cryptographic applications thesis

• DSpace@MIT Home
• MIT Libraries
• Doctoral Theses

Signature schemes and applications to cryptographic protocol design

Other Contributors

Terms of use, description, date issued, collections.

Show Statistical Information

• Corpus ID: 10901591

Linear Codes and Applications in Cryptography

• Published 2013
• Computer Science, Mathematics

Figures and Tables from this paper

2 Citations

Code-based post-quantum cryptography, post-quantum and code-based cryptography - some prospective research directions, 55 references, algebraic geometry in coding theory and cryptography, a summary of mceliece-type cryptosystems and their security, communication theory of secrecy systems, mceliece public key cryptosystems using algebraic-geometric codes, quantum computation and quantum information (10th anniversary edition), how sage helps to implement goppa codes and mceliece pkcss, an introduction to quantum computing for non-physicists, on insecurity of cryptosystems based on generalized reed-solomon codes, polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer, the hardness of decoding linear codes with preprocessing, related papers.

Showing 1 through 3 of 0 Related Papers

• About DTU Orbit

Cryptographic Hash Functions:Cryptanalysis, Design and Applications

• Queensland University of Technology

Research output : Book/Report › Ph.D. thesis

Access to Document

• http://adt.library.qut.edu.au/adt-qut/public/adt-QUT20070727.093324/

OpenUrl availability

Fingerprint.

• Hash Function Computer Science 100%
• Cryptographic Hash Computer Science 100%
• Cryptanalysis Computer Science 100%
• Application Computer Science 100%
• Design Computer Science 100%
• Attack Computer Science 46%
• Message Authentication Code Computer Science 26%
• Standards Computer Science 26%

T1 - Cryptographic Hash Functions:Cryptanalysis, Design and Applications

AU - Gauravaram, Praveen

PY - 2007/9

Y1 - 2007/9

N2 - Cryptographic hash functions are an important tool in cryptography to achieve certain security goals such as authenticity, digital signatures, digital time stamping, and entity authentication. They are also strongly related to other important cryptographic tools such as block ciphers and pseudorandom functions. The standard and widely used hash functions such as MD5 and SHA-1 follow the design principle of Merkle-Damg{\aa}rd iterated hash function construction which was presented independently by Ivan Damg{\aa}rd and Ralph Merkle at Crypto'89. It has been established that neither these hash functions nor the Merkle-Damg{\aa}rd construction itself meet certain security requirements. This thesis aims to study the attacks on this popular construction and propose schemes that offer more resistance against these attacks as well as investigating alternative approaches to the Merkle-Damg{\aa}rd style of designing hash functions. This thesis aims at analysing the security of the standard hash function Cellular Authentication and Voice Encryption Algorithm (CAVE) used for authentication and key-derivation in the second generation (2G) North American IS-41 mobile phone system. In addition, this thesis studies the analysis issues of message authentication codes (MACs) designed using hash functions. With the aim to propose some efficient and secure MAC schemes based on hash functions. This thesis works on three aspects of hash functions: design, cryptanalysis and applications with the following significant contributions: 1.Proposes a family of variants to the Damg{\aa}rd-Merkle construction called 3CG for better protection against specific and generic attacks. Analysis of the linear variant of 3CG called 3C is presented including its resistance to some of the known attacks on hash functions. 2. Improves the known cryptanalytical techniques to attack 3C and some other similar designs including a linear xor variant of GOST, a Russian standard hash function. 3. Proposes a completely novel approach called Iterated Halving, alternative to the standard block iterated hash function construction. 4. Analyses provably secure HMAC and NMAC message authentication codes (MACs) based on weaker assumptions than stated in their proofs of security. Proposes an efficient variant for NMAC called NMAC-1 to authenticate short messages. Proposes a variant for NMAC called M-NMAC which offers better protection against the complete key-recovery attacks than NMAC. As well it is shown that M-NMAC with hash functions also resists side-channel attacks against which HMAC and NMAC are vulnerable. Proposes a new MAC scheme called O-NMAC based on hash functions using just one secret key. 5. Improves the open cryptanalysis of the CAVE algorithm. 6. Analyses the security and legal implications of the latest collision attacks on the widely used MD5 and SHA-1 hash functions. Keyword: Merkle-Damg{\aa}rd,Cryptanalysis,Hash functions,Applications,Design

