379 resultados para CRYPTOGRAPHY
Resumo:
Cascade is an information reconciliation protocol proposed in the context of secret key agreement in quantum cryptography. This protocol allows removing discrepancies in two partially correlated sequences that belong to distant parties, connected through a public noiseless channel. It is highly interactive, thus requiring a large number of channel communications between the parties to proceed and, although its efficiency is not optimal, it has become the de-facto standard for practical implementations of information reconciliation in quantum key distribution. The aim of this work is to analyze the performance of Cascade, to discuss its strengths, weaknesses and optimization possibilities, comparing with some of the modified versions that have been proposed in the literature. When looking at all design trade-offs, a new view emerges that allows to put forward a number of guidelines and propose near optimal parameters for the practical implementation of Cascade improving performance significantly in comparison with all previous proposals.
Resumo:
In order to deploy QKD in a cost effective and scalable way, its integration with already installed optical networks is a logical step. If, for the sake of security, we require that no intermediate trusted nodes would be needed, the maximum distance/absorptions allowed by QKD systems limit ourselves to metropolitan area networks. Current metro networks are mostly all optical and passive, hence a transparent link can be established among any two points and this link can be used to transport the quantum channel. In this poster we report on our findings studying the problems arising when integrating QKD systems in standard telecommunications networks.
Resumo:
Secret-key agreement, a well-known problem in cryptography, allows two parties holding correlated sequences to agree on a secret key communicating over a public channel. It is usually divided into three different procedures: advantage distillation, information reconciliation and privacy amplification. The efficiency of each one of these procedures is needed if a positive key rate is to be attained from the legitimate parties? correlated sequences. Quantum key distribution (QKD) allows the two parties to obtain correlated sequences, provided that they have access to an authenticated channel. The new generation of QKD devices is able to work at higher speeds and in noisier or more absorbing environments. This exposes the weaknesses of current information reconciliation protocols, a key component to their performance. Here we present a new protocol based in low-density parity-check (LDPC) codes that presents the advantages of low interactivity, rate adaptability and high efficiency,characteristics that make it highly suitable for next generation QKD devices.
Resumo:
A possible approach to the synchronization of chaotic circuits is reported. It is based on an Optically Programmable Logic Cell and as a consequence its output is digital, its application to cryptography in Optical Communications comes directly from its properties. The model here presented is based on a computer simulation.
Resumo:
New telecom wavelength sources of polarization entangled photon pairs allow the distribution of entanglement through metro-access networks using standard equipment. This is essential to ease the deployment of future applications that can profit from quantum entanglement, such as quantum cryptography.
Resumo:
The security of quantum key distribution protocols is guaranteed by the laws of quantum mechanics. However, a precise analysis of the security properties requires tools from both classical cryptography and information theory. Here, we employ recent results in non-asymptotic classical information theory to show that information reconciliation imposes fundamental limitations on the amount of secret key that can be extracted in the finite key regime. In particular, we find that an often used approximation for the information leakage during one-way information reconciliation is flawed and we propose an improved estimate.
Resumo:
La extrema competitividad derivada de la globalización, hace que los proyectos en Tecnologías de la Información (TI), no se valoren por si son buenos o malos. Se da por supuesto que el producto tecnológico es innovador, aporta un valor añadido y tiene un fundamento tecnológico sólido y bien construido. Europa es un gran exponente en Desarrollo e Investigación (I+D), pero todavía está por detrás de países como Estados Unidos o Japón en cuanto a Innovación (i). Nos falta conseguir llegar al mercado. No basta con conseguir con éxito una prueba de concepto. Hay que ir más allá. Partimos de la base de un proyecto: Secretify, un cliente de correo web multicuenta sencillo y atractivo que permite a los usuarios cifrar sus comunicaciones utilizando cuentas de correo electrónico ya existentes, sin la necesidad de saber nada sobre seguridad, criptografía o gestión de claves. La finalidad de este Trabajo es aplicar todos los conceptos aprendidos durante el Máster (en concreto en la rama de Gestión, Innovación y Negocio TI), para convertir Secretify en un producto que sacar al mercado con éxito, teniendo los conocimientos tanto técnicos como empresariales, para minimizar los riesgos y adecuarse al mercado.---ABSTRACT---The extreme competitiveness derived from globalization, makes projects in Information Technologies (IT) to not be evaluated for its goodness. It is assumed that the technology product is innovative, provides added value and has a solid technology basis and well constructed. Europe is a great exponent in Research & Development (R&D), but It is still far behind from countries like USA or Japan in terms of Innovation (i). We need to reach the market: it is not enough having a successful proof of concept. We must go further. We start from a project: Secretify, a simple and beautiful web-based multiaccount email client that allow users to cypher their communications using already existing email accounts, without the need to know about security, cryptography or key management. The purpose of this thesis is to apply all concepts learnt during the Master course (specifically in Management, Innovation and IT business), to turn Secretify into a successful market launch, having the technical and business knowledges, in order to reduce the risks and to adapt to the market.
