reversible as long as appropriate delay elements are inserted in the feedback paths to prevent race conditions. This proof validates implementation of sequential reversible logic towards ultra-low power computing.
Next, a novel algorithm for synthesis of adiabatic circuits in CMOS is proposed. This approach is unique because it correlates the offsets in the permutation matrix to the transistors required for synthesis, instead of determining an equivalent circuit and substituting a previously synthesized circuit from a library. Parallelism is used, and the bijective properties of the device to achieve synthesis of the logic structure in O(n) time. Then, using the ESPRESSO heuristic for minimization of Boolean functions method on each output node in parallel, we optimize the synthesized circuit. It is demonstrated that the algorithm produces a 32.86% improvement over previously synthesized circuit benchmarks.
For stronger mitigation of DPA attacks, we propose the implementation of Adiabatic Dynamic Differential Logic for applications in secure IC design. Such an approach is effective in reducing power consumption, demonstrated using HSPICE simulations with 22nm predictive technology. The benefits of our design are demonstrated by comparing instantaneous power waveforms and observing the magnitude of differential power spikes during switching events. First, simulation results for body-biasing on sub-threshold adiabatic inverters show an improvement in differential power up to 43.28% for similar inverters without body biasing. Then, a High Performance Adiabatic Dynamic Differential Logic (PADDL) is presented for an implementation in high frequency secure ICs. This method improves the differential power over previous dynamic and differential logic methods by up to 89.65%. Finally, we propose a Body-Biased Adiabatic Dynamic Differential Logic (BADDL) for ultra-low power applications. Simulation results show that the differential power was improved upon by a factor of 199.16.
Then, we present an adiabatic S-box which significantly reduces energy imbalance compared to previous benchmarks. The design is capable of forward encryption and reverse decryption with minimal overhead, allowing for efficient hardware reuse.
|
149 |
Digital watermarking and data hiding in multimediaAbdulaziz, Nidhal Kadhim, 1958- January 2001 (has links)
Abstract not available
|
150 |
Evaluation of Cryptographic PackagesRaheem, Muhammad January 2009 (has links)
<p>The widespread use of computer technology for information handling resulted in the need for higher data protection.The usage of high profile cryptographic protocols and algorithms do not always necessarily guarantee high security. They are needed to be used according to the needs of the organization depending upon certain characteristics and available resources.The communication system in a cryptographic environment may become vulnerable to attacks if the cryptographic packages don’t meet their intended goals.</p><p>This master’s thesis is targeted towards the goal of evaluating contemporary cryptographic algorithms and protocols collectively named as cryptographic packages as per security needs of the organization with the available resources.</p><p>The results have shown that there certainly is a need for careful evaluations of cryptographic packages given with available resources otherwise it could turn into creating more severe problems such as network bottlenecks, information and identity loss, non trustable environment and computational infeasibilities resulting in huge response times. In contrast, choosing the right package with right security parameters can lead to a secure and best performance communication environment.</p>
|
Page generated in 0.0567 seconds