Theoretical examination and practical implementation on cryptography algorithms, digital money protocols and related applications.

by Shek Wong.Thesis submitted in: December 1997.Thesis (M.Phil.)--Chinese University of Hong Kong, 1998.Includes bibliographical references (leaves 90-[94]).Abstract also in Chinese.Chapter 1 --- Introduction --- p.1Chapter 1.1 --- Electronic Commerce --- p.3Chapter 1.2 --- Electronic Cash --- p.7Chapter 1.3 --- What This Report Contains --- p.9Chapter 2 --- Cryptographic Background --- p.11Chapter 2.1 --- Euler Totient Function --- p.12Chapter 2.2 --- Fermat's Little Theorem --- p.12Chapter 2.3 --- Quadratic Residues --- p.12Chapter 2.4 --- Legendre Symbol --- p.13Chapter 2.5 --- Jacobi Symbol --- p.14Chapter 2.6 --- Blum Integer --- p.16Chapter 2.7 --- Williams Integer --- p.18Chapter 2.8 --- The Quadratic Residuosity Problem --- p.19Chapter 2.9 --- The Factorization Problem --- p.20Chapter 2.10 --- The Discrete Logarithm Problem --- p.20Chapter 2.11 --- One-way Functions --- p.21Chapter 2.12 --- Blind Signature --- p.22Chapter 2.13 --- Cut-and-choose Methodology --- p.24Chapter 3 --- Anatomy and Panorama of Electronic Cash --- p.26Chapter 3.1 --- Anatomy of Electronic Cash --- p.26Chapter 3.1.1 --- Three Functions and Six Criteria --- p.28Chapter 3.1.2 --- Untraceable --- p.29Chapter 3.1.3 --- Online and Off-line --- p.30Chapter 3.1.4 --- Security --- p.32Chapter 3.1.5 --- Transferability --- p.33Chapter 3.2 --- Panorama of Electronic Cash --- p.34Chapter 3.2.1 --- First Model of Off-line Electronic Cash --- p.34Chapter 3.2.2 --- Successors --- p.35Chapter 3.2.3 --- Binary Tree Based Divisible Electronic Cash --- p.36Chapter 4 --- Spending Limit Enforced Electronic Cash --- p.37Chapter 4.1 --- Introduction to Spending Limit Enforced Electronic Cash --- p.37Chapter 4.2 --- The Scheme --- p.41Chapter 4.3 --- An Example --- p.44Chapter 4.4 --- Techniques --- p.47Chapter 4.5 --- Security and Efficiency --- p.51Chapter 5 --- Interest-bearing Electronic Cash --- p.53Chapter 5.1 --- Introduction to Interest-bearing Electronic Cash --- p.53Chapter 5.2 --- An Example --- p.55Chapter 5.3 --- The Scheme --- p.55Chapter 5.4 --- Security --- p.57Chapter 5.5 --- An Integrated Scheme --- p.58Chapter 5.6 --- Applications --- p.59Chapter 6 --- Abacus Type Electronic Cash --- p.61Chapter 6.1 --- Introduction --- p.61Chapter 6.2 --- Abacus Model --- p.63Chapter 6.3 --- Divisible Abacus Electronic Coins --- p.66Chapter 6.3.1 --- Binary Tree Abacus Approach --- p.66Chapter 6.3.2 --- Multi-tree Approach --- p.57Chapter 6.3.3 --- Analysis --- p.69Chapter 6.4 --- Abacus Electronic Cash System --- p.71Chapter 6.4.1 --- Opening Protocol --- p.71Chapter 6.4.2 --- Withdrawal Protocol --- p.74Chapter 6.4.3 --- Payment and Deposit Protocol --- p.75Chapter 6.5 --- Anonymity and System Efficiency --- p.78Chapter 7 --- Conclusions --- p.80Chapter A --- Internet Payment Systems --- p.82Chapter A.1 --- Bare Web FORM --- p.82Chapter A.2 --- Secure Web FORM Payment System --- p.85Chapter A.3 --- Membership Type Payment System --- p.86Chapter A.4 --- Agent Based Payment System --- p.87Chapter A.5 --- Internet-based POS --- p.87B Papers derived from this thesis --- p.89Bibliography --- p.9