AB - Cryptographic hash functions are an important tool in cryptography to achieve certain security goals such as authenticity, digital signatures, digital time stamping, and entity authentication. They are also strongly related to other important cryptographic tools such as block ciphers and pseudorandom functions. The standard and widely used hash functions such as MD5 and SHA-1 follow the design principle of Merkle-Damg{\aa}rd iterated hash function construction which was presented independently by Ivan Damg{\aa}rd and Ralph Merkle at Crypto'89. It has been established that neither these hash functions nor the Merkle-Damg{\aa}rd construction itself meet certain security requirements. This thesis aims to study the attacks on this popular construction and propose schemes that offer more resistance against these attacks as well as investigating alternative approaches to the Merkle-Damg{\aa}rd style of designing hash functions. This thesis aims at analysing the security of the standard hash function Cellular Authentication and Voice Encryption Algorithm (CAVE) used for authentication and key-derivation in the second generation (2G) North American IS-41 mobile phone system. In addition, this thesis studies the analysis issues of message authentication codes (MACs) designed using hash functions. With the aim to propose some efficient and secure MAC schemes based on hash functions. This thesis works on three aspects of hash functions: design, cryptanalysis and applications with the following significant contributions: 1.Proposes a family of variants to the Damg{\aa}rd-Merkle construction called 3CG for better protection against specific and generic attacks. Analysis of the linear variant of 3CG called 3C is presented including its resistance to some of the known attacks on hash functions. 2. Improves the known cryptanalytical techniques to attack 3C and some other similar designs including a linear xor variant of GOST, a Russian standard hash function. 3. Proposes a completely novel approach called Iterated Halving, alternative to the standard block iterated hash function construction. 4. Analyses provably secure HMAC and NMAC message authentication codes (MACs) based on weaker assumptions than stated in their proofs of security. Proposes an efficient variant for NMAC called NMAC-1 to authenticate short messages. Proposes a variant for NMAC called M-NMAC which offers better protection against the complete key-recovery attacks than NMAC. As well it is shown that M-NMAC with hash functions also resists side-channel attacks against which HMAC and NMAC are vulnerable. Proposes a new MAC scheme called O-NMAC based on hash functions using just one secret key. 5. Improves the open cryptanalysis of the CAVE algorithm. 6. Analyses the security and legal implications of the latest collision attacks on the widely used MD5 and SHA-1 hash functions. Keyword: Merkle-Damg{\aa}rd,Cryptanalysis,Hash functions,Applications,Design

M3 - Ph.D. thesis

BT - Cryptographic Hash Functions:Cryptanalysis, Design and Applications

• Press Enter to activate screen reader mode.

Applied Cryptography Group

Master's theses, available projects.

Students interested in a thesis with the group are kindly requested to send their transcript of records, along with a CV highlighting any relevant experience in cryptography, and either a preferred topic from the proposals below or a description of their interests within cryptography , to the contact noted under Student Projects .

Note:  Students looking to start their thesis in a particular semester are encouraged to reach out to us before the end of the previous semester.

Censorship circumvention tools enable clients to access endpoints in a network despite the presence of a censor. Censors use a variety of techniques to identify content they wish to block, including filtering traffic patterns that are characteristic of proxy or circumvention protocols and actively probing potential proxy servers. In response, circumvention practitioners have developed fully encrypted protocols (FEPs), intended to have traffic that appears indistinguishable from random [FJ23]. Beyond censorship circumvention, FEPs are also broadly useful for protecting a greater amount of information leakage about which protocols a user might be employing [SP22]. A FEP is typically composed of a key exchange protocol to establish shared secret keys, and then a secure channel protocol to encrypt application data; both must avoid revealing to observers that an obfuscated protocol is in use. We call the key exchange protocol used in such a FEP an obfuscated key exchange [GSV24]. Current key exchange protocols in FEPs are all based on classical cryptography, and consequently are not quantum-safe. Motivated by the transition to quantum-safe cryptography, there has been a recent push towards developing hybrid key exchange protocols [SFG23,BB18,XW24]. In such protocols, a combination of classical and quantum-safe constructions are used such that security is guaranteed even if all but one of the components is broken. In this project, we will construct a hybrid obfuscated key exchange protocol and prove its security. In particular, we would like to develop a key exchange protocol in the style of that of obfs4 [OB4] that uses a combination of traditional (Diffie-Hellman-based) and post-quantum key exchange algorithms. The project involves constructing such a protocol and proving its security (in addition to some properties that are relevant to the censorship circumvention setting).

References:

[FJ23] Ellis Fenske and Aaron Johnson. "Security Notions for Fully Encrypted Protocols." Free and Open Communications on the Internet (2023). Issue 1, pages 24-29. [SP22] B. Schwartz and C. Patton. "The Pseudorandom Extension for cTLS." IETF Internet Draft external page https://www.ietf.org/archive/id/draft-cpbs-pseudorandom-ctls-01.html call_made . (2022). [GSV24] Felix Günther, Douglas Stebila, and Shannon Veitch. "Obfuscated Key Exchange." [SFG23] Douglas Stebila, Scott Fluhrer, and Shay Gueron. "Hybrid key exchange in TLS 1.3." IETF draft (2022). external page https://www.ietf.org/archive/id/draft-ietf-tls-hybrid-design-05.html call_made [BB19] Nina Bindel, Jacqueline Brendel, Marc Fischlin, Brian Goncalves, Douglas Stebila, "Hybrid Key Encapsulation Mechanisms and Authenticated Key Exchange", In 10th International Workshop on Post-Quantum Cryptography (PQCrypto 2019), pp. 206-226 (2019). [XW24] Manuel Barbosa, Deirdre Connolly, João Diogo Duarte, Aaron Kaiser, Peter Schwabe, Karolin Varner, and Bas Westerbaan. X-Wing: The Hybrid KEM You’ve Been Looking For. IACR Communications in Cryptology, Vol. 1, No. 1, 22 pages. [OB4] The Tor Project. obfs4 (The Obsfourscator) spec. external page https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird/-/blob/HEAD/doc/obfs4-spec.txt call_made

