Sharif Digital Repository

With the increase in the usage of wireless networks and smart grid networks and their applications, need for broadcast transmission has been increased dramatically. In order to use these communication, first we need to secure them by cryptographic methods. As authentication is one of the most important aspect of security, introducing secure broadcast authentication schemes are critical. Because of the resources constrainted nodes of these network, it is important to use light cryptographic methods with high security in these schemes. In this work, after analyzing related works, we introduce a new symmetric broadcast authentication scheme which is more efficient in term of memory consumption... 

Due to popularity of mobile wireless devices, security of mobile ad hoc networks (MANETs) being more important than before. Traditional key management schemes based on symmetric key cryptography are became ineffective because of dynamic and infrastructureless nature of these networks.Recent studies are mainly based on traditional public key cryptography schemes and ID-based cryptography schemes. On the other hand, Contributory schemes seem suitable for MANETs because of their inherent self-organize property. Key update and Key revocation are the fundamental issues of key management schemes in mobile ad hoc networks. Certificateless public key cryptography, in addition to solve those issues,... 

Secure multi-party computation (MPC) enables a group of mutually distrustful parties to compute a joint and agreed upon function of their private inputs without disclosing anything but the corresponding output. One of the most important secure computation protocols is private set intersection (PSI). In PSI, often two or several parties wish to find the intersection of their sets without revealing other non-common elements. There exist some other variants of PSI protocol like PSI cardinality or threshold PSI which in the former only the cardinality of the intersection set is revealed and in the latter the intersection set is revealed if its cardinality is greater (less) than a certain value.... 

Blockchain systems are considered a subclass of distributed systems and have drawn a lot of attention from academia in recent years. The deployment of these systems in various contexts has been the focus of extensive studies. Because of their design, which places a strong focus on security and decentralization, blockchain systems have some challenges. The most prominent challenge is the one that involves scalability. A blockchain's scalability refers to its capacity to achieve a target throughput and solid performance in confirming transactions with an ever-increasing workload or number of nodes in the network. A solid performance suggests that the blockchain system can sustain its... 

Distinguishing Attacks are a class of attacks on stream ciphers, which evaluate the random peroperties of the keystream generated by a stream cipher. In fact in these attacks the cryptanalyst tries to determine whether a stream is generated by a specific cipher or it seems random. Most of the Distinguishing attacks use the linear cryptanalysis technique and are called Linear Distinguishing Attack. The focus of this thesis is on linear distinguishing attacks. After a survey on stream ciphers and their cryptanalysis methods, distinguishing attack is introduced in detail. Then a new successful linear distinguishing attack on a recently developed stream cipher, Shannon, is presented. This attack... 

Considering the advancement in cryptography technologies, data security in the computer networks has achieved to an acceptable level. But considering the structures and the protocols governing the data exchange in the computer networks, privacy of users and anonymity of transmitters is not preserved. Mix-nets are utilized to maintain anonymous data exchange in computer networks. Different types of Mix-net designs for various applications are proposed. Public verifiable Mix-nets are a group of Mix-nets that are used in designing cryptographic protocols such as electronic voting and payment. In this thesis, we have cryptanalysed structural weaknesses of the verifiable Mix-nets. The attacks on... 

Vehicle Ad-hoc Network (VANET) is a type of mobile Ad-hoc network (MANETs) which vehicles are mobile nodes of this network and it can be used for various applications such as secure data sharing between vehicles, sending road information to vehicles, traffic controlling and reducing road accidents, also primary types of these networks are implemented in some systems such as “Waze” and “Balad”. On the other hand, if the security requirments are not provide in these networks, attackers can use this network to cause disruptions in this network, including intentional accidents, so providing security requirements in these networks seems necessary. Data authentication and preserving privacy of the... 

Voting has been considered as one of the principal of democracy which by this, people can announce their convictions and ideas officially. E-voting is a method of online voting based on cryptographic mechanisms. E-voting schemes by keeping voters' privacy safe and providing security requirement same as verifiability, fairness, coercion resistance, receipt freeness, undeniability, and eligibility has been noticed in recent years. Security of many presenting schemes is based on existence of trusted third party that plays an important role in process of getting and counting votes. Also, some of security problems which are in this scheme, originated from centralization and generic trust of third... 

Nowdays, because of the promotion and developments of Information technology (IT) and the need for powerful resources for computation and storage, we are the witness of migration from existing computing schemes to the cloud computing and cloud storage environment. As a result, we can see that the client and the IT users are the beneficiaries of the services which are provided by the existing cloud providers. However, the cloud providers are not usually fully trusted and we need to protect the privacy of our sensitive documents. In this case, we should use cryptographic primitives to encrypt our data before outsourcing to the cloud. Searchable encryption and attribute based encryption are two... 

Cloud storage provides an accessible and cheap space for data storage. There is usually no trust between users and the Cloud. Consequently, to maintain confidentiality, outsourcing and storing sensitive data in an encrypted form is necessary. In applications where data sharing between several users is required, ciphertext-policy attribute-based encryption(CP-ABE) has been considered a promising solution, but the lack of efficiency and flexibility limits its usage in applications such as IoT. These problems are usually related to both the underlying structure and the required peripheral processes, such as key revocation. In this thesis, two schemes with the same basic structure and different... 

