A General Framework for Redactable Signatures and New Constructions
|
|
- Jeremy Jenkins
- 5 years ago
- Views:
Transcription
1 S C I E N C E P A S S I O N T E C H N O L O G Y A General Framework for Redactable Signatures and New Constructions David Derler, Henrich C. Pöhls, Kai Samelin, Daniel Slamanig, Graz University of Technology, Austria University of Passau, Germany IBM Research Zurich, Switzerland & TU Darmstadt, Germany
2 Outline 1. Introduction 2. General Framework 3. Generic Construction 4. Conclusions 2
3 Outline 1. Introduction 2. General Framework 3. Generic Construction 4. Conclusions 3
4 Redactable Signature Schemes (RSS) 4
5 Redactable Signature Schemes (RSS) 4
6 Redactable Signature Schemes (RSS) 4
7 Redactable Signature Schemes (RSS) 4
8 Redactable Signature Schemes (RSS) 4
9 Applications Blacking out data from signed documents Document is signed Contains sensitive information Black out sensitive parts Still carries the original signature (timestamp, etc.) Medical research, accounting, government, etc. 5
10 History Introduced Johnson et al. (CT-RSA 02) as a variant of homomorphic signatures and Steinfeld et al. (ICISC 01) as content extraction signatures Initial security requirements Unforgeability and privacy Evolved over time 6
11 Development Over the Years Additional functionality Consecutive redaction control Dependencies between (redactable) parts Different message structures Lists, sets, trees, graphs Additional security properties Transparency Many models and messy terminology unification 7
12 Outline 1. Introduction 2. General Framework 3. Generic Construction 4. Conclusions 8
13 Motivation I/II Many different models used Tailored to message structure, e.g., trees Different interpretation of redactions Arbitrary redactions possible Fine-grained redaction control Different naming of security properties 9
14 Motivation II/II Generalized model Inspired by sanitizable signatures (Brzuska et al. PKC 09) Similar to RSS for trees (Brzuska et al. ACNS 10) Introducing designated redactors Auxilliary information for redaction Allows more efficient constructions Not to be confused with keyed redaction (sanitization) 10
15 Security of Redactable Signatures Correctness, Unforgeability Straight forward 11
16 Security of Redactable Signatures Correctness, Unforgeability Straight forward Privacy Redacted information not recoverable 11
17 Security of Redactable Signatures Correctness, Unforgeability Privacy Straight forward Redacted information not recoverable Transparency Original signature and redacted versions indistinguishable 11
18 Transparency Property Stronger privacy notion Redaction not noticeable Technically hard to achieve Challenging issue 12
19 Outline 1. Introduction 2. General Framework 3. Generic Construction 4. Conclusions 13
20 Overview Generic constructions of transparent RSS RSS for sets RSS for linear documents Designated redactor RSS for linear documents Existing constructions are often instantiations thereof 14
21 Indistinguishable Accumulators Finite set Accumulator 15
22 Indistinguishable Accumulators Finite set Accumulator Witnesses wit x certifying membership of x in acc X Efficiently computable x X, intractable x / X 15
23 Indistinguishable Accumulators Finite set Accumulator Witnesses wit x certifying membership of x in acc X Efficiently computable x X, intractable x / X Indistinguishability (Derler et al. CT-RSA 15) Neither accu nor witnesses leak information about X 15
24 RSS for Sets Simple construction Indistinguishable accumulator EUF-CMA secure digital signature scheme 16
25 RSS for Sets Simple construction Indistinguishable accumulator EUF-CMA secure digital signature scheme Accumulate set, sign accumulator 16
26 RSS for Sets Simple construction Indistinguishable accumulator EUF-CMA secure digital signature scheme Accumulate set, sign accumulator Additionally include witnesses in signature 16
27 RSS for Sets Simple construction Indistinguishable accumulator EUF-CMA secure digital signature scheme Accumulate set, sign accumulator Additionally include witnesses in signature Verify: signature & accu membership 16