Bitwarden [Bit] is an open source password manager and authenticator application. They claim to use strong end-to-end encryption (E2EE) as well as "zero knowledge encryption" to protect users passwords, while supporting features like secure password sharing between users. Recently, Bitwarden also launched a new product called "secrets manager" [BitSM] which is aimed at organizations and developers that need to handle cryptographic secrets. Just like the password manager, secrets manager is open source, E2EE and uses "zero knowledge encryption". Additionally, the selling point of secrets manager is access management, which allows for integration in businesses and organizations. Last but not least, Bitwarden also offers enterprise support for passkeys, through a product they call "passwordless.dev" [BitPWL]. Passkeys [Pass] are the credentials (also called FIDO credentials) of WebAuthn, a web standard for authentication published by the W3C as part of the FIDO2 Project. The idea of passkeys is to use public-key cryptography to enable passwordless authentication, upgrading the security from password-based multi-factor authentication (specified in the predecessor project FIDO U2F) to completely address the many issues that stem from the use of passwords as the root of security for cryptography. Bitwarden also support passkeys as a means of authentication to the password manager, and in their security whitepaper [BitWhite] they write: "In addition to the master password, users can choose to unlock their vaults with a passkey. This process leverages a leading-edge standard and extension for WebAuthn called the pseudo-random function or PRF, which sources key material from an authenticator. With PRF, derived keys are used in the encryption and decryption of data stored in Bitwarden Password Manager vault and Bitwarden Secrets Manager, maintaining end-to-end, zero knowledge encryption." In this project, we will do a deep-dive into the cryptography of Bitwarden. In particular, we will try to find out what "zero knowledge encryption" really means, and unravel the mystery of the public-key PRF used for their passkeys implementation. The project can then take a multitude of different directions. Perhaps it turns out that the cryptography of Bitwarden does not live up to their strong claims. If so, we will try to cryptanalyze their system and find attacks in the vein of [Mega]. But hopefully, the question marks from the documentation are simple misunderstandings, and their crypto is actually good. If so, this project will take a more theoretical turn. We will try to view the password manager through the lens of E2EE cloud storage, and see if we can capture Bitwarden in the framework of [C:BDGHP24]. This will entail reading the codebase and creating a pseudocode model of the system, which we can cast in the syntax of [C:BDGHP24]. If this works out, this model can form the basis for a proof of security of the Bitwarden password manager. However, it might also turn out that the functionality offered by Bitwarden differs enough from that of cloud storage that the framework is not a good fit. If so, we will look at these distinguishing features and how they can be formalized and potentially incorporated into the cloud storage framework.

[Bit] external page https://bitwarden.com/ call_made [BitSM] external page https://bitwarden.com/products/secrets-manager/ call_made [BitPWL] external page https://bitwarden.com/products/passwordless/ call_made [Pass] external page https://fidoalliance.org/passkeys/ call_made [BitWhite] external page https://bitwarden.com/help/bitwarden-security-white-paper/ call_made [Mega] external page https://mega-awry.io/ call_made "MEGA: Malleable Encryption Goes Awry". Matilda Backendal, Miro Haller, Kenneth G. Paterson. S&P 2023. [C:BDGHP24] "A Formal Treatment of End-to-End Encrypted Cloud Storage". Matilda Backendal, Hannah Davis, Felix Günther, Miro Haller and Kenneth G. Paterson. To appear in CRYPTO 2024.

In 1979, Shamir [Sha79] introduced the concept of “secret sharing”, a method allowing a user to divide data into n pieces and reconstruct it if a threshold of k < n pieces is available. This concept has proved to be greatly useful, finding applications in secret management systems (e.g. HashiCorp’s vault), cryptocurrency wallets (e.g. in the form of threshold cryptosystems) and more. The protocol only involves sampling a random polynomial and evaluating n points on that polynomial, making it a deceptively simple primitive. However, many potential implementation mistakes appear in real-world software products [Tra21] due to mathematical subtleties in the protocol. As more applications incorporate secret sharing, it becomes crucial to examine whether these implementations are secure and understand the impact of any discovered vulnerabilities. The objective of this thesis is to investigate the extent to which these vulnerabilities exist in the wild. This investigation will initially involve a large number of open-source repositories, which will be analysed with a combination of manual analysis, black-box testing, or analysis engines such as CodeQL [Git21]. The investigation can then focus on a few selected products for which these vulnerabilities would have a high impact.

[Git21] Inc. Github. Codeql, 2021 ( external page https://codeql.github.com/ call_made ) [Sha79] Adi Shamir. How to Share a Secret. Commun. ACM, 22(11):612–613, 1979. ( external page https://dl.acm.org/doi/10.1145/359168.359176 call_made ) [Tra21] Trail of Bits. Disclosing Shamir’s Secret Sharing vulnerabilities and announcing ZKDocs, 2021. ( external page https://blog.trailofbits.com/2021/12/21/disclosing-shamirs-secret-sharing-vulnerabilities-and-announcing-zkdocs/ call_made )

Single Sign On (SSO) allows users to log in into multiple services or software systems using a single authentication provider. A widely known and deployed SSO standard is the relatively modern OpenID [1], but the SSO space contains a wide range of competing implementations, different products, and legacy systems, resulting in high complexity. In this project, we take a look at OpenID itself, but also Kerberos [2] and Kerberos-based systems such as Active Directory [3], OAuth and OpenID Connect [4], and potentially other targets. We formalize the security goals that these schemes try to achieve, and check that they can withstand cryptanalytic scrutiny.

