DOCSLIB.ORG

Assignment 1

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Assignment 1 Phuket Rajabhat University Assignment 1 Using Microsoft Word 2007 Wipawan Buathong 27/09/2014 Assignment 1 Using Microsoft Word 2007 Wipawan Buathong PUBLIC-KEY CRYPTOGRAPHY TABLE OF CONTENT HOW IT WORKS ................................................................................................................................................. 3 DESCRIPTION ..................................................................................................................................................... 3 PUBLIC KEY ENCRYPTION ............................................................................................................................... 3 DIGITAL SIGNATURES..................................................................................................................................... 3 TABLE OF FIGURES Figure 1 Public Key Cyptography ....................................................................................................................... 3 Figure 2 Public Key Encryption .......................................................................................................................... 4 Figure 3 Digital Signature .................................................................................................................................. 4 ublic-key cryptography1 refers to a cryptographic key cryptography". Some of these algorithms have the public system requiring two separate keys, one to lock or key / private key property, that is, neither key is derivable encrypt the plaintext, and one to unlock or decrypt from knowledge of the other; not all asymmetric key the cyphertext. Neither key will do both functions. algorithms do. Those with this property are particularly POne of these keys is published or public and the other is kept useful and have been widely deployed and are the source of private. If the lock/encryption key is the one published then the commonly used name. The public key is used to the system enables private communication from the public transform a message into an unreadable form, decryptable to the unlocking key's owner. If the unlock/decryption key is only by using the (different but matching) private key. the one published then the system serves as a signature Participants in such a system must create a mathematically verifier of documents locked by the owner of the private linked key pair (i.e., a public and a private key). By publishing key. This cryptographic approach uses asymmetric key the public key, the key producer empowers anyone who gets algorithms, hence the more general name of "asymmetric a copy of the public key to produce messages only he can read -- because only the key producer has a copy of the 1 From Wikipedia, the free encyclopedia, private key (required for decryption). When someone wants http://en.wikipedia.org/wiki/Public-key_cryptography to send a secure message to the creator of those keys, the 2 Assignment 1 Using Microsoft Word 2007 Wipawan Buathong sender encrypts it (i.e., transforms it into an unreadable In contrast, symmetric-key algorithms, variations of form) using the intended recipient's public key; to decrypt which have been used for thousands of years, use a the message, the recipient uses the private key. No one else, single secret key—which must be shared and kept including the sender can do so. private by both sender and receiver—for both encryption and decryption. To use a symmetric encryption scheme, the sender and receiver must securely share a key in advance. Because symmetric key algorithms are nearly always much less computationally intensive, it is common to exchange a key using a key-exchange algorithm and transmit data using that key and a symmetric key algorithm. PGP, and the SSL/TLS family of schemes do this, for instance, and are thus called hybrid cryptosystems. DESCRIPTION Figure 1 Public Key Cyptography The two main branches of public key cryptography are public key encryption and digital signatures. HOW IT WORKS PUBLIC KEY ENCRYPTION The distinguishing technique used in public key A message encrypted with a recipient's public key cryptography is the use of asymmetric key algorithms, cannot be decrypted by anyone except a possessor of where the key used to encrypt a message is not the the matching private key—presumably, this will be the same as the key used to decrypt it. Each user has a owner of that key and the person associated with the pair of cryptographic keys—a public encryption key public key used. This is used for confidentiality. and a private decryption key. The publicly available encrypting-key is widely distributed, while the private DIGITAL SIGNATURES decrypting-key is known only to the recipient. A message signed with a sender's private key can be Messages are encrypted with the recipient's public key verified by anyone who has access to the sender's and can only be decrypted with the corresponding public key, thereby proving that the sender had access private key. The keys are related mathematically, but to the private key (and therefore is likely to be the parameters are chosen so that determining the private person associated with the public key used), and the key from the public key is prohibitively expensive. The part of the message that has not been tampered with. discovery of algorithms that could produce On the question of authenticity, see also message public/private key pairs revolutionized the practice of digest. cryptography beginning in the middle 1970s. 3 Assignment 1 Using Microsoft Word 2007 Wipawan Buathong Figure 2 Public Key Encryption An analogy to public-key encryption is that of a locked mailbox with a mail