Quantum one-time programs

A one-time program is a hypothetical device by which a user may evaluate a circuit on exactly one input of his choice, before the device self-destructs. One-time programs cannot be achieved by software alone, as any software can be copied and re-run. However, it is known that every circuit can be compiled into a one-time program using a very basic hypothetical hardware device called a one-time memory. At first glance it may seem that quantum information, which cannot be copied, might also allow for one-time programs. But it is not hard to see that this intuition is false: one-time programs for classical or quantum circuits based solely on quantum information do not exist, even with computational assumptions. This observation raises the question, "what assumptions are required to achieve one-time programs for quantum circuits?" Our main result is that any quantum circuit can be compiled into a one-time program assuming only the same basic one-time memory devices used for classical circuits. Moreover, these quantum one-time programs achieve statistical universal composability (UC-security) against any malicious user. Our construction employs methods for computation on authenticated quantum data, and we present a new quantum authentication scheme called the trap scheme for this purpose. As a corollary, we establish UC-security of a recent protocol for delegated quantum computation.

Termination of real-time programs: Definitely, definitely not, or maybe

Real-time control programs are often used in contexts where (conceptually) they run forever. Repetitions within such programs (or their specifications) may either (i) be guaranteed to terminate, (ii) be guaranteed to never terminate (loop forever), or (iii) may possibly terminate. In dealing with real-time programs and their specifications, we need to be able to represent these possibilities, and define suitable refinement orderings. A refinement ordering based on Dijkstra's weakest precondition only copes with the first alternative. Weakest liberal preconditions allow one to constrain behaviour provided the program terminates, which copes with the third alternative to some extent. However, neither of these handles the case when a program does not terminate. To handle this case a refinement ordering based on relational semantics can be used. In this paper we explore these issues and the definition of loops for real-time programs as well as corresponding refinement laws.

One-time-password-authenticated key exchange

To reduce the damage of phishing and spyware attacks, banks, governments, and other security-sensitive industries are deploying one-time password systems, where users have many passwords and use each password only once. If a single password is compromised, it can be only be used to impersonate the user once, limiting the damage caused. However, existing practical approaches to one-time passwords have been susceptible to sophisticated phishing attacks. ---------- We give a formal security treatment of this important practical problem. We consider the use of one-time passwords in the context of password-authenticated key exchange (PAKE), which allows for mutual authentication, session key agreement, and resistance to phishing attacks. We describe a security model for the use of one-time passwords, explicitly considering the compromise of past (and future) one-time passwords, and show a general technique for building a secure one-time-PAKE protocol from any secure PAKE protocol. Our techniques also allow for the secure use of pseudorandomly generated and time-dependent passwords.

Identity management : strengthening one-time password authentication through usability

Usability in HCI (Human-Computer Interaction) is normally understood as the simplicity and clarity with which the interaction with a computer program or a web site is designed. Identity management systems need to provide adequate usability and should have a simple and intuitive interface. The system should not only be designed to satisfy service provider requirements but it has to consider user requirements, otherwise it will lead to inconvenience and poor usability for users when managing their identities. With poor usability and a poor user interface with regard to security, it is highly likely that the system will have poor security. The rapid growth in the number of online services leads to an increasing number of different digital identities each user needs to manage. As a result, many people feel overloaded with credentials, which in turn negatively impacts their ability to manage them securely. Passwords are perhaps the most common type of credential used today. To avoid the tedious task of remembering difficult passwords, users often behave less securely by using low entropy and weak passwords. Weak passwords and bad password habits represent security threats to online services. Some solutions have been developed to eliminate the need for users to create and manage passwords. A typical solution is based on generating one-time passwords, i.e. passwords for single session or transaction usage. Unfortunately, most of these solutions do not satisfy scalability and/or usability requirements, or they are simply insecure. In this thesis, the security and usability aspects of contemporary methods for authentication based on one-time passwords (OTP) are examined and analyzed. In addition, more scalable solutions that provide a good user experience while at the same time preserving strong security are proposed.

Stepwise refinement of interrupt-driven real-time programs

Embedded real-time programs rely on external interrupts to respond to events in their physical environment in a timely fashion. Formal program verification theories, such as the refinement calculus, are intended for development of sequential, block-structured code and do not allow for asynchronous control constructs such as interrupt service routines. In this article we extend the refinement calculus to support formal development of interrupt-dependent programs. To do this we: use a timed semantics, to support reasoning about the occurrence of interrupts within bounded time intervals; introduce a restricted form of concurrency, to model composition of interrupt service routines with the main program they may preempt; introduce a semantics for shared variables, to model contention for variables accessed by both interrupt service routines and the main program; and use real-time scheduling theory to discharge timing requirements on interruptible program code.

