874 resultados para Cryptographic keys
Resumo:
The physical (temperature, salinity, velocity) and biogeochemical (oxygen, nitrate) structure of an oxygen depleted coherent, baroclinic, anticyclonic mode-water eddy (ACME) is investigated using high-resolution autonomous glider and ship data. A distinct core with a diameter of about 70 km is found in the eddy, extending from about 60 to 200 m depth and. The core is occupied by fresh and cold water with low oxygen and high nitrate concentrations, and bordered by local maxima in buoyancy frequency. Velocity and property gradient sections show vertical layering at the flanks and underneath the eddy characteristic for vertical propagation (to several hundred-meters depth) of near inertial internal waves (NIW) and confirmed by direct current measurements. A narrow region exists at the outer edge of the eddy where NIW can propagate downward. NIW phase speed and mean flow are of similar magnitude and critical layer formation is expected to occur. An asymmetry in the NIW pattern is seen that possible relates to the large-scale Ekman transport interacting with ACME dynamics. NIW/mean flow induced mixing occurs close to the euphotic zone/mixed layer and upward nutrient flux is expected and supported by the observations. Combing high resolution nitrate (NO3-) data with the apparent oxygen utilization (AOU) reveals AOU:NO3- ratios of 16 which are much higher than in the surrounding waters (8.1). A maximum NO3- deficit of 4 to 6 µmol kg-1 is estimated for the low oxygen core. Denitrification would be a possible explanation. This study provides evidence that the recycling of NO3-, extracted from the eddy core and replenished into the core via the particle export, may quantitatively be more important. In this case, the particulate phase is of keys importance in decoupling the nitrogen from the oxygen cycling.
Resumo:
This paper attempts to identify a pathway out of poverty over generations in the rural Philippines, based on long-term panel data spanning for nearly a quarter of a century. Specifically, it sequentially examines the determinants of schooling, subsequent occupational choices, and current non-farm earnings for the same individuals. We found that an initial rise in parental income, brought about by the land reform and the Green Revolution, among other things, improves the schooling of children, which later allows them to obtain remunerative non-farm jobs. These results suggest that the increased agricultural income, improved human capital through schooling and the development of non-farm sectors are the keys to reducing poverty in the long run. It must be also pointed out that the recent development of the rural non-farm sector offers ample employment opportunities for the less educated, which also significantly contributed to the poverty reduction.
Resumo:
Unattended Wireless Sensor Networks (UWSNs) operate in autonomous or disconnected mode: sensed data is collected periodically by an itinerant sink. Between successive sink visits, sensor-collected data is subject to some unique vulnerabilities. In particular, while the network is unattended, a mobile adversary (capable of subverting up to a fraction of sensors at a time) can migrate between compromised sets of sensors and inject fraudulent data. In this paper, we provide two collaborative authentication techniques that allow an UWSN to maintain integrity and authenticity of sensor data-in the presence of a mobile adversary-until the next sink visit. Proposed schemes use simple, standard, and inexpensive symmetric cryptographic primitives, coupled with key evolution and few message exchanges. We study their security and effectiveness, both analytically and via simulations. We also assess their robustness and show how to achieve the desired trade-off between performance and security.
Resumo:
This communication research gives an insight to University Education in Peru and a brief review of the main European documents that deal with the European Higher Education Framework, highlighting the principles upon which it is based, as well as the strategic objectives that it sets forth and the tools to achieve them. The purpose of this process is to adapt our university education management in Peru to the EEES, seeking to identify the limitations and constraints faced with regard to the keys of European convergence and the means or instruments that we have in order to attain convergence in Peru.
