One Time Password Scheme Via Secret Sharing Techniques

Many organizations today are seeking to improve security by implementing multi-factor authentication, i.e. authentication requiring more than one independent mechanism to prove one\u27s identity. One-time passwords in the form of hardware tokens in combination with conventional passwords have emerged as the predominant means in high security environments to satisfy the independent identification criteria for strong authentication. However, current popular public one-time passwords solutions such as HOTP, mOTP, TOTP, and S/Key depend on the computational complexity of breaking encryption or hash functions for security. This thesis will present an efficient and information-theoretically secure one-time password system called Shamir-OTP that is based upon secret sharing techniques

One Time Password Scheme Via Secret Sharing Techniques

Many organizations today are seeking to improve security by implementing multi-factor authentication, i.e. authentication requiring more than one independent mechanism to prove one\u27s identity. One-time passwords in the form of hardware tokens in combination with conventional passwords have emerged as the predominant means in high security environments to satisfy the independent identification criteria for strong authentication. However, current popular public one-time passwords solutions such as HOTP, mOTP, TOTP, and S/Key depend on the computational complexity of breaking encryption or hash functions for security. This thesis will present an efficient and information-theoretically secure one-time password system called Shamir-OTP that is based upon secret sharing techniques

Domestic politics in Israeli peace-making, 1988-1994.

Available from British Library Document Supply Centre-DSC:DXN048330 / BLDSC - British Library Document Supply CentreSIGLEGBUnited Kingdo

Image steganography applications for secure communication

To securely communicate information between parties or locations is not an easy task considering the possible attacks or unintentional changes that can occur during communication. Encryption is often used to protect secret information from unauthorised access. Encryption, however, is not inconspicuous and the observable exchange of encrypted information between two parties can provide a potential attacker with information on the sender and receiver(s). The presence of encrypted information can also entice a potential attacker to launch an attack on the secure communication. This dissertation investigates and discusses the use of image steganography, a technology for hiding information in other information, to facilitate secure communication. Secure communication is divided into three categories: self-communication, one-to-one communication and one-to-many communication, depending on the number of receivers. In this dissertation, applications that make use of image steganography are implemented for each of the secure communication categories. For self-communication, image steganography is used to hide one-time passwords (OTPs) in images that are stored on a mobile device. For one-to-one communication, a decryptor program that forms part of an encryption protocol is embedded in an image using image steganography and for one-to-many communication, a secret message is divided into pieces and different pieces are embedded in different images. The image steganography applications for each of the secure communication categories are discussed along with the advantages and disadvantages that the applications have over more conventional secure communication technologies. An additional image steganography application is proposed that determines whether information is modified during communication. CopyrightDissertation (MSc)--University of Pretoria, 2012.Computer Scienceunrestricte

Unified architecture of mobile ad hoc network security (MANS) system

In this dissertation, a unified architecture of Mobile Ad-hoc Network Security (MANS) system is proposed, under which IDS agent, authentication, recovery policy and other policies can be defined formally and explicitly, and are enforced by a uniform architecture. A new authentication model for high-value transactions in cluster-based MANET is also designed in MANS system. This model is motivated by previous works but try to use their beauties and avoid their shortcomings, by using threshold sharing of the certificate signing key within each cluster to distribute the certificate services, and using certificate chain and certificate repository to achieve better scalability, less overhead and better security performance. An Intrusion Detection System is installed in every node, which is responsible for colleting local data from its host node and neighbor nodes within its communication range, pro-processing raw data and periodically broadcasting to its neighborhood, classifying normal or abnormal based on pro-processed data from its host node and neighbor nodes. Security recovery policy in ad hoc networks is the procedure of making a global decision according to messages received from distributed IDS and restore to operational health the whole system if any user or host that conducts the inappropriate, incorrect, or anomalous activities that threaten the connectivity or reliability of the networks and the authenticity of the data traffic in the networks. Finally, quantitative risk assessment model is proposed to numerically evaluate MANS security

