878 resultados para Public key cryptography
Resumo:
Esta dissertação apresenta o desenvolvimento de um novo algoritmo de criptografia de chave pública. Este algoritmo apresenta duas características que o tornam único, e que foram tomadas como guia para a sua concepção. A primeira característica é que ele é semanticamente seguro. Isto significa que nenhum adversário limitado polinomialmente consegue obter qualquer informação parcial sobre o conteúdo que foi cifrado, nem mesmo decidir se duas cifrações distintas correspondem ou não a um mesmo conteúdo. A segunda característica é que ele depende, para qualquer tamanho de texto claro, de uma única premissa de segurança: que o logaritmo no grupo formado pelos pontos de uma curva elíptica de ordem prima seja computacionalmente intratável. Isto é obtido garantindo-se que todas as diferentes partes do algoritmo sejam redutíveis a este problema. É apresentada também uma forma simples de estendê-lo a fim de que ele apresente segurança contra atacantes ativos, em especial, contra ataques de texto cifrado adaptativos. Para tanto, e a fim de manter a premissa de que a segurança do algoritmo seja unicamente dependente do logaritmo elíptico, é apresentada uma nova função de resumo criptográfico (hash) cuja segurança é baseada no mesmo problema.
Resumo:
Pós-graduação em Matemática Universitária - IGCE
Resumo:
To provide more efficient and flexible alternatives for the applications of secret sharing schemes, this paper describes a threshold sharing scheme based on exponentiation of matrices in Galois fields. A significant characteristic of the proposed scheme is that each participant has to keep only one master secret share which can be used to reconstruct different group secrets according to the number of threshold values.
Resumo:
Infrastructureless networks are becoming more popular with the increased prevalence of wireless networking technology. A significant challenge faced by these infrastructureless networks is that of providing security. In this paper we examine the issue of authentication, a fundamental component of most security approaches, and show how it can be performed despite an absence of trusted infrastructure and limited or no existing trust relationship between network nodes. Our approach enables nodes to authenticate using a combination of contextual information, harvested from the environment, and traditional authentication factors (such as public key cryptography). Underlying our solution is a generic threshold signature scheme that enables distributed generation of digital certificates.
Resumo:
After about a quarter of a century of enlightened development and ongoing preparatory technological, scientific and political activities we are arrived at the realization period of the idea. The two major technological vehicles of progress are the World Wide Web, the most democratic international forum of information exchange and the advent of public key cryptography as a combined philosophical and practical device of individual integrity and collective responsibility.
Resumo:
This thesis reports on the two main areas of our research: introductory programming as the traditional way of accessing informatics and cultural teaching informatics through unconventional pathways. The research on introductory programming aims to overcome challenges in traditional programming education, thus increasing participation in informatics. Improving access to informatics enables individuals to pursue more and better professional opportunities and contribute to informatics advancements. We aimed to balance active, student-centered activities and provide optimal support to novices at their level. Inspired by Productive Failure and exploring the concept of notional machine, our work focused on developing Necessity Learning Design, a design to help novices tackle new programming concepts. Using this design, we implemented a learning sequence to introduce arrays and evaluated it in a real high-school context. The subsequent chapters discuss our experiences teaching CS1 in a remote-only scenario during the COVID-19 pandemic and our collaborative effort with primary school teachers to develop a learning module for teaching iteration using a visual programming environment. The research on teaching informatics principles through unconventional pathways, such as cryptography, aims to introduce informatics to a broader audience, particularly younger individuals that are less technical and professional-oriented. It emphasizes the importance of understanding informatics's cultural and scientific aspects to focus on the informatics societal value and its principles for active citizenship. After reflecting on computational thinking and inspired by the big ideas of science and informatics, we describe our hands-on approach to teaching cryptography in high school, which leverages its key scientific elements to emphasize its social aspects. Additionally, we present an activity for teaching public-key cryptography using graphs to explore fundamental concepts and methods in informatics and mathematics and their interdisciplinarity. In broadening the understanding of informatics, these research initiatives also aim to foster motivation and prime for more professional learning of informatics.