slot. The mail slot is exposed and accessible to the public; its location (the street address) is in essence the public key. Anyone knowing the street address can go to the door and drop a written Figure 3 Digital Signature message through the slot; however, only the person who possesses the key can open the mailbox and read the message. HISTORY An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The During the early history of cryptography, two parties message can be opened by anyone, but the would rely upon a key using a secure, but non- presence of the seal authenticates the cryptographic, method; for example, a face-to-face sender. meeting or an exchange via a trusted courier. This key, which both parties kept absolutely secret, could then A central problem for use of public-key cryptography is be used to exchange encrypted messages. A number confidence (ideally proof) that a public key is correct, of significant practical difficulties arise in this approach belongs to the person or entity claimed (i.e., is to distributing keys. Public-key cryptography 'authentic'), and has not been tampered with or addresses these drawbacks so that users can replaced by a malicious third party. The usual communicate securely over a public channel without approach to this problem is to use a public-key having to agree upon a shared key beforehand. infrastructure (PKI), in which one or more third parties, known as certificate authorities, certify In 1874, a book by William Stanley Jevons described ownership of key pairs. PGP, in addition to a certificate the relationship of one-way functions to cryptography authority structure, has used a scheme generally and went on to discuss specifically the factorization called the "web of trust", which decentralizes such problem used to create the trapdoor function in the authentication of public keys by a central mechanism, RSA system. In July 1996, one observer[2] commented substituting individual endorsements of the link on the Jevons book in this way: between user and public key. No fully satisfactory In his book The Principles of Science: A Treatise on solution to the public key authentication problem is Logic and Scientific Method, written and published in known. 4 Assignment 1 Using Microsoft Word 2007 Wipawan Buathong the 1890s, William S. Jevons observed that there are digital signature, and its security is connected to the many situations where the 'direct' operation is presumed difficulty of factoring large integers, a relatively easy, but the 'inverse' operation is problem for which there is no known efficient (i.e., significantly more difficult. One example mentioned practicably fast) general technique. In 1979 Michael O. briefly is that enciphering (encryption) is easy while Rabin published a related cryptosystem that is deciphering (decryption) is not. In the same section of probably secure as long as factorization of the public Chapter 7: Introduction titled 'Induction an Inverse key remains difficult; it remains an assumption that Operation', much more attention is devoted to the RSA also enjoys this security. principle that multiplication of integers is easy, but finding the (prime) factors of the product is much Since the 1970s, a large number and variety of harder. Thus, Jevons anticipated a key feature of the encryption, digital signature, key agreement, and RSA Algorithm for public key cryptography, though he other techniques have been developed in the field of certainly did not invent the concept of public key public-key cryptography. The ElGamal cryptosystem cryptography. (Ferguson N., 2003) (invented by Taher ElGamal) relies on the (similar, and related) difficulty of the discrete logarithm problem, as An asymmetric-key cryptosystem was published in does the closely related DSA developed at the US 1976 by Whitfield Diffie and Martin Hellman, who, National Security Agency
Load more

Recommended publications
  • Diamondoid Mechanosynthesis Prepared for the International Technology Roadmap for Productive Nanosystems
    IMM White Paper Scanning Probe Diamondoid Mechanosynthesis Prepared for the International Technology Roadmap for Productive Nanosystems 1 August 2007 D.R. Forrest, R. A. Freitas, N. Jacobstein One proposed pathway to atomically precise manufacturing is scanning probe diamondoid mechanosynthesis (DMS): employing scanning probe technology for positional control in combination with novel reactive tips to fabricate atomically-precise diamondoid components under positional control. This pathway has its roots in the 1986 book Engines of Creation, in which the manufacture of diamondoid parts was proposed as a long-term objective by Drexler [1], and in the 1989 demonstration by Donald Eigler at IBM that individual atoms could be manipulated by a scanning tunelling microscope [2]. The proposed DMS-based pathway would skip the intermediate enabling technologies proposed by Drexler [1a, 1b, 1c] (these begin with polymeric structures and solution-phase synthesis) and would instead move toward advanced DMS in a more direct way. Although DMS has not yet been realized experimentally, there is a strong base of experimental results and theory that indicate it can be achieved in the near term. • Scanning probe positional assembly with single atoms has been successfully demonstrated in by different research groups for Fe and CO on Ag, Si on Si, and H on Si and CNHCH3. • Theoretical treatments of tip reactions show that carbon dimers1 can be transferred to diamond surfaces with high fidelity. • A study on tip design showed that many variations on a design turn out to be suitable for accurate carbon dimer placement. Therefore, efforts can be focused on the variations of tooltips of many kinds that are easier to synthesize.
