• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 8
  • 4
  • 3
  • 2
  • Tagged with
  • 18
  • 18
  • 10
  • 9
  • 8
  • 6
  • 6
  • 5
  • 4
  • 4
  • 4
  • 4
  • 4
  • 4
  • 4
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Using Ballistocardiography to Perform Key Distribution in Wearable IoT Networks

Witt, Alexander W 20 May 2017 (has links)
A WIoT is a wireless network of low-power sensing nodes placed on the human body. While operating, these networks routinely collect physiological signals to send to offsite medical professionals for review. In this manner, these networks support a concept known as pervasive healthcare in which patients can be continuously monitored and treated remotely. Given that these networks are used to guide medical treatment and depend on transmitting sensitive data, it is important to ensure that the communication channel remains secure. Symmetric pairwise cryptography is a traditional scheme that can be used to provide such security. The scheme functions by sharing a cryptographic key between a pair of sensors. Once shared, the key can then be used by both parties to encrypt and decrypt all future messages. To configure a WIoT to support the use of symmetric pairwise cryptography a key distribution protocol is required. Schemes for pre-deployment are often used to perform this distribution. These schemes usually require inserting key information into WIoT devices before they can be used in the network. Unfortunately, this need to manually configure WIoT devices can decrease their usability. In this thesis we propose and evaluate an alternative approach to key distribution that uses physiological signals derived from accelerometer and gyroscope sensors. The evaluation of our approach indicates that more study is required to determine techniques that will enable ballistocardiography-derived physiological signals to provide secure key distribution.
2

Analýza šifrovacích metod pro klonování disků / Analysis of Encipherement Methods for Disk Cloning

Chromečka, Jiří January 2016 (has links)
The presented text deals with designing of a multilingual application and its following implementation in the C++ language. The application encrypts disk volumes with Microsoft Windows system using symmetric cryptography and password authentication, where the password security strength is verified. Securing the sensitive data is one of the important security goals in area of information technology. The symmetric cryptography uses the same key for both the encryption and the decryption and due to its speed it is suitable for the data storage encryption. For the higher security it is possible to encrypt a whole disk volume with sensitive data.
3

Analyse de primitives symétriques / Analysis of symmetric primitives

Karpman, Pierre 18 November 2016 (has links)
Cette thèse a pour objet d'étude les algorithmes de chiffrement par blocet les fonctions de hachage cryptograpiques, qui sont deux primitives essentielles de la cryptographie dite «symétrique».Dans une première partie, nous étudions des éléments utiles pour la conception de chiffres par bloc: tout d'abord des matrices de diffusion de grande dimension issues de codes correcteurs géométriques, puis une boîte de substitution offrant une bonne diffusion. Dans le second cas, nous montrons aussi comment utiliser cet élément pour construire un chiffre compact et efficace sur petits processeurs.Dans une seconde partie, nous nous intéressons à des attaques en collision à initialisation libre sur la fonction de hachage SHA-1. Nous montrons comment les attaques classiques sur cette fonction peuvent être rendues plus efficaces en exploitant la liberté supplémentaire offerte par ce modèle. Ceci nous permet en particulier de calculer explicitement des collisions pour la fonction de compression de SHA-1 non réduite. / This thesis is about block ciphers and cryptographic hash functions, which are two essential primitives of symmetric-key cryptography. In the first part of this manuscript, we study useful building blocks for block cipher design. We first consider large diffusion matrices builtfrom algebraic-geometry codes, and then construct a small S-box with good diffusion. In the second case, we show how the S-box can be used to define a compact and efficient block cipher targetting small processors. In the second part, we focus on the SHA-1 hash function, for which we develop a free start collision attack. We show how classical collision attacks can be made more efficient by exploiting the additional freedom provided by the model. This allows us in particular to compute explicit collisions for the full compression function of SHA-1.
4

Cryptanalyse des algorithmes de chiffrement symétrique / Cryptanalysis of symmetric encryption algorithms

