Bezpečená komunikace mezi data loggerem a databazovým serverem / Secure communication between data logger and database server

Ferek, Matúš

January 2011

This work is aimed to analyze security risks of data transfer in Internet network and to design couple of possible solutions for securing communication between data logger and server for data processing. As a result, solution of securing this data communication by SSL layer was designed.

Secure Communicator / Secure Communicator

Gažo, Matúš

January 2012

Secured long-distance communication has always been an important topic for people handling sensitive information. Now with the arrival of ``intelligent`` mobile phones eavesdropping and information gathering is as easy as never. Luckily smartphones present not only problems in terms of security but also an opportunity to protect ones privacy. This thesis attempts to construct a generic software architecture of a communicator which could be capable of transferring voice, video and other various forms of binary data in a secure way. It will analyse and use different communication channels to reach a maximum level of data authenticity, integrity and confidentiality in an environment where a central security element needs to be avoided. The resulting architecture will be tested on a Voice-over-IP (VoIP) application prototype for the mobile Google Android platform to show whether the approach is practically usable on currently available phones.

Design of Adaptive Sliding Mode Tracking Controllers for Chaotic Synchronization and Application to Secure Communications

Wu, Shiue-Wei

31 August 2010

Synchronization of two identical chaotic systems with matched and mismatched perturbations by utilizing adaptive sliding mode control (ASMC) technique is presented in this thesis. The sliding surface function is designed based on Lyapunov stability theorem and linear matrix inequality (LMI) optimization technique. Adaptive mechanisms embedded in the proposed control scheme are used to adapt the unknown upper bounds of the perturbations. The designed tracking controller can not only suppress the mismatched perturbations when the controlled dynamics (master-slave) are in the sliding mode, but also drive the trajectories of synchronization errors into a small bounded region whose size can be adjusted through the designed parameters. The stability of overall controlled synchronization systems is guaranteed. Application of proposed chaotic synchronization technique to secure communication as well as several numerical examples are given to demonstrate the feasibility of the proposed design technique.

secure communication

chaotic synchronization

mismatched perturbations

adaptive sliding mode control

An Efficient Mutual Authentication for Mobile Communication

Chen, Hsin-Yu

22 July 2005

Owing to the fast progress of mobile communication technologies and the ubiquity of mobile networks, users can communicate with each other anytime and anywhere as long as they carry their smart and tiny mobile phones. This convenient communication service is quite popular and gradually joins in the people¡¦s life. Nevertheless, lots of attacks, such as the men-in-the-middle attacks and the replay attacks, are seriously threatening the security of the mobile networks and affecting the quality of the service simultaneously. Many security mechanisms for mobile communication have been introduced in the literature. Among these mechanisms, authentication plays a very important role in the entire mobile network system and acts as the first defense against the attackers since it can ensure the correctness of the identities of communication entities before they engage in any other communication activities. Therefore, to guarantee the quality of this advanced service, an efficient (especially, user efficient) and secure authentication scheme is urgently desired. In this thesis, we will propose a robust authentication scheme for mobile communication systems. Not only does the proposed scheme achieve mutual authentication, but also it greatly reduces the computation and communication cost of mobile users as compared with the existing authentication schemes.

Authentication protocols

Secure communication

Information security

Symmetric cryptosystems

Mobile communication

Secure Communication Channel Mechanisms For Isolated Networks

Karadag, Gokdeniz

01 December 2009

Current network security solutions are consisted of a single host, with network interfaces of the host connected to protected and external networks at the same time. This design ensures security by restricting traffic flow to a single point, where it can be examined and acted on by a set of rules. However, this design also has a flaw and a single point of failure, that being the vulnerabilities in the security device itself. An adversary would have unhindered access to protected networks if a vulnerability in the security device itself leads to its compromise. To prevent this possibility, high-security networks are completely isolated from external networks, by prohibiting any network connection and constituting a so-called air gap in between. But, data transfer needs do arise between external networks and high-security networks, and in current technology this problem does not have a solution without human intervention. In this theses, we propose a set of mechanisms that allows near-realtime data transfers between high-security network and external networks, without requiring any human intervention. The design consists of two hosts connected via a shared storage, transferring only application layer data between networks. This prevents attacks targeting network stacks of the security device&#039 / s OS, and confines a compromised security device to the network that it is already connected to. In case of a compromise the amount of possible unwanted traffic to and from the high-security network is vastly reduced.