28 RSS for Sets Simple construction Indistinguishable accumulator EUF-CMA secure digital signature scheme Accumulate set, sign accumulator Additionally include witnesses in signature Verify: signature & accu membership Redact: Remove witnesses from signature 16
29 RSS for Sets Simple construction Indistinguishable accumulator EUF-CMA secure digital signature scheme Accumulate set, sign accumulator Additionally include witnesses in signature Verify: signature & accu membership Redact: Remove witnesses from signature 16
30 RSS for Linear Documents Using RSS for sets and encode positions of blocks? Breaks transparency Sample independent randomness r i for each block m i For i th block accumulate randomness (r j ) i j=1 Redaction as before On verification check if for i th block there are i witnesses 17
31 RSS for Linear Documents 18
32 RSS for Linear Documents 18
33 RSS for Linear Documents 18
34 RSS for Linear Documents 18
35 RSS for Linear Documents 18
36 RSS for Linear Documents 18
37 RSS for Linear Documents 18
38 RSS for Linear Documents 18
39 RSS for Linear Documents 18
40 RSS for Linear Documents 18
41 RSS for Linear Documents 18
42 Designated Redactor RSS 19
43 Designated Redactor RSS 19
44 Designated Redactor RSS 19
45 Designated Redactor RSS Non-interactive zero-knowledge proofs (ordering) Designated info: Openings of commitments 19
46 Outline 1. Introduction 2. General Framework 3. Generic Construction 4. Conclusions 20
47 Conclusion Messy terminology and models Generalized framework for RSS Designated redactor RSS Generic constructions Sets Linear documents 21
48 Thank you. Full version: Supported by
Revisiting Cryptographic Accumulators, Additional Properties and Relations to other Primitives
S C I E N C E P A S S I O N T E C H N O L O G Y Revisiting Cryptographic Accumulators, Additional Properties and Relations to other Primitives David Derler, Christian Hanser, and Daniel Slamanig, IAIK,
More informationStructure-Preserving Signatures on Equivalence Classes and their Application to Anonymous Credentials
W I S S E N T E C H N I K L E I D E N S C H A F T IAIK Structure-Preserving Signatures on Equivalence Classes and their Application to Anonymous Credentials Christian Hanser and Daniel Slamanig, IAIK,
More informationRedactable Signature Schemes for Trees With Signer-Controlled Non-Leaf-Redactions
Redactable Signature Schemes for Trees With Signer-Controlled Non-Leaf-Redactions Hermann de Meer 1,3, Henrich C. Pöhls 2,3, Joachim Posegga 2,3 Kai Samelin 1 Chair of Computer Networks and Communications,
More informationResearch on Storage Privacy Via Black-Box and Sanitizable Signature
IJSTE - International Journal of Science Technology & Engineering Volume 3 Issue 11 May 2017 ISSN (online): 2349-784X Research on Storage Privacy Via Black-Box and Sanitizable Signature Ruchika P Dungarani
More informationBlank Digital Signatures: Optimization and Practical Experiences
Blank Digital Signatures: Optimization and Practical Experiences David Derler, Christian Hanser, and Daniel Slamanig {david.derler, christian.hanser, daniel.slamanig}@iaik.tugraz.at Institute for Applied
More informationRedactable vs. Sanitizable Signatures
Redactable vs. Sanitizable Signatures Kai Samelin, Henrich C. Pöhls, Joachim Posegga and Hermann de Meer {ks,hp,jp}@sec.uni-passau.de, demeer@uni-passau.de Institute of IT-Security and Security-Law (ISL),
More informationPost-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives Sebastian Ramacher Joint work with Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Christian Rechberger, Daniel
More informationDelegatable Functional Signatures
Delegatable Functional Signatures Michael Backes MPI-SWS Saarland University Germany Sebastian Meiser Saarland University Germany October 10, 2013 Dominique Schröder Saarland University Germany Abstract
More informationBlank Digital Signatures: Optimization and Practical Experiences
Blank Digital Signatures: Optimization and Practical Experiences David Derler, Christian Hanser, Daniel Slamanig To cite this version: David Derler, Christian Hanser, Daniel Slamanig. Blank Digital Signatures:
