Sharif Digital Repository

A hash function maps efficiently every finite length string to a fixed one. The output represents the entire content of the input, similar to digital fingerprint of input text. In order to be able to use a hash function in cryptography, it should be hard to find two distinct inputs with the same output (collision), because finding a collision in hash functions leads to malicious attacks on many security systems.We say a hash function is provably collision resistant, if finding a collision can be reduced to the known hard problems. Family of MD hash functions are one of the most famous applied hash functions which are considerably used in industrial applications. However, they are not... 

Wide use of communication systems and transmission of huge data has increased the need for cryptographic and encoding systems with high speed operations and lower energy consumptions. Code based and joint encryption encoding schemes are examples of such systems, which enjoy simultaneously high performance and security against quantum computers. So far, there has not been developed any quantum algorithm which can solve any of the hard instances of coding theory based on which these cryptographic schemes have been designed. That is why such systems are called post quantum cryptosystems. The main disadvantage of such cryptosystems is large size the key which is to be stored or shared. In this... 

Infrastructural costs of data management, have led people and organizations to outsource their data. This approach is facing with some significant security challenges and risks. The goal of this research, is to present an architecture for secure outsourcing of data in a way that used methods, storage processes, query processing methods and access control mechanisms work together to preserve confidentiality and integrity of outsourced data. In this architecture, the main challenge is transparent placement of some components between client and server in order to prevent user from being aware of communication with a secured server. In order to create this degree of transparency, we need to pay... 

Zero-knowledge proofs are one of the most useful constructions of modern cryptography. Their invention has greatly affected both cryptography and complexity theories. The seemingly paradoxical characteristic of zero-knowledge proofs is that they convince the verifier of the validity of the proposition being proved, yet they yield to further knowledge to him. Two primary applications of zero-knowledge proofs are authentication protocols, as well as sub-protocols which prove that parties involved in some main protocol have acted honestly. In this research, we will survey the models and definitions of zero-knowledge, and analyze their relationship. We then pertain to the interplay between... 

In this thesis, based on the model introduced in [Murphy et. al., Likelihood Estimation for Block Cipher Keys, 1995], we discuss the possibility of unifying the cryptanalysis methods. First, the model for cryptanalysis is discussed and explained by modelling several known statistical attack. In the end, using this model, we propose attacks more general than linear and differential methods  

Mobile ad hoc networks have been attracted the attention of many researchers during last years. One of the major concerns faces such networks is the security issue. The root of this concern is the fact that the intermediate nodes have the responsibility of packet transportation and forwarding. The nodes inside the mobile ad hoc networks assumed to be trusty while they can read, change or drop the transported packets. Cryptography as the cornerstone of the security could be play an essential role in such networks. Any cryptosystem need some keys to be able to secure communications. In large scale mobile ad hoc networks storing the whole keys in all nodes is inefficient, if possible, due to... 

Security of cryptographic devices lies amongst the most important issues in the field of hardware security. It is frequently seen that in the process of designing cryptographic systems insufficient attention is paid to the physical implementation details. This is happening while a lot of secret information is known to be leaked through side-channels such as power consumption, electromagnetic emission and execution time. Side-channel attacks are able to reveal secret keys by using these side-channel leakages. Additionally, side-channel attacks are one of the most powerful but low-cost attacks that put the security of cryptographic systems in vain. It can be claimed that the most dangerous... 

Nowadays, Internet of Things is considered as a global infrastructure to establish communication between physical world and virtual world by using existing technologies. Its purpose is enabling things to establish communication with anything and any person in any time and any place by using existing networks and services. This technology makes different aspects of people's life smarter, facilitates doing works, and increases the quality of people's life. But, the development of Internet of Things faces to fundamental challenges that one of the most important of them is security and privacy preserving of users. According to the projects of European Research Cluster on the Internet of Things... 

In some applications in the field of information technology such as social networks and medical databases in different hospitals, sometimes an entity needs to calculate the extent of its sharing of information documents with other institutions. Access to one entity's information is not possible due to the confidentiality of users' information. Therefore, in order to calculate common documents, users should be able to do so without revealing their private information. Therefore, it is required protocols such that can only obtain the shared information between two mentioned entities, while preserving the confidentiality of uncommon information. The schemes that meet the above objectives are... 

As cloud computing becomes a ubiquitous technology, data outsourcing, which means delegating storage and retrieval of the data to an extraneous service provider, becomes more popular. One of the main issues in data outsourcing is preserving data confidentiality and privacy. A common solution to this problem is encrypting the data before outsourcing, but this approach prevents the service provider from doing computations on the data. A trivial solution is to transfer all of the data to the client-side and decrypt it before doing the computations, but this solution imposes a large overhead on the client-side and contradicts the philosophy of outsourcing. Till now, so many encryption schemes... 