Resumo:
In this paper, a new countermeasure against power and electromagnetic (EM) Side Channel Attacks (SCA) on FPGA implemented cryptographic algorithms is proposed. This structure mainly focuses on a critical vulnerability, Early Evaluation, also known as Early Propagation Effect (EPE), which exists in most conventional SCA-hardened DPL (Dual-rail with Precharge Logic) solutions. The main merit of this proposal is that the EPE can be effectively prevented by using a synchronized non regular precharge network, which maintains identical routing between the original and mirror parts, where costs and design complexity compared with previous EPE-resistant countermeasures are reduced, while security level is not sacrificed. Another advantage for our Precharge Absorbed(PA) - DPL method is that its Dual-Core style (independent architecture for true and false parts) could be generated using partial reconfiguration. This helps to get a dynamic security protection with better energy planning. That means system only keeps the true part which fulfills the normal en/decryption task in low security level, and reconfigures the false parts once high security level is required. A relatively limited clock speed is a compromise, since signal propagation is restricted to a portion of the clock period. In this paper, we explain the principles of PA-DPL and provide the guidelines to design this structure. We experimentally validate our methods in a minimized AES co-processor on Xilinx Virtex-5 board using electromagnetic (EM) attacks.
Resumo:
Community development must be accompanied by a social involvement process which creates functional groups of citizens capable of taking responsibility for their own development. It is important that this process promotes the structuring of all population groups and provides the appropriate institutional and technical support. The present paper addresses these issues based on over 25 years of experience by the Association Instituto de Desarrollo Comunitario de Cuenca in revitalizing rural areas of the Spanish province of Cuenca. This paper analyses the social involvement process encouraged by this association, the relationships between public institutions and local associations, the role of these associations and the difficulties encountered in the rural areas. The long-term perspective of this experience provides some keys which can be used to successfully support the process of social involvement ―such as information on its characteristics and methodological tools―, establish local associations and create sustainable partnerships that foster the growth of leadership within the community development process.
Resumo:
Side Channel Attack (SCA) differs from traditional mathematic attacks. It gets around of the exhaustive mathematic calculation and precisely pin to certain points in the cryptographic algorithm to reveal confidential information from the running crypto-devices. Since the introduction of SCA by Paul Kocher et al [1], it has been considered to be one of the most critical threats to the resource restricted but security demanding applications, such as wireless sensor networks. In this paper, we focus our work on the SCA-concerned security verification on WSN (wireless sensor network). A detailed setup of the platform and an analysis of the results of DPA (power attack) and EMA (electromagnetic attack) is presented. The setup follows the way of low-cost setup to make effective SCAs. Meanwhile, surveying the weaknesses of WSNs in resisting SCA attacks, especially for the EM attack. Finally, SCA-Prevention suggestions based on Differential Security Strategy for the FPGA hardware implementation in WSN will be given, helping to get an improved compromise between security and cost.
Resumo:
La presente tesis doctoral propone un conjunto de ensayos de corta duración destinados a cubrir la ausencia de estándares internacionales específicamente adaptados a la tecnología y al panorama fotovoltaico actual que indiquen como realizar los procedimientos de control de calidad para comprobar que las grandes centrales fotovoltaicas ejecutadas responden a las expectativas establecidas durante la fase de proyecto. Dichos ensayos buscan, desde el punto de vista estrictamente técnico, obtener en un corto periodo de tiempo (típicamente una semana) resultados altamente repetitivos y representativos del comportamiento de la instalación bajo análisis, a la vez que minimizar al máximo la incertidumbre global, aspectos fundamentales para los procedimientos de control general de la calidad de una central. Los ensayos propuestos comprueban tanto el comportamiento general de la central, en términos de su capacidad de producción energética, como el de sus principales componentes, generadores fotovoltaicos e inversores, en términos de potencia máxima y eficiencia, respectivamente. También se aconseja una revisión de la calidad y seguridad de la instalación y de los materiales empleados en la ejecución de la central para evitar un envejecimiento prematuro de los mismos. Todos los ensayos recogidos en el texto se apoyan en la experiencia recopilada por el “Grupo de Sistemas Fotovoltaicos del Instituto de Energía Solar de la Universidad Politécnica de Madrid”, que ha estado involucrado en procedimientos de control de calidad de unas 50 centrales fotovoltaicas, con una potencia acumulada cercana a 250 MW, la mayoría de ellas instaladas en España. ABSTRACT This PhD thesis proposes a set of short-duration tests to establish quality control procedures to ensure that large photovoltaic plants fulfil the initial expectations. The motivation for this work is the lack of international standards specifically adapted to the present photovoltaic technology and its state of the art. From a strict technical point of view, these tests seek to obtain highly repetitive and representative results about the behaviour of the installation under study in a short period of time (typically one single week); and to minimize the global uncertainty. These are the two keys aspects required in quality control procedures. The proposed tests evaluate the general behaviour of the photovoltaic plants, in terms of energy production, as well as the particular behaviour of their main devices, photovoltaic arrays and inverters, in terms of maximum power and efficiency, respectively. A review of the installation quality and safety, and the employed materials in its execution to avoid premature aging is also recommended. The tests here presented are based on the experience accumulated by the “Grupo de Sistemas Fotovoltaicos del Instituto de Energia Solar de la Universidad Politecnica de Madrid”. This group has been involved in quality control procedures of about 50 photovoltaic plants, with an accumulated power close to 250 MW, most of them installed in Spain.
