385 research outputs found
Design and Analysis of Opaque Signatures
Digital signatures were introduced to guarantee the authenticity and integrity of the underlying messages. A digital signature scheme comprises the key generation, the signature, and the verification algorithms. The key generation algorithm creates the signing and the verifying keys, called also the signer’s private and public keys respectively. The signature algorithm, which is run by the signer, produces a signature on the input message. Finally, the verification algorithm, run by anyone who knows the signer’s public key, checks whether a purported signature on some message is valid or not. The last property, namely the universal verification of digital signatures is undesirable in situations where the signed data is commercially or personally sensitive. Therefore, mechanisms which share most properties with digital signatures except for the universal verification were invented to respond to the aforementioned need; we call such mechanisms “opaque signatures”. In this thesis, we study the signatures where the verification cannot be achieved without the cooperation of a specific entity, namely the signer in case of undeniable signatures, or the confirmer in case of confirmer signatures; we make three main contributions. We first study the relationship between two security properties important for public key encryption, namely data privacy and key privacy. Our study is motivated by the fact that opaque signatures involve always an encryption layer that ensures their opacity. The properties required for this encryption vary according to whether we want to protect the identity (i.e. the key) of the signer or hide the validity of the signature. Therefore, it would be convenient to use existing work about the encryption scheme in order to derive one notion from the other. Next, we delve into the generic constructions of confirmer signatures from basic cryptographic primitives, e.g. digital signatures, encryption, or commitment schemes. In fact, generic constructions give easy-to-understand and easy-to-prove schemes, however, this convenience is often achieved at the expense of efficiency. In this contribution, which constitutes the core of this thesis, we first analyze the already existing constructions; our study concludes that the popular generic constructions of confirmer signatures necessitate strong security assumptions on the building blocks, which impacts negatively the efficiency of the resulting signatures. Next, we show that a small change in these constructionsmakes these assumptions drop drastically, allowing as a result constructions with instantiations that compete with the dedicated realizations of these signatures. Finally, we revisit two early undeniable signatures which were proposed with a conjectural security. We disprove the claimed security of the first scheme, and we provide a fix to it in order to achieve strong security properties. Next, we upgrade the second scheme so that it supports a iii desirable feature, and we provide a formal security treatment of the new scheme: we prove that it is secure assuming new reasonable assumptions on the underlying constituents
Pseudonym systems
Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1999.Includes bibliographical references (p. 50-52).by Anna Lysyanskaya.S.M
Short-lived signatures
A short-lived signature is a digital signature with one distinguishing feature: with the passage of time, the validity of the signature dissipates to the point where valid signatures are no longer distinguishable from simulated forgeries (but the signing key remains secure and reusable). This dissipation happens "naturally" after signing a message and does not require further involvement from the signer, verifi�er, or a third party. This thesis introduces several constructions built from sigma protocols and proof of work algorithms and a framework by which to evaluate future constructions. We also describe some applications of short-lived signatures and proofs in the domains of secure messaging and voting
20th Annual Conference on Legal Issues for Financial Institutions
Program and materials from the 20th Annual Legal Issues for Financial Institutions Conference held by UK/CLE in April of 2000
Contributions to secret sharing and other distributed cryptosystems
The present thesis deals with primitives related to the eld of distributed cryptography. First, we study signcryption schemes, which provide at the same time the functionalities of encryption and signature, where the unsigncryption operation is distributed. We consider this primitive from a theoretical point of view and set a security framework for it. Then, we present two signcryption schemes with threshold unsigncryption, with di erent properties. Furthermore, we use their authenticity property to apply them in the development of a di erent primitive: digital signatures with distributed veri cation. The second block of the thesis deals with the primitive of multi-secret sharing schemes. After stating some e ciency limitations of multi-secret sharing schemes in an information-theoretic scenario, we present several
multi-secret sharing schemes with provable computational security. Finally, we use the results in multi-secret sharing schemes to generalize the traditional framework of distributed cryptography (with a single policy of authorized subsets) into a multipolicy setting, and we present both a multi-policy distributed decryption scheme and a multi-policy distributed signature scheme. Additionally, we give a short outlook on how to apply the presented multi-secret sharing schemes in the design of other multi-policy cryptosystems, like the signcryption schemes considered in this thesis.
For all the schemes proposed throughout the thesis, we follow the same formal structure. After de ning the protocols of the primitive and the corresponding security model, we propose the new scheme and formally prove its security, by showing a reduction to some computationally hard mathematical problem.Avui en dia les persones estan implicades cada dia mĂ©s en diferents activitats digitals tant en la seva vida professional com en el seu temps lliure. Molts articles de paper, com diners i tiquets, estan sent reemplaçats mĂ©s i mĂ©s per objectes digitals. La criptografia juga un paper crucial en aquesta transformaciĂł, perquè proporciona seguretat en la comunicaciĂł entre els diferents participants que utilitzen un canal digital. Depenent de la situaciĂł especĂfica, alguns requisits de seguretat en la comunicaciĂł poden incloure privacitat (o confidencialitat), autenticitat, integritat o no-repudi. En algunes situacions, repartir l'operaciĂł secreta entre un grup de participants fa el procĂ©s mĂ©s segur i fiable que quan la informaciĂł secreta estĂ centralitzada en un Ăşnic participant; la criptografia distribuĂŻda Ă©s l’à rea de la criptografia que estudia aquestes situacions.
