13 research outputs found
Oblivious transfer for secure communication
Over the past four decades, computational power and algorithmic strategies have advanced tremendously resulting in an enormous increase in the key sizes required for secure cryptosystems such as RSA. At the same time, the electronic devices have grown smaller and portable requiring algorithms running on them to be optimized in size and efficiency while providing security, at least, equivalent to that provided on a typical desktop computer. As a result, the industry is moving towards newer cryptosystems such as ECC and NTRU that are well suited for resource constrained environments. While, ECC claims to provide security equivalent to that of RSA for a fraction of key size, NTRU is inherently suited for embedded systems technology. However, implementation of new cryptosystems requires the development of protocols analogous to those developed using older cryptosystems. In this thesis, we fulfill a part of this requirement by providing protocols for Oblivious Transfer using ECC and NTRU. Oblivious Transfer, in turn, has applications in simultaneous contract signing, digital certified mail, simultaneous exchange of secrets, secure multiparty computations, private information retrieval, etc. Furthermore, we introduce the idea of basing Oblivious Transfer on public-key exchange protocols. The presentation in the thesis uses Diffie-Hellman Key Exchange, but the scheme is generalizable to any cryptosystem that has a public-key exchange strategy. In fact, our proposal may especially be suited for Quantum Cryptography where the security of key exchange protocols has been proven
Protection of Information and Communications in Distributed Systems and Microservices
Distributed systems have been a topic of discussion since the 1980s, but the adoption of microservices has raised number of system components considerably. With more decentralised distributed systems, new ways to handle authentication, authorisation and accounting (AAA) are needed, as well as ways to allow components to communicate between themselves securely. New standards and technologies have been created to deal with these new requirements and many of them have already found their way to most used systems and services globally.
After covering AAA and separate access control models, we continue with ways to secure communications between two connecting parties, using Transport Layer Security (TLS) and other more specialised methods such as the Google-originated Secure Production Identity Framework for Everyone (SPIFFE). We also discuss X.509 certificates for ensuring identities. Next, both older time- tested and newer distributed AAA technologies are presented. After this, we are looking into communication between distributed components with both synchronous and asynchronous communication mechanisms, as well as into the publish/subscribe communication model popular with the rise of the streaming platform.
This thesis also explores possibilities in securing communications between distributed endpoints and ways to handle AAA in a distributed context. This is showcased in a new software component that handles authentication through a separate identity endpoint using the OpenID Connect authentication protocol and stores identity in a Javascript object-notation formatted and cryptographically signed JSON Web Token, allowing stateless session handling as the token can be validated by checking its signature. This enables fast and scalable session management and identity handling for any distributed system
Digital certificates and threshold cryptography
This dissertation discusses the use of secret sharing cryptographic protocols for distributing and sharing of secret documents, in our case PDF documents.
We discuss the advantages and uses of such a system in the context of collaborative environments.
Description of the cryptographic protocol involved and the necessary Public Key Infrastructure (PKI) shall be presented. We also provide an implementation of this framework as a âproof of conceptâ and fundament the use of a certificate extension as the basis for threshold cryptography.
Details of the shared secret distribution protocol and shared secret recovery protocol shall be given as well as the associated technical implementation details.
The actual secret sharing algorithm implemented at this stage is based on an existing well known secret sharing scheme that uses polynomial interpolation over a finite field.
Finally we conclude with a practical assessment of our prototype
The Complexity of Public-Key Cryptography
We survey the computational foundations for public-key cryptography. We discuss the computational assumptions that have been used as bases for public-key encryption schemes, and the types of evidence we have for the veracity of these assumptions.
This survey/tutorial was published in the book Tutorials on the Foundations of Cryptography , dedicated to Oded Goldreich on his 60th birthday
Cryptology in the Crowd
Uhell skjer: Kanskje mistet du nÞkkelen til huset, eller hadde PIN-koden til innbruddsalarmen skrevet pÄ en dÄrlig plassert post-it lapp. Og kanskje endte de slik opp i hendene pÄ feil person, som nÄ kan pÄfÞre livet ditt all slags ugagn: Sikkerhetssystemer gir ingen garantier nÄr nÞkler blir stjÄlet og PIN-koder lekket. Likevel burde naboen din, hvis nÞkkel-og-PIN-kode rutiner er heller vanntette, kunne fÞle seg trygg i vissheten om at selv om du ikke evner Ä sikre huset ditt mot innbrudd, sÄ forblir deres hjem trygt.
Det er tilsvarende for kryptologi, som ogsÄ lener seg pÄ at nÞkkelmateriale hemmeligholdes for Ä kunne garantere sikkerhet: Intuitivt forventer man at kjennskap til ett systems hemmelige nÞkkel ikke burde vÊre til hjelp for Ä bryte inn i andre, urelaterte systemer. Men det har vist seg overraskende vanskelig Ä sette denne intuisjonen pÄ formell grunn, og flere konkurrerende sikkerhetsmodeller av varierende styrke har oppstÄtt. Det blir dermed naturlig Ä spÞrre seg: Hvilken formalisme er den riktige nÄr man skal modellere realistiske scenarioer med mange brukere og mulige lekkasjer? Eller: hvordan bygger man kryptografi i en folkemengde?
