Sharif Digital Repository

In this thesis, we study security features of the networks which use linear network coding to multicast information to some nodes of the network in presence of a wiretapper and also an active intruder. We consider information theoretic security in which we assume no computation limits for enemy. Thus, we take advantage of the essence of network coding instead of cryptographic tools to improve security features of the network. First, we show how providing shannon security for such networks in presence of wiretapper, leads to different cost in multicast rate, depending on initial network code designed. Based on this, we present a modified secure network code design which can provide perfect... 

Data outsourcing is considered as a promising approach in today computing and connected world. This approach enables organizations to outsource their data to anexternal third party server which is responsible for storing and propagation of outsourced data. Although data outsourcing offers many benefits, especially for those organizations with limited resources and increaseing data volume, but this approach in security aspects like providing confidentiality and privacy about curious external third party or other threats, is faced by serious challenges. In the recent decade many approaches for solving or at least decreasing the potential threats over providing confidentiality of outsourced... 

While data outsourcing provides some benefits, it suffers from new privacy and security concerns, mainly about the confidentiality and integrity of the stored sensitive data, as well as enforcing access control policies. Current solutions to these aims are not comprehensive and consider only one aspect of security requirements. A secure DBMS architecture is introduced that simultaneously considers confidentiality, integrity and access control enforcement requirements. The transparency of security functions from data owner, service providers, and applications facilitates the operationality of the solution.Additionally, a new indexing technique for character encrypted data is proposed that... 

Radio Frequency IDentification (RFID) is an increasingly important area in automatic identification. Low cost RFID tags (labels) are considered as the next generation of barcodes and their purpose is to compensate for shortcomings in computer recognition of objects using cameras. Supply chain management, access control, animal identification,e-passports along with the possibility of having e-health, e-agriculture and smart homes are few examples of RFID application developments. Despite its low cost, ubiquity, and widespread usage, RFID tags suffer from several major drawbacks, particularly information leakage and traceability. In RFID authentication protocols, both information leakage and... 

Distributed Denial of Service (DDoS) is one of the more important attacks in computer networks. DDoS attacks can be categorized in to two categories: high rate and low rate. In the high rate DDoS category, the attacker tries to fill up all the link’s bandwidth capacity by flooding the link with packets. On the other hand, in the low rate DDoS category (i.e. LDDoS), the attacker executes a DDoS attack while keeping a low average transmission rate. TCP LDDoS is a low rate DDoS attack in which the attacker exploits the TCP congestion control behavior.
In this thesis, we investigate a system for defending against the TCP LDDoS attack and propose a novel method for doing so. We present some... 

Recently many organizations outsource their data to an external server due to easier data maintenance. One of the security issues in data outsourcing scenario is the enforcement of data owner’s access control policies. This includes some challenges; namely, the number of keys needed to access authorized resources, efficient policy updating, write access control enforcement, user and data owner overhead, and preserving confidentiality of data and policies . Most of the existing proposed solutions address only some of these challenges, while they impose high overhead on both the data owner and users. Moreover, most of them address enfrocement of policies in form of access control matrix and... 

Data outsourcing is an approach to delegate the burden of data management to external servers. In spite of its clear advantages, data outsourcing requires security assurances including data confidentiality, query result correctness, and access control enforcement. Research proposals have identified solutions with disparate assumptions for different security requirements. It is a real obstacle towards having an integrated solution through the combination of existing approaches. The practicality of data outsourcing to the cloud is seriously affected by this challenge. In this thesis, a unified view based on secret sharing is proposed to simultaneously achieve confidentiality, correctness, and... 

Development of Smart Grid and deployment of smart meters in large scale has raised a lot of concerns regarding customers’ privacy. Consequently, several schemes have been proposed to overcome the above mentioned issue. These schemes mainly rely on data aggregation as a method of protecting users’ privacy from the grid operators. However, the main problem with most of these schemes is the fact that they require a large amount of processing power at the meter side. This, together with the fact that smart meters don’t usually have a powerful processor, can cause the unavailability of smart meter data at the required time for operators of the grid, and at the same time disables smart meters from... 