Resumo:
The extraordinary increase of new information technologies, the development of Internet, the electronic commerce, the e-government, mobile telephony and future cloud computing and storage, have provided great benefits in all areas of society. Besides these, there are new challenges for the protection of information, such as the loss of confidentiality and integrity of electronic documents. Cryptography plays a key role by providing the necessary tools to ensure the safety of these new media. It is imperative to intensify the research in this area, to meet the growing demand for new secure cryptographic techniques. The theory of chaotic nonlinear dynamical systems and the theory of cryptography give rise to the chaotic cryptography, which is the field of study of this thesis. The link between cryptography and chaotic systems is still subject of intense study. The combination of apparently stochastic behavior, the properties of sensitivity to initial conditions and parameters, ergodicity, mixing, and the fact that periodic points are dense, suggests that chaotic orbits resemble random sequences. This fact, and the ability to synchronize multiple chaotic systems, initially described by Pecora and Carroll, has generated an avalanche of research papers that relate cryptography and chaos. The chaotic cryptography addresses two fundamental design paradigms. In the first paradigm, chaotic cryptosystems are designed using continuous time, mainly based on chaotic synchronization techniques; they are implemented with analog circuits or by computer simulation. In the second paradigm, chaotic cryptosystems are constructed using discrete time and generally do not depend on chaos synchronization techniques. The contributions in this thesis involve three aspects about chaotic cryptography. The first one is a theoretical analysis of the geometric properties of some of the most employed chaotic attractors for the design of chaotic cryptosystems. The second one is the cryptanalysis of continuos chaotic cryptosystems and finally concludes with three new designs of cryptographically secure chaotic pseudorandom generators. The main accomplishments contained in this thesis are: v Development of a method for determining the parameters of some double scroll chaotic systems, including Lorenz system and Chua’s circuit. First, some geometrical characteristics of chaotic system have been used to reduce the search space of parameters. Next, a scheme based on the synchronization of chaotic systems was built. The geometric properties have been employed as matching criterion, to determine the values of the parameters with the desired accuracy. The method is not affected by a moderate amount of noise in the waveform. The proposed method has been applied to find security flaws in the continuous chaotic encryption systems. Based on previous results, the chaotic ciphers proposed by Wang and Bu and those proposed by Xu and Li are cryptanalyzed. We propose some solutions to improve the cryptosystems, although very limited because these systems are not suitable for use in cryptography. Development of a method for determining the parameters of the Lorenz system, when it is used in the design of two-channel cryptosystem. The method uses the geometric properties of the Lorenz system. The search space of parameters has been reduced. Next, the parameters have been accurately determined from the ciphertext. The method has been applied to cryptanalysis of an encryption scheme proposed by Jiang. In 2005, Gunay et al. proposed a chaotic encryption system based on a cellular neural network implementation of Chua’s circuit. This scheme has been cryptanalyzed. Some gaps in security design have been identified. Based on the theoretical results of digital chaotic systems and cryptanalysis of several chaotic ciphers recently proposed, a family of pseudorandom generators has been designed using finite precision. The design is based on the coupling of several piecewise linear chaotic maps. Based on the above results a new family of chaotic pseudorandom generators named Trident has been designed. These generators have been specially designed to meet the needs of real-time encryption of mobile technology. According to the above results, this thesis proposes another family of pseudorandom generators called Trifork. These generators are based on a combination of perturbed Lagged Fibonacci generators. This family of generators is cryptographically secure and suitable for use in real-time encryption. Detailed analysis shows that the proposed pseudorandom generator can provide fast encryption speed and a high level of security, at the same time. El extraordinario auge de las nuevas tecnologías de la información, el desarrollo de Internet, el comercio electrónico, la administración electrónica, la telefonía móvil y la futura computación y almacenamiento en la nube, han proporcionado grandes beneficios en todos los ámbitos de la sociedad. Junto a éstos, se presentan nuevos retos para la protección de la información, como la suplantación de personalidad y la pérdida de la confidencialidad