Browsing by Subject "Encryption"
Now showing 1 - 6 of 6
- Results Per Page
- Sort Options
Item Cloud computing : security risk analysis and recommendations(2011-12) Sachdeva, Kapil; Bagchi, Uttarayan; Walls, StephenCloud computing is here to stay and is the natural progression in the evolution of our computing and collaboration needs. The easy availability of computing infrastructures is motivating a new breed of entrepreneurs to realize their ideas and deliver innovations to masses. These innovations, however, have some serious security weaknesses. If not taken into account, these weaknesses could prove fatal for an organization’s reputation and existence. This thesis explains the potential risks associated with various types of cloud computing technologies and recommends methods to mitigate them.Item Efficient, provably secure code constructions(2011-05) Agrawal, Shweta Prem; Vishwanath, Sriram; Boneh, Dan; Zuckerman, David; Garg, Vijay; Caramanis, Constantine; Sanghavi, SujayThe importance of constructing reliable and efficient methods for securing digital information in the modern world cannot be overstated. The urgency of this need is reflected in mainstream media--newspapers and websites are full of news about critical user information, be it credit card numbers, medical data, or social security information, being compromised and used illegitimately. According to news reports, hackers probe government computer networks millions of times a day, about 9 million Americans have their identities stolen each year and cybercrime costs large American businesses 3.8 million dollars a year. More than 1 trillion worth of intellectual property has already been stolen from American businesses. It is this evergrowing problem of securing valuable information that our thesis attempts to address (in part). In this thesis, we study methods to secure information that are fast, convenient and reliable. Our overall contribution has four distinct threads. First, we construct efficient, "expressive" Public Key Encryption systems (specifically, Identity Based Encryption systems) based on the hardness of lattice problems. In Identity Based Encryption (IBE), any arbitrary string such as the user's email address or name can be her public key. IBE systems are powerful and address several problems faced by the deployment of Public Key Encryption. Our constructions are secure in the standard model. Next, we study secure communication over the two-user interference channel with an eavesdropper. We show that using lattice codes helps enhance the secrecy rate of this channel in the presence of an eavesdropper. Thirdly, we analyze the security requirements of network coding. Network Coding is an elegant method of data transmission which not only helps achieve capacity in several networks, but also has a host of other benefits. However, network coding is vulnerable to "pollution attacks" when there are malicious users in the system. We design mechanisms to prevent pollution attacks. In this setting, we provide two constructions -- a homomorphic Message Authentication Code (HMAC) and a Digital Signature, to secure information that is transmitted over such networks. Finally, we study the benefits of using Compressive Sensing for secure communication over the Wyner wiretap channel. Compressive Sensing has seen an explosion of interest in the last few years with its elegant mathematics and plethora of applications. So far however, Compressive Sensing had not found application in the domain of secrecy. Given its inherent assymetry, we ask (and answer in the affirmative) the question of whether it can be deployed to enable secure communication. Our results allow linear encoding and efficient decoding (via LASSO) at the legitimate receiver, along with infeasibility of message recovery (via an information theoretic analysis) at the eavesdropper, regardless of decoding strategy.Item The feasibility of memory encryption and authentication(2013-05) Owen, Donald Edward, Jr.; John, Lizy KurianThis thesis presents an analysis of the implementation feasibility of RAM authentication and encryption. Past research as used simulations to establish that it is possible to authenticate and encrypt the contents of RAM with reasonable performance penalties by using clever implementations of tree data structures over the contents of RAM. However, previous work has largely bypassed implementation issues such as power consumption and silicon area required to implement the proposed schemes, leaving implementation details unspecified. This thesis studies the implementation cost of AES-GCM hardware and software solutions for memory authentication and encryption and shows that software solutions are infeasible because they are too costly in terms of performance and power, whereas hardware solutions are more feasible.Item Practicality of algorithmic number theory(2013-08) Taylor, Ariel Jolishia; Luecke, John EdwinThis report discusses some of the uses of algorithms within number theory. Topics examined include the applications of algorithms in the study of cryptology, the Euclidean Algorithm, prime generating functions, and the connections between algorithmic number theory and high school algebra.Item S/MIME client with wireless key passing for android(2015-12) Diaz, Ramiro Daniel; Barber, Suzanne; Bard, WilliamAs the value and vulnerability of personal data has increased, the security of digital communication and information has become more important. Currently, there exists no application that allows for a convenient transfer of secure digital communication on mobile devices as they continue to usurp the role of personal computers in the real world. This report will document my attempt to create one such application on the Android platform. This report will present a brief background of the algorithms intended to be used, as well as an overview of the evolution of the email protocols into the S/MIME protocol. It shall also cover related works that currently exist that we explored, or used in the creation of the application. In program requirements, the overall requirements of the application will be discussed in detail. In program design, we will describe the overall design and architecture of the application. Finally, program outcome will describe the difficulties faced in the process of implementing the work, the outcome itself and where it can be found, and future work that is needed for the application.Item The ability of surveillance capitalist technology firms to resist U.S. government surveillance(2018-05) Shelley, Brian Edward; Tanriverdi, HüseyinThis thesis reviewed and measured the methods employed by multinational U.S.-based technology firms to resist U.S. government surveillance. A political science adaptation of Affordance Theory was used to separate methods used to resist surveillance into four affordances: legal, political, technical, and market. Review of each firms’ actions provided a more granular evaluation of the motivations and impact of their choices than has been explored in existing literature. The results showed that firms had varying levels of success across all four affordances, and certainly less success than was assumed in existing literature given their resources and influence. The legal and political affordances were both constrained and enabled in part by the firms’ reliance on the U.S. government to compromise. The technical affordance was hampered by protection of data exploitative business models. The market affordance casted doubt on the ability of users to influence change via market pressures. The actions firms chose were heavily influenced by their surveillance capitalist business models predicated on mass collection and exploitation of user data. This reliance on personal data assets to drive revenue inhibited the firms’ capacity as surrogate defenders of individual privacy. When firms resisted surveillance, they were often motivated by conflict of law risks or protection of international markets. To effectively resist surveillance, current firms should begin to transition business models into new revenue streams and redirect public discontent to surveillance reform rather than surveillance resistance. New firms are at a disadvantaged position, with every option to resist surveillance being either cost prohibitive or with significant inherent risk.