Free for all : a case study examining implementation factors of one-to-one device programs

Despite significant investment in school one-to-one device programs, little is known about which aspects of program implementation work and why. Through a comparison of two implementation models, adopter-diffusion and saturation, and using existing data from the One Laptop per Child Australia laptop program, we explored how factors of implementation may affect device diffusion, learning and educational outcomes, and program sustainability in schools. In this article we argue that more focused research into implementation of one-to-one device programs, moving beyond comparisons of “devices versus without devices,” is needed to provide reliable data to inform future program funding and advance this area of research.

Efficient one-time proxy signatures

One-time proxy signatures are one-time signatures for which a primary signer can delegate his or her signing capability to a proxy signer. In this work we propose two one-time proxy signature schemes with different security properties. Unlike other existing one-time proxy signatures that are constructed from public key cryptography, our proposed schemes are based one-way functions without trapdoors and so they inherit the communication and computation efficiency from the traditional one-time signatures. Although from a verifier point of view, signatures generated by the proxy are indistinguishable from those created by the primary signer, a trusted authority can be equipped with an algorithm that allows the authority to settle disputes between the signers. In our constructions, we use a combination of one-time signatures, oblivious transfer protocols and certain combinatorial objects. We characterise these new combinatorial objects and present constructions for them.

Zero knowledge one time digital signature scheme

In many applications, when communicating with a host, we may or may not be concerned about the privacy of the data but are mainly concerned about the integrity of data being transmitted. This paper presents a simple algorithm based on zero knowledge proof by which the receiver can confirm the integrity of data without the sender having to send the digital signature of the message directly. Also, if the same document is sent across by the same user multiple times, this scheme results in different digital signature each time thus making it a practical one-time signature scheme.

The motion and the core structure of a geostrophic vortex - one-time scale inner solution and the motion of the vortex

By means of the matched asymptotic expansion method with one-time scale analysis we have shown that the inviscid geostrophic vortex solution represents our leading solution away from the vortex. Near the vortex there is a viscous core structure, with the length scale O(a). In the core the viscous stresses (or turbulent stresses) are important, the variations of the velocity and the equivalent height are finite and dependent of time. It also has been shown that the leading inner solutions of the core structure are the same for two different time scales of S/(ghoo)1/2 and S/a (ghoo)1/2. Within the accuracy of O(a) the velocity of a geostrophic vortex center is equal to the velocity of the local background flow, where the vortex is located, in the absence of the vortex. Some numerical examples demonstrate the contributions of these results.

an integrity assurance mechanism for run-time programs

Chinese Assoc Cryptol Res, State Key Lab Informat Secur, Inst Software, Grad Univ Chinese Acad Sci, Natl Nat Sci Fdn China

Letters on the currency : addressed to Charles Wood, Esq. M.P. (Chairman of the Committee of the House of Commons, now sitting,) ascertaining for the first time, on true principles, the amount of inland and foreign bills of exchange, in circulation for several consecutive years, and out at one time : also, defending country bankers from the charge made against them in the work of S. Jones Loyd, Esq. : and giving unanswerable reasons why the notes of a bank of issue should not be substituted for the circulation of country bankers /

Goldsmiths'-Kress no. 31555.

The sword of the old frontier : a tale of Fort Chartres and Detroit : being a plain account of sundry adventures befalling Chevalier Raoul de Coubert, one time captain in the Hussars of Languedoc, during the year 1763 /

Mode of access: Internet.

"My merry Rockhurst"; being some episodes in the life of Viscount Rockhurst, a friend of King Charles the Second, and at one time constable of His Majesty's tower of London,

Mode of access: Internet.

A theory for execution-time derivation in real-time programs

We provide an abstract command language for real-time programs and outline how a partial correctness semantics can be used to compute execution times. The notions of a timed command, refinement of a timed command, the command traversal condition, and the worst-case and best-case execution time of a command are formally introduced and investigated with the help of an underlying weakest liberal precondition semantics. The central result is a theory for the computation of worst-case and best-case execution times from the underlying semantics based on supremum and infimum calculations. The framework is applied to the analysis of a message transmitter program and its implementation. (c) 2005 Elsevier B.V. All rights reserved.