A major goal in image steganography is to preserve the statistical properties of the host image to thwart statistical based steganalysis. However, most steganography methods introduce some distortions into the host signal’s statistical properties that have been used, as a certain indication of manipulation of the signal, by steganalysis algorithms. In order to overcome such a methodical vulnerability, a new generation of data hiding algorithms has been proposed in the literature to preserve histogram of the host signal. In this thesis we present a novel image steganographic technique to preserve one-dimensional and two-dimensional histograms of the host image. Experimental results show that... 

According to the development of communication, cryptography has become a vital issue. Several algorithms have been introduced for cryptography applications. Stream ciphers are such algorithms with high speed and appropriate efficiency. Lots of attacks have been applied to stream ciphers. We concentrate on two kinds of attacks in this thesis. Distinguishing attack is a general attack in which the attacker tries to distinguish the observed output sequence from random. Designers apply this kind of attack to test the statistical probabilities of the output sequence. We applied this attack on Grain family and Trivium family. In the proposed attack, nonlinear parts are replaced with linear ones.... 

Stream ciphers are cryptographic schemes being widely used in communications as a means of providing security of data. Hence, scrutinizing their level of security against different cryptanalytic methods has obviously turned to be of great importance. Randomness of the keystream is an important requirement for stream ciphers. The cipher should be designed in such a way that the keystream is free of any statistical biases that would let attackers distinguish it from a random sequence. A distinguishing attack on a stream cipher is one that determines whether a given stream of symbols is a truly random sequence or generated by a specific cipher with an unknown key. In this thesis, we focus on... 

The goal of authenticated encryption is to ensure confidentiality, integrity and authenti-cation of the messages simultaneously. The anouncement of CAESAR comptetition has attracted esearchers’ attention to this branch of symmetric cryptography, since 2014. 57 schemes have been introduced as the first round candidates of this competition, from which 29 where selected as second round candidates. Cryptanalysis of these schemes needs a lot of collective effort. In this thesis after describing preliminaries of authen- ticated encryption, general structure of the schemes and their reported cryptanalysis is reviewed. Then, the details of Pr∅st family of authenticated encryption, which is one of... 

Social networks and the shared data in these networks are always considered as good opportunities in hands of the attackers. To evaluate the privacy risks in these networks and challenge the anonymization techniques, several de-anonymization attacks have been introduced so far. In this thesis, we propose a technique to improve the success rate of passive seed based de-anonymization attacks. Our proposed technique is simple and can be applied in combination with different types of de-anonymization attacks. We show that it can achieve high success rates with low number of seeds compared to similar attacks. Our technique can also be used for applying partial attacks on graphs which results in... 

With regards to the development of modern power systems, Smart Grid (SG) as an intelligent generation of electricity networks has been faced with a tremendous attention. Fine-grained data sharing in SG plays a vital role in efficiently managing data flow in the SG. As this data commonly contains sensitive information, design of the secure and efficient privacy preserving schemes for such networks with plenty of resource constrained devices is one of the most controversial issues. In this paper, we propose a Secure Ciphertext-Policy Attribute-Based SignCryption (CP-ABSC) scheme which simultaneously provides the authenticity and privacy of the users by enforcing an arbitrary access control... 

In RFIDtags application or sensor network for some hardware constraints we can not use all-purpose crypto systems such as AES,DES.In this applications in trade off between security and efficiency considering inherent limitation،we desire to satisfy moderate level of security.In recent years various lightweight algorithm has been designed.Purpose of this thesis is cryptanalysis on MIBS as a lightweight algorithm.This lightweight block cipher with Feistel structure and data length of 64-bit uses key lengths of 64-bit or 80-bit and consists of 32 rounds.Methods of attacks are differential،impossible differential and differential fault.the results of differential and impossible differential... 

In today's world in which a major part of information is digitalized and a large portion of the communication is done via computer networks, entities authentication while maintaining privacy is a concern with the growing importance and value. To meet this goal, during the past two decades, anonymous authentication protocols with different approaches for use in various applications has presented and developed. These protocols enable users to authenticate based on some of their properties, without revealing their own identities. Secret handshake protocols are considered as type of anonymous authentication protocols. This protocol has the unique feature of hiding users' affiliation to the... 

Along with the proliferation of pervasive systems such as RFID systems and sensor networks, the demand for the low-cost, secure-enough primitives has continued to rise. Symmetric-key algorithms especially block ciphers still play an important role as secure ciphers that can be also consistent with the inherent restrictions of pervasive systems. Recently, a lot of block ciphers tailored for these conditions have been designed, such as Present, PrintCipher, Piccolo, and Twine. Biclique attack introduced in AsiaCrypt 2011 is the first and the only method that could break all versions of AES faster than brute-force attack in the single key model. Afterwards, the efficiency of this attack on some... 

Due to the ever-increasing growth of the ubiquitous computing systems such as RFID, IoT, etc. and their important security concerns specially in the domain of user’s privacy, a great attention from the cryptology community is attracted to the design and analysis of lightweight primitives. Lightweight primitives, including block ciphers, hash functions, stream ciphers, and authenticated encryption schemes, are those ones that are specifically tailored to the devices with extreme limitations in power, area and cost. It is natural that the conventional rules for designing a typical all-purpose primitive can not be used here identically, and designers have to relax the conditions of some...