315 resultados para signing
Resumo:
One-time proxy signatures are one-time signatures for which a primary signer can delegate his or her signing capability to a proxy signer. In this work we propose two one-time proxy signature schemes with different security properties. Unlike other existing one-time proxy signatures that are constructed from public key cryptography, our proposed schemes are based one-way functions without trapdoors and so they inherit the communication and computation efficiency from the traditional one-time signatures. Although from a verifier point of view, signatures generated by the proxy are indistinguishable from those created by the primary signer, a trusted authority can be equipped with an algorithm that allows the authority to settle disputes between the signers. In our constructions, we use a combination of one-time signatures, oblivious transfer protocols and certain combinatorial objects. We characterise these new combinatorial objects and present constructions for them.
Efficient extension of standard Schnorr/RSA signatures into Universal Designated-Verifier Signatures
Resumo:
Universal Designated-Verifier Signature (UDVS) schemes are digital signature schemes with additional functionality which allows any holder of a signature to designate the signature to any desired designated-verifier such that the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. Since UDVS schemes reduce to standard signatures when no verifier designation is performed, it is natural to ask how to extend the classical Schnorr or RSA signature schemes into UDVS schemes, so that the existing key generation and signing implementation infrastructure for these schemes can be used without modification. We show how this can be efficiently achieved, and provide proofs of security for our schemes in the random oracle model.
Resumo:
A parallel authentication and public-key encryption is introduced and exemplified on joint encryption and signing which compares favorably with sequential Encrypt-then-Sign (ɛtS) or Sign-then-Encrypt (Stɛ) schemes as far as both efficiency and security are concerned. A security model for signcryption, and thus joint encryption and signing, has been recently defined which considers possible attacks and security goals. Such a scheme is considered secure if the encryption part guarantees indistinguishability and the signature part prevents existential forgeries, for outsider but also insider adversaries. We propose two schemes of parallel signcryption, which are efficient alternative to Commit-then-Sign-and- Encrypt (Ct&G3&S). They are both provably secure in the random oracle model. The first one, called generic parallel encrypt and sign, is secure if the encryption scheme is semantically secure against chosen-ciphertext attacks and the signature scheme prevents existential forgeries against random-message attacks. The second scheme, called optimal parallel encrypt. and sign, applies random oracles similar to the OAEP technique in order to achieve security using encryption and signature components with very weak security requirements — encryption is expected to be one-way under chosen-plaintext attacks while signature needs to be secure against universal forgeries under random-plaintext attack, that is actually the case for both the plain-RSA encryption and signature under the usual RSA assumption. Both proposals are generic in the sense that any suitable encryption and signature schemes (i.e. which simply achieve required security) can be used. Furthermore they allow both parallel encryption and signing, as well as parallel decryption and verification. Properties of parallel encrypt and sign schemes are considered and a new security standard for parallel signcryption is proposed.
Resumo:
We present a novel implementation of the threshold RSA. Our solution is conceptually simple, and leads to an easy design of the system. The signing key is shared in additive form, which is desirable for collaboratively performing cryptographic transformations, and its size, at all times, is logn, where n is the RSA modulus. That is, the system is ideal.
Resumo:
Motivated by privacy issues associated with dissemination of signed digital certificates, we define a new type of signature scheme called a ‘Universal Designated-Verifier Signature’ (UDVS). A UDVS scheme can function as a standard publicly-verifiable digital signature but has additional functionality which allows any holder of a signature (not necessarily the signer) to designate the signature to any desired designated-verifier (using the verifier’s public key). Given the designated-signature, the designated-verifier can verify that the message was signed by the signer, but is unable to convince anyone else of this fact. We propose an efficient deterministic UDVS scheme constructed using any bilinear group-pair. Our UDVS scheme functions as a standard Boneh-Lynn-Shacham (BLS) signature when no verifier-designation is performed, and is therefore compatible with the key-generation, signing and verifying algorithms of the BLS scheme. We prove that our UDVS scheme is secure in the sense of our unforgeability and privacy notions for UDVS schemes, under the Bilinear Diffie-Hellman (BDH) assumption for the underlying group-pair, in the random-oracle model. We also demonstrate a general constructive equivalence between a class of unforgeable and unconditionally-private UDVS schemes having unique signatures (which includes the deterministic UDVS schemes) and a class of ID-Based Encryption (IBE) schemes which contains the Boneh-Franklin IBE scheme but not the Cocks IBE scheme.