More informationVerifiable Order Queries on a List in Zero-Knowledge
Verifiable Order Queries on a List in Zero-Knowledge Esha Ghosh Brown University Joint work with: Olga Ohrimenko, Microsoft Research Roberto Tamassia, Brown University January 13, 2015 Overview Motivation
More informationBitFlip: Determine a Data s Signature Coverage from within the Application OWASP The OWASP Foundation
BitFlip: Determine a Data s Coverage from within the Application OWASP 23.06.2010 Henrich C. Pöhls Institute of IT-Security and Security Law University of Passau, Germany hp@sec.uni-passau.de +498515093217
More informationSanitizable Signatures: How to Partially Delegate Control for Authenticated Data
Sanitizable Signatures: How to Partially Delegate Control for Authenticated Data Christina Brzuska Marc Fischlin Anja Lehmann Dominique Schröder Darmstadt University of Technology, Germany www.minicrypt.de
More informationIdentity Mixer: From papers to pilots and beyond. Gregory Neven, IBM Research Zurich IBM Corporation
Identity Mixer: From papers to pilots and beyond Gregory Neven, IBM Research Zurich Motivation Online security & trust today: SSL/TLS for encryption and server authentication Username/password for client
More informationProgram Testing and Analysis: Manual Testing Prof. Dr. Michael Pradel Software Lab, TU Darmstadt
Program Testing and Analysis: Manual Testing Prof. Dr. Michael Pradel Software Lab, TU Darmstadt Partly based on slides from Peter Müller, ETH Zurich 1 Warm-up Quiz What does the following code print?
More informationFORMALIZING GROUP BLIND SIGNATURES... PRACTICAL CONSTRUCTIONS WITHOUT RANDOM ORACLES. Essam Ghadafi ACISP 2013
FORMALIZING GROUP BLIND SIGNATURES AND PRACTICAL CONSTRUCTIONS WITHOUT RANDOM ORACLES Essam Ghadafi ghadafi@cs.bris.ac.uk University of Bristol ACISP 2013 FORMALIZING GROUP BLIND SIGNATURES... OUTLINE
More informationRedactable Signatures for Verification and Minimal Disclosure in Health Information Exchange. Doug Blough, Georgia Tech
Redactable Signatures for Verification and Minimal Disclosure in Health Information Exchange Doug Blough, Georgia Tech 1 Trust and Control in Health Information Exchange HIE participants exchange patient
More informationSanitizable Signatures in XML Signature Performance, Mixing Properties, and Revisiting the Property of Transparency
Sanitizable Signatures in XML Signature Performance, Mixing Properties, and Revisiting the Property of Transparency Henrich C. Pöhls, Kai Samelin, Joachim Posegga Chair of IT Security, University of Passau,
More informationApplication to More Efficient Obfuscation
Lattice-Based SNARGs and Their Application to More Efficient Obfuscation Dan Boneh, Yuval Ishai, Amit Sahai, and David J. Wu Program Obfuscation [BGIRSVY01, GGHRSW13] Indistinguishability obfuscation (io)
More informationChristoph Dobraunig, Maria Eichlseder, Lorenzo Grassi, Virginie Lallemand, Gregor Leander, Florian Mendel, Christian Rechberger
Rasta Christoph Dobraunig, Maria Eichlseder, Lorenzo Grassi, Virginie Lallemand, Gregor Leander, Florian Mendel, Christian Rechberger September 8, 2017 1 / 14 Motivation Rasta Design cipher with low ANDdepth
More informationAnalysis of a Redactable Signature Scheme on Data with Dependencies
Analysis of a Redactable Signature Scheme on Data with Dependencies David Bauer School of ECE Georgia Institute of Technology Email: gte810u@mail.gatech.edu Douglas M. Blough School of ECE Georgia Institute
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationFormal Methods for Assuring Security of Computer Networks
for Assuring of Computer Networks May 8, 2012 Outline Testing 1 Testing 2 Tools for formal methods Model based software development 3 Principals of security Key security properties Assessing security protocols
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 19th February 2009 Outline Basics Constructing signature schemes Security of
More informationCryptography V: Digital Signatures
Cryptography V: Digital Signatures Computer Security Lecture 10 David Aspinall School of Informatics University of Edinburgh 10th February 2011 Outline Basics Constructing signature schemes Security of