Aquesta tesi tracta de primitives relacionades amb el camp de la criptografia distribuĂŻda. Primer, estudiem esquemes “signcryption”, que ofereixen a la vegada les funcionalitats de xifrat i signatura, on l'operaciĂł de “unsigncryption” estĂ distribuĂŻda. Considerem aquesta primitiva des d’un punt de vista teòric i establim un marc de seguretat per ella. Llavors, presentem dos esquemes “signcryption” amb operaciĂł de “unsigncryption” determinada per una estructura llindar, cada un amb diferents propietats. A mĂ©s, utilitzem la seva propietat d’autenticitat per desenvolupar una nova primitiva: signatures digitals amb verificaciĂł distribuĂŻda. El segon bloc de la tesi tracta la primitiva dels esquemes de comparticiĂł de multi-secrets. DesprĂ©s de demostrar algunes limitacions en l’eficiència dels esquemes de comparticiĂł de multi-secrets en un escenari de teoria de la informaciĂł, presentem diversos esquemes de comparticiĂł de multi-secrets amb seguretat computacional demostrable. Finalment, utilitzem els resultats obtinguts en els esquemes de comparticiĂł de multi-secrets per generalitzar el paradigma tradicional de la criptografia distribuĂŻda (amb una Ăşnica polĂtica de subconjunts autoritzats) a un marc multi-polĂtica, i presentem un esquema de desxifrat distribuĂŻt amb multi-polĂtica i un esquema de signatura distribuĂŻda amb multi-polĂtica. A mĂ©s, donem indicacions de com es poden aplicar els nostres esquemes de comparticiĂł de multi-secrets en el disseny d’altres criptosistemes amb multi-polĂtica, com per exemple els esquemes “signcryption” considerats en aquesta tesi.
Per tots els esquemes proposats al llarg d’aquesta tesi, seguim la mateixa estructura formal. DesprĂ©s de definir els protocols de la primitiva primitius i el model de seguretat corresponent, proposem el nou esquema i demostrem formalment la seva seguretat, mitjançant una reducciĂł a algun problema matemĂ tic computacionalment difĂcil
Variabilité des empreintes élémentaires des otolithes de deux espèces de poissons fourrages estuariens provenant de plusieurs frayères
L’éperlan arc-en-ciel (Osmerus mordax) et le poulamon atlantique (Microgadus tomcod), deux espèces de poisson-fourrage anadromes de la zone de transition estuarienne du Saint-Laurent, sont visées par une importante pêcherie sportive au Québec. La qualité des sites de reproduction de ces espèces a considérablement diminué au courant des années 1980, principalement associée aux pratiques anthropiques. Ceci mena à une diminution de la fréquentation de plusieurs sites de reproduction et ultimement à une baisse notable de leur abondance. L’éperlan arc-en-ciel du sud de l'estuaire est dorénavant recensé à sept sites lors de la reproduction printanière, tandis qu’une montaison hivernale de poulamons atlantiques a lieu principalement dans les rivières Sainte-Anne et Batiscan, en Mauricie. Une meilleure compréhension de la structure des stocks et de l’importance relative des frayères résiduelles de ces deux espèces s’avère essentielle considérant le statut vulnérable de la population d’éperlan arc-en-ciel du sud de l’estuaire en vertu de la Loi sur les espèces menacées ou vulnérables (LEMV) et l’importance économique et écosystémique du poulamon atlantique. La présente étude vise ainsi à explorer le potentiel de la chimie des otolithes dans l’optique de définir la structure des stocks d’éperlan arc-en-ciel de la rive sud de l’estuaire et du poulamon atlantique. Une distinction marquée des signatures élémentaires a été observée entre les sites de reproduction de l’éperlan arc-en-ciel du sud de l’estuaire. Deux signatures élémentaires distinctes ont également été observées au sein des individus du stock capturés au niveau de l’estuaire moyen du Saint-Laurent, indiquant que deux sources principales contribueraient au renouvellement de l’éperlan présent dans l’estuaire. Néanmoins, les signatures élémentaires des sites de reproduction ne concordaient pas avec celles des deux sources. Ceci pourrait potentiellement indiquer la présence d’importants sites de reproduction non connus à ce jour, pouvant appartenir à la population de la rive sud, mais aussi à celle de la rive nord. De son côté, deux principales sources contribueraient au stock de poulamons atlantique de l’estuaire du Saint-Laurent. Basée sur les concentrations d’éléments traces observées au niveau des sites de reproduction, la rivière Sainte-Anne serait le principal contributeur au renouvellement du stock, tandis que la rivière Batiscan contribuerait de manière plus marginale. Les informations acquises dans cette étude soulignent l’importance de considérer la contribution des frayères dans les décisions de gestion. Ces connaissances permettent de cibler les efforts de conservation et de gestion sur les sites contribuant majoritairement au recrutement ou restaurer celles qui y contribuent dans une moindre mesure pour favoriser la pérennité de ces deux espèces de haute importance aux plans écologiques et socio-économiques
Cryptography in privacy-preserving applications.
