THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

USA – Sweeping reforms proposed for securities offerings

Article by Kimberly Anne Summe (Investment Banking Legal Division, Morgan Stanley Dean Witter, New York) looking at proposals from the US Securities and Exchange Commission (the “SEC”) to modernise the regulatory structure for securities offerings. Published in the Letter from … section of Amicus Curiae - Journal of the Institute of Advanced Legal Studies and its Society for Advanced Legal Studies. The Journal is produced by the Society for Advanced Legal Studies at the Institute of Advanced Legal Studies, University of London

A robust self-organized public key management for mobile ad hoc networks

A mobile ad hoc network (MANET) is a self-organized wireless network where mobile nodes can communicate with each other without the use of any existing network infrastructure or centralized administration. Trust establishment and management are essential for any security framework of MANETs. However, traditional solutions to key management through accessing trusted authorities or centralized servers are infeasible for MANETs due to the absence of infrastructure, frequent mobility, and wireless link instability. In this paper, we propose a robust self-organized, public key management for MANETs. The proposed scheme relies on establishing a small number of trust relations between neighboring nodes during the network initialization phase. Experiences gained as a result of successful communications and node mobility through the network enhance the formation of a web of trust between mobile nodes. The proposed scheme allows each user to create its public key and the corresponding private key, to issue certificates to neighboring nodes, and to perform public key authentication through at least two independent certificate chains without relying on any centralized authority. A measure of the communications cost of the key distribution process has been proposed. Simulation results show that the proposed scheme is robust and efficient in the mobility environment of MANET and against malicious node attacks

Do Entry Conditions Vary across Markets?

macroeconomics, entry conditions