Chaigneau, Colin 28 November 2018 (has links)
La sécurité des transmissions et du stockage des données est devenue un enjeu majeur de ces dernières années et la cryptologie, qui traite de la protection algorithmique de l'information, est un sujet de recherche extrêmement actif. Elle englobe la conception d'algorithmes cryptographiques, appelée cryptographie, et l'analyse de leur sécurité, appelée cryptanalyse.Dans cette thèse, nous nous concentrons uniquement sur la cryptanalyse, et en particulier celle des algorithmes de chiffrement symétrique, qui reposent sur le partage d'un même secret entre l'entité qui chiffre l'information et celle qui la déchiffre. Dans ce manuscrit, trois attaques contre des algorithmes de chiffrement symétriques sont présentées. Les deux premières portent sur deux candidats de l'actuelle compétition cryptographique CAESAR, les algorithmes AEZ et NORX, tandis que la dernière porte sur l'algorithme Kravatte, une instance de la construction Farfalle qui utilise la permutation de la fonction de hachage décrite dans le standard SHA-3. Les trois algorithmes étudiés présentent une stratégie de conception similaire, qui consiste à intégrer dans une construction nouvelle une primitive, i.e. une fonction cryptographique élémentaire, déjà existante ou directement inspirée de travaux précédents.La compétition CAESAR, qui a débuté en 2015, a pour but de définir un portefeuille d'algorithmes recommandés pour le chiffrement authentifié. Les deux candidats étudiés, AEZ et NORX, sont deux algorithmes qui ont atteint le troisième tour de cette compétition. Les deux attaques présentées ici ont contribué à l'effort de cryptanalyse nécessaire dans une telle compétition. Cet effort n'a, en l'occurrence, pas permis d'établir une confiance suffisante pour justifier la présence des algorithmes AEZ et NORX parmi les finalistes.AEZ est une construction reposant sur la primitive AES, dont l'un des principaux objectifs est d'offrir une résistance optimale à des scénarios d'attaque plus permissifs que ceux généralement considérés pour les algorithmes de chiffrement authentifié. Nous montrons ici que dans de tels scénarios il est possible, avec une probabilité anormalement élevée, de retrouver l'ensemble des secrets utilisés dans l'algorithme.NORX est un algorithme de chiffrement authentifié qui repose sur une variante de la construction dite en éponge employée par exemple dans la fonction de hachage Keccak. Sa permutation interne est inspirée de celles utilisées dans BLAKE et ChaCha. Nous montrons qu'il est possible d'exploiter une propriété structurelle de cette permutation afin de récupérer la clé secrète utilisée. Pour cela, nous tirons parti du choix des concepteurs de réduire les marges de sécurité dans le dimensionnement de la construction en éponge.Enfin, la dernière cryptanalyse remet en cause la robustesse de l'algorithme Kravatte, une fonction pseudo-aléatoire qui autorise des entrées et sorties de taille variable. Dérivée de la permutation Keccak-p de SHA-3 au moyen de la construction Farfalle, Kravatte est efficace et parallélisable. Ici, nous exploitons le faible degré algébrique de la permutation interne pour mettre au jour trois attaques par recouvrement de clé : une attaque différentielle d'ordre supérieur, une attaque algébrique "par le milieu" et une attaque inspirée de la cryptanalyse de certains algorithmes de chiffrement à flot. / Nowadays, cryptology is heavily used to protect stored and transmitted data against malicious attacks, by means of security algorithms. Cryptology comprises cryptography, the design of these algorithms, and cryptanalysis, the analysis of their security.In this thesis, we focus on the cryptanalysis of symmetric encryption algorithms, that is cryptographic algorithms that rely on a secret value shared beforehand between two parties to ensure both encryption and decryption. We present three attacks against symmetric encryption algorithms. The first two cryptanalyses target two high profile candidates of the CAESAR cryptographic competition, the AEZ and NORX algorithms, while the last one targets the Kravatte algorithm, an instance of the Farfalle construction based on the Keccak permutation. Farfalle is multipurpose a pseudo-random function (PRF) developed by the same designers' team as the permutation Keccak used in the SHA-3 hash function.The CAESAR competition, that began in 2015, aims at selecting a portfolio of algorithms recommended for authenticated encryption. The two candidates analysed, AEZ and NORX, reached the third round of the CAESAR competition but were not selected to be part of the finalists. These two results contributed to the cryptanalysis effort required in such a competition. This effort did not establish enough confidence to justify that AEZ and NORX accede to the final round of the competition.AEZ is a construction based on the AES primitive, that aims at offering an optimal resistance against more permissive attack scenarios than those usually considered for authenticated encryption algorithms. We show here that one can recover all the secret material used in AEZ with an abnormal success probability.NORX is an authenticated encryption algorithm based on a variant of the so-called sponge construction used for instance in the SHA-3 hash function. The internal permutation is inspired from the one of BLAKE and ChaCha. We show that one can leverage a strong structural property of this permutation to recover the secret key, thanks to the designers' non-conservative choice of reducing the security margin in the sponge construction.Finally, the last cryptanalysis reconsiders the robustness of the Kravatte algorithm. Kravatte is an efficient and parallelizable PRF with input and output of variable length. In this analysis, we exploit the low algebraic degree of the permutation Keccak used in Kravatte to mount three key-recovery attacks targeting different parts of the construction: a higher order differential attack, an algebraic meet-in-the-middle attack and an attack based on a linear recurrence distinguisher.
5

