506 resultados para RSA
Resumo:
Halevi and Krawczyk proposed a message randomization algorithm called RMX as a front-end tool to the hash-then-sign digital signature schemes such as DSS and RSA in order to free their reliance on the collision resistance property of the hash functions. They have shown that to forge a RMX-hash-then-sign signature scheme, one has to solve a cryptanalytical task which is related to finding second preimages for the hash function. In this article, we will show how to use Dean’s method of finding expandable messages for finding a second preimage in the Merkle-Damgård hash function to existentially forge a signature scheme based on a t-bit RMX-hash function which uses the Davies-Meyer compression functions (e.g., MD4, MD5, SHA family) in 2 t/2 chosen messages plus 2 t/2 + 1 off-line operations of the compression function and similar amount of memory. This forgery attack also works on the signature schemes that use Davies-Meyer schemes and a variant of RMX published by NIST in its Draft Special Publication (SP) 800-106. We discuss some important applications of our attack.
Resumo:
Nth-Dimensional Truncated Polynomial Ring (NTRU) is a lattice-based public-key cryptosystem that offers encryption and digital signature solutions. It was designed by Silverman, Hoffstein and Pipher. The NTRU cryptosystem was patented by NTRU Cryptosystems Inc. (which was later acquired by Security Innovations) and available as IEEE 1363.1 and X9.98 standards. NTRU is resistant to attacks based on Quantum computing, to which the standard RSA and ECC public-key cryptosystems are vulnerable to. In addition, NTRU has higher performance advantages over these cryptosystems. Considering this importance of NTRU, it is highly recommended to adopt NTRU as part of a cipher suite along with widely used cryptosystems for internet security protocols and applications. In this paper, we present our analytical study on the implementation of NTRU encryption scheme which serves as a guideline for security practitioners who are novice to lattice-based cryptography or even cryptography. In particular, we show some non-trivial issues that should be considered towards a secure and efficient NTRU implementation.
Resumo:
Background Chronic kidney disease (CKD) leads to a range of symptoms which are often under-recognised. Little is known about the full range of symptoms, particularly in who are pre-dialysis. Understanding symptom prevalence, distress, severity and frequency will help prioritise symptom management. Aims To examine symptom burden in advanced CKD (stages 4 and 5) and compare the symptom experience between those receiving dialysis or those who are pre-dialysis. Methods Using a cross-sectional design, a convenience sample of 436 people from three hospitals completed the Modified Dialysis Symptom Index (MDSI). Demographic and renal history data was also collected. Based on the 32 symptoms, we compared the prevalence, severity, distress and frequency of each symptom by treatment modality. Results Mean age was 48 years (range 18-87 years) and 53% were male. 75.5% (haemodialysis = 287; peritoneal dialysis = 42) were receiving dialysis and 24.5% (n = 107) were pre-dialysis. Overall, the mean symptom prevalence was 12.6 ± 7.9 and the most prevalent symptoms were fatigue (77%), bone or joint pain (60.3%) and itching (59.6%) across all CKD groups. The distress, severity and frequency of the symptoms were higher in the dialysis group. However, a higher frequency of psychological symptoms (worrying, feeling nervous and depression) were reported in the pre-dialysis group. Implication for clinical practice Patients with advanced CKD have a high symptom burden with those who are pre-dialysis needing greater psychological support. The MDSI could be used in nursing practice to screen patients for symptoms which could lead to timely and appropriate interventions.
Resumo:
Lattice-based cryptographic primitives are believed to offer resilience against attacks by quantum computers. We demonstrate the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, we accompany these cipher suites with a rigorous proof of security. Our approach ties lattice-based key exchange together with traditional authentication using RSA or elliptic curve digital signatures: the post-quantum key exchange provides forward secrecy against future quantum attackers, while authentication can be provided using RSA keys that are issued by today's commercial certificate authorities, smoothing the path to adoption. Our cryptographically secure implementation, aimed at the 128-bit security level, reveals that the performance price when switching from non-quantum-safe key exchange is not too high. With our R-LWE cipher suites integrated into the Open SSL library and using the Apache web server on a 2-core desktop computer, we could serve 506 RLWE-ECDSA-AES128-GCM-SHA256 HTTPS connections per second for a 10 KiB payload. Compared to elliptic curve Diffie-Hellman, this means an 8 KiB increased handshake size and a reduction in throughput of only 21%. This demonstrates that provably secure post-quantum key-exchange can already be considered practical.