QA Computer Software 76.75-76.765

Antenna subset modulation for secure millimeter-wave wireless communication

Valliappan, Nachiappan

10 July 2012

The small carrier wavelength at millimeter-wave (mm-Wave) frequencies allows the possibility of implementing a large number of antennas on a single chip. This work uses the potential of large antenna arrays at these frequencies to develop a low-complexity directional modulation technique: Antenna Subset Modulation (ASM) for point-to-point secure wireless communication. The main idea in ASM is to communicate information by modulating the far-field radiation pattern of the array at the symbol rate. By driving only a subset of antennas and changing the subset used for each symbol transmission the far-field pattern is modulated. Two techniques for implementing antenna subset selection are proposed. The first technique is simple where the antenna subset to be used is selected at random for every symbol transmission. While randomly switching antenna subsets does not affect the symbol modulation for a desired receiver along the main lobe direction, it effectively randomizes the amplitude and phase of the received symbol for an eavesdropper along a sidelobe. Using a simplified statistical model for random antenna subset selection, an expression for the average symbol error rate (SER) is derived as a function of observation angle for linear arrays. To overcome the problem of large peak sidelobe level in random antenna subset switching, an optimized antenna subset selection procedure based on simulated annealing is then discussed. Finally, numerical results comparing the average SER performance of the proposed techniques against conventional array transmission are presented. While both methods produce a narrower information beam-width in the desired direction, the optimized antenna subset selection technique is shown to offer better security and array performance. / text

Millimeter-wave

Antenna subset

Directional modulation

Secure communication

Information-Theoretically Secure Communication Under Channel Uncertainty

Ly, Hung Dinh

2012 May 1900

Secure communication under channel uncertainty is an important and challenging problem in physical-layer security and cryptography. In this dissertation, we take a fundamental information-theoretic view at three concrete settings and use them to shed insight into efficient secure communication techniques for different scenarios under channel uncertainty. First, a multi-input multi-output (MIMO) Gaussian broadcast channel with two receivers and two messages: a common message intended for both receivers (i.e., channel uncertainty for decoding the common message at the receivers) and a confidential message intended for one of the receivers but needing to be kept asymptotically perfectly secret from the other is considered. A matrix characterization of the secrecy capacity region is established via a channel-enhancement argument and an extremal entropy inequality previously established for characterizing the capacity region of a degraded compound MIMO Gaussian broadcast channel. Second, a multilevel security wiretap channel where there is one possible realization for the legitimate receiver channel but multiple possible realizations for the eavesdropper channel (i.e., channel uncertainty at the eavesdropper) is considered. A coding scheme is designed such that the number of secure bits delivered to the legitimate receiver depends on the actual realization of the eavesdropper channel. More specifically, when the eavesdropper channel realization is weak, all bits delivered to the legitimate receiver need to be secure. In addition, when the eavesdropper channel realization is strong, a prescribed part of the bits needs to remain secure. We call such codes security embedding codes, referring to the fact that high-security bits are now embedded into the low-security ones. We show that the key to achieving efficient security embedding is to jointly encode the low-security and high-security bits. In particular, the low-security bits can be used as (part of) the transmitter randomness to protect the high-security ones. Finally, motivated by the recent interest in building secure, robust and efficient distributed information storage systems, the problem of secure symmetrical multilevel diversity coding (S-SMDC) is considered. This is a setting where there are channel uncertainties at both the legitimate receiver and the eavesdropper. The problem of encoding individual sources is first studied. A precise characterization of the entire admissible rate region is established via a connection to the problem of secure coding over a three-layer wiretap network and utilizing some basic polyhedral structure of the admissible rate region. Building on this result, it is then shown that the simple coding strategy of separately encoding individual sources at the encoders can achieve the minimum sum rate for the general S-SMDC problem.

