Measuring Small Subgroup Attacks Against Diffie-Hellman
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
A Companion to User's Guide to Cryptography and Standards
A Companion to User’s Guide to Cryptography and Standards Alexander W. Dent Chris J. Mitchell 17th December 2004 (v1.1) ii Contents 1 Introduction 1 1.1 Scope and purpose . 2 1.2 Structure of book . 2 1.3 Terminology . 2 1.4 Modular Arithmetic . 2 1.5 Notes . 2 2 Standards and the standardisation process 3 2.1 Why bother with standards? . 4 2.2 International standardisation organisations . 4 2.3 National standardisation organisations . 4 2.4 Industrial standardisation organisations . 4 2.5 Cryptographic evaluation bodies . 4 2.6 Notes . 4 3 Security mechanisms and security services 5 3.1 Introduction . 6 3.2 Security standards . 6 3.3 A model for security . 6 3.4 Security services . 6 3.5 Security mechanisms . 6 3.6 Relating services to mechanisms . 6 3.7 Services and protocols layers . 6 3.8 Security management . 6 3.9 Security frameworks . 6 iii iv CONTENTS 3.10 Notes . 6 4 Encryption 9 4.1 Definitions and Basic Properties . 10 4.2 Block Ciphers . 10 4.3 Stream Ciphers . 10 4.4 Asymmetric Ciphers . 11 4.5 Notes . 11 5 Modes of operation for block ciphers 17 5.1 Definitions and basic properties . 18 5.2 Standards for modes of operation . 18 5.3 Padding methods . 18 5.4 Electronic Codebook (ECB) mode . 18 5.5 Cipher Block Chaining (CBC) mode . 18 5.6 Counter (CTR) mode . 18 5.7 Output Feedback (OFB) mode . 18 5.8 Cipher Feedback (CFB) mode . 18 5.9 Choosing a mode of operation . 18 5.10 Other modes . -
Mining of Massive Datasets
Mining of Massive Datasets Anand Rajaraman Kosmix, Inc. Jeffrey D. Ullman Stanford Univ. Copyright c 2010, 2011 Anand Rajaraman and Jeffrey D. Ullman ii Preface This book evolved from material developed over several years by Anand Raja- raman and Jeff Ullman for a one-quarter course at Stanford. The course CS345A, titled “Web Mining,” was designed as an advanced graduate course, although it has become accessible and interesting to advanced undergraduates. What the Book Is About At the highest level of description, this book is about data mining. However, it focuses on data mining of very large amounts of data, that is, data so large it does not fit in main memory. Because of the emphasis on size, many of our examples are about the Web or data derived from the Web. Further, the book takes an algorithmic point of view: data mining is about applying algorithms to data, rather than using data to “train” a machine-learning engine of some sort. The principal topics covered are: 1. Distributed file systems and map-reduce as a tool for creating parallel algorithms that succeed on very large amounts of data. 2. Similarity search, including the key techniques of minhashing and locality- sensitive hashing. 3. Data-stream processing and specialized algorithms for dealing with data that arrives so fast it must be processed immediately or lost. 4. The technology of search engines, including Google’s PageRank, link-spam detection, and the hubs-and-authorities approach. 5. Frequent-itemset mining, including association rules, market-baskets, the A-Priori Algorithm and its improvements. 6. -
Linux Administrators Security Guide LASG - 0.1.1
Linux Administrators Security Guide LASG - 0.1.1 By Kurt Seifried ([email protected]) copyright 1999, All rights reserved. Available at: https://www.seifried.org/lasg/. This document is free for most non commercial uses, the license follows the table of contents, please read it if you have any concerns. If you have any questions email [email protected]. A mailing list is available, send an email to [email protected], with "subscribe lasg-announce" in the body (no quotes) and you will be automatically added. 1 Table of contents License Preface Forward by the author Contributing What this guide is and isn't How to determine what to secure and how to secure it Safe installation of Linux Choosing your install media It ain't over 'til... General concepts, server verses workstations, etc Physical / Boot security Physical access The computer BIOS LILO The Linux kernel Upgrading and compiling the kernel Kernel versions Administrative tools Access Telnet SSH LSH REXEC NSH Slush SSL Telnet Fsh secsh Local YaST sudo Super Remote Webmin Linuxconf COAS 2 System Files /etc/passwd /etc/shadow /etc/groups /etc/gshadow /etc/login.defs /etc/shells /etc/securetty Log files and other forms of monitoring General log security sysklogd / klogd secure-syslog next generation syslog Log monitoring logcheck colorlogs WOTS swatch Kernel logging auditd Shell logging bash Shadow passwords Cracking passwords John the ripper Crack Saltine cracker VCU PAM Software Management RPM dpkg tarballs / tgz Checking file integrity RPM dpkg PGP MD5 Automatic -
Security + Encryption Standards
