Global ETD Search

131	Efektivní schémata digitálních podpisů / Efficient Digital Signature Schemes Varga, Ondrej January 2011 (has links) Digital signatures, which take the properties of classical signatures, are used to secure the actual content of documents, which can be modified during transmission over an insecure channel. The problems of security and protection of communicating participants are solved by cryptographic techniques. Identity verification, message integrity, credibility, the ownership of documents, and the secure transmission of information over an unsecured channel, are all dealt with in secure communications - Public Key Infrastructure, which uses digital signatures. Nowadays digital signatures are often used to secure data in communication over an unsecured channel. The aim of the following master’s thesis is to familiarize readers with the necessary technological aspects of digital signatures, as well as their advantages and disadvantages. By the time digital signatures are being used they will have to be improved and modified to be secure against more sophisticated attacks. In this paper, proposals of new efficient digital signature schemes and their comparison with current ones are described. Also are examined their implications for computationally weak devices, or deployment in low speed channel transmission systems. After an explanation of cryptography and a description of its basic subjects, digital signatures are introduced. The first chapter describes the possible formatting and architecture of the digital signature. The second part of this master’s thesis is about current digital signature schemes and their properties. Chapter 3 describes some proposals of new efficient digital signature schemes and their comparison to those currently in use. In the practical part, the implementations (in the environment .NET in C#) of two effective digital signature schemes as part of a client-server application are presented and described (Chapter 4). In the last chapter the comparison and analysis of the implemented signature schemes are provided.
132	Správa veřejných klíčů SSH v programech FreeIPA a SSSD / SSH Public Key Management in FreeIPA and SSSD Cholasta, Jan January 2012 (has links) SSH je jeden z nejpoužívanějších protokolů pro vzdálený přístup v Internetu. SSH je flexibilní a rozšiřitelný protokol, který se skládá ze tří hlavních součástí: SSH transportního protokolu, který obstarává důvěrnost, integritu a autentizaci serveru, SSH autentizačního protokolu, který obstarává autentizaci uživatelů a SSH spojovacího protokolu, který obstarává multiplexování více kanálů různých typů (interaktivní sezení, přesměrování TCP/IP spojení, atd.) do jednoho spojení. OpenSSH je jedna z nejrozšířenějších implemetací SSH. OpenSSH obsahuje SSH server, SSH klienty, generátor SSH klíčů a autentizační agent, který usnadňuje autentizaci pomocí veřejných klíčů. FreeIPA a SSSD jsou projekty poskytující centrální správu identit pro Linuxové a Unixové systémy. Tyto projekty sice v době psaní této práce přímou podporu SSH neobsahovaly, ale do jisté míry je ve spojení s OpenSSH používat možné bylo.
133	Public Key Kryptografie mit GNU Privacy Guard Kutzner, Kendy 18 October 2002 (has links) Vortrag ueber das Warum und Wie der Kryptografie mit oeffentlichen Schluesseln am Beispiel von GNU Privacy Guard info:eu-repo/classification/ddc/004 ddc:004 Elektronische Unterschrift Public-key-Kryptosystem PGP GPG
134	Nutzung von Sozialen Netzwerk-Plattformen für die Verteilung von Public Keys Hülder, Malte, Wolff-Marting, Vincent, Gruhn, Volker 29 January 2019 (has links) Public Key Infrastrukturen (PKI) sind schon seit einigen Jahren bekannt, jedoch setzen sie sich nur sehr zögerlich durch, insbesondere im privaten Bereich. In diesem Artikel werden einige Hürden für die existierenden Ansätze (besonders das Web-of-Trust) beschrieben und es wird ein Lösungsansatz vorgestellt, der auf der Integration von sozialen Netzwerk-Plattformen mit den bestehenden Schlüssel-Servern beruht. Eine prototypische Umsetzung der genannten Ansätze zeigt, dass diese praktisch einsetzbar sind und die Usability von PKI verbessern können. info:eu-repo/classification/ddc/005.86 ddc:005.86
135	On the security of short McEliece keys from algebraic andalgebraic geometry codes with automorphisms / Étude de la sécurité de certaines clés compactes pour le schéma de McEliece utilisant des codes géométriques Barelli, Elise 10 December 2018 (has links) En 1978, McEliece introduit un schéma de chiffrement à clé publique issu de la théorie des codes correcteurs d’erreurs. L’idée du schéma de McEliece est d’utiliser un code correcteur dont lastructure est masquée, rendant le décodage de ce code difficile pour toute personne ne connaissant pas cette structure. Le principal défaut de ce schéma est la taille de la clé publique. Dans ce contexte, on se propose d'étudier l'utilisation de codes dont on connaît une représentation compacte, en particulier le cas de codes quais-cyclique ou quasi-dyadique. Les deux familles de codes qui nous intéressent dans cette thèse sont: la famille des codes alternants et celle des sous--codes sur un sous--corps de codes géométriques. En faisant agir un automorphisme $sigma$ sur le support et le multiplier des codes alternants, on saitqu'il est possible de construire des codes alternants quasi-cycliques. On se propose alors d'estimer la sécurité de tels codes à l'aide du textit{code invariant}. Ce sous--code du code public est constitué des mots du code strictement invariant par l'automorphisme $sigma$. On montre ici que la sécurité des codes alternants quasi-cyclique se réduit à la sécurité du code