Cryptoraptor : high throughput reconfigurable cryptographic processor for symmetric key encryption and cryptographic hash functions

textIn cryptographic processor design, the selection of functional primitives and connection structures between these primitives are extremely crucial to maximize throughput and flexibility. Hence, detailed analysis on the specifications and requirements of existing crypto-systems plays a crucial role in cryptographic processor design. This thesis provides the most comprehensive literature review that we are aware of on the widest range of existing cryptographic algorithms, their specifications, requirements, and hardware structures. In the light of this analysis, it also describes a high performance, low power, and highly flexible cryptographic processor, Cryptoraptor, that is designed to support both today's and tomorrow's encryption standards. To the best of our knowledge, the proposed cryptographic processor supports the widest range of cryptographic algorithms compared to other solutions in the literature and is the only crypto-specific processor targeting the future standards as well. Unlike previous work, we aim for maximum throughput for all known encryption standards, and to support future standards as well. Our 1GHz design achieves a peak throughput of 128Gbps for AES-128 which is competitive with ASIC designs and has 25X and 160X higher throughput per area than CPU and GPU solutions, respectively.Electrical and Computer Engineerin

An Overview of Cryptography (Updated Version, 3 March 2016)

There are many aspects to security and many applications, ranging from secure commerce and payments to private communications and protecting passwords. One essential aspect for secure communications is that of cryptography...While cryptography is necessary for secure communications, it is not by itself sufficient. This paper describes the first of many steps necessary for better security in any number of situations. A much shorter, edited version of this paper appears in the 1999 edition of Handbook on Local Area Networks published by Auerbach in September 1998

Construction and Use Examples of Private Electronic Notary Service in Educational Institutions

People have many documents. For example, a variety of documents are prepared and used in public institutions. As the internet becomes widely available in recent years, paper documents are being replaced with electronic data, which are often distributed in the form of electronic data without being printed out. Similarly, in educational institutions, increasing number of documents are distributed in the form of electronic data. Such data are distributed through various routes and means, and prone to the risk of alteration in the process. Data may be protected against alteration, but it is difficult to completely prevent data alteration in the distribution process. Data can be generated with electronic signature that allows for the identification of data creator and possible alterations by third parties. This method is, however, not valid if the data becomes separated from the electronic signature, making the validation of data creator or data alterations difficult or impossible. In this paper, we describe the invention of a system that, even in cases where data is separated form the electronic signature, enables easy identification of possible data alterations by the electronic signature management. And we describe here an exploratory construction of private electronic notary service in university. We also add a review on the utilization method of private electronic notary service in universities

Construction and Use Examples of Private Electronic Notary Service in Educational Institutions

People have many documents. For example, a variety of documents are prepared and used in public institutions. As the internet becomes widely available in recent years, paper documents are being replaced with electronic data, which are often distributed in the form of electronic data without being printed out. Similarly, in educational institutions, increasing number of documents are distributed in the form of electronic data. Such data are distributed through various routes and means, and prone to the risk of alteration in the process. Data may be protected against alteration, but it is difficult to completely prevent data alteration in the distribution process. Data can be generated with electronic signature that allows for the identification of data creator and possible alterations by third parties. This method is, however, not valid if the data becomes separated from the electronic signature, making the validation of data creator or data alterations difficult or impossible. In this paper, we describe the invention of a system that, even in cases where data is separated form the electronic signature, enables easy identification of possible data alterations by the electronic signature management. And we describe here an exploratory construction of private electronic notary service in university. We also add a review on the utilization method of private electronic notary service in universities

SHA-2 Acceleration Meeting the Needs of Emerging Applications: A Comparative Survey

n/

An FPGA architecture for the recovery of WPA/WPA2 keys

Wi-Fi protected access (WPA) has provided serious improvements over the now deprecated wired equivalent privacy protocol (WEP). WPA, however, still has some flaws that allow an attacker to obtain the passphrase. One of these flaws is exposed when the access point (AP) is operating in the WPA personal mode. This is the most common mode as it is the quickest and easiest to configure. It requires the attacker to capture the traffic from four-way handshake between the AP and client, and then provide enough compute time to reverse the passphrase. Attackers quickly noticed that by investing the compute time in advance, and storing their work, they could decrease the time-to-crack for an AP. This caused attackers to start compiling large lookup tables based on dictionaries of common passwords and common SSIDs. The attackers are required to compile a separate lookup table for each SSID, making this style of attack most feasible against APs with a common SSID and password. The work in this thesis will focus on creating an FPGA based architecture to accelerate the generation of the lookup table, given a dictionary of possible Pre-shared Keys and an SSID. The application of this work would be most useful for attacking one-off SSID\u27s. This is because most common SSID\u27s already have a generated lookup table that can be downloaded much faster than it could be generated, so this regeneration would be wasteful. The application will also provide a manner to check for a valid Pairwise Master Key during the table generation phase

Telemedicine patient identification with RFID; an embedded approach

Radio Frequency Identification (RFID) has potential for application in the new field of telemedicine, as the use of radio waves offers advantages over traditional optical technology such as bar codes. Radio waves are not limited by line of sight, they can penetrate objects and communicate in a wireless fashion. However, the same advantage is also the inherent weakness, as radio waves are susceptible to attack. Ongoing efforts have identified forward secure chain hashing as a viable security protocol for RFID authentication. Today\u27s typical RFID communications take place with the host-reader-tag arrangement where the computational requirements are performed by a back end server system which holds all the intelligence and houses all records for an entire facility. One server can easily utilize multiple readers, but a compromise of this single system could have serious ramifications. Why not make a smaller system that is more robust and tolerant of intrusion. This can be achieved by implementing a stand alone reader that relies only on itself. We propose a server-less system that can accomplish the same results. Because our enhanced reader does not require a server to perform its function, if any readers are breached it only impacts that specific reader, not the entire server. By eliminating the resource heavy server device, we can yield a more robust overall system. We have selected a forward secure protocol to implement on an embedded platform that will be able to authenticate a tag without the resources of a back end server