KANSA: high interoperability e-KTP decentralised database network using distributed hash table

e-KTP is an Indonesian Identity Card based on Near Field Communicator technology. This technology was embedded in every e-KTP card for every Indonesian citizen. Until this research, e-KTP technology never to be utilized by any stack-holder neither government agencies nor nongovernment organization or company. e-KTP Technology inside the card never been used and go with conventional with manual copy it with photocopy machine or take a photograph with it. This research was proposing an open standard to utilized e-KTP Technology. The open standard will bring e-KTP technology used as is and used broadly in many government agencies or much commercial company. This research was proposing decentralized network model especially for storing e-KTP data without breaking privacy law. Besides providing high specs of the server, a decentralized model can reduce the cost of server infrastructure. The model was proposing using Distributed Hast Table which was used for peer-to-peer networks. The decentralized model promised high availability and the more secure way to save and access the data. The result of this model can be implemented in many network topology or infrastructure also applicable to implement on Small Medium Enterprise Company

On the Security Analysis of Password-Based Key Derivation Function

文件存储的安全性主要是通过身份认证和数据加密实现，在身份认证和数据加密密钥的产生中都需要由基于口令的密钥导出算法生成的密钥，生成密钥的随机性决定了文件安全机制整体的安全性，所以基于口令的密钥导出算法是文件认证机制中的关键。基于口令的密钥导出算法分为PBKDF1和PBKDF2。目前，新的文件认证机制中往往推荐使用密钥导出函数PBKDF2来取代PBKDF1，从而获得更高的安全性。为此，本文以OpenOffice的安全性为例，证明了其中密钥导出算法PBKDF2的理论安全性，并详细分析了OpenOffice的实际安全性。主要工作成果如下： （1）在CCS安全定义下，利用随机预言机模型与Game-Pl...The file security is mainly based on identity authentication and data encryption. The password-based key derivation function (PBKDF) is used to generate derived key during authentication and encryption, the randomness of a derived key is mainly influence the whole file security mechanism, so password-based key derivation function is the key point in file authentication mechanism. Password-based ke...学位：工学硕士院系专业：信息科学与技术学院_电子与通信工程学号：2312010115297

A Security Analysis on Password-Based Authentication In Android Backup Files and Its Enhancement

在现代密码学中，无条件安全性和计算安全性是证明密码机制的两种方式。其中计算安全主要通过可证明安全理论和穷举搜索实验进行证明，在实际应用大部分采用计算安全进行分析密码机制的安全性。口令认证机制是文件存储及传输过程安全性的主要保障，在认证过程中需要利用密钥导出算法将用户口令转化为均匀分布的密钥。密钥导出算法的随机性决定了口令认证机制整体的安全性。本文采用计算安全模型，以Android备份文件为实例，分析PBKDF2作为密钥导出算法的安全性。并针对其密钥输出结构进行改进，提出了一种基于反馈模式的密钥导出算法XKDF并给出其计算安全性证明。主要工作成果如下： (1)在计算安全模型下，可证明安全指标表...The security of cryptographic scheme can be evaluated under two models: unconditional security and computational security. The most practical security is computational, which can be analyzed by provable security theory and exhaustive search experiment. Password-based Message Authentication Code（PBMAC）is a mechanism that guarantee the security offile transmission and storage. Key derivation functio...学位：工程硕士院系专业：信息科学与技术学院_集成电路学号：2312011115299

Analysis Design & Applications of Cryptographic Building Blocks

This thesis deals with the basic design and rigorous analysis of cryptographic schemes and primitives, especially of authenticated encryption schemes, hash functions, and password-hashing schemes. In the last decade, security issues such as the PS3 jailbreak demonstrate that common security notions are rather restrictive, and it seems that they do not model the real world adequately. As a result, in the first part of this work, we introduce a less restrictive security model that is closer to reality. In this model it turned out that existing (on-line) authenticated encryption schemes cannot longer beconsidered secure, i.e. they can guarantee neither data privacy nor data integrity. Therefore, we present two novel authenticated encryption scheme, namely COFFE and McOE, which are not only secure in the standard model but also reasonably secure in our generalized security model, i.e. both preserve full data inegrity. In addition, McOE preserves a resonable level of data privacy. The second part of this thesis starts with proposing the hash function Twister-Pi, a revised version of the accepted SHA-3 candidate Twister. We not only fixed all known security issues of Twister, but also increased the overall soundness of our hash-function design. Furthermore, we present some fundamental groundwork in the area of password-hashing schemes. This research was mainly inspired by the medial omnipresence of password-leakage incidences. We show that the password-hashing scheme scrypt is vulnerable against cache-timing attacks due to the existence of a password-dependent memory-access pattern. Finally, we introduce Catena the first password-hashing scheme that is both memory-consuming and resistant against cache-timing attacks