867 resultados para identity-based cryptosystem
Resumo:
Gay and lesbian prides and marches are of crucial relevance to the way in which non-heterosexual lives are imagined internationally despite regional and national differences. Quite often, these events are connected not only with increased activist mobilisation, but also with great controversy, which is the case of Poland, where gay and lesbian marches have been attacked by right-wing protesters and cancelled by right-wing city authorities on a number of occasions. Overall, the scholars analysing these events have largely focused on the macro-context of the marches, paying less attention to the movement actors behind these events. The contribution of this thesis lies not only in filling a gap when it comes to research on sexual minorities in Eastern Europe/Poland, but also in its focus on micro-level movement processes and engagement with theories of collective identity and citizenship. Furthermore, this thesis challenges the inscription of Eastern European/Polish movements into the narrative of victimhood and delayed development when compared to LGBT movements in the Global North. This thesis is grounded in qualitative research including participant observation of public activist events as well as forty semi-structured interviews with the key organisers of gay and lesbian marches in Warsaw, Poznan and Krakow between 2001 and 2007, and five of these interviews were further accompanied by photo-elicitation (self-directed photography) methods. Starting from the processes whereby from 2001 onwards, marches, pride parades and demonstrations became the most visible and contested activity of the Polish lesbian and gay movement, this thesis examines how the activists redefined the meanings of citizenship in the post-transformation context, by incorporating the theme of sexual minorities' rights. Using Bernstein's (1997, 2002, 2005, 2008) concept of identity deployment, I show how and when movement actors use identity tactically, depending on their goals. Specifically, in the context of movement-media interactions, I examine the ways in which the activists use marches to challenge the negative representations of sexual minorities in Poland. I also broaden Bernstein's framework to include the discussion of emotion work as relevant to public LGBT activism in Poland. Later, I discuss how the emotions of protests allowed the activists to inscribe their efforts into the "revolutionary" narrative of the Polish Solidarity movement and by extension, the frame of citizenship. Finally, this thesis engages with the dilemmas of identity deployment strategies, and seeks to problematise the dichotomy between identity-based gay and lesbian assimilationist strategies and the anti-identity queer politics.
Resumo:
The purpose of this study was to gain an understanding and gather insight into the experiences of Cuban American women attending a 4-year, public, Hispanic Serving Institution and how those experiences influenced their identity development. This was accomplished by conducting in-depth interviews and focus groups with 12 self-identified Cuban American women who were classified as sophomores, juniors, seniors, or graduate students. All of the participants had attended Florida International University for at least 1 year. The women had varying degrees of on and off campus academic and campus involvement activities. Participants were asked about six topics: (a) family, (b) cultural influences, (c) gender, (d) ethical and moral development, (e) education, and (f) ethnic identity. Based on the coding of the data provided by the participants, several interconnected themes emerged including the importance of family, familial support, cultural pride, expected gender roles, core values, decision making, biculturalism, and the value of attending a Hispanic Serving Institution. These themes were found to be all related to the identity development of the participants. It was found that looking at identity through a multidimensional lens is essential. Looking at personal growth and development through anthropological, sociological, and psychosocial lenses gave greater insight to a population of students who have been largely underrepresented in the literature. The findings of this case study are that culture is contextual and identity development is complex for first and second generation Cuban American women attending a Hispanic Serving Institution in a majority minority city. It was found that several factors, including the importance of family and gender roles, were not found to be more important than one another; rather they supported each other in regards to the participants' identity development. The notion of biculturalism as it has been presented in the literature was challenged in this study as it was found that the participants' experiences living and attending a school in a majority minority city presented a new way of understanding what it might mean to be bicultural. For professionals in the field, the findings of this study may lead to a broader understanding of nuances within the Hispanic community and a better understanding of the distinctiveness of what it means to be a Cuban American woman.