[1] external page https://openid.net/developers/specs/ call_made [2] external page https://web.mit.edu/kerberos/ call_made [3] external page https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview call_made [4] external page https://oauth.net/articles/authentication/ call_made

Ongoing Projects

(We recommend students currently doing a project in our group to use this Download LaTeX template vertical_align_bottom for writing their thesis.)

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Matilda Backendal, Matteo Scarlata)

End-to-end encryption (E2EE) is now the norm for Internet browsing (via TLS) and increasingly also for messaging (with apps such as WhatsApp and Signal being end-to-end encrypted by default). Somewhat surprisingly, services that offer outsourced data storage, such as cloud storage and collaborative file editing platforms, still lag behind. One of the explanations might be the complexity that arises due to the persistence of data, which makes it difficult to use ephemeral key material to achieve strong security guarantees such as forward secrecy (FS) and post-compromise security (PCS). Another is the lack of a formal security models for even basic E2E security of outsourced data storage supporting functionality such as file sharing between users. In particular, the number of potential end-points arising from file sharing increases the complexity of E2EE cloud storage compared to single client settings. This complexity also exists in messaging, as showcased by the fact that protocols for secure two-party messaging (such as e.g. the Signal protocol) have been around for quite some time, but a protocol for E2EE group chats was only very recently standardized [rfc9420]. The newly standardized group messaging protocol is called "messaging layer security" (MLS). One of the main motivations for MLS was to make E2E security for messaging in groups of size n more efficient than through the naïve construction of n^2 two-party channels, while still retaining the same high-security guarantees—including forward secrecy and post-compromise security—that we expect from modern secure messaging protocols. In this project, we will explore the possibilities for more advanced security guarantees for file sharing systems in the E2EE setting. In particular, we will aim to tackle the conflict between the required functionality (including persistent data access, and flexible group and access management) and strong security guarantees such as FS and PCS. Our initial attempt at a solution, which we call the "secure shared folder" (SSF) scheme, combines the recent advancements of group messaging from the MLS standard with a form of key ratcheting known as key regression [NDSS:FuKamKoh06]. The aim of this project is to test the practicality of the SSF scheme by implementing a proof of concept file sharing system based on this cryptographic design.

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Matteo Scarlata, Matilda Backendal)

With more and more data stored online or distributed across multiple devices, an increasing number of security-sensitive applications face the challenge of combining availability with user-friendly key management. The traditional solution is passwords, for both authentication and key derivation. Passwords often have low entropy, come from a small and predictable "dictionary'' and may be highly correlated. Consequently, the usage of password-only authentication to web services is being phased out. Instead, users are offered a two step verification process, where they need to provide a second "factor'' in addition to their password, providing a second layer of protection against attacks in the case of weak passwords. This is known as Two-Factor Authentication (2FA), or more generally, Multi-Factor Authentication (MFA). In contrast, passwords are still commonly used as the sole authentication method to derive keys for encryption using Password-Based Key Derivation Functions (PBKDFs). Examples of this include full disk encryption, client-side encryption of backups and cloud storage, password managers and cryptocurrency wallets. In this project, we harden password-based key derivation exploiting the user's possession of multiple devices, in a similar fashion to MFA. We take inspiration from the tradition of "PRF services", such as Pythia (Everspaugh, Chatterjee, Scott, Juels, Ristenpart 2015), but port them to the setting where the PRF service is operated by the users themselves, and can be lost or fall into adversarial hands. We design a cryptographic notion to capture the security of key derivation in this setting. We then aim to show that our system achieves the proposed security notion, while other state-of-the-art systems are actually too weak and fail to deliver on their security claims.

(Supervisor: Prof. Kenny Paterson, Joint Supervisors: Shannon Veitch, Dr. Lenka Mareková)

VPNs provide increased privacy to users, and are therefore commonly used to circumvent censorship. In response, certain censoring bodies have begun using more advanced traffic analysis to block VPN access. There are two main strategies for VPN blocking: blocking by address (IP addresses of a VPN service), and blocking by behaviour (identifiable characteristics of the VPN traffic). VPN fingerprinting is the process of identifying a particular VPN protocol based on its protocol features. As is common in the cat-and-mouse game of defences and attacks, circumvention developers have created new protocols intended to protect against such fingerprinting. Several VPN protocols have implemented advanced protocols for the sake of circumventing this style of fingerprinting. This project aims to determine the efficacy of these circumvention techniques, by evaluating two advanced deployments of VPN protocols for censorship circumvention: Outline VPN [Out20,RM23] and LEAP VPN [Lea22]. Both Outline and LEAP offer client and server-side tools to enable individuals as well as organisations to act as service providers. These tools utilise and build on a number of existing technologies, from OpenVPN and Shadowsocks to Tor and Snowflake, which have previously been studied only in isolation [FWW20]. The project involves providing accurate and holistic abstractions of the systems and protocols and then applying a combination of fingerprinting [XKHE23, XRJ22], cryptanalysis, and machine learning techniques to determine if the protocols have identifiable features. We focus on exploring the capabilities of VPN fingerprinting for the sake of developing stronger censorship-resistant protocols in the future. References: [XKHE23] external page https://www.usenix.org/conference/usenixsecurity24/presentation/xue call_made [XRJ22] external page https://www.usenix.org/conference/usenixsecurity22/presentation/xue-diwen call_made [Lea22] external page https://leap.se/ call_made [Out20] external page https://getoutline.org/ call_made [RM23] external page https://www.technologyreview.com/2023/09/13/1079381/google-jigsaw-outline-vpn-internet-censorship/ call_made [FWW20] external page https://www.ndss-symposium.org/ndss-paper/detecting-probe-resistant-proxies/ call_made

