| LDR | | 00000nam u2200205 4500 |
| 001 | | 000000432214 |
| 005 | | 20200224115000 |
| 008 | | 200131s2019 ||||||||||||||||| ||eng d |
| 020 | |
▼a 9781088366653 |
| 035 | |
▼a (MiAaPQ)AAI13896240 |
| 040 | |
▼a MiAaPQ
▼c MiAaPQ
▼d 247004 |
| 082 | 0 |
▼a 004 |
| 100 | 1 |
▼a Valenta, Luke. |
| 245 | 10 |
▼a Measuring and Securing Cryptographic Deployments. |
| 260 | |
▼a [S.l.]:
▼b University of Pennsylvania.,
▼c 2019. |
| 260 | 1 |
▼a Ann Arbor:
▼b ProQuest Dissertations & Theses,
▼c 2019. |
| 300 | |
▼a 272 p. |
| 500 | |
▼a Source: Dissertations Abstracts International, Volume: 81-05, Section: B. |
| 500 | |
▼a Advisor: Heninger, Nadia. |
| 502 | 1 |
▼a Thesis (Ph.D.)--University of Pennsylvania, 2019. |
| 506 | |
▼a This item must not be sold to any third party vendors. |
| 520 | |
▼a This dissertation examines security vulnerabilities that arise due to communication failures and incentive mismatches along the path from cryptographic algorithm design to eventual deployment. I present six case studies demonstrating vulnerabilities in real-world cryptographic deployments. I also provide a framework with which to analyze the root cause of cryptographic vulnerabilities by characterizing them as failures in four key stages of the deployment process: algorithm design and cryptanalysis, standardization, implementation, and endpoint deployment. Each stage of this process is error-prone and influenced by various external factors, the incentives of which are not always aligned with security. I validate the framework by applying it to the six presented case studies, tracing each vulnerability back to communication failures or incentive mismatches in the deployment process.To curate these case studies, I develop novel techniques to measure both existing and new cryptographic attacks, and demonstrate the widespread impact of these attacks on real-world systems through measurement and cryptanalysis. While I do not claim that all cryptographic vulnerabilities can be described with this framework, I present a non-trivial (in fact substantial) number of case studies demonstrating that this framework characterizes the root cause of failures in a diverse set of cryptographic deployments. |
| 590 | |
▼a School code: 0175. |
| 650 | 4 |
▼a Computer science. |
| 690 | |
▼a 0984 |
| 710 | 20 |
▼a University of Pennsylvania.
▼b Computer and Information Science. |
| 773 | 0 |
▼t Dissertations Abstracts International
▼g 81-05B. |
| 773 | |
▼t Dissertation Abstract International |
| 790 | |
▼a 0175 |
| 791 | |
▼a Ph.D. |
| 792 | |
▼a 2019 |
| 793 | |
▼a English |
| 856 | 40 |
▼u http://www.riss.kr/pdu/ddodLink.do?id=T15491686
▼n KERIS
▼z 이 자료의 원문은 한국교육학술정보원에서 제공합니다. |
| 980 | |
▼a 202002
▼f 2020 |
| 990 | |
▼a ***1008102 |
| 991 | |
▼a E-BOOK |