Resumo:
This study quantifies the motivators and barriers to bikeshare program usage in Australia. An online survey was administered to a sample of annual members of Australia’s two bikeshare programs based in Brisbane and Melbourne, to assess motivations for joining the schemes. Non-members of the programs were also sampled in order to identify current barriers to joining bikeshare. Spatial analysis from Brisbane revealed residential and work locations of non-members were more geographically dispersed than for bikeshare members. An analysis of bikeshare usage in Melbourne showed a strong relationship between docking stations in areas with relatively less accessible public transit opportunities. The most influential barriers to bikeshare use related to motorized travel being too convenient and docking stations not being sufficiently close to home, work and other frequented destinations. The findings suggest that bikeshare programs may attract increased membership by ensuring travel times are competitive with motorized travel, for example through efficient bicycle routing and priority progression and, by expanding docking station locations, and by increasing the level of convenience associated with scheme use. Convenience considerations may include strategic location of docking stations, ease of signing up and integration with public transport.
Resumo:
The Secure Shell (SSH) protocol is widely used to provide secure remote access to servers, making it among the most important security protocols on the Internet. We show that the signed-Diffie--Hellman SSH ciphersuites of the SSH protocol are secure: each is a secure authenticated and confidential channel establishment (ACCE) protocol, the same security definition now used to describe the security of Transport Layer Security (TLS) ciphersuites. While the ACCE definition suffices to describe the security of individual ciphersuites, it does not cover the case where parties use the same long-term key with many different ciphersuites: it is common in practice for the server to use the same signing key with both finite field and elliptic curve Diffie--Hellman, for example. While TLS is vulnerable to attack in this case, we show that SSH is secure even when the same signing key is used across multiple ciphersuites. We introduce a new generic multi-ciphersuite composition framework to achieve this result in a black-box way.
Resumo:
Society is increasingly calling for professionals across government, industry, business and civil society to be able to problem-solve issues related to climate change and sustainable development as part of their work. In particular there is an emerging realisation of the fundamental need to swiftly reduce the growing demand for energy across society, and to then meet the demand with low emissions options. A key ingredient to addressing such issues is equipping professionals with emerging knowledge and skills to address energy challenges in all aspects of their work. The Council of Australian Governments has recognised this need, signing the National Partnership Agreement on Energy Efficiency in July 2009, which included a commitment to assist business and industry obtain the knowledge, skills and capacity to pursue cost-effective energy efficiency opportunities.2 Engineering will play a critical part among the professions, with Engineers Australia acknowledging that, ‘The need to make changes in the way energy is used and supplied throughout the world represents the greatest challenge to engineers in moving toward sustainability.’
Resumo:
This paper addresses the development of trust in the use of Open Data through incorporation of appropriate authentication and integrity parameters for use by end user Open Data application developers in an architecture for trustworthy Open Data Services. The advantages of this architecture scheme is that it is far more scalable, not another certificate-based hierarchy that has problems with certificate revocation management. With the use of a Public File, if the key is compromised: it is a simple matter of the single responsible entity replacing the key pair with a new one and re-performing the data file signing process. Under this proposed architecture, the the Open Data environment does not interfere with the internal security schemes that might be employed by the entity. However, this architecture incorporates, when needed, parameters from the entity, e.g. person who authorized publishing as Open Data, at the time that datasets are created/added.
Resumo:
The future of civic engagement is characterised by both technological innovation as well as new technological user practices that are fuelled by trends towards mobile, personal devices; broadband connectivity; open data; urban interfaces; and, cloud computing. These technology trends are progressing at a rapid pace, and have led global technology vendors to package and sell the ‘Smart City’ as a centralized service delivery platform predicted to optimize and enhance cities’ key performance indicators – and generate a profitable market. The top-down deployment of these large and proprietary technology platforms have helped sectors such as energy, transport, and healthcare to increase efficiencies. However, an increasing number of scholars and commentators warn of another ‘IT bubble’ emerging. Along with some city leaders, they argue that the top-down approach does not fit the governance dynamics and values of a liberal democracy when applied across sectors. A thorough understanding is required, of the socio-cultural nuances of how people work, live, play across different environments, and how they employ social media and mobile devices to interact with, engage in, and constitute public realms. Although the term ‘slacktivism’ is sometimes used to denote a watered down version of civic engagement and activism that is reduced to clicking a ‘Like’ button and signing online petitions, we believe that we are far from witnessing another Biedermeier period that saw people focus on the domestic and the non-political. There is plenty of evidence to the contrary, such as post-election violence in Kenya in 2008, the Occupy movements in New York, Hong Kong and elsewhere, the Arab Spring, Stuttgart 21, Fukushima, the Taksim Gezi Park in Istanbul, and the Vinegar Movement in Brazil in 2013. These examples of civic action shape the dynamics of governments, and in turn, call for new processes to be incorporated into governance structures. Participatory research into these new processes across the triad of people, place and technology is a significant and timely investment to foster productive, sustainable, and livable human habitats. With this