Security + Encryption Standards Author: Joseph Lee Email: joseph@ ripplesoftware.ca Mobile: 778-725-3206 General Concepts Forward secrecy / perfect forward secrecy • Using a key exchange to provide a new key for each session provides improved forward secrecy because if keys are found out by an attacker, past data cannot be compromised with the keys Confusion • Cipher-text is significantly different than the original plaintext data • The property of confusion hides the relationship between the cipher-text and the key Diffusion • Is the principle that small changes in message plaintext results in large changes in the cipher-text • The idea of diffusion is to hide the relationship between the cipher-text and the plaintext Secret-algorithm • A proprietary algorithm that is not publicly disclosed • This is discouraged because it cannot be reviewed Weak / depreciated algorithms • An algorithm that can be easily "cracked" or defeated by an attacker High-resiliency • Refers to the strength of the encryption key if an attacker discovers part of the key Data-in-transit • Data sent over a network Data-at-rest • Data stored on a medium Data-in-use • Data being used by an application / computer system Out-of-band KEX • Using a medium / channel for key-exchange other than the medium the data transfer is taking place (phone, email, snail mail) In-band KEX • Using the same medium / channel for key-exchange that the data transfer is taking place Integrity • Ability to determine the message has not been altered • Hashing algorithms manage Authenticity -
Iclab: a Global, Longitudinal Internet Censorship Measurement Platform
ICLab: A Global, Longitudinal Internet Censorship Measurement Platform Arian Akhavan Niaki∗y Shinyoung Cho∗yz Zachary Weinberg∗x Nguyen Phong Hoangz Abbas Razaghpanahz Nicolas Christinx Phillipa Gilly yUniversity of Massachusetts, Amherst zStony Brook University xCarnegie Mellon University {arian, shicho, phillipa}@cs.umass.edu {shicho, nghoang, arazaghpanah}@cs.stonybrook.edu {zackw, nicolasc}@cmu.edu Abstract—Researchers have studied Internet censorship for remains elusive. We highlight three key challenges that must nearly as long as attempts to censor contents have taken place. be addressed to make progress in this space: Most studies have however been limited to a short period of time and/or a few countries; the few exceptions have traded off detail Challenge 1: Access to Vantage Points. With few ex- for breadth of coverage. Collecting enough data for a compre- ceptions,1 measuring Internet censorship requires access to hensive, global, longitudinal perspective remains challenging. “vantage point” hosts within the region of interest. In this work, we present ICLab, an Internet measurement The simplest way to obtain vantage points is to recruit platform specialized for censorship research. It achieves a new balance between breadth of coverage and detail of measurements, volunteers [37], [43], [73], [80]. Volunteers can run software by using commercial VPNs as vantage points distributed around that performs arbitrary network measurements from each the world. ICLab has been operated continuously since late vantage point, but recruiting more than a few volunteers per 2016. It can currently detect DNS manipulation and TCP packet country and retaining them for long periods is difficult. Further, injection, and overt “block pages” however they are delivered. -
Introduction to Linux and Using CSC Environment Efficiently
Introduction to Linux and Using CSC Environment Efficiently Introduction UNIX A slow-pace course for absolute UNIX beginners February 10th, 2014 Lecturers (in alphabetical order): Tomasz Malkiewicz Atte Sillanpää Thomas Zwinger Program 09:45 – 10:00 Morning coffee + registration 10:00 – 10:15 Introduction to the course (whereabouts, etc.) 10:15 – 10:45 What is UNIX/Linux: history and basic concepts (multi-user, multi-tasking, multi-processor) 10:45 – 11:15 Linux on my own computer: native installation, dual-boot, virtual appliances 11:15 – 11:45 A first glimpse of the shell: simple navigation, listing, creating/removing files and directories 11:45 – 12:45 lunch 12:45 – 13:00 Text editors: vi and emacs 13:00 – 13:45 File permissions: concepts of users and groups, changing permissions/groups 13:45 – 14:15 Job management: scripts and executables, suspending/killing jobs, monitoring, foreground/background 14:15 – 14:30 coffee break 14:30 – 15:00 Setup of your system: environment variables, aliases, rc-files 15:00 – 15:30 A second look at the shell: finding files and contents, remote operations, text-utils, changing shells 15:30 – 17:00 Troubleshooter: Interactive session to deal with open questions and specific problems Program All topics are presented with interactive demonstrations Additionally, exercises to each of the sections will be provided The Troubleshooter section is meant for personal interaction and is (with a time- limit to 17:00) kept in an open end style Practicalities Keep the name tag visible Lunch is served in the same building. -
Key Exchange in Ipsec Revisited Formal Analysis of Ikev1 and Ikev2
