Internet-wide certificate gathering for cryptanalysis
مقدم أطروحة جامعية
مشرف أطروحة جامعية
الجامعة
جامعة الأخوين
الكلية
كلية الهندسة و العلوم
القسم الأكاديمي
هندسة البرمجيات
دولة الجامعة
المغرب
الدرجة العلمية
ماجستير
تاريخ الدرجة العلمية
2015
الملخص الإنجليزي
In this project, we designed and implemented a system called (X5CA) that collects and analyzes X.509 certificates for the purpose of analysis of weakness in different public keys, such as collisions that are otherwise not possible without the availability of a pool of public keys.
Such effort which yield a global view on key vulnerabilities such as key collisions, among other things.
The X5CA is designed and implemented using best practices approaches to fluently achieve its key objectives which are, (1) The ability to perform large scale crawling of the entire (or part of) web for X509 certificates that are used for establishing TLS secure channels; (2) The ability for expert cryptanalysts to configure and perform various attacks on different X509 certificates; (3) The Ability to run as a high performance distributed system, and (4) The ability to easily allow extensions of the database of attacks.
Last but not least, (5) The ability to stop, start and resume all the component of the system in a synchronized way.
In addition to the previous major objectives, the X5CA was designed and implemented following a sound software development process (2-Tup) giving a great importance to the user requirements, especially user experience, which confers to it industry strength software feature and eases its maintainability.
X5CA was built as a synchronized multi-process multithreaded application in java, using various standard libraries among which libraries for connection to Maple software engine to run the attacks.
Currently X5CA handles attacks on RSA modulus and exponents.
The design and implementation details, together with the initial results are described in this report, and we hope that the time and effort invested in this project will result in a major enhancement of the Internet security.
It is worth mentioning that to validate the system only simple attacks involving pairs of RSA public keys have been executed on the pool of 1,000,000 certificates that were collected using X5CA
التخصصات الرئيسية
تكنولوجيا المعلومات وعلم الحاسوب
عدد الصفحات
201
قائمة المحتويات
Table of contents.
Abstract.
Abstract in Arabic.
Abstract in French.
Chapter One : Introduction.
Chapter Two : Project background and related work.
Chapter Three : Project management methodology adopted : 2TUP.
Chapter Four : Conceptual analysis of the system-functional axis.
Chapter Five : Conceptual analysis of the system-technical axis.
Chapter Six : Implementation axis.
Chapter Seven : Results.
Chapter Eight : Conclusion.
References.
نمط استشهاد جمعية علماء النفس الأمريكية (APA)
Arakiah, Anas. (2015). Internet-wide certificate gathering for cryptanalysis. (Master's theses Theses and Dissertations Master). Al Akhawayn University, Morocco
https://search.emarefa.net/detail/BIM-775453
نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)
Arakiah, Anas. Internet-wide certificate gathering for cryptanalysis. (Master's theses Theses and Dissertations Master). Al Akhawayn University. (2015).
https://search.emarefa.net/detail/BIM-775453
نمط استشهاد الجمعية الطبية الأمريكية (AMA)
Arakiah, Anas. (2015). Internet-wide certificate gathering for cryptanalysis. (Master's theses Theses and Dissertations Master). Al Akhawayn University, Morocco
https://search.emarefa.net/detail/BIM-775453
لغة النص
الإنجليزية
نوع البيانات
رسائل جامعية
رقم السجل
BIM-775453
قاعدة معامل التأثير والاستشهادات المرجعية العربي "ارسيف Arcif"
أضخم قاعدة بيانات عربية للاستشهادات المرجعية للمجلات العلمية المحكمة الصادرة في العالم العربي
تقوم هذه الخدمة بالتحقق من التشابه أو الانتحال في الأبحاث والمقالات العلمية والأطروحات الجامعية والكتب والأبحاث باللغة العربية، وتحديد درجة التشابه أو أصالة الأعمال البحثية وحماية ملكيتها الفكرية. تعرف اكثر