Comments on "A practical (t, n) threshold proxy signature scheme based on the RSA cryptosystem"

In a (t, n) proxy signature scheme, the original signer can delegate his/her signing capability to n proxy signers such that any t or more proxy singers can sign messages on behalf of the former, but t 1 or less of them cannot do the same thing

Preserving transparency and accountability in optimistic fair exchange of digital signatures

Optimistic fair exchange (OFE) protocols are useful tools for two participants to fairly exchange items with the aid of a third party who is only involved if needed. A widely accepted requirement is that the third party\u27s involvement in the exchange must be transparent, to protect privacy and avoid bad publicity. At the same time, a dishonest third party would compromise the fairness of the exchange and the third party thus must be responsible for its behaviors. This is achieved in OFE protocols with another property called accountability. It is unfortunate that the accountability has never been formally studied in OFE since its introduction ten years ago. In this paper, we fill these gaps by giving the first complete definition of accountability in OFE where one of the exchanged items is a digital signature and a generic (also the first) design of OFE where transparency and accountability coexist

A new dependable exchange protocol

Abstract As electronic transaction becomes common practice in real-world business, its dependability develops into a major concern, especially in critical transactions, e.g., electronic payment and electronic contract signing. Many recent fair-exchange protocols can recover the transaction from network failures; however, few can survive local system failures. In this paper, we propose a new Dependable Exchange Protocol. With proper convertible signature scheme and message logging method, the exchange protocol provides a recovery method for network and local system failures. To the best of our knowledge, this protocol is the first fault-tolerant exchange protocol in the context of offline TTP and asynchronous channels

DT-CP: a double-TTPs based contract-signing protocol with lower computational cost

This paper characterizes a contract signing protocol with high efficiency in Internet of Things. Recent studies show that existing contract-signing protocols can achieve abuse-freeness and resist inference attack, but cannot meet the high-efficiency and convenience requirement of the future Internet of things applications. To solve this problem, we propose a novel contract-signing protocol. Our proposed protocol includes two main parts: 1) we use the partial public key of the sender, instead of the zero-knowledge protocol, to verify the intermediate result; 2) we employ two independent Trusted Third Parties (TTPs) to prevent the honest-but-curious TTP. Our analysis shows that our double TTP protocol can not only result in lower computational cost, but also can achieve abuse-freeness with trapdoor commitment scheme. In a word, our proposed scheme performs better than the state of the art in terms of four metrics: encryption time, number of exponentiations, data to be exchanged and exchange steps in one round contract-signing

Keeping Fairness Alive : Design and formal verification of optimistic fair exchange protocols

Fokkink, W.J. [Promotor]Pol, J.C. van de [Promotor

Pairing-Based Cryptographic Protocols : A Survey

The bilinear pairing such as Weil pairing or Tate pairing on elliptic and hyperelliptic curves have recently been found applications in design of cryptographic protocols. In this survey, we have tried to cover different cryptographic protocols based on bilinear pairings which possess, to the best of our knowledge, proper security proofs in the existing security models

A Scalable Recoverable Skip List for Persistent Memory on NUMA Machines

Interest in recoverable, persistent-memory-resident (PMEM-resident) data structures is growing as availability of Intel Optane Data Center Persistent Memory increases. An interesting use case for in-memory, recoverable data structures is for database indexes, which need high availability and reliability. Skip lists are a data structure particularly well-suited for usage as a fully PMEM-resident index, due to their reduced amount of writes from their probabilistic balancing in comparison to other index data structures like B-trees. The Untitled Persistent Skip List (UPSkipList) is a PMEM-resident recoverable skip list derived from Herlihy et al.'s lock-free skip list algorithm. It is developed using a new conversion technique that extends the RECIPE algorithm by Lee et al. to work on lock-free algorithms with non-blocking writes and no inherent recovery mechanism. It does this by tracking the current time period between two failures, or failure-free epoch, and recording the current epoch in nodes when they are being modified. This way, an observing thread can determine if an inconsistent node is being modified in this epoch or was being modified in a previous epoch and now is in need of recovery. The algorithm is also extended to support concurrent data node splitting to improve performance, which is easily made recoverable using the extension to RECIPE allowing detection of incomplete node splits. UPSkipList also supports cache-efficient NUMA awareness of dynamically allocated objects using an extension to the Region-ID in Value (RIV) method by Chen et al. By using additional bits after the most significant bits in an RIV pointer to indicate the object in which the remaining bits are referenced relative to, chunks of memory can by dynamically allocated to UPSkipList from multiple shared pools without the need for fat pointers, which reduce cache efficiency by halving the number of pointers that can fit in a cache line. This combines the benefits of both the RIV method and the dynamic memory allocation method built into the Persistent Memory Development Kit (PMDK), improving both performance and practicality. Additionally, memory manually managed within a chunk using the RIV method can have its recovery after a crash deferred to the next attempted allocation by a thread sharing the ID with the thread responsible for the allocation of the memory being recovered, reducing recovery time for large pools with many threads active during the time of a crash. Comparison was done against the BzTree of Arulraj et al., as implemented by Lersch et al., which has non-blocking, non-repairing writes implemented using the persistent multi-word CAS (PMwCAS) primitive by Wang et al., and a transactional recoverable skip list implemented using the PMDK. Tested with the Yahoo Cloud Serving Benchmark (YCSB), UPSkipList achieves better performance in write-heavy workloads at high levels of concurrency than BzTree, and outperforms the PMDK-based skip list, due to the PMDK-based skip list's higher average latency. Using the extended RIV pointers to dynamically allocate memory resulted in a 40% performance increase over using the PMDK's fat pointers. The impact of NUMA awareness using multiple pools of memory compared with striping a single pool across multiple nodes was found to only be a 5.6% decrease in performance. Finally, recovery time of UPSkipList was found to be comparable to the PMDK-based skip list, and 9 times faster than BzTree with 500K descriptors in its PMwCAS pool. Correctness of UPSkipList and its conversion and recovery techniques were tested using black-box recoverable linearizability analysis, which found UPSkipList to be free of strict linearizability errors across 30 trials

