112 Matching Results

Search Results

Advanced search parameters have been applied.

Provably-Secure Authenticated Group Diffie-Hellman KeyExchange

Description: Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.
Date: January 1, 2007
Creator: Bresson, Emmanuel; Chevassut, Olivier & Pointcheval, David
Partner: UNT Libraries Government Documents Department

Cryptography, quantum computation and trapped ions

Description: The significance of quantum computation for cryptography is discussed. Following a brief survey of the requirements for quantum computational hardware, an overview of the ion trap quantum computation project at Los Alamos is presented. The physical limitations to quantum computation with trapped ions are analyzed and an assessment of the computational potential of the technology is made.
Date: March 1, 1998
Creator: Hughes, Richard J.
Partner: UNT Libraries Government Documents Department

Mathematical analysis of deception.

Description: This report describes the results of a three year research project about the use of deception in information protection. The work involved a collaboration between Sandia employees and students in the Center for Cyber Defenders (CCD) and at the University of California at Davis. This report includes a review of the history of deception, a discussion of some cognitive issues, an overview of previous work in deception, the results of experiments on the effects of deception on an attacker, and a mathematical model of error types associated with deception in computer systems.
Date: October 1, 2003
Creator: Rogers, Deanna Tamae Koike (University of California at Davis, Davis, CA) & Durgin, Nancy Ann
Partner: UNT Libraries Government Documents Department

Los Alamos National Laboratory Facilities, Security and Safeguards Division, Safeguards and Security Program Office, Protective Force Oversight Program

Description: The purpose of this document is to identify and describe the duties and responsibilities of Facility Security and Safeguards (FSS) Safeguards and Security (SS) organizations (groups/offices) with oversight functions over the Protection Force (PF) subcontractor. Responsible organizations will continue their present PF oversight functions under the Cost Plus Award Fee (CPAF) assessment, but now will be required to also coordinate, integrate, and interface with other FSS S and S organizations and with the PF subcontractor to measure performance, assess Department of Energy (DOE) compliance, reduce costs, and minimize duplication of effort. The role of the PF subcontractor is to provide the Laboratory with effective and efficient protective force services. PF services include providing protection for the special nuclear material, government property and classified or sensitive information developed and/or consigned to the Laboratory, as well as protection for personnel who work or participate in laboratory activities. FSS S and S oversight of both performance and compliance standards/metrics is essential for these PF objectives to be met.
Date: November 30, 1995
Partner: UNT Libraries Government Documents Department

LANL Safeguards and Security Assurance Program. Revision 6

Description: The Safeguards and Security (S and S) Assurance Program provides a continuous quality improvement approach to ensure effective, compliant S and S program implementation throughout the Los Alamos National Laboratory. Any issues identified through the various internal and external assessments are documented, tracked and closed using the Safeguards and Security Issue Management Program. The Laboratory utilizes an integrated S and S systems approach to protect US Department of Energy (DOE) interests from theft or diversion of special nuclear material (SNM), sabotage, espionage, loss or theft of classified/controlled matter or government property, and other hostile acts that may cause unacceptable impacts on national security, health and safety of employees and the public, and the environment. This document explains the basis, scope, and conduct of the S and S process to include: self-assessments, issue management, risk assessment, and root cause analysis. It also provides a discussion of S and S topical areas, roles and responsibilities, process flow charts, minimum requirements, methodology, terms, and forms.
Date: April 3, 1995
Partner: UNT Libraries Government Documents Department

Performance Impacts of Lower-Layer Cryptographic Methods in Mobile Wireless Ad Hoc Networks

Description: In high consequence systems, all layers of the protocol stack need security features. If network and data-link layer control messages are not secured, a network may be open to adversarial manipulation. The open nature of the wireless channel makes mobile wireless mobile ad hoc networks (MANETs) especially vulnerable to control plane manipulation. The objective of this research is to investigate MANET performance issues when cryptographic processing delays are applied at the data-link layer. The results of analysis are combined with modeling and simulation experiments to show that network performance in MANETs is highly sensitive to the cryptographic overhead.
Date: October 1, 2002
Partner: UNT Libraries Government Documents Department

Dynamic Group Diffie-Hellman Key Exchange under standard assumptions

Description: Authenticated Diffie-Hellman key exchange allows two principals communicating over a public network, and each holding public-private keys, to agree on a shared secret value. In this paper we study the natural extension of this cryptographic problem to a group of principals. We begin from existing formal security models and refine them to incorporate major missing details (e.g., strong-corruption and concurrent sessions). Within this model we define the execution of a protocol for authenticated dynamic group Diffie-Hellman and show that it is provably secure under the decisional Diffie-Hellman assumption. Our security result holds in the standard model and thus provides better security guarantees than previously published results in the random oracle model.
Date: February 14, 2002
Creator: Bresson, Emmanuel; Chevassut, Olivier & Pointcheval, David
Partner: UNT Libraries Government Documents Department