There are three types of Slices in an FPGA, and based on the functionality of these slices, SliceM has the most features especially for designs based on shift registers, adders, and ROMs, and from all of the slices, 25% of them are SliceM. Among the earlier designs that are FPGA-based, Anderson PUF is that is classified as a weak delay-based PUF. In Anderson’s design there always should be atleast two SliceMs that their LUTs are configured as shift registers, the Andersons PUF in some FPGA Architecture especially Series 7 FPGAs, consumes two SliceMs and two other SliceLs, so practically we are using four of our precious slices. Rather than these, in series 6 FPGAs, the design should change... 

Nowadays wireless technology is widespread all over the world and there is a competition among companies to provide the most secure and high range wireless networks for their customers. This thesis focuses on the security of wireless ad hoc networks. There are lots of different encryption algorithms for securing wireless ad hoc networks. Some of the most important are: WEP, TKIP, WPA, WPA2. All other encryption methods of wireless ad hoc networks are derived from these methods. This thesis focuses on WEP and WPA2. For both algorithms, a literature review is conducted, a new approach to cracking is suggested, and tested on real data, and the future works are mentioned. For WEP, which is an... 

When organizations prefer to outsource their data, security protection of data will be more important. Using cryptography in addition to access control techniques is a natural way for saving confidentiality of data against untrusted server. However, encryption and decryption of data result in database performance degradation. In such a situation all the information stored in encrypted form, one cannot make the selection on the database content any more. Data should be decrypted first, so an unwilling tradeoff between the security and performance is normally forced. The appropriate approaches to increase the performance are methods to deal directly with the encrypted data without firstly... 

Electronic voting refers to voting methods that is done using electronic devices or via the Internet or Web. Helios and Civitas protocols are among the recent protocols introduced in this field. Importance and high sensitivity of electronic voting protocols has led researchers to pay high attention about their security analysis. In recent years, different approaches have been used to inspect and analyze electronic voting protocols. In many of such approaches, analysis had been done in a very abstract environment and without considering the operational requirements.The purpose of this thesis is to evaluate the security features of electronic voting protocols, considering their operational and... 

Radio frequency identification systems (RFID) were used in the past to identify physical objects. Along with the development of RFID systems and its wide range of applications in our daily life, the need for privacy in such systems is becoming more and more significant. Authentication protocols are used as the care of secure communication to preserve the privacy and security in RFID systems. In this thesis the security of authentication protocols against general attacks are investigated, using two typical authentication protocols. As an alternative, we use a privacy model as another tool to analyze two other types of authentication protocols. The results reveal the weakness in the design of... 

The crypto-processors are used for encryption and decryption of the sensitive and important information. A crypto-processor converts input plaintext to ciphertext by an input key using a particular cryptographic algorithm. It also converts ciphertext to plaintext by the same or another key. Cryptographic standards are divided in two types: symmetric key algorithms (private key) and asymmetric key algorithms (public key). Current processors generally support only one or a few number of cryptographic algorithms. The motivation of this project is design and implementation of a multi-standard crypto-processor which supports the most of symmetric and asymmetric cryptographic algorithms, such as... 

In this thesis, we analyze and compare switching and CPSP cryptography systems. CPSP is a dynamic system which can act as synchronized or self-synchronized stream cipher under specific conditions. To do the comparison, first we have a brief review of cryptography fundamentals like stream cipher systems, synchronized stream ciphers, and self-synchronized ones. Then, we consider chaos systems in general form and then we present their role in cryptography systems, and in continue by introducing switching cryptography systems and also CPSP cryptography systems, and analyzing their relation with self-synchronized stream ciphers, we do our statistical tests on them  

While data outsourcing provides some benefits, it suffers from new privacy and security concerns, mainly about the confidentiality and integrity of the stored sensitive data, as well as enforcing access control policies. Current solutions to these aims are not comprehensive and consider only one aspect of security requirements. A secure DBMS architecture is introduced that simultaneously considers confidentiality, integrity and access control enforcement requirements. The transparency of security functions from data owner, service providers, and applications facilitates the operationality of the solution.Additionally, a new indexing technique for character encrypted data is proposed that... 

TETRA (TErrestrial Trunked RAdio) is one of the mobile telecommunication standards which has improved in several aspects (voice, data, video, coverage, etc.), especially the security section during the last two decades. Although communication could be quite secure in TETRA when the encryption is used, however, attackers create new ways to bypass the encryption without the knowledge of the legitimate user. Security is performed in different levels and forms to create reliable operation and to protect information through the transmission path from interception and tampering. Since most of the TETRA users require the highest possible level of security, in this thesis we introduce a new... 

Since robustness of peer-to-peer networks depends heavily on voluntary resource sharing among individual peers, the intrinsic problem of free riding exists among autonomous rational peers that consume resources of others without contributing anything in return. One solution to the free riding problem in peer to peer networks is to have incentive mechanisms that aim to improve network efficiency by encouraging peers to cooperate. In this project, we have proposed a hybrid double-auction-based incentive mechanism for centralized peer-to-peer file sharing systems. In addition, a cryptography-based trust management scheme has been proposed to prevent peers from sending fake data. We have...