425 resultados para Homomorphic encryption
Resumo:
简要介绍了欧洲 NESSIE( new European schemes for signatures,integrity,and encryption)大计划最近公布的 17个分组密码算法的基本设计思想、最新分析结果及其有效性 .
Resumo:
作为加密标准,DES(data encryption standard)算法虽然已被AES(advanced encryption standard)算法所取代,但其仍有着不可忽视的重要作用.在一些领域,尤其是金融领域,DES和Triple DES仍被广泛使用着.而近年来又提出了一些新的密码分析方法,其中,Rectangle攻击和Boomerang攻击已被证明是非常强大而有效的.因此,有必要重新评估DES算法抵抗这些新分析方法的能力.研究了DES算法针对Rectangle攻击和Boomerang攻击的安全性.利用DES各轮最优差分路径及其概率,分别得到了对12轮DES的Rectangle攻击和对11轮DES的Boomerang攻击.攻击结果分别为:利用Rectangle攻击可以攻击到12轮DES,数据复杂度为2~(62)。个选择明文,时间复杂度为2~(42)次12轮加密;利用Boomerang攻击可以攻击到11轮DES,数据复杂度为2~(58)个适应性选择明密文,时间复杂度为2~(38)次11轮加密.由于使用的都是DES各轮的最优差分路径,所以可以相信,该结果是Rectangle攻击和Boomerang攻击对DES所能达到的最好结果.
Resumo:
工作模式是一个算法,它刻画了如何利用分组密码提供信息安全服务.在给AES征集工作模式标准的过程中,NIST收到了15个候选工作模式.简要介绍15个候选工作模式及它们的设计思想。
Resumo:
NESSIE(New European Schemes for Signatures,Integrity,and Encryption)是一个为时三年的密码大计划,它的主要目的是为了推出一系列安全的密码模块,另一个目的是保持欧洲在密码研究领域的领先地位并增强密码在欧洲工业中的作用。它的整个运作过程是公开透明的,2000年3月公布了征集通告,2000年11月13~14日,召开第一次NESSIE会议,并公布征集到的所有算法。NESSIE共征集17个分组密码算法,经过一年多的评估,在今年9月12~13日召开的第二次NESSIE会议上,NESSIE公布了评选出的7个算法:IDEA,Khazad,MISTY1,SAFER++,Camellia,RC6,SHACAL,它们将作为NESSIE计划下一阶段重点评估的对象。NEESIE预计将在明年秋季召开第三次会议,届时将宣布最后的评选结果。本文简要介绍NESSIE的评估原则,阐述NESSIE对各个候选算法的取舍原因,同时列出算法设计者和公众对各个算法的分析情况。
Resumo:
在信息安全的许多实际应用中往往需要同时提供私密性和认证性,通常采用加密模式和消息认证码的组合来实现这一目的,但这种实现方式须对同一消息分加密和认证两阶段进行处理,不仅密钥使用量大,而且效率低下.本文基于CBC加密模式设计了一种新的一阶段加密认证方案OXCBC,能够同时提供私密性和认证性,且仅使用一个密钥和一个Nonce,与同类型的加密认证方案相比具有较高的效率.在分组密码是强伪随机置换的假设下,证明了该方案的认证性.
Resumo:
形式化构建了在多用户环境和随机数复用多用户环境下的匿名性安全模型,并证明了其安全性;同时提出了2种针对匿名性的可复制测试.基于这些结果,构造了一个通用的密文长度缩短的匿名广播加密算法.
Resumo:
(t,n)门限认证加密方案允许t个以上签名方产生指定接收方的认证加密签名,使得只有指定的接收方能够恢复消息和验证消息的完整性,而其他人却无法做到这一点.最近,在Tseng和Jan的认证加密方案的基础上,Chung等构造了一个(t,n)门限认证加密方案.该方案运用了分工式签名技术,有效地减轻了签名方的负担.然而,该文作者对该方案的安全性仅进行了解释性说明.目前,文献中没有对分工式门限认证加密的形式化刻画,没有出现可证安全分工式门限认证加密方案.事实上,Chung等的分工式门限认证加密方案存在设计上的缺陷.文中给出了分工式门限认证加密方案的形式化模型和安全模型,基于双线性映射构造了一个新的分工式门限认证加密方案.在随机预言机模型下,证明了该方案对于适应性选择密文攻击是语义安全的,该方案对于适应性选择消息攻击是存在性不可伪造的.方案的安全性可规约到计算性Diffie-Hellman(CDH)困难假设和决定性双线性Diffie-Hellman困难假设(DBDH).
Resumo:
Formal correctness of complex multi-party network protocols can be difficult to verify. While models of specific fixed compositions of agents can be checked against design constraints, protocols which lend themselves to arbitrarily many compositions of agents-such as the chaining of proxies or the peering of routers-are more difficult to verify because they represent potentially infinite state spaces and may exhibit emergent behaviors which may not materialize under particular fixed compositions. We address this challenge by developing an algebraic approach that enables us to reduce arbitrary compositions of network agents into a behaviorally-equivalent (with respect to some correctness property) compact, canonical representation, which is amenable to mechanical verification. Our approach consists of an algebra and a set of property-preserving rewrite rules for the Canonical Homomorphic Abstraction of Infinite Network protocol compositions (CHAIN). Using CHAIN, an expression over our algebra (i.e., a set of configurations of network protocol agents) can be reduced to another behaviorally-equivalent expression (i.e., a smaller set of configurations). Repeated applications of such rewrite rules produces a canonical expression which can be checked mechanically. We demonstrate our approach by characterizing deadlock-prone configurations of HTTP agents, as well as establishing useful properties of an overlay protocol for scheduling MPEG frames, and of a protocol for Web intra-cache consistency.
