8 research outputs found
Algorithms for Solving Linear and Polynomial Systems of Equations over Finite Fields with Applications to Cryptanalysis
This dissertation contains algorithms for solving linear and polynomial systems
of equations over GF(2). The objective is to provide fast and exact tools for algebraic
cryptanalysis and other applications. Accordingly, it is divided into two parts.
The first part deals with polynomial systems. Chapter 2 contains a successful
cryptanalysis of Keeloq, the block cipher used in nearly all luxury automobiles.
The attack is more than 16,000 times faster than brute force, but queries 0.62 × 2^32
plaintexts. The polynomial systems of equations arising from that cryptanalysis
were solved via SAT-solvers. Therefore, Chapter 3 introduces a new method of
solving polynomial systems of equations by converting them into CNF-SAT problems
and using a SAT-solver. Finally, Chapter 4 contains a discussion on how SAT-solvers
work internally.
The second part deals with linear systems over GF(2), and other small fields
(and rings). These occur in cryptanalysis when using the XL algorithm, which converts polynomial systems into larger linear systems. We introduce a new complexity
model and data structures for GF(2)-matrix operations. This is discussed in Appendix B but applies to all of Part II. Chapter 5 contains an analysis of "the Method
of Four Russians" for multiplication and a variant for matrix inversion, which is
log n faster than Gaussian Elimination, and can be combined with Strassen-like algorithms. Chapter 6 contains an algorithm for accelerating matrix multiplication
over small finite fields. It is feasible but the memory cost is so high that it is mostly
of theoretical interest. Appendix A contains some discussion of GF(2)-linear algebra
and how it differs from linear algebra in R and C. Appendix C discusses algorithms
faster than Strassen's algorithm, and contains proofs that matrix multiplication,
matrix squaring, triangular matrix inversion, LUP-factorization, general matrix in-
version and the taking of determinants, are equicomplex. These proofs are already
known, but are here gathered into one place in the same notation
Security in Context-aware Mobile Business Applications
The support of location computation on mobile devices (e.g. mobile phones, PDAs) has enabled the development of context-aware and especially location-aware applications (e.g. Restaurant Finder, Friend Finder) which are becoming the new trend for future software applications. However, fears regarding security and privacy are the biggest barriers against their success. Especially, mobile users are afraid of the possible threats against their private identity and personal data. Within the M-Business research group at the University of Mannheim, various security and privacy aspects of context-aware mobile business applications are examined in this thesis. After providing a detailed introduction to context-aware applications, the security challenges of context-aware applications from the perspectives of different principals (i.e. mobile users, the broker, service providers) are analyzed. The privacy aspects, the challenges, the threats and legal directives regarding user privacy are explained and illustrated by real-life examples. The user-centric security architectures integrated within context-aware applications are introduced as anonymity and mobile identity management solutions. The M-Business security architecture providing security components for communication security, dynamic policy-based anonymity, secure storage on mobile devices, identity management for mobile users and cryptography libraries is explained in detail. The LaCoDa compiler which automatically generates final Java code from high level specifications of security protocols is introduced as a software-centric solution for preventing developer-specific security bugs in applications
Forschungsbericht Universität Mannheim, 2004 / 2005
Die Universität Mannheim gibt in dem vorliegenden Forschungsbericht 2004/2005 Rechenschaft über ihre Leistungen auf dem Gebiet der Forschung. Erstmals folgt diese Dokumentation einer neuen Gliederung, die auf einen Beschluss des Forschungsrates der Universität Mannheim zurückgeht. Wie gewohnt erhalten Sie einen Überblick über die Publikationen und Forschungsprojekte der Lehrstühle, Professuren und zentralen Forschungseinrichtungen. Diese werden ergänzt um Angaben zur Organisation von Forschungsveranstaltungen, der Mitwirkung in Forschungsausschüssen, einer Übersicht zu den für Forschungszwecke eingeworbenen Drittmitteln, zu den Promotionen und Habilitationen, zu Preisen und Ehrungen und zu Förderern der Universität Mannheim. Abgerundet werden diese Daten durch zusammenfassende Darstellungen der Forschungsschwerpunkte und des Forschungsprofils der Fakultäten
On User Privacy for Location-based Services
This thesis investigates user privacy concerns associated with
the use of location based services. We begin by introducing
various privacy schemes relevant to the use of location based
services.
We introduce the notion of constraints, i.e. statements
limiting the use and dis tribution of Location Information
(LI), i.e. data providing information regarding a subject's
location. Constraints can be securely bound to LI, and are
designed to reduce threats to privacy by controlling its
dissemination and use. The various types of constraint which
may be required are also considered. The issues and risks with
the possible use of constraints are discussed, as are possible
solutions to these hazards.
To address some of the problems that have been identified with
the use of constraints, we introduce the notion of an LI
Preference Authority (LIPA). A LIPA is a trusted party which
can examine LI constraints and make decisions about LI
distribution without revealing the constraints to the entity
requesting the LI. This is achieved by encrypting both the LI
and the constraints with a LIPA encryption key, ensuring that
the LI is only revealed at the discretion of the LIPA. We
further show how trusted computing can be used to enhance
privacy for LI. We focus on how the mechanisms in the Trusted
Computing Group specifications can be used to enable the holder
of LI to verify the trustworthiness of a remote host before
transferring the LI to that remote device. This provides
greater assurance to end users that their expressed preferences
for the handling of personal information will be respected.
The model for the control of LI described in this thesis has
close parallels to models controlling the dissemination and use
of other personal information. In particular, Park and Sandhu
have developed a general access control model intended to
address issues such as Digital Rights Management, code
authorisation, and the control of personal data. We show how
our model for LI control fits into this general access control
model.
We present a generic service which allows a device to discover
the location of other devices in ad hoc networks. The
advantages of the service are discussed in several scenarios,
where the reliance on an infrastructure such as GPS satellites
or GSM cellular base stations is not needed. An outline of the
technology which will be needed to realise the service is
given, along with a look at the security issues which surround
the use of this location discovery service.
Finally, we provide conclusions and suggestions for future
work
Recommended from our members
Authentication and privacy in mobile web services
This thesis looks at the issue of authentication and privacy in mobile Web services. The work in this thesis builds on GSM and UMTS security framework to develop security protocols for mobile Web services environment. The thesis initially highlights some core principles of designing security protocols in such environment. The next two chapters look at the core technologies and building blocks in Web services systems and the core security features in mobile networks mainly GSM and UMTS. Registration and authentication were identified as security issues in federated systems. Proposed solutions were developed utilizing XML security mechanisms with SIM card security in GSM environment to address these issues. Also a novel system was proposed in which it is possible for a mobile user to securely authenticate and have full anonymity as far as the service providers are concerned; however it is possible for a trusted authority to reveal the identity of the user if he or she is suspected of illegal activities. The next section analyze in detail the Generic Authentication Architecture from 3GPP. Combining SAML with the Generic Authentication Architecture, we propose a novel "generic mobile Web service platform" for M-Commerce. Various solutions have been proposed to address privacy concern in distributed networks; the Platform for Privacy Preferences is one of the popular proposal, though it has many desirable features, it is not easy to enforce it. We argue that this limitation can be managed in federated system such as the Liberty Alliance framework. In the final chapter we make the case for using timestamp based authentication protocol
in mobile Web service on the ground of efficiency gain