Nonabelian Group Based Cryptography

From the Washington University Senior Honors Thesis Abstracts (WUSHTA), 2017. Published by the Office of Undergraduate Research. Joy Zalis Kiefer, Director of Undergraduate Research and Associate Dean in the College of Arts & Sciences; Lindsey Paunovich, Editor; Helen Human, Programs Manager and Assistant Dean in the College of Arts and Sciences Mentor: John Shareshia

A Meaningful MD5 Hash Collision Attack

It is now proved by Wang et al., that MD5 hash is no more secure, after they proposed an attack that would generate two different messages that gives the same MD5 sum. Many conditions need to be satisfied to attain this collision. Vlastimil Klima then proposed a more efficient and faster technique to implement this attack. We use these techniques to first create a collision attack and then use these collisions to implement meaningful collisions by creating two different packages that give identical MD5 hash, but when extracted, each gives out different files with contents specified by the atacker

Design and Implementation of a Direct/Indirect Hybrid Trust Model for Secure Authentication in a Mobile Ad Hoc Network

We investigated the problem of cryptographic key authentication in a mobile ad hoc network (MANET). Using the theory of digital trust, we propose an authentication scheme for MANETs that includes a hybrid trust model between the direct and indirect approaches. Our hybrid trust model supplies trust data to a decentralized web of trust in order to authenticate nodes in a MANET. We ran some simulations of our authentication scheme to verify its security and investigate potential trust threshold values. Also, we designed and implemented a proof-of-concept iOS application that implements our authentication scheme. Some future work includes investing several implications of the mobility aspect of MANETs on trust management, such as the maximum levels of trust concatenation

GLOBAL COMMUNICATIONS NEWSLETTER

Presents information and current topics of interest to the global communications industry

Secure architectures for pairing based public key cryptography

Along with the growing demand for cryptosystems in systems ranging from large servers to mobile devices, suitable cryptogrophic protocols for use under certain constraints are becoming more and more important. Constraints such as calculation time, area, efficiency and security, must be considered by the designer. Elliptic curves, since their introduction to public key cryptography in 1985 have challenged established public key and signature generation schemes such as RSA, offering more security per bit. Amongst Elliptic curve based systems, pairing based cryptographies are thoroughly researched and can be used in many public key protocols such as identity based schemes. For hardware implementions of pairing based protocols, all components which calculate operations over Elliptic curves can be considered. Designers of the pairing algorithms must choose calculation blocks and arrange the basic operations carefully so that the implementation can meet the constraints of time and hardware resource area. This thesis deals with different hardware architectures to accelerate the pairing based cryptosystems in the field of characteristic two. Using different top-level architectures the hardware efficiency of operations that run at different times is first considered in this thesis. Security is another important aspect of pairing based cryptography to be considered in practically Side Channel Analysis (SCA) attacks. The naively implemented hardware accelerators for pairing based cryptographies can be vulnerable when taking the physical analysis attacks into consideration. This thesis considered the weaknesses in pairing based public key cryptography and addresses the particular calculations in the systems that are insecure. In this case, countermeasures should be applied to protect the weak link of the implementation to improve and perfect the pairing based algorithms. Some important rules that the designers must obey to improve the security of the cryptosystems are proposed. According to these rules, three countermeasures that protect the pairing based cryptosystems against SCA attacks are applied. The implementations of the countermeasures are presented and their performances are investigated

A Cryptographic Attack: Finding the Discrete Logarithm on Elliptic Curves of Trace One

The crux of elliptic curve cryptography, a popular mechanism for securing data, is an asymmetric problem. The elliptic curve discrete logarithm problem, as it is called, is hoped to be generally hard in one direction but not the other, and it is this asymmetry that makes it secure. This paper describes the mathematics (and some of the computer science) necessary to understand and compute an attack on the elliptic curve discrete logarithm problem that works in a special case. The algorithm, proposed by Nigel Smart, renders the elliptic curve discrete logarithm problem easy in both directions for elliptic curves of so-called trace one. The implication is that these curves can never be used securely for cryptographic purposes. In addition, it calls for further investigation into whether or not the problem is hard in general