(Supervisor: Prof. Kenny Paterson, Joint Supervisor: Kien Tuong Truong) Cloud storage providers such as Dropbox, Google Drive and Microsoft OneDrive allow users to offload their digital storage requirements to a remote server, managed by the provider. This is convenient and can create cost savings for both individuals and organizations. All of these providers consider security against attacks from outsider threats. However, few providers address security when the server itself is compromised, and some of those that do have been shown to have devastating cryptographic vulnerabilities, as evidenced by the attacks on Mega [BHP23] and Nextcloud [CPAB23]. Even if there were existing solutions that provably provided confidentiality and integrity of files, metadata is still often leaked. As an example, some providers leak file names. As another example, the server is always aware of the access patterns of the users. All these leakages can combine to create attacks which can compromise the privacy of users. A significant problem is that, even though a multitude of end-to-end encrypted (E2EE) cloud storage solutions exist on the market, there is a lack of foundational work on the cryptographic design for such systems. In order to guide such work, we look at the current ecosystem of E2EE cloud storage solutions, analyzing their protocols, and discussing their requirements. A new cloud storage solution that promises to protect the security and privacy of users is PrivateStorage [Aut] by Least Authority [lea]. Much like MEGA and Nextcloud, they claim to provide end-to-end encryption. However, they also implement unique features like accountless authorization, which they implement with a bespoke variation of Privacy Pass [Dav18]. This mechanism allows users to access the service without the need for a traditional account, decoupling service usage from identifiable information (e.g. payment information), and thus enhancing user privacy. This should ensure protection against surveillance, invasive data analysis and profiling, even if the adversary is a nation-state actor. PrivateStorage’s model offers a promising solution that could set new standards for the industry. However, new designs and the new cryptographic and privacy related protocols always raise concerns about potential vulnerabilities. This thesis seeks to analyze the protocol in order to find possible issues or, if none are found, to prove (a selection of) the claims given by PrivateStorage. References: [Aut] Least Authority. Privatestorage. external page https://private.storage/ call_made . Accessed on 2024-02-11. [Aut21] Least Authority. Zkaps whitepaper. 2021. [BHP23] Matilda Backendal, Miro Haller, and Kenneth G. Paterson. Mega: Malleable encryption goes awry. In 2023 IEEE Symposium on Security and Privacy (SP), pages 146–163, 2023. [CPAB23] Daniele Coppola, Kenneth G. Paterson, Martin Albrecht, and Matilda Backendal. Breaking cryptography in the wild: Nextcloud. 2023. [Dav18] Alexander Davidson. Privacy pass: Bypassing internet challenges anonymously. Proceedings on Privacy Enhancing Technologies, 2018(3):164–180, 2018. [lea] Least authority, privacy matters. external page https://leastauthority.com/ call_made . Accessed on 2024-02-11

Completed Projects

Yuanming Song. Refined Techniques for Compression Side-Channel Attacks [ Download pdf (PDF, 910 KB) vertical_align_bottom ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Lenka Mareková.

Jonas Hofmann. Breaking Cryptography in the Wild: Cloud Storage .  Supervisor: Prof. Kenny Paterson, Co-supervisor:  Kien Tuong Truong.

Noah Schmid. Breaking Cryptography in the Wild: Rocket.Chat.   Supervisor: Prof. Kenny Paterson,  Co-supervisor: Jan Gilcher.

Aurel Feer. Privacy Preserving String Search using Homomorphic Encryption [ Download pdf (PDF, 1.1 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Zichen Gui.

Léa Micheloud. Securing Cloud Storage with OpenPGP: An Analysis of Proton Drive [ Download pdf (PDF, 2.1 MB) vertical_align_bottom ] . Supervisor: Prof. Kenny Paterson, Co-supervisors: Matilda Backendal , Daniel Huigens (Proton AG, Zurich).

Daniel Pöllmann.   Differential Obliviousness and its Limitations . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Tianxin Tang.

Andreas Tsouloupas.   Breaking Cryptography in the Wild: Double-Ratchet Mutations [ pdf ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Matteo Scarlata, Kien Tuong Truong.

Thore Göbel.   Security Analysis of Proton Key Transparency  [ Download pdf (PDF, 1 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Daniel Huigens (Proton AG, Zurich), Felix Linker.

Sina Schaeffler.  Algorithms for Quaternion Algebras in SQIsign [ Download pdf (PDF, 664 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Luca De Feo (IBM Research, Zurich).

Lucas Dodgson.  Post-Quantum building blocks for secure computation - the Legendre OPRF [ Download pdf (PDF, 862 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Julia Hesse, Sebastian Faller (IBM Research, Zurich).