Artikkel I begir seg ut pÄ reisen mot et svar ved Ä sammenligne forskjellige flerbrukervarianter av sikkerhetsmodellen IND-CCA, med og uten evnen til Ä motta hemmelige nÞkler tilhÞrende andre brukere. Vi finner et delvis svar ved Ä vise at uten denne evnen, sÄ er noen modeller faktisk Ä foretrekke over andre. Med denne evnen, derimot, forblir situasjonen uavklart.
Artikkel II tar et sidesteg til et sett relaterte sikkerhetsmodeller hvor, heller enn Ä angripe én enkelt bruker (ut fra en mengde av mulige ofre), angriperen Þnsker Ä bryte kryptografien til sÄ mange brukere som mulig pÄ én gang. Man ser for seg en uvanlig mektig motstander, for eksempel en statssponset aktÞr, som ikke har problemer med Ä bryte kryptografien til en enkelt bruker: MÄlet skifter dermed fra Ä garantere trygghet for alle brukerne, til Ä gjÞre masseovervÄking sÄ vanskelig som mulig, slik at det store flertall av brukere kan forbli sikret.
Artikkel III fortsetter der Artikkel I slapp ved Ă„ sammenligne og systematisere de samme IND-CCA sikkerhetsmodellene med en stĂžrre mengde med sikkerhetsmodeller, med det til felles at de alle modellerer det samme (eller lignende) scenarioet. Disse modellene, som gĂ„r under navnene SOA (Selective Opening Attacks; utvalgte Ă„pningsangrep) og NCE (Non-Committing Encryption; ikke-bindende kryptering), er ofte vesentlig sterkere enn modellene studert i Artikkel I. Med et system pĂ„ plass er vi i stand til Ă„ identifisere en rekke hull i litteraturen; og dog vi tetter noen, etterlater vi mange som Ă„pne problemer.Accidents happen: you may misplace the key to your home, or maybe the PIN to your home security system was written on an ill-placed post-it note. And so they end up in the hands of a bad actor, who is then granted the power to wreak all kinds of havoc in your life: the security of your home grants no guarantees when keys are stolen and PINs are leaked. Nonetheless your neighbour, whose key-and-pin routines leave comparatively little to be desired, should feel safe that just because you canât keep your house safe from intruders, their home remains secured.
It is likewise with cryptography, whose security also relies on the secrecy of key material: intuitively, the ability to recover the secret keys of other users should not help an adversary break into an uncompromised system. Yet formalizing this intuition has turned out tricky, with several competing notions of security of varying strength. This begs the question: when modelling a real-world scenario with many users, some of which may be compromised, which formalization is the right one? Or: how do we build cryptology in a crowd?
Paper I embarks on the quest to answer the above questions by studying how various notions of multi-user IND-CCA compare to each other, with and without the ability to adaptively compromise users. We partly answer the question by showing that, without compromise, some notions of security really are preferable over others. Still, the situation is left largely open when compromise is accounted for.
Paper II takes a detour to a related set of security notions in which, rather than attacking a single user, an adversary seeks to break the security of many. One imagines an unusually powerful adversary, for example a state-sponsored actor, for whom brute-forcing a single system is not a problem. Our goal then shifts from securing every user to making mass surveillance as difficult as possible, so that the vast majority of uncompromised users can remain secure.
Paper III picks up where Paper I left off by comparing and systemizing the same security notions with a wider array of security notions that aim to capture the same (or similar) scenarios. These notions appear under the names of Selective Opening Attacks (SOA) and Non-Committing Encryption (NCE), and are typically significantly stronger than the notions of IND-CCA studied in Paper I. With a system in place, we identify and highlight a number of gaps, some of which we close, and many of which are posed as open problems.Doktorgradsavhandlin
An analysis of security protocols for lightweight systems
Mathematical Science
Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion
382 p.Libro ElectrĂłnicoEach of us has been in the computing field for more than 40 years. The book is the product of a lifetime of observing and participating in the changes it has brought. Each of us has been both a teacher and a learner in the field.
This book emerged from a general education course we have taught at Harvard, but it is not a textbook. We wrote this book to share what wisdom we have with as many people as we can reach. We try to paint a big picture,
with dozens of illuminating anecdotes as the brushstrokes. We aim to entertain you at the same time as we provoke your thinking.Preface
Chapter 1 Digital Explosion
Why Is It Happening, and What Is at Stake?
The Explosion of Bits, and Everything Else
The Koans of Bits
Good and Ill, Promise and Peril
Chapter 2 Naked in the Sunlight
Privacy Lost, Privacy Abandoned
1984 Is Here, and We Like It
Footprints and Fingerprints
Why We Lost Our Privacy, or Gave It Away
Little Brother Is Watching
Big Brother, Abroad and in the U.S.