Resumo:
Rachit Agarwal, Rafael V. Martinez-Catala, Sean Harte, Cedric Segard, Brendan O'Flynn, "Modeling Power in Multi-functionality Sensor Network Applications," sensorcomm, pp.507-512, 2008 Proceedings of the Second International Conference on Sensor Technologies and Applications, August 25-August 31 2008, Cap Esterel, France
Resumo:
With the rapid growth of the Internet and digital communications, the volume of sensitive electronic transactions being transferred and stored over and on insecure media has increased dramatically in recent years. The growing demand for cryptographic systems to secure this data, across a multitude of platforms, ranging from large servers to small mobile devices and smart cards, has necessitated research into low cost, flexible and secure solutions. As constraints on architectures such as area, speed and power become key factors in choosing a cryptosystem, methods for speeding up the development and evaluation process are necessary. This thesis investigates flexible hardware architectures for the main components of a cryptographic system. Dedicated hardware accelerators can provide significant performance improvements when compared to implementations on general purpose processors. Each of the designs proposed are analysed in terms of speed, area, power, energy and efficiency. Field Programmable Gate Arrays (FPGAs) are chosen as the development platform due to their fast development time and reconfigurable nature. Firstly, a reconfigurable architecture for performing elliptic curve point scalar multiplication on an FPGA is presented. Elliptic curve cryptography is one such method to secure data, offering similar security levels to traditional systems, such as RSA, but with smaller key sizes, translating into lower memory and bandwidth requirements. The architecture is implemented using different underlying algorithms and coordinates for dedicated Double-and-Add algorithms, twisted Edwards algorithms and SPA secure algorithms, and its power consumption and energy on an FPGA measured. Hardware implementation results for these new algorithms are compared against their software counterparts and the best choices for minimum area-time and area-energy circuits are then identified and examined for larger key and field sizes. Secondly, implementation methods for another component of a cryptographic system, namely hash functions, developed in the recently concluded SHA-3 hash competition are presented. Various designs from the three rounds of the NIST run competition are implemented on FPGA along with an interface to allow fair comparison of the different hash functions when operating in a standardised and constrained environment. Different methods of implementation for the designs and their subsequent performance is examined in terms of throughput, area and energy costs using various constraint metrics. Comparing many different implementation methods and algorithms is nontrivial. Another aim of this thesis is the development of generic interfaces used both to reduce implementation and test time and also to enable fair baseline comparisons of different algorithms when operating in a standardised and constrained environment. Finally, a hardware-software co-design cryptographic architecture is presented. This architecture is capable of supporting multiple types of cryptographic algorithms and is described through an application for performing public key cryptography, namely the Elliptic Curve Digital Signature Algorithm (ECDSA). This architecture makes use of the elliptic curve architecture and the hash functions described previously. These components, along with a random number generator, provide hardware acceleration for a Microblaze based cryptographic system. The trade-off in terms of performance for flexibility is discussed using dedicated software, and hardware-software co-design implementations of the elliptic curve point scalar multiplication block. Results are then presented in terms of the overall cryptographic system.
Resumo:
Traditionally, attacks on cryptographic algorithms looked for mathematical weaknesses in the underlying structure of a cipher. Side-channel attacks, however, look to extract secret key information based on the leakage from the device on which the cipher is implemented, be it smart-card, microprocessor, dedicated hardware or personal computer. Attacks based on the power consumption, electromagnetic emanations and execution time have all been practically demonstrated on a range of devices to reveal partial secret-key information from which the full key can be reconstructed. The focus of this thesis is power analysis, more specifically a class of attacks known as profiling attacks. These attacks assume a potential attacker has access to, or can control, an identical device to that which is under attack, which allows him to profile the power consumption of operations or data flow during encryption. This assumes a stronger adversary than traditional non-profiling attacks such as differential or correlation power analysis, however the ability to model a device allows templates to be used post-profiling to extract key information from many different target devices using the power consumption of very few encryptions. This allows an adversary to overcome protocols intended to prevent secret key recovery by restricting the number of available traces. In this thesis a detailed investigation of template attacks is conducted, along with how the selection of various attack parameters practically affect the efficiency of the secret key recovery, as well as examining the underlying assumption of profiling attacks in that the power consumption of one device can be used to extract secret keys from another. Trace only attacks, where the corresponding plaintext or ciphertext data is unavailable, are then investigated against both symmetric and asymmetric algorithms with the goal of key recovery from a single trace. This allows an adversary to bypass many of the currently proposed countermeasures, particularly in the asymmetric domain. An investigation into machine-learning methods for side-channel analysis as an alternative to template or stochastic methods is also conducted, with support vector machines, logistic regression and neural networks investigated from a side-channel viewpoint. Both binary and multi-class classification attack scenarios are examined in order to explore the relative strengths of each algorithm. Finally these machine-learning based alternatives are empirically compared with template attacks, with their respective merits examined with regards to attack efficiency.
Resumo:
Tony Valsamidis, senior lecturer in information systems, Greenwich University reviews Genesis Machines: The New Science of Biocomputing by Martyn Amos - Atlantic Books ISBN - 184354 224 2. What do encryption, the double helix and sudoku have in common? They are all bound together by the newish science of biocomputing in rather surprising ways, as Martyn Amos masterfully shows in this compendious volume.
