UWSpace is currently experiencing technical difficulties resulting from its recent migration to a new version of its software. These technical issues are not affecting the submission and browse features of the site. UWaterloo community members may continue submitting items to UWSpace. We apologize for the inconvenience, and are actively working to resolve these technical issues.
 

Classical Authenticated Key Exchange and Quantum Cryptography

Thumbnail Image

Files

20090314_-_Submitted_to_GSO.pdf (2.3 MB)

Date

2009-03-16T20:23:19Z

Authors

Stebila, Douglas

Journal Title

Journal ISSN

Volume Title

Publisher

University of Waterloo

Abstract

Cryptography plays an integral role in secure communication and is usually the strongest link in the chain of security. Yet security problems abound in electronic communication: spyware, phishing, denial of service, and side-channel attacks are still major concerns. The main goal in this thesis is to consider how cryptographic techniques can be extended to offer greater defence against these non-traditional security threats. In the first part of this thesis, we consider problems in classical cryptography. We introduce multi-factor password-authenticated key exchange which allows secure authentication and key agreement based on multiple short secrets, such as a long-term password and a one-time response; it can provide an enhanced level of assurance in higher security scenarios because a multi-factor protocol is designed to remain secure even if all but one of the factors has been compromised due to attacks such as phishing or spyware. Next, we consider the integration of denial of service countermeasures with key exchange protocols: by introducing a formal model for denial of service resilience that complements the extended Canetti-Krawczyk model for secure key agreement, we cover a wide range of existing denial of service attacks and prevent them by carefully using client puzzles. Additionally, we look at how side-channel attacks affect certain types of formulae used in elliptic curve cryptography, and demonstrate that information leaked during field operations such as addition, subtraction, and multiplication can be exploited by an attacker. In the second part of this thesis, we examine cryptography in the quantum setting. We argue that quantum key distribution will have an important role to play in future information security infrastructures and will operate best when integrated with the powerful public key infrastructures that are used today. Finally, we present a new look at quantum money and describe a quantum coin scheme where the coins are not easily counterfeited, are locally verifiable, and can be transferred to another party.

Description

Keywords

cryptography, quantum information

LC Keywords

Citation

URI

http://hdl.handle.net/10012/4295

Collections

Theses
Combinatorics and Optimization