Resumo:
La sociedad depende hoy más que nunca de la tecnología, pero la inversión en seguridad es escasa y los sistemas informáticos siguen estando muy lejos de ser seguros. La criptografía es una de las piedras angulares de la seguridad en este ámbito, por lo que recientemente se ha dedicado una cantidad considerable de recursos al desarrollo de herramientas que ayuden en la evaluación y mejora de los algoritmos criptográficos. EasyCrypt es uno de estos sistemas, desarrollado recientemente en el Instituto IMDEA Software en respuesta a la creciente necesidad de disponer de herramientas fiables de verificación formal de criptografía. En este trabajo se abordará la implementación de una mejora en el reductor de términos de EasyCrypt, sustituyéndolo por una máquina abstracta simbólica. Para ello se estudiarán e implementarán previamente dos máquinas abstractas muy conocidas, la Máquina de Krivine y la ZAM, introduciendo variaciones sobre ellas y estudiando sus diferencias desde un punto de vista práctico.---ABSTRACT---Today, society depends more than ever on technology, but the investment in security is still scarce and using computer systems are still far from safe to use. Cryptography is one of the cornerstones of security, so there has been a considerable amount of effort devoted recently to the development of tools oriented to the evaluation and improvement of cryptographic algorithms. One of these tools is EasyCrypt, developed recently at IMDEA Software Institute in response to the increasing need of reliable formal verification tools for cryptography. This work will focus on the improvement of the EasyCrypt’s term rewriting system, replacing it with a symbolic abstract machine. In order to do that, we will previously study and implement two widely known abstract machines, the Krivine Machine and the ZAM, introducing some variations and studying their differences from a practical point of view.
Resumo:
We report on a variant of the so-called Cascade protocol that is well-known for its usage as information reconciliation protocol in quantum cryptography. A theoretical analysis of the optimal size of the parity check blocks is provided. We obtain a very small leakage which is for block sizes of 2^16 typically only 2.5% above the Shannon limit, and notably, this holds for a QBER between 1% and 50%. For a QBER between 1% and 6% the leakage is only 2% above the Shannon limit. As comparison, the leakage of the original Cascade algorithm is 20% (40%) above the Shannon limit for a QBER of 10% (35%).
Resumo:
The postprocessing or secret-key distillation process in quantum key distribution (QKD) mainly involves two well-known procedures: information reconciliation and privacy amplification. Information or key reconciliation has been customarily studied in terms of efficiency. During this, some information needs to be disclosed for reconciling discrepancies in the exchanged keys. The leakage of information is lower bounded by a theoretical limit, and is usually parameterized by the reconciliation efficiency (or inefficiency), i.e. the ratio of additional information disclosed over the Shannon limit. Most techniques for reconciling errors in QKD try to optimize this parameter. For instance, the well-known Cascade (probably the most widely used procedure for reconciling errors in QKD) was recently shown to have an average efficiency of 1.05 at the cost of a high interactivity (number of exchanged messages). Modern coding techniques, such as rate-adaptive low-density parity-check (LDPC) codes were also shown to achieve similar efficiency values exchanging only one message, or even better values with few interactivity and shorter block-length codes.
Resumo:
We present here an information reconciliation method and demonstrate for the first time that it can achieve efficiencies close to 0.98. This method is based on the belief propagation decoding of non-binary LDPC codes over finite (Galois) fields. In particular, for convenience and faster decoding we only consider power-of-two Galois fields.
Resumo:
The aim of this contribution is to study the modifications of Cascade, comparing them with the original protocol on the grounds of a full set of parameters, so that the effect of these modifications can be fairly assessed. A number of simulations were performed to study not only the efficiency but also other characteristics of the protocol that are important for its practical application, such as the number of communications and the failure probability. Note that, although it is generally believed that the only price to pay for an improved efficiency is an increased interactivity, when looking at all the significant magnitudes a different view emerges, showing that, for instance, the failure probability eliminate some the supposed advantages of these improvements.
