4,523 research outputs found
Encryption – use and control in E-commerce
The author describes how cryptography can be used to address modern business requirements such as identity protection, secure web access and digital signatures. Article by Robert Bond (Head of Innovation & Technology Group, Hobson Audley and Fellow of SALS). Published in Amicus Curiae - Journal of the Institute of Advanced Legal Studies and its Society for Advanced Legal Studies. The Journal is produced by the Society for Advanced Legal Studies at the Institute of Advanced Legal Studies, University of London
Secret Sharing for Cloud Data Security
Cloud computing helps reduce costs, increase business agility and deploy
solutions with a high return on investment for many types of applications.
However, data security is of premium importance to many users and often
restrains their adoption of cloud technologies. Various approaches, i.e., data
encryption, anonymization, replication and verification, help enforce different
facets of data security. Secret sharing is a particularly interesting
cryptographic technique. Its most advanced variants indeed simultaneously
enforce data privacy, availability and integrity, while allowing computation on
encrypted data. The aim of this paper is thus to wholly survey secret sharing
schemes with respect to data security, data access and costs in the
pay-as-you-go paradigm
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
Composability in quantum cryptography
In this article, we review several aspects of composability in the context of
quantum cryptography. The first part is devoted to key distribution. We discuss
the security criteria that a quantum key distribution protocol must fulfill to
allow its safe use within a larger security application (e.g., for secure
message transmission). To illustrate the practical use of composability, we
show how to generate a continuous key stream by sequentially composing rounds
of a quantum key distribution protocol. In a second part, we take a more
general point of view, which is necessary for the study of cryptographic
situations involving, for example, mutually distrustful parties. We explain the
universal composability framework and state the composition theorem which
guarantees that secure protocols can securely be composed to larger
applicationsComment: 18 pages, 2 figure
Cryptanalysis of two mutual authentication protocols for low-cost RFID
Radio Frequency Identification (RFID) is appearing as a favorite technology
for automated identification, which can be widely applied to many applications
such as e-passport, supply chain management and ticketing. However, researchers
have found many security and privacy problems along RFID technology. In recent
years, many researchers are interested in RFID authentication protocols and
their security flaws. In this paper, we analyze two of the newest RFID
authentication protocols which proposed by Fu et al. and Li et al. from several
security viewpoints. We present different attacks such as desynchronization
attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed
and Parallel system
- …