218,186 research outputs found
On the efficiency of revocation in RSA-based anonymous systems
© 2016 IEEEThe problem of revocation in anonymous authentication systems is subtle and has motivated a lot of work. One of the preferable solutions consists in maintaining either a whitelist L-W of non-revoked users or a blacklist L-B of revoked users, and then requiring users to additionally prove, when authenticating themselves, that they are in L-W (membership proof) or that they are not in L-B (non-membership proof). Of course, these additional proofs must not break the anonymity properties of the system, so they must be zero-knowledge proofs, revealing nothing about the identity of the users. In this paper, we focus on the RSA-based setting, and we consider the case of non-membership proofs to blacklists L = L-B. The existing solutions for this setting rely on the use of universal dynamic accumulators; the underlying zero-knowledge proofs are bit complicated, and thus their efficiency; although being independent from the size of the blacklist L, seems to be improvable. Peng and Bao already tried to propose simpler and more efficient zero-knowledge proofs for this setting, but we prove in this paper that their protocol is not secure. We fix the problem by designing a new protocol, and formally proving its security properties. We then compare the efficiency of the new zero-knowledge non-membership protocol with that of the protocol, when they are integrated with anonymous authentication systems based on RSA (notably, the IBM product Idemix for anonymous credentials). We discuss for which values of the size k of the blacklist L, one protocol is preferable to the other one, and we propose different ways to combine and implement the two protocols.Postprint (author's final draft
On the Expressive Power of Multiple Heads in CHR
Constraint Handling Rules (CHR) is a committed-choice declarative language
which has been originally designed for writing constraint solvers and which is
nowadays a general purpose language. CHR programs consist of multi-headed
guarded rules which allow to rewrite constraints into simpler ones until a
solved form is reached. Many empirical evidences suggest that multiple heads
augment the expressive power of the language, however no formal result in this
direction has been proved, so far.
In the first part of this paper we analyze the Turing completeness of CHR
with respect to the underneath constraint theory. We prove that if the
constraint theory is powerful enough then restricting to single head rules does
not affect the Turing completeness of the language. On the other hand,
differently from the case of the multi-headed language, the single head CHR
language is not Turing powerful when the underlying signature (for the
constraint theory) does not contain function symbols.
In the second part we prove that, no matter which constraint theory is
considered, under some reasonable assumptions it is not possible to encode the
CHR language (with multi-headed rules) into a single headed language while
preserving the semantics of the programs. We also show that, under some
stronger assumptions, considering an increasing number of atoms in the head of
a rule augments the expressive power of the language.
These results provide a formal proof for the claim that multiple heads
augment the expressive power of the CHR language.Comment: v.6 Minor changes, new formulation of definitions, changed some
details in the proof
On the Design of Cryptographic Primitives
The main objective of this work is twofold. On the one hand, it gives a brief
overview of the area of two-party cryptographic protocols. On the other hand,
it proposes new schemes and guidelines for improving the practice of robust
protocol design. In order to achieve such a double goal, a tour through the
descriptions of the two main cryptographic primitives is carried out. Within
this survey, some of the most representative algorithms based on the Theory of
Finite Fields are provided and new general schemes and specific algorithms
based on Graph Theory are proposed
Forensic Science for Cambodian Justice
Cambodia is universally associated with its killing fields â a horrific inheritance from the
Khmer Rouge era. Whilst mass grave evidence from that era is referred to in history and
social science publications on Cambodia, it has not featured in a legal context to date. The
establishment of the Extraordinary Chambers in the Courts of Cambodia (ECCC) creates
an opportunity for a review of this evidence 30 years after the events. Those alleged to be
accountable for Cambodiaâs killing fields are finally being brought to justice. The question
is whether this will occur with or without forensic science evidence from the mass graves.
This article explores the reasons for using forensic science in the Cambodian context and
outlines its potential for legal proceedings. Drawing on relevant literature in the forensic
and legal areas, the article provides a brief outline of the legal context created by the ECCC and examines various projects that have recorded evidence relating to the mass graves. Employing an analysis of semistructured, in-depth interviews with forensic and legal experts as well as representatives from the ECCC and the Documentation Center of Cambodia (DC-Cam), the article explores the value of forensic science for the ECCC, including its impact on humanitarian issues in Cambodia
On Constant-Round Concurrent Zero-Knowledge from a Knowledge Assumption
In this work, we consider the long-standing open question of constructing
constant-round concurrent zero-knowledge protocols in the plain model.
