NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 5
  • 1
  • 1
  • 1
  • 1
  • Tagged with
  • 11
  • 11
  • 11
  • 7
  • 5
  • 4
  • 3
  • 3
  • 3
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 10 of 11 (0.101 seconds)
1

Anonymity and time in public-key encryption

Quaglia, Elizabeth January 2012 (has links)
In a world that is increasingly relying on digital technologies, the ability to securely communicate and distribute information is of crucial importance. Cryptography plays a key role in this context and the research presented in this thesis focuses on developing cryptographic primitives whose properties address more closely the needs of users. We start by considering the notion of robustness in public-key encryption, a property which models the idea that a ciphertext should not decrypt to a valid mes- sage under two different keys. In contexts where anonymity is relevant, robustness is likely to be needed as well, since a user cannot tell from the ciphertext if it is intended for him or not. We develop and study new notions of robustness, relating them to one another and showing how to achieve them. We then consider the important issue of protecting users' privacy in broadcast encryption. Broadcast encryption (BE) is a cryptographic primitive designed to efficiently broadcast an encrypted message to a target set of users that can decrypt it. Its extensive real-life application to radio, television and web-casting renders BE an extremely interesting area. However, all the work so far has striven for efficiency, focusing in particular on solutions which achieve short ciphertexts, while very little attention has been given to anonymity. To address this issue, we formally define anonymous broadcast encryption, which guarantees recipient-anonymity, and we provide generic constructions to achieve it from public-key, identity-based and attribute-based encryption. Furthermore, we present techniques to improve the efficiency of our constructions. Finally, we develop a new primitive, called time-specific encryption (TSE), which allows us to include the important element of time in the encryption and decryption processes. In TSE, the sender is able to specify during what time interval a ciphertext can be decrypted by a receiver. This is a relevant property since information may become useless after a certain point, sensitive data may not be released before a particular time, or we may wish to enable access to information for only a limited period. We define security models for various flavours of TSE and provide efficient instantiations for all of them. These results represent our efforts in developing public-key encryption schemes with enhanced properties, whilst maintaining the delicate balance between security and efficiency.
652.8
2

Square: A New Family of Multivariate Encryption Schemes

Clough, Crystal L. 21 July 2009 (has links)
No description available.
Mathematics
Multivariate Cryptography
Public Key Encryption Scheme
Odd Characteristic
3

Stronger security notions for trapdoor functions and applications

O'Neill, Adam 30 November 2010 (has links)
Trapdoor functions, introduced in the seminal paper of Diffie and Hellman, are a fundamental notion in modern cryptography. Informally, trapdoor functions are injective functions that are easy to evaluate but hard to invert unless given an additional input called the trapdoor. Specifically, the classical security notion considered for trapdoor functions is one-wayness, which asks that it be hard to invert (except with very small probability) a uniformly random point in the range without the trapdoor. Motivated by the demands of emerging applications of cryptography as well as stronger security properties desired from higher-level cryptographic primitives constructed out of trapdoor functions, this thesis studies new strengthenings to the classical notion of one-way trapdoor functions and their applications. Our results are organized along two separate threads, wherein we introduce two new cryptographic primitives that strengthen the notion of one-wayness for trapdoor functions in different ways: Deterministic Encryption: Our notion of deterministic (public-key) encryption addresses the weaknesses of using trapdoor functions directly for encryption articulated by Goldwasser and Micali, to the extent possible without randomizing the encryption function (whereas Goldwasser and Micali address them using randomized encryption). Specifically, deterministic encryption ensures no partial information is leaked about a high-entropy plaintext or even multiple correlated such plaintexts. Deterministic encryption has applications to fast search on encrypted data, securing legacy protocols, and ``hedging' randomized encryption against bad randomness. We design a conceptually appealing semantic-security style definition of security for deterministic encryption as well as an easier-to-work-with but equivalent indistinguishability style definition. In the random oracle model of Bellare and Rogaway, we show a secure construction of deterministic encryption for an unbounded number of arbitrarily correlated high-entropy plaintexts based on any randomized encryption scheme, as well as length-preserving such construction based on RSA. In the standard model, we develop a general framework for constructing deterministic encryption schemes based on a new notion of ``robust' hardcore functions. We show a secure construction of deterministic for a single high-entropy plaintext based on exponentially-hard one-way trapdoor functions; single-message security is equivalent to security for an unbounded number of messages drawn from a block-source (where each subsequent message has high entropy conditioned on the previous). We also show a secure construction of deterministic encryption for a bounded number of arbitrarily correlated high-entropy plaintexts based on the notion of lossy trapdoor functions introduced by Peikert and Waters. paragraph*{Adaptive Trapdoor Functions:} Our notion of adaptive trapdoor functions asks that one-wayness be preserved in the presence of an inversion oracle that can be queried on some range points. The main application we give is the construction of black-box chosen-ciphertext secure public-key encryption from weaker general assumptions. (``Black-box' means that the specific code implementing the trapdoor function is not used in the construction, which typically incurs a huge efficiency cost.) Namely, we show such a construction of chosen-ciphertext secure public-key encryption from adaptive trapdoor functions. We then show that adaptive trapdoor functions can be realized from the recently introduced notions of lossy trapdoor functions by Peikert and Waters and correlated-product secure trapdoor functions by Rosen and Segev. In fact, by extending a recent result of Vahlis, we show adaptivity is strictly weaker than the latter notions (in a black-box sense). As a consequence, adaptivity is the weakest security property of trapdoor functions known to imply black-box chosen-ciphertext security. Additionally, by slightly extending our framework and considering ``tag-based' adaptive trapdoor functions, we obtain exactly the chosen-ciphertext secure encryption schemes proposed in prior work, thereby unifying them, although the schemes we obtain via adaptive trapdoor functions are actually more efficient. Finally, we show that adaptive trapdoor functions can be realized from a (non-standard) computational assumption on RSA inversion, leading to a very efficient RSA-based chosen-ciphertext secure encryption scheme in the standard model.
Cryptography
Trapdoor functions
Public-key encryption
Data encryption (Computer science)
Computer security
Modular arithmetic
4

