Improvement of a convertible undeniable partially blind signature scheme

Undeniable signatures are the digital signatures that should be verified with the help of the signer. A signer may disavow a genuine document, if the signature is only verifiable with the aid of the signer under the condition that the signer is not honest. Undeniable signatures solve this problem by adding a new feature called the disavowal protocol in addition to the normal components of signature and verification. Disavowal protocol is able to prevent a dishonest signer from disavowing a valid signature. In some situations, an undeniable signature should be converted into a normal digital signature in order that the signature can be universally verified. Blind signatures are the digital signatures that help a user to get a signature on a message without revealing the content of the message to a signer. For the blind signatures, if the signer is able to make an agreement with the user, then the underlying signer may include some common information that is known to the user, then such signatures are partially blind signatures. Convertible undeniable partially blind signatures are of the features of undeniable signatures, blind signatures, convertible undeniable signatures, and partially blind signatures. Recently, a convertible undeniable partially blind signature scheme was presented. In this paper, we first analyse a security flaw of the convertible undeniable partially blind signature scheme. To address the security flaw, we present an improvement on the disavowal protocol. The improved scheme can prevent the signer from either proving that a given valid signature as invalid, or cheating the verifier

Pennsylvania and Pornography: CDT v. Pappert Offers a New Approach to Criminal Liability, 23 J. Marshall J. Computer & Info. L. 411 (2005)

The rapid expansion of information technology in the past few years has left states and the Federal government struggling desperately to keep up and many of the laws attempting to regulate the Internet and information technology show a lack of understanding how the affected technology actually works and could possibly the growth and distribution of new ideas and inventions even incapacitate the Internet. One area in particular that has been the subject of widespread concern and attention is online pornography, a business that few people only realize just how big it truly is. This article focuses on the recent District Court of Pennsylvania decision in Center for Democracy & Technology et al vs. Pappert, the latest in a string of decisions striking down laws aimed at regulating online access to pornography and other sexually explicit material. After briefly presenting how the Pennsylvania Internet Child Pornography Act applies to online content regulation, a brief explanation of the technology involved is offered, arguing that the answer to problems involving technology is not more technology. It then examines the issues raised by the Pennsylvania statute and others like it, relating to the First Amendment and due process as well as constitutional issues relating to the Commerce Clause. It is a generally acceptable fact that federal and state governments have a legitimate interest in regulating child pornography but Internet regulation both at the state and federal level, such as the Communications Decency Act, have been proven unconstitutional and ineffective. The author argues that the answer is to find a balance between recognizing the challenges and features of the Internet and utilizing existing legislation in a more efficient and practical manner while adapting the methods of law enforcement agencies to the new demands in order to save time and money as well as prosecute criminals. Ultimately, the best answer to furthering the legitimate interests of controlling access to obscenity and child pornography lies in a combination of federal/international legislation, self-regulation by the adult industry, and most importantly, common sense by individual users

Toward a Generic Construction of Convertible Undeniable Signatures from Pairing-Based Signatures

Undeniable signatures were proposed to limit the verification property of ordinary digital signatures. In fact, the verification of such signatures cannot be attained without the help of the signer, via the confirmation/denial protocols. Later, the concept was refined to give the possibility of converting a \emph{selected} signature into an ordinary one, or publishing a \emph{universal} receipt that turns all undeniable signatures publicly verifiable. In this paper, we present the first generic construction for convertible undeniable signatures from certain weakly secure cryptosystems and any secure digital signature scheme. Next, we give two specific approaches for building convertible undeniable signatures from a large class of pairing-based signatures. These methods find a nice and practical instantiation with known encryption and signature schemes. For instance, we achieve the most efficient undeniable signatures with regard to the signature length and cost, the underlying assumption and the security model. We believe these constructions could be an interesting starting point to develop more efficient schemes or give better security analyses of the existing ones