Channel uncertainty

secure communication

MIMO secure communication

security embedding

secure distributed storage systems

physical-layer security

Lossless quantum data compression and secure direct communication

Boström, Kim

January 2004

Diese Dissertation behandelt die Kodierung und Verschickung von Information durch einen Quantenkanal. Ein Quantenkanal besteht aus einem quantenmechanischen System, welches vom Sender manipuliert und vom Empfänger ausgelesen werden kann. Dabei repräsentiert der individuelle Zustand des Kanals die Nachricht. <br /> <br /> Die zwei Themen der Dissertation umfassen 1) die Möglichkeit, eine Nachricht in einem Quantenkanal verlustfrei zu komprimieren und 2) die Möglichkeit eine Nachricht von einer Partei zu einer einer anderen direkt und auf sichere Weise zu übermitteln, d.h. ohne dass es einer dritte Partei möglich ist, die Nachricht abzuhören und dabei unerkannt zu bleiben.<br /> <br /> Die wesentlichen Ergebnisse der Dissertation sind die folgenden. <br /> Ein allgemeiner Formalismus für Quantencodes mit variabler Länge wird ausgearbeitet. Diese Codes sind notwendig um verlustfreie Kompression zu ermöglichen. Wegen der Quantennatur des Kanals sind die codierten Nachrichten allgemein in einer Superposition von verschiedenen Längen. Es zeigt sich, daß es unmöglich ist eine Quantennachricht verlustfrei zu komprimieren, wenn diese dem Sender nicht apriori bekannt ist. Im anderen Falle wird die Möglichkeit verlustfreier Quantenkompression gezeigt und eine untere Schranke für die Kompressionsrate abgeleitet. Des weiteren wird ein expliziter Kompressionsalgorithmus konstruiert, der für beliebig vorgegebene Ensembles aus Quantennachrichten funktioniert.<br /> <br /> Ein quantenkryptografisches Prokoll - das &ldquo;Ping-Pong Protokoll&rdquo; - wird vorgestellt, welches die sichere direkte übertragung von klassischen Nachrichten durch einen Quantenkanal ermöglicht. Die Sicherheit des Protokolls gegen beliebige Abhörangriffe wird bewiesen für den Fall eines idealen Quantenkanals. Im Gegensatz zu anderen quantenkryptografischen Verfahren ist das Ping-Pong Protokoll deterministisch und kann somit sowohl für die Übermittlung eines zufälligen Schlüssels als auch einer komponierten Nachricht verwendet werden. Das Protokoll is perfekt sicher für die Übertragung eines Schlüssels und quasi-sicher für die direkte Übermittlung einer Nachricht. Letzteres bedeutet, dass die Wahrscheinlichkeit eines erfolgreichen Abhörangriffs exponenziell mit der Länge der Nachricht abnimmt. / This thesis deals with the encoding and transmission of information through a quantum channel. A quantum channel is a quantum mechanical system whose state is manipulated by a sender and read out by a receiver. The individual state of the channel represents the message.<br /> <br /> The two topics of the thesis comprise 1) the possibility of compressing a message stored in a quantum channel without loss of information and 2) the possibility to communicate a message directly from one party to another in a secure manner, that is, a third party is not able to eavesdrop the message without being detected.<br /> <br /> The main results of the thesis are the following. <br /> A general framework for variable-length quantum codes is worked out. These codes are necessary to make lossless compression possible. Due to the quantum nature of the channel, the encoded messages are in general in a superposition of different lengths. It is found to be impossible to compress a quantum message without loss of information if the message is not apriori known to the sender. In the other case it is shown that lossless quantum data compression is possible and a lower bound on the compression rate is derived. Furthermore, an explicit compression scheme is constructed that works for arbitrarily given source message ensembles. <br /> <br /> A quantum cryptographic protocol - the &ldquo;ping-pong protocol&rdquo; - is presented that realizes the secure direct communication of classical messages through a quantum channel. The security of the protocol against arbitrary eavesdropping attacks is proven for the case of an ideal quantum channel. In contrast to other quantum cryptographic protocols, the ping-pong protocol is deterministic and can thus be used to transmit a random key as well as a composed message. <br /> The protocol is perfectly secure for the transmission of a key, and it is quasi-secure for the direct transmission of a message. The latter means that the probability of successful eavesdropping exponentially decreases with the length of the message.