Resumo:
n the recent years protection of information in digital form is becoming more important. Image and video encryption has applications in various fields including Internet communications, multimedia systems, medical imaging, Tele-medicine and military communications. During storage as well as in transmission, the multimedia information is being exposed to unauthorized entities unless otherwise adequate security measures are built around the information system. There are many kinds of security threats during the transmission of vital classified information through insecure communication channels. Various encryption schemes are available today to deal with information security issues. Data encryption is widely used to protect sensitive data against the security threat in the form of “attack on confidentiality”. Secure transmission of information through insecure communication channels also requires encryption at the sending side and decryption at the receiving side. Encryption of large text message and image takes time before they can be transmitted, causing considerable delay in successive transmission of information in real-time. In order to minimize the latency, efficient encryption algorithms are needed. An encryption procedure with adequate security and high throughput is sought in multimedia encryption applications. Traditional symmetric key block ciphers like Data Encryption Standard (DES), Advanced Encryption Standard (AES) and Escrowed Encryption Standard (EES) are not efficient when the data size is large. With the availability of fast computing tools and communication networks at relatively lower costs today, these encryption standards appear to be not as fast as one would like. High throughput encryption and decryption are becoming increasingly important in the area of high-speed networking. Fast encryption algorithms are needed in these days for high-speed secure communication of multimedia data. It has been shown that public key algorithms are not a substitute for symmetric-key algorithms. Public key algorithms are slow, whereas symmetric key algorithms generally run much faster. Also, public key systems are vulnerable to chosen plaintext attack. In this research work, a fast symmetric key encryption scheme, entitled “Matrix Array Symmetric Key (MASK) encryption” based on matrix and array manipulations has been conceived and developed. Fast conversion has been achieved with the use of matrix table look-up substitution, array based transposition and circular shift operations that are performed in the algorithm. MASK encryption is a new concept in symmetric key cryptography. It employs matrix and array manipulation technique using secret information and data values. It is a block cipher operated on plain text message (or image) blocks of 128 bits using a secret key of size 128 bits producing cipher text message (or cipher image) blocks of the same size. This cipher has two advantages over traditional ciphers. First, the encryption and decryption procedures are much simpler, and consequently, much faster. Second, the key avalanche effect produced in the ciphertext output is better than that of AES.
Resumo:
We have been investigating the cryptographical properties of in nite families of simple graphs of large girth with the special colouring of vertices during the last 10 years. Such families can be used for the development of cryptographical algorithms (on symmetric or public key modes) and turbocodes in error correction theory. Only few families of simple graphs of large unbounded girth and arbitrarily large degree are known. The paper is devoted to the more general theory of directed graphs of large girth and their cryptographical applications. It contains new explicit algebraic constructions of in finite families of such graphs. We show that they can be used for the implementation of secure and very fast symmetric encryption algorithms. The symbolic computations technique allow us to create a public key mode for the encryption scheme based on algebraic graphs.
Resumo:
As the development of a viable quantum computer nears, existing widely used public-key cryptosystems, such as RSA, will no longer be secure. Thus, significant effort is being invested into post-quantum cryptography (PQC). Lattice-based cryptography (LBC) is one such promising area of PQC, which offers versatile, efficient, and high performance security services. However, the vulnerabilities of these implementations against side-channel attacks (SCA) remain significantly understudied. Most, if not all, lattice-based cryptosystems require noise samples generated from a discrete Gaussian distribution, and a successful timing analysis attack can render the whole cryptosystem broken, making the discrete Gaussian sampler the most vulnerable module to SCA. This research proposes countermeasures against timing information leakage with FPGA-based designs of the CDT-based discrete Gaussian samplers with constant response time, targeting encryption and signature scheme parameters. The proposed designs are compared against the state-of-the-art and are shown to significantly outperform existing implementations. For encryption, the proposed sampler is 9x faster in comparison to the only other existing time-independent CDT sampler design. For signatures, the first time-independent CDT sampler in hardware is proposed.
Resumo:
One of the main practical implications of quantum mechanical theory is quantum computing, and therefore the quantum computer. Quantum computing (for example, with Shor’s algorithm) challenges the computational hardness assumptions, such as the factoring problem and the discrete logarithm problem, that anchor the safety of cryptosystems. So the scientific community is studying how to defend cryptography; there are two defense strategies: the quantum cryptography (which involves the use of quantum cryptographic algorithms on quantum computers) and the post-quantum cryptography (based on classical cryptographic algorithms, but resistant to quantum computers). For example, National Institute of Standards and Technology (NIST) is collecting and standardizing the post-quantum ciphers, as it established DES and AES as symmetric cipher standards, in the past. In this thesis an introduction on quantum mechanics was given, in order to be able to talk about quantum computing and to analyze Shor’s algorithm. The differences between quantum and post-quantum cryptography were then analyzed. Subsequently the focus was given to the mathematical problems assumed to be resistant to quantum computers. To conclude, post-quantum digital signature cryptographic algorithms selected by NIST were studied and compared in order to apply them in today’s life.
Resumo:
Autoritat de certificació (CA) per l'emissió de certificats digitals en una infraestructura de clau pública (PKI) amb una interfície web bàsica.
Resumo:
Arvokasta tai luottamuksellista tietoa käsittelevien palveluiden, kuten pankki- ja kauppa-palveluiden, tarjoaminen julkisessa Internet-verkossa on synnyttänyt tarpeen vahvalle todennukselle, eli käyttäjien tunnistuksen varmistamiselle. Vahvassa todennuksessa käytetään salaus-menetelmien tarjoamia keinoja todennus-tapahtuman tieto-turvan parantamiseen heikkoihin todennusmenetelmiin nähden. Todennusta käyttäjätunnus-salasana-yhdistelmällä voidaan pitää heikkona menetelmänä. Julkisen avaimen järjestelmän varmenteita voidaan käyttää WWW-ympäristössä toimivissa palveluissa yhteyden osapuolten todentamiseen. Tässä työssä suunniteltiin vahva käyttäjän todennus julkisen avaimen järjestelmällä WWW-ympäristössä tarjottavalle palvelulle ja toteutettiin palvelun tarjoavan sovelluksen komponentiksi soveltuva yksinkertainen varmentaja OpenSSL-salaustyökalupaketin avulla. Työssä käydään läpi myös salauksen perusteet, julkisen avaimen järjestelmä ja esitellään olemassaolevia varmentajatoteutuksia ja mahdollisia tieto-turva-uhkia Vahva todennus tulee suunnitella siten, että palvelun käyttäjä ymmärtää, mikä tarkoitus hänen toimillaan on ja miten ne edistävät tietoturvaa. Internet-palveluissa käyttäjän vahva todennus ei ole yleistynyt huonon käytettävyyden vuoksi.