Resumo:
We study how to use quantum key distribution (QKD) in common optical network infrastructures and propose a method to overcome its distance limitations. QKD is the first technology offering information theoretic secret-key distribution that relies only on the fundamental principles of quantum physics. Point-to-point QKD devices have reached a mature industrial state; however, these devices are severely limited in distance, since signals at the quantum level (e.g. single photons) are highly affected by the losses in the communication channel and intermediate devices. To overcome this limitation, intermediate nodes (i.e. repeaters) are used. Both, quantum-regime and trusted, classical, repeaters have been proposed in the QKD literature, but only the latter can be implemented in practice. As a novelty, we propose here a new QKD network model based on the use of not fully trusted intermediate nodes, referred as weakly trusted repeaters. This approach forces the attacker to simultaneously break several paths to get access to the exchanged key, thus improving significantly the security of the network. We formalize the model using network codes and provide real scenarios that allow users to exchange secure keys over metropolitan optical networks using only passive components.
Resumo:
El extraordinario auge de las nuevas tecnologías de la información, el desarrollo de la Internet de las Cosas, el comercio electrónico, las redes sociales, la telefonía móvil y la computación y almacenamiento en la nube, han proporcionado grandes beneficios en todos los ámbitos de la sociedad. Junto a éstos, se presentan nuevos retos para la protección y privacidad de la información y su contenido, como la suplantación de personalidad y la pérdida de la confidencialidad e integridad de los documentos o las comunicaciones electrónicas. Este hecho puede verse agravado por la falta de una frontera clara que delimite el mundo personal del mundo laboral en cuanto al acceso de la información. En todos estos campos de la actividad personal y laboral, la Criptografía ha jugado un papel fundamental aportando las herramientas necesarias para garantizar la confidencialidad, integridad y disponibilidad tanto de la privacidad de los datos personales como de la información. Por otro lado, la Biometría ha propuesto y ofrecido diferentes técnicas con el fin de garantizar la autentificación de individuos a través del uso de determinadas características personales como las huellas dáctilares, el iris, la geometría de la mano, la voz, la forma de caminar, etc. Cada una de estas dos ciencias, Criptografía y Biometría, aportan soluciones a campos específicos de la protección de datos y autentificación de usuarios, que se verían enormemente potenciados si determinadas características de ambas ciencias se unieran con vistas a objetivos comunes. Por ello es imperativo intensificar la investigación en estos ámbitos combinando los algoritmos y primitivas matemáticas de la Criptografía con la Biometría para dar respuesta a la demanda creciente de nuevas soluciones más técnicas, seguras y fáciles de usar que potencien de modo simultáneo la protección de datos y la identificacíón de usuarios. En esta combinación el concepto de biometría cancelable ha supuesto una piedra angular en el proceso de autentificación e identificación de usuarios al proporcionar propiedades de revocación y cancelación a los ragos biométricos. La contribución de esta tesis se basa en el principal aspecto de la Biometría, es decir, la autentificación segura y eficiente de usuarios a través de sus rasgos biométricos, utilizando tres aproximaciones distintas: 1. Diseño de un esquema criptobiométrico borroso que implemente los principios de la biometría cancelable para identificar usuarios lidiando con los problemas acaecidos de la variabilidad intra e inter-usuarios. 2. Diseño de una nueva función hash que preserva la similitud (SPHF por sus siglas en inglés). Actualmente estas funciones se usan en el campo del análisis forense digital con el objetivo de buscar similitudes en el contenido de archivos distintos pero similares de modo que se pueda precisar hasta qué punto estos archivos pudieran ser considerados iguales. La función definida en este trabajo de investigación, además de mejorar los resultados de las principales funciones desarrolladas hasta el momento, intenta extender su uso a la comparación entre patrones de iris. 3. Desarrollando un nuevo mecanismo de comparación de patrones de iris que considera tales patrones como si fueran señales para compararlos posteriormente utilizando la transformada de Walsh-Hadarmard. Los resultados obtenidos son excelentes teniendo en cuenta los requerimientos de seguridad y privacidad mencionados anteriormente. Cada uno de los tres esquemas