Algoritmos criptográficos para redes de sensores. / Cryptographic algorithms for sensor networks.

Simplicio Junior, Marcos Antonio 03 April 2008 (has links)
É crescente a necessidade de prover segurança às informações trocadas nos mais diversos tipos de redes. No entanto, redes amplamente dependentes de dispositivos com recursos limitados (como sensores, tokens e smart cards) apresentam um desafio importante: a reduzida disponibilidade de memória, capacidade de processamento e (principalmente) energia dos mesmos dificulta a utilização de alguns dos principais algoritmos criptográficos considerados seguros atualmente. É neste contexto que se insere o presente documento, que não apenas apresenta uma pesquisa envolvendo projeto e análise de algoritmos criptográficos, mas também descreve um novo algoritmo simétrico denominado CURUPIRA. Esta cifra de bloco baseia-se na metodologia conhecida como Estratégia de Trilha Larga e foi projetada especialmente para ambientes onde existe escassez de recursos. O CURUPIRA possui estrutura involutiva, o que significa que os processos de encriptação e decriptação diferem apenas na seqüência da geração de chaves, dispensando a necessidade de algoritmos distintos para cada uma destas operações. Além disto, são propostas duas formas diferentes para seu algoritmo de geração de chaves, cada qual mais focada em segurança ou em desempenho. Entretanto, ambas as formas caracterizam-se pela possibilidade de computação das sub-chaves de round no momento de sua utilização, em qualquer ordem, garantindo uma operação com reduzido uso de memória RAM. / The need for security is a great concern in any modern network. However, networks that are highly dependent of constrained devices (such as sensors, tokens and smart cards) impose a difficult challenge: their reduced availability of memory, processing power and (more importantly) energy hinders the deployment of many important cryptographic algorithms known to be secure. In this context, this document not only presents the research involving the design and analysis of cryptographic algorithms, but also proposes a new symmetric block cipher named CURUPIRA. The CURUPIRA follows the methodology known as theWide Trail Strategy and was specially developed having constrained platforms in mind. It displays an involutional structure, which means that the encryption and decryption processes differ only in the key schedule and, thus, there is no need to implement them separately. Also, two distinct scheduling algorithms are proposed, whose main focus are either on tight security or improved performance. In spite of this difference, both of them allow the keys to be computed on-the-fly, in any desired order, assuring a reduced consumption of RAM memory during their operation.
6

Algoritmos criptográficos para redes de sensores. / Cryptographic algorithms for sensor networks.

