Global ETD Search

11	Vartotojo prieigos duomenų saugojimo lustinėse kortelėse metodo sukūrimas ir tyrimas / Development and research of method for storage user access data in smart card Matačiūnas, Jonas 31 August 2011 (has links) Darbe nagrinėjama galimybė panaudoti lustinę kortelę saugoti vartotojo prieigos duomenis. Analizuojami raktų apsikeitimo protokolai DH-EKE, SRP. Taip pat nagrinėjama saugaus ryšio technologija TLS. Pasiūlomas konkretus autentifikavimo protokolas skirtas naudoti su lustinėmis kortelėmis. Atliekamas protokolo saugumo, greitaveikos tyrimas. / In this paper we research the possibility to use smart card as a secure storage to store user access data. We study such key exchange algorithms as SRP, DH-EKE. Also TLS technology is studied in order to gain better understanding how to establish secure connection between two communication points. Then we propose an authentication protocol which was specifically designed to be used with smart cards. Performance and other properties of the protocol are analysed in the last chapters of this paper. Informatics Lustinės kortelės Autentifikavimas Raktų apsikeitimo protokolai Smart card Authentication Key agreement protocols
12	Πρωτόκολλα συμφωνίας κλειδιού μεταξύ σταθμών σε ad-hoc ασύρματα δίκτυα Βήχου, Χριστίνα 08 May 2013 (has links) Στα Ad-Hoc ασύρματα δύκτυα για τη διασφάλιση της εμπιστευτικότητας και της ακεραιότητας των μεταδιδόμενων δεδομένων χρησιμοποιούνται συμμετρικοί και ασύμμετροι κρυπταλγόριθμοι. Η επιλογή συμμετρικού ή αύμμετρου κρυπταλγορίθμου επηρεάζεται κυρίως από τους διαθέσιμους αποθηκευτικούς και υπολογιστικούς πόρους που διαθέτουν οι σταθμοί του δικτύου. Τα πρωτόκολλα συμφωνίας κλειδιού χρησιμοποιούνται για τον καθορισμό του βασικού μυστικού που διακρίνει την επικοινωνία τους. Στην προκείμενη διπλωματική εργασία μελετάται η πολυπλοκότητα των πρωτοκόλλων συμφωνίας κλειδιού, αναλύεται ένας υπάρχον αλγόριθμος πρωτοκόλλου που στηρίζεται σε τεχνικές εύρεσης και διόρθωσης λαθών και επιτυγχάνεται η προσομοίωση αυτού (k-place elimination protocol). Ακόμη προτείνονται και προσομοιώνονται δύο νέα πρωτόκολλα συμφωνίας κλειδιού και μελετόνται τα αποτελέσματα τους σε υπολογιστική συστοιχία με τη χρήση του παράλληλου προγραμματιστικού περιβάλλοντος MPI. / In Ad-Hoc wireless networks we use symmetric or asymmetric cryptographic algorithms in order to make sure of the integrity of the sending data. We can choose between these two choices if we consider the available storage and computational resources of the stations. Key agreement protocols are used for the determining of their basic communication secret. In this master thesis I study the complexity of the key agreement protocols and I implemented the k-place elimination protocol of the paper "Distributively Increasing the Percentage of Similarities Between Strings with Applications to Key Agreement" and two new protocols (CAP and AAP). Συμφωνία κλειδιού 004.62 Key agreement Communications protocols Ad-hoc networks
13	Acordo de chaves criptográficas hierárquico e sem certificado / Hierarchical certificateless criptographic key agreement Vilc Queupe Rufino 19 November 2009 (has links) Apresentamos um novo esquema de acordo de chaves criptográficas hierárquico, não Interativo e seguro contra comprometimento de múltiplos nós. Esquemas para Acordo de chaves criptográficas (KAS - Key Agreement Scheme), são usados quando duas ou mais entidades desejam compartilhar uma chave secreta única, afim de para realizar uma comunicação segura por meio de um protocolo de criptografia simétrico. O acordo de chaves proposto possui as seguintes características: Não interativo: Chaves compartilhadas são calculadas sem interação dos nós participantes; Chaves Públicas sem certificados (Certificateless): Para o cálculo da chave compartilhada o nó utiliza sua chave secreta e a chave pública do destinatário, que é certificada pela identidade do destinatário; Hierárquico: Permite que seja utilizado um gerenciamento hierárquico, para concessão, revogação e distribuição de chaves; e Resistente: Permite segurança do sistema mesmo quando nós dentro da hierarquia são comprometidos em qualquer ordem e quantidade. Este trabalho é uma nova abordagem do artigo \"Strongly-Resilent and Non-Interactive Hierarchical Key-Agreement in MANETs\" onde substituímos o uso de sistemas baseados na identidade por sistemas sem certificado, eliminando a custódia de chaves em todos os níveis hierárquicos, aumentando a segurança do sistema quanto ao comprometimento de nós. É apresentado ainda uma discussão sobre a segurança do esquema proposto e de acordos de chaves não interativos. / This work presents a new resilient, hierarchical, non-interactive and certificateless key agreement scheme. Cryptographic key agreement schemes (KAS) are used when two