chapter, we want to reframe the current debates in academia and priorities in industry and government to allow citizens and civic actors to take their rightful centerpiece place in civic movements. This calls for new participatory approaches for co-inquiry and co-design. It is an evolving process with an explicit agenda to facilitate change, and we propose participatory action research (PAR) as an indispensable component in the journey to develop new governance infrastructures and practices for civic engagement. This chapter proposes participatory action research as a useful and fitting research paradigm to guide methodological considerations surrounding the study, design, development, and evaluation of civic technologies. We do not limit our definition of civic technologies to tools specifically designed to simply enhance government and governance, such as renewing your car registration online or casting your vote electronically on election day. Rather, we are interested in civic media and technologies that foster citizen engagement in the widest sense, and particularly the participatory design of such civic technologies that strive to involve citizens in political debate and action as well as question conventional approaches to political issues (DiSalvo, 2012; Dourish, 2010; Foth et al., 2013). Following an outline of some underlying principles and assumptions behind participatory action research, especially as it applies to cities, we will critically review case studies to illustrate the application of this approach with a view to engender robust, inclusive, and dynamic societies built on the principles of engaged liberal democracy. The rationale for this approach is an alternative to smart cities in a ‘perpetual tomorrow,’ (cf. e.g. Dourish & Bell, 2011), based on many weak and strong signals of civic actions revolving around technology seen today. It seeks to emphasize and direct attention to active citizenry over passive consumerism, human actors over human factors, culture over infrastructure, and prosperity over efficiency. First, we will have a look at some fundamental issues arising from applying simplistic smart city visions to the kind of a problem a city is (cf. Jacobs, 1961). We focus on the touch points between “the city” and its civic body, the citizens. In order to provide for meaningful civic engagement, the city must provide appropriate interfaces.
Resumo:
Email is rapidly replacing other forms of communication as the preferred means of communication between contracting parties. The recent decision of Stellard Pty Ltd v North Queensland Fuel Pty Ltd [2015] QSC 119 reinforces the judicial acceptance of email as an effective means of creating a binding agreement and the willingness to adopt a liberal concept of ‘signing’ in an electronic environment.
Resumo:
The object of this study was to find out which factors made landowners interested in From Sea to Forest co-operation network. Co-operation networks protect biodiversity across boundaries and among groups of landowners with different kind of protection contracts. The social effects of From Sea to Forest - project are studied by analyzing the experience of co-operation and trust. Furthermore the possibility to influence decision making when choosing the pilot areas and doing the contracts was surveyed. Economical effects are estimated for those landowners, who signed a protection contract for ten years. The study is part of The Finnish Forest Research Institute s Ecological considerations in landscape-level collaborative planning of private forestry project. The material of the study comprises 13 interviews done in January 2006; seven interviewed were landowners and six forest professionals. The interviews were transcripted and analyzed with Atlas.ti programme. The economical effects were estimated with MOTTI forest simulation programme. From Sea to Forest project interested the landowners for similar reasons: the voluntariness of participation, compensation, fixed-term contracts and the possibility to protect forests so that the proprietary right remains. It was possible to form four different groups of interviewed landowners according to trust: networkers , opportunists , carefuls and selfemployed . Only in the group of opportunists the project created so much trust that a significant increase of interest to participate in the project was noticed. In all the other groups the project didn t create remarkable trust, so trust didn t have an effect on landowners decisions to participate. Other factors, like compensation and voluntariness were decisive for their interest to participate. From Sea to Forest project wasn t a network based on landowners co-operation, the communication was directly with the project worker. The effects on landowners income by signing a ten year ´Natural value trading´ -contract was analyzed by comparing the protection income with predicted forestry income in case that the protection contract wouldn t have been agreed on. For two landowners there was no suggested forestry work within ten years, so their protection income might be an additional income, if they decided to log their forests later. For three landowners delayed thinning of the sapling stand would cause income losses in the future, if they decided to move to active forestry after ten years of protection. For eight landowners the effect of protection is positive to income if they moved to active forestry after the ten years protection period. This occurred, because the tree stand is now mature for final felling on behalf of its age, but ten more years of growth increase the net present value. Longer term protection might diminish the net present value. The protection was profitable because hectare specific forestry income grew compared to forestry cutting plan income.
Resumo:
Employees and students in University of Helsinki use various services which require authentication. Some of these services require strong authentication. Traditionally this has been realized by meeting in person and presenting an official identification card. Some of these online services can be automatized by implementing existing techniques for strong authentication. Currently strong authentication is implemented by VETUMA-service. Mobile authentication is interesting alternative method. The purpose of this paper is to study the Mobile Signature Service technology and to find out the benefits and possibilities of its use for mobile authentication in University of Helsinki. Mobile authentication is suitable method for implementing strong authentication and for signing documents digitally. Mobile authentication can be used in many different ways in Helsinki university.