Technology Change and Lifestyle Change
Beyond Privacy
Chapter 3 Ghosts in the Machine
Secrets and Surprises of Electronic Documents
What You See Is Not What the Computer Knows
Representation, Reality, and Illusion
Hiding Information in Images
The Scary Secrets of Old Disks
Chapter 4 Needles in the Haystack
Google and Other Brokers in the Bits Bazaar
Found After Seventy Years
The Library and the Bazaar
The Fall of Hierarchy
It Matters How It Works
Who Pays, and for What?
Search Is Power
You Searched for WHAT? Tracking Searches
Regulating or Replacing the Brokers
Chapter 5 Secret Bits
How Codes Became Unbreakable
Encryption in the Hands of Terrorists, and Everyone Else
Historical Cryptography
Lessons for the Internet Age
Secrecy Changes Forever
Cryptography for Everyone
Cryptography Unsettled
Chapter 6 Balance Toppled
Who Owns the Bits?
Automated CrimesâAutomated Justice
NET Act Makes Sharing a Crime
The Peer-to-Peer Upheaval
Sharing Goes Decentralized
Authorized Use Only
Forbidden Technology
Copyright Koyaanisqatsi: Life Out of Balance
The Limits of Property
Chapter 7 You Canât Say That on the Internet
Guarding the Frontiers of Digital Expression
Do You Know Where Your Child Is on the Web Tonight?
Metaphors for Something Unlike Anything Else
Publisher or Distributor?
Neither Liberty nor Security
The Nastiest Place on Earth
The Most Participatory Form of Mass Speech
Protecting Good Samaritansâand a Few Bad Ones
Laws of Unintended Consequences
Can the Internet Be Like a Magazine Store?
Let Your Fingers Do the Stalking
Like an Annoying Telephone Call?
Digital Protection, Digital Censorshipâand Self-Censorship
Chapter 8 Bits in the Air
Old Metaphors, New Technologies, and Free Speech
Censoring the President
How Broadcasting Became Regulated
The Path to Spectrum Deregulation
What Does the Future Hold for Radio?
Conclusion After the Explosion
Bits Lighting Up the World
A Few Bits in Conclusion
Appendix The Internet as System and Spirit
The Internet as a Communication System
The Internet Spirit
Endnotes
Inde
Hardware design of cryptographic accelerators
With the rapid growth of the Internet and digital communications, the volume of sensitive electronic transactions being transferred and stored over and on insecure media has increased dramatically in recent years. The growing demand for cryptographic systems to secure this data, across a multitude of platforms, ranging from large servers to small mobile devices and smart cards, has necessitated research into low cost, flexible and secure solutions. As constraints on architectures such as area, speed and power become key factors in choosing a cryptosystem, methods for speeding up the development and evaluation process are necessary. This thesis investigates flexible hardware architectures for the main components of a cryptographic system. Dedicated hardware accelerators can provide significant performance improvements when compared to implementations on general purpose processors. Each of the designs proposed are analysed in terms of speed, area, power, energy and efficiency. Field Programmable Gate Arrays (FPGAs) are chosen as the development platform due to their fast development time and reconfigurable nature. Firstly, a reconfigurable architecture for performing elliptic curve point scalar multiplication on an FPGA is presented. Elliptic curve cryptography is one such method to secure data, offering similar security levels to traditional systems, such as RSA, but with smaller key sizes, translating into lower memory and bandwidth requirements. The architecture is implemented using different underlying algorithms and coordinates for dedicated Double-and-Add algorithms, twisted Edwards algorithms and SPA secure algorithms, and its power consumption and energy on an FPGA measured. Hardware implementation results for these new algorithms are compared against their software counterparts and the best choices for minimum area-time and area-energy circuits are then identified and examined for larger key and field sizes. Secondly, implementation methods for another component of a cryptographic system, namely hash functions, developed in the recently concluded SHA-3 hash competition are presented. Various designs from the three rounds of the NIST run competition are implemented on FPGA along with an interface to allow fair comparison of the different hash functions when operating in a standardised and constrained environment. Different methods of implementation for the designs and their subsequent performance is examined in terms of throughput, area and energy costs using various constraint metrics. Comparing many different implementation methods and algorithms is nontrivial. Another aim of this thesis is the development of generic interfaces used both to reduce implementation and test time and also to enable fair baseline comparisons of different algorithms when operating in a standardised and constrained environment. Finally, a hardware-software co-design cryptographic architecture is presented. This architecture is capable of supporting multiple types of cryptographic algorithms and is described through an application for performing public key cryptography, namely the Elliptic Curve Digital Signature Algorithm (ECDSA). This architecture makes use of the elliptic curve architecture and the hash functions described previously. These components, along with a random number generator, provide hardware acceleration for a Microblaze based cryptographic system. The trade-off in terms of performance for flexibility is discussed using dedicated software, and hardware-software co-design implementations of the elliptic curve point scalar multiplication block. Results are then presented in terms of the overall cryptographic system