The Impact of Quantum Computing on Present Cryptography

The aim of this paper is to elucidate the implications of quantum computing in present cryptography and to introduce the reader to basic post-quantum algorithms. In particular the reader can delve into the following subjects: present cryptographic schemes (symmetric and asymmetric), differences between quantum and classical computing, challenges in quantum computing, quantum algorithms (Shor's and Grover's), public key encryption schemes affected, symmetric schemes affected, the impact on hash functions, and post quantum cryptography. Specifically, the section of Post-Quantum Cryptography deals with different quantum key distribution methods and mathematicalbased solutions, such as the BB84 protocol, lattice-based cryptography, multivariate-based cryptography, hash-based signatures and code-based cryptography.Comment: 10 pages, 1 figure, 3 tables, journal article - IJACS

КРИПТОГРАФІЯ НА ЕЛІПТИЧНИХ КРИВИХ ТА ЇЇ ПРАКТИЧНЕ ЗАСТОСУВАННЯ

Elliptic curves are one of the most promising tools for constructing modern cryptographic algorithms. The security of elliptic curve cryptography is based on the complexity of solving the discrete logarithm problem in the group of points of the elliptic curve over a finite field. Elliptic curve cryptography enables two parties communicating over public channel using elliptic curve encryption and signing algorithms. Elliptic curves allow to achieve the same level of security with small key sizes than other asymmetric cryptographic algorithms. The article describes the mathematical apparatus of elliptic curves used for cryptographic purposes, the basic operations in the group of points of elliptic curves, such as addition of points, doubling of a point, and scalar multiplication of a point by a number are given. The steps and principles of the Diffie-Hellman key exchange algorithm (ECDH) and the digital signature scheme (ECDSA) on elliptic curves are considered. An overview of standards establishing recommendations and requirements for the use of elliptic curves in cryptographic systems is provided. The advantages of elliptic curve cryptography compared to traditional asymmetric algorithms, such as smaller key sizes, computational speed, and efficient use of resources, are analyzed. Potential threats and vulnerabilities of cryptographic algorithms based on elliptic curves are discussed. The main practical application areas of cryptographic algorithms on elliptic curves, including network security, cryptocurrency operations, message exchange, the Internet of Things, and government institutions are investigated. Examples of popular standardized curves (Curve25519, Curve448, secp256k1) that have been tested and recommended by specialized organizations such as NIST are given.Еліптичні криві є одним із найперспективніших інструментів для побудови сучасних криптографічних алгоритмів. Безпека криптографії на еліптичних кривих ґрунтується на складності розв’язання задачі дискретного логарифмування в групі точок еліптичної кривої над скінченним полем. Криптографія на еліптичних кривих дає змогу реалізувати захищений обмін даними між різними сторонами, використовуючи алгоритми шифрування та підписування на основі еліптичних кривих. Еліптичні криві дозволяють досягти еквівалентного рівня безпеки з меншими розмірами ключів порівняно з іншими асиметричними криптографічними алгоритмами. У статті описано математичний апарат еліптичних кривих, що використовуються для криптографічних цілей, наведено основні операції в групі точок еліптичних кривих, такі як додавання точок, подвоєння точки та скалярне множення точки на число. Розглянуто кроки і принципи роботи алгоритму обміну ключами Діффі-Хеллмана (ECDH) та схеми цифрового підпису (ECDSA) на еліптичних кривих. Проведено огляд стандартів, що встановлюють рекомендації та вимоги щодо використання еліптичних кривих у криптографічних системах. Проаналізовано переваги криптографії на еліптичних кривих порівняно із традиційними асиметричними алгоритмами, такі як менші розміри ключів, швидкість обчислень та ефективне використання ресурсів. Розглянуто потенційні загрози та вразливості криптографічних алгоритмів на основі еліптичних кривих. Здійснено огляд основних сфер практичного застосування криптографічних алгоритмів на еліптичних кривих, зокрема таких як захист мережевого з’єднання, криптовалютні операції, обмін повідомленнями, Інтернет речей, державні установи. Наведено приклади популярних стандартизованих кривих (Curve25519, Curve448, secp256k1), що були перевірені та рекомендовані спеціалізованими організаціями, зокрема такими як NIST