Nowadays, Internet of Things is considered as a global infrastructure to establish communication between physical world and virtual world by using existing technologies. Its purpose is enabling things to establish communication with anything and any person in any time and any place by using existing networks and services. This technology makes different aspects of people's life smarter, facilitates doing works, and increases the quality of people's life. But, the development of Internet of Things faces to fundamental challenges that one of the most important of them is security and privacy preserving of users. According to the projects of European Research Cluster on the Internet of Things... 

Advanced Persistent Threats (APTs) by multi step , low-level and sometimes slowmoving behaviors try to hiding malicious behaviors. These attacks are complex, costly and the attacker violates the security policy explicitly or implicitly by distributing his or her behavior to multi agents and infiltrate trusted subjects. One of the challenges is the discovery of these attacks in the early stages of the attack and before the complete violation of confidentiality. the lack of deep intercepting of events, content with intrusion detection systems warnings, the lack of simultaneous tracking of host and network-level events and the lack of real-time processing is limitations of existing detection... 

Block ciphers are one of the most necessary primitives for security protocols, and so, cryptanalysis of them is also essential as well. On the other hand, the security assessment of block ciphers is usually manual work with various specific-idea according to the target block cipher type and algorithm. Some basic known methods for cryptanalysis of block ciphers include linear, differential, meet in the middle, and integral attacks. However, cryptanalysis methods are not limited to them, and many new hybrid or innovative methods are employed to provide better results. Recently, automated cryptanalysis of block ciphers and proposing new methods for analyzes of these ciphers are in the... 

The importance of confidentiality and anonymity maintaining mechanisms are not hidden to anybody these days. With the worldwide web spreading rapidly, protecting the users' data flowing through it has become one of the most critical challenges to anonymity mechanisms. Nonetheless, machine learning algorithms have shown that they can reveal some explanatory information, even from encrypted traffic. Website fingerprinting attacks are a group of traffic analysis attacks that aim to detect the website which the monitored user has already visited. The current research takes a brief survey over website fingerprinting attacks presented in recent studies plus the defenses which took devised against... 

Data outsourcing is a process that delegates storage, retrieval, and management of data to an external storage service provider. Data outsourcing will create security challenges for data owners despite decreasing the costs. The most important security challenges in this process are to maintain the confidentiality of data in order to prevent the server's access to information and to ensure that data retrieved from the server is correct. Numerous studies have been conducted to address each of these concerns, each with specific capabilities and overheads. The presented methods generally support some parts of the database's functionality, and feature enhancement in them is along with an increase... 

In the problem of Distributed Multi¬User Secret Sharing (DMUSS), in which K users are connected through some error¬free links to N distinct storage nodes with the same size M information unit, the users desire to retrieve their corresponding secret message through an arbitrary set of accessible storage nodes. A trusted master node, which knows all of the secret messages transmits correctly and privately, the messages with a means of coding. The capacity of Distributed Multi¬User Secret Sharing is the supremum of all achievable schemes satisfying privacy and correctness conditions. In this thesis we have investigated two notions of privacy namely, individual and joint privacy. Individual... 

In recent years, different cryptographic tools have been introduced for a wide range of cloud computing applications that can be classified based on a trade-off between performance and security. In this thesis, we introduced the private set operation schemes, and at their heart, private set intersection schemes, in the cloud computing platform. These schemes are of particular importance because they can be used as basic cryptographic schemes for a wide range of functionalities in the cloud platform. Using these schemes, the user can securely store datasets on the cloud, run set queries remotely and receive the desired results. To this end, we first modeled the syntax and the security notions... 

In modern wireless communication networks,that we have heterogeneous, asynchronous and ultra low latency networks and Due to the high processing power required by conventional cryptographic systems based on computational security, information theoritc security can play important role in the future development of these systems. Security in this case does not depend on the eavesdropper's computing power, but on the statistical independence between the main message and the received message of the eavesdropper. In recent years, polar codes have created new arenas, as they were the provable channel codes that could achieve capacity and reliability simultaneously. In addition, the clear structure,...