More informationCS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationMulti-Theorem Preprocessing NIZKs from Lattices
Multi-Theorem Preprocessing NIZKs from Lattices Sam Kim and David J. Wu Stanford University Soundness: x L, P Pr P, V (x) = accept = 0 No prover can convince honest verifier of false statement Proof Systems
More informationSTRONGER SECURITY NOTIONS FOR DECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES AND MORE EFFICIENT CONSTRUCTIONS
STRONGER SECURITY NOTIONS FOR DECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES AND MORE EFFICIENT CONSTRUCTIONS Essam Ghadafi University College London e.ghadafi@ucl.ac.uk CT-RSA 2015 STRONGER SECURITY
More informationUnlinkability of Sanitizable Signatures
Unlinkability of Sanitizable Signatures Christina Brzuska, Marc Fischlin, Anja Lehmann, and Dominique Schröder Darmstadt University of Technology, Germany www.minicrypt.de Abstract. Sanitizable signatures
More informationOverview of Verifiable Computing Techniques Providing Private and Public Verification
Overview of Verifiable Computing Techniques Providing Private and Public D5.8 Document Identification Date May 4, 2016 Status Final Version 1.0 Related WP WP5 Document Reference Related Deliverable(s)
More informationIdentification Schemes
Identification Schemes Lecture Outline Identification schemes passwords one-time passwords challenge-response zero knowledge proof protocols Authentication Data source authentication (message authentication):
More informationWhite-box Cryptomania
White-box Cryptomania Pascal Paillier CryptoExperts ECRYPT NET Workshop on Crypto for the Cloud & Implementation Paris, June 27-28 2017 Overview 1 What is white-box crypto? 2 White-box compilers for signatures
More informationPrivacy-Enhancing Proxy Signatures from Non-Interactive Anonymous Credentials
Privacy-Enhancing Proxy Signatures from Non-Interactive Anonymous Credentials David Derler, Christian Hanser, and Daniel Slamanig Institute for Applied Information Processing and Communications (IAIK),
More informationOn the Revocation of U-Prove Tokens
On the Revocation of U-Prove Tokens Christian Paquin, Microsoft Research September nd 04 U-Prove tokens provide many security and privacy benefits over conventional credential technologies such as X.509
More informationVERIFIABLE SYMMETRIC SEARCHABLE ENCRYPTION
VERIFIABLE SYMMETRIC SEARCHABLE ENCRYPTION DATE 09/03/2016 SÉMINAIRE EMSEC - RAPHAEL BOST Searchable Encryption Outsource data securely keep search functionalities Generic Solutions We can use generic
More informationRe-certification Guidelines
CIPS Professional Certification Program Re-certification Guidelines A COMMITMENT TO EXCELLENCE CIPS Certified Members are major players in an enormously important, rapidly changing industry. In order for
More informationA systematic approach to eliminating the vulnerabilities in smart cards evaluation
A systematic approach to eliminating the vulnerabilities in smart cards evaluation Hongsong Shi, Jinping Gao, Chongbing Zhang hongsongshi@gmail.com China Information Technology Security Evaluation Center
More informationHash Proof Systems and Password Protocols
Hash Proof Systems and Password Protocols II Password-Authenticated Key Exchange David Pointcheval CNRS, Ecole normale supe rieure/psl & INRIA 8th BIU Winter School Key Exchange February 2018 CNRS/ENS/PSL/INRIA
More informationAccess Control Encryption for General Policies from Standard Assumptions
Access Control Encryption for General Policies from Standard Assumptions Sam Kim Stanford University skim13@cs.stanford.edu David J. Wu Stanford University dwu4@cs.stanford.edu Abstract Functional encryption
More informationSanitizable Signcryption: Sanitization over Encrypted Data (Full Version)
Sanitizable Signcryption: Sanitization over Encrypted Data (Full Version) Victoria Fehr 1 Marc Fischlin 1 Cryptoplexity, Technische Universität Darmstadt, Germany www.cryptoplexity.de victoria.fehr@cased.de
More informationPrivacy-Preserving & User-Auditable Pseudonym Systems. Jan Camenisch, Anja Lehmann IBM Research Zurich