diseñados han sido implementados para poder realizar experimentos y probar su eficacia operativa en escenarios que simulan situaciones reales: El esquema criptobiométrico borroso y la función SPHF han sido implementados en lenguaje Java mientras que el proceso basado en la transformada de Walsh-Hadamard en Matlab. En los experimentos se ha utilizado una base de datos de imágenes de iris (CASIA) para simular una población de usuarios del sistema. En el caso particular de la función de SPHF, además se han realizado experimentos para comprobar su utilidad en el campo de análisis forense comparando archivos e imágenes con contenido similar y distinto. En este sentido, para cada uno de los esquemas se han calculado los ratios de falso negativo y falso positivo. ABSTRACT The extraordinary increase of new information technologies, the development of Internet of Things, the electronic commerce, the social networks, mobile or smart telephony and cloud computing and storage, have provided great benefits in all areas of society. Besides this fact, there are new challenges for the protection and privacy of information and its content, such as the loss of confidentiality and integrity of electronic documents and communications. This is exarcebated by the lack of a clear boundary between the personal world and the business world as their differences are becoming narrower. In both worlds, i.e the personal and the business one, Cryptography has played a key role by providing the necessary tools to ensure the confidentiality, integrity and availability both of the privacy of the personal data and information. On the other hand, Biometrics has offered and proposed different techniques with the aim to assure the authentication of individuals through their biometric traits, such as fingerprints, iris, hand geometry, voice, gait, etc. Each of these sciences, Cryptography and Biometrics, provides tools to specific problems of the data protection and user authentication, which would be widely strengthen if determined characteristics of both sciences would be combined in order to achieve common objectives. Therefore, it is imperative to intensify the research in this area by combining the basics mathematical algorithms and primitives of Cryptography with Biometrics to meet the growing demand for more secure and usability techniques which would improve the data protection and the user authentication. In this combination, the use of cancelable biometrics makes a cornerstone in the user authentication and identification process since it provides revocable or cancelation properties to the biometric traits. The contributions in this thesis involve the main aspect of Biometrics, i.e. the secure and efficient authentication of users through their biometric templates, considered from three different approaches. The first one is designing a fuzzy crypto-biometric scheme using the cancelable biometric principles to take advantage of the fuzziness of the biometric templates at the same time that it deals with the intra- and inter-user variability among users without compromising the biometric templates extracted from the legitimate users. The second one is designing a new Similarity Preserving Hash Function (SPHF), currently widely used in the Digital Forensics field to find similarities among different files to calculate their similarity level. The function designed in this research work, besides the fact of improving the results of the two main functions of this field currently in place, it tries to expand its use to the iris template comparison. Finally, the last approach of this thesis is developing a new mechanism of handling the iris templates, considering them as signals, to use the Walsh-Hadamard transform (complemented with three other algorithms) to compare them. The results obtained are excellent taking into account the security and privacy requirements mentioned previously. Every one of the three schemes designed have been implemented to test their operational efficacy in situations that simulate real scenarios: The fuzzy crypto-biometric scheme and the SPHF have been implemented in Java language, while the process based on the Walsh-Hadamard transform in Matlab. The experiments have been performed using a database of iris templates (CASIA-IrisV2) to simulate a user population. The case of the new SPHF designed is special since previous to be applied i to the Biometrics field, it has been also tested to determine its applicability in the Digital Forensic field comparing similar and dissimilar files and images. The ratios of efficiency and effectiveness regarding user authentication, i.e. False Non Match and False Match Rate, for the schemes designed have been calculated with different parameters and cases to analyse their behaviour.
