The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users

LEGAL ISSUES INVOLVING CRYPTOGRAPHY IN INDIA

ABSTRACT The value of information is increasing day by day. Technological advancement had brought radical change in the exchange of information, which also gave birth to issues relating to freedom of information, the flow of information and the use of technology. Encryption and other advanced technologies can be use as a solution to these problems. But, the problem however, is to whether and to what extent the use of encryption techniques should be restricted by law. In most of the countries regulations on encryption techniques comes as a conflicting interest between the privacy rights of individuals and national security. By this paper we address major issues relating to the encryption laws in India namely issues relating to the commercial use of encryption software and hardware by private individuals and companies, credibility of the concept of key escrow or back door entry, and issues relating to the export of encryption software and hardware. And solutions are provided in the form of daft recommendations to the government

Cryptography, Passwords, Privacy, and the Fifth Amendment

Military-grade cryptography has been widely available at no cost for personal and commercial use since the early 1990s. Since the introduction of Pretty Good Privacy (PGP), more and more people encrypt files and devices, and we are now at the point where our smartphones are encrypted by default. While this ostensibly provides users with a high degree of privacy, compelling a user to provide a password has been interpreted by some courts as a violation of our Fifth Amendment protections, becoming an often insurmountable hurdle to law enforcement lawfully executing a search warrant. This paper will explore some of the issues around this complex legal and social issue, including the evolution in the use of digital cryptography and the evolving legal interpretations of privacy

A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The concept of cloud computing offers measurable computational or information resources as a service over the Internet. The major motivation behind the cloud setup is economic benefits, because it assures the reduction in expenditure for operational and infrastructural purposes. To transform it into a reality there are some impediments and hurdles which are required to be tackled, most profound of which are security, privacy and reliability issues. As the user data is revealed to the cloud, it departs the protection-sphere of the data owner. However, this brings partly new security and privacy concerns. This work focuses on these issues related to various cloud services and deployment models by spotlighting their major challenges. While the classical cryptography is an ancient discipline, modern cryptography, which has been mostly developed in the last few decades, is the subject of study which needs to be implemented so as to ensure strong security and privacy mechanisms in today’s real-world scenarios. The technological solutions, short and long term research goals of the cloud security will be described and addressed using various classical cryptographic mechanisms as well as modern ones. This work explores the new directions in cloud computing security, while highlighting the correct selection of these fundamental technologies from cryptographic point of view

Foucault in Cyberspace: Surveillance, Sovereignty, and Hardwired Censors

This is an essay about law in cyberspace. I focus on three interdependent phenomena: a set of political and legal assumptions that I call the jurisprudence of digital libertarianism, a separate but related set of beliefs about the state\u27s supposed inability to regulate the Internet, and a preference for technological solutions to hard legal issues on-line. I make the familiar criticism that digital libertarianism is inadequate because of its blindness towards the effects of private power, and the less familiar claim that digital libertarianism is also surprisingly blind to the state\u27s own power in cyberspace. In fact, I argue that the conceptual structure and jurisprudential assumptions of digital libertarianism lead its practitioners to ignore the ways in which the state can often use privatized enforcement and state-backed technologies to evade some of the supposed practical (and constitutional) restraints on the exercise of legal power over the Net. Finally, I argue that technological solutions which provide the keys to the first two phenomena are neither as neutral nor as benign as they are currently perceived to be. Some of my illustrations will come from the current Administration proposals for Internet copyright regulation, others from the Communications Decency Act and the cryptography debate. In the process, I make opportunistic and unsystematic use of the late Michel Foucault\u27s work to criticise some the jurisprudential orthodoxy of the Net