e integridad de los documentos electrónicos. La criptografía juega un papel fundamental aportando las herramientas necesarias para garantizar la seguridad de estos nuevos medios, pero es imperativo intensificar la investigación en este ámbito para dar respuesta a la demanda creciente de nuevas técnicas criptográficas seguras. La teoría de los sistemas dinámicos no lineales junto a la criptografía dan lugar a la ((criptografía caótica)), que es el campo de estudio de esta tesis. El vínculo entre la criptografía y los sistemas caóticos continúa siendo objeto de un intenso estudio. La combinación del comportamiento aparentemente estocástico, las propiedades de sensibilidad a las condiciones iniciales y a los parámetros, la ergodicidad, la mezcla, y que los puntos periódicos sean densos asemejan las órbitas caóticas a secuencias aleatorias, lo que supone su potencial utilización en el enmascaramiento de mensajes. Este hecho, junto a la posibilidad de sincronizar varios sistemas caóticos descrita inicialmente en los trabajos de Pecora y Carroll, ha generado una avalancha de trabajos de investigación donde se plantean muchas ideas sobre la forma de realizar sistemas de comunicaciones seguros, relacionando así la criptografía y el caos. La criptografía caótica aborda dos paradigmas de diseño fundamentales. En el primero, los criptosistemas caóticos se diseñan utilizando circuitos analógicos, principalmente basados en las técnicas de sincronización caótica; en el segundo, los criptosistemas caóticos se construyen en circuitos discretos u ordenadores, y generalmente no dependen de las técnicas de sincronización del caos. Nuestra contribución en esta tesis implica tres aspectos sobre el cifrado caótico. En primer lugar, se realiza un análisis teórico de las propiedades geométricas de algunos de los sistemas caóticos más empleados en el diseño de criptosistemas caóticos vii continuos; en segundo lugar, se realiza el criptoanálisis de cifrados caóticos continuos basados en el análisis anterior; y, finalmente, se realizan tres nuevas propuestas de diseño de generadores de secuencias pseudoaleatorias criptográficamente seguros y rápidos. La primera parte de esta memoria realiza un análisis crítico acerca de la seguridad de los criptosistemas caóticos, llegando a la conclusión de que la gran mayoría de los algoritmos de cifrado caóticos continuos —ya sean realizados físicamente o programados numéricamente— tienen serios inconvenientes para proteger la confidencialidad de la información ya que son inseguros e ineficientes. Asimismo una gran parte de los criptosistemas caóticos discretos propuestos se consideran inseguros y otros no han sido atacados por lo que se considera necesario más trabajo de criptoanálisis. Esta parte concluye señalando las principales debilidades encontradas en los criptosistemas analizados y algunas recomendaciones para su mejora. En la segunda parte se diseña un método de criptoanálisis que permite la identificaci ón de los parámetros, que en general forman parte de la clave, de algoritmos de cifrado basados en sistemas caóticos de Lorenz y similares, que utilizan los esquemas de sincronización excitador-respuesta. Este método se basa en algunas características geométricas del atractor de Lorenz. El método diseñado se ha empleado para criptoanalizar eficientemente tres algoritmos de cifrado. Finalmente se realiza el criptoanálisis de otros dos esquemas de cifrado propuestos recientemente. La tercera parte de la tesis abarca el diseño de generadores de secuencias pseudoaleatorias criptográficamente seguras, basadas en aplicaciones caóticas, realizando las pruebas estadísticas, que corroboran las propiedades de aleatoriedad. Estos generadores pueden ser utilizados en el desarrollo de sistemas de cifrado en flujo y para cubrir las necesidades del cifrado en tiempo real. Una cuestión importante en el diseño de sistemas de cifrado discreto caótico es la degradación dinámica debida a la precisión finita; sin embargo, la mayoría de los diseñadores de sistemas de cifrado discreto caótico no ha considerado seriamente este aspecto. En esta tesis se hace hincapié en la importancia de esta cuestión y se contribuye a su esclarecimiento con algunas consideraciones iniciales. Ya que las cuestiones teóricas sobre la dinámica de la degradación de los sistemas caóticos digitales no ha sido totalmente resuelta, en este trabajo utilizamos algunas soluciones prácticas para evitar esta dificultad teórica. Entre las técnicas posibles, se proponen y evalúan varias soluciones, como operaciones de rotación de bits y desplazamiento de bits, que combinadas con la variación dinámica de parámetros y con la perturbación cruzada, proporcionan un excelente remedio al problema de la degradación dinámica. Además de los problemas de seguridad sobre la degradación dinámica, muchos criptosistemas se rompen debido a su diseño descuidado, no a causa de los defectos esenciales de los sistemas caóticos digitales. Este hecho se ha tomado en cuenta en esta tesis y se ha logrado el diseño de generadores pseudoaleatorios caóticos criptogr áficamente seguros.
