63 resultados para bare public-key model
em Deakin Research Online - Australia
Resumo:
The development of Public Key Infrastructures (PKIs) is highly desirable to support secure digital transactions and communications throughout existing networks. It is important to adopt a particular trust structure or PKI model at an early stage as this forms a basis for the PKI’s development. Many PKI models have been proposed but use only natural language descriptions. We apply a simple formal approach to describe the essential factors of a PKI model. Rule sets for some PKI models are given and can be used to distinguish and classify the different PKI models. Advantages for this approach with conglomerate PKIs, those that are built from multiple distinct PKI models, are discussed.
Resumo:
Certificateless public key encryption can be classified into two types, namely, CLE and CLE † , both of which were introduced by Al-Riyami and Paterson in Asiacrypt 2003. Most works about certificateless public key encryption belong to CLE, where the partial secret key is uniquely determined by an entity’s identity. In CLE † , an entity’s partial secret key is not only determined by the identity information but also by his/her (partial) public key. Such techniques can enhance the resilience of certificateless public key encryption against a cheating KGC. In this paper, we first formalize the security definitions of CLE † . After that, we demonstrate the gap between the security model of CLE † and CLE, by showing the insecurity of a CLE † scheme proposed by Lai and Kou in PKC 2007. We give an attack that can successfully break the indistinguishability of their CLE † scheme, although their scheme can be proved secure in the security model of CLE. Therefore, it does not suffice to consider the security of CLE † in the security model of CLE. Finally, we show how to secure Lai-Kou’s scheme by providing a new scheme with the security proof in the model of CLE †
Resumo:
This thesis analyses authentication in public key encryption and makes contributions in two areas. Firstly, Compressed Nested PKI is proposed which improves the certificate validation process. Then an implicitly certified encryption scheme, Authenticated Public Key Encryption, which makes keys easier to manage, is introduced.
Resumo:
In the late 1900s, suitable key lengths were determined by cryptographers who considered four main features based on implementation, expected lifespan and associated security. By 2010, recommendations are aimed at governmental and commercial institutions, which take into consideration practical implementations that provide data security. By aggregating the key length predictive data since 1985, we notice that while the figures proposed between 1990 and 2010 increase linearly, those proposed for 2010 to 2050 do not. This motivates us to re-think the factors used as a basis for key length predictions and we initiate this re-evaluation in this paper. Focusing first on implementation, we clarify the meaning of Moore’s Law by going back to his original papers and commentary. We then focus on the period 2010-2015, when non-linearity appears, and test Moore’s Law based on three different hardware platforms. Our conclusion is that current assumptions about Moore’s law are still reasonable and that non-linearity is likely to be caused by other factors which we will investigate in future work.
Resumo:
In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less infrastructure, (2) solving the certificate revocation problem, and (3) eliminating third-party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the identity-based cryptography. In this paper, we first introduce a new attack called the “Key Replacement Attack” in the certificate-based system and refine the security model of certificate-based signature. We show that the certificate-based signature scheme presented by Kang, Park and Hahn in CT-RSA 2004 is insecure against key replacement attacks. We then propose a new certificate-based signature scheme, which is shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. Compared with the certificate-based signature scheme in CT-RSA 2004, our scheme enjoys shorter signature length and less operation cost, and hence, our scheme outperforms the existing schemes in the literature.
Resumo:
Certificate-based encryption (CBE) is an important class of public key encryption but the existing schemes are secure only under the premise that the decryption key (or private key) and master secret key are absolutely secret. In fact, a lot of side channel attacks and cold boot attacks can leak secret information of a cryptographic system. In this case, the security of the cryptographic system is destroyed, so a new model called leakage-resilient (LR) cryptography is introduced to solve this problem. While some traditional public key encryption and identity-based encryption with resilient-leakage schemes have been constructed, as far as we know, there is no leakage-resilient scheme in certificate-based cryptosystems. This paper puts forward the first certificate-based encryption scheme which can resist not only the decryption key leakage but also the master secret key leakage. Based on composite order bilinear group assumption, the security of the scheme is proved by using dual system encryption. The relative leakage rate of key is close to 1/3.
Resumo:
Electronic communications have become the most important kind of communications in business. However, trust, privacy and security have become the great challenges for business and governments around the globe. The Public Key Infrastructure (PKI) model tries to solve these issues and make the Internet more secure. This paper explains the main purposes of PKI and addresses some of the major issues and obstacles that face PKI technology today.
Resumo:
Certificate verification in PKI is a complex and time consuming process. In the classical PKI methodology, in order to obtain a public key and to accept a certificate as valid, a verifier needs to extract a certificate path from the PKI and to verify the certificates on this path recursively. Levi proposed a nested certificate model vvith the aim to simplify and speed up certificate verification. Such a nested certificate-based PKI significantly improves certificate verification, but it also requires a large increase in the number of issued certificates, which makes this model impractical for real life deployment. In order to solve this drawback of nested PKI, while retaining its speed in certificate verification, we propose in this paper the innovative concept of a compressed nested certificate, which is a significantly modified version of the nested certificate model. Compressed nested certificate PKI deploys compressed nested certificates which speed up and simplify certificate verification while keeping certificate load to a minimum, thus providing implementers the option of integrating it into the existing PKI model or building it separately as an independent model.
