Sharif Digital Repository

Due to popularity of mobile wireless devices, security of mobile ad hoc networks (MANETs) being more important than before. Traditional key management schemes based on symmetric key cryptography are became ineffective because of dynamic and infrastructureless nature of these networks.Recent studies are mainly based on traditional public key cryptography schemes and ID-based cryptography schemes. On the other hand, Contributory schemes seem suitable for MANETs because of their inherent self-organize property. Key update and Key revocation are the fundamental issues of key management schemes in mobile ad hoc networks. Certificateless public key cryptography, in addition to solve those issues,... 

With the increase in the usage of wireless networks and smart grid networks and their applications, need for broadcast transmission has been increased dramatically. In order to use these communication, first we need to secure them by cryptographic methods. As authentication is one of the most important aspect of security, introducing secure broadcast authentication schemes are critical. Because of the resources constrainted nodes of these network, it is important to use light cryptographic methods with high security in these schemes. In this work, after analyzing related works, we introduce a new symmetric broadcast authentication scheme which is more efficient in term of memory consumption... 

Nowdays, because of the promotion and developments of Information technology (IT) and the need for powerful resources for computation and storage, we are the witness of migration from existing computing schemes to the cloud computing and cloud storage environment. As a result, we can see that the client and the IT users are the beneficiaries of the services which are provided by the existing cloud providers. However, the cloud providers are not usually fully trusted and we need to protect the privacy of our sensitive documents. In this case, we should use cryptographic primitives to encrypt our data before outsourcing to the cloud. Searchable encryption and attribute based encryption are two... 

Blockchain systems are considered a subclass of distributed systems and have drawn a lot of attention from academia in recent years. The deployment of these systems in various contexts has been the focus of extensive studies. Because of their design, which places a strong focus on security and decentralization, blockchain systems have some challenges. The most prominent challenge is the one that involves scalability. A blockchain's scalability refers to its capacity to achieve a target throughput and solid performance in confirming transactions with an ever-increasing workload or number of nodes in the network. A solid performance suggests that the blockchain system can sustain its... 

Wireless sensor networks (WSNs) use many tiny sensors to monitor phenomena such as temperature, humidity, brightness and traffic, and then transmit this information to a base station using wireless channels. WSNs find applications in military, ecological, urban and health related areas. Hierarchical wireless sensor networks are kind of sensor networks that use communication entities with different capabilities in terms of energy, processing power, bandwidth, communication range and etc. In this thesis, an introduction to WSNs and their applications, characteristics and designing factors is expressed. It continues on studying the infrastructures and the role of cryptography in enhancing... 

In RFIDtags application or sensor network for some hardware constraints we can not use all-purpose crypto systems such as AES,DES.In this applications in trade off between security and efficiency considering inherent limitation،we desire to satisfy moderate level of security.In recent years various lightweight algorithm has been designed.Purpose of this thesis is cryptanalysis on MIBS as a lightweight algorithm.This lightweight block cipher with Feistel structure and data length of 64-bit uses key lengths of 64-bit or 80-bit and consists of 32 rounds.Methods of attacks are differential،impossible differential and differential fault.the results of differential and impossible differential... 

Along with the proliferation of pervasive systems such as RFID systems and sensor networks, the demand for the low-cost, secure-enough primitives has continued to rise. Symmetric-key algorithms especially block ciphers still play an important role as secure ciphers that can be also consistent with the inherent restrictions of pervasive systems. Recently, a lot of block ciphers tailored for these conditions have been designed, such as Present, PrintCipher, Piccolo, and Twine. Biclique attack introduced in AsiaCrypt 2011 is the first and the only method that could break all versions of AES faster than brute-force attack in the single key model. Afterwards, the efficiency of this attack on some... 

The goal of authenticated encryption is to ensure confidentiality, integrity and authenti-cation of the messages simultaneously. The anouncement of CAESAR comptetition has attracted esearchers’ attention to this branch of symmetric cryptography, since 2014. 57 schemes have been introduced as the first round candidates of this competition, from which 29 where selected as second round candidates. Cryptanalysis of these schemes needs a lot of collective effort. In this thesis after describing preliminaries of authen- ticated encryption, general structure of the schemes and their reported cryptanalysis is reviewed. Then, the details of Pr∅st family of authenticated encryption, which is one of... 

In some applications in the field of information technology such as social networks and medical databases in different hospitals, sometimes an entity needs to calculate the extent of its sharing of information documents with other institutions. Access to one entity's information is not possible due to the confidentiality of users' information. Therefore, in order to calculate common documents, users should be able to do so without revealing their private information. Therefore, it is required protocols such that can only obtain the shared information between two mentioned entities, while preserving the confidentiality of uncommon information. The schemes that meet the above objectives are... 

Design of anonymous authentication scheme is one of the most important challenges in Vehicular Ad hoc Networks (VANET). Most of the existing schemes have high computational and communication overhead and they do not meet security requirements. Recently, Azees et al. have introduced an Efficient Anonymous Authentication with Conditional Privacy-Preserving (EAAP) scheme for VANET and claimed that it is secure. We show that this protocol is vulnerable against replay attack, impersonation attack and message modification attack. Also, we show that the messages sent by a vehicle are linkable. Therefore, an adversary can easily track the vehicles. In addition, it is shown that vehicles face with... 