Security of dynamic authorisation for IoT through Blockchain technology / Säkerheten av dynamisk autentisering för IoT genom Blockchain-teknik

Sandor, Alexander January 2018 (has links)
The use of Internet of Things devices is an integral part of our modern society. Communication with internet of things devices is secured with asymmetric key encryption that is handled by the centralized certificate authority infrastructure. The emerging Blockchain technology now provides a safe way to change ownership of digital resources through a decentralized system that challenges the traditional centralized view of trust in digital systems. This project studies the security of building public key infrastructures and access communication protocols on Blockchain technology for IoT devices. An informal cryptographic analysis that used proof by contradiction showed that it is cryptographically safe to build Blockchain based Public Key Infrastructures. The analysed Blockchain based public key infrastructure was implemented with smart contracts and tested on the Ethereum platform along with a dynamic access control protocol ensuring dynamic authentication and distributed logging. The project also concluded that advancements in the software clients of nodes are required before Blockchain can be used in Internet of Things devices. This is due to the high storage demands required by currently available nodes. / Användandet av "Internet of Things"-enheter är en integral del av vårt moderna samhälle. Kommunikation med "Internet of Things"-enheter är säkras genom asymmetrisk nyckelkryptering som hanteras i ett centraliserat system administrerat av certifieringsmyndigheter. Den banbrytande Blockchain-tekniken erbjuder nu ett säkert sätt att byta ägandeskap av digitala resurser i ett decentraliserat system, och utmanar den traditionella synen på tillit i digitala system. Det här projektet studerar säkerheten i att bygga en infrastruktur för publik nyckeldistribuering samt protokoll för accesskontrollering med hjälp av Blockchain-teknik för "Internet of Things"-enheter. Genom en informell kryptografisk analys och metoden motsägelsebevis visades det att det är kryptografiskt säkert att bygga infrastrukturer för publik nyckeldistribuering på Blockchain-teknik. En Blockchain-baserad infrastruktur för public nyckeldistribuering implementerades med smarta kontrakt och testades på Ethereum-plattformen tillsammans med ett protokoll för dynamisk accesskontroll som säkerställde dynamisk autentisering och distribuerad loggning. Projektet kom även fram till att ny mjukvara för noder behövs för att tekniken ska bli applicerbar i "Internet of Things"-enheter. Detta eftersom nuvarande noder behöver stort datautrymme för att fungera.
Blockchain
IoT
Public Key Encryption
Public Key Infrastructure
Computer Sciences
Datavetenskap (datalogi)
5