Resumo:
This paper presents a general view of the telematic voting system developed by its authors, with a special emphasis on the important role that smart cards play in this scenario. The use of smart cards as basic pieces for providing secure cryptographic operations in this type of voting scheme is justified. The differences and advantages of Java Cards in comparison with the ?classical? smart cards (those that completely conform to the ISO/IEC 7816 standard) are also discussed. As an example, the paper describes one of the applets implemented in the voting Java Card as part of the general telematic voting application.
Resumo:
In this paper we present a global description of a telematic voting system based on advanced cryptography and on the use of smart cards (VOTESCRIPT system) whose most outstanding characteristic is the ability to verify that the tally carried out by the system is correct, meaning that the results published by the system correspond with votes cast. The VOTESCRIPT system provides an individual verification mechanism allowing each Voter to confirm whether his vote has been correctly counted. The innovation with respect to other solutions lies in the fact that the verification process is private so that Voters have no way of proving what they voted in the presence of a non-authorized third party. Vote buying and selling or any other kind of extortion are prevented. The existence of the Intervention Systems allows the whole electoral process to be controlled by groups of citizens or authorized candidatures. In addition to this the system can simply make an audit not only of the final results, but also of the whole process. Global verification provides the Scrutineers with robust cryptographic evidence which enables unequivocal proof if the system has operated in a fraudulent way.
Resumo:
La tesis destaca la influencia que ejerció la teoría, las técnicas y la metodología de proyecto de los principales tratados de la época renacentista en la concepción, diseño y realización de algunos de los más importantes jardines de la época. Los tratados de Vitruvio, Alberti, Filarete, Di Giorgio, Serlio, Palladio, Colonna y Del Riccio establecen una nueva estética y una nueva visión del mundo, basadas en la geometría elemental y en los números simples. En la Grecia antigua, Platón y Pitágoras intuyeron la necesidad existencial del hombre de apoyarse en unas leyes seguras de orden superior. Sus teorías sobre las leyes del Universo son retomadas y aplicadas en el arte y en el jardín por Vitruvio y por los tratadistas del Renacimiento. Según los tratadistas, la estética es el núcleo generador del que se activan la información y las leyes hacia todos los campos del conocimiento y de la vida social y, por lo tanto, la finalidad de los tratados es buscar, a través de un procedimiento científico y racional, las reglas de la belleza. Las leyes estéticas formuladas por los tratadistas examinados se aplican con el mismo rigor y respeto ya sea al paisaje que al jardín, exaltando el elemento natural al igual que el construido (la ciudad y la arquitectura). De los tratados renacentistas se han extraídos términos y conceptos que ayudan a revalorizar, reinterpretar e integrar en el debate los temas del paisaje y del jardín. La tesis sostiene que: 1) una idea moderna de jardín se tiene que fundar en la historia; 2) que la historia es indispensable incluso para enfrentar el problema del mantenimiento y de la restauración de los jardines históricos; 3) que la teoría y las ideas que tienen valor, así como nos enseña Alberti, producen obras que también tienen valor; 4) la influencia de la estética de los tratadistas se encuentra incluso en algunos importantes jardines de época moderna y contemporánea. El capítulo 1 contiene la definición de tratado y la concepción estética del Renacimiento, analizada por medio de: a) la idea de ciencia y b) a través de las pinturas. Los capítulos 2 y 3 contienen respectivamente los principios teóricos de los tratados y el diseño, la metodología, las técnicas constructivas y los métodos de representación del proyecto según los tratadistas. Estos capítulos resultan propedéuticos de los capítulos siguientes por proporcionar el instrumento de lectura e interpretación de los jardines