38 resultados para Secrecy
Resumo:
Secrecy of decryption keys is an important pre-requisite for security of any encryption scheme and compromised private keys must be immediately replaced. \emph{Forward Security (FS)}, introduced to Public Key Encryption (PKE) by Canetti, Halevi, and Katz (Eurocrypt 2003), reduces damage from compromised keys by guaranteeing confidentiality of messages that were encrypted prior to the compromise event. The FS property was also shown to be achievable in (Hierarchical) Identity-Based Encryption (HIBE) by Yao, Fazio, Dodis, and Lysyanskaya (ACM CCS 2004). Yet, for emerging encryption techniques, offering flexible access control to encrypted data, by means of functional relationships between ciphertexts and decryption keys, FS protection was not known to exist.\smallskip In this paper we introduce FS to the powerful setting of \emph{Hierarchical Predicate Encryption (HPE)}, proposed by Okamoto and Takashima (Asiacrypt 2009). Anticipated applications of FS-HPE schemes can be found in searchable encryption and in fully private communication. Considering the dependencies amongst the concepts, our FS-HPE scheme implies forward-secure flavors of Predicate Encryption and (Hierarchical) Attribute-Based Encryption.\smallskip Our FS-HPE scheme guarantees forward security for plaintexts and for attributes that are hidden in HPE ciphertexts. It further allows delegation of decrypting abilities at any point in time, independent of FS time evolution. It realizes zero-inner-product predicates and is proven adaptively secure under standard assumptions. As the ``cross-product" approach taken in FS-HIBE is not directly applicable to the HPE setting, our construction resorts to techniques that are specific to existing HPE schemes and extends them with what can be seen as a reminiscent of binary tree encryption from FS-PKE.
Resumo:
This article explores how queer digital storytellers understand and mobilize concepts of privacy and publicness as they engage in everyday activism through creating and sharing personal stories designed to contribute to cultural and political debates. Through the pre-production, production, and distribution phases of digital storytelling workshops and participation in a related online community, these storytellers actively negotiate the tensions and continuua among visibility and hiddenness; secrecy and pride; finite and fluid renditions of self; and individual and collective constructions of identity. We argue that the social change they aspire to is at least partially achieved through “networked identity work” on and offline with both intimate and imagined publics.
Resumo:
Late discovery is a term used to describe the experience of discovering the truth of one’s genetic origins as an adult. Following discovery, late discoverers face a lack of recognition and acknowledgment of their concerns from family, friends, community and institutions. They experience pain, anger, loss, grief and frustration. This presentation shares the findings of the first qualitative study of both late discovery of adoptive and donor insemination offspring (heterosexual couple use only) experiences. It is also the first study of late discovery experiences undertaken from an ethical perspective. While this study recruited new participants, it also included an ethical re-analysis of existing late discovery accounts across both practices. The findings of this study (a) draws links between past adoption and current donor insemination (heterosexual couple only) practices, (b) reveals that late discoverers are demanding acknowledgment and recognition of the particularity of their experiences, and (c) offers insights into conceptual understandings of the ‘best interests of the child’ principle. These insights derive from the lived experiences of those whose biological and social worlds have been sundered and secrecy and denial of difference used to conceal this. It suggests that acknowledging the equal moral status of the child may be useful in strengthening conceptual understandings of the ‘best interests of the child’ principle. This equal moral status involves ensuring that personal autonomy and the ability to exercise free will is protected; that the integrity of the relationships of trust expected and demanded between parent/s and children is defended and supported; and that equal access to normative socio-cultural practices, that is; non-fictionalised birth certificates and open records, is guaranteed.