Parsing of X.509 certificates in a WAP environment / Parsning av X.509 certifikat i en WAP-miljö

Asplund, Fredrik January 2002 (has links)
<p>This master thesis consists of three parts. The first part contains a summary of what is needed to understand a X.509 parser that I have created, a discussion concerning the technical problems I encountered during the programming of this parser and a discussion concerning the final version of the parser. The second part concerns a comparison I made between the X.509 parser I created and a X.509 parser created"automatically"by a compiler. I tested static memory, allocation of memory during runtime and utilization of the CPU for both my parser (MP) and the parser that had a basic structure constructed by a compiler (OAP). I discuss changes in the parsers involved to make the comparison fair to OAP, the results from the tests and when circumstances such as time and non-standard content in the project make one way of constructing a X.509 parser better than the other way. The last part concerns a WTLS parser (a simpler kind of X.509 parser), which I created.</p>
Informationsteknik
Computer Security
Parser
Program comparison
Programming
Public key encryption
WTLS certificate
X.509 certificate
Informationsteknik
Information technology
Informationsteknik
6

Attribute-based encryption : robust and efficient constructions

Rouselakis, Ioannis 26 September 2013 (has links)
Attribute-based encryption is a promising cryptographic primitive that allows users to encrypt data according to specific policies on the credentials of the recipients. For example, a user might want to store data in a public server such that only subscribers with credentials of specific forms are allowed to access them. Encrypting the data once for each party is not only impractical but also raises important privacy issues. Therefore, it would be beneficial to be able to encrypt only once for all desired parties. This is achievable by attribute-based encryption schemes, which come into several types and are applicable to a wide range of settings. Several attribute-based encryption schemes have been proposed and studied with a wide range of characteristics. For example, initial constructions proved to be significantly more challenging than constructing traditional public-key encryption systems and they imposed restrictions on the expressiveness of the Boolean formulas used during encryption. For several proposed schemes the total number of attributes was fixed during setup, while others allowed any string to be used as attribute ("large universe" constructions), but with considerable weaker security guarantees. Furthermore, these first constructions, although polynomial time, were impractical for wide deployment. This thesis is motivated by two main goals for ABE schemes: robustness and efficiency. For robustness, we propose a novel construction that achieves strong security guarantees and at the same time augments the capabilities of previous schemes. More specifically, we adapt existing techniques to achieve leakage-resilient ABE schemes with augmented robustness features making no compromises on security. For the second direction, our goal is to create practical schemes with as many features as possible, such as "large universe" and multi-authority settings. We showcase these claims with working implementations, benchmarks, and comparisons to previous constructions. Finally, these constructions lead us to new directions that we propose and intend to investigate further. / text
Cryptography
Public-key encryption
Attribute-based encryption
Large universe
Leakage-resilience
Multi-authority
Ciphertext-policy
Key-policy
7

Secure public-key encryption from factorisation-related problems

Brown, Jaimee January 2007 (has links)
Public key encryption plays a vital role in securing sensitive data in practical applications. The security of many encryption schemes relies on mathematical problems related to the difficulty of factoring large integers. In particular, subgroup problems in composite order groups are a general class of problems widely used in the construction of secure public-key encryption schemes. This thesis studies public-key encryption schemes that are provably secure based on the difficulty of subgroup or other integer factorisation related problems in the standard model. Firstly, a number of new public-key encryption schemes are presented which are secure in the sense of indistinguishability against chosen-ciphertext attack in the standard model. These schemes are obtained by instantiating the two previous paradigms for chosen-ciphertext security by Cramer and Shoup, and Kurosawa and Desmedt, with three previously studied subgroup membership problems. The resulting schemes are very efficient, and are comparable if not superior in terms of efficiency when compared to previously presented instantiations. Secondly, a new approach is presented for constructing RSA-related public key encryption schemes secure in the sense of indistinguishability against chosenciphertext attack without random oracles. This new approach requires a new set of assumptions, called the Oracle RSA-type assumptions. The motivating observation is that RSA-based encryption schemes can be viewed as tag-based encryption schemes, and as a result can be used as a building block in a previous technique for obtaining chosen-ciphertext security. Two example encryption schemes are additionally presented, each of which is of comparable efficiency to other public key schemes of similar security. Finally, the notion of self-escrowed public-key infrastructures is revisited, and a security model is defined for self-escrowed encryption schemes. The security definitions proposed consider adversarial models which reflect an attacker's ability to recover private keys corresponding to public keys of the attacker's choice. General constructions for secure self-escrowed versions of ElGamal, RSA, Cramer-Shoup and Kurosawa-Desmedt encryption schemes are also presented, and efficient instantiations are provided. In particular, one instantiation solves the 'key doubling problem' observed in all previous self-escrowed encryption schemes. Also, for another instantiation a mechanism is described for distributing key recovery amongst a number of authorities.
public key encryption
subgroup membership problems
provable security
chosenciphertext security
Cramer-Shoup
RSA
self-escrowed encryption
key recovery
8

