Sharif Digital Repository

For increasing safety of driving, intelligent vehicles in vehicular ad hoc networks (VANETs) communicate with each other by sending announcements. The existence of a system that guarantees the trustworthiness of these announcements seems necessary. The proposed system generating announcements should be preserved from internal and external attackers that attempt to send fake messages. In this thesis, we use a group-based endorsement mechanism based on threshold signatures against internal attackers. We choose NTRUSign as a public key cryptosystem for implementing the Public Key Infrastructure (PKI) for decreasing signature generation and verification times. This approach optimizes the network... 

Providing anonymity in communications is one of the major requirements for the preserving the privacy of users using communication networks. There are several protocols for transmitting anonymous message in public communication networks. DC-Nets can be considered as an important solution to anonymous communications because they provide perfect anonymity; however, their high message and bit complexity is a major obstacle in their practical usage. All DC-Net based protocols provide anonymity of sender and receiver by establishing some anonymous channels for transmission of messages. Each execution of the DC-Net protocol acts as an anonymous channel, which only one participant can send his... 

Anonymity helps in preserving user’s privacy in communication networks. In this respect many protocols with different characteristics have been proposed, as yet. Beside these protocols there have been introduced a lot of attacks, in which the ultimate goal is reducing the degree of provided anonymity. There is a class of attacks, where attacker tries to relate users of anonymity system to each other, just by observing execution of protocol. There is no need to compromise system’s nodes or even manipulating sent or received messages. Here, the attacker omits internal mechanism of protocol and assumes it has no vulnerability. The Statistical Disclosure Attack (SDA) is one of these attacks.... 

Applied pi calculus is a variant of the pi calculus with extensions for modeling cryptographic protocols. In such a calculus, the security guarantees are usually stated as equivalences. While process calculi provide a natural means to describe the protocols themselves, epistemic logics are often better suited for expressing certain security properties such as secrecy and anonymity. These methods studied in this work to investigation the verification of privacy properties in security protocols. And finally, a new approach is introduced to bridge the gap between these two approaches: using the set of traces generated by a process as models. In this method an epistemic logic has constructs for... 

Social network is a map of relationships among individuals or organizations. With the development of social network sites (SNS), security protection of private information online has been a serious and important research topic. Information in social networks is online all the time and available to a large number of visitors. The main problem in current SNSs is that, people are not able to define different categories for their relations and then they cannot have good self-defined privacy policies. Also default policies cannot satisfy different environments and cultures and will serve information to strangers. After that different social networks with different interfaces are not... 

Today one of the most important challenges of internet is protecting the privacy of its users. Now, there are just a few practical anonymity systems over internet and one prominent is Tor anonymity network that works based on well-known onion routing. Although Tor is designed for providing low latency anonymity, but its users face long delays using this network and most of them do not tolerate these delays. So they leave the network and this leads to decreasing the members of anonymity set and in a smaller anonymity set, it’s easier attacking the network and violating the privacy of users.The most important factor affecting the performance and security of Tor is how selecting a path... 

Recent violation of security properties of e-voting protocols not using provable security, indicates the importance of provable security. In this thesis, we use the provable security approach to analyze security properties of e-voting protocols.In addition to presenting an efficient and provably secure protocol, the minimal assumptions to achieve privacyin e-voting protocols are analyzed. The firstcon-tribution of this thesis is presenting an efficient and provably secure coercion-resistant protocol, which is a variant of the JCJ e-voting protocol (Juels et al.,2010). It decreases the total number of JCJ’s operations fromO(n2) to O(n). The second contribution of this thesis is proving the... 

Radio frequency identification systems (RFID) were used in the past to identify physical objects. Along with the development of RFID systems and its wide range of applications in our daily life, the need for privacy in such systems is becoming more and more significant. Authentication protocols are used as the care of secure communication to preserve the privacy and security in RFID systems. In this thesis the security of authentication protocols against general attacks are investigated, using two typical authentication protocols. As an alternative, we use a privacy model as another tool to analyze two other types of authentication protocols. The results reveal the weakness in the design of... 

One important aspect of privacy, is confidentiality. A common solution to preserve the confidentiality in network communications is ”Virtual Pri- vate Network”. VPNs todays are expected to be more secure and support higher throughput for their new applications, such as Inter-Cloud VPN and Virtual Private Cloud. block cipher is an important security com- ponent employed in most VPNs.On the other hand, most block ciphers have mathematical weaknesses in their structures, so the ttacker can use these weaknesses to break them faster than brute-force attacks. This thesis proposes a new method named ”Chaos-based Selective Key (CSK) Cryptosystem”, for increasing the security of block ciphers in a much... 

Nanotechnology is an emerging field in technology that exploits the chemical and physical properties created by careful manipulation of materials at atomic and molecular levels. These properties lead to abilities created by this technology, which many scientists regard as the next industrial revolution. Although Nanotechnology promises bright future, today, researchers having learned from the history of technology are trying to predict its unwanted aspects and negative effects to decrease its potential issues. Researchers of Nano-ethics are trying to enable us to encounter Nanotechnology’s achievements in a reasonable way, by studying its ethical and social obligations. Since in our country,... 

