- About
-
The Global ETD Search service is a free service for researchers
to find electronic theses and dissertations. This service is
provided by the
Networked Digital Library of Theses and Dissertations.
Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
Search results
Showing 1 to 10 of 24 (0.097 seconds)| 1 |
The application of hash chains and hash structures to cryptographyPage, Thomas January 2009 (has links)
In this thesis we study how hash chains and other hash structures can be used in various cryptographic applications. In particular we focus on the applications of entity authentication, signatures and key establishment. We study recursive application of hash functions to create hash chains, hash trees and other hash structures. We collate all these to form a catalogue of structures that we apply to various cryptographic applications. We study existing work on authentication and create many entity authentication schemes based on structures from our catalogue. We present a novel algorithm to find efficient signature schemes from any given hash structure. We study some suggestions for suitable hash structures and define a particular scalable hash structure complete with a simple message to signature map that is the most efficient such scheme of which we know. We explore k-time signature schemes and identify two new properties, which we call perforated and porous. We look at the application of hash structures to key establishment schemes. We compare the existing schemes and make improvements on many. We present a new key establishment scheme, and show a link between certain k-time signatures and certain key establishment schemes. We look at the other applications of hash structures, and suggest areas in which our catalogue could be used for further development.
|
| 2 |
Key establishment --- security models, protocols and usageUstaoglu, Berkant January 2008 (has links)
Key establishment is the process whereby two or more parties derive a shared
secret, typically used for subsequent confidential communication. However,
identifying the exact security requirements for key establishment protocols is
a non-trivial task. This thesis compares, extends and merges existing security
definitions and models for key establishment protocols.
The primary focus is on two-party key agreement schemes in the public-key
setting. On one hand new protocols are proposed and analyzed in the existing
Canetti-Krawzcyk model. On the other hand the thesis develops a security model
and novel definition that capture the essential security attributes of the
standardized Unified Model key agreement protocol. These analyses lead to the
development of a new security model and related definitions that combine and
extend the Canetti-Krawzcyk pre- and post- specified peer models in terms of
provided security assurances.
The thesis also provides a complete analysis of a one-pass key establishment
scheme. There are security goals that no one-pass key establishment scheme can
achieve, and hence the two-pass security models and definitions need to be
adapted for one-pass protocols. The analysis provided here includes
the description of the required modification to the underlying security model.
Finally, a complete security argument meeting these altered conditions is
presented as evidence supporting the security of the one-pass scheme.
Lastly, validation and reusing short lived key pairs are related to
efficiency, which is a major objective in practice. The thesis considers the
formal implication of omitting validation steps and reusing short lived key
pairs. The conclusions reached support the generally accepted cryptographic
conventions that incoming messages should not be blindly trusted and extra
care should be taken when key pairs are reused.
|
| 3 |
Security in Key Agreement: Two-Party Certificateless SchemesSwanson, Colleen Marie January 2008 (has links)
The main goal of cryptography is to enable secure communication over a public channel; often a secret shared among the communicating parties is used to achieve this. The process by which these parties agree on such a shared secret is called key agreement. In this thesis, we focus on two-party key agreement protocols in the public-key setting and study the various methods used to establish and validate public keys. We pay particular attention to certificateless key agreement schemes and attempt to formalize a relevant notion of security. To that end, we give a possible extension of the existing extended Canetti-Krawzcyk security model applicable to the certificateless setting. We observe that none of the certificateless protocols we have seen in the literature are secure in this model; it is an open question whether such schemes exist. We analyze several published certificateless key agreement protocols, demonstrating the existence of key compromise impersonation attacks and even a man-in-the-middle attack in one case, contrary to the claims of the authors. We also briefly describe weaknesses exhibited by these protocols in the context of our suggested security model.
|
| 4 |
Key establishment --- security models, protocols and usageUstaoglu, Berkant January 2008 (has links)
Key establishment is the process whereby two or more parties derive a shared
secret, typically used for subsequent confidential communication. However,
identifying the exact security requirements for key establishment protocols is
a non-trivial task. This thesis compares, extends and merges existing security
definitions and models for key establishment protocols.
The primary focus is on two-party key agreement schemes in the public-key
setting. On one hand new protocols are proposed and analyzed in the existing
Canetti-Krawzcyk model. On the other hand the thesis develops a security model
and novel definition that capture the essential security attributes of the
standardized Unified Model key agreement protocol. These analyses lead to the
development of a new security model and related definitions that combine and
extend the Canetti-Krawzcyk pre- and post- specified peer models in terms of
provided security assurances.