A mobile agent clone detection system using general transferable E-cash and its specific implementation with Ferguson's E-coin.

by Lam Tak-Cheung.Thesis (M.Phil.)--Chinese University of Hong Kong, 2002.Includes bibliographical references (leaves 61-66).Abstracts in English and Chinese.Chapter 1. --- Introduction --- p.1Chapter 1.1 --- Evolution of the Mobile Agent Paradigm --- p.2Chapter 1.2 --- Beneficial Aspects of Mobile Agents --- p.3Chapter 1.3 --- Security Threats of Mobile Agents --- p.4Chapter 1.4 --- Organization of the Thesis --- p.6Chapter 2. --- Background of Cryptographic Theories --- p.7Chapter 2.1 --- Introduction --- p.7Chapter 2.2 --- Encryption and Decryption --- p.7Chapter 2.3 --- Six Cryptographic Primitives --- p.8Chapter 2.3.1 --- Symmetric Encryption --- p.8Chapter 2.3.2 --- Asymmetric Encryption --- p.9Chapter 2.3.3 --- Digital Signature --- p.9Chapter 2.3.4 --- Message Digest --- p.10Chapter 2.3.5 --- Digital Certificate --- p.11Chapter 2.3.6 --- Zero-Knowledge Proof --- p.11Chapter 2.4 --- RSA Public Key Cryptosystem --- p.12Chapter 2.5 --- Blind Signature --- p.13Chapter 2.6 --- Secret Sharing --- p.14Chapter 2.7 --- Conclusion Remarks --- p.14Chapter 3. --- Background of Mobile Agent Clones --- p.15Chapter 3.1 --- Introduction --- p.15Chapter 3.2 --- Types of Agent Clones --- p.15Chapter 3.3 --- Mobile Agent Cloning Problems --- p.16Chapter 3.4 --- Baek's Detection Scheme for Mobile Agent Clones --- p.17Chapter 3.4.1 --- The Main Idea --- p.17Chapter 3.4.2 --- Shortcomings of Baek's Scheme --- p.18Chapter 3.5 --- Conclusion Remarks --- p.19Chapter 4. --- Background of E-cash --- p.20Chapter 4.1 --- Introduction --- p.20Chapter 4.2 --- The General E-cash Model --- p.21Chapter 4.3 --- Chaum-Pedersen's General Transferable E-cash --- p.22Chapter 4.4 --- Ferguson's Single-term Off-line E-coins --- p.23Chapter 4.4.1 --- Technical Background of the Secure Tools --- p.24Chapter 4.4.2 --- Protocol Details --- p.27Chapter 4.5 --- Conclusion Remarks --- p.30Chapter 5. --- A Mobile Agent Clone Detection System using General Transferable E-cash --- p.31Chapter 5.1 --- Introduction --- p.31Chapter 5.2 --- Terminologies --- p.33Chapter 5.3 --- Mobile Agent Clone Detection System with Transferable E-cash --- p.34Chapter 5.4 --- Security and Privacy Analysis --- p.37Chapter 5.5 --- Attack Scenarios --- p.39Chapter 5.5.1 --- The Chosen Host Response Attack --- p.39Chapter 5.5.2 --- The Truncation and Substitution Attack --- p.40Chapter 5.6 --- An Alternative Scheme without Itinerary Privacy --- p.41Chapter 5.7 --- Conclusion Remarks --- p.43Chapter 6. --- Specific Implementation of the Mobile Agent Clone Detection System with Transferable Ferguson's E-coin --- p.45Chapter 6.1 --- Introduction --- p.45Chapter 6.2 --- The Clone Detection Environment --- p.46Chapter 6.3 --- Protocols --- p.48Chapter 6.3.2 --- Withdrawing E-tokens --- p.48Chapter 6.3.2 --- The Agent Creation Protocol --- p.51Chapter 6.3.3 --- The Agent Migration Protocol --- p.51Chapter 6.3.4 --- Clone Detection and Culprit Identification --- p.52Chapter 6.4 --- Security and Privacy Analysis --- p.54Chapter 6.5 --- Complexity Analysis --- p.55Chapter 6.5.1 --- Compact Passport --- p.55Chapter 6.5.2 --- Passport growth in size --- p.56Chapter 6.6 --- Conclusion Remarks --- p.56Chapter 7. --- Conclusions --- p.58Appendix 一 Papers derived from this thesis Bibliograph