Towards a Theory of Symmetric Encryption

Motivée par le commerce et l'industrie, la recherche publique dans le domaine du chiffrement symétrique s'est considérablement développée depuis vingt cinq ans si bien qu'il est maintenant possible d'en faire le bilan. La recherche a tout d'abord progressé de manière empirique. De nombreux algorithmes de chiffrement fondés sur la notion de réseau de substitutions et de permutations ont été proposés, suivis d'attaques dédiées contre eux. Cela a permis de définir des stratégies générales: les méthodes d'attaques différentielles, linéaires et statistiques, et les méthodes génériques fondées sur la notion de boîte noire. En modélisant ces attaques on a trouvé en retour des règles utiles dans la conception d'algorithmes sûrs: la notion combinatoire de multipermutation pour les fonctions élémentaires, le contrôle de la diffusion par des critères géométriques de réseau de calcul, l'étude algébrique de la non-linéarité, ... Enfin, on montre que la sécurité face à un grand nombre de classes d'attaques classiques est assurée grâce à la notion de décorrélation par une preuve formelle. Ces principes sont à l'origine de deux algorithmes particuliers: la fonction CS-Cipher qui permet un chiffrement à haut débit et une sécurité heuristique, et le candidat DFC au processus de standardisation AES, prototype d'algorithme fondé sur la notion de décorrélation

MULTI-PHOTON TOLERANT QUANTUM KEY DISTRIBUTION PROTOCOLS FOR SECURED GLOBAL COMMUNICATION

This dissertation investigates the potential of multi-photon tolerant protocols for satellite-aided global quantum key distribution (QKD). Recent investigations like braided single-stage protocol and the implementation of the three-stage protocol in fiber have indicated that multi-photon tolerant protocols have wide-ranging capabilities for increasing the distance and speed of quantum-secure communication. This dissertation proposes satellite-based network multicasting and its operation that can profitably use multi-photon tolerant protocols for quantum-secure global communication. With a growingly interconnected world and an increasing need for security in communication, communication satellites at Lower Earth Orbits (LEO), Medium Earth Orbit (MEO) and Geostationary Earth Orbit (GEO) have a potential role in serving as a means to distribute secure keys for encryption among distant endpoints. This dissertation systematically evaluates such a role. The dissertation proposes a layered framework using satellites and fiber optic links that can form a composite system for carrying the information payload and distributing quantum-secure keys for encrypting information in transit. Quantum communications links are currently point-to-point. Considering the concept of global QKD network, there is need for multicast quantum links. Multi casting can be achieved in quantum networks by (a) using multiple wavelengths, or (b) using use specific set of bases. In efforts to develop a composite quantum secure global communication system; this dissertation also introduces the concept of multi-photon tolerant quantum threshold cryptography. The motivation for development of threshold cryptography is that a secret can be encrypted with multiple users and requires multiple users to decrypt. The quantum threshold cryptography is proposed by using idea of multiple bases. This can be considered as step forward towards multiparty quantum communication. This dissertation also proposed layered architecture for key distribution. Concisely, this dissertation proposes the techniques like multicasting in quantum scenario, quantum threshold cryptography to achieve the goal of secured global communication

Issues in electronic payment systems: a new off-line transferable e-coin scheme and a new off-line e-check scheme.