Resumo:
Background and Aims Considerable variation has been documented with fleet safety interventions’ abilities to create lasting behavioural change, and research has neglected to consider employees’ perceptions regarding the effectiveness of fleet interventions. This is a critical oversight as employees’ beliefs and acceptance levels (as well as the perceived organisational commitment to safety) can ultimately influence levels of effectiveness, and this study aimed to examine such perceptions in Australian fleet settings. Method 679 employees sourced from four Australian organisations completed a safety climate questionnaire as well as provided perspectives about the effectiveness of 35 different safety initiatives. Results Countermeasures that were perceived as most effective were a mix of human and engineering-based approaches: - (a) purchasing safer vehicles; - (b) investigating serious vehicle incidents, and; - (c) practical driver skills training. In contrast, least effective countermeasures were considered to be: - (a) signing a promise card; - (b) advertising a company’s phone number on the back of cars for complaints and compliments, and; - (c) communicating cost benefits of road safety to employees. No significant differences in employee perceptions were identified based on age, gender, employees’ self-reported crash involvement or employees’ self-reported traffic infringement history. Perceptions of safety climate were identified to be “moderate” but were not linked to self-reported crash or traffic infringement history. However, higher levels of safety climate were positively correlated with perceived effectiveness of some interventions. Conclusion Taken together, employees believed occupational road safety risks could best be managed by the employer by implementing a combination of engineering and human resource initiatives to enhance road safety. This paper will further outline the key findings in regards to practice as well as provide direction for future research.
Resumo:
The future of civic engagement is characterised by both technological innovation as well as new technological user practices that are fuelled by trends towards mobile, personal devices; broadband connectivity; open data; urban interfaces; and cloud computing. These technology trends are progressing at a rapid pace, and have led global technology vendors to package and sell the “Smart City” as a centralised service delivery platform predicted to optimise and enhance cities’ key performance indicators – and generate a profitable market. The top-down deployment of these large and proprietary technology platforms have helped sectors such as energy, transport, and healthcare to increase efficiencies. However, an increasing number of scholars and commentators warn of another “IT bubble” emerging. Along with some city leaders, they argue that the top-down approach does not fit the governance dynamics and values of a liberal democracy when applied across sectors. A thorough understanding is required, of the socio-cultural nuances of how people work, live, play across different environments, and how they employ social media and mobile devices to interact with, engage in, and constitute public realms. Although the term “slacktivism” is sometimes used to denote a watered down version of civic engagement and activism that is reduced to clicking a “Like” button and signing online petitions, we believe that we are far from witnessing another Biedermeier period that saw people focus on the domestic and the non-political. There is plenty of evidence to the contrary, such as post-election violence in Kenya in 2008, the Occupy movements in New York, Hong Kong and elsewhere, the Arab Spring, Stuttgart 21, Fukushima, the Taksim Gezi Park in Istanbul, and the Vinegar Movement in Brazil in 2013. These examples of civic action shape the dynamics of governments, and in turn, call for new processes to be incorporated into governance structures. Participatory research into these new processes across the triad of people, place and technology is a significant and timely investment to foster productive, sustainable, and liveable human habitats. With this article, we want to reframe the current debates in academia and priorities in industry and government to allow citizens and civic actors to take their rightful centrepiece place in civic movements. This calls for new participatory approaches for co-inquiry and co-design. It is an evolving process with an explicit agenda to facilitate change, and we propose participatory action research (PAR) as an indispensable component in the journey to develop new governance infrastructures and practices for civic engagement. We do not limit our definition of civic technologies to tools specifically designed to simply enhance government and governance, such as renewing your car registration online or casting your vote electronically on election day. Rather, we are interested in civic media and technologies that foster citizen engagement in the widest sense, and particularly the participatory design of such civic technologies that strive to involve citizens in political debate and action as well as question conventional approaches to political issues. The rationale for this approach is an alternative to smart cities in a “perpetual tomorrow,” based on many weak and strong signals of civic actions revolving around technology seen today. It seeks to emphasise and direct attention to active citizenry over passive consumerism, human actors over human factors, culture over infrastructure, and prosperity over efficiency. First, we will have a look at some fundamental issues arising from applying simplistic smart city visions to the kind of a problem a city poses. We focus on the touch points between “the city” and its civic body, the citizens. In order to provide for meaningful civic engagement, the city must provide appropriate interfaces.