    [Show full text]
  • Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard V1.2.3
    Can We Trust Cryptographic Software? Cryptographic Flaws in GNU Privacy Guard v1.2.3 Phong Q. Nguyen CNRS/Ecole´ normale sup´erieure D´epartement d’informatique 45 rue d’Ulm, 75230 Paris Cedex 05, France. [email protected] http://www.di.ens.fr/˜pnguyen Abstract. More and more software use cryptography. But how can one know if what is implemented is good cryptography? For proprietary soft- ware, one cannot say much unless one proceeds to reverse-engineering, and history tends to show that bad cryptography is much more frequent than good cryptography there. Open source software thus sounds like a good solution, but the fact that a source code can be read does not imply that it is actually read, especially by cryptography experts. In this paper, we illustrate this point by examining the case of a basic In- ternet application of cryptography: secure email. We analyze parts of thesourcecodeofthelatestversionofGNUPrivacyGuard(GnuPGor GPG), a free open source alternative to the famous PGP software, com- pliant with the OpenPGP standard, and included in most GNU/Linux distributions such as Debian, MandrakeSoft, Red Hat and SuSE. We ob- serve several cryptographic flaws in GPG v1.2.3. The most serious flaw has been present in GPG for almost four years: we show that as soon as one (GPG-generated) ElGamal signature of an arbitrary message is released, one can recover the signer’s private key in less than a second on a PC. As a consequence, ElGamal signatures and the so-called ElGamal sign+encrypt keys have recently been removed from GPG.
    [Show full text]
  • Security Analysis and Trust Models in Wireless Networks Lela Mirtskhulava
    Security Analysis and Trust Models in Wireless Networks Lela Mirtskhulava [email protected] Department of Computer Sciences Faculty of Exact and Natural Sciences Iv. Javakhishvili Tbilisi State University University str., 13, Georgia In the given work, we analyse the serious weaknesses recently discovered in WPA2 (Wi-Fi Protected Access 2) in October 2017 and KRACK (Key Reinstallation Attack) attack on WPA2 announced by Computer Science Scientists. The KRACKs were introduced to abuse design flaws in cryptographic protocols to reinstall an already-in-use key. Several types of cryptographic Wi-Fi handshakes are affected by the attack. There are different forms of trust to address different types of network security problems and reduce risk in certain conditions. This paper explores the trust models applied by various cryptographic schemes: a) the web of trust employed by Pretty Good Privacy (PGP) where users using their own set of trusted public keys, b) Kerberos, a secret key distribution scheme using a trusted third party, c) certificates, which allow a set of trusted third parties to authenticate each other and, by implication, each other's users. Each of the above mentioned trust models differs in complexity, scope, scalability and general applicability. Which model of trust to apply in certain circumstances and types of wireless networks are discussed in the given paper. It describes the major security issues and their techniques of building trust model by monitoring network behavior. It is intended to use secure and faster cryptographic solution for Wi-Fi networks security by using an open source public-key NTRU cryptosystem that uses lattice-based cryptography.