or more entities want to share a secret key, in order to realize secure communication using a symmetric encryption protocol. The proposed key agreement has the following characteristics: Non-interactive: Any two nodes can compute a unique shared secret key without interaction; Certificateless: To compute the shared secret key, each node only needs its own secret key, the identity of its peer and his public key implicitly certified; Hierarchical: The scheme is decentralized through a hierarchy where all nodes in the hierarchy can derive the secret keys for each of its children without any limitations or prior knowledge on the number of such children or their identities; Resilient: The scheme is resilient against compromise of any number of nodes in the hierarchy. This work is a new approach about article ``Strongly-Resilient and Non-Interactive Hierarchical Key-Agreement in MANETs\" which replaces id based system for certificateless system, eliminating the key escrow on all levels, increasing system security against compromised nodes. It also presents a discussion on the security of the proposed scheme and non-interactive key agreement. chave pública criptografia hierarquia segurança sem certificado certificateless criptography hierarchy key agreement public key security
14	Protocols and algorithms for secure Software Defined Network on Chip (SDNoC) Ellinidou, Soultana 16 February 2021 (has links) (PDF) Under the umbrella of Internet of Things (IoT) and Internet of Everything (IoE), new applications with diverse requirements have emerged and the traditional System-on-Chips (SoCs) were unable to support them. Hence, new versatile SoC architectures were designed, like chiplets and Cloud-of-Chips (CoC). A key component of every SoC, is the on-chip interconnect technology, which is responsible for the communication between Processing Elements (PEs) of a system. Network-on-Chip (NoC) is the current widely used interconnect technology, which is a layered, scalable approach. However, the last years the high structural complexity together with the functional diversity and the challenges (QoS, high latency, security) of NoC motivated the researchers to explore alternatives of it. One NoC alternative that recently gained attention is the Software Defined Network-on-Chip (SDNoC). SDNoC originated from Software Defined Network (SDN) technology, which supports the dynamic nature of future networks and applications, while lowering operating costs through simplified hardware and software. Nevertheless, SDN technology designed for large scale networks. Thus, in order to be ported to micro-scale networks proper alterations and new hardware architectures need to be considered.In this thesis, an exploration of how to embed the SDN technology within the micro scale networks in order to provide secure and manageable communication, improve the network performance and reduce the hardware complexity is presented. Precisely, the design and implementation of an SDNoC architecture is thoroughly described followed by the creation and evaluation of a novel SDNoC communication protocol, called MicroLET, in order to provide secure and efficient communication within system components. Furthermore, the security aspect of SDNoC constitutes a big gap in the literature. Hence, it has been addressed by proposing a secure SDNoC Group Key Agreement (GKA) communication protocol, called SSPSoC, followed by the exploration of Byzantine faults within SDNoC and the investigation of a novel Hardware Trojan (HT) attack together with a proposed detection and defend method. / Doctorat en Sciences de l'ingénieur et technologie / info:eu-repo/semantics/nonPublished Sciences de l'ingénieur Software Defined Network-on-Chip routing algorithms NoC Hardware Trojan Byzantine Faults Group Key Agreement
15	Secure Key Agreement for Wearable Medical Devices Kasparek, Alexander J 05 December 2019 (has links) In this thesis we explore if a proposed random binary sequence generation algorithm can be combined with a separately proposed symmetric key agreement protocol to provide usable security for communications in Wireless Body Area Networks (WBAN). Other previous works in this area fall short by only considering key generation between two of the same signals or allowing for key generation between two different types of signals but with the cost of a significant signal collection time requirement. We hoped to advance this area of research by making secure key generation more efficient with less signal collection time and allowing keys to be generated between two sensors that measure two different physiological signals. However, while the binary sequence generation algorithm and key agreement protocol perform well separately, they do not perform well together. The combined approach yields keys that have good properties for use in a WBAN, but the generation rate is low. WBAN Body Area Network Security Bio-cryptography Physiological signals Symmetric key agreement