Resumo:
Bilinear pairings can be used to construct cryptographic systems with very desirable properties. A pairing performs a mapping on members of groups on elliptic and genus 2 hyperelliptic curves to an extension of the finite field on which the curves are defined. The finite fields must, however, be large to ensure adequate security. The complicated group structure of the curves and the expensive field operations result in time consuming computations that are an impediment to the practicality of pairing-based systems. The Tate pairing can be computed efficiently using the ɳT method. Hardware architectures can be used to accelerate the required operations by exploiting the parallelism inherent to the algorithmic and finite field calculations. The Tate pairing can be performed on elliptic curves of characteristic 2 and 3 and on genus 2 hyperelliptic curves of characteristic 2. Curve selection is dependent on several factors including desired computational speed, the area constraints of the target device and the required security level. In this thesis, custom hardware processors for the acceleration of the Tate pairing are presented and implemented on an FPGA. The underlying hardware architectures are designed with care to exploit available parallelism while ensuring resource efficiency. The characteristic 2 elliptic curve processor contains novel units that return a pairing result in a very low number of clock cycles. Despite the more complicated computational algorithm, the speed of the genus 2 processor is comparable. Pairing computation on each of these curves can be appealing in applications with various attributes. A flexible processor that can perform pairing computation on elliptic curves of characteristic 2 and 3 has also been designed. An integrated hardware/software design and verification environment has been developed. This system automates the procedures required for robust processor creation and enables the rapid provision of solutions for a wide range of cryptographic applications.
Resumo:
The proliferation of innovative schemes to address climate change at international, national and local levels signals a fundamental shift in the priority and role of the natural environment to society, organizations and individuals. This shift in shared priorities invites academics and practitioners to consider the role of institutions in shaping and constraining responses to climate change at multiple levels of organisations and society. Institutional theory provides an approach to conceptualising and addressing climate change challenges by focusing on the central logics that guide society, organizations and individuals and their material and symbolic relationship to the environment. For example, framing a response to climate change in the form of an emission trading scheme evidences a practice informed by a capitalist market logic (Friedland and Alford 1991). However, not all responses need necessarily align with a market logic. Indeed, Thornton (2004) identifies six broad societal sectors each with its own logic (markets, corporations, professions, states, families, religions). Hence, understanding the logics that underpin successful –and unsuccessful– climate change initiatives contributes to revealing how institutions shape and constrain practices, and provides valuable insights for policy makers and organizations. This paper develops models and propositions to consider the construction of, and challenges to, climate change initiatives based on institutional logics (Thornton and Ocasio 2008). We propose that the challenge of understanding and explaining how climate change initiatives are successfully adopted be examined in terms of their institutional logics, and how these logics evolve over time. To achieve this, a multi-level framework of analysis that encompasses society, organizations and individuals is necessary (Friedland and Alford 1991). However, to date most extant studies of institutional logics have tended to emphasize one level over the others (Thornton and Ocasio 2008: 104). In addition, existing studies related to climate change initiatives have largely been descriptive (e.g. Braun 2008) or prescriptive (e.g. Boiral 2006) in terms of the suitability of particular practices. This paper contributes to the literature on logics by examining multiple levels: the proliferation of the climate change agenda provides a site in which to study how institutional logics are played out across multiple, yet embedded levels within society through institutional forums in which change takes place. Secondly, the paper specifically examines how institutional logics provide society with organising principles –material practices and symbolic constructions– which enable and constrain their actions and help define their motives and identity. Based on this model, we develop a series of propositions of the conditions required for the successful introduction of climate change initiatives. The paper proceeds as follows. We present a review of literature related to institutional logics and develop a generic model of the process of the operation of institutional logics. We then consider how this is applied to key initiatives related to climate change. Finally, we develop a series of propositions which might guide insights into the successful implementation of climate change practices.
Resumo:
Predicate encryption has an advantage over traditional public-key or identity-based encryption, since predicate encryption systems provide more flexible control over access to encrypted data. We focus on delegation capabilities in predicate systems. More specifically, we investigate delegatable encryption systems supporting disjunctive predicate evaluations. We present formal security definitions of delegatable predicate encryption and provide the first delegatable predicate encryption scheme which supports disjunctive predicate evaluations in the public-key setting. We analyze the security of the proposed system and give a security proof. In addition, we present a delegatable predicate encryption in the symmetric-key setting and discuss the related security issues.
