Secure time information in the internet key exchange protocol

Many network services and protocols can work correctly only when freshness of messages sent between participants is assured and when the protocol parties’ internal clocks are adjusted. In this paper we present a novel, secure and fast procedure which can be used to ensure data freshness and clock synchronization between two communicating parties. Next, we show how this solution can be used in other cryptographic protocols. As an example of application we apply our approach to the Internet Key Exchange (IKE) protocol family

Marca do Dia Electrónica em Smartphones: implementação de um serviço para envio de correio electrónico com marcas temporais

Dissertação de mestrado em Engenharia de InformáticaA Marca do Dia Electrónica (MDDE) trata-se de um serviço, desenvolvido em parceria pelos CTT e pela MULTICERT, que possibilita a utilização do correio eletrónico com um elevado grau de segurança e fiabilidade. Este serviço, apenas disponível para computadores pessoais com o sistema operativo Windows, consiste na colocação de um selo temporal eletrónico nas mensagens enviadas, de forma a certificar a veracidade da data e hora de envio das mesmas. Desta forma, é também assegurado que a mensagem enviada não foi alterada, pelas propriedades de integridade e não repúdio apresentadas pelo selo eletrónico. Dado o impacto dos smartphones na sociedade atual, que cada vez mais tendem para representar o meio dominante de comunicação através da Internet, o objetivo principal desta dissertação é explorar a possibilidade de utilizar um dispositivo móvel como solução ubíqua para o envio de mensagens com MDDE, recorrendo a um cartão de memória microSD com capacidades criptográficas (i.e. um Smart Card), para o armazenamento e utilização das credenciais eletrónicas necessárias. Para a especificação desta solução, são estudadas as principais plataformas móveis, com especial ênfase no sistema operativo Android. É também analisada a framework Java Card, bem como os protocolos de dados e de comunicação utilizados pelos Smart Cards. Por fim, é apresentada uma implementação como prova de conceito de que a solução proposta é uma alternativa viável à aplicação existente, concretizado através de duas componentes — uma aplicação para Android e uma applet para Java Card.The Marca Do Dia Electrónica (MDDE) is a service which allows the use of e-mail with a high level of security and confidence, jointly developed by CTT and MULTICERT. This service, currently available for personal computers with the Windows operating system only, consists in assigning an electronic timestamp to the message being sent, in order to endorse the veracity of the time and date of dispatch. This way, it also provides evidence that the message was not changed, given the integrity and non-repudiation properties assured by the electronic timestamp. Due to the impact of smartphones in today’s society, which increasingly tend to be the dominant mean of communication through the Internet, the main purpose of this dissertation is to explore the prospects of using a mobile device as an ubiquitous solution for sending MDDE messages, taking advantage of a microSD memory card with cryptographic capabilities (i.e. a Smart Card) for storing and handling the necessary electronic credentials. In order to specify this solution, we present a study on the major mobile platforms, with special emphasis on the Android operating system. We also describe the Java Card framework, as well as the Smart Cards’ communication and data protocols. Finally, an implementation is presented as proof of concept that the proposed solution represents a viable alternative to the existing application, achieved through the development of two components — an Android application and a Java Card applet

The application of hash chains and hash structures to cryptography

In this thesis we study how hash chains and other hash structures can be used in various cryptographic applications. In particular we focus on the applications of entity authentication, signatures and key establishment. We study recursive application of hash functions to create hash chains, hash trees and other hash structures. We collate all these to form a catalogue of structures that we apply to various cryptographic applications. We study existing work on authentication and create many entity authentication schemes based on structures from our catalogue. We present a novel algorithm to find efficient signature schemes from any given hash structure. We study some suggestions for suitable hash structures and define a particular scalable hash structure complete with a simple message to signature map that is the most efficient such scheme of which we know. We explore k-time signature schemes and identify two new properties, which we call perforated and porous. We look at the application of hash structures to key establishment schemes. We compare the existing schemes and make improvements on many. We present a new key establishment scheme, and show a link between certain k-time signatures and certain key establishment schemes. We look at the other applications of hash structures, and suggest areas in which our catalogue could be used for further development