16	On Secure Administrators for Group Messaging Protocols Balbas Gutierrez, David January 2021 (has links) In the smartphone era, instant messaging is fully embedded in our daily life. Messaging protocols must preserve the confidentiality and authenticity of sent messages both in two-party conversations and in group chats, in which the list of group members may suffer modifications over time. Hence, a precise characterization of their security is required. In this thesis, we analyze the cryptographic properties that are desirable in secure messaging protocols, particularly in asynchronous group key agreement protocols. Our main contribution is a study of the administration of a messaging group, which is a common scenario in which a subset of the group members (the administrators) are the only users allowed to modify the group structure by adding and removing group members. As we discuss, enabling secure group administration mechanisms can enhance the security of messaging protocols. For this purpose, we introduce a new primitive which extends the continuous group key agreement (CGKA) primitive to capture secure administration, which we denote by administrated CGKA (A-CGKA). The definition is followed by a correctness notion and an informal security description. We present two constructions of our A-CGKA that can be built on top of any CGKA: individual admin signatures (IAS), and dynamic group signature (DGS), both constructed using signature schemes. Furthermore, we provide a detailed overview of secure group messaging in which we discuss group evolution, efficiency, concurrency, and different adversarial models. We introduce a novel CGKA correctness definition (in the so-called propose-and-commit paradigm), followed by a security game that incorporates the correctness properties. We also survey some variants of the TreeKEM protocol and compare their security. / I de smarta telefonernas tid är direktmeddelanden en självklar del av vår vardag. Meddelandeprotokoll måste upprätthålla konfidentialitet och autenticitet för skickade meddelanden både i tvåpartskonversationer samt i gruppchatter vars medlemslistor kan förändras över tid. Därför krävs en precis karaktärisering av deras säkerhet. I detta arbete analyserar vi de kryptografiska egenskaper som är önskvärda i meddelandeprotokoll med fokus på asynkrona gruppnyckelavtalsprotokoll (group key agreement protocols). Arbetets huvudsakliga bidrag till området är en studie av administrationen av en meddelandegrupp. Detta är ett vanligt förekommande scenario där endast en delmängd av gruppmedlemmarna (administratörerna) tillåts modifiera gruppens struktur genom att lägga till och ta bort medlemmar. Som diskuteras i arbetet kan användandet av säkra gruppadministrationsmekanismer (group administration mechanisms) förbättra säkerheten för meddelandeprotokoll. I detta syfte introducerar vi en ny kryptografisk primitiv vilken uttökar den s.k. “continuous group key agreement”-primitiven (CGKA) till att även innefatta säker administration. Denna primitiv kallar vi administrated CGKA (A-CGKA), vars definition följs av en korrekthetsdefinition och en informell säkerhetsbeskrivning. Vi presenterar två konstruktioner av A-CGKA som kan byggas ovanpå vilken CGKA som helst: individual admin signatures (IAS) och dynamic group signature (DGS), som båda konstrueras via signaturscheman. Utöver detta ger vi även en detaljerad överblick över säkra gruppmeddelanden i vilken vi diskuterar gruppevolution, effektivitet, samtidighet och olika fientliga modeller. Vi introducerar en ny definition av korrekthet för CGKA (vilket följer paradigmen propose-and-commit) följt av ett s.k. “security game” som inkorporerar korrekthetsegenskaperna. Vi undersöker även varianter av TreeKEM-protokollet och jämför deras säkerhet. Computer Sciences Datavetenskap (datalogi)
17	Physical-layer security Bloch, Matthieu 05 May 2008 (has links) As wireless networks continue to flourish worldwide and play an increasingly prominent role, it has become crucial to provide effective solutions to the inherent security issues associated with a wireless transmission medium. Unlike traditional solutions, which usually handle security at the application layer, the primary concern of this thesis is to analyze and develop solutions based on coding techniques at the physical layer. First, an information-theoretically secure communication protocol for quasi-static fading channels was developed and its performance with respect to theoretical limits was analyzed. A key element of the protocol is a reconciliation scheme for secret-key agreement