renacentistas y modernos. El capítulo 4 destaca la gran influencia de los tratados sobre las villas y jardines renacentistas y describe sus elementos. El último capítulo, el quinto, contiene un análisis de algunos jardines modernos. Entre ellos: Chiswick, la Villa “I Tatti”, Sutton Place, y la Villa “Il Roseto” que renuevan y prosiguen, en nuestra opinión, la lección de los tratadistas. El primer anexo contiene la propuesta de líneas de investigación que surgen a la luz de la tesis, y el segundo anexo contiene las noticias biográficas de los tratadistas examinados. ABSTRACT The thesis investigates the influence exercised by the theory, techniques and project methodology contained in the most relevant essays on art and architecture of the Renaissance on the concept, design and making of some of the most important gardens of that time. The essays of Vitruvius, Alberti, Filarete, Di Giorgio, Serlio, Palladio, Colonna y Del Riccio established a new concept of aesthetics and a vision of the world based on basic geometry and simple numbers. In ancient Greece, Plato and Pythagoras understood that humans needed “superior laws” to anchor their existences. Their theories on laws of the Universe were adopted and applied in art and gardening by Vitruvius and Renaissance essays authors. According to the authors of these essays, aesthetics represents the core generating information and laws that branch out toward all the fields of knowledge and social life. Therefore, the purpose of art and architecture essays consists in exploring, through a scientific and rational process, the rules of beauty. The laws of aesthetics proposed by the authors apply to landscaping and gardening with the same rigor and exalt the natural component as much as the artificial one (city and architecture). Several terms and concepts are also extracted that, despite their age, still help us to understand and enrich the contemporary debate revolving around landscaping and gardening. The thesis argues that: 1) the modern idea of gardening must be based on history; 2) history is fundamental even to address the topics of maintenance and restoration of historical gardens; 3) like Leon Battista Alberti maintains, valid theory and ideas produce valuable works; 4) the influence played by aesthetics on authors can be found in many important modern and contemporary gardens. Chapter 1 contains the definition of essay and of the Renaissance concept of aesthetics, analyzed by: a) the idea of science and 2) the analysis of some paintings of the period. Chapters 2 and 3 discuss respectively the theoretical principles of the essays and the design, methodology, construction techniques and the methods of representation of the project according to the authors. These chapters are preparatory toward the following chapters and provide us with the keys necessary to read and interpret Renaissance and modern gardens. Chapter 4 highlights the great influence exercised by those authors on the planning of important villas and gardens from the Renaissance while describing their elements. The 5th and final chapter analyzes some modern gardens among which Chiswick, Villa “I Tatti”, Sutton Place, Villa “Il Roseto”. These villas renew and in our opinion carry on the lesson of the essays written in the Renaissance. The first addendum suggests future lines of research derived from the thesis, while the second addendum contains biographical information regarding the authors examined.
Resumo:
In this work we present a new way to mask the data in a one-user communication system when direct sequence - code division multiple access (DS-CDMA) techniques are used. The code is generated by a digital chaotic generator, originally proposed by us and previously reported for a chaos cryptographic system. It is demonstrated that if the user's data signal is encoded with a bipolar phase-shift keying (BPSK) technique, usual in DS-CDMA, it can be easily recovered from a time-frequency domain representation. To avoid this situation, a new system is presented in which a previous dispersive stage is applied to the data signal. A time-frequency domain analysis is performed, and the devices required at the transmitter and receiver end, both user-independent, are presented for the optical domain.
