6,041 research outputs found
The Crypto-democracy and the Trustworthy
In the current architecture of the Internet, there is a strong asymmetry in
terms of power between the entities that gather and process personal data
(e.g., major Internet companies, telecom operators, cloud providers, ...) and
the individuals from which this personal data is issued. In particular,
individuals have no choice but to blindly trust that these entities will
respect their privacy and protect their personal data. In this position paper,
we address this issue by proposing an utopian crypto-democracy model based on
existing scientific achievements from the field of cryptography. More
precisely, our main objective is to show that cryptographic primitives,
including in particular secure multiparty computation, offer a practical
solution to protect privacy while minimizing the trust assumptions. In the
crypto-democracy envisioned, individuals do not have to trust a single physical
entity with their personal data but rather their data is distributed among
several institutions. Together these institutions form a virtual entity called
the Trustworthy that is responsible for the storage of this data but which can
also compute on it (provided first that all the institutions agree on this).
Finally, we also propose a realistic proof-of-concept of the Trustworthy, in
which the roles of institutions are played by universities. This
proof-of-concept would have an important impact in demonstrating the
possibilities offered by the crypto-democracy paradigm.Comment: DPM 201
Novel Framework for Hidden Data in the Image Page within Executable File Using Computation between Advanced Encryption Standard and Distortion Techniques
The hurried development of multimedia and internet allows for wide
distribution of digital media data. It becomes much easier to edit, modify and
duplicate digital information. In additional, digital document is also easy to
copy and distribute, therefore it may face many threats. It became necessary to
find an appropriate protection due to the significance, accuracy and
sensitivity of the information. Furthermore, there is no formal method to be
followed to discover a hidden data. In this paper, a new information hiding
framework is presented.The proposed framework aim is implementation of
framework computation between advance encryption standard (AES) and distortion
technique (DT) which embeds information in image page within executable file
(EXE file) to find a secure solution to cover file without change the size of
cover file. The framework includes two main functions; first is the hiding of
the information in the image page of EXE file, through the execution of four
process (specify the cover file, specify the information file, encryption of
the information, and hiding the information) and the second function is the
extraction of the hiding information through three process (specify the stego
file, extract the information, and decryption of the information).Comment: 6 Pages IEEE Format, International Journal of Computer Science and
Information Security, IJCSIS 2009, ISSN 1947 5500, Impact Factor 0.42
Why Do Developers Get Password Storage Wrong? A Qualitative Usability Study
Passwords are still a mainstay of various security systems, as well as the
cause of many usability issues. For end-users, many of these issues have been
studied extensively, highlighting problems and informing design decisions for
better policies and motivating research into alternatives. However, end-users
are not the only ones who have usability problems with passwords! Developers
who are tasked with writing the code by which passwords are stored must do so
securely. Yet history has shown that this complex task often fails due to human
error with catastrophic results. While an end-user who selects a bad password
can have dire consequences, the consequences of a developer who forgets to hash
and salt a password database can lead to far larger problems. In this paper we
present a first qualitative usability study with 20 computer science students
to discover how developers deal with password storage and to inform research
into aiding developers in the creation of secure password systems
- …