based on low-density parity-check codes, which is specifically designed to operate on non-binary random variables and offers high reconciliation efficiency. Second, the fundamental trade-offs between cooperation and security were analyzed by investigating the transmission of confidential messages to cooperative relays. This information-theoretic study highlighted the importance of jamming as a means to increase secrecy and confirmed the importance of carefully chosen relaying strategies. Third, other applications of physical-layer security were investigated. Specifically, the use of secret-key agreement techniques for alternative cryptographic purposes was analyzed, and a framework for the design of practical information-theoretic commitment protocols over noisy channels was proposed. Finally, the benefit of using physical-layer coding techniques beyond the physical layer was illustrated by studying security issues in client-server networks. A coding scheme exploiting packet losses at the network layer was proposed to ensure reliable communication between clients and servers and security against colluding attackers. Wiretap channel Information-theoretic security Physical-layer security Secret-key agreement LDPC codes Wireless communication systems Computer networks Security measures
18	Um ambiente criptográfico baseado na identidade. / Identity-based cryptography environment. Misaghi, Mehran 01 April 2008 (has links) O crescimento acelerado de negócios voltado para Internet aumenta significativamente a necessidade por mecanismos que possam garantir a confidencialidade dos dados, fornecendo ferramentas para autenticidade e irretratabilidade dos usuários em qualquer meio de comunicação, mesmo em equipamentos que possuem recursos computacionais limitados, como um telefone celular, por exemplo. Este trabalho apresenta um esquema de criptografia que utiliza os dados pessoais para geração de chave e cifração, chamado Criptografia Baseada na Identidade, sem necessidade de um certificado digital. São apresentados diversos modelos de cifração, assinatura, acordo de chaves, bem como principais características, diferenças operacionais e respectivos aspectos relevantes de segurança. Algumas aplicabilidades como busca de dados cifrados, por exemplo, são implementadas, para melhor entendimento das operações e fases envolvidas. Os comparativos de custos computacionais das operações envolvidas destacam o esquema de assinatura de Barreto et al. (2005) e esquema de acordo de chave Mc- Cullagh e Barreto (2004b). São descritos também os pré-requisitos de um ambiente criptográfico baseado na identidade, o qual permite realizar as operações de cifração, assinatura e acordo de chaves com menor custo computacional possível. / The accelerated growth of Internet-based business increase significantly the need for mechanisms that can guarantee the data confidentiality, providing tools for authenticity and non-repudiation users in any medium of communication, even with computer resources becoming increasingly scarce, eg into a cell phone. This paper describes an encryption scheme that uses personal data for key generation and encryption, called the Identity Based Encryption, without need for a digital certificate. Various encryption schemes, signature, key agreement are shown, and its main characteristics, operational differences and their respective relevant aspects of security. Some aplicabilities such as encrypted data search, for example, are implemented, for better understanding of the operations and stages involved. The comparative computataional costs of operations highlight the Barreto et al. (2005) signature scheme and McCullagh e Barreto (2004b) key agreement scheme. They are also described, the prerequisites of an Identity-based cryptography environment, which allows to perform the operations of encryption, signing and key agreement with lower computational cost possible. Aplicabilidades Busca cifrada Criptografia baseada na identidade Encryption schemes Esquemas de acordo de chaves Esquemas de assinatura Esquemas de cifração Identity-based cryptography Key agreement schemes Signature schemes