Tsang Pak Kong.Thesis (M.Phil.)--Chinese University of Hong Kong, 2005.Includes bibliographical references (leaves 95-107).Abstracts in English and Chinese.Abstract --- p.iiAcknowledgement --- p.ivChapter 1 --- Introduction --- p.1Chapter 1.1 --- Privacy --- p.1Chapter 1.2 --- Cryptography --- p.5Chapter 1.2.1 --- History of Cryptography --- p.5Chapter 1.2.2 --- Cryptography Today --- p.6Chapter 1.2.3 --- Cryptography For Privacy --- p.7Chapter 1.3 --- Thesis Organization --- p.8Chapter 2 --- Background --- p.10Chapter 2.1 --- Notations --- p.10Chapter 2.2 --- Complexity Theory --- p.11Chapter 2.2.1 --- Order Notation --- p.11Chapter 2.2.2 --- Algorithms and Protocols --- p.11Chapter 2.2.3 --- Relations and Languages --- p.13Chapter 2.3 --- Algebra and Number Theory --- p.14Chapter 2.3.1 --- Groups --- p.14Chapter 2.3.2 --- Intractable Problems --- p.16Chapter 2.4 --- Cryptographic Primitives --- p.18Chapter 2.4.1 --- Public-Key Encryption --- p.18Chapter 2.4.2 --- Identification Protocols --- p.21Chapter 2.4.3 --- Digital Signatures --- p.22Chapter 2.4.4 --- Hash Functions --- p.24Chapter 2.4.5 --- Zero-Knowledge Proof of Knowledge --- p.26Chapter 2.4.6 --- Accumulators --- p.32Chapter 2.4.7 --- Public Key Infrastructure --- p.34Chapter 2.5 --- Zero Knowledge Proof of Knowledge Protocols in Groups of Unknown Order --- p.36Chapter 2.5.1 --- The Algebraic Setting --- p.36Chapter 2.5.2 --- Proving the Knowledge of Several Discrete Logarithms . --- p.37Chapter 2.5.3 --- Proving the Knowledge of a Representation --- p.38Chapter 2.5.4 --- Proving the Knowledge of d Out of n Equalities of Discrete Logarithms --- p.39Chapter 2.6 --- Conclusion --- p.42Chapter 3 --- Related Works --- p.43Chapter 3.1 --- Introduction --- p.43Chapter 3.2 --- Group-Oriented Signatures without Spontaneity and/or Anonymity --- p.44Chapter 3.3 --- SAG Signatures --- p.46Chapter 3.4 --- Conclusion --- p.49Chapter 4 --- Linkable Ring Signatures --- p.50Chapter 4.1 --- Introduction --- p.50Chapter 4.2 --- New Notions --- p.52Chapter 4.2.1 --- Accusatory Linking --- p.52Chapter 4.2.2 --- Non-slanderability --- p.53Chapter 4.2.3 --- Linkability in Threshold Ring Signatures --- p.54Chapter 4.2.4 --- Event-Oriented Linking --- p.55Chapter 4.3 --- Security Model --- p.56Chapter 4.3.1 --- Syntax --- p.56Chapter 4.3.2 --- Notions of Security --- p.58Chapter 4.4 --- Conclusion --- p.63Chapter 5 --- Short Linkable Ring Signatures --- p.64Chapter 5.1 --- Introduction --- p.64Chapter 5.2 --- The Construction --- p.65Chapter 5.3 --- Security Analysis --- p.68Chapter 5.3.1 --- Security Theorems --- p.68Chapter 5.3.2 --- Proofs --- p.68Chapter 5.4 --- Discussion --- p.70Chapter 5.5 --- Conclusion --- p.71Chapter 6 --- Separable Linkable Threshold Ring Signatures --- p.72Chapter 6.1 --- Introduction --- p.72Chapter 6.2 --- The Construction --- p.74Chapter 6.3 --- Security Analysis --- p.76Chapter 6.3.1 --- Security Theorems --- p.76Chapter 6.3.2 --- Proofs --- p.77Chapter 6.4 --- Discussion --- p.79Chapter 6.5 --- Conclusion --- p.80Chapter 7 --- Applications --- p.82Chapter 7.1 --- Offline Anonymous Electronic Cash --- p.83Chapter 7.1.1 --- Introduction --- p.83Chapter 7.1.2 --- Construction --- p.84Chapter 7.2 --- Electronic Voting --- p.85Chapter 7.2.1 --- Introduction --- p.85Chapter 7.2.2 --- Construction . --- p.87Chapter 7.2.3 --- Discussions --- p.88Chapter 7.3 --- Anonymous Attestation --- p.89Chapter 7.3.1 --- Introduction --- p.89Chapter 7.3.2 --- Construction --- p.90Chapter 7.4 --- Conclusion --- p.91Chapter 8 --- Conclusion --- p.92A Paper Derivation --- p.94Bibliography --- p.9
- …