Resumo:
Research investigating the transactional approach to the work stressor-employee adjustment relationship has described many negative main effects between perceived stressors in the workplace and employee outcomes. A considerable amount of literature, theoretical and empirical, also describes potential moderators of this relationship. Organizational identification has been established as a significant predictor of employee job-related attitudes. To date, research has neglected investigation of the potential moderating effect of organizational identification in the work stressor-employee adjustment relationship. On the basis of identity, subjective fit and sense of belonging literature it was predicted that higher perceptions of identification at multiple levels of the organization would mitigate the negative effect of work stressors on employee adjustment. It was expected, further, that more proximal, lower order identifications would be more prevalent and potent as buffers of stressors on strain. Predictions were tested with an employee sample from five organizations (N = 267). Hierarchical moderated multiple regression analyses revealed some support for the stress-buffering effects of identification in the prediction of job satisfaction and organizational commitment, particularly for more proximal (i.e., work unit) identification. These positive stress-buffering effects, however, were present for low identifiers in some situations. The present study represents an extension of the application of organizational identity theory by identifying the effects of organizational and workgroup identification on employee outcomes in the nonprofit context. Our findings will contribute to a better understanding of the dynamics in nonprofit organizations and therefore contribute to the development of strategy and interventions to deal with identity-based issues in nonprofits.
Resumo:
Early childhood education and care (ECEC) in Australia are currently a focus of social and economic policy. However, early childhood leadership in Australia is yet to develop a clear identity that will enable the field to develop to its full potential. In this paper we investigate a unique theoretical framework for constructing leadership identity, based on transformational leadership and epistemological beliefs. Using semistructured interviews, 15 childcare directors from a large metropolitan area in Australia were asked to describe their beliefs about knowing in the context of their leadership practices. The findings showed that leaders (n = 5) who espoused predominantly evaluativist beliefs about knowing were more likely to describe transformational leadership behaviours in the context of childcare leadership. A number of leaders held mixed beliefs (n = 9) about knowing and described their leadership practice in ways that reflected both transactional and transformational leadership styles. Finally, one leader described predominantly objectivist epistemological beliefs and transactional beliefs about leadership. These preliminary findings show that there seems to be a relationship between core epistemological beliefs and beliefs about leadership practices and offers a new way to characterise leadership in ECEC in Australia.
Resumo:
The contributions of this thesis fall into three areas of certificateless cryptography. The first area is encryption, where we propose new constructions for both identity-based and certificateless cryptography. We construct an n-out-of- n group encryption scheme for identity-based cryptography that does not require any special means to generate the keys of the trusted authorities that are participating. We also introduce a new security definition for chosen ciphertext secure multi-key encryption. We prove that our construction is secure as long as at least one authority is uncompromised, and show that the existing constructions for chosen ciphertext security from identity-based encryption also hold in the group encryption case. We then consider certificateless encryption as the special case of 2-out-of-2 group encryption and give constructions for highly efficient certificateless schemes in the standard model. Among these is the first construction of a lattice-based certificateless encryption scheme. Our next contribution is a highly efficient certificateless key encapsulation mechanism (KEM), that we prove secure in the standard model. We introduce a new way of proving the security of certificateless schemes based that are based on identity-based schemes. We leave the identity-based part of the proof intact, and just extend it to cover the part that is introduced by the certificateless scheme. We show that our construction is more efficient than any instanciation of generic constructions for certificateless key encapsulation in the standard model. The third area where the thesis contributes to the advancement of certificateless cryptography is key agreement. Swanson showed that many certificateless key agreement schemes are insecure if considered in a reasonable security model. We propose the first provably secure certificateless key agreement schemes in the strongest model for certificateless key agreement. We extend Swanson's definition for certificateless key agreement and give more power to the adversary. Our new schemes are secure as long as each party has at least one uncompromised secret. Our first construction is in the random oracle model and gives the adversary slightly more capabilities than our second construction in the standard model. Interestingly, our standard model construction is as efficient as the random oracle model construction.