    [Show full text]
  • Nanorobot Construction Crews
    Nanorobot Construction Crews Jaeseung Jeong, Ph.D Department of Bio and Brain engineering, KAIST Nanorobotics • Nanorobotics is the technology of creating machines or robots atltthit or close to the microscopi c scal lfe of a nanomet res (10-9 metres). More specifically, nanorobotics refers to the still largely ‘hypothetical’ nanotechnology engineering discipline of designing and building nanorobots. • Nanorobots ((,,nanobots, nanoids, nanites or nanonites ) would be typically devices ranging in size from 0.1-10 micrometers and constructed of nanoscale or molecular components. As no artificial non-biological nanorobots have yet been created, they remain a ‘hypothetical’ concept. • Another definition sometimes used is a robot which allows precision interactions with nanoscale objects , or can manipulate with nanoscale resolution. • Followingggpp this definition even a large apparatus such as an atomic force microscope can be considered a nanorobotic instrument when configured to perform nanomanipulation. • Also, macroscalble robots or mi crorob ots which can move wi th nanoscale precision can also be considered nanorobots. The T-1000 in Terminator 2: Judggyment Day • Since nanorobots would be microscopic in size , it would probably be necessary for very large numbers of them to work together to perform microscopic and macroscopic tasks. • These nanorobot swarms are fdifound in many sci ence fi fitiction stories, such as The T-1000 in Terminator 2: Judgment Day, nanomachine i n Meta l G ear So lid. • The word "nanobot" (also "nanite",,g, "nanogene", or "nanoant") is often used to indicate this fictional context and is a n info rma l o r eve n pejo rat ive term to refer to the engineering concept of nanorobots.
    [Show full text]
  • SIGMA: the 'Sign-And-Mac' Approach to Authenticated Diffie-Hellman and Its Use in the IKE Protocols
    SIGMA: the `SIGn-and-MAc' Approach to Authenticated Diffie-Hellman and its Use in the IKE Protocols ∗ Hugo Krawczyky June 12, 2003 Abstract We present the SIGMA family of key-exchange protocols and the \SIGn-and-MAc" approach to authenticated Diffie-Hellman underlying its design. The SIGMA protocols provide perfect forward secrecy via a Diffie-Hellman exchange authenticated with digital signatures, and are specifically designed to ensure sound cryptographic key exchange while supporting a variety of features and trade-offs required in practical scenarios (such as optional identity protection and reduced number of protocol rounds). As a consequence, the SIGMA protocols are very well suited for use in actual applications and for standardized key exchange. In particular, SIGMA serves as the cryptographic basis for the signature-based modes of the standardized Internet Key Exchange (IKE) protocol (versions 1 and 2). This paper describes the design rationale behind the SIGMA approach and protocols, and points out to many subtleties surrounding the design of secure key-exchange protocols in general, and identity-protecting protocols in particular. We motivate the design of SIGMA by comparing it to other protocols, most notable the STS protocol and its variants. In particular, it is shown how SIGMA solves some of the security shortcomings found in previous protocols. ∗A shortened version of this paper appears in the proceedings of CRYPTO'03. For further information related to the SIGMA protocols see http://www.ee.technion.ac.il/~hugo/sigma.html yEE Department, Technion, Haifa, Israel, and IBM T.J. Watson Research Center. Email: [email protected] 1 Contents 1 Introduction 1 2 Preliminaries: On the Security of Key-Exchange Protocols 4 2.1 Overview of the security model and requirements .
    [Show full text]
  • Diffie and Hellman Receive 2015 Turing Award Rod Searcey/Stanford University
    Diffie and Hellman Receive 2015 Turing Award Rod Searcey/Stanford University. Linda A. Cicero/Stanford News Service. Whitfield Diffie Martin E. Hellman ernment–private sector relations, and attracts billions of Whitfield Diffie, former chief security officer of Sun Mi- dollars in research and development,” said ACM President crosystems, and Martin E. Hellman, professor emeritus Alexander L. Wolf. “In 1976, Diffie and Hellman imagined of electrical engineering at Stanford University, have been a future where people would regularly communicate awarded the 2015 A. M. Turing Award of the Association through electronic networks and be vulnerable to having for Computing Machinery for their critical contributions their communications stolen or altered. Now, after nearly to modern cryptography. forty years, we see that their forecasts were remarkably Citation prescient.” The ability for two parties to use encryption to commu- “Public-key cryptography is fundamental for our indus- nicate privately over an otherwise insecure channel is try,” said Andrei Broder, Google Distinguished Scientist. fundamental for billions of people around the world. On “The ability to protect private data rests on protocols for a daily basis, individuals establish secure online connec- confirming an owner’s identity and for ensuring the integ- tions with banks, e-commerce sites, email servers, and the rity and confidentiality of communications. These widely cloud. Diffie and Hellman’s groundbreaking 1976 paper, used protocols were made possible through the ideas and “New Directions in Cryptography,” introduced the ideas of methods pioneered by Diffie and Hellman.” public-key cryptography and digital signatures, which are Cryptography is a practice that facilitates communi- the foundation for most regularly used security protocols cation between two parties so that the communication on the Internet today.
