Public keys quality

Dissertação de mestrado em Matemática e ComputaçãoThe RSA cryptosystem, invented by Ron Rivest, Adi Shamir and Len Adleman ([Rivest et al., 1978]) is the most commonly used cryptosystem for providing privacy and ensuring authenticity of digital data. RSA is usually used in contexts where security of digital data is priority. RSA is used worldwide by web servers and browsers to secure web traffic, to ensure privacy and authenticity of e-mail, to secure remote login sessions and to provide secure electronic creditcard payment systems. Given its importance in the protection of digital data, vulnerabilities of RSA have been analysed by many researchers. The researches made so far led to a number of fascinating attacks. Although the attacks helped to improve the security of this cryptosystem, showing that securely implementing RSA is a nontrivial task, none of them was devastating. This master thesis discusses the RSA cryptosystem and some of its vulnerabilities as well as the description of some attacks, both recent and old, together with the description of the underlying mathematical tools they use. Although many types of attacks exist, in this master thesis only a few examples were analysed. The ultimate attack, based in the batch-GCD algorithm, was implemented and tested in the RSA keys produced by a certificated Hardware Security Modules Luna SA and the results were commented. The random and pseudorandom numbers are fundamental to many cryptographic applications, including the RSA cryptosystems. In fact, the produced keys must be generated in a specific random way. The National Institute of Standards and Technology, responsible entity for specifying safety standards, provides a package named "A Statistical Test Suit for Random and Pseudorandom Number Generators for Cryptography Applications" which was used in this work to test the randomness of the Luna SA generated numbers. All the statistical tests were tested in different bit sizes number and the results commented. The main purpose of this thesis is to study the previous subjects and create an applications capable to test the Luna SA generated numbers randomness, a well as evaluate the security of the RSA. This work was developed in partnership with University of Minho and Multicert.O RSA, criado por Ron Rivest, Adi Shamir e Len Adleman ([Rivest et al., 1978]) é o sistema criptográfico mais utilizado para providenciar segurança e assegurar a autenticação de dados utilizados no mundo digital. O RSA é usualmente usado em contextos onde a segurança é a grande prioridade. Hoje em dia, este sistema criptográfico é utilizado mundialmente por servidores web e por browsers, por forma a assegurar um tráfego seguro através da Internet. É o sistema criptográfico mais utilizado na autenticação de e-mails, nos inícios de sessões remotos, na utilização de pagamentos através de cartões multibanco, garantindo segurança na utilização destes serviços. Dada a importância que este sistema assume na proteção da informação digital, as suas vulnerabilidades têm sido alvo de várias investigações. Estas investigações resultaram em vários ataques ao RSA. Embora nenhum destes ataques seja efetivamente eficaz, todos contribuíram para um aumento da segurança do RSA, uma vez que as implementações de referência deste algoritmo passaram a precaver-se contra os ataques descobertos. Esta tese de mestrado aborda o sistema criptográfico RSA, discutindo algumas das suas vulnerabilidades, assim como alguns ataques efetuados a este sistema, estudando todos os métodos matemáticos por estes usados. Embora existam diversos ataques, apenas alguns serão abordados nesta tese de mestrado. O último ataque, baseado no algoritmo batch-GCD foi implementado e foram feitos testes em chaves RSA produzidas por um Hardware Security Module Luna SA certificado e os resultados obtidos foram discutidos. Os números aleatórios e pseudoaleatórios são fundamentais a todas as aplicações criptográficas, incluindo, portanto, o sistema criptográfico RSA. De facto, as chaves produzidas deverão ser geradas com alguma aleatoriedade intrínseca ao sistema. O Instituto Nacional de Standards e Tecnologia, entidade responsável pela especificação dos standards de segurança, disponibiliza um pacote de testes estatísticos, denominado por "A Statistical Test Suit for Random and Pseudorandom Number Generators for Cryptography Applications". Estes testes estatísticos foram aplicados a números gerados pelo Luna SA e os resultados foram, também, comentados. O objetivo desta tese de mestrado é desenvolver capacidade de compreensão sobre os assuntos descritos anteriormente e criar uma aplicação capaz de testar a aleatoriedade dos números gerados pelo Luna SA, assim como avaliar a segurança do sistema criptográfico RSA. Este foi um trabalho desenvolvido em parceria com a Universidade do Minho e com a Multicert

