15 research outputs found

    EFFICIENT AND SCALABLE NETWORK SECURITY PROTOCOLS BASED ON LFSR SEQUENCES

    Get PDF
    The gap between abstract, mathematics-oriented research in cryptography and the engineering approach of designing practical, network security protocols is widening. Network researchers experiment with well-known cryptographic protocols suitable for different network models. On the other hand, researchers inclined toward theory often design cryptographic schemes without considering the practical network constraints. The goal of this dissertation is to address problems in these two challenging areas: building bridges between practical network security protocols and theoretical cryptography. This dissertation presents techniques for building performance sensitive security protocols, using primitives from linear feedback register sequences (LFSR) sequences, for a variety of challenging networking applications. The significant contributions of this thesis are: 1. A common problem faced by large-scale multicast applications, like real-time news feeds, is collecting authenticated feedback from the intended recipients. We design an efficient, scalable, and fault-tolerant technique for combining multiple signed acknowledgments into a single compact one and observe that most signatures (based on the discrete logarithm problem) used in previous protocols do not result in a scalable solution to the problem. 2. We propose a technique to authenticate on-demand source routing protocols in resource-constrained wireless mobile ad-hoc networks. We develop a single-round multisignature that requires no prior cooperation among nodes to construct the multisignature and supports authentication of cached routes. 3. We propose an efficient and scalable aggregate signature, tailored for applications like building efficient certificate chains, authenticating distributed and adaptive content management systems and securing path-vector routing protocols. 4. We observe that blind signatures could form critical building blocks of privacypreserving accountability systems, where an authority needs to vouch for the legitimacy of a message but the ownership of the message should be kept secret from the authority. We propose an efficient blind signature that can serve as a protocol building block for performance sensitive, accountability systems. All special forms digital signatures—aggregate, multi-, and blind signatures—proposed in this dissertation are the first to be constructed using LFSR sequences. Our detailed cost analysis shows that for a desired level of security, the proposed signatures outperformed existing protocols in computation cost, number of communication rounds and storage overhead

    Hash Families and Cover-Free Families with Cryptographic Applications

    Get PDF
    This thesis is focused on hash families and cover-free families and their application to problems in cryptography. We present new necessary conditions for generalized separating hash families, and provide new explicit constructions. We then consider three cryptographic applications of hash families and cover-free families. We provide a stronger de nition of anonymity in the context of shared symmetric key primitives and give a new scheme with improved anonymity properties. Second, we observe that nding the invalid signatures in a set of digital signatures that fails batch veri cation is a group testing problem, then apply and compare many group testing algorithms to solve this problem e ciently. In particular, we apply group testing algorithms based on cover-free families. Finally, we construct a one-time signature scheme based on cover-free families with short signatures

    Annual Report 2008 - Institute of Safety Research

    Get PDF

    Hybrid routing in delay tolerant networks

    Get PDF
    This work addresses the integration of today\\u27s infrastructure-based networks with infrastructure-less networks. The resulting Hybrid Routing System allows for communication over both network types and can help to overcome cost, communication, and overload problems. Mobility aspect resulting from infrastructure-less networks are analyzed and analytical models developed. For development and deployment of the Hybrid Routing System an overlay-based framework is presented

    Hybrid Routing in Delay Tolerant Networks

    Get PDF
    This work addresses the integration of today\u27s infrastructure-based networks with infrastructure-less networks. The resulting Hybrid Routing System allows for communication over both network types and can help to overcome cost, communication, and overload problems. Mobility aspect resulting from infrastructure-less networks are analyzed and analytical models developed. For development and deployment of the Hybrid Routing System an overlay-based framework is presented

    Network support for multimedia applications using the Netlets architecture

    Get PDF
    Multi-party multimedia networking applications such as e-commerce, distributed data analysis, Internet TV and advanced collaborative environments feature stringent end-to-end Quality of Service (QoS) requirement and require globally distributed user groups to be interconnected. The variety of delivery requirements posed by such applications are best satisfied using highly customised networking protocols. Hence, a demand for networks to migrate from the current fixed service model to a more flexible architecture that accommodates a wide variety of networking services is emerging. New approaches are required in order to build such service oriented networks. Active networking is one such approach. Active networks treats the network as a programmable computation engine, which provides customised packet processing and forwarding operations for traffic flowing through network nodes. User applications can download new protocols into network elements at runtime, allowing rapid innovation of network services. This thesis makes the case for employing mobile agents to realise an active networking architecture, and describes such an architecture called the Netlets architecture. Netlets are autonomous, mobile components which persist and roam in the network independently, providing predefined network services. This thesis presents the design and implementation of the Netlet node and the service deployment m echanisms that are required to distribute Netlet services in the network. Using the Netlet toolkit, variety of network services were designed to provide network support for multimedia applications in the Internet. A service was implemented to enhance the working of the RSVP protocol in order to provide robust end-to-end QoS support even when the network is only partially QoS provisioned. A scalable and reliable multicast protocol was implemented using the unicast communication model that accommodate heterogeneous receiver terminals. Another service integrates client-side server selection support into web sessions established over the Internet. A service was also developed which provides QoS signalling support to legacy applications. It is shown that these Netlet services are of practical value using performance measurements to assess Netlet responsiveness. Netlet based solutions maybe deployed using existing technologies to provide support for a wide range of multimedia applications in the Internet. The Netlets architecture has thus been shown to allow value-added services to be added to existing networks. By optimising the Netlet architecture implementation, this may be extended to services operating on high-speed (1Gb/s and upwards) links. It thus shows promise as an architecture for building the next generation of active networking solutions

    May 1, 1999 (Pages 2253-2432)

    Get PDF

    Techniques for the Analysis of Modern Web Page Traffic using Anonymized TCP/IP Headers

    Get PDF
    Analysis of traces of network traffic is a methodology that has been widely adopted for studying the Web for several decades. However, due to recent privacy legislation and increasing adoption of traffic encryption, often only anonymized TCP/IP headers are accessible in traffic traces. For traffic traces to remain useful for analysis, techniques must be developed to glean insight using this limited header information. This dissertation evaluates approaches for classifying individual web page downloads — referred to as web page classification — when only anonymized TCP/IP headers are available. The context in which web page classification is defined and evaluated in this dissertation is different from prior traffic classification methods in three ways. First, the impact of diversity in client platforms (browsers, operating systems, device type, and vantage point) on network traffic is explicitly considered. Second, the challenge of overlapping traffic from multiple web pages is explicitly considered and demultiplexing approaches are evaluated (web page segmentation). And lastly, unlike prior work on traffic classification, four orthogonal labeling schemes are considered (genre-based, device-based, navigation-based, and video streaming-based) — these are of value in several web-related applications, including privacy analysis, user behavior modeling, traffic forecasting, and potentially behavioral ad-targeting. We conduct evaluations using large collections of both synthetically generated data, as well as browsing data from real users. Our analysis shows that the client platform choice has a statistically significant impact on web traffic. It also shows that change point detection methods, a new class of segmentation approach, outperform existing idle time-based methods. Overall, this work establishes that web page classification performance can be improved by: (i) incorporating client platform differences in the feature selection and training methodology, and (ii) utilizing better performing web page segmentation approaches. This research increases the overall awareness on the challenges associated with the analysis of modern web traffic. It shows and advocates for considering real-world factors, such as client platform diversity and overlapping traffic from multiple streams, when developing and evaluating traffic analysis techniques.Doctor of Philosoph

    Debates of the European Parliament. 1975-1976 Session

    Get PDF
    corecore