    [Show full text]
  • The Molecular Epair of the Rain, Part II by Ralph Merkle, Ph.D
    THIS ISSUE'S FEATURE: The Molecular epair of the rain, Part II By Ralph Merkle, Ph.D. Michael Perry, Ph.D. introduces us to "The Realities of Patient Storage" in this issue's For the Record lUS: Book Reviews, Relocation Reports, and Cryonics Fiction by Linda Dunn and Richard Shock ISSN 1054-4305 $4.50 "What is Cryonics?" Cryonics is the ultra-low-temperature preservation (biostasis) of terminal patients. The goal of biostasis and the technology of cryonics is the transport of today's terminal patients to a time in the future when cell and tissue repair technology will be available, and restoration to full function and health will be possible, a time when cures will exist for virtually all of today's diseases, including aging. As human knowledge and medical technology continue to expand in scope, people considered beyond hope of restoration (by today's medical standards) will be restored to health. (This historical trend is very clear.) The coming control over living systems should allow fabrication of new organisms and sub-cell-sized devices for repair and revival of patients waiting in cryonic suspension. The challenge for cryonicists today is to devise techniques that will ensure the patients' survival. Subscribe to CRY 0 ICS Magazine! CRYONICS magazine explores the practical, research, nanotechnology and molecular scientific, and social aspects of ultra­ engineering, book reviews, the physical low temperature pre­ format of memory and personality, the servation of humans. nature of identity, cryonics history, and As the quarterly much more. ·s FEAfURE' • .r h< • • f h THISISSUE oena\f'JI pu bl 1cat1on o t e •Ao\ecu\ar"' ~"h~>~'"''·~··o· C r If you're a first- The IV\ Bg Ra~1 RYfl'J\ Alcor Foundation-the THIS issuE's • ~L vJcs time subscriber, you p\1.\l.
    [Show full text]
  • Molecular Nanotechnology - Wikipedia, the Free Encyclopedia
    Molecular nanotechnology - Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Molecular_manufacturing Molecular nanotechnology From Wikipedia, the free encyclopedia (Redirected from Molecular manufacturing) Part of the article series on Molecular nanotechnology (MNT) is the concept of Nanotechnology topics Molecular Nanotechnology engineering functional mechanical systems at the History · Implications Applications · Organizations molecular scale.[1] An equivalent definition would be Molecular assembler Popular culture · List of topics "machines at the molecular scale designed and built Mechanosynthesis Subfields and related fields atom-by-atom". This is distinct from nanoscale Nanorobotics Nanomedicine materials. Based on Richard Feynman's vision of Molecular self-assembly Grey goo miniature factories using nanomachines to build Molecular electronics K. Eric Drexler complex products (including additional Scanning probe microscopy Engines of Creation Nanolithography nanomachines), this advanced form of See also: Nanotechnology Molecular nanotechnology [2] nanotechnology (or molecular manufacturing ) Nanomaterials would make use of positionally-controlled Nanomaterials · Fullerene mechanosynthesis guided by molecular machine systems. MNT would involve combining Carbon nanotubes physical principles demonstrated by chemistry, other nanotechnologies, and the molecular Nanotube membranes machinery Fullerene chemistry Applications · Popular culture Timeline · Carbon allotropes Nanoparticles · Quantum dots Colloidal gold · Colloidal
    [Show full text]
  • Practical Forward Secure Signatures Using Minimal Security Assumptions