Marcos Antonio Simplicio Junior 03 April 2008 (has links)
É crescente a necessidade de prover segurança às informações trocadas nos mais diversos tipos de redes. No entanto, redes amplamente dependentes de dispositivos com recursos limitados (como sensores, tokens e smart cards) apresentam um desafio importante: a reduzida disponibilidade de memória, capacidade de processamento e (principalmente) energia dos mesmos dificulta a utilização de alguns dos principais algoritmos criptográficos considerados seguros atualmente. É neste contexto que se insere o presente documento, que não apenas apresenta uma pesquisa envolvendo projeto e análise de algoritmos criptográficos, mas também descreve um novo algoritmo simétrico denominado CURUPIRA. Esta cifra de bloco baseia-se na metodologia conhecida como Estratégia de Trilha Larga e foi projetada especialmente para ambientes onde existe escassez de recursos. O CURUPIRA possui estrutura involutiva, o que significa que os processos de encriptação e decriptação diferem apenas na seqüência da geração de chaves, dispensando a necessidade de algoritmos distintos para cada uma destas operações. Além disto, são propostas duas formas diferentes para seu algoritmo de geração de chaves, cada qual mais focada em segurança ou em desempenho. Entretanto, ambas as formas caracterizam-se pela possibilidade de computação das sub-chaves de round no momento de sua utilização, em qualquer ordem, garantindo uma operação com reduzido uso de memória RAM. / The need for security is a great concern in any modern network. However, networks that are highly dependent of constrained devices (such as sensors, tokens and smart cards) impose a difficult challenge: their reduced availability of memory, processing power and (more importantly) energy hinders the deployment of many important cryptographic algorithms known to be secure. In this context, this document not only presents the research involving the design and analysis of cryptographic algorithms, but also proposes a new symmetric block cipher named CURUPIRA. The CURUPIRA follows the methodology known as theWide Trail Strategy and was specially developed having constrained platforms in mind. It displays an involutional structure, which means that the encryption and decryption processes differ only in the key schedule and, thus, there is no need to implement them separately. Also, two distinct scheduling algorithms are proposed, whose main focus are either on tight security or improved performance. In spite of this difference, both of them allow the keys to be computed on-the-fly, in any desired order, assuring a reduced consumption of RAM memory during their operation.
7

Arquitetura de segurança fim-a-fim para redes de sensores sem fio. / End-to-end security architecture for wireless sensor networks.

Oliveira, Bruno Trevizan de 03 August 2012 (has links)
Diversas aplicações de redes de sensores sem fio necessitam de serviços de segurança, como confidencialidade, integridade e autenticação de origem de dados. Contudo, dadas as limitações de processamento, memória e suprimento de energia dos dispositivos, os mecanismos de segurança tradicionais podem causar efeitos indesejáveis na rede, como atraso na comunicação e aumento no consumo de energia, impondo obstáculos para seu uso na tecnologia em questão. Muitas propostas de esquemas de segurança baseados em criptografia simétrica projetados especificamente para redes de sensores sem fio são encontradas na literatura. Contudo, essas soluções são focadas na segurança salto-a-salto. Tal abordagem é adequada para garantir a segurança dos enlaces deste tipo de rede, mas não garante a segurança na comunicação fim-a-fim. Neste trabalho são apresentados cenários e desafios de implementação de segurança neste tipo de rede, e a concepção, o projeto e a implementação de uma arquitetura de segurança para redes de sensores sem fio, que tem como objetivos: prover segurança na comunicação fim-a-fim; permitir a interoperabilidade entre diferentes sistemas; e possibilitar uma maior flexibilidade em relação à utilização de chaves criptográficas em diferentes cenários e topologias. Adicionalmente, a solução proposta suporta ativação e desativação de seus serviços em tempo de execução. O projeto da referida arquitetura, atuante na camada de aplicação da pilha de protocolos de rede, foi construído com base na análise das características de arquiteturas encontradas na literatura, bem como de estratégias adotadas por estas. Para a construção da implementação foram selecionados mecanismos e algoritmos criptográficos a partir da avaliação de desempenho que considerou assimétricas de uso de memória, tempo de execução e consumo de energia. Como resultados são apresentados a especificação da arquitetura, a avaliação qualitativa da mesma e a avaliação de desempenho da implementação desenvolvida como prova de conceito. Além disso, é apresentada uma análise do impacto de diferentes topologias e características de disposição na tarefa de distribuição de chaves criptográficas em redes de sensores sem fio. / Many wireless sensor networks applications need security services, such as confidentiality, data integrity and data source authentication. On the other hand, because of device limitations, security mechanisms may affect the network energy consumption and communication delay, which impose a great challenge for practical implementation of security mechanisms in such scenario. Many solutions based on symmetric cryptography were proposed for the specific challenges of wireless sensor networks. Nevertheless, they are focused on hop-by-hop security. Such approach is suited to provide link-layer security, but it cannot guarantee end-to-end security. This work presents scenarios and challenges to implement security in wireless sensor networks, and the conception, design and implementation of a security architecture, which aims to provide: security in end-to-end communication; interoperability between different systems, and enable greater flexibility in cryptographic keys distribution in different scenarios and topologies. Additionally, the proposed solution supports on-the-y adjustment of its security services. The architecture design, which targets the application layer of the network protocol stack, was based on the main properties of the architectures found in literature as well as adopted strategies. For the implementation, mechanisms and cryptographic algorithms were selected through the performance evaluation that considers memory usage, execution time and power consumption as metrics. The results were the architecture specification and its qualitative analysis, and the performance evaluation of the implementation developed as proof of concept. Furthermore, we present an analysis of topology and deployment impact on key distribution task.
8