Kryptosystémy založené na problému batohu / Variants of knapsack cryptosystems

Kučerová, Michaela January 2016 (has links)
The topic of this thesis is a cryptosystem, precisely a public key encryption scheme, that is based on the knapsack problem. At first we formulate terms like \mathcal{NP} -complete problem, one-way function, hard-core predicate, public key encryption scheme and semantic security which we connect in this thesis. After that we present the knapsack problem. Then we prove that the knapsack problem with appropriate parameters has a property that leads to semantic security of the encryption scheme which we present afterwards. This public key encryption scheme is based on the scheme proposed by Vadim Lyubashevsky, Adriana Palacio and Gil Segev. Powered by TCPDF (www.tcpdf.org)
9

Parsing of X.509 certificates in a WAP environment / Parsning av X.509 certifikat i en WAP-miljö

Asplund, Fredrik January 2002 (has links)
This master thesis consists of three parts. The first part contains a summary of what is needed to understand a X.509 parser that I have created, a discussion concerning the technical problems I encountered during the programming of this parser and a discussion concerning the final version of the parser. The second part concerns a comparison I made between the X.509 parser I created and a X.509 parser created"automatically"by a compiler. I tested static memory, allocation of memory during runtime and utilization of the CPU for both my parser (MP) and the parser that had a basic structure constructed by a compiler (OAP). I discuss changes in the parsers involved to make the comparison fair to OAP, the results from the tests and when circumstances such as time and non-standard content in the project make one way of constructing a X.509 parser better than the other way. The last part concerns a WTLS parser (a simpler kind of X.509 parser), which I created.
Informationsteknik
Computer Security
Parser
Program comparison
Programming
Public key encryption
WTLS certificate
X.509 certificate
Informationsteknik
Computer and Information Sciences
Data- och informationsvetenskap
10

New authentication mechanism using certificates for big data analytic tools

Velthuis, Paul January 2017 (has links)
Companies analyse large amounts of sensitive data on clusters of machines, using a framework such as Apache Hadoop to handle inter-process communication, and big data analytic tools such as Apache Spark and Apache Flink to analyse the growing amounts of data. Big data analytic tools are mainly tested on performance and reliability. Security and authentication have not been enough considered and they lack behind. The goal of this research is to improve the authentication and security for data analytic tools.Currently, the aforementioned big data analytic tools are using Kerberos for authentication. Kerberos has difficulties in providing multi factor authentication. Attacks on Kerberos can abuse the authentication. To improve the authentication, an analysis of the authentication in Hadoop and the data analytic tools is performed. The research describes the characteristics to gain an overview of the security of Hadoop and the data analytic tools. One characteristic is that the usage of the transport layer security (TLS) for the security of data transportation. TLS usually establishes connections with certificates. Recently, certificates with a short time to live can be automatically handed out.This thesis develops new authentication mechanism using certificates for data analytic tools on clusters of machines, providing advantages over Kerberos. To evaluate the possibility to replace Kerberos, the mechanism is implemented in Spark. As a result, the new implementation provides several improvements. The certificates used for authentication are made valid with a short time to live and are thus less vulnerable to abuse. Further, the authentication mechanism solves new requirements coming from businesses, such as providing multi-factor authenticationand scalability.In this research a new authentication mechanism is developed, implemented and evaluated, giving better data protection by providing improved authentication.
Cloud Access Management
certificate on demand
Apache Spark
Apache Flink
Kerberos
transport security layer (TLS)
Authentication
Multi Factor Authentication
Authentication for data analytic tools
certificate based Spark authentication
public key encryption
distributed authentication
short valid authentication
Computer Sciences
Datavetenskap (datalogi)

Page generated in 0.1078 seconds