    Practical Forward Secure Signatures using Minimal Security Assumptions Vom Fachbereich Informatik der Technischen Universit¨atDarmstadt genehmigte Dissertation zur Erlangung des Grades Doktor rerum naturalium (Dr. rer. nat.) von Dipl.-Inform. Andreas H¨ulsing geboren in Karlsruhe. Referenten: Prof. Dr. Johannes Buchmann Prof. Dr. Tanja Lange Tag der Einreichung: 07. August 2013 Tag der m¨undlichen Pr¨ufung: 23. September 2013 Hochschulkennziffer: D 17 Darmstadt 2013 List of Publications [1] Johannes Buchmann, Erik Dahmen, Sarah Ereth, Andreas H¨ulsing,and Markus R¨uckert. On the security of the Winternitz one-time signature scheme. In A. Ni- taj and D. Pointcheval, editors, Africacrypt 2011, volume 6737 of Lecture Notes in Computer Science, pages 363{378. Springer Berlin / Heidelberg, 2011. Cited on page 17. [2] Johannes Buchmann, Erik Dahmen, and Andreas H¨ulsing.XMSS - a practical forward secure signature scheme based on minimal security assumptions. In Bo- Yin Yang, editor, Post-Quantum Cryptography, volume 7071 of Lecture Notes in Computer Science, pages 117{129. Springer Berlin / Heidelberg, 2011. Cited on pages 41, 73, and 81. [3] Andreas H¨ulsing,Albrecht Petzoldt, Michael Schneider, and Sidi Mohamed El Yousfi Alaoui. Postquantum Signaturverfahren Heute. In Ulrich Waldmann, editor, 22. SIT-Smartcard Workshop 2012, IHK Darmstadt, Feb 2012. Fraun- hofer Verlag Stuttgart. [4] Andreas H¨ulsing,Christoph Busold, and Johannes Buchmann. Forward secure signatures on smart cards. In Lars R. Knudsen and Huapeng Wu, editors, Se- lected Areas in Cryptography, volume 7707 of Lecture Notes in Computer Science, pages 66{80. Springer Berlin Heidelberg, 2013. Cited on pages 63, 73, and 81. [5] Johannes Braun, Andreas H¨ulsing,Alex Wiesmaier, Martin A.G.
    [Show full text]
  • Security & Privacy for Mobile Phones
    Security & Privacy FOR Mobile Phones Carybé, Lucas Helfstein July 4, 2017 Instituto DE Matemática E Estatística - USP What IS security? • That GRANTS THE INFORMATION YOU PROVIDE THE ASSURANCES above; • That ENSURES THAT EVERY INDIVIDUAL IN THIS SYSTEM KNOWS EACH other; • That TRIES TO KEEP THE ABOVE PROMISES forever. Security IS ... A System! • That ASSURES YOU THE INTEGRITY AND AUTHENTICITY OF AN INFORMATION AS WELL AS ITS authors; 1 • That ENSURES THAT EVERY INDIVIDUAL IN THIS SYSTEM KNOWS EACH other; • That TRIES TO KEEP THE ABOVE PROMISES forever. Security IS ... A System! • That ASSURES YOU THE INTEGRITY AND AUTHENTICITY OF AN INFORMATION AS WELL AS ITS authors; • That GRANTS THE INFORMATION YOU PROVIDE THE ASSURANCES above; 1 • That TRIES TO KEEP THE ABOVE PROMISES forever. Security IS ... A System! • That ASSURES YOU THE INTEGRITY AND AUTHENTICITY OF AN INFORMATION AS WELL AS ITS authors; • That GRANTS THE INFORMATION YOU PROVIDE THE ASSURANCES above; • That ENSURES THAT EVERY INDIVIDUAL IN THIS SYSTEM KNOWS EACH other; 1 Security IS ... A System! • That ASSURES YOU THE INTEGRITY AND AUTHENTICITY OF AN INFORMATION AS WELL AS ITS authors; • That GRANTS THE INFORMATION YOU PROVIDE THE ASSURANCES above; • That ENSURES THAT EVERY INDIVIDUAL IN THIS SYSTEM KNOWS EACH other; • That TRIES TO KEEP THE ABOVE PROMISES forever. 1 Security IS ... A System! Eve | | | Alice "Hi" <---------------> "Hi" Bob 2 Security IS ... Cryptography! Eve | | | Alice "Hi" <----"*****"------> "Hi" Bob 3 Security IS ... Impossible! The ONLY TRULY SECURE SYSTEM IS ONE THAT IS POWERED off, CAST IN A BLOCK OF CONCRETE AND SEALED IN A lead-lined ROOM WITH ARMED GUARDS - AND EVEN THEN I HAVE MY doubts.