Resumo:
This workshop comprised a diverse group of African construction experts, ranging far wider than RSA. Each of the attendees had attended the annual ASOCSA conference and was additionally provided with a short workshop pre-brief. The aim was to develop a view of their 15-20 year vision of construction improvement in RSA and the steps necessary to get there. These included sociological, structural, technical and process changes. Whilst some suggestions are significantly challenging, none are impossible, given sufficient collaboration between government, industry, academia and NGOs. The highest priority projects (more properly, programmes) were identified and further explored. These are: 1. Information Hub (‘Open Africa’). Aim – to utilise emerging trends in Open Data to provide a force for African unity. 2. Workforce Development. Aim – to rebuild a competent, skilled construction industry for RSA projects and for export. 3. Modular DIY Building. Aim – to accelerate the development of sustainable, cost-efficient and desirable housing for African economic immigrants and others living in makeshift and slum dwellings. Open Data is a maturing theme in different cities and governments around the world and the workshop attendees were very keen to seize such a possibility to assist in developing an environment where Africans can share information and foster collaboration. It is likely that NGOs might be keen to follow up such an initiative. There are significant developments taking place around the world in the construction sector currently, with comparatively large savings being made for taxpayers (20% plus in the UK). Not all of these changes would be easy to transplant to RSA (even more so to much of the rest of Africa). Workforce development was a keen plea amongst the attendees, who seemed concerned that expertise has leaked away and is not being replaced with sufficient intensity. It is possible today to develop modular buildings in such a way that even unskilled residents can assist in their construction, and even their appropriate design. These buildings can be sited nearly autonomously from infrastructures, thus relieving the tensions on cities and townships, whilst providing humane accommodation for the economically disadvantaged. Development of suitable solutions could either be conducted with other similarly stressed countries or developed in-country and the expertise exported. Finally, it should be pointed out that this was very much a first step. Any opportunity to collaborate from an Australian, QUT or CIB perspective would be welcomed, whilst acknowledging that the leading roles belong to RSA, CSIR, NRF, ASOCSA and the University of KwaZulu-Natal.
Resumo:
The business value of IT (BVIT) has been a prominent and central research topic in the IS discipline. Due to continuous and unpredictable technology and business changes, a more dynamic perspective on IT business value that includes organizational learning is required. We suggest that simple rules heuristics can address this challenge. The simple rules heuristics approach has been introduced by Eisenhardt and co-authors (Bingham & Eisenhardt, 2011; Bingham, Eisenhardt, & Furr, 2007; Eisenhardt & Sull, 2001) to better understand strategic decision making for capturing superabundant, heterogeneous, fastmoving opportunities. They argue that explicit organizational learning can translate accumulated experience into increasingly effective heuristics for strategic processes in highvelocity environments. We make three main contributions by exploring the suitability of a simple rules heuristics approach for the creation of IT business value: (1) we propose six types of simple rules heuristics for capturing IT-based opportunities in dynamic environments, including synergy heuristics as specifically relevant in an IT context, (2) we show how a simple rules heuristics approach can advance our understanding of dynamics and organizational learning for BVIT, and; (3) we introduce the strategic logic of opportunity to BVIT.
Resumo:
Introduction β-alanine (BAl) and NaHCO3 (SB) ingestion may provide performance benefits by enhancing concentrations of their respective physiochemical buffer counterparts, muscle carnosine and blood bicarbonate, counteracting acidosis during intense exercise. This study examined the effect of BAl and SB co-supplementation as an ergogenic strategy during high-intensity exercise. Methods Eight healthy males ingested either BAl (4.8 g day−1 for 4 weeks, increased to 6.4 g day−1 for 2 weeks) or placebo (Pl) (CaCO3) for 6 weeks, in a crossover design (6-week washout between supplements). After each chronic supplementation period participants performed two trials, each consisting of two intense exercise tests performed over consecutive days. Trials were separated by 1 week and consisted of a repeated sprint ability (RSA) test and cycling capacity test at 110 % Wmax (CCT110 %). Placebo (Pl) or SB (300 mg kgbw−1) was ingested prior to exercise in a crossover design to creating four supplement conditions (BAl-Pl, BAl-SB, Pl–Pl, Pl-SB). Results Carnosine increased in the gastrocnemius (n = 5) (p = 0.03) and soleus (n = 5) (p = 0.02) following BAl supplementation, and Pl-SB and BAl-SB ingestion elevated blood HCO3 − concentrations (p < 0.01). Although buffering capacity was elevated following both BAl and SB ingestion, performance improvement was only observed with BAl-Pl and BAl-SB increasing time to exhaustion of the CCT110 % test 14 and 16 %, respectively, compared to Pl–Pl (p < 0.01). Conclusion Supplementation of BAl and SB elevated buffering potential by increasing muscle carnosine and blood bicarbonate levels, respectively. BAl ingestion improved performance during the CCT110 %, with no aggregating effect of SB supplementation (p > 0.05). Performance was not different between treatments during the RSA test.