Physics

Chaos synchronization and its application to secure communication

Zhang, Hongtao

January 2010

Chaos theory is well known as one of three revolutions in physical sciences in 20th-century, as one physicist called it: Relativity eliminated the Newtonian illusion of absolute space and time; quantum theory eliminated the Newtonian dream of a controllable measurable process; and chaos eliminates the Laplacian fantasy of deterministic predictability". Specially, when chaos synchronization was found in 1991, chaos theory becomes more and more attractive. Chaos has been widely applied to many scientific disciplines: mathematics, programming, microbiology, biology, computer science, economics, engineering, finance, philosophy, physics, politics, population dynamics, psychology, and robotics. One of most important engineering applications is secure communication because of the properties of random behaviours and sensitivity to initial conditions of chaos systems. Noise-like dynamical behaviours can be used to mask the original information in symmetric cryptography. Sensitivity to initial conditions and unpredictability make chaotic systems very suitable to construct one-way function in public-key cryptography. In chaos-based secure communication schemes, information signals are masked or modulated (encrypted) by chaotic signals at the transmitter and the resulting encrypted signals are sent to the corresponding receiver across a public channel (unsafe channel). Perfect chaos synchronization is usually expected to recover the original information signals. In other words, the recovery of the information signals requires the receiver's own copy of the chaotic signals which are synchronized with the transmitter ones. Thus, chaos synchronization is the key technique throughout this whole process. Due to the difficulties of generating and synchronizing chaotic systems and the limit of digital computer precision, there exist many challenges in chaos-based secure communication. In this thesis, we try to solve chaos generation and chaos synchronization problems. Starting from designing chaotic and hyperchaotic system by first-order delay differential equation, we present a family of novel cell attractors with multiple positive Lyapunov exponents. Compared with previously reported hyperchaos systems with complex mathematic structure (more than 3 dimensions), our system is relatively simple while its dynamical behaviours are very complicated. We present a systemic parameter control method to adjust the number of positive Lyapunov exponents, which is an index of chaos degree. Furthermore, we develop a delay feedback controller and apply it to Chen system to generate multi-scroll attractors. It can be generalized to Chua system, Lorenz system, Jerk equation, etc. Since chaos synchronization is the critical technique in chaos-based secure communication, we present corresponding impulsive synchronization criteria to guarantee that the receiver can generate the same chaotic signals at the receiver when time delay and uncertainty emerge in the transmission process. Aiming at the weakness of general impulsive synchronization scheme, i.e., there always exists an upper boundary to limit impulsive intervals during the synchronization process, we design a novel synchronization scheme, intermittent impulsive synchronization scheme (IISS). IISS can not only be flexibly applied to the scenario where the control window is restricted but also improve the security of chaos-based secure communication via reducing the control window width and decreasing the redundancy of synchronization signals. Finally, we propose chaos-based public-key cryptography algorithms which can be used to encrypt synchronization signals and guarantee their security across the public channel.

chaos

hyperchaos

chaotic attractor

chaos synchronization

network synchronization

secure communication

chaos communication

Electrical and Computer Engineering

Chaos synchronization and its application to secure communication

Zhang, Hongtao

January 2010

Chaos theory is well known as one of three revolutions in physical sciences in 20th-century, as one physicist called it: Relativity eliminated the Newtonian illusion of absolute space and time; quantum theory eliminated the Newtonian dream of a controllable measurable process; and chaos eliminates the Laplacian fantasy of deterministic predictability". Specially, when chaos synchronization was found in 1991, chaos theory becomes more and more attractive. Chaos has been widely applied to many scientific disciplines: mathematics, programming, microbiology, biology, computer science, economics, engineering, finance, philosophy, physics, politics, population dynamics, psychology, and robotics. One of most important engineering applications is secure communication because of the properties of random behaviours and sensitivity to initial conditions of chaos systems. Noise-like dynamical behaviours can be used to mask the original information in symmetric cryptography. Sensitivity to initial conditions and unpredictability make chaotic systems very suitable to construct one-way function in public-key cryptography. In chaos-based secure communication schemes, information signals are masked or modulated (encrypted) by chaotic signals at the transmitter and the resulting encrypted signals are sent to the corresponding receiver across a public channel (unsafe channel). Perfect chaos synchronization is usually expected to recover the original information signals. In other words, the recovery of the information signals requires the receiver's own copy of the chaotic signals which are synchronized with the transmitter ones. Thus, chaos synchronization is the key technique throughout this whole process. Due to the difficulties of generating and synchronizing chaotic systems and the limit of digital computer precision, there exist many challenges in chaos-based secure communication. In this thesis, we try to solve chaos generation and chaos synchronization problems. Starting from designing chaotic and hyperchaotic system by first-order delay differential equation, we present a family of novel cell attractors with multiple positive Lyapunov exponents. Compared with previously reported hyperchaos systems with complex mathematic structure (more than 3 dimensions), our system is relatively simple while its dynamical behaviours are very complicated. We present a systemic parameter control method to adjust the number of positive Lyapunov exponents, which is an index of chaos degree. Furthermore, we develop a delay feedback controller and apply it to Chen system to generate multi-scroll attractors. It can be generalized to Chua system, Lorenz system, Jerk equation, etc. Since chaos synchronization is the critical technique in chaos-based secure communication, we present corresponding impulsive synchronization criteria to guarantee that the receiver can generate the same chaotic signals at the receiver when time delay and uncertainty emerge in the transmission process. Aiming at the weakness of general impulsive synchronization scheme, i.e., there always exists an upper boundary to limit impulsive intervals during the synchronization process, we design a novel synchronization scheme, intermittent impulsive synchronization scheme (IISS). IISS can not only be flexibly applied to the scenario where the control window is restricted but also improve the security of chaos-based secure communication via reducing the control window width and decreasing the redundancy of synchronization signals. Finally, we propose chaos-based public-key cryptography algorithms which can be used to encrypt synchronization signals and guarantee their security across the public channel.

chaos

hyperchaos

chaotic attractor

chaos synchronization

network synchronization

secure communication

chaos communication

Electrical and Computer Engineering