Advances in signatures, encryption, and E-Cash from bilinear groups

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 147-161).We present new formal definitions, algorithms, and motivating applications for three natural cryptographic constructions. Our constructions are based on a special type of algebraic group called bilinear groups. 1. Re-Signatures: We present the first public key signature scheme where a semi-trusted proxy, given special information, can translate Alice's signature on a message into Bob's signature on the same message. The special information, however, allows nothing else, i.e., the proxy cannot translate from Bob to Alice, nor can it sign on behalf of either Alice or Bob. We show that a path through a graph can be cheaply authenticated using this scheme, with applications to electronic passports. 2. Re-Encryption: We present the first public key cryptosystem where a semi-trusted proxy, given special information, can translate an encryption of a message under Alice's key into an encryption of the same message under Bob's key. Again, the special information allows nothing else, i.e. the proxy cannot translate from Bob to Alice, decrypt on behalf of either Alice or Bob, or learn anything else about the message. We apply this scheme to create a new mechanism for secure distributed storage.(cont.) 3. Compact; E-Cash with Tracing and Bounded-Anonymity: We present an offline e-cash system where 2 coins can be stored in O(e + k) bits and withdrawn or spent in 0(f + k) time, where k is the security parameter. The best previously known schemes required at least one of these complexities to be 0(2t . k). In our system, a user's transactions are anonymous and unlinkable, unless she performs a forbidden action, such as double-spending a coin. Performing a forbidden action reveals the identity of the user, and optionally allows to trace all of her past transactions. We provide solutions without using a trusted party. We argue why features of our system are likely to be crucial to the adoption of any e-cash system.by Susan Hohenberger.Ph.D

Cryptography in privacy-preserving applications.