La structure de Jordan des matrices de transfert des modèles de boucles et la relation avec les hamiltoniens XXZ

Les modèles sur réseau comme ceux de la percolation, d’Ising et de Potts servent à décrire les transitions de phase en deux dimensions. La recherche de leur solution analytique passe par le calcul de la fonction de partition et la diagonalisation de matrices de transfert. Au point critique, ces modèles statistiques bidimensionnels sont invariants sous les transformations conformes et la construction de théories des champs conformes rationnelles, limites continues des modèles statistiques, permet un calcul de la fonction de partition au point critique. Plusieurs chercheurs pensent cependant que le paradigme des théories des champs conformes rationnelles peut être élargi pour inclure les modèles statistiques avec des matrices de transfert non diagonalisables. Ces modèles seraient alors décrits, dans la limite d’échelle, par des théories des champs logarithmiques et les représentations de l’algèbre de Virasoro intervenant dans la description des observables physiques seraient indécomposables. La matrice de transfert de boucles D_N(λ, u), un élément de l’algèbre de Temperley- Lieb, se manifeste dans les théories physiques à l’aide des représentations de connectivités ρ (link modules). L’espace vectoriel sur lequel agit cette représentation se décompose en secteurs étiquetés par un paramètre physique, le nombre d de défauts. L’action de cette représentation ne peut que diminuer ce nombre ou le laisser constant. La thèse est consacrée à l’identification de la structure de Jordan de D_N(λ, u) dans ces représentations. Le paramètre β = 2 cos λ = −(q + 1/q) fixe la théorie : β = 1 pour la percolation et √2 pour le modèle d’Ising, par exemple. Sur la géométrie du ruban, nous montrons que D_N(λ, u) possède les mêmes blocs de Jordan que F_N, son plus haut coefficient de Fourier. Nous étudions la non diagonalisabilité de F_N à l’aide des divergences de certaines composantes de ses vecteurs propres, qui apparaissent aux valeurs critiques de λ. Nous prouvons dans ρ(D_N(λ, u)) l’existence de cellules de Jordan intersectorielles, de rang 2 et couplant des secteurs d, d′ lorsque certaines contraintes sur λ, d, d′ et N sont satisfaites. Pour le modèle de polymères denses critique (β = 0) sur le ruban, les valeurs propres de ρ(D_N(λ, u)) étaient connues, mais les dégénérescences conjecturées. En construisant un isomorphisme entre les modules de connectivités et un sous-espace des modules de spins du modèle XXZ en q = i, nous prouvons cette conjecture. Nous montrons aussi que la restriction de l’hamiltonien de boucles à un secteur donné est diagonalisable et trouvons la forme de Jordan exacte de l’hamiltonien XX, non triviale pour N pair seulement. Enfin nous étudions la structure de Jordan de la matrice de transfert T_N(λ, ν) pour des conditions aux frontières périodiques. La matrice T_N(λ, ν) a des blocs de Jordan intrasectoriels et intersectoriels lorsque λ = πa/b, et a, b ∈ Z×. L’approche par F_N admet une généralisation qui permet de diagnostiquer des cellules intersectorielles dont le rang excède 2 dans certains cas et peut croître indéfiniment avec N. Pour les blocs de Jordan intrasectoriels, nous montrons que les représentations de connectivités sur le cylindre et celles du modèle XXZ sont isomorphes sauf pour certaines valeurs précises de q et du paramètre de torsion v. En utilisant le comportement de la transformation i_N^d dans un voisinage des valeurs critiques (q_c, v_c), nous construisons explicitement des vecteurs généralisés de Jordan de rang 2 et discutons l’existence de blocs de Jordan intrasectoriels de plus haut rang.Lattice models such as percolation, the Ising model and the Potts model are useful for the description of phase transitions in two dimensions. Finding analytical solutions is done by calculating the partition function, which in turn requires finding eigenvalues of transfer matrices. At the critical point, the two dimensional statistical models are invariant under conformal transformations and the construction of rational conformal field theories, as the continuum limit of these lattice models, allows one to compute the partition function at the critical point. Many researchers think however that the paradigm of rational conformal conformal field theories can be extended to include models with non diagonalizable transfer matrices. These models would then be described, in the scaling limit, by logarithmic conformal field theories and the representations of the Virasoro algebra coming into play would be indecomposable. We recall the construction of the double-row transfer matrix D_N(λ, u) of the Fortuin-Kasteleyn model, seen as an element of the Temperley-Lieb algebra. This transfer matrix comes into play in physical theories through its representation in link modules (or standard modules). The vector space on which this representation acts decomposes into sectors labelled by a physical parameter d, the number of defects, which remains constant or decreases in the link representations. This thesis is devoted to the identification of the Jordan structure of D_N(λ, u) in the link representations. The parameter β = 2 cos λ = −(q + 1/q) fixes the theory : for instance β = 1 for percolation and √2 for the Ising model. On the geometry of the strip with open boundary conditions, we show that D_N(λ, u) has the same Jordan blocks as its highest Fourier coefficient, F_N. We study the non-diagonalizability of F_N through the divergences of some of the eigenstates of ρ(F_N) that appear at the critical values of λ. The Jordan cells we find in ρ(D_N(λ, u)) have rank 2 and couple sectors d and d′ when specific constraints on λ, d, d′ and N are satisfied. For the model of critical dense polymers (β = 0) on the strip, the eigenvalues of ρ(D_N(λ, u)) were known, but their degeneracies only conjectured. By constructing an isomorphism between the link modules on the strip and a subspace of spin modules of the XXZ model at q = i, we prove this conjecture. We also show that the restriction of the Hamiltonian to any sector d is diagonalizable, and that the XX Hamiltonian has rank 2 Jordan cells when N is even. Finally, we study the Jordan structure of the transfer matrix T_N(λ, ν) for periodic boundary conditions. When λ = πa/b and a, b ∈ Z×, the matrix T_N(λ, ν) has Jordan blocks between sectors, but also within sectors. The approach using F_N admits a generalization to the present case and allows us to probe the Jordan cells that tie different sectors. The rank of these cells exceeds 2 in some cases and can grow indefinitely with N. For the Jordan blocks within a sector, we show that the link modules on the cylinder and the XXZ spin modules are isomorphic except for specific curves in the (q, v) plane. By using the behavior of the transformation i_N^d in a neighborhood of the critical values (q_c, v_c), we explicitly build Jordan partners of rank 2 and discuss the existence of Jordan cells with higher rank