Mirco Stäuble.  Mitigating Impersonation Attacks on Single Sign-On with Secure Hardware [ Download pdf (PDF, 2.1 MB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisors:  Dr. Julia Hesse, Sebastian Faller (IBM Research, Zurich).

Younis Khalil . Implementing a Forward-Secure Cloud Storage System [ Download pdf (PDF, 5.6 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Felix Günther, Matilda Backendal.

Andrei Herasimau. Formal Verification of the "Crypto Refresh" Update to the OpenPGP Standard [ Download pdf (PDF, 695 KB) vertical_align_bottom ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Daniel Huigens (Proton Mail).

Benjamin Fischer. Privacy-Preserving Federated Learning for Cyber  Threat Intelligence Sharing [ Download pdf (PDF, 3.3 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Juan R. Troncoso-​Pastoriza (Tune Insight SA).

Pascal Schärli.  Security Assessment of the Sharekey Collaboration App [ Download pdf (PDF, 2.9 MB) vertical_align_bottom ] . Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr.  Bernhard Tellenbach (Armasuisse).

Lena Csomor. Bridging the Gap between Privacy Incidents and PETs [ Download pdf (PDF, 1.3 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Anwar Hithnawi, Alexander Viand, Shannon Veitch.

Ran Liao. Linear-​Time Zero-​Knowledge Arguments in Practice .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Jonathan Bootle (IBM Research, Zurich). Christian Knabenhans.   Practical Integrity Protection for Private Computations [ Download pdf (PDF, 873 KB) vertical_align_bottom ]. Supervisor:  Prof. Kenny Paterson, Co-supervisors: Dr.  Anwar Hithnawi,  Alexander Viand.

Ella Kummer.  Counting filters in adversarial settings [ Download pdf (PDF, 943 KB) vertical_align_bottom ] . Supervisor.  Prof. Kenny Paterson, Co-supervisors:  Dr. Anupama Unnikrishnan, Mia Filić.

Massimiliano Taverna.  Breaking Cryptography in the Wild: Web3 [ Download pdf (PDF, 1.4 MB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson.

Giacomo Fenzi.  Klondike: Finding Gold in SIKE [ Download pdf (PDF, 7.6 MB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr.  Fernando Virdia .

Kien Tuong Truong.  Breaking Cryptography in the Wild: Threema  [ Download pdf (PDF, 824 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Matteo Scarlata.

Jonas Meier.  Diophantine Satisfiability Arguments for Private Blockchains [ Download pdf (PDF, 2.1 MB) vertical_align_bottom ].  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Patrick Towa.

Marc Ilunga.  Analysis of the EDHOC Lightweight Authenticated Key Exchange Protocol [ Download pdf (PDF, 1.2 MB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther .

Robertas Maleckas.  Cryptography in the Wild: Analyzing Jitsi Meet [ Download pdf (PDF, 996 KB) vertical_align_bottom ] .  Supervisor: Prof. Kenny Paterson, Co-supervisor: Prof. Martin Albrecht.

Miro Haller. Cloud Storage Systems: From Bad Practice to Practical Attacks  [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Matilda Backendal .

Lorenzo Laneve . Quantum Random Walks [ Download pdf vertical_align_bottom ]. Joint supervisor:  Prof. Kenny Paterson.

Florian Moser . Swiss Internet Voting [ Download pdf vertical_align_bottom ].  Supervisor: Prof. Kenny Paterson.

Moritz Winger . Automated Hybrid Parameter Selection & Circuit Analysis for FHE [ Download pdf vertical_align_bottom ]. Joint supervisor: Prof. Kenny Paterson, Co-supervisor: Alexander Viand.

Tijana Klimovic . Modular Design of the Messaging Layer Security (MLS) Protocol [ Download pdf (PDF, 1.3 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Igors Stepanovs.

Radwa Abdelbar . Post-Quantum KEM-based TLS with Pre-Shared Keys [ Download pdf (PDF, 972 KB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Felix Günther, Dr. Patrick Towa.

Raphael Eikenberg . Breaking Bridgefy, Again [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Prof. Martin Albrecht.

Andreas Pfefferle . Security Analysis of the Swiss Post’s E-Voting Implementation . Supervisor: Prof. Kenny Paterson.

Mihael Liskij . Survey of TLS 1.3 0-RTT Usage [ Download pdf (PDF, 803 KB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther.

Nicolas Klose . Characterizing Notions for Secure Cryptographic Channels [ Download pdf (PDF, 1.4 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Felix Günther.

Alexandre Poirrier . Continuous Authentication in Secure Messaging [ Download pdf vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisors: Dr. Benjamin Dowling, Dr. Felix Günther.

Luca Di Bartolomeo . ArmWrestling: efficient binary rewriting for ARM [ Download pdf (PDF, 661 KB) vertical_align_bottom ]. Joint Supervisor: Prof. Kenny Paterson.

Matteo Scarlata . Post-Compromise Security and TLS 1.3 Session Resumption [ Download pdf (PDF, 1.5 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Benjamin Dowling.

Anselme Goetschmann . Design and Analysis of Graph Encryption Schemes [ Download pdf (PDF, 2.9 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson, Co-supervisor: Dr. Sikhar Patranabis.

