Design and Analysis of Opaque Signatures

Digital signatures were introduced to guarantee the authenticity and integrity of the underlying messages. A digital signature scheme comprises the key generation, the signature, and the verification algorithms. The key generation algorithm creates the signing and the verifying keys, called also the signer’s private and public keys respectively. The signature algorithm, which is run by the signer, produces a signature on the input message. Finally, the verification algorithm, run by anyone who knows the signer’s public key, checks whether a purported signature on some message is valid or not. The last property, namely the universal verification of digital signatures is undesirable in situations where the signed data is commercially or personally sensitive. Therefore, mechanisms which share most properties with digital signatures except for the universal verification were invented to respond to the aforementioned need; we call such mechanisms “opaque signatures”. In this thesis, we study the signatures where the verification cannot be achieved without the cooperation of a specific entity, namely the signer in case of undeniable signatures, or the confirmer in case of confirmer signatures; we make three main contributions. We first study the relationship between two security properties important for public key encryption, namely data privacy and key privacy. Our study is motivated by the fact that opaque signatures involve always an encryption layer that ensures their opacity. The properties required for this encryption vary according to whether we want to protect the identity (i.e. the key) of the signer or hide the validity of the signature. Therefore, it would be convenient to use existing work about the encryption scheme in order to derive one notion from the other. Next, we delve into the generic constructions of confirmer signatures from basic cryptographic primitives, e.g. digital signatures, encryption, or commitment schemes. In fact, generic constructions give easy-to-understand and easy-to-prove schemes, however, this convenience is often achieved at the expense of efficiency. In this contribution, which constitutes the core of this thesis, we first analyze the already existing constructions; our study concludes that the popular generic constructions of confirmer signatures necessitate strong security assumptions on the building blocks, which impacts negatively the efficiency of the resulting signatures. Next, we show that a small change in these constructionsmakes these assumptions drop drastically, allowing as a result constructions with instantiations that compete with the dedicated realizations of these signatures. Finally, we revisit two early undeniable signatures which were proposed with a conjectural security. We disprove the claimed security of the first scheme, and we provide a fix to it in order to achieve strong security properties. Next, we upgrade the second scheme so that it supports a iii desirable feature, and we provide a formal security treatment of the new scheme: we prove that it is secure assuming new reasonable assumptions on the underlying constituents

Special Signature Schemes and Key Agreement Protocols

This thesis is divided into two distinct parts. The first part of the thesis explores various deniable signature schemes and their applications. Such schemes do not bind a unique public key to a message, but rather specify a set of entities that could have created the signature, so each entity involved in the signature can deny having generated it. The main deniable signature schemes we examine are ring signature schemes. Ring signatures can be used to construct designated verifier signature schemes, which are closely related to designated verifier proof systems. We provide previously lacking formal definitions and security models for designated verifier proofs and signatures and examine their relationship to undeniable signature schemes. Ring signature schemes also have applications in the context of fair exchange of signatures. We introduce the notion of concurrent signatures, which can be constructed using ring signatures, and which provide a "near solution" to the problem of fair exchange. Concurrent signatures are more efficient than traditional solutions for fair exchange at the cost of some of the security guaranteed by traditional solutions. The second part of the thesis is concerned with the security of two-party key agreement protocols. It has traditionally been difficult to prove that a key agreement protocol satisfies a formal definition of security. A modular approach to constructing provably secure key agreement protocols was proposed, but the approach generally results in less efficient protocols. We examine the relationships between various well-known models of security and introduce a modular approach to the construction of proofs of security for key agreement protocols in such security models. Our approach simplifies the proof process, enabling us to provide proofs of security for several efficient key agreement protocols in the literature that were previously unproven

Short undeniable signatures:design, analysis, and applications

Digital signatures are one of the main achievements of public-key cryptography and constitute a fundamental tool to ensure data authentication. Although their universal verifiability has the advantage to facilitate their verification by the recipient, this property may have undesirable consequences when dealing with sensitive and private information. Motivated by such considerations, undeniable signatures, whose verification requires the cooperation of the signer in an interactive way, were invented. This thesis is mainly devoted to the design and analysis of short undeniable signatures. Exploiting their online property, we can achieve signatures with a fully scalable size depending on the security requirements. To this end, we develop a general framework based on the interpolation of group elements by a group homomorphism, leading to the design of a generic undeniable signature scheme. On the one hand, this paradigm allows to consider some previous undeniable signature schemes in a unified setting. On the other hand, by selecting group homomorphisms with a small group range, we obtain very short signatures. After providing theoretical results related to the interpolation of group homomorphisms, we develop some interactive proofs in which the prover convinces a verifier of the interpolation (resp. non-interpolation) of some given points by a group homomorphism which he keeps secret. Based on these protocols, we devise our new undeniable signature scheme and prove its security in a formal way. We theoretically analyze the special class of group characters on Z*n. After studying algorithmic aspects of the homomorphism evaluation, we compare the efficiency of different homomorphisms and show that the Legendre symbol leads to the fastest signature generation. We investigate potential applications based on the specific properties of our signature scheme. Finally, in a topic closely related to undeniable signatures, we revisit the designated confirmer signature of Chaum and formally prove the security of a generalized version

