Dagstuhl News January - December 2011

"Dagstuhl News" is a publication edited especially for the members of the Foundation "Informatikzentrum Schloss Dagstuhl" to thank them for their support. The News give a summary of the scientific work being done in Dagstuhl. Each Dagstuhl Seminar is presented by a small abstract describing the contents and scientific highlights of the seminar as well as the perspectives or challenges of the research topic

DEVELOPMENT OF THE SEARCH METHOD FOR NON-LINEAR SHIFT REGISTERS USING HARDWARE, IMPLEMENTED ON FIELD PROGRAMMABLE GATE ARRAYS

The nonlinear feedback shift registers of the second order inare considered, because based on them it can be developed a generator of stream ciphers with enhanced cryptographic strength. Feasibility of nonlinear feedback shift register search is analyzed. These registers form a maximal length sequence, using programmable logic devices. Performance evaluation of programmable logic devices in the generation of pseudo-random sequence by nonlinear feedback shift registers is given. Recommendations to increase this performance are given. The dependence of the maximum generation rate (clock frequency), programmable logic devices on the number of concurrent nonlinear registers is analyzed. A comparison of the generation rate of the sequences that are generated by nonlinear feedback shift registers is done using hardware and software. The author suggests, describes and explores the search method of nonlinear feedback shift registers, generating a sequence with a maximum period. As the main result are found non-linear 26, 27, 28 and 29 degrees polynomials

Standardization in cyber-physical systems: the ARUM case

Cyber-physical systems concept supports the realization of the Industrie 4.0 vision towards the computerization of traditional industries, aiming to achieve intelligent and reconfigurable factories. Standardization assumes a critical role in the industrial adoption of cyber-physical systems, namely in the integration of legacy systems as well as the smooth migration from existing running systems to the new ones. This paper analyses some existing standards in related fields and presents identified limitations and efforts for a wider acceptance of such systems by industry. A special attention is devoted to the efforts to develop a standard-compliant service-oriented multi-agent system solution within the ARUM project.info:eu-repo/semantics/publishedVersio

Droplet: Decentralized Authorization for IoT Data Streams

This paper presents Droplet, a decentralized data access control service, which operates without intermediate trust entities. Droplet enables data owners to securely and selectively share their encrypted data while guaranteeing data confidentiality against unauthorized parties. Droplet's contribution lies in coupling two key ideas: (i) a new cryptographically-enforced access control scheme for encrypted data streams that enables users to define fine-grained stream-specific access policies, and (ii) a decentralized authorization service that handles user-defined access policies. In this paper, we present Droplet's design, the reference implementation of Droplet, and experimental results of three case-study apps atop of Droplet: Fitbit activity tracker, Ava health tracker, and ECOviz smart meter dashboard

CryptoZoo: A Viewer for Reduction Proofs

Cryptographers rely on visualization to effectively communicate cryptographic constructions with one another. Visual frameworks such as constructive cryptography (TOSCA 2011), the joy of cryptography (online book) and state-separating proofs (SSPs, Asiacrypt 2018) are useful to communicate not only the construction, but also their proof visually by representing a cryptographic system as graphs. One SSP core feature is the re-use of code, e.g., a package of code might be used in a game and be part of the description of a reduction as well. Thus, in a proof, the linear structure of a paper either requires the reader to turn pages to find definitions or writers to re-state them, thereby interrupting the visual flow of the game hops that are defined by a sequence of graphs. We present an interactive proof viewer for state-separating proofs (SSPs) which addresses the limitations and perform three case studies: The equivalence between simulation-based and game-based notions for symmetric encryption, the security proof of the Goldreich-Goldwasser-Micali construction of a pseudorandom function from a pseudorandom generator, and Brzuska\u27s and Oechsner\u27s SSP formalization of the proof for Yao\u27s garbling scheme

A Proposed Secure Framework for Supply-Chain Management using Blockchain Technology

Decentralization increases the performance of the Supply Chain by distributing financial choices more evenly. The technology that is causing the biggest upheaval is the aforementioned challenges that are hampering today's supply chain are addressed by block chain, which is a cost-effective and realistic solution. Many autonomous networks, self-sufficient persons and institutions can emerge and operate in a distributed, dispersed operating environment thanks to block chain. Theblock chain’s data is unchangeable, transparent, and recorded in a distributed ledger that adheres to consensus mechanisms throughout.Hence, the data stored in it cannot be edited and forged i.e., it is trusted if the writer is trusted. Block chain also has its own advantages and setbacks: decentralized network operating in centralized computing devices. Web pages are used to captured changes in original data to malicious data, network synchronization, service outages, and other challenges are some of the issues that could arise in block chain.Thereare several entities and modules involved in the model of this Supply Chain which are tested using an efficient top-down manner in this article. The proposed supply chain management model can be adaptive to various supply chains like food, textile, healthcare and also educational institutions. A comprehensive analysis of the major-cause of numerous threats, susceptibility, and hazards is assisted on the system of supply chain management as imitated in different scenarios

The Leap Second Behaviour of NTP Servers

The NTP network is an important part of the Internet’s infrastructure, and one of the most challenging times for the NTP network is around leap seconds. In this paper we look at the behaviour of public servers in the NTP network in 2005 and over the period from 2008 to present, focusing on leap seconds. We review the evolution of the NTP reference implementation with respect to leap seconds and show how the behaviour of the network has changed since 2005. Our results show that although the network’s performance has certain problems, these seem to be reducing over time

Examining the Impact of Provenance-Enabled Media on Trust and Accuracy Perceptions