Resumo:
Predicate encryption (PE) is a new primitive which supports exible control over access to encrypted data. In PE schemes, users' decryption keys are associated with predicates f and ciphertexts encode attributes a that are specified during the encryption procedure. A user can successfully decrypt if and only if f(a) = 1. In this thesis, we will investigate several properties that are crucial to PE. We focus on expressiveness of PE, Revocable PE and Hierarchical PE (HPE) with forward security. For all proposed systems, we provide a security model and analysis using the widely accepted computational complexity approach. Our first contribution is to explore the expressiveness of PE. Existing PE supports a wide class of predicates such as conjunctions of equality, comparison and subset queries, disjunctions of equality queries, and more generally, arbitrary combinations of conjunctive and disjunctive equality queries. We advance PE to evaluate more expressive predicates, e.g., disjunctive comparison or disjunctive subset queries. Such expressiveness is achieved at the cost of computational and space overhead. To improve the performance, we appropriately revise the PE to reduce the computational and space cost. Furthermore, we propose a heuristic method to reduce disjunctions in the predicates. Our schemes are proved in the standard model. We then introduce the concept of Revocable Predicate Encryption (RPE), which extends the previous PE setting with revocation support: private keys can be used to decrypt an RPE ciphertext only if they match the decryption policy (defined via attributes encoded into the ciphertext and predicates associated with private keys) and were not revoked by the time the ciphertext was created. We propose two RPE schemes. Our first scheme, termed Attribute- Hiding RPE (AH-RPE), offers attribute-hiding, which is the standard PE property. Our second scheme, termed Full-Hiding RPE (FH-RPE), offers even stronger privacy guarantees, i.e., apart from possessing the Attribute-Hiding property, the scheme also ensures that no information about revoked users is leaked from a given ciphertext. The proposed schemes are also proved to be secure under well established assumptions in the standard model. Secrecy of decryption keys is an important pre-requisite for security of (H)PE and compromised private keys must be immediately replaced. The notion of Forward Security (FS) reduces damage from compromised keys by guaranteeing confidentiality of messages that were encrypted prior to the compromise event. We present the first Forward-Secure Hierarchical Predicate Encryption (FS-HPE) that is proved secure in the standard model. Our FS-HPE scheme offers some desirable properties: time-independent delegation of predicates (to support dynamic behavior for delegation of decrypting rights to new users), local update for users' private keys (i.e., no master authority needs to be contacted), forward security, and the scheme's encryption process does not require knowledge of predicates at any level including when those predicates join the hierarchy.
Resumo:
Denial-of-service (DoS) attacks are a growing concern to networked services like the Internet. In recent years, major Internet e-commerce and government sites have been disabled due to various DoS attacks. A common form of DoS attack is a resource depletion attack, in which an attacker tries to overload the server's resources, such as memory or computational power, rendering the server unable to service honest clients. A promising way to deal with this problem is for a defending server to identify and segregate malicious traffic as earlier as possible. Client puzzles, also known as proofs of work, have been shown to be a promising tool to thwart DoS attacks in network protocols, particularly in authentication protocols. In this thesis, we design efficient client puzzles and propose a stronger security model to analyse client puzzles. We revisit a few key establishment protocols to analyse their DoS resilient properties and strengthen them using existing and novel techniques. Our contributions in the thesis are manifold. We propose an efficient client puzzle that enjoys its security in the standard model under new computational assumptions. Assuming the presence of powerful DoS attackers, we find a weakness in the most recent security model proposed to analyse client puzzles and this study leads us to introduce a better security model for analysing client puzzles. We demonstrate the utility of our new security definitions by including two hash based stronger client puzzles. We also show that using stronger client puzzles any protocol can be converted into a provably secure DoS resilient key exchange protocol. In other contributions, we analyse DoS resilient properties of network protocols such as Just Fast Keying (JFK) and Transport Layer Security (TLS). In the JFK protocol, we identify a new DoS attack by applying Meadows' cost based framework to analyse DoS resilient properties. We also prove that the original security claim of JFK does not hold. Then we combine an existing technique to reduce the server cost and prove that the new variant of JFK achieves perfect forward secrecy (the property not achieved by original JFK protocol) and secure under the original security assumptions of JFK. Finally, we introduce a novel cost shifting technique which reduces the computation cost of the server significantly and employ the technique in the most important network protocol, TLS, to analyse the security of the resultant protocol. We also observe that the cost shifting technique can be incorporated in any Diffine{Hellman based key exchange protocol to reduce the Diffie{Hellman exponential cost of a party by one multiplication and one addition.