invariant. Cela est aussi valable pour les sous—codes sur un sous--corps de codes géométriques quasi-cycliques. Ce résultat nous permet de proposer une analyse de la sécurité de codes quasi-cycliques construit sur la courbe Hermitienne. En utilisant cette analyse nous proposons des clés compactes pour la schéma de McEliece utilisant des sous-codes sur un sous-corps de codes géométriques construits sur la courbe Hermitienne. Le cas des codes alternants quasi-dyadiques est aussi en partie étudié. En utilisant le code invariant, ainsi que le textit{produit de Schur}et le textit{conducteur} de deux codes, nous avons pu mettre en évidence une attaque sur le schéma de McEliece utilisant des codes alternants quasi-dyadique de degré $2$. Cette attaque s'applique notamment au schéma proposé dans la soumission DAGS, proposé dans le contexte de l'appel du NIST pour la cryptographie post-quantique. / In 1978, McEliece introduce a new public key encryption scheme coming from errors correcting codes theory. The idea is to use an error correcting code whose structure would be hidden, making it impossible to decode a message for anyone who do not know a specific decoding algorithm for the chosen code. The McEliece scheme has some advantages, encryption and decryption are very fast and it is a good candidate for public-key cryptography in the context of quantum computer. The main constraint is that the public key is too large compared to other actual public-key cryptosystems. In this context, we propose to study the using of some quasi-cyclic or quasi-dyadic codes. In this thesis, the two families of interest are: the family of alternant codes and the family of subfield subcode of algebraic geometry codes. We can construct quasi-cyclic alternant codes using an automorphism which acts on the support and the multiplier of the code. In order to estimate the securtiy of these QC codes we study the em{invariant code}. This invariant code is a smaller code derived from the public key. Actually the invariant code is exactly the subcode of code words fixed by the automorphism $sigma$. We show that it is possible to reduce the key-recovery problem on the original quasi-cyclic code to the same problem on the invariant code. This is also true in the case of QC algebraic geometry codes. This result permits us to propose a security analysis of QC codes coming from the Hermitian curve. Moreover, we propose compact key for the McEliece scheme using subfield subcode of AG codes on the Hermitian curve. The case of quasi-dyadic alternant code is also studied. Using the invariant code, with the em{Schur product} and the em{conductor} of two codes, we show weaknesses on the scheme using QD alternant codes with extension degree 2. In the case of the submission DAGS, proposed in the context of NIST competition, an attack exploiting these weakness permits to recover the secret key in few minutes for some proposed parameters. Cryptographie à clé publique Codes correcteurs d'erreurs Courbes algébriques Public-Key cryptography Coding theory Algebraic curves 005.824
136	Embedded Surface Attack on Multivariate Public Key Cryptosystems from Diophantine Equation Ren, Ai 11 June 2019 (has links) No description available. Mathematics Multivariate Public Key Cryptosystem Cryptosystem Diophantine equations embedded surface attach linearization type of equation cryptography
137	Understanding Certificate Revocation Hagström, Åsa January 2006 (has links) Correct certificate revocation practices are essential to each public-key infrastructure. While there exist a number of protocols to achieve revocation in PKI systems, there has been very little work on the theory behind it: Which different types of revocation can be identified? What is the intended effect of a specific revocation type to the knowledge base of each entity? As a first step towards a methodology for the development of reliable models, we present a graph-based formalism for specification and reasoning about the distribution and revocation of public keys and certificates. The model is an abstract generalization of existing PKIs and distributed in nature; each entity can issue certificates for public keys that they have confidence in, and distribute or revoke these to and from other entities. Each entity has its own public-key base and can derive new knowledge by combining this knowledge with certificates signed with known keys. Each statement that is deduced or quoted within the system derives its support from original knowledge formed outside the system. When such original knowledge is removed, all statements that depended upon it are removed as well. Cyclic support is avoided through the use of support sets. We define different revocation reasons and show how they can be modelled as specific actions. Revocation by removal, by inactivation, and by negation are all included. By policy, negative statements are the strongest, and positive are the weakest. Collisions are avoided by removing the weaker statement and, when necessary, its support. Graph transformation rules are the chosen formalism. Rules are either interactive changes that can be applied by entities, or automatically applied deductions that keep the system sound and complete after the application of an interactive rule. We show that the proposed model is sound and complete with respect to our definition of a valid state. / <p>Report code: LIU-TEK-LIC-2006:1</p> Revocation Public-key certificates Graph transformation Other Computer and Information Science Annan data- och informationsvetenskap