Resolving this question is known to require non-black-box techniques.
We consider non-black-box techniques for zero-knowledge based on knowledge
assumptions, a line of thinking initiated by the work of Hada and Tanaka
(CRYPTO 1998). Prior to our work, it was not known whether knowledge
assumptions could be used for achieving security in the concurrent setting, due
to a number of significant limitations that we discuss here. Nevertheless, we
obtain the following results:
1. We obtain the first constant round concurrent zero-knowledge argument for
\textbf{NP} in the plain model based on a new variant of knowledge of exponent
assumption. Furthermore, our construction avoids the inefficiency inherent in
previous non-black-box techniques such that those of Barak (FOCS 2001); we
obtain our result through an efficient protocol compiler.
2. Unlike Hada and Tanaka, we do not require a knowledge assumption to argue
the soundness of our protocol. Instead, we use a discrete log like assumption,
which we call Diffie-Hellman Logarithm Assumption, to prove the soundness of
our protocol.
3. We give evidence that our new variant of knowledge of exponent assumption
is in fact plausible. In particular, we show that our assumption holds in the
generic group model.
4. Knowledge assumptions are especially delicate assumptions whose
plausibility may be hard to gauge. We give a novel framework to express
knowledge assumptions in a more flexible way, which may allow for formulation
of plausible assumptions and exploration of their impact and application in
cryptography.Comment: 30 pages, 3 figure
A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing
To ensure the privacy of users in transport systems, researchers are working
on new protocols providing the best security guarantees while respecting
functional requirements of transport operators. In this paper, we design a
secure NFC m-ticketing protocol for public transport that preserves users'
anonymity and prevents transport operators from tracing their customers' trips.
To this end, we introduce a new practical set-membership proof that does not
require provers nor verifiers (but in a specific scenario for verifiers) to
perform pairing computations. It is therefore particularly suitable for our
(ticketing) setting where provers hold SIM/UICC cards that do not support such
costly computations. We also propose several optimizations of Boneh-Boyen type
signature schemes, which are of independent interest, increasing their
performance and efficiency during NFC transactions. Our m-ticketing protocol
offers greater flexibility compared to previous solutions as it enables the
post-payment and the off-line validation of m-tickets. By implementing a
prototype using a standard NFC SIM card, we show that it fulfils the stringent
functional requirement imposed by transport operators whilst using strong
security parameters. In particular, a validation can be completed in 184.25 ms
when the mobile is switched on, and in 266.52 ms when the mobile is switched
off or its battery is flat
Efficient non-malleable commitment schemes
We present efficient non-malleable commitment schemes based on standard assumptions such as RSA and Discrete-Log, and under the condition that the network provides publicly available RSA or Discrete-Log parameters generated by a trusted party. Our protocols require only three rounds and a few modular exponentiations. We also discuss the difference between the notion of non-malleable commitment schemes used by Dolev, Dwork and Naor [DDN00] and the one given by Di Crescenzo, Ishai and Ostrovsky [DIO98]
Women MPs and the socio-environmental preconditions for political participation in the Federal Republic
With the election of Germany's first woman chancellor in November 2005 it would appear that equal opportunities have finally been achieved in German politics. Furthermore, most parties in the Federal Republic are committed to increasing or maintaining certain levels of female representation within their ranks, and many use quotas to achieve this. This article looks not only at the formal mechanisms employed by the German parties to help women enter politics, but also at whether the practice of politics is conducive to women's working methods and lifestyles. Its focus is on the compatibility of a political career with family responsibilities. The author argues that while quotas have helped increase the number of female politicians, party cultures and practices have not been completely transformed. Many problems remain for current and potential female politicians, especially those whose family circumstances make it hard to adapt to the male norms of behaviour which still characterise political life in the Federal Republic
The ISCIP Analyst, Volume XVI, Issue 4
This repository item contains a single issue of The ISCIP Analyst, an analytical review journal published from 1996 to 2010 by the Boston University Institute for the Study of Conflict, Ideology, and Policy
- âŠ