Academic literature on the topic 'AES-CCMP'

In the existing epoch, the cloud-IoT integrated distributive computing is earning very high attractiveness because of its immense characteristics which can be divided into two categories namely essential and common characteristics. The essential characteristics of cloud-IoT computing are demand dependent like broad network access, self-service, resource pooling, and speedy elastic nature. The common characteristics of cloud-IoT computing are homogeneity, massive scale, virtualization, resilient computing, low cost software availability, service orientation, geographic independent computation, and advanced safety availability. The cloud-IoT dependent internetworked distributive computation is internet based computation environment in which infrastructure, application software, and various similar / dissimilar platforms are accessible in the cloud and the end users (businessman, developers) have the right to use it as the client. Cloud is a step from Utility Computing and several industries / companies are frequently using cloud based systems in their day-to-day work. Therefore, safety issues and challenges of cloud computing cannot be avoided in the current era. Hence, the researchers must develop high order authentication protocols for preventing the safety threats of cloud based data communication systems.. The proposed CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) based management of cloud-IoT integrated information is a two phase authenticated encoding (AE) mechanism. The first phase is worn for executing privacy computations, and the second phase is used for computing validation and truthfulness. Here, both the cycles use same encoding technique. It is well known to us that the CCM/CCMP is an amalgamation of two forms namely AES counter form and CBC- MAC (cipher-block-chain message authentication code) protocol form. The counter form is worn to carry out encoding which guarantees data privacy whereas CBCMAC is worn to attain data legitimacy and reliability. In this investigation work the author has investigated and critically analyzed the CCMP dependent safe Cloud-IoT integrated distributive mechanism for data / information management. The proposed approach further improves the overall security and performance of cloud-IoT integrated computing networks. Further, the author has solved the challenges of cloud-IoT computing by studying and analyzing major cloud-IoT computing safety concerns, and safety threats which are expected in future generation cloud computing systems. In this paper, the author has proposed CCMP & CBC-HMAC (Cipher-Block-Chain key Hash-MessageAuthentication-Code) encoding protocol can be efficiently used for providing information safety and preventing various attacks when the data is being transferred between the Cloud and a local network. The prevention mechanism for unauthorized access of data within the cloud is also presented whose performance is highly satisfactory. A secure and flexible framework to support self-organize and self register of consumer’s information in to the cloud network is designed and tested. The testing results of proposed analysis provides us very clear evidences that the PRF of CCMP is a superior and secure in contrast to that of CBC-HMAC.

This work deals with wireless standard 802.11, primaly about security algorithms used in them. Further there is made analysis of algorithms WEP, WPA and WPA2. This algorithms are described how coding by them works and for easier understandig are added block schemes of their principles. In practical part is realized algorithms WEP, WPA and WPA2 in program Matlab simulink. Model is complemented by graphs which shows how data changes when comming throught this systems.

The master's thesis deals with the issue of Wireless Local Area Network (WLAN) from the viewpoint of the security and functional principle of security mechanisms. The transition to the issue concerning the security is accompanied by the methods of wireless data transmission operating on the level of physical layer (FHSS, DSSS, OFDM, MIMO), which is followed by the summary of individual 802.11 standards. The next part deals with the issue of shared transmission medium (CSMA/CA), influence of interference and correcting mechanisms (RTS/CTS). Within the security, the principles of the authentication along with the commonly used methods of security (WEP, WPA, WPA2) are described in detail. The first part concerning security deals with the security in the form of the WEP protocol, which is considered insufficient nowadays and points out the imperfect implementation and the consequent risks. The following part describes the security in the form of WPA which eliminates the implementation weaknesses of the previous WEP security protocol. The description of commonly used mechanisms of authentication (PSK, 802.1x), required temporary key management (PTK, GTK), data integrity (MIC) and encryption which uses TKIP protocol are also included. The last part, possible WLAN security, is aimed at the full support of 802.11i standard, which is called WPA2 (sometimes RSN). That part describes the basic encryption security element CCMP, which is based on the AES block cipher modes. The practical part of the thesis deals with the security verification of current wireless networks. In the process of verification the accessible HW means and programming tools of Open Source Software (OSS) are used. By means of verification it has been pointed out that there are possible security risks resulting from the security method which has been used. Also several recommendations how to reduce the security risks of the used method to minimum are mentioned.

Master thesis focuses on wireless network security. The thesis is divided in two parts. First part describes today’s used standards and their components, topology and security methods as stealth SSID, MAC addresses filtration, WEP, WPA and WPA2. The last three methods are described in detail. In second part there are realized attacks on above described methods of security. There are described attacks on WEP as KoreK chopchop attack, fragment attack, attack FMS, KoreK and attack PTW. Then is described the dictionary attack on passphrase by WPA/WPA2 with PreShared Key authentication obtaining, precomputed hash tables for faster passphrase finding and for using more core procesors during dictionary browsing. The last attack describes obtaining of keystream used for encrypting of frames by WPATKIP and then sending custom data to client. It is described how to carry out each attack and how to protect against them.