138	The Singularity Attack on Himq-3: A High-Speed Signature Scheme Based on Multivariate Quadratic Equations Zhang, Zheng 30 September 2021 (has links) No description available. Mathematics Post-quantum cryptography Multivariate public key cryptography Security analysis Oil vinegar signature scheme
139	Digital Certificate Revocation for the Internet of Things Tanner Lindemer, Samuel January 2019 (has links) Digital certificates have long been used for traditional Internet applications, and have now entered into widespread use for the Internet of Things. However, constrained devices currently have no means to verify the revocation status of certificates. Without the ability to revoke certificates, network administrators have no recourse in the event of a private key compromise. This thesis explores three alternatives to solve this problem: (1) implement the Online Certificate Status Protocol (OCSP) as is on a CoAP network stack, (2) compress certificate revocation lists (CRLs) using Bloom filters, and (3) design an optimized version of OCSP (referred to here as TinyOCSP). This work concludes that TinyOCSP reduces the message overhead of online validation by at least 73%. This reduced the energy consumption of certificate validation by 50% relative to OCSP in the experiments on constrained hardware, which shows that it may be a feasible solution for the IoT / Digitala certifikat har länge tillämpats inom traditionella internetappliceringar och har numera även omfattande användningsområden inom IoT. Begränsade apparater har i nuläget dock inga metoder för att verifiera återkallningsstatusar av certifikat. Utan förmågan att återkalla certifikat har nätverksadministratörer inga alternativ att återfalla till när en hemlig nyckel har blivit stulen. Denna uppsats undersöker tre alternativ för att lösa detta problem: (1) tillämpning av Online Certificate Status Protocol (OCSP) med CoAP, (2) komprimering av certificate revocation lists (CRLs) som använder Bloom filters, och (3) skapa en optimerad version av OCSP (TinyOCSP). Arbetet drar slutsatsen att TinyOCSP minskar message overhead av onlinevalidering med åtminstone 73%. Detta minskade energikonsumtion av certifikatsvalidering med 50% jämfört med OCSP i experimentet med begränsade apparater, vilket visar att detta är en tänkar lösning för IoT. Computer and Information Sciences Data- och informationsvetenskap
140	Post-quantum algorithms for digital signing in Public Key Infrastructures / Post-quantum-algoritmer för digitala signaturer i Public Key Infrastructures Sjöberg, Mikael January 2017 (has links) One emerging threat to Public Key Infrastructures is the possible development of large-scale quantum computers, which would be able to break the public-key cryptosystems used today. Several possibly post-quantum secure cryptographic algorithms have been proposed but so far they have not been used in many practical settings. The purpose of this thesis was to find post-quantum digital signature algorithms that might be suitable for use in Public Key Infrastructures today. To answer the research question, an extensive literature study was conducted where relevant algorithms were surveyed. Algorithms with high-grade implementations in different cryptographic libraries were benchmarked for performance. Hash-based XMSS and SPHINCS, multivariate-based Rainbow and lattice-based BLISS-B were benchmarked and the results showed that BLISS-B offered the best performance, on par with RSA and ECDSA. All the algorithms did however have relatively large signature sizes and/or key sizes. Support for post-quantum digital signature algorithms in Public Key Infrastructure products could easily be achieved since many algorithms are implemented in cryptographic libraries. The algorithms that could be recommended for use today were SPHINCS for high-security applications and possibly BLISS-B for lower security applications requiring higher efficiency. The biggest obstacles to widespread deployment of post-quantum algorithms was deemed to be lack of standardisation and either inefficient operations compared to classical algorithms, uncertain security levels, or both. / Ett nytt hot mot Public Key Infrastructures är den möjliga utvecklingen av storskaliga kvantdatorer som kan knäcka de asymmetriska kryptosystem som används idag. Ett flertal eventuellt kvantsäkra algoritmer har presenterats men de har än så länge inte sett mycket praktisk användning. Målet med detta examensarbete var att försöka identifiera eventuellt kvantsäkra signaturalgoritmer som skulle kunna lämpa sig för användning i Public Key Infrastructures idag. För att besvara forskningsfrågan gjordes en utredande litteraturstudie där relevanta signaturalgoritmer identifierades. Därefter prestandatestades de algoritmer som var implementerade i kryptografiska bibliotek. De algoritmer som prestandatestades var de hash-baserade algoritmerna XMSS och SPHINCS, flervariabel-baserade Rainbow och gitter-baserade BLISS-B. Resultaten visade att BLISS-B hade bäst prestanda och att prestandan var i nivå med RSA och ECDSA. Samtliga algoritmer hade emellertid relativt stora signatur- och/eller nyckelstorlekar. Eventuellt kvantsäkra algoritmer skulle redan idag kunna stödjas i Public Key Infrastructures eftersom många algoritmer finns implementerade i kryptografiska bibliotek. SPHINCS kunde rekommenderas när hög säkerhet krävs medan BLISS-B möjligtvis skulle kunna användas när lägre säkerhet kan tolereras i utbyte mot bättre prestanda. Största hindren för utbredd användning ansågs vara en brist på standardisering samt ineffektiva operationer jämfört med klassiska algoritmer och/eller tveksamma säkerhetsnivåer. Post-quantum algorithms Digital signature algorithms Public Key Infrastructures Computer Sciences Datavetenskap (datalogi)

Search results