    [Show full text]
  • Loki: Location-Based PKI for Social Networks
    LoKI: Location-based PKI for Social Networks Randy Baden University of Maryland [email protected] http://www.cs.umd.edu/~randofu/loki Categories and Subject Descriptors decentralized OSNs. The out-of-band exchange of keys, how- C.2.0 [Computer Communications Networks]: General—Data ever, has proven too onerous for typical users [7]. We therefore communications; C.2.1 [Computer Communications Networks]: choose to design techniques that users are able to more readily Network Architecture and Design—Wireless communication; C.2.4 employ based on how users interact with each other in modern [Computer Communications Networks]: Distributed Systems— settings. Client/server, Distributed applications; C.5.3 [Computer Sys- Our main contribution is a system, LoKI, in which we use the tem Implementation]: Microcomputers—Portable devices (e.g., ubiquity of mobile devices to provide users with a new method laptops, personal digital assistants); E.3 [Data Encryption]: for verifying identities that does not require immediate user in- [Public key cryptosystems] teraction. Concretely, we propose collecting shared secrets from nearby mobile devices over the course of typical mobile activ- ity, then using these shared secrets post-hoc to perform identity General Terms verification based on user recollection of when real-world meet- Security, Design, Performance ings occurred. We estimate the frequency of real-world meet- ings among social network users with a data set of interactions recorded by Foursquare, Facebook, and Twitter. We evaluate Keywords the technical constraints of collecting and storing shared secrets Public Key Infrastructure, Online Social Networks, Location, in terms of storage space and power consumption based on the Mobility frequency of mobile device encounters.
    [Show full text]
  • Analysis of Key Management in Matrix
    Bachelor thesis Computing Science Radboud University Analysis of key management in Matrix Author: First supervisor/assessor: Floris Hendriks Prof. J.J.C. Daemen s4749294 [email protected] Second supervisor: Dr. B.J.M. Mennink [email protected] Second assessor: Dr. C.E. Dobraunig [email protected] January 17, 2020 Abstract This thesis presents an analysis of Matrix’s key management. Matrix is an end-to-end encrypted and decentralised application layer proto- col, developed by The Matrix.org Foundation C.I.C. The protocol is used, among other applications, to end-to-end encrypt messages in a decen- tralised chat system. To date, Matrix is not equipped with a clear and well-described overview on how keys enable end-to-end encryption in a decentralised network. This thesis therefore describes how keys in Ma- trix are established, used, stored, exchanged and verified. Moreover, the analysis also explores the limitations of Matrix’s key management and potential improvements. Contents 1 Introduction3 1.1 Research questions........................5 1.2 Structure..............................6 2 Preliminaries7 2.1 Data formats used in Matrix...................7 2.2 Security principles........................8 2.2.1 Forward secrecy......................8 2.2.2 Backward secrecy.....................8 2.2.3 Deniability.........................8 2.2.4 Confidentiality.......................8 2.2.5 Integrity..........................9 2.2.6 Authentication.......................9 2.3 Cryptographic primitives used in Matrix............9 2.3.1 Cryptographic hash functions..............9 2.3.2 HMAC............................9 2.3.3 HKDF............................ 10 2.3.4 Cryptographic ratchets.................. 10 2.3.5 Curve25519........................ 11 2.3.6 EdDSA and Ed25519..................
    [Show full text]