One of the main requirements in today’s computer networks such as the Internet is protecting the privacy of users. Hence, anonymity is a useful tool for privacy and provides user’s anonymity. So far, several protocols have been designed to provide anonymity but most of the times, attackers found a way to take advantage of weaknesses in the design and implementation of these protocols. There is a class of attacks,where attacker tries to relate clients of anonymity system to each other, regardless of the communication protocols they use, just by observing networks traffic.The MIX technique forms the basis of many popular ervices that offer anonymity of communication in open and shared networks... 

Ever-encreasing progress in the field of wireless communication has paved the way for utilisation based on radio frequency authentication systems. In recent years, ITU started the scenario of "Internet of Things". RFID systems have an exclusive role in development ofthis idea, since they can make it possible for things which have an ID to be identified automatically in a large scale. The necessity of identification and tracing people and things has caused the deployment of RFID technology. Onthe other hand, these systems communicate via a wireless channel to transmit data, therefore they are vulnerable to eavesdropping and interception. Thus, one of the most important issues in using such... 

Vehicular ad hoc networks are types of mobile ad hoc networks in which each automobile acts as an intelligent node and can have links to other automobiles and with equipments that are beside the road. The main difference between vehicular ad hoc networks and mobile ad hoc networks are in terms of higher speed of their components, extent, span and scale. One of the main concerns about designing vehicular ad hoc networks is users' security and protection of their privacy policy. Althoug a lot of protocols have been suggested for improvement of securities in these networks up to now, many research challenges regarding users' security and their privacy have been left and need to be considered... 

One of the biggest challenges in online communication is privacy of individuals. Although anonymous communication (AC) protocols has been the subject of several security and anonymity analyses recently, there are still few frameworks for analyzing such complex systems (e.g. Tor) and their anonymity properties in a unified manner. In this study, an overview of anonymity features and techniques will be discussed by examining various protocols that provide undetectable network communication. Afterwards, the Tor network is described more precisely. Furthermore, the literature of formal methods is briefly reviewed, and the Universal Composable (UC) framework for the analysis of cryptography... 

In recent two decades, different anonymous communication systems has been proposed. These systems are interested by journalists, bank employees, military forces, and human rights advocates. Tor is one of the most popular anonymous communication systems. Tor uses onion routing for privacy preserving. Re-cently, many attacks has been introduced against the anonymity of Tor users.In these attacks entry and exit nodes are compromised. One of these malicious nodes, makes the attack on the intented flow and the other one recognizes the flow. All these attacks admit their vulnerability against dummy messages. They state that, because of dynamics of onion’s keys, any dummy injection will dis-turb... 

Online social networks (OSNs) can be considered as huge success. However, this success costs users their privacy and loosing own rship of their own data; Sometimes the operators of social networking sites, have some business incentives adverse to users' expectations of privacy. These sort of privacy breaches have inspired research toward privacy-preserving alternatives for social networking in a decentralized fashion. Yet almost all alternatives lack proper feasibility and efciency, which is because of a huge mismatch between aforementioned goal and today's network's means of achieving it. Current Internet architecture is showing signs of age. Among a variety of proposed directions for a new... 

Mobile localization development, is the reason for appearance of location-based services (LBS). Be sure of not disclosing the user personal information is the main challenge in LBS. Many different concepts and approaches for the protection of location privacy have been described in the literature which change the query of user to server. These approaches falling roughly into two main categories: centralized and distributed (user-centric). Centralized category includes approaches like “changing query pattern” using encryption on user device, or using an “anonymizer trusted third party”. In such approaches threat of an untrustworthy LBS server is addressed by the introduction of a new... 

Different data sources are creating a huge amount of data at increasing speeds that require real-time processing. Such data is called “Big data stream". Although, mining and analysis this type of data is so useful for companies, but it also may cause many privacy breaches. The principle issues for big data stream’ anonymization are real time processing and information loss. There are some works that are proposed for data streams, but they have some drawbacks such as inefficient anonymization of big data stream and also not consider time expiration of tuples that lead to increase the information loss and cost of the data publishing. In this thesis, in order to speed up the ability of big data... 

Using “Searchable Encryption” enables us to encrypt the data, while preserving the possibility of running search queries. One of the most important applications of the mentioned is in Cloud Storage. As users do not trust the Cloud space, they are not inclined to store their data on the Could. The solution to this problem is of course, Cryptography. However, ordinary Cryptography methods, eliminate the data’s searchability. Hence, we need encryption schemes that code the data while retaining their searchability. So far, various schemes has been proposed that differ in their performance, security level, and usage. In this thesis, we aim to discuss and analyze these methods  

Nowadays, with the increasing growth of internet’s speed and accessibility, and the explosion of potentials and services that smartphone applications offer, smartphones have become an inseparable part of most people's lives. At the same time, free messenger applications attract lots of people since they reduce costs, increase speed, and make communication much easier, in a way that almost all smartphone users utilize at least one of these messaging services. Moreover, the emerging use of messaging services has triggered privacy concerns and personal data treatment for users. In recent years, lots of studies focused on identifying users’ activities on the encrypted traffic, mostly with the...