The thesis also provides a complete analysis of a one-pass key establishment
scheme. There are security goals that no one-pass key establishment scheme can
achieve, and hence the two-pass security models and definitions need to be
adapted for one-pass protocols. The analysis provided here includes
the description of the required modification to the underlying security model.
Finally, a complete security argument meeting these altered conditions is
presented as evidence supporting the security of the one-pass scheme.
Lastly, validation and reusing short lived key pairs are related to
efficiency, which is a major objective in practice. The thesis considers the
formal implication of omitting validation steps and reusing short lived key
pairs. The conclusions reached support the generally accepted cryptographic
conventions that incoming messages should not be blindly trusted and extra
care should be taken when key pairs are reused.
|
| 5 |
Security in Key Agreement: Two-Party Certificateless SchemesSwanson, Colleen Marie January 2008 (has links)
The main goal of cryptography is to enable secure communication over a public channel; often a secret shared among the communicating parties is used to achieve this. The process by which these parties agree on such a shared secret is called key agreement. In this thesis, we focus on two-party key agreement protocols in the public-key setting and study the various methods used to establish and validate public keys. We pay particular attention to certificateless key agreement schemes and attempt to formalize a relevant notion of security. To that end, we give a possible extension of the existing extended Canetti-Krawzcyk security model applicable to the certificateless setting. We observe that none of the certificateless protocols we have seen in the literature are secure in this model; it is an open question whether such schemes exist. We analyze several published certificateless key agreement protocols, demonstrating the existence of key compromise impersonation attacks and even a man-in-the-middle attack in one case, contrary to the claims of the authors. We also briefly describe weaknesses exhibited by these protocols in the context of our suggested security model.
|
| 6 |
Zabezpečení vícesměrové komunikace / Security in multicast communicationJureková, Petra January 2019 (has links)
This work deals with the issue of multicast communication, specifically it focuses on group key management. It discusses group key management protocols as well as existing algorithms and algorithm designs for efficient key management and distribution. Based on the knowledge, two solutions were developed. The application for comparing the efficiency of algorithms was created as well. Both existing and proposed schemes were compared using two scenarios. Based on the resulting graphs, the suitability of individual algorithms was evaluated.
|
| 7 |
A comparison of the security in ZigBee and the IEEE 802.15.9 standard and an experimental analysis of communication over IEEE 802.15.4 / En jämförelse av säkerheten gällande ZigBee och IEEE 802.15.9 standarden och en experimentell analys av kommunikation över IEEE 802.15.4Silversved, Nicklas, Runesson, Hampus January 2019 (has links)
The increasing number of IoT devices used in today’s society has led to a demand for better security in order to prevent attackers from gaining access to private information. The IoT brings a wide application scope and because of that there are a lot of ways to set up a secure network and manage keys in these kinds of networks. This paper presents a comparison between the security model in Zigbee and the new recommended practice for Key Management Protocols defined by the IEEE 802.15.9 standard. We investigate key establishment and transportation together with the vulnerabilities that this might bring regarding potential attacks like DoS and MitM. Since these protocols are built on the IEEE 802.15.4 standard, experimental tests have been made where we analyze the throughput, RTT and packet loss over varied distances and we try to determine the maximum transmission range for devices using IEEE 802.15.4 modules. The IEEE 802.15.9 standard works with different KMPs and depending on the KMP being used we can see both similarities and differences regarding key management and possible attacks when comparing it to ZigBee. Furthermore, we found that attacks on a ZigBee device is more likely to compromise the whole network while similar attacks would only affect the specific peers in an IEEE 802.15.9 communication. Based on the experiments we find that open areas, distance and interference have a negative effect on the throughput, RTT and packet loss of the communication.
|
| 8 |
Channel Camouflage and Manipulation Techniques in Wireless NetworksFang, Song 27 June 2018 (has links)
The security of wireless networks and systems is becoming increasingly important as wireless devices are more and more ubiquitous nowadays. The wireless channel exhibits the spatial uncorrelation property, which is that the characteristics of a wireless channel become uncorrelated every half carrier wavelength over distance. This property has prompted an emerging research area that utilizes wireless channel characteristics to achieve location distinction, to detect location changes or facilitate authentication of wireless users, and to establish shared secret key between legitimate communicators. This dissertation includes two work toward the security improvement of existing wireless networks and systems. With the discovered channel camouflage and manipulation techniques in wireless networks, traditional wireless channel based authentication or secure communication systems are broke or renovated.
