Kryptowochenende 2006 - Workshop über Kryptographie

Das Kryptowochenende ist eine Aktivität der Fachgruppe Angewandte Kryptologie in der Gesellschaft für Informatik (GI) mit dem Ziel, Nachwuchswissenschaftlern, etablierten Forschern und Praktikern auf dem Gebiet der Kryptologie und Computersicherheit die Möglichkeit zu bieten, Kontakte über die eigene Universität hinaus zu knüpfen und sich mit Kollegen aus dem Fachgebiet auszutauschen. Die Vorträge decken ein breites Spektrum ab, von noch laufenden Projekten bis zu abgeschlossenen Forschungsarbeiten, die zeitnah auch auf Konferenzen publiziert wurden bzw. werden sollen. Das erste Kryptowochenende hat stattgefunden vom 01.-02. Juli 2006 im Tagungszentrum der Universität Mannheim im Kloster Bronnbach. Die Beiträge zu diesem Workshop sind im vorliegenden Tagungsband zusammengefasst

A Framework for Uncertain Cloud Data Security and Recovery Based on Hybrid Multi-User Medical Decision Learning Patterns

Machine learning has been supporting real-time cloud based medical computing systems. However, most of the computing servers are independent of data security and recovery scheme in multiple virtual machines due to high computing cost and time. Also, this cloud based medical applications require static security parameters for cloud data security. Cloud based medical applications require multiple servers to store medical records or machine learning patterns for decision making. Due to high Uncertain computational memory and time, these cloud systems require an efficient data security framework to provide strong data access control among the multiple users. In this work, a hybrid cloud data security framework is developed to improve the data security on the large machine learning patterns in real-time cloud computing environment. This work is implemented in two phases’ i.e. data replication phase and multi-user data access security phase. Initially, machine decision patterns are replicated among the multiple servers for Uncertain data recovering phase. In the multi-access cloud data security framework, a hybrid multi-access key based data encryption and decryption model is implemented on the large machine learning medical patterns for data recovery and security process. Experimental results proved that the present two-phase data recovering, and security framework has better computational efficiency than the conventional approaches on large medical decision patterns

Group Selection and Key Management Strategies for Ciphertext-Policy Attribute-Based Encryption

Ciphertext-Policy Attribute-Based Encryption (CPABE) was introduced by Bethencourt, Sahai, and Waters, as an improvement of Identity Based Encryption, allowing fine grained control of access to encrypted files by restricting access to only users whose attributes match that of the monotonic access tree of the encrypted file. Through these modifications, encrypted files can be placed securely on an unsecure server, without fear of malicious users being able to access the files, while allowing each user to have a unique key, reducing the vulnerabilites associated with sharing a key between multiple users. However, due to the fact that CPABE was designed for the purpose of not using trusted servers, key management strategies such as efficient renewal and immediate key revocation are inherently prevented. In turn, this reduces security of the entire scheme, as a user could maliciously keep a key after having an attribute changed or revoked, using the old key to decrypt files that they should not have access to with their new key. Additionally, the original CPABE implementation provided does not discuss the selection of the underlying bilinear pairing which is used as the cryptographic primitive for the scheme. This thesis explores different possibilites for improvement to CPABE, in both the choice of bilinear group used, as well as support for key management that does not rely on proxy servers while minimizing the communication overhead. Through this work, it was found that nonsupersingular elliptic curves can be used for CPABE, and Barreto-Naehrig curves allowed the fastest encryption and key generation in CHARM, but were the slowest curves for decryption due to the large size of the output group. Key management was performed by using a key-insulation method, which provided helper keys which allow keys to be transformed over different time periods, with revocation and renewal through key update. Unfortunately, this does not allow immediate revocation, and revoked keys are still valid until the end of the time period during which they are revoked. Discussion of other key management methods is presented to show that immediate key revocation is difficult without using trusted servers to control access

Pseudo-observables in electroweak Higgs production

We discuss how the leading electroweak Higgs production processes at the LHC, namely vector-boson fusion and Higgs+W/Z associated production, can be characterized in generic extensions of the Standard Model by a proper set of pseudo-observables (PO). We analyze the symmetry properties of these PO and their relation with the PO set appearing in Higgs decays. We discuss in detail the kinematical studies necessary to extract the production PO from data, and present a first estimate of the LHC sensitivity on these observables in the high-luminosity phase. The impact of QCD corrections and the kinematical studies necessary to test the validity of the momentum expansion at the basis of the PO decomposition are also discussed.Comment: 34 pages, 12 figures, 1 tabl

APPLICATION OF SOFT COMPUTING TECHNIQUES OVER HARD COMPUTING TECHNIQUES: A SURVEY

Soft computing is the fusion of different constituent elements. The main aim of this fusion to solve real-world problems, which are not solve by traditional approach that is hard computing. Actually, in our daily life maximum problem having uncertainty and vagueness information. So hard computing fail to solve this problems, because it give exact solution. To overcome this situation soft computing techniques plays a vital role, because it has capability to deal with uncertainty and vagueness and produce approximate result. This paper focuses on application of soft computing techniques over hard computing techniques

Implementation of an identity based encryption sub-system for secure e-mail and other applications

This thesis describes the requirements for, and design of, a suite of a sub-systems which support the introduction of Identity Based Encryption (IBE) to Intrenet communications. Current methods for securing Internet transmission are overly complex to users and require expensive and complex supporting infrastructure for distributing credentials such as certificates or public keys. Identity Based Encryption holds a promise of simplifying the process without compromising the security. In this thesis I will outline the theory behind the cryptography required , give a background to e-M ail and messaging protocols,the current security methods, the infrastructure used, the issues with these methods, and the break through that recent innovations in Identity Based Encryption hopes to deliver.I will describe an implementation of a sub-system that secures e-Mail and other protocolsin desktop platforms with as little impact on the end user as possible

A low-overhead secure communication framework for an inter-cloud environment

Most of the current cloud computing platforms offer Infrastructure as a Service (IaaS) model, which aims to provision basic virtualized computing resources as on-demand and dynamic services. Nevertheless, a single cloud provider may not have limitless resources to offer to its users, hence the notion of an Inter-Cloud environment where a cloud can use the infrastructure resources of other clouds. However, there is no common framework in existence that allows the service owners to seamlessly provision even some basic services across multiple cloud service providers, albeit not due to any inherent incompatibility or proprietary nature of the foundation technologies on which these cloud platforms are built. In this paper we present a novel solution which aims to cover a gap in a subsection of this problem domain. Our solution offers a security architecture that enables service owners to provision a dynamic and service-oriented secure virtual private network on top of multiple cloud IaaS providers. It does this by leveraging the scalability, robustness and flexibility of peer-to-peer overlay techniques to eliminate the manual configuration, key management and peer churn problems encountered in setting up the secure communication channels dynamically, between different components of a typical service that is deployed on multiple clouds. We present the implementation details of our solution as well as experimental results detailing the overheads of our solution carried out on two commercial clouds