Lara Bruseghini . Analysis of the OpenPGP Specifications and Usage . Joint Supervisor: Prof. Kenny Paterson.

Semira Einsele . Average Case Error Estimates of the Strong Lucas Probable Prime Test [ Download pdf (PDF, 893 KB) vertical_align_bottom ]. Joint Supervisor: Prof. Kenny Paterson.

Jan Gilcher . Constant-Time Implementation of NTS-KEM [ Download pdf (PDF, 3.2 MB) vertical_align_bottom ]. Supervisor: Prof. Kenny Paterson. 

bib-lattice

bib. of lattice-based cryptography

Doctor Thesis

• [[Ste05-Thesis]] Damien Stehlé: Algorithmique de la réduction de réseaux et application à la recherche de pires cas pour l'arrondi de fonctions mathématiques. http://perso.ens-lyon.fr/damien.stehle/thesis.html
• [[Lud06-Thesis]] Christoph Ludwig: Practical Lattice Basis Sampling Reduction. http://tuprints.ulb.tu-darmstadt.de/640/
• [[Lyu08-Thesis]] Vadim Lyubashevsky: Towards Practical Lattice-Based Cryptography. See his website http://www.di.ens.fr/~lyubash/
• [[Xag09-Thesis]] Keita Xagawa: Lattice-based cryptography. See my website http://xagawa.net/
• [[Gen09-Thesis]] Craig Gentry: A fully homomorphic encryption scheme. http://crypto.stanford.edu/craig/
• [[Lin11-Thesis]] Richard Lindner: Towards Efficient Lattice-Based Cryptography. http://tuprints.ulb.tu-darmstadt.de/2387/
• [[Ruc11-Thesis]] Markus Rückert: Lattice-based signature schemes with additional features. http://tuprints.ulb.tu-darmstadt.de/2393/
• [[Sch12-Thesis]] Michael Schneider: Computing Shortest Lattice Vectors on Special Hardware. http://tuprints.ulb.tu-darmstadt.de/2829/
• Reza Sepahi: Contributions to Public-Key Cryptography, Computing Department, Macquarie University, December 2012 http://web.science.mq.edu.au/~josef/CONTENTS/PHD THESES/Reza Sepahi_thesis.pdf
• [[Duc13-Thesis]] Léo Ducas: Lattice Based Signatures: Attacks, Analysis and Optimization. (In French) http://cseweb.ucsd.edu/~lducas/Thesis/
• [[Zha14-Thesis]] Zhenfei Zhang: Revisiting Fully Homomorphic Encryption Schemes and Their Cryptographic Primitives. http://www.uow.edu.au/~thomaspl/pdf/Zhang14.pdf
• [[Lep14-Thesis]] Tancrède Lepoint: Design and Implementation of Lattice-Based Cryptography. See his website https://www.cryptoexperts.com/tlepoint/
• Md. Mokammel Haque: Lattice-based Cryptanalysis for Secure Cryptosystems , Computing Department, Macquarie University, February 2014 http://web.science.mq.edu.au/~josef/CONTENTS/PHD THESES/Mokammel Haque_thesis.pdf

Master Thesis

• [[Ros06-Thesis]] Ricky Rosen: Lattice Problems, Norm Reductions and Embeddings. http://www.cs.tau.ac.il/~rosenric/papers/thesis5.pdf
• [[Ros11-Thesis]] M. Rose: Lattice-Based Cryptography: A Practical Implementation. http://www.uow.edu.au/~thomaspl/pdf/Rose11.pdf
• [[vandePol11-Thesis]] J.H. van de Pol: Lattice-based cryptography. http://www.cs.bris.ac.uk/pgrad/csjhvdp/files/ThesisJvdPol.pdf
• [[Tou13-Thesis]] Vasilios Evangelos Tourloupis: Hermite Normal Forms and its Cryptographic Applications. http://www.uow.edu.au/~thomaspl/pdf/Tourloupis13.pdf

DSpace JSPUI

Dspace preserves and enables easy and open access to all types of digital content including text, images, moving images, mpegs and data sets.

• Newcastle University eTheses
• Newcastle University
• Faculty of Science, Agriculture and Engineering
• School of Computing Science

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

• Bibliography
• More Referencing guides Blog Automated transliteration Relevant bibliographies by topics
• Automated transliteration
• Relevant bibliographies by topics
• Referencing guides

Cryptographic keys from noisy data, theory and applications

Research output : Thesis › PhD Thesis - Research UT, graduation UT

• METIS-252064

Access to Document

• 10.3990/1.9789036527385
• Buhan07cryptographic Final published version, 2.53 MB
• IleanaBuhan_PhD_thesis Final published version, 2.53 MB

Fingerprint

• Cryptographic Key Computer Science 100%
• Biometrics Computer Science 100%
• Application Computer Science 100%
• Biometric Authentication Computer Science 100%
• Biometric Sample Computer Science 60%
• User Computer Science 40%
• biometric authentication system Computer Science 40%
• Biometric Information Computer Science 40%

T1 - Cryptographic keys from noisy data, theory and applications

AU - Buhan, I.R.