Resumo:
La seguridad verificada es una metodología para demostrar propiedades de seguridad de los sistemas informáticos que se destaca por las altas garantías de corrección que provee. Los sistemas informáticos se modelan como programas probabilísticos y para probar que verifican una determinada propiedad de seguridad se utilizan técnicas rigurosas basadas en modelos matemáticos de los programas. En particular, la seguridad verificada promueve el uso de demostradores de teoremas interactivos o automáticos para construir demostraciones completamente formales cuya corrección es certificada mecánicamente (por ordenador). La seguridad verificada demostró ser una técnica muy efectiva para razonar sobre diversas nociones de seguridad en el área de criptografía. Sin embargo, no ha podido cubrir un importante conjunto de nociones de seguridad “aproximada”. La característica distintiva de estas nociones de seguridad es que se expresan como una condición de “similitud” entre las distribuciones de salida de dos programas probabilísticos y esta similitud se cuantifica usando alguna noción de distancia entre distribuciones de probabilidad. Este conjunto incluye destacadas nociones de seguridad de diversas áreas como la minería de datos privados, el análisis de flujo de información y la criptografía. Ejemplos representativos de estas nociones de seguridad son la indiferenciabilidad, que permite reemplazar un componente idealizado de un sistema por una implementación concreta (sin alterar significativamente sus propiedades de seguridad), o la privacidad diferencial, una noción de privacidad que ha recibido mucha atención en los últimos años y tiene como objetivo evitar la publicación datos confidenciales en la minería de datos. La falta de técnicas rigurosas que permitan verificar formalmente este tipo de propiedades constituye un notable problema abierto que tiene que ser abordado. En esta tesis introducimos varias lógicas de programa quantitativas para razonar sobre esta clase de propiedades de seguridad. Nuestra principal contribución teórica es una versión quantitativa de una lógica de Hoare relacional para programas probabilísticos. Las pruebas de correción de estas lógicas son completamente formalizadas en el asistente de pruebas Coq. Desarrollamos, además, una herramienta para razonar sobre propiedades de programas a través de estas lógicas extendiendo CertiCrypt, un framework para verificar pruebas de criptografía en Coq. Confirmamos la efectividad y aplicabilidad de nuestra metodología construyendo pruebas certificadas por ordendor de varios sistemas cuyo análisis estaba fuera del alcance de la seguridad verificada. Esto incluye, entre otros, una meta-construcción para diseñar funciones de hash “seguras” sobre curvas elípticas y algoritmos diferencialmente privados para varios problemas de optimización combinatoria de la literatura reciente. ABSTRACT The verified security methodology is an emerging approach to build high assurance proofs about security properties of computer systems. Computer systems are modeled as probabilistic programs and one relies on rigorous program semantics techniques to prove that they comply with a given security goal. In particular, it advocates the use of interactive theorem provers or automated provers to build fully formal machine-checked versions of these security proofs. The verified security methodology has proved successful in modeling and reasoning about several standard security notions in the area of cryptography. However, it has fallen short of covering an important class of approximate, quantitative security notions. The distinguishing characteristic of this class of security notions is that they are stated as a “similarity” condition between the output distributions of two probabilistic programs, and this similarity is quantified using some notion of distance between probability distributions. This class comprises prominent security notions from multiple areas such as private data analysis, information flow analysis and cryptography. These include, for instance, indifferentiability, which enables securely replacing an idealized component of system with a concrete implementation, and differential privacy, a notion of privacy-preserving data mining that has received a great deal of attention in the last few years. The lack of rigorous techniques for verifying these properties is thus an important problem that needs to be addressed. In this dissertation we introduce several quantitative program logics to reason about this class of security notions. Our main theoretical contribution is, in particular, a quantitative variant of a full-fledged relational Hoare logic for probabilistic programs. The soundness of these logics is fully formalized in the Coq proof-assistant and tool support is also available through an extension of CertiCrypt, a framework to verify cryptographic proofs in Coq. We validate the applicability of our approach by building fully machine-checked proofs for several systems that were out of the reach of the verified security methodology. These comprise, among others, a construction to build “safe” hash functions into elliptic curves and differentially private algorithms for several combinatorial optimization problems from the recent literature.