Tsang Pak Kong.Thesis (M.Phil.)--Chinese University of Hong Kong, 2005.Includes bibliographical references (leaves 95-107).Abstracts in English and Chinese.Abstract --- p.iiAcknowledgement --- p.ivChapter 1 --- Introduction --- p.1Chapter 1.1 --- Privacy --- p.1Chapter 1.2 --- Cryptography --- p.5Chapter 1.2.1 --- History of Cryptography --- p.5Chapter 1.2.2 --- Cryptography Today --- p.6Chapter 1.2.3 --- Cryptography For Privacy --- p.7Chapter 1.3 --- Thesis Organization --- p.8Chapter 2 --- Background --- p.10Chapter 2.1 --- Notations --- p.10Chapter 2.2 --- Complexity Theory --- p.11Chapter 2.2.1 --- Order Notation --- p.11Chapter 2.2.2 --- Algorithms and Protocols --- p.11Chapter 2.2.3 --- Relations and Languages --- p.13Chapter 2.3 --- Algebra and Number Theory --- p.14Chapter 2.3.1 --- Groups --- p.14Chapter 2.3.2 --- Intractable Problems --- p.16Chapter 2.4 --- Cryptographic Primitives --- p.18Chapter 2.4.1 --- Public-Key Encryption --- p.18Chapter 2.4.2 --- Identification Protocols --- p.21Chapter 2.4.3 --- Digital Signatures --- p.22Chapter 2.4.4 --- Hash Functions --- p.24Chapter 2.4.5 --- Zero-Knowledge Proof of Knowledge --- p.26Chapter 2.4.6 --- Accumulators --- p.32Chapter 2.4.7 --- Public Key Infrastructure --- p.34Chapter 2.5 --- Zero Knowledge Proof of Knowledge Protocols in Groups of Unknown Order --- p.36Chapter 2.5.1 --- The Algebraic Setting --- p.36Chapter 2.5.2 --- Proving the Knowledge of Several Discrete Logarithms . --- p.37Chapter 2.5.3 --- Proving the Knowledge of a Representation --- p.38Chapter 2.5.4 --- Proving the Knowledge of d Out of n Equalities of Discrete Logarithms --- p.39Chapter 2.6 --- Conclusion --- p.42Chapter 3 --- Related Works --- p.43Chapter 3.1 --- Introduction --- p.43Chapter 3.2 --- Group-Oriented Signatures without Spontaneity and/or Anonymity --- p.44Chapter 3.3 --- SAG Signatures --- p.46Chapter 3.4 --- Conclusion --- p.49Chapter 4 --- Linkable Ring Signatures --- p.50Chapter 4.1 --- Introduction --- p.50Chapter 4.2 --- New Notions --- p.52Chapter 4.2.1 --- Accusatory Linking --- p.52Chapter 4.2.2 --- Non-slanderability --- p.53Chapter 4.2.3 --- Linkability in Threshold Ring Signatures --- p.54Chapter 4.2.4 --- Event-Oriented Linking --- p.55Chapter 4.3 --- Security Model --- p.56Chapter 4.3.1 --- Syntax --- p.56Chapter 4.3.2 --- Notions of Security --- p.58Chapter 4.4 --- Conclusion --- p.63Chapter 5 --- Short Linkable Ring Signatures --- p.64Chapter 5.1 --- Introduction --- p.64Chapter 5.2 --- The Construction --- p.65Chapter 5.3 --- Security Analysis --- p.68Chapter 5.3.1 --- Security Theorems --- p.68Chapter 5.3.2 --- Proofs --- p.68Chapter 5.4 --- Discussion --- p.70Chapter 5.5 --- Conclusion --- p.71Chapter 6 --- Separable Linkable Threshold Ring Signatures --- p.72Chapter 6.1 --- Introduction --- p.72Chapter 6.2 --- The Construction --- p.74Chapter 6.3 --- Security Analysis --- p.76Chapter 6.3.1 --- Security Theorems --- p.76Chapter 6.3.2 --- Proofs --- p.77Chapter 6.4 --- Discussion --- p.79Chapter 6.5 --- Conclusion --- p.80Chapter 7 --- Applications --- p.82Chapter 7.1 --- Offline Anonymous Electronic Cash --- p.83Chapter 7.1.1 --- Introduction --- p.83Chapter 7.1.2 --- Construction --- p.84Chapter 7.2 --- Electronic Voting --- p.85Chapter 7.2.1 --- Introduction --- p.85Chapter 7.2.2 --- Construction . --- p.87Chapter 7.2.3 --- Discussions --- p.88Chapter 7.3 --- Anonymous Attestation --- p.89Chapter 7.3.1 --- Introduction --- p.89Chapter 7.3.2 --- Construction --- p.90Chapter 7.4 --- Conclusion --- p.91Chapter 8 --- Conclusion --- p.92A Paper Derivation --- p.94Bibliography --- p.9

Anonymity and trust in the electronic world

Privacy has never been an explicit goal of authorization mechanisms. The traditional approach to authorisation relies on strong authentication of a stable identity using long term credentials. Audit is then linked to authorization via the same identity. Such an approach compels users to enter into a trust relationship with large parts of the system infrastructure, including entities in remote domains. In this dissertation we advance the view that this type of compulsive trust relationship is unnecessary and can have undesirable consequences. We examine in some detail the consequences which such undesirable trust relationships can have on individual privacy, and investigate the extent to which taking a unified approach to trust and anonymity can actually provide useful leverage to address threats to privacy without compromising the principal goals of authentication and audit. We conclude that many applications would benefit from mechanisms which enabled them to make authorization decisions without using long-term credentials. We next propose specific mechanisms to achieve this, introducing a novel notion of a short-lived electronic identity, which we call a surrogate. This approach allows a localisation of trust and entities are not compelled to transitively trust other entities in remote domains. In particular, resolution of stable identities needs only ever to be done locally to the entity named. Our surrogates allow delegation, enable role-based access control policies to be enforced across multiple domains, and permit the use of non-anonymous payment mechanisms, all without compromising the privacy of a user. The localisation of trust resulting from the approach proposed in this dissertation also has the potential to allow clients to control the risks to which they are exposed by bearing the cost of relevant countermeasures themselves, rather than forcing clients to trust the system infrastructure to protect them and to bear an equal share of the cost of all countermeasures whether or not effective for them. This consideration means that our surrogate-based approach and mechanisms are of interest even in Kerberos-like scenarios where anonymity is not a requirement, but the remote authentication mechanism is untrustworthy