Τα ασύρματα δίκτυα που βασίζονται στο πρότυπο ΙΕΕΕ 802.11 είναι σήμερα από τα πλέον δημοφιλή παγκοσμίως. Παρόλη την ευρεία διάδοσή τους υπάρχει σημαντικό πρόβλημα όσον αφορά την ασφάλεια των δεδομένων που διακινούνται εντός του δικτύου. Αρχικά, στο πρότυπο οριζόταν μία μόνο μέθοδος για την ασφάλεια των πληροφοριών, που ονομάζεται WEP (Wired Equivalent Privacy) και βασίζεται στον αλγόριθμο κρυπτογράφησης RC4. Ήδη από το 2000 το WEP έχει αποδειχθεί ανεπαρκές και οι προσπάθειες για την αύξηση του επιπέδου της ασφάλειας οδήγησαν πρόσφατα στο πρότυπο ΙΕΕΕ 802.11i. Το πρότυπο ορίζει μία νέα μέθοδο, που εγγυάται την ασφάλεια των δεδομένων στο MAC επίπεδο. Ονoμάζεται CCMP και βασίζεται στον αλγόριθμο κρυπτογράφησης AES (Advanced Encryption Standard). Το CCMP παρέχει εμπιστευτικότητα (confidentiality), επικύρωση (authentication), ακεραιότητα (integrity) και προστασία από την επανάληψη πακέτων (replay protection). Βασίζεται στη χρήση του αλγόριθμου κρυπτογράφησης AES σε κατάσταση λειτουργίας CCM. Το CCM συνδυάζει την κατάσταση λειτουργίας CTR (Counter mode) για εμπιστευτικότητα και την CBC (Cipher Block Chaining mode) για επικύρωση και ακεραιότητα. Το CCM προστατεύει την ακεραιότητα τόσο των δεδομένων του πακέτου, όσο και συγκεκριμένων τμημάτων της επικεφαλίδας του πακέτου. Η επεξεργασία που γίνεται στο CCMP από τον αλγόριθμο AES χρησιμοποιεί μέγεθος κλειδιού 128-bit και μέγεθος μπλοκ 128-bit. Μετά την επεξεργασία από το CCMP το μέγεθος του πακέτου έχει επεκταθεί κατά 16 bytes, 8 bytes για την επικεφαλίδα του CCMP και 8 bytes για την ψηφιακή υπογραφή MIC (Message Integrity Code). Τα δεδομένα του πακέτου και το MIC μεταδίδονται κρυπτογραφημένα, αφού προστεθεί η αρχική επικεφαλίδα του πακέτου και η επικεφαλίδα του CCMP. Στα πλαίσια της διπλωματικής μελετήθηκαν διάφορες αρχιτεκτονικές για την υλοποίηση του συστήματος κρυπτογράφησης/αποκρυπτογράφησης σύμφωνα με το CCMP. Οι αρχιτεκτονικές αυτές παρουσιάζουν διαφορετικά χαρακτηριστικά όσον αφορά την επιφάνεια, την ταχύτητα λειτουργίας και το συνολικό throughput. Η υλοποίηση και ο έλεγχος ορθής λειτουργίας των σχεδιασμών έγινε σε τεχνολογία FPGA Spartan-3 της εταιρίας Xilinx.
Today, wireless networks IEEE 802.11 are very popular. Despite their worldwide deployment there is significant problem, as far as the security of the data exchanged through the network, is concerned. Initially, there was only one method defined for the security of information, called WEP (Wired Equivalent Privacy). WEP is based on the RC4 encryption algorithm. It is proven, since 2000, that WEP provides insufficient security and recent research efforts in the direction of a more secure solution have led to IEEE 802.11i standard. A new method, applied in the MAC layer, which provides a higher level of security, is defined in this standard. This method is called CCMP and is based on the AES encryption algorithm (Advanced Encryption Standard). CCMP provides confidentiality, authentication, integrity check and replay protection. It uses AES in the CCM mode of operation. CCM combines the CTR (Counter) and CBC (Cipher Block Chaining) modes of operation, for confidentiality and authentication/integrity, respectively. CCM protects the integrity of plaintext data, as well as selected portions of the IEEE MAC header. CCMP processing uses AES with 128-bit encryption key and 128-bit block size. CCMP extends the original packet size by 16 bytes; 8 bytes for the CCMP header and 8 bytes for the digital signature called MIC (Message Integrity Code). Plaintext data and MIC are encrypted and the original MAC header, as well as the CCMP header is included in the packet before transmission. Various architectures for the implementation of an encryption/decryption system based on CCMP were studied. These architectures have different characteristics concerning area overhead, minimum clock period and overall throughput. Circuits were implemented and verified using Xilinx’s Spartan-3 FPGA technology.

Η αυξανόμενη χρήση ασύρματων συσκευών προωθεί την υλοποίηση WLANs, διευκολύνοντας τον χρήστη να έχει πρόσβαση στις πηγές του δικτύου οποιαδήποτε στιγμή και από οποιοδήποτε σημείο. Όμως, ένα από τα προβλήματα που εισάγει η ασύρματη επικοινωνία είναι η ασφάλεια των μεταδιδόμενων δεδομένων όσον αφορά το ασύρματο κομμάτι της σύνδεσης, δηλαδή μεταξύ χρήστη και σημείου πρόσβασης ή μεταξύ δύο χρηστών. Το νεότερο πρωτόκολλο προστασίας που διευθετεί το θέμα της ασφάλειας είναι το IEEE 802.11i. Σκοπός αυτής της διπλωματικής εργασίας είναι η μελέτη και η υλοποίηση του μηχανισμού κρυπτογράφησης του πρωτοκόλλου CCMP σε γλώσσα περιγραφής υλικού VHDL, που αποτελεί το κύριο πρωτόκολλο προστασίας δεδομένων που ορίζει το πρωτόκολλο IEEE 802.11i.
The growing use of wireless applications boosts the evolution of WLANs, so that the user can have full access to the net sources regardless time and place. However, one of the biggest issues of wireless communications is the safety of the transported data between the station and the Access Point or between the two stations. IEEE 802.11i is the recent protocol for protection in WLANs. The goals of this thesis are the study and the development of the cryptographic protocol CCMP in VHDL. CCMP is the mandatory cryptographic protocol defined in IEEE 802.11i.