72,057 research outputs found
Interleaving Command Sequences: a Threat to Secure Smartcard Interoperability
The increasingly widespread use of smartcards for a variety of sensitive
applications, including digital signatures, creates the need to ensure and
possibly certify the secure interoperability of these devices. Standard
certification criteria, in particular the Common Criteria, define security
requirements but do not sufficiently address the problem of interoperability.
Here we consider the interoperability problem which arises when various
applications interact with different smartcards through a middleware. In such a
situation it is possible that a smartcard of type S receives commands that were
supposed to be executed on a different smartcard of type S'. Such "external
commands" can interleave with the commands that were supposed to be executed on
S. We experimentally demonstrate this problem with a Common Criteria certified
digital signature process on a commercially available smartcard. Importantly,
in some of these cases the digital signature processes terminate without
generating an error message or warning to the user.Comment: 6 pages; published in the 10th WSEAS International Conference on
Information Security and Privacy (ISP 2011
Cryptanalysis and Modification of an Improved Self-Certified Digital Signature Scheme with Message Recovery
Digital signature plays a key role in bringing authenticity to cryptographic communications. A signature scheme with message recovery has two characteristics. The public key of the signer can be authenticated while verifying the signature, and the receiver is able to obtain the message. In 2013, Wu and Xu presented a self-certified digital signature scheme with message recovery by combining the two concepts of digital signature with message recovery and self-certified public key. They also claimed that their scheme provides provable security against man-in-the-middle attack, forgery attack, and message leakage. This paper first reviews the scheme of Wu and Xu, and then presents an insider forgery attack to this scheme. It will be shown that this scheme is not secure against insider forgery attack. A modification is proposed in order to overcome this weakness
Strong proxy signature scheme with proxy signer privacy protection.
by Shum Kwan.Thesis (M.Phil.)--Chinese University of Hong Kong, 2002.Includes bibliographical references (leaves 30-32).Abstracts in English and Chinese.Acknowledgement --- p.iiAbstract --- p.iiiâ–¡ â–¡ --- p.ivChapter 1 . --- Introduction --- p.1Chapter 1.1 --- Introduction to topic --- p.1Chapter 1.2 --- What is proxy signature? --- p.2Chapter 1.3 --- Terminologies in proxy signature --- p.2Chapter 1.4 --- Levels of delegation --- p.3Chapter 1.5 --- Previous work on Proxy Signature --- p.4Chapter 1.6 --- Our Contributions --- p.4Chapter 1.7 --- Thesis Organization --- p.4Chapter 2. --- Backgroun d --- p.6Chapter 2.1 --- Digital Signature --- p.6Chapter 2.2 --- Digital Certificate and CA --- p.6Chapter 2.3 --- Hash Functions --- p.7Chapter 2.4 --- Bit commitment --- p.7Chapter 3. --- Brief introduction to Our Result --- p.8Chapter 3.1 --- A Proxy Signature Scheme with Proxy Signer Privacy Protection --- p.8Chapter 3.2 --- Applications of Proxy Signature --- p.9Chapter 4. --- Detail Explanation of Certified Alias and its Application on Proxy Signature --- p.10Chapter 4.1 --- Introduction --- p.10Chapter 4.2 --- Protecting Signer Privacy Using Certified Alias Definition 4.2.3 --- p.10Chapter 4.3 --- Constructing Proxy signature Scheme by Consecutive Execution of Cryptographic Primitives (Scheme CE) --- p.11Chapter 4.4 --- Constructing Proxy signature Scheme by Direct Form Equations (Scheme DF) --- p.15Chapter 4.5 --- Comparison between scheme CE and scheme DF --- p.19Chapter 4.6 --- Chapter Summary --- p.20Chapter 5 . --- Applications of Proxy Signature with Proxy Signer Privacy Protection --- p.21Chapter 5.1 --- Secure Mobile agent Signature with Itinerary Privacy --- p.21Chapter 5.1.1 --- Introduction to Mobile Agent --- p.21Chapter 5.1.2 --- "Review on Lee, et al. strong non-designated proxy signature scheme for mobile agents" --- p.21Chapter 5.1.3 --- Constructing Signature scheme for Mobile Agent using Proxy signature with Proxy Signer Privacy Protection --- p.22Chapter 5.1.4 --- Remarks --- p.23Chapter 5.2 --- Group Signature with Unlimited Group Size --- p.24Chapter 5.2.1 --- Introduction to group signature --- p.24Chapter 5.2.2 --- Constructing group signature scheme using certified alias --- p.24Chapter 5.2.4 --- Remarks --- p.26Chapter 5.3 --- Chapter Summary --- p.27Chapter 6. --- Conclusions --- p.28Appendix: Paper derived from this thesis --- p.29Bibliography --- p.3
RHyTHM: A Randomized Hybrid Scheme To Hide in the Mobile Crowd
Any on-demand pseudonym acquisition strategy is problematic should the
connectivity to the credential management infrastructure be intermittent. If a
vehicle runs out of pseudonyms with no connectivity to refill its pseudonym
pool, one solution is the on-the-fly generation of pseudonyms, e.g., leveraging
anonymous authentication. However, such a vehicle would stand out in the crowd:
one can simply distinguish pseudonyms, thus signed messages, based on the
pseudonym issuer signature, link them and track the vehicle. To address this
challenge, we propose a randomized hybrid scheme, RHyTHM, to enable vehicles to
remain operational when disconnected without compromising privacy: vehicles
with valid pseudonyms help others to enhance their privacy by randomly joining
them in using on-the-fly self-certified pseudonyms along with aligned
lifetimes. This way, the privacy of disconnected users is enhanced with a
reasonable computational overhead.Comment: 4 pages, 4 figures, IEEE Vehicular Networking Conference (VNC),
November 27-29, 2017, Torino, Ital
A Mediated Definite Delegation Model allowing for Certified Grid Job Submission
Grid computing infrastructures need to provide traceability and accounting of
their users" activity and protection against misuse and privilege escalation. A
central aspect of multi-user Grid job environments is the necessary delegation
of privileges in the course of a job submission. With respect to these generic
requirements this document describes an improved handling of multi-user Grid
jobs in the ALICE ("A Large Ion Collider Experiment") Grid Services. A security
analysis of the ALICE Grid job model is presented with derived security
objectives, followed by a discussion of existing approaches of unrestricted
delegation based on X.509 proxy certificates and the Grid middleware gLExec.
Unrestricted delegation has severe security consequences and limitations, most
importantly allowing for identity theft and forgery of delegated assignments.
These limitations are discussed and formulated, both in general and with
respect to an adoption in line with multi-user Grid jobs. Based on the
architecture of the ALICE Grid Services, a new general model of mediated
definite delegation is developed and formulated, allowing a broker to assign
context-sensitive user privileges to agents. The model provides strong
accountability and long- term traceability. A prototype implementation allowing
for certified Grid jobs is presented including a potential interaction with
gLExec. The achieved improvements regarding system security, malicious job
exploitation, identity protection, and accountability are emphasized, followed
by a discussion of non- repudiation in the face of malicious Grid jobs
- …