A suggested approach to applying IAEA safeguards to plutonium in weapons components

Description: It is the announced policy of the United States to make fissile material removed from its nuclear weapons stockpile subject to the US-IAEA voluntary safeguards agreement. Much of this material is plutonium in the form of pits. The application of traditional IAEA safeguards would reveal Restricted Data to unauthorized persons which is prohibited by US law and international treaties. Prior to the availability of a facility for the conversion of the plutonium in the pits to a non-sensitive form this obvious long-term solution to the problem is foreclosed. An alternative near-term approach to applying IAEA safeguards while preserving the necessary degree of confidentiality is required. This paper identifies such an approach. It presents in detail the form of the US declaration; the safeguards objectives which are met; inspection techniques which are utilized and the conclusion which the IAEA could reach concerning the contents of each item and the aggregate of all items. The approach would reveal the number of containers and the aggregate mass of plutonium in a set of n containers presented to the IAEA for verification while protecting data of the isotopic composition and plutonium mass of individual components. The suggested approach provides for traceability from the time the containers are sealed until the conversion of the plutonium to a non-sensitive form.
Date: August 1, 1998
Creator: Lu, M.S. & Allentuck, J.
Partner: UNT Libraries Government Documents Department

Modular redundant number systems

Description: With the increased use of public key cryptography, faster modular multiplication has become an important cryptographic issue. Almost all public key cryptography, including most elliptic curve systems, use modular multiplication. Modular multiplication, particularly for the large public key modulii, is very slow. Increasing the speed of modular multiplication is almost synonymous with increasing the speed of public key cryptography. There are two parts to modular multiplication: multiplication and modular reduction. Though there are fast methods for multiplying and fast methods for doing modular reduction, they do not mix well. Most fast techniques require integers to be in a special form. These special forms are not related and converting from one form to another is more costly than using the standard techniques. To this date it has been better to use the fast modular reduction technique coupled with standard multiplication. Standard modular reduction is much more costly than standard multiplication. Fast modular reduction (Montgomery`s method) reduces the reduction cost to approximately that of a standard multiply. Of the fast multiplication techniques, the redundant number system technique (RNS) is one of the most popular. It is simple, converting a large convolution (multiply) into many smaller independent ones. Not only do redundant number systems increase speed, but the independent parts allow for parallelization. RNS form implies working modulo another constant. Depending on the relationship between these two constants; reduction OR division may be possible, but not both. This paper describes a new technique using ideas from both Montgomery`s method and RNS. It avoids the formula problem and allows fast reduction and multiplication. Since RNS form is used throughout, it also allows the entire process to be parallelized.
Date: May 31, 1998
Partner: UNT Libraries Government Documents Department

Cryptography and the Internet: lessons and challenges

Description: The popularization of the Internet has brought fundamental changes to the world, because it allows a universal method of communication between computers. This carries enormous benefits with it, but also raises many security considerations. Cryptography is a fundamental technology used to provide security of computer networks, and there is currently a widespread engineering effort to incorporate cryptography into various aspects of the Internet. The system-level engineering required to provide security services for the Internet carries some important lessons for researchers whose study is focused on narrowly defined problems. It also offers challenges to the cryptographic research community by raising new questions not adequately addressed by the existing body of knowledge. This paper attempts to summarize some of these lessons and challenges for the cryptographic research community.
Date: December 31, 1996
Creator: McCurley, K.S.
Partner: UNT Libraries Government Documents Department

Information barriers in the trilateral initiative: Conceptual description

Description: In this paper the authors attempt to define the structure and requirements (both in hardware and software) of an information barrier (IB) for the trilateral initiative. This IB concept will be employed in the radiation measurement instrument(s) used for attribute verification of excess fissile materials offered for international safeguarding. In this paper, they will specifically not attempt to present a list of solutions to the problems, but instead, concentrate on generating a thorough discussion of the goals and problems themselves. In some cases they have presented potential solutions; these discussions are meant as illustrations of the types of systems required and are not intended as endorsements of any particular solution.
Date: November 1, 1998
Creator: Whiteson, R. & MacArthur, D.W.
Partner: UNT Libraries Government Documents Department