Arquitetura de segurança fim-a-fim para redes de sensores sem fio. / End-to-end security architecture for wireless sensor networks.

Bruno Trevizan de Oliveira 03 August 2012 (has links)
Diversas aplicações de redes de sensores sem fio necessitam de serviços de segurança, como confidencialidade, integridade e autenticação de origem de dados. Contudo, dadas as limitações de processamento, memória e suprimento de energia dos dispositivos, os mecanismos de segurança tradicionais podem causar efeitos indesejáveis na rede, como atraso na comunicação e aumento no consumo de energia, impondo obstáculos para seu uso na tecnologia em questão. Muitas propostas de esquemas de segurança baseados em criptografia simétrica projetados especificamente para redes de sensores sem fio são encontradas na literatura. Contudo, essas soluções são focadas na segurança salto-a-salto. Tal abordagem é adequada para garantir a segurança dos enlaces deste tipo de rede, mas não garante a segurança na comunicação fim-a-fim. Neste trabalho são apresentados cenários e desafios de implementação de segurança neste tipo de rede, e a concepção, o projeto e a implementação de uma arquitetura de segurança para redes de sensores sem fio, que tem como objetivos: prover segurança na comunicação fim-a-fim; permitir a interoperabilidade entre diferentes sistemas; e possibilitar uma maior flexibilidade em relação à utilização de chaves criptográficas em diferentes cenários e topologias. Adicionalmente, a solução proposta suporta ativação e desativação de seus serviços em tempo de execução. O projeto da referida arquitetura, atuante na camada de aplicação da pilha de protocolos de rede, foi construído com base na análise das características de arquiteturas encontradas na literatura, bem como de estratégias adotadas por estas. Para a construção da implementação foram selecionados mecanismos e algoritmos criptográficos a partir da avaliação de desempenho que considerou assimétricas de uso de memória, tempo de execução e consumo de energia. Como resultados são apresentados a especificação da arquitetura, a avaliação qualitativa da mesma e a avaliação de desempenho da implementação desenvolvida como prova de conceito. Além disso, é apresentada uma análise do impacto de diferentes topologias e características de disposição na tarefa de distribuição de chaves criptográficas em redes de sensores sem fio. / Many wireless sensor networks applications need security services, such as confidentiality, data integrity and data source authentication. On the other hand, because of device limitations, security mechanisms may affect the network energy consumption and communication delay, which impose a great challenge for practical implementation of security mechanisms in such scenario. Many solutions based on symmetric cryptography were proposed for the specific challenges of wireless sensor networks. Nevertheless, they are focused on hop-by-hop security. Such approach is suited to provide link-layer security, but it cannot guarantee end-to-end security. This work presents scenarios and challenges to implement security in wireless sensor networks, and the conception, design and implementation of a security architecture, which aims to provide: security in end-to-end communication; interoperability between different systems, and enable greater flexibility in cryptographic keys distribution in different scenarios and topologies. Additionally, the proposed solution supports on-the-y adjustment of its security services. The architecture design, which targets the application layer of the network protocol stack, was based on the main properties of the architectures found in literature as well as adopted strategies. For the implementation, mechanisms and cryptographic algorithms were selected through the performance evaluation that considers memory usage, execution time and power consumption as metrics. The results were the architecture specification and its qualitative analysis, and the performance evaluation of the implementation developed as proof of concept. Furthermore, we present an analysis of topology and deployment impact on key distribution task.
9