Resumo:
In many applications, where encrypted traffic flows from an open (public) domain to a protected (private) domain, there exists a gateway that bridges the two domains and faithfully forwards the incoming traffic to the receiver. We observe that indistringuishability against (adaptive) chosen-ciphertext attacks (IND-CCA), which is a mandatory goal in face of active attacks in a public domain, can be essentially relaxed to indistinguishability against chosen-plaintext attacks (IND-CPA) for ciphertexts once they pass the gateway that acts as an IND-CCA/CPA filter by first checking the validity of an incoming IND-CCA ciphertext, then transforming it (if valid) into an IND-CPA ciphertext, and forwarding the latter to the receipient in the private domain. "Non-trivial filtering" can result in reduced decryption costs on the receivers' side. We identify a class of encryption schemes with publicaly verifiable ciphertexts that admit generic constructions of (non-trivial) IND-CCA/CPA filters. These schemes are characterized by existence of public algorithms that can distinguish between valid and invalid ciphertexts. To this end, we formally define (non-trivial) public verifiability of ciphertexts for general encryption schemes, key encapsulation mechanisms, and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption flavours. We further analyze the security impact of public verifiability and discuss generic transformations and concrete constructions that enjoy this property.
Resumo:
Secrecy of decryption keys is an important pre-requisite for security of any encryption scheme and compromised private keys must be immediately replaced. \emph{Forward Security (FS)}, introduced to Public Key Encryption (PKE) by Canetti, Halevi, and Katz (Eurocrypt 2003), reduces damage from compromised keys by guaranteeing confidentiality of messages that were encrypted prior to the compromise event. The FS property was also shown to be achievable in (Hierarchical) Identity-Based Encryption (HIBE) by Yao, Fazio, Dodis, and Lysyanskaya (ACM CCS 2004). Yet, for emerging encryption techniques, offering flexible access control to encrypted data, by means of functional relationships between ciphertexts and decryption keys, FS protection was not known to exist.\smallskip In this paper we introduce FS to the powerful setting of \emph{Hierarchical Predicate Encryption (HPE)}, proposed by Okamoto and Takashima (Asiacrypt 2009). Anticipated applications of FS-HPE schemes can be found in searchable encryption and in fully private communication. Considering the dependencies amongst the concepts, our FS-HPE scheme implies forward-secure flavors of Predicate Encryption and (Hierarchical) Attribute-Based Encryption.\smallskip Our FS-HPE scheme guarantees forward security for plaintexts and for attributes that are hidden in HPE ciphertexts. It further allows delegation of decrypting abilities at any point in time, independent of FS time evolution. It realizes zero-inner-product predicates and is proven adaptively secure under standard assumptions. As the ``cross-product" approach taken in FS-HIBE is not directly applicable to the HPE setting, our construction resorts to techniques that are specific to existing HPE schemes and extends them with what can be seen as a reminiscent of binary tree encryption from FS-PKE.
