Security analysis of electronic signature applications and test suite study

Ergun, Tamer
Digital signature technology is used widely for security and trust in electronic business and communications. Nowadays it becomes commonly used especially in government agencies. From this point of view, it is crucial to implement correct applications to create and verify digital signatures. CEN (European Commitee for Standardization) has introduced the security requirements for signature applications but neither proposed a PKI model nor implemented a test suite to evaluate the accuracy of signature applications. This is a real necessity, because a signature application has to be hardly tested and the responses of the application to a wide range of wrong scenarios have to be well analyzed. In our thesis we aimed to design a unique PKI model and state whole problematic scenarios both in signature creation and verification and address the lack of such a suite by designing E-Signature Test Suite. E-Signature Test Suite is a set of certificates and signature files created for this aim. We also aimed to solve some security and e fficiency problems derived from validation processes of revocation datas.


Simulation and verification of security attacks on light-weight RFID protocols
Ahmed, Saman; Diker Yücel, Melek; Department of Cryptography (2014)
Radio Frequency Identification (RFID) technology is fast reaching all avenues of application. From retail to warehousing, tracking farm animals to monitoring medicine dosage in human body, traffic control to airport baggage control, it is penetrating all forums and industries and providing ease of deployment and automated visibility and management of inventories which was not possible with traditional barcodes. Along with its superiority over barcodes, RFID systems are also required to be costeffective to b...
Differential factors and differential cryptanalysis of block cipher PRIDE
Doğan, Erol; Özkan Yıldırım, Sevgi; Tezcan, Cihangir; Department of Cyber Security (2017)
Today, IoT devices are used in very critical areas like payment cards, contactless keys and biometric authentication. Moreover, while the number of IoT Technologies increases, cryptographic systems that are optimized for IoT devices that require less cost, less power, and less memory are highly required in today’s industry. Therefore, in recent years several lightweight block ciphers are published to satisfy industry needs. However, there are still more work needed to be sure about the security of these blo...
Slide attack and its applications
Uslu, Erkan; Doğanaksoy, Ali; Uğuz, Muhiddin; Department of Cryptography (2017)
Block ciphers, widely used in cryptography, have been designed to encrypt large amount of data such as public sector services, banking services, Healthcare contributions. With the increment of technological developments, they have also been started to be used for small data in industrial products such as Internet of Things, smart cards, car keys etc. These types of cryptosystems are called as lightweight cryptosystems. Similar to other cryptographic algorithms, the ones used in lightweight systems need to b...
On password-based authenticated key exchange (PAKE) protocols.
Tonga, Meryem; Doğanaksoy, Ali; Department of Cryptography (2020)
Authentication and key agreement protocols play an important role in today’s digital world. Key agreement methods mostly mimic Diffie-Hellman key exchange protocol, but unfortunately they are susceptible to man-in-the-middle attacks. Password based authenticated key exchange (PAKE) protocols promise to handle these key agreement and authentication without requiring existence of certificate authorities or trusted third parties. More importantly, PAKE protocols enable agreement on low-entropy passwords rather...
Homomorphic encryption based on the ring learning with errors (RLWE) problem
Keskinkurt, İrem; Cenk, Murat; Department of Cryptography (2017)
The encryption techniques used to ensure data secrecy have been evolving in compliance with the developments in technology and reforming according to need. Nowadays, the increase in the amount of data that should be stored in encrypted form, has led to the need for encryption schemes that provide both the safety and the efficient usability of data. Homomorphic encryption, which enables the ability to make computations on encrypted data, is seen as one of the solutions that can meet this need. In this thesis...
Citation Formats
T. Ergun, “Security analysis of electronic signature applications and test suite study,” Ph.D. - Doctoral Program, Middle East Technical University, 2013.