Implementação e análise de desempenho dos protocolos de criptografia neural e Diffie-Hellman em sistemas RFID utilizando uma plataforma embarcada

RFID (Radio Frequency Identification) identifies object by using the radio frequency which is a non-contact automatic identification technique. This technology has shown its powerful practical value and potential in the field of manufacturing, retailing, logistics and hospital automation. Unfortunately, the key problem that impacts the application of RFID system is the security of the information. Recently, researchers have demonstrated solutions to security threats in RFID technology. Among these solutions are several key management protocols. This master dissertations presents a performance evaluation of Neural Cryptography and Diffie-Hellman protocols in RFID systems. For this, we measure the processing time inherent in these protocols. The tests was developed on FPGA (Field-Programmable Gate Array) platform with Nios IIr embedded processor. The research methodology is based on the aggregation of knowledge to development of new RFID systems through a comparative analysis between these two protocols. The main contributions of this work are: performance evaluation of protocols (Diffie-Hellman encryption and Neural) on embedded platform and a survey on RFID security threats. According to the results the Diffie-Hellman key agreement protocol is more suitable for RFID systems

The Performance of Elliptic Curve Based Group Diffie-Hellman Protocols for Secure Group Communication over Ad Hoc Networks

The security of the two party Diffie-Hellman key exchange protocol is currently based on the discrete logarithm problem (DLP). However, it can also be built upon the elliptic curve discrete logarithm problem (ECDLP). Most proposed secure group communication schemes employ the DLP-based Diffie-Hellman protocol. This paper proposes the ECDLP-based Diffie-Hellman protocols for secure group communication and evaluates their performance on wireless ad hoc networks. The proposed schemes are compared at the same security level with DLP-based group protocols under different channel conditions. Our experiments and analysis show that the Tree-based Group Elliptic Curve Diffie-Hellman (TGECDH) protocol is the best in overall performance for secure group communication among the four schemes discussed in the paper. Low communication overhead, relatively low computation load and short packets are the main reasons for the good performance of the TGECDH protocol.

An Observation about Variations of the Diffie-Hellman Assumption

We generalize the Strong Boneh-Boyen (SBB) signature scheme to sign vectors; we call this scheme GSBB. We show that if a particular (but most natural) average case reduction from SBB to GSBB exists, then the Strong Diffie-Hellman (SDH) and the Computational Diffie-Hellman (CDH) have the same worst-case complexity.

Il Sistema IBE di Boneh e Franklin

Un sistema di cifratura IBE (Identity-Based Encription Scheme) si basa su un sistema crittografico a chiave pubblica, costituita però in questo caso da una stringa arbitraria. Invece di generare una coppia casuale di chiavi pubbliche e private e pubblicare la prima, l'utente utilizza come chiave pubblica la sua "identità", ovvero una combinazione di informazioni opportune (nome, indirizzo...) che lo identifichino in maniera univoca. In questo modo ad ogni coppia di utenti risulta possibile comunicare in sicurezza e verificare le reciproche firme digitali senza lo scambio di chiavi private o pubbliche, senza la necessità di mantenere una key directory e senza dover ricorrere ogni volta ai servizi di un ente esterno. Nel 2001 Boneh e Franklin proposero uno schema completamente funzionante con sicurezza IND-ID-CCA, basato su un analogo del problema computazionale di Diffie-Hellman e che da un punto di vista tecnico-matematico utilizza la crittografia su curve ellittiche e la mappa bilineare Weil Pairing.

On the computational security of a distributed key distribution scheme

In a distributed key distribution scheme, a set of servers helps a set of users in a group to securely obtain a common key. Security means that an adversary who corrupts some servers and some users has no information about the key of a noncorrupted group. In this work, we formalize the security analysis of one such scheme which was not considered in the original proposal. We prove the scheme is secure in the random oracle model, assuming that the Decisional Diffie-Hellman (DDH) problem is hard to solve. We also detail a possible modification of that scheme and the one in which allows us to prove the security of the schemes without assuming that a specific hash function behaves as a random oracle. As usual, this improvement in the security of the schemes is at the cost of an efficiency loss.

A New Cryptographic Scheme for Securing Dynamic Conferences in Data Networks

Dynamic conferencing refers to a scenario wherein any subset of users in a universe of users form a conference for sharing confidential information among themselves. The key distribution (KD) problem in dynamic conferencing is to compute a shared secret key for such a dynamically formed conference. In literature, the KD schemes for dynamic conferencing either are computationally unscalable or require communication among users, which is undesirable. The extended symmetric polynomial based dynamic conferencing scheme (ESPDCS) is one such KD scheme which has a high computational complexity that is universe size dependent. In this paper we present an enhancement to the ESPDCS scheme to develop a KD scheme called universe-independent SPDCS (UI-SPDCS) such that its complexity is independent of the universe size. However, the UI-SPDCS scheme does not scale with the conference size. We propose a relatively scalable KD scheme termed as DH-SPDCS that uses the UI-SPDCS scheme and the tree-based group Diffie- Hellman (TGDH) key exchange protocol. The proposed DH-SPDCS scheme provides a configurable trade-off between computation and communication complexity of the scheme.

