56,702 research outputs found
Viabilidade de ataque de negação de serviço explorando Perfect Forward Secrecy no SSL/TLS
Monografia (graduação)—Universidade de Brasília, Instituto de Ciências Exatas, Departamento de Ciência da Computação, 2014.O uso do Perfect Forward Secrecy vem se tornando uma peça fundamental na segurança da inforação na Internet. O objetivo deste trabalho é analisar o impacto do uso do Perfect Forward Secrecy, mensurando sua eficácia e analisar a viabilidade de um ataque de negação de serviço explorando essa propriedade. _____________________________________________________________________________ ABSTRACTThe use of the Perfect Forward Secrecy has become an important element on the security of the information on the Internet. The aim of this project is to analyse the impact of the use Perfect Forward Secrecy, measuring its effectiveness and analyse the viability of a denial of service attack exploring this property
The Wiretap Channel with Feedback: Encryption over the Channel
In this work, the critical role of noisy feedback in enhancing the secrecy
capacity of the wiretap channel is established. Unlike previous works, where a
noiseless public discussion channel is used for feedback, the feed-forward and
feedback signals share the same noisy channel in the present model. Quite
interestingly, this noisy feedback model is shown to be more advantageous in
the current setting. More specifically, the discrete memoryless modulo-additive
channel with a full-duplex destination node is considered first, and it is
shown that the judicious use of feedback increases the perfect secrecy capacity
to the capacity of the source-destination channel in the absence of the
wiretapper. In the achievability scheme, the feedback signal corresponds to a
private key, known only to the destination. In the half-duplex scheme, a novel
feedback technique that always achieves a positive perfect secrecy rate (even
when the source-wiretapper channel is less noisy than the source-destination
channel) is proposed. These results hinge on the modulo-additive property of
the channel, which is exploited by the destination to perform encryption over
the channel without revealing its key to the source. Finally, this scheme is
extended to the continuous real valued modulo- channel where it is
shown that the perfect secrecy capacity with feedback is also equal to the
capacity in the absence of the wiretapper.Comment: Submitted to IEEE Transactions on Information Theor
Secure Compute-and-Forward in a Bidirectional Relay
We consider the basic bidirectional relaying problem, in which two users in a
wireless network wish to exchange messages through an intermediate relay node.
In the compute-and-forward strategy, the relay computes a function of the two
messages using the naturally-occurring sum of symbols simultaneously
transmitted by user nodes in a Gaussian multiple access (MAC) channel, and the
computed function value is forwarded to the user nodes in an ensuing broadcast
phase. In this paper, we study the problem under an additional security
constraint, which requires that each user's message be kept secure from the
relay. We consider two types of security constraints: perfect secrecy, in which
the MAC channel output seen by the relay is independent of each user's message;
and strong secrecy, which is a form of asymptotic independence. We propose a
coding scheme based on nested lattices, the main feature of which is that given
a pair of nested lattices that satisfy certain "goodness" properties, we can
explicitly specify probability distributions for randomization at the encoders
to achieve the desired security criteria. In particular, our coding scheme
guarantees perfect or strong secrecy even in the absence of channel noise. The
noise in the channel only affects reliability of computation at the relay, and
for Gaussian noise, we derive achievable rates for reliable and secure
computation. We also present an application of our methods to the multi-hop
line network in which a source needs to transmit messages to a destination
through a series of intermediate relays.Comment: v1 is a much expanded and updated version of arXiv:1204.6350; v2 is a
minor revision to fix some notational issues; v3 is a much expanded and
updated version of v2, and contains results on both perfect secrecy and
strong secrecy; v3 is a revised manuscript submitted to the IEEE Transactions
on Information Theory in April 201
To Harvest and Jam: A Paradigm of Self-Sustaining Friendly Jammers for Secure AF Relaying
This paper studies the use of multi-antenna harvest-and-jam (HJ) helpers in a
multi-antenna amplify-and-forward (AF) relay wiretap channel assuming that the
direct link between the source and destination is broken. Our objective is to
maximize the secrecy rate at the destination subject to the transmit power
constraints of the AF relay and the HJ helpers. In the case of perfect channel
state information (CSI), the joint optimization of the artificial noise (AN)
covariance matrix for cooperative jamming and the AF beamforming matrix is
studied using semi-definite relaxation (SDR) which is tight, while suboptimal
solutions are also devised with lower complexity. For the imperfect CSI case,
we provide the equivalent reformulation of the worst-case robust optimization
to maximize the minimum achievable secrecy rate. Inspired by the optimal
solution to the case of perfect CSI, a suboptimal robust scheme is proposed
striking a good tradeoff between complexity and performance. Finally, numerical
results for various settings are provided to evaluate the proposed schemes.Comment: 16 pages (double column), 8 figures, submitted for possible journal
publicatio
Secure Authentication
Many complicated authentication and encryption techniques have been embedded into WiMAX but it still facing a lot of challenging situations. This paper shows that, GTEK Hash chain algorithm for Multi and Broadcast service of IEEE 802.16e facing a reduced forward secrecy problem. These vulnerabilities are the possibilities to forge key messages in Multiand Broadcast operation, which are susceptible to forgery and reveals important management information. In this paper, we also propose three UAKE protocols with PFS (Perfect Forward Secrecy) that are efficient and practical for mobile devices
Symmetric-key Authenticated Key Exchange (SAKE) with Perfect Forward Secrecy
Key exchange protocols in the asymmetric-key setting are known to provide stronger security properties than protocols in symmetric-key cryptography. In particular, they can provide perfect forward secrecy, as illustrated by key exchange protocols based on the Diffie-Hellman scheme. However public-key algorithms are too heavy for low-resource devices, which can then not benefit from forward secrecy. In this paper, we describe a scheme that solves this issue. Using a nifty resynchronisation technique, we propose an authenticated key exchange protocol in the symmetric-key setting that guarantees perfect forward secrecy. We prove that the protocol is sound, and provide a formal security proof
SECURE COMMUNICATION USING PFS IN A DISTRIBUTED ENVIRONMENT
Today millions of ordinary citizens are using networks for banking, shopping and filing their tax return. Network security has become a massive problem. All this requires network to identify its legal users for providing services. An authentication protocol used is Kerberos which uses strong secret key for user authentication but it is vulnerable in case of weak passwords. Authentication & key distribution protocols requires sharing secret key(s) with a view that only the concerned users know to derive the information from it. These protocols are vulnerable to key guessing attacks. Another important consideration is perfect forward secrecy in which our proposed scheme cover cases with application servers, authentication servers or clients key are revealed & their combination. In this paper our proposed scheme deal with key guessing attacks, perfect forward secrecy and protocols for few combinations of keys. All these protocols are based on the fact that the keys are weak & can be exploited easily
- …