Cryptocurrencies and Mixing Services

Η παρούσα πτυχιακή εργασία παρουσιάζει περιληπτικά τα τεχνικά χαρακτηριστικά ορισμένων κρυπτονομισμάτων, τις βασικές ιδιότητες και μηχανισμούς με τους οποίους λειτουργούν και την υποστήριξη ή όχι από smart contracts. Τα κρυπτονομίσματα που παρουσιάζονται είναι τα εξής: Bitcoin, Ethereum, Ripple (XRP), Dash, Litecoin, Namecoin. Επιπρόσθετα, η εργασία επικεντρώνεται στις τεχνικές κρυπτογραφίας και στις υπηρεσίες ανάμειξης. Η υπηρεσία ανάμειξης κρυπτονομισμάτων είναι μια υπηρεσία που προσφέρεται για τη μίξη δυνητικά αναγνωρίσιμων ή «μολυσμένων» κεφαλαίων κρυπτογράφησης με άλλους, έτσι ώστε να επισκιάσει το ίχνος πίσω στην αρχική πηγή του ταμείου. Υπάρχουν διάφορα πρωτόκολλα που χρησιμοποιούνται για να πετύχουν την ανωνυμία του αποστολέα, καθένα από αυτά με τον δικό του τρόπο λειτουργίας, πλεονεκτήματα, μειονεκτήματα και δυνατότητες. Τα πρωτόκολλα που αναλύονται και συγκρίνονται μεταξύ τους είναι τα εξής: Mixcoin, Blindcoin, Tumblebit, Coinjoin, Coinshuffle, Xim, Mobius και Mixeth.This BSc thesis presents briefly the technical characteristics of some cryptocurrencies and the basic properties and mechanisms by which they operate and the support or not of smart contracts. The cryptocurrencies presented are the following: Bitcoin, Ethereum, Ripple (XRP), Dash, Litecoin, Namecoin. Moreover, this BSc thesis focuses on cryptography techniques and mixing services. A cryptocurrency mixing service is a service offered for mixing potentially identifiable or "infected" encryption funds with others, in order to overshadow the trail back to the original source of the fund. There are various protocols used to achieve sender anonymity, each with its own mode of operation, pros, cons, and capabilities. The protocols that are analyzed and compared are the following: Mixcoin, Blindcoin, Tumblebit, Coinjoin, Coinshuffle, Xim, Mobius and Mixeth

Сборник текстов по обучению профессионально-ориентированному чтению на английском языке для студентов специальностей 1-28 01 01 – "Экономика электронного бизнеса" 1-28 01 02 – "Электронный маркетинг"

Rakhuba Valery Ivanovich. Основы электронного бизнеса и маркетинга. Learning Textbook professionally oriented reading in EnglishСборник текстов по обучению профессионально-ориентированному чтению на английском языке предназначается для студентов специальностей 1-28 01 01 Экономика электронного бизнеса и 1-28 01 02 Электронный маркетинг. Тематика текстов дает достаточно полное представление о практической реализации принципов деятельности в этих сферах экономической активности

Primitive-based payment systems for flexible value transfer in the personal router