Automating SLA enforcement in the cloud computing

Cloud computing is playing an increasingly important role, not only by facilitating digital trading platforms but also by transforming conventional services from client-server models to cloud computing. This domain has given the global economic and technological benefits, it offers to both the service providers and service subscribers. Digital marketplaces are no longer limited only to trade tangible commodities but also facilitates enormous service virtualization across various industries. Software as a Service (SaaS) being the largest service segment, dominates the global cloud migration. Infrastructure as a Service (IaaS) and cloud-based application development also known as Platform as a Service (PaaS) are also next-generation computing platforms for their ultimate futuristic demand by both, public and private sector. These service segments are now hosted on cloud platforms to compute, store, and network, an enormous amount of service requests, which process data incredibly fast and economically. Organizations also perform data analytics and other similar computing amenities to manage their business without maintaining on-premise computing infrastructures which are hard to maintain. This computing capability has extensively improved the popularity and increased the demand for cloud services to an extent, that businesses worldwide are heavily migrating their computing resources to these platforms. Diverse cloud service providers take the responsibility of provisioning such cloud-based services for subscribers. In return, a certain subscription fee is charged to them periodically and depending upon the service package, availability and security. On the flip side, such intensive technology shift and outsourcing reliance have also introduced scenarios that any failure on their part leads to serious consequences to the business community at large. In recent years technology industry has observed critical and increased service outages at various cloud service providers(CSP) such as Amazon AWS, Microsoft, Google, which ultimately interrupts the entire supply chain and causes several well-known web services to be taken offline either due to a human error, failed change control implementation or in more recently due to targeted cyber-attacks like DDoS. These web-based solutions such as compute, storage, network or other similar services are provisioned to cloud service subscribers (CSS) platforms. Regardless of a cloud service deployment, a legal binding such as a Service Level Agreement (SLA) is signed between the CSP and CSS. The SLA holds a service scope and guarantees in case of failure. There are probabilities where these SLA may be violated, revoked, or dishonoured by either party, mostly the CSP. An SLA violation along with an unsettled dispute leads to some financial losses for the service subscribers or perhaps cost them their business reputation. Eventually, the subscriber may request some form of compensation from the provider such as a service credit or a refund. In either case, the burden of proof lies with the subscribers, who have to capture and preserve those data or forensically sound system or service logs, supporting their claims. Most of the time, this is manually processed, which is both expensive and time-consuming. To address this problem, this research first analyses the gaps in existing arrangements. It then suggests automation of SLA enforcement within cloud environments and identifies the main properties of a solution to the problem covering various other avenues associated with the other operating environments. This research then subsequently proposes architectures, based on the concept of fair exchange, and shows that how intelligently the approach enforces cloud SLA using various techniques. Furthermore, by extending the research scope covering two key scenarios (a) when participants are loss averse and (b) when interacting participants can act maliciously. Our proposed architectures present robust schemes by enforcing the suggested solutions which are effective, efficient, and most importantly resilient to modern-day security and privacy challenges. The uniqueness of our research is that it does not only ensure the fairness aspect of digital trading but it also extends and logically implements a dual security layer throughout the service exchange. Using this approach protects business participants by securely automating the dispute resolutions in a more resilient fashion. It also shields their data privacy and security from diverse cyber challenges and other operational failures. These architectures are capable of imposing state-of-the-art defences through integrated secure modules along with full encryption schemes, mitigating security gaps previously not dealt with, based upon fair exchange protocols. The Protocol also accomplishes achieving service exchange scenarios either with or without dispute resolution. Finally, our proposed architectures are automated and interact with hardcoded procedures and verifications mechanism using a variant of trusted third parties and trusted authorities, which makes it difficult to cause potential disagreements and misbehaviours during a cloud-based service exchange by enforcing SLA

