Master Degree / Yüksek Lisans Tezleri

Permanent URI for this collectionhttps://hdl.handle.net/11147/3008

Browse

Filters

2013 - 201952020 - 20223

Settings

Author: search.filters.author.Şahin, Serap

Search Results

Now showing 1 - 8 of 8
  • Master Thesis
    The Realization of a Blockchain-Based E-Voting Solution With a New Consensus Algorithm
    (01. Izmir Institute of Technology, 2022) Karaçay, Mustafa; Şahin, Serap
    Security and transparency issues in the paper-based voting system and technological advances popularized e-voting systems. Many academic research and industrial solutions have recently been proposed, designed, and implemented with a Homomorphic Cryptography Scheme or HTTPS. However, there is a new popular player in the game which is called blockchain technology. This study analyzes the requirements of a welldesigned e-voting system and the technology behind the blockchain, and proposes an e-voting system with a novel consensus algorithm. Different strategies are designed and implemented to satisfy all requirements. First, RSA and Paillier Homomorphic Cryptosystem are applied to meet requirements such as individual verifiability, secrecy, etc. So that no one can modify the vote; however, any voter can verify his/her vote during the whole vote period. Second, different blockchains are used to meet requirements such as eligibility, privacy, authentication, etc. So that the system detects whether the data is coming from an eligible or a non-eligible voter. The system ensures that votes and voters can not be correlated if it is an eligible voter. So, the privacy of eligible voters is always protected. Third, our blockchains ensure Consensus throughout the voting process. Fully replicated, distributed, transparent, and secure blockchains ensure that everything is under control. Fourth, internal control mechanisms are applied to meet requirements such as nonreusability, coercion-resistance, etc. So that eligible voters can cast just one vote within the specified period. The system keeps every sensitive data encrypted so that no one manipulates the results before the vote ends.
  • Master Thesis
    P/Key: Puf Based Second Factor Authentication
    (01. Izmir Institute of Technology, 2022) Uysal, Ertan; Akgün, Mete; Şahin, Serap
    Second-factor authentication mechanisms increase the security of authentication processes by implementing an additional auxiliary layer to a single factor. As a second factor, using one-time passwords (OTP) is mainly preferred due to their hardware independence and easy generation. OTP generation protocols should be evaluated in two main categories: time and security. In time-based OTP mechanisms (TOTP), client and server store a shared secret key. However, if attackers compromise the server, attackers can generate new OTPs using the key and impersonate the client. To solve this problem, protocols based on the hash chain mechanism have been proposed; however, these methods have weaknesses mainly due to the authentication speed and the limited number of OTPs they generate. This thesis proposes a server-side tamper-proof and fast response physical unclonable function (PUF) based second-factor authentication protocol on overcoming these problems. PUF is a digital fingerprint that ensures that every device produced is unique due to uncontrollable factors in the production stages of devices. It generates responses that correspond to challenges. Since PUF is based on the micro-level differences in devices, micro-level structure changes in the event of an attack, and the PUF takes to generate different responses. Although PUF is a fast response function, it is impossible to reach the challenge from the response it generates. In the proposed protocol, the PUF inside the server generates key values and used to store clients’ secret seed values securely. In case of side-channel attack on server-side, the key values of the clients cannot be obtained by the attackers, as the PUF structure will be corrupted. Even if the attacker obtains the server’s credentials and gains access to the system, they cannot get the secret seed values of the clients and cannot generate the OTPs. In this way, the attacker cannot authenticate by impersonating the client.
  • Master Thesis
    A Study on Early Decryption Mechanism at Veriflable Delay Functions
    (01. Izmir Institute of Technology, 2022) Özdemir, Oğulcan; Şahin, Serap
    In computer science, can we measure the passage of time in accordance with Earth time and use this measurement mechanism as a time lock to decrypt encrypted data? The search for answers to these questions has not yet been given a definite, straightforward answer. Because there is no fixed definition of time in computer science. Research on the use and measurement of "time-locked cryptography" in computer science is based on the research of Time-Lock Puzzles and Timed-Release Crypto by Rivest et al. In 2017, two studies were published that accelerated development in this area: Simple Verifiable Delay Functions and Efficient Verifiable Delay Functions. In both studies, timing requirements are defined as Verifiable Delay Functions (VDF). However, current VDF solutions do not have a controlled early decryption feature for time locking mechanism. The contributions we intend to make to the VDF protocol in this study focus on the design, verification, and implementation of a new VDF protocol that both guarantees the time lock mechanism requirements defined by VDF and provides the ability to open the time lock in a controlled manner by authorised individuals before the target time. VDF solution to be developed, unlike similar VDF protocols, should also include the blockchain Ethereum component and work flexibly with any of the defined VDF time lock algorithms, depending on which one is chosen.
  • Master Thesis
    Analysing the Encrypted Search Algorithms on Encrypted Data
    (Izmir Institute of Technology, 2018) Tekin, Leyla; Şahin, Serap; Şahin, Serap
    In this thesis, we study the static and dynamic Searchable Symmetric Encryption (SSE) schemes (Cash et al. (2014), Kamara and Moataz (2017)). We present different approaches for secure single- and multi-keyword ranked searches, that are: Sorted, OPEBased, Paillier-Based, Embedded, and Matrix-Based. We extend the base schemes according to these approaches so that the matching documents of a search query are ranked by a relevance score calculation technique like term frequency (tf), term frequency-inverse document frequency (tf-idf) or keyword frequency, depending on the characteristics of the scheme. For this, the existing structures of the schemes are modified since they cannot be directly used for ranked searches. Therefore, the ranking facility is added to them. Further, Matrix-Based Approach is a new hybrid approach that is based on an updated structure of the static scheme (Cash et al. (2014)) and fills a matrix to rank the relevant documents for a search keyword, as in the work (Ibrahim et al. (2012)), however, computing the matrix is totally different from their work.