by Wong Ha Yin.Thesis (M.Phil.)--Chinese University of Hong Kong, 2001.Includes bibliographical references (leaves 71-74).Abstracts in English and Chinese.Chapter Chapter 1 --- Introduction --- p.1Chapter 1.1 --- Traditional Payment Systems --- p.1Chapter 1.2 --- Electronic Payment System --- p.2Chapter 1.3 --- Thesis Organization --- p.4Chapter Chapter 2 --- Cryptographic Techniques --- p.5Chapter 2.1 --- Encryption and Decryption --- p.5Chapter 2.1.1 --- Symmetric Encryption --- p.6Chapter 2.1.2 --- Asymmetric or Public-Key Encryption --- p.6Chapter 2.2 --- RSA --- p.7Chapter 2.3 --- Blind Signatures --- p.8Chapter 2.4 --- General Computation Protocols --- p.8Chapter 2.5 --- Cut-and-Choose Method --- p.9Chapter 2.6 --- Hash Functions --- p.9Chapter 2.7 --- Secret Sharing --- p.10Chapter 2.8 --- Zero-Knowledge Proofs --- p.11Chapter 2.9 --- Timestamps --- p.12Chapter Chapter 3 --- Overview of Electronic Payment Systems --- p.13Chapter 3.1 --- Life Cycle --- p.13Chapter 3.2 --- Six Basic Requirements --- p.15Chapter 3.3 --- Efficiency --- p.16Chapter 3.4 --- History --- p.17Chapter Chapter 4 --- Ferguson's Single-term Off-Line Coins --- p.19Chapter 4.1 --- Basic Assumption and Tools --- p.19Chapter 4.1.1 --- Secure Hash Function --- p.19Chapter 4.1.2 --- Polynomial Secret Sharing Scheme --- p.20Chapter 4.1.3 --- Randomized Blind Signature --- p.21Chapter 4.2 --- The Basic Signal-term Cash System --- p.23Chapter 4.2.1 --- The Withdrawal Protocol --- p.24Chapter 4.2.2 --- The Payment Protocol --- p.26Chapter 4.2.3 --- The Deposit Protocol --- p.27Chapter Chapter 5 --- Cash with Different Denominations --- p.28Chapter 5.1 --- Denomination Bundling --- p.28Chapter 5.2 --- Coin Storage --- p.29Chapter Chapter 6 --- An Off-Line Transferable E-coin System --- p.32Chapter 6.1 --- Introduction --- p.32Chapter 6.2 --- The Withdrawal Protocol --- p.34Chapter 6.3 --- The Transfer / Payment Protocol --- p.36Chapter 6.4 --- The Deposit Protocol --- p.40Chapter 6.5 --- Expansion of Coins --- p.42Chapter 6.6 --- Security and privacy Analysis --- p.43Chapter 6.7 --- Complexity Analysis --- p.47Chapter 6.8 --- Conclusion --- p.49Chapter Chapter 7 --- A New Off-line E-check System --- p.50Chapter 7.1 --- Introduction --- p.50Chapter 7.2 --- E-checks Models --- p.51Chapter 7.3 --- E-Check System with Partial Privacy --- p.52Chapter 7.3.1 --- The Withdrawal Protocol --- p.52Chapter 7.3.2 --- The Payment Protocol --- p.55Chapter 7.3.3 --- The Deposit Protocol --- p.56Chapter 7.3.4 --- The Refund Protocol --- p.57Chapter 7.3.5 --- Protocol Discussion --- p.58Chapter 7.4 --- E-Check System with Unconditional Privacy --- p.59Chapter 7.4.1 --- The Withdrawal Protocol --- p.59Chapter 7.4.2 --- The Payment Protocol --- p.63Chapter 7.4.3 --- The Deposit Protocol --- p.64Chapter 7.4.4 --- The Refund Protocol --- p.65Chapter 7.4.5 --- Protocol Discussion --- p.67Chapter 7.5 --- Conclusion --- p.68Chapter Chapter 8 --- Conclusion --- p.69Reference --- p.7

A mobile agent clone detection system using general transferable E-cash and its specific implementation with Ferguson's E-coin.