Thesis (S.M.)--Massachusetts Institute of Technology, Engineering Systems Division, Technology and Policy Program, 2002.Includes bibliographical references (p. 149-154).This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.The Personal Router is a mobile communication device developed by the Advanced Network Architecture group at the MIT Laboratory for Computer Science. The Personal Router is able to select and negotiate connectivity with local providers for different kinds of services and interfaces. It needs payment procedures to support these services. As this device is designed to be used in many distinct unpredictable contexts, it cannot implement a single payment system. The complexity of existing payment systems has to be mapped into this new environment. A different payment system must be chosen each time, depending on many variables such as costs, environmental constraints, privacy, user and provider's needs and preferences. Privacy is a major issue for this device. In effect, getting wireless and mobile service everywhere will possibly leave an easily traceable trail; moreover, using this device supposes negotiating with many different untrusted providers and paying for the service. This can create huge potential threats for privacy and personal data management if this issue is not included in the early stage of the design. Legal requirements and user preferences and expectations for privacy in electronic transactions are therefore explored. Past attempts to enhance privacy in different environments are examined. Reasons why most of them have failed and some of them are struggling to stay alive are analyzed. New privacy threats faced by the Personal Router are considered. A new approach based on building blocks is made. Payment systems are split into primitive operations; each of them implements one step of a transaction. The combination of these building blocks replicates a payment protocol. The characteristics of a payment system can then be derived from the analysis of the implementation of each of these primitives. Users' preferences are defined by attributes. Payment systems can then be compared through their primitives and even slightly modified to be closer to users' ideal system by altering the primitives. The modular approach makes this easier. This framework is successfully tested on three major electronic payment systems. Several limitations of this approach and open issues related to the Personal Router are exposed.by Xavier F. Brucker.S.M

Smart and Secure Augmented Reality for Assisted Living

Augmented reality (AR) is one of the biggest technology trends which enables people to see the real-life surrounding environment with a layer of virtual information overlaid on it. Assistive devices use this match of information to help people better understand the environment and consequently be more efficient. Specially, AR has been extremely useful in the area of Ambient Assisted Living (AAL). AR-based AAL solutions are designed to support people in maintaining their autonomy and compensate for slight physical and mental restrictions by instructing them on everyday tasks. The discovery of visual attention for assistive aims is a big challenge since in dynamic cluttered environments objects are constantly overlapped and partial object occlusion is also frequent. Current solutions use egocentric object recognition techniques. However, the lack of accuracy affects the system's ability to predict users’ needs and consequently provide them with the proper support. Another issue is the manner that sensitive data is treated. This highly private information is crucial for improving the quality of healthcare services. However, current blockchain approaches are used only as a permission management system, while the data is still stored locally. As a result, there is a potential risk of security breaches. Privacy risk in the blockchain domain is also a concern. As major investigation tackles privacy issues based on off-chain approaches, there is a lack of effective solutions for providing on-chain data privacy. Finally, the Blockchain size has been shown to be a limiting factor even for chains that store simple transactional data, much less the massive blocks that would be required for storing medical imaging studies. To tackle the aforementioned major issues, this research proposes a framework to provide a smarter and more secure AR-based solution for AAL. Firstly, a combination of head-worn eye-trackers cameras with egocentric video is designed to improve the accuracy of visual attention object recognition in free-living settings. A heuristic function is designed to generate a probability estimation of visual attention over objects within an egocentric video. Secondly, a novel methodology for the storage of large sensitive AR-based AAL data is introduced in a decentralized fashion. By leveraging the power of the IPFS (InterPlanetary File System) protocol to tackle the lack of storage issue in the Blockchain. Meanwhile, a blockchain solution on the Secret Network blockchain is developed to tackle the existent lack of privacy on smart contracts, which provides data privacy at both transactional and computational levels. In addition, is included a new off-chain solution encapsulates a governing body for permission management purposes to solve the problem of the lost or eventual theft of private keys. Based on the research findings, that visual attention-object detection approach is applicable to cluttered environments which presents a transcend performance compared to the current methods. This study also produced an egocentric indoor dataset annotated with human fixation during natural exploration in a cluttered environment. Comparing to previous works, this dataset is more realistic because it was recorded in real settings with variations in terms of objects overlapping regions and object sizes. With respect to the novel decentralized storage methodology, results indicate that sensitive data can be stored and queried efficiently using the Secret Network blockchain. The proposed approach achieves both computational and transactional privacy with significantly less cost. Additionally, this approach mitigates the risk of permanent loss of access to the patient on-chain data records. The proposed framework can be applied as an assistive technology in a wide range of sectors that requires AR-based solution with high-precision visual-attention object detection, efficient data access, high-integrity data storage and full data privacy and security