A public key cryptosystem based on block upper triangular matrices

We propose a public key cryptosystem based on block upper triangular matrices. This system is a variant of the Discrete Logarithm Problem with elements in a finite group, capable of increasing the difficulty of the problem while maintaining the key size. We also propose a key exchange protocol that guarantees that both parties share a secret element of this group and a digital signature scheme that provides data authenticity and integrity.

A public-key cryptosystem based on second order linear sequences

Based on Lucas functions, an improved version of the Diffie-Hellman distribution key scheme and to the ElGamal public key cryptosystem scheme are proposed, together with an implementation and computational cost. The security relies on the difficulty of factoring an RSA integer and on the difficulty of computing the discrete logarithm.

A public key encryption based on third order linear sequences

Based on third order linear sequences, an improvement version of the Diffie-Hellman distribution key scheme and the ElGamal public key cryptosystem scheme are proposed, together with an implementation and computational cost. The security relies on the difficulty of factoring an RSA integer and on the difficulty of computing the discrete logarithm.

XifraXat : Xat segur

XifraXat és un sistema que permet a dos usuaris gaudir d'una conversa del tot privada. Assegura la privacitat als usuaris ja que utilitza un sistema de xifra Diffie-Hellman, que com tots els sistemas de xifra pública, el xifratge el fa l'usuari a partir de les seves claus.

Numerical study of graphene as a channel material for field-effect transistors

Graphene excellent properties make it a promising candidate for building future nanoelectronic devices. Nevertheless, the absence of an energy gap is an open problem for the transistor application. In this thesis, graphene nanoribbons and pattern-hydrogenated graphene, two alternatives for inducing an energy gap in graphene, are investigated by means of numerical simulations. A tight-binding NEGF code is developed for the simulation of GNR-FETs. To speed up the simulations, the non-parabolic effective mass model and the mode-space tight-binding method are developed. The code is used for simulation studies of both conventional and tunneling FETs. The simulations show the great potential of conventional narrow GNR-FETs, but highlight at the same time the leakage problems in the off-state due to various tunneling mechanisms. The leakage problems become more severe as the width of the devices is made larger, and thus the band gap smaller, resulting in a poor on/off current ratio. The tunneling FET architecture can partially solve these problems thanks to the improved subthreshold slope; however, it is also shown that edge roughness, unless well controlled, can have a detrimental effect in the off-state performance. In the second part of this thesis, pattern-hydrogenated graphene is simulated by means of a tight-binding model. A realistic model for patterned hydrogenation, including disorder, is developed. The model is validated by direct comparison of the momentum-energy resolved density of states with the experimental angle-resolved photoemission spectroscopy. The scaling of the energy gap and the localization length on the parameters defining the pattern geometry is also presented. The results suggest that a substantial transport gap can be attainable with experimentally achievable hydrogen concentration.

Reputation, VC funding, and innovation: Evidence from the UK Micro and Nanotechnology sector

Startups’ contributions on economic growth have been widely realized. However, the funding gap is often a problem limiting startups’ development. To some extent, VC can be a means to solve this problem. VC is one of the optimal financial intermediaries for startups. Two streams of VC studies are focused in this dissertation: the criteria used by venture capitalists to evaluate startups and the effect of VC on innovation. First, although many criteria have been analyzed, the empirical assessment of the effect of startup reputation on VC funding has not been investigated. However, reputation is usually positively related with firm performance, which may affect VC funding. By analyzing reputation from the generalized visibility dimension and the generalized favorability dimension using a sample of 200 startups founded from 1995 operating in the UK MNT sector, we show that both the two dimensions of reputation have positive influence on the likelihood of receiving VC funding. We also find that management team heterogeneity positively influence the likelihood of receiving VC funding. Second, studies investigating the effect of venture capital on innovation have frequently resorted to patent data. However, innovation is a process leading from invention to successful commercialization, and while patents capture the upstream side of innovative performance, they poorly describe its downstream one. By reflecting the introduction of new products or services trademarks can complete the picture, but empirical studies on trademarking in startups are rare. Analyzing a sample of 192 startups founded from 1996 operating in the UK MNT sector, we find that VC funding has positive effect on the propensity to register trademarks, as well as on the number and breadth of trademarks.

