상세정보
Export to Refworks부가기능
Measuring and Securing Cryptographic Deployments
상세 프로파일
| 자료유형 | 학위논문 |
|---|---|
| 서명/저자사항 | Measuring and Securing Cryptographic Deployments. |
| 개인저자 | Valenta, Luke. |
| 단체저자명 | University of Pennsylvania. Computer and Information Science. |
| 발행사항 | [S.l.]: University of Pennsylvania., 2019. |
| 발행사항 | Ann Arbor: ProQuest Dissertations & Theses, 2019. |
| 형태사항 | 272 p. |
| 기본자료 저록 | Dissertations Abstracts International 81-05B. Dissertation Abstract International |
| ISBN | 9781088366653 |
| 학위논문주기 | Thesis (Ph.D.)--University of Pennsylvania, 2019. |
| 일반주기 |
Source: Dissertations Abstracts International, Volume: 81-05, Section: B.
Advisor: Heninger, Nadia. |
| 이용제한사항 | This item must not be sold to any third party vendors. |
| 요약 | This dissertation examines security vulnerabilities that arise due to communication failures and incentive mismatches along the path from cryptographic algorithm design to eventual deployment. I present six case studies demonstrating vulnerabilities in real-world cryptographic deployments. I also provide a framework with which to analyze the root cause of cryptographic vulnerabilities by characterizing them as failures in four key stages of the deployment process: algorithm design and cryptanalysis, standardization, implementation, and endpoint deployment. Each stage of this process is error-prone and influenced by various external factors, the incentives of which are not always aligned with security. I validate the framework by applying it to the six presented case studies, tracing each vulnerability back to communication failures or incentive mismatches in the deployment process.To curate these case studies, I develop novel techniques to measure both existing and new cryptographic attacks, and demonstrate the widespread impact of these attacks on real-world systems through measurement and cryptanalysis. While I do not claim that all cryptographic vulnerabilities can be described with this framework, I present a non-trivial (in fact substantial) number of case studies demonstrating that this framework characterizes the root cause of failures in a diverse set of cryptographic deployments. |
| 일반주제명 | Computer science. |
| 언어 | 영어 |
| 바로가기 | 
: 이 자료의 원문은 한국교육학술정보원에서 제공합니다. |