Research Collection Report Key Exchange in IPsec revisited Formal Analysis of IKEv1 and IKEv2 Author(s): Cremers, Cas Publication Date: 2011 Permanent Link: https://doi.org/10.3929/ethz-a-006804260 Rights / License: In Copyright - Non-Commercial Use Permitted This page was generated automatically upon download from the ETH Zurich Research Collection. For more information please consult the Terms of use. ETH Library Key Exchange in IPsec revisited: Formal Analysis of IKEv1 and IKEv2 (Preprint?) Cas Cremers Institute of Information Security ETH Zurich, Switzerland [email protected] Abstract. The IPsec standard aims to provide application-transparent end-to-end security for the Internet Protocol. The security properties of IPsec critically depend on the underlying key exchange protocols, known as IKE (Internet Key Exchange). We provide the most extensive formal analysis so far of the current IKE versions, IKEv1 and IKEv2. We combine recently introduced formal anal- ysis methods for security protocols with massive parallelization, allowing the scope of our analysis to go far beyond previous formal analysis. While we do not find any significant weaknesses on the secrecy of the session keys established by IKE, we find several previously unreported weaknesses on the authentication properties of IKE. Keywords: Security protocols, IPsec, IKE, IKEv1, IKEv2, Formal anal- ysis, protocol interaction, multi-protocol attacks 1 Introduction IPsec [19] is an IETF protocol suite that provides Internet Protocol (IP) security. In particular, IPsec provides confidentiality, data integrity, access control, and data source authentication [17]. In contrast to, e. g., SSL/TLS [12], IPsec provides end-to-end security in an application-transparent way, i. -
Analysis and Evaluation of Email Security
Al-Azhar University – Gaza Deanship of Postgraduate Studies Faculty of Engineering & Information Technology Master of Computing and Information System Analysis and Evaluation of Email Security Prepared by Mohammed Ahmed Maher Mahmoud Al-Nakhal Supervised by Dr. Ihab Salah Al-Dein Zaqout A Thesis submitted in partial fulfillment of the requirements for the degree of Master of Computing and Information Systems 2018 جامعةةةةةةةةةة ةةةةةةةةةة – غةةةةةةةةةة عمةةةةةةةةةاا لعل اةةةةةةةةةا لع ةةةةةةةةةا ك هلنعا وتكنولوج ا ملع وما ماجسةةةاحل بواةةةم وعلةةةت ملع ومةةةا حتليل وتقييم أمن الربيد اﻹلكرتوني إعداد الباحث حممد أمحد ماهر حممود النخال إشراف الدكتور/ إيهاب صﻻح الدين زقوت قدمت هذه الرسالة استكماﻻً لمتطلبات الحصول على درجة الماجستير في الحوسبة ونظم المعلومات من كلية الهندسة وتكنولوجيا المعلومات – جامعة اﻷزهر – غزة 2018 قَالُوا سُبْحَانَكَ لَا عِلْمَ لَنَا إِلَّا مَا عَلَّمْتَنَا إِنَّكَ أَنْتَ الْعَلِيمُ الْحَكِيمُ صدق اهلل العظيم سورة البقرة ) آية 32( i Dedication To my parents who take my hands and walk me among the ports of life, what is clear in their paths. Thanks to them and hope from Almighty Allah to keep them for me and extend in their age ... To my loving, forgiving and supportive wife who created the atmosphere for me to complete this work. To my brother Mahmoud and sisters Dema and Dania …... To the martyrs of Palestine who fought for the sake of Almighty Allah. ii Acknowledgment The prophet Mohammad (Peace Be Upon Him) says, “He who does not thank people, does not thank Allah “. Completing and issuing such dissertation would not have been possible without the help and support of the people who ably guided this dissertation through the whole process. -
The Legacy of Export-Grade Cryptography in the 21St Century
The legacy of export-grade cryptography in the 21st century Nadia Heninger University of Pennsylvania October 6, 2016 International Traffic in Arms Regulations April 1, 1992 version Category XIII--Auxiliary Military Equipment ... (b) Information Security Systems and equipment, cryptographic devices, software, and components specifically designed or modified therefore, including: (1) Cryptographic (including key management) systems, equipment, assemblies, modules, integrated circuits, components or software with the capability of maintaining secrecy or confidentiality of information or information systems, except cryptographic equipment and software as follows: (i) Restricted to decryption functions specifically designed to allow the execution of copy protected software, provided the decryption functions are not user-accessible. (ii) Specially designed, developed or modified for use in machines for banking or money transactions, and restricted to use only in such transactions. Machines for banking or money transactions include automatic teller machines, self-service statement printers, point of sale terminals or equipment for the encryption of interbanking transactions. ... Timeline of US cryptography export control I Pre-1994: Encryption software requires individual export license as a munition. I 1994: US State Department amends ITAR regulations to allow export of approved software to approved countries without individual licenses. 40-bit symmetric cryptography was understood to be approved under this scheme. I 1995: Netscape develops initial SSL protocol. I 1996: Bernstein v. United States; California judge rules ITAR regulations are unconstitutional because \code is speech" I 1996: Cryptography regulation moved to Department of Commerce. I 1999: TLS 1.0 standardized. I 2000: Department of Commerce loosens regulations on mass-market and open source software. Commerce Control List: Category 5 - Info. -
To Interaction Captures the Technology Shift from Mainframes to Worksta