19	Um ambiente criptográfico baseado na identidade. / Identity-based cryptography environment. Mehran Misaghi 01 April 2008 (has links) O crescimento acelerado de negócios voltado para Internet aumenta significativamente a necessidade por mecanismos que possam garantir a confidencialidade dos dados, fornecendo ferramentas para autenticidade e irretratabilidade dos usuários em qualquer meio de comunicação, mesmo em equipamentos que possuem recursos computacionais limitados, como um telefone celular, por exemplo. Este trabalho apresenta um esquema de criptografia que utiliza os dados pessoais para geração de chave e cifração, chamado Criptografia Baseada na Identidade, sem necessidade de um certificado digital. São apresentados diversos modelos de cifração, assinatura, acordo de chaves, bem como principais características, diferenças operacionais e respectivos aspectos relevantes de segurança. Algumas aplicabilidades como busca de dados cifrados, por exemplo, são implementadas, para melhor entendimento das operações e fases envolvidas. Os comparativos de custos computacionais das operações envolvidas destacam o esquema de assinatura de Barreto et al. (2005) e esquema de acordo de chave Mc- Cullagh e Barreto (2004b). São descritos também os pré-requisitos de um ambiente criptográfico baseado na identidade, o qual permite realizar as operações de cifração, assinatura e acordo de chaves com menor custo computacional possível. / The accelerated growth of Internet-based business increase significantly the need for mechanisms that can guarantee the data confidentiality, providing tools for authenticity and non-repudiation users in any medium of communication, even with computer resources becoming increasingly scarce, eg into a cell phone. This paper describes an encryption scheme that uses personal data for key generation and encryption, called the Identity Based Encryption, without need for a digital certificate. Various encryption schemes, signature, key agreement are shown, and its main characteristics, operational differences and their respective relevant aspects of security. Some aplicabilities such as encrypted data search, for example, are implemented, for better understanding of the operations and stages involved. The comparative computataional costs of operations highlight the Barreto et al. (2005) signature scheme and McCullagh e Barreto (2004b) key agreement scheme. They are also described, the prerequisites of an Identity-based cryptography environment, which allows to perform the operations of encryption, signing and key agreement with lower computational cost possible. Aplicabilidades Busca cifrada Criptografia baseada na identidade Esquemas de acordo de chaves Esquemas de assinatura Esquemas de cifração Encryption schemes Identity-based cryptography Key agreement schemes Signature schemes
20	Key Agreement over Wiretap Models with Non-Causal Side Information Zibaeenejad, Ali January 2012 (has links) The security of information is an indispensable element of a communication system when transmitted signals are vulnerable to eavesdropping. This issue is a challenging problem in a wireless network as propagated signals can be easily captured by unauthorized receivers, and so achieving a perfectly secure communication is a desire in such a wiretap channel. On the other hand, cryptographic algorithms usually lack to attain this goal due to the following restrictive assumptions made for their design. First, wiretappers basically have limited computational power and time. Second, each authorized party has often access to a reasonably large sequence of uniform random bits concealed from wiretappers. To guarantee the security of information, Information Theory (IT) offers the following two approaches based on physical-layer security. First, IT suggests using wiretap (block) codes to securely and reliably transmit messages over a noisy wiretap channel. No confidential common key is usually required for the wiretap codes. The secrecy problem investigates an optimum wiretap code that achieves the secrecy capacity of a given wiretap channel. Second, IT introduces key agreement (block) codes to exchange keys between legitimate parties over a wiretap model. The agreed keys are to be reliable, secure, and (uniformly) random, at least in an asymptotic sense, such that they can be finally employed in symmetric key cryptography for data transmission. The key agreement problem investigates an optimum key agreement code that obtains the key capacity of a given wiretap model. In this thesis, we study the key agreement problem for two wiretap models: a Discrete Memoryless (DM) model and a Gaussian model. Each model consists of a wiretap channel paralleled with an authenticated public channel. The wiretap channel is from a transmitter, called Alice, to an authorized receiver, called Bob, and to a wiretapper, called Eve. The Probability Transition Function (PTF) of the wiretap channel is controlled by a random sequence of Channel State Information (CSI), which is assumed to be non-causally available at Alice. The capacity of the public channel is C_P₁∈[0,∞) in the forward direction from Alice to Bob and C_P₂∈[0,∞) in the backward direction from Bob to Alice. For each model, the key capacity as a function of the pair (C_P₁, C_P₂) is denoted by C_K(C_P₁, C_P₂). We investigate the forward key capacity of each model, i.e., C_K(C_P₁, 0) in this thesis. We also study the key