Exploring symmetries in photoelectron holography with two-color linearly polarized fields

We investigate photoelectron holography in bichromatic linearly polarized fields of commensurate frequencies $r\omega$ and $s\omega$, with emphasis on the existing symmetries and for which values of the relative phase between the two driving waves they are kept or broken. Using group-theoretical methods, we show that, additionally to the well-known half-cycle symmetry, which is broken for $r+s$ odd, there are reflection symmetries around the field zero crossings and maxima, which may or may not be kept, depending on how both waves are dephased. The three symmetries are always present for monochromatic fields, while for bichromatic fields this is not guaranteed, even if $r+s$ is even and the half-cycle symmetry is retained. Breaking the half-cycle symmetry automatically breaks one of the other two, while, if the half-cycle symmetry is retained, the other two symmetries are either \textit{both} kept or broken. We analyze how these features affect the ionization times and saddle-point equations for different bichromatic fields. We also provide general expressions for the relative phases $\phi$ which retain specific symmetries. As an application, we compute photoelectron momentum distributions for $\omega-2\omega$ fields with the Coulomb Quantum Orbit Strong-Field approximation and assess how holographic structures such as the fan, the spider and interference carpets behave, focusing on the reflection symmetries. The features encountered can be traced back to the field gradient and amplitude affecting ionization probabilities and quantum interference in different momentum regions