Approximate Public Key Authentication with Information Hiding

Description: This paper describes a solution for the problem of authenticating the shapes of statistically variant gamma spectra while simultaneously concealing the shapes and magnitudes of the sensitive spectra. The shape of a spectrum is given by the relative magnitudes and positions of the individual spectral elements. Class-specific linear orthonormal transformations of the measured spectra are used to produce output that meet both the authentication and concealment requirements. For purposes of concealment, the n-dimensional gamma spectra are transformed into n-dimensional output spectra that are effectively indistinguishable from Gaussian white noise (independent of the class). In addition, the proposed transformations are such that statistical authentication metrics computed on the transformed spectra are identical to those computed on the original spectra.
Date: October 1, 2000
Creator: Thomas, Edward V. & Draelos, Timothy J.
Partner: UNT Libraries Government Documents Department

The ASCI Network for SC '98: Dense Wave Division Multiplexing for Distributed and Distance Computing

Description: This document highlights the DISCOM's Distance computing and communication team activities at the 1998 Supercomputing conference in Orlando, Florida. This conference is sponsored by the IEEE and ACM. Sandia National Laboratories, Lawrence Livermore National Laboratory, and Los Alamos National Laboratory have participated in this conference for ten years. For the last three years, the three laboratories have a joint booth at the conference under the DOE's ASCI, Accelerated Strategic Computing Initiatives. The DISCOM communication team uses the forum to demonstrate and focus communications and networking developments. At SC '98, DISCOM demonstrated the capabilities of Dense Wave Division Multiplexing. We exhibited an OC48 ATM encryptor. We also coordinated the other networking activities within the booth. This paper documents those accomplishments, discusses the details of their implementation, and describes how these demonstrations support overall strategies in ATM networking.
Date: June 1, 1999
Creator: Adams, R.L.; Butman, W.; Martinez, L.G.; Pratt, T.J. & Vahle, M.O.
Partner: UNT Libraries Government Documents Department

Digitally Marking RSA Moduli

Description: The moduli used in RSA (see [5]) can be generated by many different sources. The generator of that modulus (assuming a single entity generates the modulus) knows its factorization. They would have the ability to forge signatures or break any system based on this moduli. If a moduli and the RSA parameters associated with it were generated by a reputable source, the system would have higher value than if the parameters were generated by an unknown entity. So for tracking, security, confidence and financial reasons it would be beneficial to know who the generator of the RSA modulus was. This is where digital marking comes in. An RSA modulus ia digitally marked, or digitally trade marked, if the generator and other identifying features of the modulus (such as its intended user, the version number, etc.) can be identified and possibly verified by the modulus itself. The basic concept of digitally marking an RSA modulus would be to fix the upper bits of the modulus to this tag. Thus anyone who sees the public modulus can tell who generated the modulus and who the generator believes the intended user/owner of the modulus is.
Date: October 9, 2000
Creator: Johnston, A. M.
Partner: UNT Libraries Government Documents Department


Description: Quantum cryptography is an emerging technology in which two parties may simultaneously generate shared, secret cryptographic key material using the transmission of quantum states of light. The security of these transmissions is based on the inviolability of the laws of quantum mechanics and information-theoretically secure post-processing methods. An adversary can neither successfully tap the quantum transmissions, nor evade detection, owing to Heisenberg's uncertainty principle. In this paper we describe the theory of quantum cryptography, and the most recent results from our experimental free-space system with which we have demonstrated for the first time the feasibility of quantum key generation over a point-to-point outdoor atmospheric path in daylight. We achieved a transmission distance of 0.5 km, which was limited only by the length of the test range. Our results provide strong evidence that cryptographic key material could be generated on demand between a ground station and a satellite (or between two satellites), allowing a satellite to be securely re-keyed on orbit. We present a feasibility analysis of surface-to-satellite quantum key generation.
Date: January 1, 2000
Creator: Hughes, R.J. & Buttler, W.T.
Partner: UNT Libraries Government Documents Department

A DES ASIC Suitable for Network Encryption at 10 Gbps and Beyond

Description: The Sandia National Laboratories (SNL) Data Encryption Standard (DES) Application Specific Integrated Circuit (ASIC) is the fastest known implementation of the DES algorithm as defined in the Federal Information Processing Standards (FIPS) Publication 46-2. DES is used for protecting data by cryptographic means. The SNL DES ASIC, over 10 times faster than other currently available DES chips, is a high-speed, filly pipelined implementation offering encryption, decryption, unique key input, or algorithm bypassing on each clock cycle. Operating beyond 105 MHz on 64 bit words, this device is capable of data throughputs greater than 6.7 Billion bits per second (tester limited). Simulations predict proper operation up to 9.28 Billion bits per second. In low frequency, low data rate applications, the ASIC consumes less that one milliwatt of power. The device has features for passing control signals synchronized to throughput data. Three SNL DES ASICS may be easily cascaded to provide the much greater security of triple-key, triple-DES.
Date: April 30, 1999
Creator: Gass, Karl; Pierson, Lyndon G.; Robertson, Perry J.; Wilcox, D. Craig & Witzke, Edward L.
Partner: UNT Libraries Government Documents Department