Investigating and Validating Scam Triggers: A Case Study of a Craigslist Website

The internet and digital infrastructure play an important role in our day-to-day live, and it has also a huge impact on the organizations and how we do business transactions every day. Online business is booming in this 21st century, and there are many online platforms that enable sellers and buyers to do online transactions collectively. People can sell and purchase products that include vehicles, clothes, and shoes from anywhere and anytime. Thus, the purpose of this study is to identify and validate scam triggers using Craigslist as a case study. Craigslist is one of the websites where people can post advertising to sell and buy personal belongings online. However, with the growing number of people buying and selling, new threats and scams are created daily. Private cars are among the most significant items sold and purchased over the craigslist website. In this regard, several scammers have been drawn by the large number of vehicles being traded over craigslist. Scammers also use this forum to cheat others and exploit the vulnerable. The study identified online scam triggers including Bad key words, dealers’ posts as owners, personal email, multiple location, rogue picture and voice over IP to detect online scams that exists in craigslist. The study also found over 360 ads from craigslist based on our scam trigger. Finally, the study validated each and every one of the scam triggers and found 53.31% of our data is likelihood to be considered as a scam

Legacies, bribes or culture? Prosecuting large-scale drug-trafficking in Kazakhstan

Several recent criminal cases against high-ranking Kazakhstani Ministry of Internal Affairs officials who had been charged with organizing drug dealing groups of 30 to 50 members within their departments have exposed sophisticated criminal operations involving significant flows of cash, narcotics, and corrupt influence. Some of these officers have been convicted and sent to prison right away, others have been initially released only to find themselves convicted and sentenced to imprisonment a few years later, yet others escaped the punishment. How can we explain this mixed, successful yet protracted criminal prosecution of corrupt police officers who have been protecting drug dealing groups in what many view as corrupt political system? Drawing on the evidence gained from the analysis of mass media reports on drugrelated topics, Kazakhstani criminal legislation and court records, from interviews with the law-enforcement officials dealing with drug-trafficking (detectives, investigators, judges, lawyers, criminals, etc.), and from participant observation of criminal trials of police officers in Kostanay, I argue that the structure of internal and external incentives accounts for both police involvement in organized crime and the mixed success in combatting it. Strong internal incentives arise from Soviet legacies such as formal statistical evaluation of police officers’ performance and from informal subculture within these law-enforcement agencies. Meanwhile, weaker external incentives arise from imperfect legislation, pressure from politicians, an inter-agency competition and highly developed practices of corruption, all of which weakens law enforcement’s the ability to prosecute both organized crime and corrupt officials. I conclude that modern Central Asian states are too weak to prosecute a relatively new type of transnational crime such a drug trafficking. More broadly, this helps advance our theoretical understanding of how formal and informal political institutions interact in different political orders

Abjection of the female body in The Cutting Room and The Bullet Trick : the contemporanization of the patriarchal system

The aim of this thesis is to discuss two of the works written by Louise Welsh, The Cutting Room (2002) and The Bullet Trick (2006), using Gothic and feminist criticism in order to back my hypothesis that the depiction of female bodies as abjects that the author makes in these novels has a direct correlation with current mechanisms, such as pornography, prostitution and sex trafficking, which result in the contemporanization of the patriarchal system in our culture. In other words, the novels refer to normalized cultural practices through which the apparently uprooted patriarchal order has managed to perpetuate its control over women. The first two chapters are devoted to the exploration of the theoretical framework. The thesis starts with a brief account of the historical relationship that Patriarchy has had with the female body, and then, after defining the concept of abjection, which is later utilized to refer to the treatment of the female body in our sexualized society, it presents the current state of affairs and divergent feminist views regarding this topic. The second chapter, which deals with the Gothic and its conventions, explores concepts related to the genre, such as its founding myth, male Gothic and female Gothic, and attempts to provide revised, more thorough definitions of such terms. Then, using this framework we embark in the critical analysis of the corpus which allows us to support our initial claim that the current instances of female bodily abjection are instrumental in perpetuating patriarchal power and, at the same time, to uphold the validity of the long-contested female Gothic as a critical category