KCRS: A Blockchain-Based Key Compromise Resilient Signature System

Digital signatures are widely used to assure authenticity and integrity of messages (including blockchain transactions). This assurance is based on assumption that the private signing key is kept secret, which may be exposed or compromised without being detected in the real world. Many schemes have been proposed to mitigate this problem, but most schemes are not compatible with widely used digital signature standards and do not help detect private key exposures. In this paper, we propose a Key Compromise Resilient Signature (KCRS) system, which leverages blockchain to detect key compromises and mitigate the consequences. Our solution keeps a log of valid certificates and digital signatures that have been issued on the blockchain, which can deter the abuse of compromised private keys. Since the blockchain is an open system, KCRS also provides a privacy protection mechanism to prevent the public from learning the relationship between signatures. We present a theoretical framework for the security of the system and a provably-secure construction. We also implement a prototype of KCRS and conduct experiments to demonstrate its practicability

Overview of methods to analyse dynamic data

This book gives an overview of existing data analysis methods to analyse the dynamic data obtained from full scale testing, with their advantages and drawbacks. The overview of full scale testing and dynamic data analysis is limited to energy performance characterization of either building components or whole buildings. The methods range from averaging and regression methods to dynamic approaches based on system identification techniques. These methods are discussed in relation to their application in following in situ measurements: -measurement of thermal transmittance of building components based on heat flux meters; -measurement of thermal and solar transmittance of building components tested in outdoor calorimetric test cells; -measurement of heat transfer coefficient and solar aperture of whole buildings based on co-heating or transient heating tests; -characterisation of the energy performance of whole buildings based on energy use monitoring

Condensation Risk – Impact of Improvements to Part L and Robust Details on Part C -Interim report number 7: Final report on project fieldwork

This report sets out, in draft1, the results of the fieldwork phase of research into the impacts of the 2002 revisions to Part L of the building regulations (Approved Document L1 - DTLR, 2001), and the adoption of Robust Details (RDs - DEFRA 2001) on the extent of condensation risk in the construction of dwellings (Oreszczyn and Bell, 2003). The objective of the fieldwork was to explore the practical application of the revised Part L and its associated robust details by housing developers. This was done through a qualitative evaluation of the design and construction of 16 housing schemes designed in accordance with the revised part L and making use of robust details2. The results of the analysis are to be used to enable condensation modelling that takes into account not only the guidance of robust details but also the way in which construction details were actually designed and, perhaps more importantly, constructed. To this end the report identifies 7 areas of construction detailing (yielding some 15 separate detail models) that are to be included in the condensation modelling phase of the project

SiBIR: Signer-Base Intrusion-Resilient Signatures

We propose a new notion of intrusion-resilient signature schemes, which generalizes and improves upon both forward-secure [And97,BM99] and key-insulated [DKXY02] signature schemes. Specifically, as in the prior notions, time is divided into predefined time periods (e.g., days); each signature includes the number of the time time period in which it was generated; while the public key remains the same, the secret keys evolve with time. Also, as in key-insulated schemes, the user has two modules, signer and home base: the signer generates signatures on his own, and the base is needed only to help update the signer\u27s key from one period to the next. The main strength of intrusion-resilient schemes, as opposed to prior notions, is that they remain secure even after arbitrarily many compromises of both modules, as long as the compromises are not simultaneous. Moreover, even if the intruder does compromise both modules simultaneously, she will still be unable to generate any signatures for the previous time periods. We provide an efficient intrusion-resilient signature scheme, provably secure in the random oracle model based on the strong RSA assumption. We also discuss how such schemes can eliminate the need for certificate revocation in the case of on-line authentication

Group Selection and Key Management Strategies for Ciphertext-Policy Attribute-Based Encryption