Resumo:
Availability has become a primary goal of information security and is as significant as other goals, in particular, confidentiality and integrity. Maintaining availability of essential services on the public Internet is an increasingly difficult task in the presence of sophisticated attackers. Attackers may abuse limited computational resources of a service provider and thus managing computational costs is a key strategy for achieving the goal of availability. In this thesis we focus on cryptographic approaches for managing computational costs, in particular computational effort. We focus on two cryptographic techniques: computational puzzles in cryptographic protocols and secure outsourcing of cryptographic computations. This thesis contributes to the area of cryptographic protocols in the following ways. First we propose the most efficient puzzle scheme based on modular exponentiations which, unlike previous schemes of the same type, involves only a few modular multiplications for solution verification; our scheme is provably secure. We then introduce a new efficient gradual authentication protocol by integrating a puzzle into a specific signature scheme. Our software implementation results for the new authentication protocol show that our approach is more efficient and effective than the traditional RSA signature-based one and improves the DoSresilience of Secure Socket Layer (SSL) protocol, the most widely used security protocol on the Internet. Our next contributions are related to capturing a specific property that enables secure outsourcing of cryptographic tasks in partial-decryption. We formally define the property of (non-trivial) public verifiability for general encryption schemes, key encapsulation mechanisms (KEMs), and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption avors. We show that some generic transformations and concrete constructions enjoy this property and then present a new public-key encryption (PKE) scheme having this property and proof of security under the standard assumptions. Finally, we combine puzzles with PKE schemes for enabling delayed decryption in applications such as e-auctions and e-voting. For this we first introduce the notion of effort-release PKE (ER-PKE), encompassing the well-known timedrelease encryption and encapsulated key escrow techniques. We then present a security model for ER-PKE and a generic construction of ER-PKE complying with our security notion.
Resumo:
In many applications, where encrypted traffic flows from an open (public) domain to a protected (private) domain, there exists a gateway that bridges the two domains and faithfully forwards the incoming traffic to the receiver. We observe that indistinguishability against (adaptive) chosen-ciphertext attacks (IND-CCA), which is a mandatory goal in face of active attacks in a public domain, can be essentially relaxed to indistinguishability against chosen-plaintext attacks (IND-CPA) for ciphertexts once they pass the gateway that acts as an IND-CCA/CPA filter by first checking the validity of an incoming IND-CCA ciphertext, then transforming it (if valid) into an IND-CPA ciphertext, and forwarding the latter to the recipient in the private domain. “Non-trivial filtering'' can result in reduced decryption costs on the receivers' side. We identify a class of encryption schemes with publicly verifiable ciphertexts that admit generic constructions of (non-trivial) IND-CCA/CPA filters. These schemes are characterized by existence of public algorithms that can distinguish between valid and invalid ciphertexts. To this end, we formally define (non-trivial) public verifiability of ciphertexts for general encryption schemes, key encapsulation mechanisms, and hybrid encryption schemes, encompassing public-key, identity-based, and tag-based encryption flavours. We further analyze the security impact of public verifiability and discuss generic transformations and concrete constructions that enjoy this property.
Resumo:
Cryptosystems based on the hardness of lattice problems have recently acquired much importance due to their average-case to worst-case equivalence, their conjectured resistance to quantum cryptanalysis, their ease of implementation and increasing practicality, and, lately, their promising potential as a platform for constructing advanced functionalities. In this work, we construct “Fuzzy” Identity Based Encryption from the hardness of the Learning With Errors (LWE) problem. We note that for our parameters, the underlying lattice problems (such as gapSVP or SIVP) are assumed to be hard to approximate within supexponential factors for adversaries running in subexponential time. We give CPA and CCA secure variants of our construction, for small and large universes of attributes. All our constructions are secure against selective-identity attacks in the standard model. Our construction is made possible by observing certain special properties that secret sharing schemes need to satisfy in order to be useful for Fuzzy IBE. We also discuss some obstacles towards realizing lattice-based attribute-based encryption (ABE).
Resumo:
We present a technique for delegating a short lattice basis that has the advantage of keeping the lattice dimension unchanged upon delegation. Building on this result, we construct two new hierarchical identity-based encryption (HIBE) schemes, with and without random oracles. The resulting systems are very different from earlier lattice-based HIBEs and in some cases result in shorter ciphertexts and private keys. We prove security from classic lattice hardness assumptions.
Resumo:
We construct an efficient identity based encryption system based on the standard learning with errors (LWE) problem. Our security proof holds in the standard model. The key step in the construction is a family of lattices for which there are two distinct trapdoors for finding short vectors. One trapdoor enables the real system to generate short vectors in all lattices in the family. The other trapdoor enables the simulator to generate short vectors for all lattices in the family except for one. We extend this basic technique to an adaptively-secure IBE and a Hierarchical IBE.