Breaking and repairing optimistic fair exchange from PODC 2003

Upala proksimalnih tetiva mišića podlaktice učestala je pojava. Kao i večina upala tetiva konzervativno se nerijetko liječi primjenom ekscentričnih kontrakcija. Recentna istraživanja ukazuju na moguće pozitivno djelovanje i izotoničkih kontrakcija submaksimalnim opterećenjem. Ipak, one nisu istražene na populaciji sa upalom tetiva u području lakta. Cilj ovog rada je utvrditi razliku u djelovanju ekscentričnih kontrakcija i sporo izvedenih izotoničkih kontrakcija submaksimalnim opterećenjem u rehabilitaciji osoba sa lateralnim epikondilitisom. Uzorak ispitanika sastojao se od 16 osoba koji su nasumičnim izborom podjeljeni u 2 skupine. Kontrolna skupina je provodila ekscentrične kontrakcije, a eksperimentalna skupina je provodila sporo izvedene izotoničke kontrakcije submaksimalnim opterećenjem. Prilikom planiranja protokola kineziterapije koristile su se spoznaje iz dosadašnjih istraživanja te su ispitanici iz obje skupine provodili vježbe 3 puta na dan u periodu od 10 dana. Mjerene su varijable opsega pokreta (kut dorzalne fleksije, kut palmarne fleksije, kut fleksije i ekstenzije u laktu te pronacije i supinacije), subjektivna procjena boli (VAS/NAS) i jakost stiska šake. Obje grupe ispitanika temeljem t-testa za zavisne uzorke postižu statistički značajne rezultate u odnosu na početnu točku mjerenja. Time je dokazano da su obje metode vježbanja korisne u tretiranju sindroma prenaprezanja. Napredak u varijablama u odnosu na početno mjerenje između grupa dobiven je dvofaktorskom analizom varijance s ponovljenim mjerenjem na faktoru vrijeme. Statistički značajna razlikuja je dobivena u varijabli SUPINACIJA (p=0,03) te NAS skala boli (0,0456). Eksperimentalna skupina postiže bolje rezultate u supinaciji, a kontrona skupina postiže bolje rezultate u NAS skali boli. Glavni zaključak istraživanja je da obje skupine ispitanika postižu približno jednake rezultate u odnosu na početno mjerenje, a eksperimentalnoj skupini je potrebno manje vremena kako bi izvela vježbe. Također, ispitanici eksperimentalne skupine su u odnosu na kontrolnu skupinu postigli znatno bolji rezultat u varijabli SUPINACIJA. Rečeno je pogotovo važno uzme li se u obzir činjenica da je kod osoba sa lateralnim epikondilitisom pokret supinacije izrazito bolan.The inflammation of the proximal muscle of the forearm muscles was commonplace. Like most tendon inflammation, it is conservatively often treated by the use of eccentric contraction. Recent studies indicate possible positivist activity of heavy slow resistence training. However, they have not been studied in populations with the inflammation of the tendon in the elbow area. The aim of this paper is to determine the difference in the effect of eccentric contractions and slow derived isotonic contractions with submaximal load in the rehabilitation of persons with lateral epicondylitis. The sample of respondents consisted of 16 people randomly divided into 2 groups. The control group carried out eccentric contraction, and the experimental group conducted heavy slow resistence (HSR) training. During the planning of kinesitherapy protocols, findings from previous studies were used, and subjects from both groups conducted exercise 3 times a day in a 10-day period. Movement range variables (angle of dorsal flexion, palmar flexion angle, angle of flexion and elbow extension, as well as pronation and supination), subjective pain assessment (VAS / NAS), and strength of hand were measured. Both groups of respondents based on the t-test for dependent samples achieved statistically significant results compared to the starting point of measurement. This has been shown that both exercise methods are useful in treating overstatement syndrome. Progress in variables relative to the initial measurement between the groups was obtained by double-factor analysis of variance with repeated measurement of factor time. Statistically significant differences were obtained in SUPINATION variables (p = 0.03) and NAS scales of pain (0.0456). The experimental group performing HSR achieves statistically significantly better results in comparison to the control group that scores statistically significantly better in the NAS variables, achieves a lower score, but as this variable is reversed, the smaller score is a better result and indicates a lower pain. The main conclusion of the study is that both groups of people achieve approximately equal results with respect to initial measurement, and the experimental group takes less time to perform the exercises. Also, the subjects of the experimental group compared the control group with a significantly better result in the SUPINATION variables. It is especially important to take into account the fact that in people with lateral epicondylitis the supine movement is extremely painful