Analysis of Advanced Encryption Standards

The Advanced Encryption Standard (AES),the block cipher ratified as a standard by National Instituteof Standards and Technology of the United States (NIST), waschosen using a process markedly more open and transparentthan its predecessor, the aging Data Encryption Standard(DES).Fifteen algorithm were submitted as to NIST in 1998 ,NIST choose five finalist.NIST primary selection criteria are security, performance,and flexibility. This paper enlightens the last two criteria. Inthis paper we have discussed software performance of five AESfinalist.The paper specifically compares performance of the fiveAES finalist on a verity of common software platform: 32-bitCPU( both large and smaller microprocessors, smart cards,embedded microprocessors) and high end 64-bits CPUs

Remote software upload techniques in future vehicles and their performance analysis

Updating software in vehicle Electronic Control Units (ECUs) will become a mandatory requirement for a variety of reasons, for examples, to update/fix functionality of an existing system, add new functionality, remove software bugs and to cope up with ITS infrastructure. Software modules of advanced vehicles can be updated using Remote Software Upload (RSU) technique. The RSU employs infrastructure-based wireless communication technique where the software supplier sends the software to the targeted vehicle via a roadside Base Station (BS). However, security is critically important in RSU to avoid any disasters due to malfunctions of the vehicle or to protect the proprietary algorithms from hackers, competitors or people with malicious intent. In this thesis, a mechanism of secure software upload in advanced vehicles is presented which employs mutual authentication of the software provider and the vehicle using a pre-shared authentication key before sending the software. The software packets are sent encrypted with a secret key along with the Message Digest (MD). In order to increase the security level, it is proposed the vehicle to receive more than one copy of the software along with the MD in each copy. The vehicle will install the new software only when it receives more than one identical copies of the software. In order to validate the proposition, analytical expressions of average number of packet transmissions for successful software update is determined. Different cases are investigated depending on the vehicle\u27s buffer size and verification methods. The analytical and simulation results show that it is sufficient to send two copies of the software to the vehicle to thwart any security attack while uploading the software. The above mentioned unicast method for RSU is suitable when software needs to be uploaded to a single vehicle. Since multicasting is the most efficient method of group communication, updating software in an ECU of a large number of vehicles could benefit from it. However, like the unicast RSU, the security requirements of multicast communication, i.e., authenticity, confidentiality and integrity of the software transmitted and access control of the group members is challenging. In this thesis, an infrastructure-based mobile multicasting for RSU in vehicle ECUs is proposed where an ECU receives the software from a remote software distribution center using the road side BSs as gateways. The Vehicular Software Distribution Network (VSDN) is divided into small regions administered by a Regional Group Manager (RGM). Two multicast Group Key Management (GKM) techniques are proposed based on the degree of trust on the BSs named Fully-trusted (FT) and Semi-trusted (ST) systems. Analytical models are developed to find the multicast session establishment latency and handover latency for these two protocols. The average latency to perform mutual authentication of the software vendor and a vehicle, and to send the multicast session key by the software provider during multicast session initialization, and the handoff latency during multicast session is calculated. Analytical and simulation results show that the link establishment latency per vehicle of our proposed schemes is in the range of few seconds and the ST system requires few ms higher time than the FT system. The handoff latency is also in the range of few seconds and in some cases ST system requires less handoff time than the FT system. Thus, it is possible to build an efficient GKM protocol without putting too much trust on the BSs

Smart Card Crypto-Coprocessors for Public-Key Cryptography

This paper intends to provide information about up-to-date performances of smart-card arithmetic coprocessors regarding major public -key cryptosystems and analyze the main tendences of this developing high-tech industry and related markets. We also comment hardware limitations of current technologies and provide a technique for extending them by virtually doubling their capacities

Design einer mobilen Anwendung zur verschlüsselten Sprachkommunikation auf Basis des Android Betriebssystems