Timing attack di Paul C. Kocher: attacco al sistema di sicurezza RSA mediante strumenti di statistica

In questa tesi ho voluto descrivere il Timing Attack al sistema crittografico RSA, il suo funzionamento, la teoria su cui si basa, i suoi punti di forza e i punti deboli. Questo particolare tipo di attacco informatico fu presentato per la prima volta da Paul C. Kocher nel 1996 all’“RSA Data Security and CRYPTO conferences”. Nel suo articolo “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems” l’autore svela una nuova possibile falla nel sistema RSA, che non dipende da debolezze del crittosistema puramente matematiche, ma da un aspetto su cui nessuno prima di allora si era mai soffermato: il tempo di esecuzione delle operazioni crittografiche. Il concetto è tanto semplice quanto geniale: ogni operazione in un computer ha una certa durata. Le variazioni dei tempi impiegati per svolgere le operazioni dal computer infatti, necessariamente dipendono dal tipo di algoritmo e quindi dalle chiavi private e dal particolare input che si è fornito. In questo modo, misurando le variazioni di tempo e usando solamente strumenti statistici, Kocher mostra che è possibile ottenere informazioni sull’implementazione del crittosistema e quindi forzare RSA e altri sistemi di sicurezza, senza neppure andare a toccare l’aspetto matematico dell’algoritmo. Di centrale importanza per questa teoria diventa quindi la statistica. Questo perché entrano in gioco molte variabili che possono influire sul tempo di calcolo nella fase di decifrazione: - La progettazione del sistema crittografico - Quanto impiega la CPU ad eseguire il processo - L’algoritmo utilizzato e il tipo di implementazione - La precisione delle misurazioni - Ecc. Per avere più possibilità di successo nell’attaccare il sistema occorre quindi fare prove ripetute utilizzando la stessa chiave e input differenti per effettuare analisi di correlazione statistica delle informazioni di temporizzazione, fino al punto di recuperare completamente la chiave privata. Ecco cosa asserisce Kocher: “Against a vulnerable system, the attack is computationally inexpensive and often requires only known ciphertext.”, cioè, contro sistemi vulnerabili, l’attacco è computazionalmente poco costoso e spesso richiede solo di conoscere testi cifrati e di ottenere i tempi necessari per la loro decifrazione.

One More Awareness Gap? The Behaviour–Impact Gap Problem

Preceding research has made hardly any attempt to measure the ecological impacts of pro-environmental behaviour in an objective way. Those impacts were rather supposed or calculated. The research described herein scrutinized the ecological impact reductions achieved through pro-environmental behaviour and raised the question how much of a reduction in carbon footprint can be achieved through voluntary action without actually affecting the socio-economic determinants of life. A survey was carried out in order to measure the difference between the ecological footprint of “green” and “brown” consumers. No significant difference was found between the ecological footprints of the two groups—suggesting that individual pro-environmental attitudes and behaviour do not always reduce the environmental impacts of consumption. This finding resulted in the formulation of a new proposition called the BIG (behaviour–impact gap) problem, which is an interesting addition to research in the field of environmental awareness gaps.

Összegződnek-e az egyéni törekvések? A cselekvés és az eredmény közötti szakadék problémája (Can individual efforts be aggregated? The problem of the action-impact gap)

A szerző arra a kérdésre keresi a választ, hogyan alakulhat ki látványos szakadék az egyéni cselekvések iránya és azok együttes hatása között. A szándékok és tettek hatását felülírhatja a társadalmi gazdasági tényezőkből adódó tehetetlenség: a kritikus tömeg hiánya, szervezeti-infrastrukturális tényezők, kompenzációs hatások, egymás hatását kioltó cselekvések. A szerző a környezettudatosság és az ökológiai lábnyom példáján - ezerfős reprezentatív felmérésre alapozva - mutatja be, hogy az önkéntességre alapozó megközelítés sokszor túlbecsüli a fogyasztó - társadalmi-gazdasági tényezők által korlátozott - lehetőségeit és szuverenitását. _____ Behaviour impact gaps are demonstrably present in everyday life. It is increasingly found that environmental awareness in individuals fails to lead to reductions in the ecological footprint. Intensive agricultural practice reduces biodiversity in the EU even in areas where massive agri-environmental grant schemes are available and applied. Labour market training programmes do not necessarily facilitate job-finding for underprivileged segments of the society. So individual efforts may not add up or induce the expected effect. This outcome appears even for programmes that are successful in attaining the required behavioural change in a target group. The impact of attitudes and individual acts may be wiped out by structural and economic lock-ins such as trade-offs made for the gains, lack of a critical mass of actions, infrastructural deficiencies, or interfering acts of economic actors. The discrepancy between environmental awareness and ecological footprint is used to point out how awareness-raising programmes may miss their targets by overestimating the sovereignty and capabilities of consumers. Consumers are unwillingly locked into unsustainable practices and cannot be moved from that position unless economic and structural premises are also changed.