In recent years, industry leaders and researchers have proposed to use technical provenance standards to address visual misinformation spread through digitally altered media. By adding immutable and secure provenance information such as authorship and edit date to media metadata, social media users could potentially better assess the validity of the media they encounter. However, it is unclear how end users would respond to provenance information, or how to best design provenance indicators to be understandable to laypeople. We conducted an online experiment with 595 participants from the US and UK to investigate how provenance information altered users' accuracy perceptions and trust in visual content shared on social media. We found that provenance information often lowered trust and caused users to doubt deceptive media, particularly when it revealed that the media was composited. We additionally tested conditions where the provenance information itself was shown to be incomplete or invalid, and found that these states have a significant impact on participants' accuracy perceptions and trust in media, leading them, in some cases, to disbelieve honest media. Our findings show that provenance, although enlightening, is still not a concept well-understood by users, who confuse media credibility with the orthogonal (albeit related) concept of provenance credibility. We discuss how design choices may contribute to provenance (mis)understanding, and conclude with implications for usable provenance systems, including clearer interfaces and user education.Comment: Accepted to CSCW 202

Enhancing the reliability of digital signatures as non-repudiation evidence under a holistic threat model

Traditional sensitive operations, like banking transactions, purchase processes, contract agreements etc. need to tie down the involved parties respecting the commitments made, avoiding a further repudiation of the responsibilities taken. Depending on the context, the commitment is made in one way or another, being handwritten signatures possibly the most common mechanism ever used. With the shift to digital communications, the same guarantees that exist in real world transactions are expected from electronic ones as well. Non-repudiation is thus a desired property of current electronic transactions, like those carried out in Internet banking, e-commerce or, in general, any electronic data interchange scenario. Digital evidence is generated, collected, maintained, made available and verified by non-repudiation services in order to resolve disputes about the occurrence of a certain event, protecting the parties involved in a transaction against the other's false denial about such an event. In particular, a digital signature is considered as non-repudiation evidence which can be used subsequently, by disputing parties or by an adjudicator, to arbitrate in disputes. The reliability of a digital signature should determine its capability to be used as valid evidence. The reliability depends on the trustworthiness of the whole life cycle of the signature, including the generation, transfer, verification and storage phases. Any vulnerability in it would undermine the reliability of the digital signature, making its applicability as non-repudiation evidence dificult to achieve. Unfortunately, technology is subject to vulnerabilities, always with the risk of an occurrence of security threats. Despite that, no rigorous mechanism addressing the reliability of digital signatures technology has been proposed so far. The main goal of this doctoral thesis is to enhance the reliability of digital signatures in order to enforce their non-repudiation property when acting as evidence. In the first instance, we have determined that current technology does not provide an acceptable level of trustworthiness to produce reliable nonrepudiation evidence that is based on digital signatures. The security threats suffered by current technology are suffice to prevent the applicability of digital signatures as non-repudiation evidence. This finding is also aggravated by the fact that digital signatures are granted legal effectiveness under current legislation, acting as evidence in legal proceedings regarding the commitment made by a signatory in the signed document. In our opinion, the security threats that subvert the reliability of digital signatures had to be formalized and categorized. For that purpose, a holistic taxonomy of potential attacks on digital signatures has been devised, allowing their systematic and rigorous classification. In addition, and assuming a realistic security risk, we have built a new approach more robust and trustworthy than the predecessors to enhance the reliability of digital signatures, enforcing their non-repudiation property. This new approach is supported by two novel mechanisms presented in this thesis: the signature environment division paradigm and the extended electronic signature policies. Finally, we have designed a new fair exchange protocol that makes use of our proposal, demonstrating the applicability in a concrete scenario. ----------------------------------------------------------------------------------------------------------------------------------------------------------------Las operaciones sensibles tradicionales, tales como transacciones bancarias, procesos de compra-venta, firma de contratos etc. necesitan que las partes implicadas queden sujetas a los compromisos realizados, evitando así un repudio posterior de las responsabilidades adquiridas. Dependiendo del contexto, el compromiso se llevaría a cabo de una manera u otra, siendo posiblemente la firma manuscrita el mecanismo más comúnmente empleado hasta la actualidad. Con el paso a las comunicaciones digitales, se espera que las mismas garantías que se encuentran en las transacciones tradicionales se proporcionen también en las electrónicas. El no repudio es, por tanto, una propiedad deseada a las actuales transacciones electrónicas, como aquellas que se llevan a cabo en la banca online, en el comercio electrónico o, en general, en cualquier intercambio de datos electrónico. La evidencia digital se genera, recoge, mantiene, publica y verifica mediante los servicios de no repudio con el fin de resolver disputas acerca de la ocurrencia de un determinado evento, protegiendo a las partes implicadas en una transacción frente al rechazo respecto a dicho evento que pudiera realizar cualquiera de las partes. En particular, una firma digital se considera una evidencia de no repudio que puede emplearse posteriormente por las partes enfrentadas o un tercero durante el arbitrio de la disputa. La fiabilidad de una firma digital debería determinar su capacidad para ser usada como evidencia válida. Dicha fiabilidad depende de la seguridad del ciclo de vida completo de la firma, incluyendo las fases de generación, transferencia, verificación, almacenamiento y custodia. Cualquier vulnerabilidad en dicho proceso podría socavar la fiabilidad de la firma digital, haciendo difícil su aplicación como evidencia de no repudio. Desafortunadamente, la tecnología está sujeta a vulnerabilidades, existiendo siempre una probabilidad no nula de ocurrencia de amenazas a su seguridad. A pesar de ello, hasta la fecha no se ha propuesto ningún mecanismo que aborde de manera rigurosa el estudio de la fiabilidad real de la tecnología de firma digital. El principal objetivo de esta tesis doctoral es mejorar la fiabilidad de las firmas digitales para que éstas puedan actuar como evidencia de no repudio con garantías suficientes