InternetRolf Oppliger Security: Firewalls HE PARADIGM SHIFT FROM ALGORITHMS to interaction captures the technology and shift from mainframes to worksta- tionsT and networks, from number-crunching to embedded systems and graphical user interfaces, Bey and from procedure-oriented to object-based and distributed programming. The radical notion that interactive systems are more powerful problem- solving engines than algorithms is the basis for a new paradigm for computing technology built around the unifying concept of interaction. The emerging use of the TCP/IP communications perhaps, best be described as a collegial environ- protocol suite for internetworking has led to a global ment, where the users and hosts were mutually system of interconnected hosts and networks that is trusting and interested in a free and open exchange commonly referred to as the Internet. During the of information. In this environment, the people on last decade, the Internet has experienced a tri- the Internet were the people who actually built the umphant advance. Projections based on its current Internet. As time went on, the Internet became more rate of growth suggest there will be over one million useful and reliable, and these people were joined by computer networks and well over one billion users others. With fewer goals in common and more peo- by the end of the century. Therefore, the Internet is ple, the Internet steadily twisted away from its orig- seen as the first incarnation of a national information inal intent. infrastructure (NII) as promoted by the U.S. govern- Today, the Internet environment is much less col- ment. legial and trustworthy. -
X.509V3 Certificates for SSH Authentication
X.509v3 Certificates for SSH Authentication The X.509v3 Certificates for SSH Authentication feature uses public key algorithm (PKI) for server and user authentication, and allows the Secure Shell (SSH) protocol to verify the identity of the owner of a key pair via digital certificates, signed and issued by a Certificate Authority (CA). This module describes how to configure server and user certificate profiles for a digital certificate. • Prerequisites for X.509v3 Certificates for SSH Authentication, on page 1 • Restrictions for X.509v3 Certificates for SSH Authentication, on page 1 • Information About X.509v3 Certificates for SSH Authentication, on page 2 • How to Configure X.509v3 Certificates for SSH Authentication, on page 3 • Verifying the Server and User Authentication Using Digital Certificates , on page 6 • Configuration Examples for X.509v3 Certificates for SSH Authentication, on page 6 • Additional References for X.509v3 Certificates for SSH Authentication, on page 7 • Feature Information for X.509v3 Certificates for SSH Authentication, on page 8 Prerequisites for X.509v3 Certificates for SSH Authentication The X.509v3 Certificates for SSH Authentication feature replaces the ip ssh server authenticate user command with the ip ssh server algorithm authentication command. Configure the default ip ssh server authenticate user command to remove the ip ssh server authenticate user command from the configuration. The IOS secure shell (SSH) server will start using the ip ssh server algorithm authentication command. When you configure the ip ssh server authenticate user command, the following message is displayed: Warning SSH command accepted; but this CLI will be deprecated soon. Please move to new CLI ip ssh server algorithm authentication. -
An Overview of Public Key Infrastructure
AN OVERVIEW OF PUBLIC KEY INFRASTRUCTURE A Thesis Presented to the Faculty of San Diego State University In Partial Fulfillment of the Requirements for the Degree Master of Science in Applied Mathematics with a Concentration in Mathematical Theory of Communication Systems by Pavan Kandepet Fall 2013 iii Copyright c 2013 by Purushothaman Pavan Kandepet iv DEDICATION I would like to dedicate this thesis to my chair Dr. Carmelo Interlando for helping me extensively through the course of my study at San Diego State University. His valuable advice, insight and knowledge have helped me tremendously. I thank him for all the help he has provided. v ABSTRACT OF THE THESIS An Overview of Public Key Infrastructure by Pavan Kandepet Master of Science in Applied Mathematics with a Concentration in Mathematical Theory of Communication Systems San Diego State University, 2013 Security for electronic commerce has become increasingly demanding in recent years owing to its widespread adoption across geographically distributed systems. Public Key Infrastructure (PKI) is a relatively new technology with foundations in mathematics and which provides the necessary security features for digital commerce. The main goal of this work is to provide an introduction to PKI and how it can be used across geographically distributed systems. We start with an introduction to electronic commerce security and discuss its security concerns. This is followed by an introduction to cryptography, which sets the stage for the main chapter on PKI which introduces several components of this system in detail and its expectations. Next, certificates and certificate management, which are key components of electronic security, are discussed.