234 research outputs found
Year 2010 Issues on Cryptographic Algorithms
In the financial sector, cryptographic algorithms are used as fundamental techniques for assuring confidentiality and integrity of data used in financial transactions and for authenticating entities involved in the transactions. Currently, the most widely used algorithms appear to be two-key triple DES and RC4 for symmetric ciphers, RSA with a 1024-bit key for an asymmetric cipher and a digital signature, and SHA-1 for a hash function according to international standards and guidelines related to the financial transactions. However, according to academic papers and reports regarding the security evaluation for such algorithms, it is difficult to ensure enough security by using the algorithms for a long time period, such as 10 or 15 years, due to advances in cryptanalysis techniques, improvement of computing power, and so on. To enhance the transition to more secure ones, National Institute of Standards and Technology (NIST) of the United States describes in various guidelines that NIST will no longer approve two-key triple DES, RSA with a 1024-bit key, and SHA-1 as the algorithms suitable for IT systems of the U.S. Federal Government after 2010. It is an important issue how to advance the transition of the algorithms in the financial sector. This paper refers to issues regarding the transition as Year 2010 issues in cryptographic algorithms. To successfully complete the transition by 2010, the deadline set by NIST, it is necessary for financial institutions to begin discussing the issues at the earliest possible date. This paper summarizes security evaluation results of the current algorithms, and describes Year 2010 issues, their impact on the financial industry, and the transition plan announced by NIST. This paper also shows several points to be discussed when dealing with Year 2010 issues.Cryptographic algorithm; Symmetric cipher; Asymmetric cipher; Security; Year 2010 issues; Hash function
Cryptographic security mechanism of the next generation digital tachograph system
JRC is in the process of evaluating the impact of update of the cryptographic security mechanisms for the next generation Digital Tachograph.
The purpose of this document is to give background information about the cryptographic security mechanisms and vulnerabilities regarding the security mechanisms of the current Digital Tachograph System along with suggestions for the next generation Digital Tachograph security mechanisms.
This document can be referred as an important reference to update the technical appendixes of the Tachograph regulation.JRC.G.7-Digital Citizen Securit
A Provably Secure Short Signature Scheme from Coding Theory
Signatures with partially message recovery
in which some parts of messages are not transmitted
with signatures to make them shorter are useful where
bandwidth is one of the crucial concern and especially
in case of signing short messages in applications such
as time stamping, certified email services and identitybased
cryptosystems. In this paper, to have quantum-attackresistant
short signatures, a signature scheme with partially
message recovery from coding theory is proposed. The
security of the proposed scheme is proved under Goppa
Parametrized Bounded Decoding and the Goppa Code
Distinguishing assumptions in the random oracle model.
Relying on the partially message recovery property, the
proposal is shorter than the Dallot signature scheme, the
only provably secure and practical code-based signature
scheme. We should highlight that our scheme can be used
as a building block of code-based signature schemes with
additional properties since it compared to Dallot signature
scheme not only improves its communication overhead but
also it preserves its signature efficiency
SecAdvise - un aviseur de mécanismes de sécurité : implantation, validation et expérimentation du modèle proposé
Mémoire numérisé par la Direction des bibliothèques de l'Université de Montréal
Сравнительный анализ характеристик и принципов построения стандартов ЭЦП на свойствах эллиптических кривых
Розглядаються державні та галузеві стандарти цифрового підпису, які використовують особливості еліптичних кривих. Обґрунтовуються умови необхідності введення більш криптографічно стійких алгоритмів. Робиться порівняльний аналіз прийнятих стандартів ЕЦП з еліптичною криптографією.They are considered already taken state and branch standards digital signature, using particularities elliptical curves. They are motivated condition to need of the introduction more cryptographic rack algorithm. It is done benchmark analysis taken standard ECS with elliptical cryptography
- …