1 / 22

Analyzing Cryptographic Techniques for Secure Tamper-Correcting Applications

This presentation by Wayne Gartner, an honors student working under AsPro. Helen Ashman, delves into current cryptographic techniques for securing tamper-correcting applications. The study explores methodologies, results, and future work in the field, focusing on hash trees, tamper correcting, cryptography, AES, Blowfish, RSA, and more. It also emphasizes the importance of baselining different techniques, comparing theoretical assumptions with practical implementations, and optimizing performance through parallel computing and visualization tools.

magar
Download Presentation

Analyzing Cryptographic Techniques for Secure Tamper-Correcting Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Wayne Gartner 3rd September 2010 Analysing current generation cryptographic techniques in securing a tamper correcting application

  2. Introductions • Wayne Gartner • Honours Student (2010) • AsPro. Helen Ashman • Supervisor (Security Lab)

  3. Outline of Presentation • Abridged Background Story • Literature Review • Research Contributions • Methodologies • Results • Future Work

  4. Background Story • Current hash techniques can prove tampering has occurred • But can not fix the tampering • Principle: Re-Instate tampered documents using pre-computed hashes • Implementing Binary or Quad Trees

  5. Re-Instating Tampered Documents using pre-computed hashes • Works by breaking document into manageable pieces • Brute Force search for correct hash • Instead of looking for hash of entire document… • Look for the hash of the piece • Implementations include a character and a byte version

  6. The Original Question • What are potential cryptographic techniques that can be implemented to secure the hash communication channel, without imposing unjustifiable overhead to the process?

  7. Literature Summary – Tamper Correcting • Hash Trees: • Ashman (2000); Moss & Ashman (2002); Williams & Emin Gun (2004) • Tamper Correcting: • Hasan & Hassan (2007); Hassine et al. (2009); Cong et al. (2008)

  8. Literature Summary – Cryptography • Attacks: • Giraud (2006); Ren-Junn et al. (2005); Aboud (2009) • Implementations: • Chi-Fend et al. (2003); Liberatori et al. (2007) • Performance analysis: • Nadeem & Javed (2005); Yan & Ming (2009)

  9. Literature Summary – Cryptography • AES: • Sanchez-Avilia & Sanchez-Reillol (2001) • Blowfish: • Tingyuan & Teng (2009); Moussa (2005) • RSA: • Burnett & Paine (2001); Aboud et al. (2008)

  10. Literature Summary • However, little published work has been done in: • Baselining a series of different techniques under set variables • Comparing that data to a practical implementation, and measuring assumed conclusions against actual results.

  11. Research Contributions • Test the Tamper Correcting prototype against different test criteria to determine strengths and challenges • Baseline various different current generation cryptographic techniques under set conditions • Merge the two streams of research, determining performance of both [Tamper correcting and cryptography] in a ‘real world’ application

  12. Methodology • Break testing into smaller cases • Isolate variables • Cryptographic Technique • Key Size • Message Length • Binary or Quad Tree • Each test runs 1,000 times • Mean, Median, High, Low, Standard Deviation

  13. Example Methodology • Purpose of Test: Determine performance speeds of Binary and Quad Tree implementations • Method: Run prototypes with input of the original document at the server side and the 20% tampered document on the client side. • Variables: Length of tampered document can be either 100, 1000 or 10,000 characters in length. • Constant: Document has been 20% Tampered

  14. Results: Binary vs Quad Tree

  15. Results: Cryptographic Tests

  16. Results: Cryptographic Tests

  17. Results: Cryptographic Tests

  18. Results: Application in action

  19. Results: Application in action

  20. Future Work • Research Papers • Baselining of current generation cryptographic techniques • Re-Instating tampered documents using pre-computed hashes proof • Document Tampering as a Stenographic technique

  21. Future Work • Performance Optimisation • Optimised performance of sequential code • Run the code in parallel (Distributed and Cloud computing) • Visualisation Tool

  22. Questions?

More Related