generation over the Gaussian model when Eve's channel is less noisy than Bob's. In the DM model, the wiretap channel is a Discrete Memoryless State-dependent Wiretap Channel (DM-SWC) in which Bob and Eve each may also have access to a sequence of Side Information (SI) dependent on the CSI. We establish a Lower Bound (LB) and an Upper Bound (UB) on the forward key capacity of the DM model. When the model is less noisy in Bob's favor, another UB on the forward key capacity is derived. The achievable key agreement code is asymptotically optimum as C_P₁→ ∞. For any given DM model, there also exists a finite capacity C⁰_P₁, which is determined by the DM-SWC, such that the forward key capacity is achievable if C_P₁≥ C⁰_P₁. Moreover, the key generation is saturated at capacity C_P₁= C⁰_P₁, and thus increasing the public channel capacity beyond C⁰_P₁ makes no improvement on the forward key capacity of the DM model. If the CSI is fully known at Bob in addition to Alice, C⁰_P₁=0, and so the public channel has no contribution in key generation when the public channel is in the forward direction. The achievable key agreement code of the DM model exploits both a random generator and the CSI as resources for key generation at Alice. The randomness property of channel states can be employed for key generation, and so the agreed keys depend on the CSI in general. However, a message is independent of the CSI in a secrecy problem. Hence, we justify that the forward key capacity can exceed both the main channel capacity and the secrecy capacity of the DM-SWC. In the Gaussian model, the wiretap channel is a Gaussian State-dependent Wiretap Channel (G-SWC) with Additive White Gaussian Interference (AWGI) having average power Λ. For simplicity, no side information is assumed at Bob and Eve. Bob's channel and Eve's channel suffer from Additive White Gaussian Noise (AWGN), where the correlation coefficient between noise of Bob's channel and that of Eve's channel is given by ϱ. We prove that the forward key capacity of the Gaussian model is independent of ϱ. Moreover, we establish that the forward key capacity is positive unless Eve's channel is less noisy than Bob's. We also prove that the key capacity of the Gaussian model vanishes if the G-SWC is physically degraded in Eve's favor. However, we justify that obtaining a positive key capacity is feasible even if Eve's channel is less noisy than Bob's according to our achieved LB on the key capacity for case (C_P₁, C_P₂)→ (∞, ∞). Hence, the key capacity of the Gaussian model is a function of ϱ. In this thesis, an LB on the forward key capacity of the Gaussian model is achieved. For a fixed Λ, the achievable key agreement code is optimum for any C_P₁∈[0,∞) in both low Signal-to-Interference Ratio (SIR) and high SIR regimes. We show that the forward key capacity is asymptotically independent of C_P₁ and Λ as the SIR goes to infinity, and thus the public channel and the interference have negligible contributions in key generation in the high SIR regime. On the other hand, the forward key capacity is a function of C_P₁ and Λ in the low SIR regime. Contributions of the interference and the public channel in key generation are significant in the low SIR regime that will be illustrated by simulations. The proposed key agreement code asymptotically achieves the forward key capacity of the Gaussian model for any SIR as C_P₁→ ∞. Hence, C_K(∞,0) is calculated, and it is suggested as a UB on C_K(C_P₁,0). Using simulations, we also compute the minimum required C_P₁ for which the forward key capacity is upper bounded within a given tolerance. The achievable key agreement code is designed based on a generalized version of the Dirty Paper Coding (DPC) in which transmitted signals are correlated with the CSI. The correlation coefficient is to be determined by C_P₁. In contrast to the DM model, the LB on the forward key capacity of a Gaussian model is a strictly increasing function of C_P₁ according to our simulations. This fact is an essential difference between this model and the DM model. For C_P₁=0 and a fixed Λ, the forward key capacity of the Gaussian model exceeds the main channel capacity of the G-SWC in the low SIR regime. By simulations, we show that the interference enhances key generation in the low SIR regime. In this regime, we also justify that the positive effect of the interference on the (forward) key capacity is generally more than its positive effect on the secrecy capacity of the G-SWC, while the interference has no influence on the main channel capacity of the G-SWC. Channel with Random State Gaussian Interference Channel Key Capacity Wiretap Channel Key Agreement Channel Coding Information-Theoretic Security Physical-Layer Security Electrical and Computer Engineering

Search results