Good news! The PRISM website is available for submissions. The planned data migration to the Scholaris server has been successfully completed. We’d love to hear your feedback at openservices@ucalgary.libanswers.com
 

Randy: A Secure One-Time Pad Cryptosystem for Communication in Extreme Adversarial Settings

Files

ucalgary_2024_pakbaz_amirhossein.pdf (1.51 MB)

Date

2024-01-02

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Most modern encryption schemes provide security contingent on one or more conjected but unproven computational hardness assumptions, implying that future algorithmic and technological advances might render existing ciphertexts insecure. The security guarantees of the venerable one-time pad (OTP) encryption scheme, by contrast, are information-theoretic and wholly unconditioned on unproven assumptions. Yet, despite the allure of ``unconditional'' security, sampling and managing the required randomness is so fraught that practitioners rarely employ OTP encryption in the wild---even in scenarios where long-term secrecy is paramount. Randy is an architecture and protocol suite that provides passphrase-authenticated and OTP-encrypted sockets suitable for communicating securely in ultrahigh-stakes adversarial environments where the adversary is assumed to be computationally unbounded. The Randy architecture centers around a shared randomness pool stored on a securely deletable storage device. This thesis aims to enhance the security and reliability of Randy's model through a comprehensive analysis. The existing model is thoroughly examined to identify weaknesses and vulnerabilities, which serve as the foundation for further improvements. To address these identified weaknesses, a secure and reliable synchronization scheme is proposed to ensure the security of the cryptosystem. Additionally, we introduce various techniques to manage and reduce randomness exhaustion in Randy. These techniques aim to improve the availability of the system by preserving the padding materials. Finally, we implement our design as a Linux kernel module that allows existing applications to seamlessly use Randy to provide unconditionally secure mutual authentication, message integrity, and secrecy for all messages. This implementation showcases the practicality of the model and highlights its security and functionality features. We analyze the security of our design and present empirical measurements from a prototype implementation thereof.

Description

Keywords

One-Time Pad, Security, OTP Encryption, Privacy

Citation

Pakbaz, A. (2023). Randy: a secure one-time pad cryptosystem for communication in extreme adversarial settings (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca.

URI

https://hdl.handle.net/1880/117842
 https://doi.org/10.11575/PRISM/42685

Collections

Open Theses and Dissertations

Powered by

Libraries & Cultural Resources

Start Something.

University of Calgary
2500 University Drive NW
Calgary Alberta T2N 1N4
CANADA

Copyright © 2023

The University of Calgary, located in the heart of Southern Alberta, both acknowledges and pays tribute to the traditional territories of the peoples of Treaty 7, which include the Blackfoot Confederacy (comprised of the Siksika, the Piikani, and the Kainai First Nations), the Tsuut’ina First Nation, and the Stoney Nakoda (including Chiniki, Bearspaw, and Goodstoney First Nations). The City of Calgary is also home to the Métis Nation of Alberta (Districts 5 and 6).

The University of Calgary is situated on land Northwest of where the Bow River meets the Elbow River, a site traditionally known as Moh’kins’tsis to the Blackfoot, Wîchîspa to the Stoney Nakoda, and Guts’ists’i to the Tsuut’ina. On this land and in this place we strive to learn together, walk together, and grow together “in a good way.”