Resumo:
Content delivery networks (CDNs) are an essential component of modern website infrastructures: edge servers located closer to users cache content, increasing robustness and capacity while decreasing latency. However, this situation becomes complicated for HTTPS content that is to be delivered using the Transport Layer Security (TLS) protocol: the edge server must be able to carry out TLS handshakes for the cached domain. Most commercial CDNs require that the domain owner give their certificate's private key to the CDN's edge server or abandon caching of HTTPS content entirely. We examine the security and performance of a recently commercialized delegation technique in which the domain owner retains possession of their private key and splits the TLS state machine geographically with the edge server using a private key proxy service. This allows the domain owner to limit the amount of trust given to the edge server while maintaining the benefits of CDN caching. On the performance front, we find that latency is slightly worse compared to the insecure approach, but still significantly better than the domain owner serving the content directly. On the security front, we enumerate the security goals for TLS handshake proxying and identify a subtle difference between the security of RSA key transport and signed-Diffie--Hellman in TLS handshake proxying; we also discuss timing side channel resistance of the key server and the effect of TLS session resumption.
Resumo:
Current smartphones have a storage capacity of several gigabytes. More and more information is stored on mobile devices. To meet the challenge of information organization, we turn to desktop search. Users often possess multiple devices, and synchronize (subsets of) information between them. This makes file synchronization more important. This thesis presents Dessy, a desktop search and synchronization framework for mobile devices. Dessy uses desktop search techniques, such as indexing, query and index term stemming, and search relevance ranking. Dessy finds files by their content, metadata, and context information. For example, PDF files may be found by their author, subject, title, or text. EXIF data of JPEG files may be used in finding them. User–defined tags can be added to files to organize and retrieve them later. Retrieved files are ranked according to their relevance to the search query. The Dessy prototype uses the BM25 ranking function, used widely in information retrieval. Dessy provides an interface for locating files for both users and applications. Dessy is closely integrated with the Syxaw file synchronizer, which provides efficient file and metadata synchronization, optimizing network usage. Dessy supports synchronization of search results, individual files, and directory trees. It allows finding and synchronizing files that reside on remote computers, or the Internet. Dessy is designed to solve the problem of efficient mobile desktop search and synchronization, also supporting remote and Internet search. Remote searches may be carried out offline using a downloaded index, or while connected to the remote machine on a weak network. To secure user data, transmissions between the Dessy client and server are encrypted using symmetric encryption. Symmetric encryption keys are exchanged with RSA key exchange. Dessy emphasizes extensibility. Also the cryptography can be extended. Users may tag their files with context tags and control custom file metadata. Adding new indexed file types, metadata fields, ranking methods, and index types is easy. Finding files is done with virtual directories, which are views into the user’s files, browseable by regular file managers. On mobile devices, the Dessy GUI provides easy access to the search and synchronization system. This thesis includes results of Dessy synchronization and search experiments, including power usage measurements. Finally, Dessy has been designed with mobility and device constraints in mind. It requires only MIDP 2.0 Mobile Java with FileConnection support, and Java 1.5 on desktop machines.
Resumo:
A variety of applications exist for reverse saturable absorbers (RSAs) in the area of optical pulse processing and computing. An RSA can be used as power limiter/pulse smoother and energy limiter/pulse shortner of laser pulses. A combination of RSA and saturable absorber (SA) can be used for mode locking and pulse shaping between high power laser amplifiers in oscillator amplifier chain. Also, an RSA can be used for the construction of a molecular spatial light modulator (SLM) which acts as an input/output device in optical computers. A detailed review of the theoretical studies of these processes is presented. Current efforts to find RSAs at desired wavelength for testing these theoretical predictions are also discussed.