N1 - 10.3990/1.9789036527385

PY - 2008/10/23

Y1 - 2008/10/23

N2 - Biometric security systems that verify a person's identity by scanning fingers, hands, eye or face are becoming more and more common. As a result biometrics is one of the fastest growing industries. Applications for biometrics range from homeland security physical access to various facilities and health and social services.Utilizing biometrics for personal authentication is more convenient and than current methods such as passwords or PINs. Another important advantage of biometric authentication is that it links events to a user and is becoming socially acceptable and inexpensive.Biometric authentication requires comparing a registered or enrolled biometric sample against a newly captured biometric sample. However, biometric authentication is not perfect and the output of a biometric authentication system can be subject to errors due to imperfections of the classification algorithm, poor quality of biometric samples, or an intruder who has tampered with the biometric authentication systems. Although biometric authentication is intended primarily to enhance security, storing biometric information in a database introduces new security and privacy risks, which increase if the database is connected to a network. This is the case in most practical situations.This thesis looks at security aspects of biometric authentication and proposes solutions to mitigate the risk of an attacker who tries to misuse biometric information or who bypasses modules of biometric systems to achieve his malicious goals. Our contribution is threefold. Firstly we propose 3W-tree, an analysis tool used to identify critical attack scenarios for a biometric system. We apply the 3W-tree design tool to the SmartGun biometric recognition system with the purpose of identifying critical security issues. Secondly, we explore the challenges of secure template protection, which are both theoretical and practical and we put forward solutions to part of the issues. Thirdly, we present a practical solution to the secure template transfer, which should allow transfer of the biometric traits between two biometrically enabled devices when no security infrastructure is available and the users are no security experts.

AB - Biometric security systems that verify a person's identity by scanning fingers, hands, eye or face are becoming more and more common. As a result biometrics is one of the fastest growing industries. Applications for biometrics range from homeland security physical access to various facilities and health and social services.Utilizing biometrics for personal authentication is more convenient and than current methods such as passwords or PINs. Another important advantage of biometric authentication is that it links events to a user and is becoming socially acceptable and inexpensive.Biometric authentication requires comparing a registered or enrolled biometric sample against a newly captured biometric sample. However, biometric authentication is not perfect and the output of a biometric authentication system can be subject to errors due to imperfections of the classification algorithm, poor quality of biometric samples, or an intruder who has tampered with the biometric authentication systems. Although biometric authentication is intended primarily to enhance security, storing biometric information in a database introduces new security and privacy risks, which increase if the database is connected to a network. This is the case in most practical situations.This thesis looks at security aspects of biometric authentication and proposes solutions to mitigate the risk of an attacker who tries to misuse biometric information or who bypasses modules of biometric systems to achieve his malicious goals. Our contribution is threefold. Firstly we propose 3W-tree, an analysis tool used to identify critical attack scenarios for a biometric system. We apply the 3W-tree design tool to the SmartGun biometric recognition system with the purpose of identifying critical security issues. Secondly, we explore the challenges of secure template protection, which are both theoretical and practical and we put forward solutions to part of the issues. Thirdly, we present a practical solution to the secure template transfer, which should allow transfer of the biometric traits between two biometrically enabled devices when no security infrastructure is available and the users are no security experts.

KW - METIS-252064

KW - EWI-13622

KW - IR-59976

U2 - 10.3990/1.9789036527385

DO - 10.3990/1.9789036527385

M3 - PhD Thesis - Research UT, graduation UT

SN - 978-9-03652-738-5

PB - University of Twente

• Advanced Search

A public static agreement key based cryptography for secure data transmission in WSN based smart environment application

New citation alert added.

This alert has been successfully added and will be sent to:

You will be notified whenever a record that you have chosen has been cited.

To manage your alert preferences, click on the button below.

New Citation Alert!

Please log in to your account

Information & Contributors

Bibliometrics & citations, view options, recommendations, novel fuzzy based crow search optimization algorithm for secure node-to-node data transmission in wsn.

Various sensor nodes are interconnected with each other in wireless sensor network (WSN). WSN communicates to every node within the network wirelessly to collect data regarding the surrounding environment and send the particular data to the ...

Secure Data Collection & Critical Data Transmission in Mobile Sink WSN: Secure and Energy efficient data collection technique

Secure and energy aware multi-hop routing protocol in wsn using taylor-based hybrid optimization algorithm.

The advancements of Wireless sensor network (WSN) in large number of applications made it common. However, the energy is a major challenge in the WSN environment as the battery-operated sensor nodes in the network consumes huge amount ...

Information

Published in.

Pergamon Press, Inc.

United States

Publication History

Author tags.

• Public static agreement key based cryptography
• Red fox optimization
• Fuzzy rules
• Secure data transmission
• Smart environment
• Research-article

Contributors

Other metrics, bibliometrics, article metrics.

• 0 Total Citations
• 0 Total Downloads
• Downloads (Last 12 months) 0
• Downloads (Last 6 weeks) 0

View options

Login options.

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Share this publication link.

Copying failed.

Share on social media

Affiliations, export citations.

• Please download or close your previous search result export first before starting a new bulk export. Preview is not available. By clicking download, a status dialog will open to start the export process. The process may take a few minutes but once it finishes a file will be downloadable from your browser. You may continue to browse the DL while the export process is in progress. Download
• Download citation
• Copy citation

We are preparing your search results for download ...

We will inform you here when the file is ready.

Your file of search results citations is now ready.

Your search export query has expired. Please try again.