Social networks and the shared data in these networks are always considered as good opportunities in hands of the attackers. To evaluate the privacy risks in these networks and challenge the anonymization techniques, several de-anonymization attacks have been introduced so far. In this thesis, we propose a technique to improve the success rate of passive seed based de-anonymization attacks. Our proposed technique is simple and can be applied in combination with different types of de-anonymization attacks. We show that it can achieve high success rates with low number of seeds compared to similar attacks. Our technique can also be used for applying partial attacks on graphs which results in... 

The internet of things is a network of interconnected things (people, electronic devices, mechanical machines, etc.) that are able to transfer data. The applications of internet of things in electronic health (eHealth) are becoming increasingly interested. Deployment of eHealth facilitates the access of users to healthcare services, and improves the quality of the services. Using cloud computing provides the accessibility of healthcare services, and enables a data owner to share his health data with doctors and healthcare service providers. Health data is considered sensitive. So, leakage of any information about it endangers data owner privacy. Attribute-based encryption is a cryptographic... 

A major goal in image steganography is to preserve the statistical properties of the host image to thwart statistical based steganalysis. However, most steganography methods introduce some distortions into the host signal’s statistical properties that have been used, as a certain indication of manipulation of the signal, by steganalysis algorithms. In order to overcome such a methodical vulnerability, a new generation of data hiding algorithms has been proposed in the literature to preserve histogram of the host signal. In this thesis we present a novel image steganographic technique to preserve one-dimensional and two-dimensional histograms of the host image. Experimental results show that... 

Considering the advancement in cryptography technologies, data security in the computer networks has achieved to an acceptable level. But considering the structures and the protocols governing the data exchange in the computer networks, privacy of users and anonymity of transmitters is not preserved. Mix-nets are utilized to maintain anonymous data exchange in computer networks. Different types of Mix-net designs for various applications are proposed. Public verifiable Mix-nets are a group of Mix-nets that are used in designing cryptographic protocols such as electronic voting and payment. In this thesis, we have cryptanalysed structural weaknesses of the verifiable Mix-nets. The attacks on... 

In today's world in which a major part of information is digitalized and a large portion of the communication is done via computer networks, entities authentication while maintaining privacy is a concern with the growing importance and value. To meet this goal, during the past two decades, anonymous authentication protocols with different approaches for use in various applications has presented and developed. These protocols enable users to authenticate based on some of their properties, without revealing their own identities. Secret handshake protocols are considered as type of anonymous authentication protocols. This protocol has the unique feature of hiding users' affiliation to the... 

Due to the ever-increasing growth of the ubiquitous computing systems such as RFID, IoT, etc. and their important security concerns specially in the domain of user’s privacy, a great attention from the cryptology community is attracted to the design and analysis of lightweight primitives. Lightweight primitives, including block ciphers, hash functions, stream ciphers, and authenticated encryption schemes, are those ones that are specifically tailored to the devices with extreme limitations in power, area and cost. It is natural that the conventional rules for designing a typical all-purpose primitive can not be used here identically, and designers have to relax the conditions of some... 

With regards to the development of modern power systems, Smart Grid (SG) as an intelligent generation of electricity networks has been faced with a tremendous attention. Fine-grained data sharing in SG plays a vital role in efficiently managing data flow in the SG. As this data commonly contains sensitive information, design of the secure and efficient privacy preserving schemes for such networks with plenty of resource constrained devices is one of the most controversial issues. In this paper, we propose a Secure Ciphertext-Policy Attribute-Based SignCryption (CP-ABSC) scheme which simultaneously provides the authenticity and privacy of the users by enforcing an arbitrary access control... 

In todays world, the importance of cloud computing is not deniable. Because, it provides an environment for accessing to a lot of useful applications in a convenient way with low cost. Cloud storage is one of such services which is provided by cloud computing. As the cloud providers are not fully trusted, it is necessary to encrypt the data before outsourcing, to preserve the privacy of stored information. To find a set of document which is related to some keywords, it is possible to designate cloud provider to search on behalf of entities. So, the encrypted data should be searchable and one solution which is suggested is searchable encryption. Related to this cryptographic primitive, there... 

Stream ciphers are cryptographic schemes being widely used in communications as a means of providing security of data. Hence, scrutinizing their level of security against different cryptanalytic methods has obviously turned to be of great importance. Randomness of the keystream is an important requirement for stream ciphers. The cipher should be designed in such a way that the keystream is free of any statistical biases that would let attackers distinguish it from a random sequence. A distinguishing attack on a stream cipher is one that determines whether a given stream of symbols is a truly random sequence or generated by a specific cipher with an unknown key. In this thesis, we focus on... 

According to the development of communication, cryptography has become a vital issue. Several algorithms have been introduced for cryptography applications. Stream ciphers are such algorithms with high speed and appropriate efficiency. Lots of attacks have been applied to stream ciphers. We concentrate on two kinds of attacks in this thesis. Distinguishing attack is a general attack in which the attacker tries to distinguish the observed output sequence from random. Designers apply this kind of attack to test the statistical probabilities of the output sequence. We applied this attack on Grain family and Trivium family. In the proposed attack, nonlinear parts are replaced with linear ones....