Resumo:
We propose a generic three-pass key agreement protocol that is based on a certain kind of trapdoor one-way function family. When specialized to the RSA setting, the generic protocol yields the so-called KAS2 scheme that has recently been standardized by NIST. On the other hand, when specialized to the discrete log setting, we obtain a new protocol which we call DH2. An interesting feature of DH2 is that parties can use different groups (e.g., different elliptic curves). The generic protocol also has a hybrid implementation, where one party has an RSA key pair and the other party has a discrete log key pair. The security of KAS2 and DH2 is analyzed in an appropriate modification of the extended Canetti-Krawczyk security model.
Resumo:
In this paper, we have proposed a novel certificate-less on-demand public key management (CLPKM) protocol for self-organized MANETs. The protocol works on flat network architecture, and distinguishes between authentication layer and routing layer of the network. We put an upper limit on the length of verification route and use the end-to-end trust value of a route to evaluate its strength. The end-to-end trust value is used by the protocol to select the most trusted verification route for accomplishing public key verification. Also, the protocol uses MAC function instead of RSA certificates to perform public key verification. By doing this, the protocol saves considerable computation power, bandwidth and storage space. The saved storage space is utilized by the protocol to keep a number of pre-established routes in the network nodes, which helps in reducing the average verification delay of the protocol. Analysis and simulation results confirm the effectiveness of the proposed protocol.
Self-organized public key management in MANETs with enhanced security and without certificate-chains
Resumo:
In the self-organized public key management approaches, public key verification is achieved through verification routes constituted by the transitive trust relationships among the network principals. Most of the existing approaches do not distinguish among different available verification routes. Moreover, to ensure stronger security, it is important to choose an appropriate metric to evaluate the strength of a route. Besides, all of the existing self-organized approaches use certificate-chains for achieving authentication, which are highly resource consuming. In this paper, we present a self-organized certificate-less on-demand public key management (CLPKM) protocol, which aims at providing the strongest verification routes for authentication purposes. It restricts the compromise probability for a verification route by restricting its length. Besides, we evaluate the strength of a verification route using its end-to-end trust value. The other important aspect of the protocol is that it uses a MAC function instead of RSA certificates to perform public key verifications. By doing this, the protocol saves considerable computation power, bandwidth and storage space. We have used an extended strand space model to analyze the correctness of the protocol. The analytical, simulation, and the testbed implementation results confirm the effectiveness of the proposed protocol. (c) 2014 Elsevier B.V. All rights reserved.
Resumo:
The disclosure of information and its misuse in Privacy Preserving Data Mining (PPDM) systems is a concern to the parties involved. In PPDM systems data is available amongst multiple parties collaborating to achieve cumulative mining accuracy. The vertically partitioned data available with the parties involved cannot provide accurate mining results when compared to the collaborative mining results. To overcome the privacy issue in data disclosure this paper describes a Key Distribution-Less Privacy Preserving Data Mining (KDLPPDM) system in which the publication of local association rules generated by the parties is published. The association rules are securely combined to form the combined rule set using the Commutative RSA algorithm. The combined rule sets established are used to classify or mine the data. The results discussed in this paper compare the accuracy of the rules generated using the C4. 5 based KDLPPDM system and the CS. 0 based KDLPPDM system using receiver operating characteristics curves (ROC).
Resumo:
Nonlinear optical properties (NLO) of a graphene oxide-silver (GO-Ag) nanocomposite have been investigated by the Z-scan setup at Q-switched Nd:YAG laser second harmonic radiation i.e., at 532 nm excitation in a nanosecond regime. A noteworthy enhancement in the NLO properties in the GO-Ag nanocomposite has been reported in comparison with those of the synthesized GO nanosheet. The extracted value of third order nonlinear susceptibility (chi(3)), at a peak intensity of I-0 = 0.2 GW cm(-2), for GO-Ag has been found to be 2.8 times larger than that of GO. The enhancement in NLO properties in the GO-Ag nanocomposite may be attributed to the complex energy band structures formed during the synthesis which promote resonant transition to the conduction band via surface plasmon resonance (SPR) at low laser intensities and excited state transition (ESA) to the conduction band of GO at higher intensities. Along with this photogenerated charge carriers in the conduction band of silver or the increase in defect states during the formation of the GO-Ag nanocomposite may contribute to ESA. Open aperture Z-scan measurement indicates reverse saturable absorption (RSA) behavior of the synthesized nanocomposite which is a clear indication of the optical limiting (OL) ability of the nanocomposite.