Provably Secure Convertible Undeniable Signatures with Unambiguity

This paper shows some efficient and provably-secure convertible undeniable signature schemes (with both selective conversion and all conversion), in the standard model and discrete logarithm setting. They further satisfy unambiguity, which is traditionally required for anonymous signatures. Briefly, unambiguity means that it is hard to generate a (message, signature) pair which is valid for two {\em different} public-keys. In other words, our schemes can be viewed as anonymous signature schemes as well as convertible undeniable signature schemes. Besides other applications, we show that such schemes are very suitable for anonymous auction

Performance Evaluation of a Field Programmable Gate Array-Based System for Detecting and Tracking Peer-to-Peer Protocols on a Gigabit Ethernet Network

Recent years have seen a massive increase in illegal, suspicious, and malicious traffic traversing government and military computer networks. Some examples include illegal file distribution and disclosure of sensitive information using the BitTorrent file sharing protocol, criminals and terrorists using Voice over Internet Protocol (VoIP) technologies to communicate, and foreign entities exfiltrating sensitive data from government, military, and Department of Defense contractor networks. As a result of these growing threats, the TRacking and Analysis for Peer-to-Peer (TRAPP) system was developed in 2008 to detect BitTorrent and VoIP traffic of interest. The TRAPP system, designed on a Xilinx Virtex-II Pro Field Programmable Gate Array (FPGA) proved valuable and effective in detecting traffic of interest on a 100 Mbps network. Using concepts and technology developed for the TRAPP system, the TRAPP-2 system is developed on a Xilinx ML510 FPGA. The goals of this research are to evaluate the performance of the TRAPP-2 system as a solution to detect and track malicious packets traversing a gigabit Ethernet network. The TRAPP-2 system detects a BitTorrent, Session Initiation Protocol (SIP), or Domain Name System (DNS) packet, extracts the payload, compares the data against a hash list, and if the packet is suspicious, logs the entire packet for future analysis. Results show that the TRAPP-2 system captures 95.56% of BitTorrent, 20.78% of SIP INVITE, 37.11% of SIP BYE, and 91.89% of DNS packets of interest while under a 93.7% network utilization (937 Mbps). For another experiment, the contraband hash list size is increased from 1,000 to 131,072,000 unique items. The experiment reveals that each doubling of the hash list size results in a mean increase of approximately 16 central processing unit cycles. These results demonstrate the TRAPP-2 system’s ability to detect traffic of interest under a saturated network utilization while maintaining large contraband hash lists

Internet Copyright Infringement and Service Providers: The Case for a Negotiated Rulemaking Alternative

The Internet has dramatically increased the ease of copyright infringement. A popular proposal recommends that Internet service providers (ISP) be held liable for the harms, including copyright infringements, of their users. ISPs reject this approach, warning that it will hamper the expansion of the Internet. This article recommends a regulatory approach to ISP liability for copyright infringement. A technical introduction to the Internet is given, pointing to difficulties that courts have had navigating this conceptually new and complex subject. Arguments in favor or strict liability of ISPs are presented, with an analysis of their likely economic and social consequences. The author concludes with a regulatory solution designed to minimize losses both to service providers and content providers

Concurrent Security of Anonymous Credentials Light, Revisited

We revisit the concurrent security guarantees of the well-known Anonymous Credentials Light (ACL) scheme (Baldimtsi and Lysyanskaya, CCS\u2713). This scheme was originally proven secure when executed sequentially, and its concurrent security was left as an open problem. A later work of Benhamouda et al. (EUROCRYPT\u2721) gave an efficient attack on ACL when executed concurrently, seemingly resolving this question once and for all. In this work, we point out a subtle flaw in the attack of Benhamouda et al. on ACL and show, in spite of popular opinion, that it can be proven concurrently secure. Our modular proof in the algebraic group model uses an ID scheme as an intermediate step and leads to a major simplification of the complex security argument for Abe\u27s Blind Signature scheme by Kastner et al. (PKC\u2722)