Sharif Digital Repository

When organizations prefer to outsource their data, security protection of data will be more important. Using cryptography in addition to access control techniques is a natural way for saving confidentiality of data against untrusted server. However, encryption and decryption of data result in database performance degradation. In such a situation all the information stored in encrypted form, one cannot make the selection on the database content any more. Data should be decrypted first, so an unwilling tradeoff between the security and performance is normally forced. The appropriate approaches to increase the performance are methods to deal directly with the encrypted data without firstly... 

Nowadays wireless technology is widespread all over the world and there is a competition among companies to provide the most secure and high range wireless networks for their customers. This thesis focuses on the security of wireless ad hoc networks. There are lots of different encryption algorithms for securing wireless ad hoc networks. Some of the most important are: WEP, TKIP, WPA, WPA2. All other encryption methods of wireless ad hoc networks are derived from these methods. This thesis focuses on WEP and WPA2. For both algorithms, a literature review is conducted, a new approach to cracking is suggested, and tested on real data, and the future works are mentioned. For WEP, which is an... 

Using cryptographic hardware device is inevitable these days. Hence, the secret information inside these devices should be safe and non-attackable. Simple and differential Power analysis (SPA, DPA), a form of side channel attack, allows attacker to study circuit information leakage by analyzing and monitoring power consumption of a cryptographic hardware device to extract inside information and discovering the secret keys. In this thesis, first, a sample cryptographic hardware device is designed and implemented as an under attack system. Then, another device is designed as an attacker in order to attack the mention sample hardware by analyzing and monitoring its power consumption. A digital... 

In this thesis we will present some aspects of discrete chaos and their usage in cryptography.We discuss a couple of regular attacks to chaotic cryptosystems. We will use this information to analyze the chaotic part of the CPSS cryptosystem(Daneshgar, Farzad, Khadem) and will show that the system has weak keys. Finally, we will show that how these weak keys can be generated in an algorithmic way  

Since robustness of peer-to-peer networks depends heavily on voluntary resource sharing among individual peers, the intrinsic problem of free riding exists among autonomous rational peers that consume resources of others without contributing anything in return. One solution to the free riding problem in peer to peer networks is to have incentive mechanisms that aim to improve network efficiency by encouraging peers to cooperate. In this project, we have proposed a hybrid double-auction-based incentive mechanism for centralized peer-to-peer file sharing systems. In addition, a cryptography-based trust management scheme has been proposed to prevent peers from sending fake data. We have... 

The crypto-processors are used for encryption and decryption of the sensitive and important information. A crypto-processor converts input plaintext to ciphertext by an input key using a particular cryptographic algorithm. It also converts ciphertext to plaintext by the same or another key. Cryptographic standards are divided in two types: symmetric key algorithms (private key) and asymmetric key algorithms (public key). Current processors generally support only one or a few number of cryptographic algorithms. The motivation of this project is design and implementation of a multi-standard crypto-processor which supports the most of symmetric and asymmetric cryptographic algorithms, such as... 

Electronic voting refers to voting methods that is done using electronic devices or via the Internet or Web. Helios and Civitas protocols are among the recent protocols introduced in this field. Importance and high sensitivity of electronic voting protocols has led researchers to pay high attention about their security analysis. In recent years, different approaches have been used to inspect and analyze electronic voting protocols. In many of such approaches, analysis had been done in a very abstract environment and without considering the operational requirements.The purpose of this thesis is to evaluate the security features of electronic voting protocols, considering their operational and... 

TETRA (TErrestrial Trunked RAdio) is one of the mobile telecommunication standards which has improved in several aspects (voice, data, video, coverage, etc.), especially the security section during the last two decades. Although communication could be quite secure in TETRA when the encryption is used, however, attackers create new ways to bypass the encryption without the knowledge of the legitimate user. Security is performed in different levels and forms to create reliable operation and to protect information through the transmission path from interception and tampering. Since most of the TETRA users require the highest possible level of security, in this thesis we introduce a new... 

In this thesis, we analyze and compare switching and CPSP cryptography systems. CPSP is a dynamic system which can act as synchronized or self-synchronized stream cipher under specific conditions. To do the comparison, first we have a brief review of cryptography fundamentals like stream cipher systems, synchronized stream ciphers, and self-synchronized ones. Then, we consider chaos systems in general form and then we present their role in cryptography systems, and in continue by introducing switching cryptography systems and also CPSP cryptography systems, and analyzing their relation with self-synchronized stream ciphers, we do our statistical tests on them  

Radio frequency identification systems (RFID) were used in the past to identify physical objects. Along with the development of RFID systems and its wide range of applications in our daily life, the need for privacy in such systems is becoming more and more significant. Authentication protocols are used as the care of secure communication to preserve the privacy and security in RFID systems. In this thesis the security of authentication protocols against general attacks are investigated, using two typical authentication protocols. As an alternative, we use a privacy model as another tool to analyze two other types of authentication protocols. The results reveal the weakness in the design of... 