  • Master Thesis
    Analysis of Feature Pattern Mining Approaches on Social Network: a Case Study on Facebook
    (Izmir Institute of Technology, 2017) Öztürk, Elif; Şahin, Serap
    Pattern mining algorithms obtain patterns frequently seen in a database and complex graphs which are available from gene networks to social networks. Complex graphs contain lots of valuable information on their nodes or edges. For this reason, pattern mining algorithms can be used to extract data from complex networks. However, these algorithms usually work on the graphs whose nodes have a single label. If these algorithms are implemented on multi labeled (multi-attributed) complex graphs, their complexities belong to NP-Complete. For this reason, in this study, different approaches have been evaluated to find patterns. The goal is to understand related methods and algorithms with their pros and cons to obtain common feature patterns from multi-attributed complex graphs. We also selected Facebook social network complex graph data set (SNAP - Stanford University FaceBook anonymized data set) as an application domain and we analyzed the most frequent feature patterns on friendship relations.
  • Master Thesis
    An Analysis of Information Spreading and Privacy Issues on Social Networks
    (Izmir Institute of Technology, 2017) Sayin, Burcu; Şahin, Serap
    With Social Networks (SNs), being populated by a still increasing number of people, who take advantage of the communication and collaboration capabilities that they offer, density of the information, spread over SNs is increasing steadily. Furthermore, the probability of exposure of someone’s personal moments to a wider than expected crowd is also increasing. Hence, analyzing the spreading area and privacy level of any information through a SN is an important issue in social network analysis. By studying the functionalities and characteristics that modern SNs offer, along with the people’s habits and common behavior in them, it is easy to understand that several privacy risks may exist, for many of which people may be unaware of. We address this issue, focusing on interactions with posts in a SN, using Facebook as the research domain. As a novelty, we propose an application tool which visualizes the effect of potential privacy risks in Facebook and provides users to control their privacy. The proposed (and simulated) tool allows a Post Owner to observe the spreading area of his/her post, depending on the selected privacy settings of this post. Moreover, it provides preliminary feedback for all the Facebook users that have interacted with this post, to make them aware of the possible privacy changes, aiming to give them a chance to protect the privacy of their interaction on this post by deleting it when such a privacy change takes place.
  • Master Thesis
    Matching of Social Media Accounts by Using Public Information
    (Izmir Institute of Technology, 2016) Çetinkal, Yağız; Şahin, Serap; Şahin, Serap
    Protection of private information on social networks (SNs) has become a serious and important topic since social network sites became popular and widely adopted worldwide. Usually people want their personal information to be known only by a small group of people including close friends and families. But sometimes they willingly accept to give some particular information about themselves to individuals which are neither a friend nor an acquaintance. Each SN has different purposes and people subscribe many of them. However, public information available on these sites reveals many aspects of user’s identity. In this work, it is shown that public information can be used to detect the different accounts of the same individual. This study is performed on two popular social media sites: Twitter and Facebook. Public attributes of the profiles such as real name, user name and status updates (tweets and posts) are used for comparing profiles on two SNs. Different data mining algorithms are compared for matching profiles. Also relationship between text similarity and total term counts of status updates is analyzed. Results show that simple features like real names, user names and status updates have high similarity between the accounts of the same users and these features can be used to detect profiles of the same user on different SNs. Also the more status updates a user posts on Facebook the more he will likely be detected by the matching schema. Thus, public information can be exploited to pose a threat to the privacy of the people on the Internet.
  • Master Thesis
    Group Key Establishment Protocols: Pairing Cryptography and Verifiable Secret Sharing Scheme
    (Izmir Institute of Technology, 2013) Aslanoğlu, Rabia; Şahin, Serap
    The aim of this study is to establish a common secret key over an open network for a group of user to be used then symmetrical secure communication between them. There are two methods of GKE protocol which are key agreement and key distribution. Key agreement is a mechanism whereby the parties jointly establish a common secret. As to key distribution, it is a mechanism whereby one of the parties creates or obtains a secret value and then securely distributes it to other parties. In this study, both methods is applied and analyzed in two different GKE protocols. Desirable properties of a GKE are security and efficiency. Security is attributed in terms of preventing attacks against passive and active adversary. Efficiency is quantified in terms of computation, communication and round complexity. When constructing a GKE, the challenge is to provide security and efficiency according to attributed and quantified terms. Two main cryptographic tools are selected in order to handle the defined challenge. One of them is bilinear pairing which is based on elliptic curve cryptography and another is verifiable secret sharing which is based on multiparty computation. In this thesis, constructions of these two GKE protocols are studied along with their communication models, security and efficiency analysis. Also, an implementation of four-user group size is developed utilizing PBC, GMP and OpenSSL Libraries for both two protocols.