Design et Analyse de sécurité pour les constructions en cryptographie symétrique / Design and Security Analysis for constructions in symmetric cryptography

Thomas, Gael 02 June 2015 (has links)
Les travaux réalisés au cours de cette thèse se situent au carrefour de la cryptographie symétrique et du monde des environnements contraints. Le but de cette cryptographie, dite cryptographie à bas coût, est de fournir et d'évaluer des algorithmes symétriques pouvant être implémentés sur des systèmes très limités en ressources. Les contributions de cette thèse portent d'une part sur l'évaluation de la sécurité des registres à décalage à rétroaction avec retenue (FCSR) face à de nouvelles attaques et d'autre part sur une vision unifiée des différents schémas de Feistel généralisés (GFN) qui permet de mieux cerner leurs propriétés cryptographiques. Ces études ont donné lieu à deux nouveaux algorithmes à bas coût~; d'une part GLUON une fonction de hachage à base de FCSR et d'autre part le chiffrement LILLIPUT basé sur une famille étendant plus avant la notion de GFN. Enfin, une méthode générique permettant de réaliser des attaques différentielles en fautes sur des GFN est esquissée. / The work done during this Ph.D. lies at the crossroads of symmetric cryptography and constraints environments. The goal of such cryptography, called lightweight cryptography, is to propose and evaluate symmetric algorithms that can be implemented on very ressource limited devices. The contributions of this thesis are first on the security evaluations of feedback with carry shift registers (FCSR) to some new attacks and second on a unified vision of generalized Feistel networks (GFNs) that allows to better understand their cryptographic properties. These studies gave rise to two new lightweight algorithms: first GLUON a hash function based upon FCSRs and second the cipher LILLIPUT based on a family further extanding the notion of generalized Feistel network. Finally, a generic method for carrying out a differential fault attack on GFNs is outlined.
10

Codes additifs et matrices MDS pour la cryptographie / Additive codes and MDS matrices for the cryptographic applications

El Amrani, Nora 24 February 2016 (has links)
Cette thèse porte sur les liens entre les codes correcteurs d'erreurs et les matrices de diffusion linéaires utilisées en cryptographie symétrique. L'objectif est d'étudier les constructions possibles de codes MDS additifs définis sur le groupe (Fm2, +) des m-uplets binaires et de minimiser le coût de l'implémentation matérielle ou logicielles de ces matrices de diffusion. Cette thèse commence par l'étude des codes définis sur un anneau de polynômes du type F[x]/f(x), qui généralisent les codes quasi-cycliques. Elle se poursuit par l'étude des codes additifs systématiques définis sur (Fm2, +) et leur lien avec la diffusion linéaire en cryptographie symétrique. Un point important de la thèse est l'introduction de codes à coefficient dans l'anneau des endomorphismes de Fm2. Le lien entre les codes qui sont des sous-modules à gauche et les codes additifs est mis en évidence. La dernière partie porte sur l'étude et la construction de matrices de diffusion MDS ayant de bonnes propriétés pour la cryptographie, à savoir les matrices circulantes, les matrices dyadiques, ainsi que les matrices ayant des représentations creuses minimisant leur implémentation. / This PhD focuses on the links between error correcting codes and diffusion matrices used in cryptography symmetric. The goal is to study the possible construction of additives MDS codes defined over the group (Fm2, +) of binary m-tuples and minimize cost of hardware or software implementation of these diffusion matrices. This thesis begins with the study of codes defined over the polynomial ring F[x]/f(x), these codes are a generalization of quasi-cyclic codes, and continues with the study of additive systematic codes over (Fm2, +) and there relation with linear diffusion on symmetric cryptography. An important point of this thesis is the introduction of codes with coefficients in the ring of endomorphisms of Fm2. The link between codes which are a left-submodules and additive codes have been identified. The last part focuses on the study and construction of efficient diffusion MDS matrices for the cryptographic applications, namely the circulantes matrices, dyadic matrices, and matrices with hollow representation, in ordre to minimize their implementations.

Page generated in 0.456 seconds