Optics of polyhedra: from invisibility cloaks to curved spaces

Transformation optics is a new and highly active field of research, which employs the mathematics of differential geometry to design optical materials and devices with unusual properties.Probably the most exciting device proposed by transformation optics is the invisibility cloak. However, transformation optics can be employed in many other cases, for example when designing a setup mimicking a curved space-time phenomena in a lab. The purpose of this thesis is to establish a new concept of transformation optics: instead of designing complicated materials, we will design our devices using standard optical elements such as lenses or optical wedges. We will stretch the possibilities of geometrical optics by providing a novel description of imaging due to combinations of tilted lenses and the theory of invisibility with ideal thin lenses. This theory will be then applied to design novel transformation optics devices, namely the omnidirectional lens and a number of ideal lens invisibility cloaks. We also present a new approach of building optical systems that simulate light-field propagation in both 2D and 3D curved spaces. Instead of building the actual curved space, the light field is regarded to travel in the respective unfolded net, whose edges are optically identified, using the so-called space-cancelling wedges. By deriving a full analytical solution of the Schrodinger equation, we will also investigate a quantum motion in a number of two dimensional compact surfaces including the Klein bottle, Mobius strip and projective plane. We will show that the wavefunction exhibits perfect revivals on these surfaces and that quantum mechanics on many seemingly unphysical surfaces can be realised as simple diffraction experiments. Our work therefore offers a new concept of optical simulation of curved spaces, and potentially represents a new avenue for research of physics in curved spaces and simulating otherwise inaccessible phenomena in non-Euclidean geometries. We conclude with a summary of potential future projects which lead naturally from the results of this thesis

Finite Models of Splicing and Their Complexity

Durante las dos últimas décadas ha surgido una colaboración estrecha entre informáticos, bioquímicos y biólogos moleculares, que ha dado lugar a la investigación en un área conocida como la computación biomolecular. El trabajo en esta tesis pertenece a este área, y estudia un modelo de cómputo llamado sistema de empalme (splicing system). El empalme es el modelo formal del corte y de la recombinación de las moléculas de ADN bajo la influencia de las enzimas de la restricción.Esta tesis presenta el trabajo original en el campo de los sistemas de empalme, que, como ya indica el título, se puede dividir en dos partes. La primera parte introduce y estudia nuevos modelos finitos de empalme. La segunda investiga aspectos de complejidad (tanto computacional como descripcional) de los sistema de empalme. La principal contribución de la primera parte es que pone en duda la asunción general que una definición finita, más realista de sistemas de empalme es necesariamente débil desde un punto de vista computacional. Estudiamos varios modelos alternativos y demostramos que en muchos casos tienen más poder computacional. La segunda parte de la tesis explora otro territorio. El modelo de empalme se ha estudiado mucho respecto a su poder computacional, pero las consideraciones de complejidad no se han tratado apenas. Introducimos una noción de la complejidad temporal y espacial para los sistemas de empalme. Estas definiciones son utilizadas para definir y para caracterizar las clases de complejidad para los sistemas de empalme. Entre otros resultados, presentamos unas caracterizaciones exactas de las clases de empalme en términos de clases de máquina de Turing conocidas. Después, usando una nueva variante de sistemas de empalme, que acepta lenguajes en lugar de generarlos, demostramos que los sistemas de empalme se pueden usar para resolver problemas. Por último, definimos medidas de complejidad descriptional para los sistemas de empalme. Demostramos que en este respecto los sistemas de empalme finitos tienen buenas propiedades comparadosOver the last two decades, a tight collaboration has emerged between computer scientists, biochemists and molecular biologists, which has spurred research into an area known as DNAComputing (also biomolecular computing). The work in this thesis belongs to this field, and studies a computational model called splicing system. Splicing is the formal model of the cutting and recombination of DNA molecules under the influence of restriction enzymes.This thesis presents original work in the field of splicing systems, which, as the title already indicates, can be roughly divided into two parts: 'Finite models of splicing' on the onehand and 'their complexity' on the other. The main contribution of the first part is that it challenges the general assumption that a finite, more realistic definition of splicing is necessarily weal from a computational point of view. We propose and study various alternative models and show that in most cases they have more computational power, often reaching computational completeness. The second part explores other territory. Splicing research has been mainly focused on computational power, but complexity considerations have hardly been addressed. Here we introduce notions of time and space complexity for splicing systems. These definitions are used to characterize splicing complexity classes in terms of well known Turing machine classes. Then, using a new accepting variant of splicing systems, we show that they can also be used as problem solvers. Finally, we study descriptional complexity. We define measures of descriptional complexity for splicing systems and show that for representing regular languages they have good properties with respect to finite automata, especially in the accepting variant