While data outsourcing provides some benefits, it suffers from new privacy and security concerns, mainly about the confidentiality and integrity of the stored sensitive data, as well as enforcing access control policies. Current solutions to these aims are not comprehensive and consider only one aspect of security requirements. A secure DBMS architecture is introduced that simultaneously considers confidentiality, integrity and access control enforcement requirements. The transparency of security functions from data owner, service providers, and applications facilitates the operationality of the solution.Additionally, a new indexing technique for character encrypted data is proposed that... 

Nowadays, in the presence of different types of computer attacks and different methods of eavesdropping on network communications, nobody can deny the importance of cryptography. Hardware Security Modules that are specifically designed for this purpose are widely used as a fast and reliable tool for encrypting data in computer networks. In this project, using the common and well-known FPGA platform and by leveraging the reconfigurability feature of this platform and also by adding a network protocol detection module to the traditional architecture of Hardware Security Modules, a novel module has been designed and implemented that can encrypt and decrypt data in a communication network, at... 

A hash function maps efficiently every finite length string to a fixed one. The output represents the entire content of the input, similar to digital fingerprint of input text. In order to be able to use a hash function in cryptography, it should be hard to find two distinct inputs with the same output (collision), because finding a collision in hash functions leads to malicious attacks on many security systems.We say a hash function is provably collision resistant, if finding a collision can be reduced to the known hard problems. Family of MD hash functions are one of the most famous applied hash functions which are considerably used in industrial applications. However, they are not... 

Wireless Multimedia Sensor Networks (WMSNs) have many applications in survilient systems. In this kind of applications, although we have limited energy and computational power, we should provide minimal security to transfer data in such networks. These constraints are more crucial when we use multimedia that has more data for processing and transmission. Because of this huge amount of data, we must use compression for using less energy in both processing and transmission.
In some algorithms, it has been proposed to integrate compression and encryption in order to decrease time and power consumption. The proposed algorithm is several times faster than AES (Advanced Encryption Standard) or... 

Wide use of communication systems and transmission of huge data has increased the need for cryptographic and encoding systems with high speed operations and lower energy consumptions. Code based and joint encryption encoding schemes are examples of such systems, which enjoy simultaneously high performance and security against quantum computers. So far, there has not been developed any quantum algorithm which can solve any of the hard instances of coding theory based on which these cryptographic schemes have been designed. That is why such systems are called post quantum cryptosystems. The main disadvantage of such cryptosystems is large size the key which is to be stored or shared. In this... 

The intrinsic properties of Mobile Ad-hoc Networks (MANETs) caused many challenges for these networks. Among these challenges, security is the most important one. Cryptography has many applications as a network securing method. Limitations on memory and processing capability of nodes in an Ad-hoc network makes it almost impossible to use common cryptography algorithms for these networks. Key distribution is the main challenge of cryptography; therefore, it is reasonable to simply the problem of cryptography in an Ad-hoc network to the problem of key distribution. Up to now, different methods are proposed for key distribution in MANETs; each of which has their own weaknesses. For example some... 

Infrastructural costs of data management, have led people and organizations to outsource their data. This approach is facing with some significant security challenges and risks. The goal of this research, is to present an architecture for secure outsourcing of data in a way that used methods, storage processes, query processing methods and access control mechanisms work together to preserve confidentiality and integrity of outsourced data. In this architecture, the main challenge is transparent placement of some components between client and server in order to prevent user from being aware of communication with a secured server. In order to create this degree of transparency, we need to pay... 

Zero-knowledge proofs are one of the most useful constructions of modern cryptography. Their invention has greatly affected both cryptography and complexity theories. The seemingly paradoxical characteristic of zero-knowledge proofs is that they convince the verifier of the validity of the proposition being proved, yet they yield to further knowledge to him. Two primary applications of zero-knowledge proofs are authentication protocols, as well as sub-protocols which prove that parties involved in some main protocol have acted honestly. In this research, we will survey the models and definitions of zero-knowledge, and analyze their relationship. We then pertain to the interplay between... 

In this thesis, based on the model introduced in [Murphy et. al., Likelihood Estimation for Block Cipher Keys, 1995], we discuss the possibility of unifying the cryptanalysis methods. First, the model for cryptanalysis is discussed and explained by modelling several known statistical attack. In the end, using this model, we propose attacks more general than linear and differential methods  

Mobile ad hoc networks have been attracted the attention of many researchers during last years. One of the major concerns faces such networks is the security issue. The root of this concern is the fact that the intermediate nodes have the responsibility of packet transportation and forwarding. The nodes inside the mobile ad hoc networks assumed to be trusty while they can read, change or drop the transported packets. Cryptography as the cornerstone of the security could be play an essential role in such networks. Any cryptosystem need some keys to be able to secure communications. In large scale mobile ad hoc networks storing the whole keys in all nodes is inefficient, if possible, due to...