The first work proposes a new attack against all existing location distinction approaches that are built on this spatial uncorrelation property. With the discovered attack, an attacker can easily bypass authentication or camouflage location changes by creating an artificial wireless channel similar to a legitimate one. This dissertation also presents a detection technique that utilizes an auxiliary receiver or antenna to identify these fake channels.
On the other hand, the second work shows that the legitimate users can also benefit from constructing these artificial wireless channels and apply them in a novel wireless key establishment. The proposed technique enables the transmitter to specify any content as the secret key and securely deliver it to the target receiver, and meanwhile removes the reconciliation process which is necessary for conventional wireless key establishment schemes.
|
| 9 |
Secure Key Establishment for Mobile NetworksTin, Yiu Shing (Terry) January 2005 (has links)
Informal analysis of authenticated key establishment (ake) protocols was commonly accepted as the valid argument for their security in the past. Although it can provide some confidence in protocol correctness, experience has shown time and again that ake protocols are likely to contain flaws even after an informal analysis is completed. Therefore, it has become increasingly common to expect a formal analysis, and preferably a mathematical proof, of any published ake protocol in order to obtain increased confidence in its security. In this research we use an appropriate model for analysing ake protocols based on its features and properties. The model allows us to design ake protocols modularly and reuse existing protocol components. We provide a detailed description of its formalisation, operations and usage. This description also includes ways of extracting new protocol components from existing ake protocols. Following the description of the model, we propose a new unauthenticated key establishment protocol for two-party communications. By composing this protocol with authentication protocols, we can construct several new secure ake protocols. These new protocols are compared with existing protocols for their computational efficiency. The comparison shows that our new proven secure protocols are as efficient as the existing protocols with an informal security analysis. We then propose a three-party key establishment protocol which involves a trusted server and two users. We also propose a non-interactive authentication protocol and discuss it and a variant of it. These components are used to construct a secure three-party ake protocol that supports a privacy framework. This framework allows users to remain anonymous while conducting electronic transactions with an independent service provider. A new password-based authentication protocol is proposed to address the problem of authentication using passwords. This protocol carries a proof of security and satisfies a slightly relaxed definition of security. We demonstrate its application by composing it with existing key establishment protocols. To maximise its use, we modified a two-party key establishment protocol to become three-party server based. By using the server for authentication, two users within a common network domain can establish a secure session key. Only a small number of ake protocols are demonstrated in this thesis. There exist many more provably secure ake protocols that can be constructed using the protocol components presented by applying the approach of "mix and match". That is, each new component results in a number of new ake protocols depending on the number of existing components.
|
| 10 |
Context-Based Authentication and Lightweight Group Key Establishment Protocol for IoT DevicesFerrari, Nico January 2019 (has links)
The concept of the Internet of Things is driven by advancements of the Internet with the interconnection of heterogeneous smart objects using different networking and communication technologies. With the rapidly increasing number of interconnected devices present in the life of a person, providing authentication and secure communication between them is considered a key challenge. The integration of Wireless Sensor Networks in the Internet of Things creates new obstacles due to the necessity of finding a balance between the resources utilization and the applied security solutions. In multicast group communications, the energy consumption, bandwidth and processing overhead at the nodes are minimized in comparison to a point-to-point communication system. To securely transmit a message in order to maintain confidentiality of the data and the user’s privacy, usually involves human interaction or the pre-agreement upon some key, the latter unknown to an external attacker. In this thesis, the author proposed an authentication protocol based on the similar context between the correct devices and lightweight computationally secure group-key establishment, avoiding any kind of human involvement. The goal is achieved by having the devices calculate a fingerprint from their ambient context and through a fuzzy commitment scheme generating a commitment respectively opening value which is used to generate a common secret key between them. The tests are effected on real world data accumulated from different environments. The proposed scheme is based on elliptic curve cryptography and cryptographic one-way accumulators. Its feasibility is analyzed by implementing the group key establishment phase in the Contiki operating system and by simulating it with the Cooja simulator. Furthermore, the applicability of the protocol is analyzed and justified by an analysis of the storage overhead, communication overhead, and energy consumption. The simulator shows an energy consumption of only 112 mJ per node for group key establishment. The results obtained in this thesis demonstrate the feasibility of the scheme, it’s computational, and communication costs are further comparable to other similar approaches.
|
Page generated in 0.1016 seconds