Resumo:
Bildbasierte Authentifizierung und Verschlüsselung: Identitätsbasierte Kryptographie (oft auch identity Based Encryption, IBE) ist eine Variation der asymmetrischen Schlüsselverfahren, bei der der öffentliche Schlüssel des Anwenders eine beliebig wählbare Zeichenfolge sein darf, die dem Besitzer offensichtlich zugeordnet werden kann. Adi Shamir stellte 1984 zunächst ein solches Signatursystem vor. In der Literatur wird dabei als öffentlicher Schlüssel meist die Email-Adresse oder eine Sozialversicherungsnummer genannt. Der Preis für die freie Schlüsselwahl ist die Einbeziehung eines vertrauenswürdigen Dritten, genannt Private Key Generator, der mit seinem privaten Generalschlüssel den privaten Schlüssel des Antragstellers generiert. Mit der Arbeit von Boneh und Franklin 2001 zum Einsatz der Weil-Paarbildung über elliptischen Kurven wurde IBE auf eine sichere und praktikable Grundlage gestellt. In dieser Arbeit wird nach einer allgemeinen Übersicht über Probleme und Lösungsmöglichkeiten für Authentifizierungsaufgaben im zweiten Teil als neue Idee der Einsatz eines Bildes des Anwenders als öffentlicher Schlüssel vorgeschlagen. Dazu wird der Ablauf der Schlüsselausgabe, die Bestellung einer Dienstleistung, z. B. die Ausstellung einer personengebundenen Fahrkarte, sowie deren Kontrolle dargestellt. Letztere kann offline auf dem Gerät des Kontrolleurs erfolgen, wobei Ticket und Bild auf dem Handy des Kunden bereitliegen. Insgesamt eröffnet sich dadurch die Möglichkeit einer Authentifizierung ohne weitere Preisgabe einer Identität, wenn man davon ausgeht, dass das Bild einer Person angesichts allgegenwärtiger Kameras sowieso öffentlich ist. Die Praktikabilität wird mit einer Implementierung auf der Basis des IBE-JCA Providers der National University of Ireland in Maynooth demonstriert und liefert auch Aufschluss auf das in der Praxis zu erwartende Laufzeitverhalten.
Resumo:
Resource and flyer produced for INFO2009 12/13. An animation on public-key encryption related to cybercrime and cybersecurity. Target audience is undergraduates, but the resource does not assume prior knowledge of the topics, or any in-depth knowledge of IT.
Resumo:
Reticulados têm sido aplicados de diferentes maneiras em criptografia. Inicialmente utilizados para a destruição de criptossistemas, eles foram posteriormente aplicados na construção de novos esquemas, incluindo criptossistemas assimétricos, esquemas de assinatura cega e os primeiros métodos para encriptação completamente homomórfica. Contudo, seu desempenho ainda é proibitivamente lenta em muitos casos. Neste trabalho, expandimos técnicas originalmente desenvolvidas para encriptação homomórfica, tornando-as mais genéricas e aplicando-as no esquema GGH-YK-M, um esquema de encriptação de chave pública, e no esquema LMSV, a única construção homomórfica que não sucumbiu a ataques de recuperação de chaves IND-CCA1 até o momento. Em nossos testes, reduzimos o tamanho das chaves do GGH-YK-M em uma ordem de complexidade, especificamente, de O(n2 lg n) para O(n lg n), onde n é um parâmetro público do esquema. A nova técnica também atinge processamento mais rápido em todas as operações envolvidas em um criptossistema assimétrico, isto é, geração de chaves, encriptação e decriptação. A melhora mais significativa é na geração de chaves, que se torna mais de 3 ordens de magnitude mais rápida que resultados anteriores, enquanto a encriptação se torna por volta de 2 ordens de magnitude mais rápida. Para decriptação, nossa implementação é dez vezes mais rápida que a literatura. Também mostramos que é possível aumentar a segurança do esquema LMSV contra os ataques quânticos de recuperação de chaves recentemente publicados pela agência britânica GCHQ. Isso é feito através da adoção de reticulados não-ciclotômicos baseados em anéis polinomiais irredutíveis quase-circulantes. Em nossa implementação, o desempenho da encriptação é virtualmente idêntico, e a decriptação torna-se ligeiramente inferior, um pequeno preço a se pagar pelo aumento de segurança. A geração de chaves, porém, é muito mais lenta, devido à necessidade de se utilizar um método mais genérico e caro. A existência de métodos dedicados altamente eficientes para a geração de chaves nesta variante mais segura do LMSV permanece como um problema em aberto.