by Lam Tak-Cheung.Thesis (M.Phil.)--Chinese University of Hong Kong, 2002.Includes bibliographical references (leaves 61-66).Abstracts in English and Chinese.Chapter 1. --- Introduction --- p.1Chapter 1.1 --- Evolution of the Mobile Agent Paradigm --- p.2Chapter 1.2 --- Beneficial Aspects of Mobile Agents --- p.3Chapter 1.3 --- Security Threats of Mobile Agents --- p.4Chapter 1.4 --- Organization of the Thesis --- p.6Chapter 2. --- Background of Cryptographic Theories --- p.7Chapter 2.1 --- Introduction --- p.7Chapter 2.2 --- Encryption and Decryption --- p.7Chapter 2.3 --- Six Cryptographic Primitives --- p.8Chapter 2.3.1 --- Symmetric Encryption --- p.8Chapter 2.3.2 --- Asymmetric Encryption --- p.9Chapter 2.3.3 --- Digital Signature --- p.9Chapter 2.3.4 --- Message Digest --- p.10Chapter 2.3.5 --- Digital Certificate --- p.11Chapter 2.3.6 --- Zero-Knowledge Proof --- p.11Chapter 2.4 --- RSA Public Key Cryptosystem --- p.12Chapter 2.5 --- Blind Signature --- p.13Chapter 2.6 --- Secret Sharing --- p.14Chapter 2.7 --- Conclusion Remarks --- p.14Chapter 3. --- Background of Mobile Agent Clones --- p.15Chapter 3.1 --- Introduction --- p.15Chapter 3.2 --- Types of Agent Clones --- p.15Chapter 3.3 --- Mobile Agent Cloning Problems --- p.16Chapter 3.4 --- Baek's Detection Scheme for Mobile Agent Clones --- p.17Chapter 3.4.1 --- The Main Idea --- p.17Chapter 3.4.2 --- Shortcomings of Baek's Scheme --- p.18Chapter 3.5 --- Conclusion Remarks --- p.19Chapter 4. --- Background of E-cash --- p.20Chapter 4.1 --- Introduction --- p.20Chapter 4.2 --- The General E-cash Model --- p.21Chapter 4.3 --- Chaum-Pedersen's General Transferable E-cash --- p.22Chapter 4.4 --- Ferguson's Single-term Off-line E-coins --- p.23Chapter 4.4.1 --- Technical Background of the Secure Tools --- p.24Chapter 4.4.2 --- Protocol Details --- p.27Chapter 4.5 --- Conclusion Remarks --- p.30Chapter 5. --- A Mobile Agent Clone Detection System using General Transferable E-cash --- p.31Chapter 5.1 --- Introduction --- p.31Chapter 5.2 --- Terminologies --- p.33Chapter 5.3 --- Mobile Agent Clone Detection System with Transferable E-cash --- p.34Chapter 5.4 --- Security and Privacy Analysis --- p.37Chapter 5.5 --- Attack Scenarios --- p.39Chapter 5.5.1 --- The Chosen Host Response Attack --- p.39Chapter 5.5.2 --- The Truncation and Substitution Attack --- p.40Chapter 5.6 --- An Alternative Scheme without Itinerary Privacy --- p.41Chapter 5.7 --- Conclusion Remarks --- p.43Chapter 6. --- Specific Implementation of the Mobile Agent Clone Detection System with Transferable Ferguson's E-coin --- p.45Chapter 6.1 --- Introduction --- p.45Chapter 6.2 --- The Clone Detection Environment --- p.46Chapter 6.3 --- Protocols --- p.48Chapter 6.3.2 --- Withdrawing E-tokens --- p.48Chapter 6.3.2 --- The Agent Creation Protocol --- p.51Chapter 6.3.3 --- The Agent Migration Protocol --- p.51Chapter 6.3.4 --- Clone Detection and Culprit Identification --- p.52Chapter 6.4 --- Security and Privacy Analysis --- p.54Chapter 6.5 --- Complexity Analysis --- p.55Chapter 6.5.1 --- Compact Passport --- p.55Chapter 6.5.2 --- Passport growth in size --- p.56Chapter 6.6 --- Conclusion Remarks --- p.56Chapter 7. --- Conclusions --- p.58Appendix 一 Papers derived from this thesis Bibliograph