Resumo:
Esta investigación es un ejemplo de simbiosis entre criptoanálisis y desciframiento de lenguas. Es la búsqueda del sentido de una inscripción, un conjunto de casi doscientas letras latinas, en una talla de la Virgen María que estaba en la isla de Tenerife, en la localidad hoy de Candelaria, en las islas Canarias. La imagen desapareció en un temporal en el año 1826. No obstante, es posible lograr una gran certeza sobre qué letras tenía, acudiendo a las fuentes documentales textuales y artísticas. El conocimiento del significado, si lo hubiera, de la inscripción mariana, creemos que no puede lograrse sin la adecuada comprensión del contexto. Esto significa indagar en la historia de la misma talla, que se remonta hasta el siglo XIV o XV, en el estudio de la población autóctona canaria, así como de los pueblos que allí llegaron en sus diferentes momentos históricos. Además, es necesario conocer el redescubrimiento del archipiélago canario y sus procesos de conquista y evangelización. Todos estos datos irán ofreciendo un panorama nuevo y sorprendente para comprender no sólo las letras sino la misma imagen escultórica en madera. A partir de este momento la indagación se moverá en ver si las letras corresponden a alguna lengua posible, lo que nos ha llevado a analizar un amplísimo conjunto de textos lo más cercanos a la época bajo estudio, pertenecientes a alrededor de un centenar de lenguas. Tras el examen lingüístico se ha procedido a un estudio de las posibles formas criptográficas que se hubieran utilizado para generar el texto de la inscripción. Se ofrece un detallado y minucioso elenco de técnicas posibles que pudieran haberse adoptado y se criptoanaliza con exhaustividad las letras de la talla mariana. Al mismo tiempo se ofrece un nuevo marco criptológico de métodos y sistemas más ordenado y completo que el que hasta ahora venía considerándose, en especial desde el surgimiento de la criptografía de clave asimétrica. Continuamos la investigación sopesando la posible generación pseudo-aleatoria del texto, un texto que pudiera no tener sentido alguno. En este momento, y habiendo completado todas las posibilidades e hipótesis, habiéndose negado todas, volvemos a reconsiderar el cuerpo de conjeturas y supuestos. Desde ahí analizamos en profundidad el ámbito etnográfico y lingüístico bereber como hipótesis más plausible y probable. Tras la profundización en esta lengua y la corrección de los errores que nos llevaron a no detectarla en nuestro análisis precedente, llegamos a la conclusión de encontrarnos ante una lengua arcaica bereber, un conjunto de letras pertenecientes a una lengua y familia hoy no desaparecida, si bien muy modelada y difuminada por otras lenguas, en especial el árabe. Esto nos llevará a rescatar aspectos léxicos, morfológicos, sintácticos y fonéticos de este habla arcaica. Con todos estos datos realizamos un amplio estudio semántico de la talla tanto desde la perspectiva aborigen autóctona como cristiana. Finalmente, desde las voces lexicales y sus raíces de las lenguas bereberes e insulares amazigh, ofrecemos el significado de las letras inscritas en la talla mariana de Candelaria. ABSTRACT This research is an example of symbiosis between cryptanalysis and deciphering of languages. It is the search for meaning in an inscription, a group of about two hundred latin letters on a carving of the Virgin Mary that was on the island of Tenerife, in the town of Candelaria today, in the Canary islands. The image disappeared in a storm in 1826. However, it is possible to achieve a great certainty about what letters had, going to the textual and artistic documentary sources. The knowledge of the meaning, if any, of the marian inscription, can not be achieved without an adequate knowledge of the context. This means researching into the history of the same carving, which dates back to the fourteenth and fifteen century; the study of the canarian indigenous people and of the people who came there at different historical moments. Furthermore, it is necessary to know the rediscovery of the Canary islands and their processes of conquest and evangelization. All these data will offer a new and surprising outlook to understanding not only the letters but the same wood sculpture. From this moment the inquiry will move to see if the letters correspond to any possible language, which has led us to analyze a very large set of texts as close to the time under study, in a hundred languages. After the language examination, has been carried out a study of possible cryptographic forms used to generate the text of the inscription. A detailed and thorough list of possible techniques that could be adopted is offered. Then exhaustively we cryptanalyze the letters of the marian carving. At the same time a new crypto framework of methods and systems more orderly and complete, especially since the emergence of asymmetric key cryptography, is provided. We continue researching the possible pseudo-random generation of the text, a text that would not make any sense. At this time, and having completed all the possibilities and hypotheses, all having refused, we return to rethink our assumptions. From there we analyze in depth the ethnographic and linguistic berber sphere as the most likely hypothesis. Following the deepening of this language and correcting the mistakes that led us not to detect it in our analysis above, we conclude that this is an archaic berber language, a set of letters belonging to a language and family not extinct today but very modeled and influenced by other languages, primarily arabic. This will lead us to rescue lexical, morphological, syntactic and phonetic aspects of this archaic speech. With all this data we make a wide semantic study of the carving from the indigenous and christian perspective. Finally, from the lexical voices and roots of the berber languages amazigh and island-amazigh, we give the meaning of the letters inscribed in the marian carving of Candelaria.