Resumo:
Orchids: My Intersex Adventure is a multi-award winning autobiographical documentary film. The film follows documentary filmmaker, Phoebe Hart, as she comes clean on her journey of self-discovery to embrace her future and reconcile the past shame and family secrecy surrounding her intersex condition. Despite her mother’s outright refusal to be in the film, Phoebe decides she must push on with her quest to resolve her life story and connect with other intersex people on camera. With the help of her sister Bonnie and support from her partner James, she hits the open road and reflects on her youth. Phoebe’s happy and carefree childhood came to an abrupt end at puberty when she was told she would never menstruate nor have children. But the reasons why were never discussed and the topic was taboo. At the age of 17, Phoebe’s mother felt she was old enough to understand the true nature of her body and the family secret was finally revealed. Phoebe then faced an orchidectomy, invasive surgery to remove her undescended testes, the emotional scars of which are still raw today. Phoebe’s road trip around Australia exposes her to the stories of other intersex people and holds a mirror to her own experience. She learns valuable lessons in resilience and healing but also sees the pervasive impact her condition has on all her relationships. At home, Phoebe and James want to start a family but dealing with infertility and the stress of the adoption process puts pressure on their marriage. Phoebe also starts to understand the difficult decisions her parents faced and is excited but apprehensive when they eventually agree to be interviewed. Will talking openly with her mother give Phoebe the answers she has been looking for? The film was produced and directed by Phoebe Hart and commissioned by the Australian Broadcasting Commission. The film premiered at the Brisbane International Film Festival in 2010 where it was voted the number one film of the festival by audiences. Orchids was broadcast on ABC1 in Australia in 2012, appeared in more than 50 film festivals internationally and has since been broadcast nationally in Switzerland, Sweden, Israel, Spain, France, Russia, Poland, Germany and the USA.
Resumo:
In 2004, my thirtieth year of life, I began to develop and produce a documentary about the lived experience of being intersex. At the time, I didn’t ever expect the film would be autobiographical in nature. I’d known I was intersex since I was 17, and aware of my difference for many years prior, and I’d been making and presenting documentaries for almost as long, yet the idea to expose myself so publicly was frightening to me. However, I realised I couldn’t expect others to step in front of the lens when I didn’t have the courage to do so myself. The final result was Orchids: My Intersex Adventure, which maps my intersex journey from shame, stigma and secrecy to self‐acceptance. The film has now been broadcast on television sets around the world. It has also won many awards and appeared in numerous film festivals....
Resumo:
The notion of sovereignty is central to any international tax issue. While a nation is free to design its tax laws as it sees fit and raise revenue in accordance with the needs of its citizens, it is not possible to undertake such a task in isolation. In a world of cross-border investments and business transactions, all tax regimes impact on one another. Tax interactions between sovereign states cannot be avoided. Ultimately, the interactions mean that a nation must decide whether to engage in both collaboration and coordination with other nations and supranational bodies alike or maintain an individualised stance in relation to its tax policy. Whatever the decision, there is arguably an exercise in national sovereignty in some form. In the context of an international tax regime, whether that regime is interpreted broadly as meaning international norms generally adopted by nations around the world or domestic regimes legislating for cross-border transactions, rhetoric around national fiscal sovereignty takes on many different forms. At one end of the spectrum it is relied upon by financial secrecy jurisdictions (tax havens) as a defence to their position on the basis that ‘other’ nations cannot interfere with the fiscal sovereignty of a jurisdiction. At the other end of the spectrum, it is argued that profit shifting and international tax avoidance if not stopped is, in and of itself, a threat to a nation’s fiscal sovereignty on the basis that it threatens the ability to tax and raise the revenue needed. This paper considers a modern conceptualisation of sovereignty along with its role within international tax coordination and collaboration to argue that a move towards a more unified approach to addressing international base erosion and profit shifting may be the ultimate exercise of national fiscal sovereignty. By using the current transfer pricing regime as a case study, this paper posits that it is not merely enough to have international agreement on allocation rules to be applied, but that the ultimate exercise of national sovereignty is political agreement with other states to ensure that it is governments which determine the allocational basis of worldwide profits to be taxed. In doing so, it is demonstrated that the arm’s length pricing requirement of the current transfer pricing regime, rather than providing governments with the ability to determine the location of profits, is providing multinational entities with the ultimate power to determine that location. If left unchecked, this will eventually erode a nation’s ability to capture the required tax revenue and, as a consequence, may be deemed a failure by nation states to exercise their fiscal sovereignty.
