120,129 research outputs found
Unlinkable Policy-based Sanitizable Signatures
In CT-RSA 2020, P3S was proposed as the first policy-based sanitizable signature scheme which allows the signer to designate future message sanitizers by defining an access policy relative to their attributes rather than their keys. However, since P3S utilizes a policy-based chameleon hash (PCH), it does not achieve unlinkability which is a required notion in privacy-preserving applications. Moreover, P3S requires running a procedure to share the secret trapdoor information for PCH with each new sanitizer before sanitizing a new message. We further observe that in order to maintain the transparency in P3S’s multiple-sanitizers setting, the signature size should grow linearly with the number of sanitizers. In this work, we propose an unlinkable policy-based sanitizable signature scheme (UP3S) where we employ a rerandomizable digital signature scheme and a traceable attribute-based signature scheme as its building blocks. Compared to P3S, UP3S achieves unlinkability, does not require new secrets to be shared with future sanitizers prior to sanitizing each message, and has a fixed signature size for a given sanitization policy. We define and formally prove the security notions of the generic scheme, propose an instantiation of UP3S utilizing the Pointcheval-Sanders rerandomizable signature scheme and DTABS traceable attribute-based signature scheme, and analyze its efficiency. Finally, we compare UP3S with P3S in terms of the features of the procedures, scalability, and security models
Evolutionary intelligent agents for e-commerce: Generic preference detection with feature analysis
Product recommendation and preference tracking systems have been adopted extensively in e-commerce businesses. However, the heterogeneity of product attributes results in undesired impediment for an efficient yet personalized e-commerce product brokering. Amid the assortment of product attributes, there are some intrinsic generic attributes having significant relation to a customer’s generic preference. This paper proposes a novel approach in the detection of generic product attributes through feature analysis. The objective is to provide an insight to the understanding of customers’ generic preference. Furthermore, a genetic algorithm is used to find the suitable feature weight set, hence reducing the rate of misclassification. A prototype has been implemented and the experimental results are promising
Authorised Translations of Electronic Documents
A concept is proposed to extend authorised translations of documents to
electronically signed, digital documents. Central element of the solution is an
electronic seal, embodied as an XML data structure, which attests to the
correctness of the translation and the authorisation of the translator. The
seal contains a digital signature binding together original and translated
document, thus enabling forensic inspection and therefore legal security in the
appropriation of the translation. Organisational aspects of possible
implementation variants of electronic authorised translations are discussed and
a realisation as a stand-alone web-service is presented.Comment: In: Peer-reviewed Proceedings of the Information Security South
Africa (ISSA) 2006 From Insight to Foresight Conference, 5 to 7 July 2006,
Sandton, South Afric
Reconfigurable Security: Edge Computing-based Framework for IoT
In various scenarios, achieving security between IoT devices is challenging
since the devices may have different dedicated communication standards,
resource constraints as well as various applications. In this article, we first
provide requirements and existing solutions for IoT security. We then introduce
a new reconfigurable security framework based on edge computing, which utilizes
a near-user edge device, i.e., security agent, to simplify key management and
offload the computational costs of security algorithms at IoT devices. This
framework is designed to overcome the challenges including high computation
costs, low flexibility in key management, and low compatibility in deploying
new security algorithms in IoT, especially when adopting advanced cryptographic
primitives. We also provide the design principles of the reconfigurable
security framework, the exemplary security protocols for anonymous
authentication and secure data access control, and the performance analysis in
terms of feasibility and usability. The reconfigurable security framework paves
a new way to strength IoT security by edge computing.Comment: under submission to possible journal publication
Towards a Flexible Intra-Trustcenter Management Protocol
This paper proposes the Intra Trustcenter Protocol (ITP), a flexible and
secure management protocol for communication between arbitrary trustcenter
components. Unlike other existing protocols (like PKCS#7, CMP or XKMS) ITP
focuses on the communication within a trustcenter. It is powerful enough for
transferring complex messages which are machine and human readable and easy to
understand. In addition it includes an extension mechanism to be prepared for
future developments.Comment: 12 pages, 0 figures; in The Third International Workshop for Applied
PKI (IWAP2004
Ubic: Bridging the gap between digital cryptography and the physical world
Advances in computing technology increasingly blur the boundary between the
digital domain and the physical world. Although the research community has
developed a large number of cryptographic primitives and has demonstrated their
usability in all-digital communication, many of them have not yet made their
way into the real world due to usability aspects. We aim to make another step
towards a tighter integration of digital cryptography into real world
interactions. We describe Ubic, a framework that allows users to bridge the gap
between digital cryptography and the physical world. Ubic relies on
head-mounted displays, like Google Glass, resource-friendly computer vision
techniques as well as mathematically sound cryptographic primitives to provide
users with better security and privacy guarantees. The framework covers key
cryptographic primitives, such as secure identification, document verification
using a novel secure physical document format, as well as content hiding. To
make a contribution of practical value, we focused on making Ubic as simple,
easily deployable, and user friendly as possible.Comment: In ESORICS 2014, volume 8712 of Lecture Notes in Computer Science,
pp. 56-75, Wroclaw, Poland, September 7-11, 2014. Springer, Berlin, German
- …