Resumo:
This thesis analyses the development of the Ballarat East Free Library (1859), the Ballarat Mechanics’ Institute Library (1859) and the City of Ballaarat Free Library (1878) within the broader context of public librarianship in Victoria between 1851-1900. Mechanics’ Institute libraries and free libraries represent the major derivatives of a nineteenth-century library model that emphasised the pursuit of lifelong learning, private reading and the enjoyment of genteel recreational facilities. The circumstances that led to the formation of an Institute and a free library in Ballarat in, 1,859 provide a unique opportunity to analyse the public library model for two reasons. These libraries were established in a remarkable goldfield city that enjoyed a number of economic and cultural advantages and secondly, the Ballarat Mechanics’ Institute Library and the Ballarat East Free Library experienced such spectacular growth that by 1880 they were two of the largest public libraries in Australia. However, it is argued that this growth cycle could not be sustained due to a combination of factors including low membership levels, limited funding for recurrent expenditure purposes, and heightened dissatisfaction with the book collections. Libraries began to stagnate in the late-1880s and the magnitude of this collapse in Ballarat, and throughout the colony, was subsequently confirmed with the publication of a national survey of Australian libraries in 1935. The ‘Munn-Pitt’ report found that public libraries had provided a better service in 1880 than at any other time in the next six decades. Four conclusions are drawn in this comparative analysis of the Ballarat Mechanics’ Institute Library, the Ballarat East Free Library, and to a lesser extent, the City of Ballaarat Free Library, between 1851-1900. Firstly, is it shown that the literature places considerable emphasis on the formation of public libraries but is far less critical of the long-term viability of the public library model as it evolved in Ballarat and throughout the colony in the nineteenth century. Secondly, whilst Ballarat and its library committees benefited from the city's prosperity and the entrepreneurial zeal of its pioneers, these same library committees were unable to overcome the structural flaws in the public library model or to dispel the widespread belief that libraries were elitist organisations. As a consequence, membership of the major libraries in Ballarat never exceeded 4% of the total population. Thirdly, it is acknowledged that an absence of records relating to book borrowing habits by individuals limits is a limiting factor, but this problem has been addressed, in part, by undertaking a comparative analysis of collection development policies, invoices, lists of popular authors and books, public comment and the book borrowing patterns of a number of comparable libraries in central Victoria. These resources provide a number of insights into the reading habits of library patrons in Ballarat in the late-nineteenth century. Finally, this thesis focuses on the management policies and practices of each library committee in Ballarat in order to move beyond the traditional explanation for the demise of nineteenth-century libraries and to propose an alternative explanation for the stagnation of public libraries in Ballarat in the mid-1880s. The traditional explanation for the demise of colonial libraries was the sudden reduction in government funding in the 1890s, whereas this thesis argues that a combination of factors, including the unresolved tensions with regard to libraries collection development policies, committee and municipal rivalry, and increasing conservatism, had already damaged the credibility of Ballarat’s libraries by the mid-1880s. It is argued that the intense rivalry between library committees resulted in an unnecessary duplication of services and an inadequate membership base. It is also argued that the increasingly conservative, un-cooperative and uninviting attitudes of these library committees discouraged patronage and as a direct consequence, membership and daily visitor rates of the free and Institute libraries in Ballarat plummeted by 80% between 1880-1900.
Resumo:
Resource constraint sensors of a Wireless Sensor Network (WSN) cannot afford the use of costly encryption techniques like public key while dealing with sensitive data. So symmetric key encryption techniques are preferred where it is essential to have the same cryptographic key between communicating parties. To this end, keys are preloaded into the nodes before deployment and are to be established once they get deployed in the target area. This entire process is called key predistribution. In this paper we propose one such scheme using unique factorization of polynomials over Finite Fields. To the best of our knowledge such an elegant use of Algebra is being done for the first time in WSN literature. The best part of the scheme is large number of node support with very small and uniform key ring per node. However the resiliency is not good. For this reason we use a special technique based on Reed Muller codes proposed recently by Sarkar, Saha and Chowdhury in 2010. The combined scheme has good resiliency with huge node support using very less keys per node.
Resumo:
Certificate-based encryption was introduced in Eurocrypt’03 to solve the certificate management problem in public key encryption. Recently, this idea has been extended to certificate-based signatures. To date, several new schemes and security models of certificate-based signatures have been proposed. In this paper, we first introduce a new security model of certificate-based signatures. Our model is not only more elaborated when compared with the existing ones, but also defines several new types of adversaries in certificate-based signatures. We then investigate the relationship between certificate-based signatures and certificateless signatures, by proposing a generic construction of certificate-based signatures from certificateless signatures. Our generic construction is secure (in the random oracle model) under the security model defined in this paper, assuming the underlying certificateless signatures satisfying certain security notions.
Resumo:
Certificateless public key cryptography was introduced to avoid the inherent key escrow problem in identity-based cryptography, and eliminate the use of certificates in traditional PKI. Most cryptographic schemes in certificateless cryptography are built from bilinear mappings on elliptic curves which need costly operations. Despite the investigation of certificateless public key encryption without pairings, certificateless signature without pairings received much less attention than what it deserves. In this paper, we present a concrete pairing-free certificateless signature scheme for the first time. Our scheme is more computationally efficient than others built from pairings. The new scheme is provably secure in the random oracle model assuming the hardness of discrete logarithm problem.