Resumo:
Secure multi-party computation (MPC) protocols enable a set of n mutually distrusting participants P 1, ..., P n , each with their own private input x i , to compute a function Y = F(x 1, ..., x n ), such that at the end of the protocol, all participants learn the correct value of Y, while secrecy of the private inputs is maintained. Classical results in the unconditionally secure MPC indicate that in the presence of an active adversary, every function can be computed if and only if the number of corrupted participants, t a , is smaller than n/3. Relaxing the requirement of perfect secrecy and utilizing broadcast channels, one can improve this bound to t a < n/2. All existing MPC protocols assume that uncorrupted participants are truly honest, i.e., they are not even curious in learning other participant secret inputs. Based on this assumption, some MPC protocols are designed in such a way that after elimination of all misbehaving participants, the remaining ones learn all information in the system. This is not consistent with maintaining privacy of the participant inputs. Furthermore, an improvement of the classical results given by Fitzi, Hirt, and Maurer indicates that in addition to t a actively corrupted participants, the adversary may simultaneously corrupt some participants passively. This is in contrast to the assumption that participants who are not corrupted by an active adversary are truly honest. This paper examines the privacy of MPC protocols, and introduces the notion of an omnipresent adversary, which cannot be eliminated from the protocol. The omnipresent adversary can be either a passive, an active or a mixed one. We assume that up to a minority of participants who are not corrupted by an active adversary can be corrupted passively, with the restriction that at any time, the number of corrupted participants does not exceed a predetermined threshold. We will also show that the existence of a t-resilient protocol for a group of n participants, implies the existence of a t’-private protocol for a group of n′ participants. That is, the elimination of misbehaving participants from a t-resilient protocol leads to the decomposition of the protocol. Our adversary model stipulates that a MPC protocol never operates with a set of truly honest participants (which is a more realistic scenario). Therefore, privacy of all participants who properly follow the protocol will be maintained. We present a novel disqualification protocol to avoid a loss of privacy of participants who properly follow the protocol.
Resumo:
Security protocols are designed in order to provide security properties (goals). They achieve their goals using cryptographic primitives such as key agreement or hash functions. Security analysis tools are used in order to verify whether a security protocol achieves its goals or not. The analysed property by specific purpose tools are predefined properties such as secrecy (confidentiality), authentication or non-repudiation. There are security goals that are defined by the user in systems with security requirements. Analysis of these properties is possible with general purpose analysis tools such as coloured petri nets (CPN). This research analyses two security properties that are defined in a protocol that is based on trusted platform module (TPM). The analysed protocol is proposed by Delaune to use TPM capabilities and secrets in order to open only one secret from two submitted secrets to a recipient
Resumo:
We present a text watermarking scheme that embeds a bitstream watermark Wi in a text document P preserving the meaning, context, and flow of the document. The document is viewed as a set of paragraphs, each paragraph being a set of sentences. The sequence of paragraphs and sentences used to embed watermark bits is permuted using a secret key. Then, English language sentence transformations are used to modify sentence lengths, thus embedding watermarking bits in the Least Significant Bits (LSB) of the sentences’ cardinalities. The embedding and extracting algorithms are public, while the secrecy and security of the watermark depends on a secret key K. The probability of False Positives is extremely small, hence avoiding incidental occurrences of our watermark in random text documents. Majority voting provides security against text addition, deletion, and swapping attacks, further reducing the probability of False Positives. The scheme is secure against the general attacks on text watermarks such as reproduction (photocopying, FAX), reformatting, synonym substitution, text addition, text deletion, text swapping, paragraph shuffling and collusion attacks.
Resumo:
This book constitutes the refereed proceedings of the 11th International Conference on Cryptology and Network Security, CANS 2012, held in Darmstadt, Germany, in December 2012. The 22 revised full papers, presented were carefully reviewed and selected from 99 submissions. The papers are organized in topical sections on cryptanalysis; network security; cryptographic protocols; encryption; and s-box theory.
Resumo:
In the United States, there has been a fierce debate over the Trans-Pacific Partnership (TPP), and its impact upon jobs, employment, and labor rights and standards. This sweeping trade agreement spans the Pacific Rim, and includes such countries as Australia, New Zealand, Canada, Mexico, Peru, Chile, Malaysia, Singapore, Vietnam, Brunei, and Japan. There has been concern over the secrecy surrounding the Trans-Pacific Partnership — particularly in respect of labor rights.
Resumo:
On the 28th May 2014, a petition signed by 1.8 million people worldwide was delivered to the Australian Parliament to protest against the radical secrecy surrounding the Trans-Pacific Partnership.
Resumo:
This week, the secrecy surrounding an independent Australian report on patent law and pharmaceutical drugs has been lifted, and the work has been published to great acclaim...