Die unterschiedlichen Möglichkeiten und die Realisierung der abhörsicheren und verschlüsselten, mobilen Sprachkommunikation auf Basis des Android Betriebssystems, sind zentraler Bestandteil dieser Master-Thesis. Private und abhörsichere Kommunikation lässt sich in einem direkten Gespräch ohne größeren Aufwand realisieren. Bei indirekter Sprachkommunikation, wie einem Telefongespräch, muss erheblich mehr Aufwand betrieben werden, um abhörsicher und vertraulich kommunizieren zu können. Die Verwendung von Verschlüsselungsmechanismen ist hierfür eine Option zur Realisierung von abhörsicherer und privater Sprachkommunikation. In dieser Arbeit werden die verbreitetsten Protokolle und Technologien beschrieben und evaluiert, mit deren Hilfe man verschlüsselte prachkommunikation technisch realisieren kann. Die Technologie-Evaluation wird kategorisiert nach Netzzugangstechnologie, Audiocodec, Signalisierung, Medientransport und Schlüsselverwaltung durchgeführt. Dies geschieht unter Berücksichtigung von Angriffen und Sicherheits- lücken, den Besonderheiten der Medientransportebene bei drahtloser mobiler Datenübertragung und den Beschränkungen, denen mobile Endgeräte und der mobile Internetzugang unterworfen sind. Neben der Evaluation der Technologien wird auch der Einsatz und die Integration von Smartcards in Sprachkommunikationssoftware zur Verschlüsselung und Zertifikatsspeicherung diskutiert. Aufbauend auf der Analyse der existenten Protokolle und Technologien wird das Konzept einer Anwendung entwickelt, mit der die verschlüsselte Sprachkommunikation auf dem Android Betriebssystem realisiert werden kann. Dabei wird durch die Implementierung einzelner Teile des Konzepts, eine Machbarkeitsstudie durchgeführt.</p

Nuevo marco de autenticación para tarjetas inteligentes en red. Aplicación al pago electrónico en entornos inalámbricos

En la actualidad, la importancia de la seguridad de la Información y de las Comunicaciones resulta incuestionable. En este contexto, la relevancia de la autenticación fiable entre entidades queda también patente en una diversidad de aspectos cotidianos. Por sus cualidades y ventajas como módulo criptográfico, la tarjeta inteligente ha desarrollado un papel fundamental en la autenticación de usuarios. Esta tesis doctoral estudia el proceso de transformación que está atravesando actualmente y que la convierte en un equipo con conectividad a la red, dentro de la Nueva Generación de Tarjetas Inteligentes. De esta evolución, resultan una variedad de implicaciones, que se expanden transversalmente desde el momento que dicha tarjeta se integra en la red. En el presente trabajo se trata dicha integración exclusivamente desde la perspectiva de los mecanismos de autenticación involucrados. Pero, ¿hacia dónde evoluciona esa red?. Una diversidad de redes de acceso, entre las que destacan las tecnologías inalámbricas y los dispositivos multimodo, van a conformar un panorama global del que las tarjetas inteligentes, actuales y futuras, deberán participar. ¿Se pueden hacer más robustos y seguros los esquemas actuales de autenticación remota para éstas?. ¿En qué medida han sido diseñados para ser adaptados a estas nuevas circunstancias?. Esta tesis aborda la problemática de una forma conjunta, atendiendo al esquema de autenticación extremo-a-extremo y plantea un nuevo Marco de Autenticación para Tarjetas Inteligentes en Red bajo cuyo paraguas podemos modelar, analizar e incluso proponer una arquitectura de protocolos de autenticación remota para las tarjetas inteligentes actuales y venideras. Tras el diseño y la implementación acorde con dicha arquitectura y una evaluación de las funcionalidades previstas, se realiza una aplicación sobre un escenario realista de pago electrónico en entornos inalámbricos; por un lado demostrando la viabilidad de la propuesta y, por otro, incidiendo en su versatilidad, que le permite ser robusta ante la transformación que les conduce hacia esa nueva generación