Ciphertext-Policy Attribute-Based Encryption (CPABE) was introduced by Bethencourt, Sahai, and Waters, as an improvement of Identity Based Encryption, allowing fine grained control of access to encrypted files by restricting access to only users whose attributes match that of the monotonic access tree of the encrypted file. Through these modifications, encrypted files can be placed securely on an unsecure server, without fear of malicious users being able to access the files, while allowing each user to have a unique key, reducing the vulnerabilites associated with sharing a key between multiple users. However, due to the fact that CPABE was designed for the purpose of not using trusted servers, key management strategies such as efficient renewal and immediate key revocation are inherently prevented. In turn, this reduces security of the entire scheme, as a user could maliciously keep a key after having an attribute changed or revoked, using the old key to decrypt files that they should not have access to with their new key. Additionally, the original CPABE implementation provided does not discuss the selection of the underlying bilinear pairing which is used as the cryptographic primitive for the scheme. This thesis explores different possibilites for improvement to CPABE, in both the choice of bilinear group used, as well as support for key management that does not rely on proxy servers while minimizing the communication overhead. Through this work, it was found that nonsupersingular elliptic curves can be used for CPABE, and Barreto-Naehrig curves allowed the fastest encryption and key generation in CHARM, but were the slowest curves for decryption due to the large size of the output group. Key management was performed by using a key-insulation method, which provided helper keys which allow keys to be transformed over different time periods, with revocation and renewal through key update. Unfortunately, this does not allow immediate revocation, and revoked keys are still valid until the end of the time period during which they are revoked. Discussion of other key management methods is presented to show that immediate key revocation is difficult without using trusted servers to control access

Identity-based key-insulated aggregate signature scheme

AbstractPrivate key exposure can be the most devastating attack on cryptographic schemes; as such exposure leads to the breakage of security of the scheme as a whole. In the real world scenario, this problem is perhaps the biggest threat to cryptography. The threat is increasing with users operating on low computational devices (e.g. mobile devices) which hold the corresponding private key for generating signatures. To reduce the damage caused by the key exposure problem in aggregate signatures and preserve the benefits of identity-based (ID-based) cryptography, we hereby propose the first key-insulated aggregate signature scheme in ID-based setting. In this scheme the leakage of temporary private keys will not compromise the security of all the remaining time periods. The security of our scheme is proven secure in the random oracle paradigm with the assumption that the Computational Diffie–Hellman (CDH) problem is intractable. The proposed scheme allows an efficient verification with constant signature size, independent of the number of signers

Instituciones políticas, procesos de diseño de políticas y resultados de las políticas en Chile

Este articulo caracteriza los rasgos principales del proceso de diseño de políticas en Chile. El articulo resalta la influencia de las instituciones políticas en dicho proceso y examina la conexión entre el diseño de políticas y el resultado final. Los rasgos principales del proceso de diseño Chileno de políticas son el sistema electoral y el sistema de partidos asociativo, caracterizados por dos coaliciones establecidas, un Ejecutivo poderoso con el control sobre la agenda política, una magistratura independiente, una burocracia que es relativamente libre de corrupción juzgada por los criterios de la OECD, y una serie de vetos en el proceso de diseño de políticas que permiten a facciones afectadas bloquear el cambio de políticas. En consistencia con la estructura teórica de Spiller y Tommasi (2003), el número de actores que interactúan repetidamente y la predictabilidad de la implementación de políticas y una aplicación legal conducen a un proceso de diseño de políticas en el cual los costos de operación son bajos y los intercambios políticos ínter temporales son creíbles. Los grupos de oposición que ejercen su derecho a veto le dan a estos intercambios ínter temporales su credibilidad, aunque también pueden bloquear las reformas. Analizando las políticas desde una perspectiva transversal, encontramos que las políticas en las cuales los intereses de los políticos son mejor representados y las cuales llevan a un cambio exógeno rápido, están asociadas con mas éxito hacia la reforma. En contraste, las políticas que no comparten ningún interés con la rama ejecutiva y con los varios grupos de oposición, tienden a estancarse.

Group Signatures with Message-Dependent Opening: Formal Definitions and Constructions

This paper introduces a new capability for group signatures called message-dependent opening. It is intended to weaken the high trust placed on the opener; i.e., no anonymity against the opener is provided by an ordinary group signature scheme. In a group signature scheme with message-dependent opening (GS-MDO), in addition to the opener, we set up an admitter that is not able to extract any user’s identity but admits the opener to open signatures by specifying messages where signatures on the specified messages will be opened by the opener. The opener cannot extract the signer’s identity from any signature whose corresponding message is not specified by the admitter. This paper presents formal definitions of GS-MDO and proposes a generic construction of it from identity-based encryption and adaptive non-interactive zero-knowledge proofs. Moreover, we propose two specific constructions, one in the standard model and one in the random oracle model. Our scheme in the standard model is an instantiation of our generic construction but the message-dependent opening property is bounded. In contrast, our scheme in the random oracle model is not a direct instantiation of our generic construction but is optimized to increase efficiency and achieves the unbounded message-dependent opening property. Furthermore, we also demonstrate that GS-MDO implies identity-based encryption, thus implying that identity-based encryption is essential for designing GS-MDO schemes