Low-Power Public Key Cryptography

Description: This report presents research on public key, digital signature algorithms for cryptographic authentication in low-powered, low-computation environments. We assessed algorithms for suitability based on their signature size, and computation and storage requirements. We evaluated a variety of general purpose and special purpose computing platforms to address issues such as memory, voltage requirements, and special functionality for low-powered applications. In addition, we examined custom design platforms. We found that a custom design offers the most flexibility and can be optimized for specific algorithms. Furthermore, the entire platform can exist on a single Application Specific Integrated Circuit (ASIC) or can be integrated with commercially available components to produce the desired computing platform.
Date: November 1, 2000
Partner: UNT Libraries Government Documents Department

Security guide for subcontractors

Description: This security guide of the Department of Energy covers contractor and subcontractor access to DOE and Mound facilities. The topics of the security guide include responsibilities, physical barriers, personnel identification system, personnel and vehicular access controls, classified document control, protecting classified matter in use, storing classified matter repository combinations, violations, security education clearance terminations, security infractions, classified information nondisclosure agreement, personnel security clearances, visitor control, travel to communist-controlled or sensitive countries, shipment security, and surreptitious listening devices.
Date: January 1, 1991
Creator: Adams, R.C.
Partner: UNT Libraries Government Documents Department

The group Diffie-Hellman problems

Description: In this paper they study generalizations of the Diffie-Hellman problems recently used to construct cryptographic schemes for practical purposes. The Group Computational and the Group Decisional Diffie-Hellman assumptions not only enable one to construct efficient pseudo-random functions but also to naturally extend the Diffie-Hellman protocol to allow more than two parties to agree on a secret key. In this paper they provide results that add to their confidence in the GCDH problem. They reach this aim by showing exact relations among the GCDH, GDDH, CDH and DDH problems.
Date: July 20, 2002
Creator: Bresson, Emmanuel; Chevassut, Olivier & Pointcheval, David
Partner: UNT Libraries Government Documents Department

Steganography: Past, Present, Future

Description: Steganography (a rough Greek translation of the term Steganography is secret writing) has been used in various forms for 2500 years. It has found use in variously in military, diplomatic, personal and intellectual property applications. Briefly stated, steganography is the term applied to any number of processes that will hide a message within an object, where the hidden message will not be apparent to an observer. This paper will explore steganography from its earliest instances through potential future application.
Date: December 1, 2001
Creator: Judge, J C
Partner: UNT Libraries Government Documents Department

Small circuits for cryptography.

Description: This report examines a number of hardware circuit design issues associated with implementing certain functions in FPGA and ASIC technologies. Here we show circuit designs for AES and SHA-1 that have an extremely small hardware footprint, yet show reasonably good performance characteristics as compared to the state of the art designs found in the literature. Our AES performance numbers are fueled by an optimized composite field S-box design for the Stratix chipset. Our SHA-1 designs use register packing and feedback functionalities of the Stratix LE, which reduce the logic element usage by as much as 72% as compared to other SHA-1 designs.
Date: October 1, 2005
Creator: Torgerson, Mark Dolan; Draelos, Timothy John; Schroeppel, Richard Crabtree; Miller, Russell D. & Anderson, William Erik
Partner: UNT Libraries Government Documents Department

Data encryption standard ASIC design and development report.

Description: This document describes the design, fabrication, and testing of the SNL Data Encryption Standard (DES) ASIC. This device was fabricated in Sandia's Microelectronics Development Laboratory using 0.6 {micro}m CMOS technology. The SNL DES ASIC was modeled using VHDL, then simulated, and synthesized using Synopsys, Inc. software and finally IC layout was performed using Compass Design Automation's CAE tools. IC testing was performed by Sandia's Microelectronic Validation Department using a HP 82000 computer aided test system. The device is a single integrated circuit, pipelined realization of DES encryption and decryption capable of throughputs greater than 6.5 Gb/s. Several enhancements accommodate ATM or IP network operation and performance scaling. This design is the latest step in the evolution of DES modules.
Date: October 1, 2003
Creator: Robertson, Perry J.; Pierson, Lyndon George & Witzke, Edward L.
Partner: UNT Libraries Government Documents Department