Privacy-Preserving & User-Auditable Pseudonym Systems Jan Camenisch, Anja Lehmann IBM Research Zurich Motivation: How to maintain related yet distributed data? examples: social security system, ehealth
More informationCryptographic protocols
Cryptographic protocols Lecture 3: Zero-knowledge protocols for identification 6/16/03 (c) Jussipekka Leiwo www.ialan.com Overview of ZK Asymmetric identification techniques that do not rely on digital
More informationAn Implementation of a Pairing-Based Anonymous Credential System with Constant Complexity
An Implementation of a Pairing-Based Anonymous Credential System with Constant Complexity Amang Sudarsono, Toru Nakanishi, Nobuo Funabiki Abstract An anonymous credential system allows the user to convince
More informationAnonymous Signature Schemes
Anonymous Signature Schemes Guomin Yang 1, Duncan S. Wong 1, Xiaotie Deng 1, and Huaxiong Wang 2 1 Department of Computer Science City University of Hong Kong Hong Kong, China {csyanggm,duncan,deng}@cs.cityu.edu.hk
More informationEfficient Round Optimal Blind Signatures
Efficient Round Optimal Blind Signatures Sanjam Garg IBM T.J. Watson Divya Gupta UCLA Complexity Leveraging Highly theoretical tool Used to obtain feasibility results Gives inefficient constructions Is
More informationSecuring Mediated Trace Access Using Black-box Permutation Analysis
Securing Mediated Trace Access Using Black-box Permutation Analysis Prateek Mittal (UIUC), Vern Paxson (UCB/ICSI), Robin Sommer (ICSI/LBNL), Mark Winterrowd(UCB) 1 Thirst for Data Need real world network
More informationAuthenticated encryption
Authenticated encryption Mac forgery game M {} k R 0,1 s m t M M {m } t mac k (m ) Repeat as many times as the adversary wants (m, t) Wins if m M verify m, t = 1 Mac forgery game Allow the adversary to
More informationGenomic Security. (Lest We Forget) Gene Tsudik sprout.ics.uci.edu
Genomic Security (Lest We Forget) Gene Tsudik CS@UCI www.ics.uci.edu/~gts sprout.ics.uci.edu DISCLAIMER I am: A researcher in: security, privacy, applied cryptography I am not: An expert in: genomics,
More informationAutomatic Testing Based on Design by Contract
Automatic Testing Based on Design by Contract Ilinca Ciupa Andreas Leitner, ETH Zürich (Swiss Federal Institute of Technology Zurich) SOQUA Developer Track 2005 September 22, 2005 The important things
More informationOn Composable Security for Digital Signatures
On Composable Security for Digital Signatures Christian Badertscher 1, Ueli Maurer 1, and Björn Tackmann 2, 1 Department of Computer Science, ETH Zurich, 8092 Zürich, Switzerland {badi, maurer}@inf.ethz.ch
More informationA Haskell and Information Flow Control Approach to Safe Execution of Untrusted Web Applications
A Haskell and Information Flow Control Approach to Safe Execution of Untrusted Web Applications Deian Stefan Stanford University April 11, 2011 Joint work with David Mazières, Alejandro Russo, Daniel B.
More informationVerifiable Order Queries and Order Statistics on a List in Zero-Knowledge
Verifiable Order Queries and Order Statistics on a List in Zero-Knowledge Esha Ghosh 1, Olga Ohrimenko 2 and Roberto Tamassia 1 1 Department of Computer Science, Brown University 2 Microsoft Research Abstract
More informationm n The quickn fox jumped over the + CES ORIG m 2 The quick browumped over the m 4 The quick brown fox jumped the m 7 The quick brown mped over the
Content Extraction Signatures Λ Ron Steinfeld School of Network Computing, Monash University, Frankston 3199 Australia ron.steinfeld@infotech.monash.edu.au Laurence Bull School of Computer Science and
More informationStructure-Preserving Certificateless Encryption and Its Application
SESSION ID: CRYP-T06 Structure-Preserving Certificateless Encryption and Its Application Prof. Sherman S. M. Chow Department of Information Engineering Chinese University of Hong Kong, Hong Kong @ShermanChow
More informationAnonymous Ticketing for NFC-enabled Mobile Phones
Anonymous Ticketing for NFC-enabled Mobile Phones David Derler, Klaus Potzmader, Johannes Winter, Kurt Dietrich Institute for Applied Information Processing and Communications, Graz University of Technology
More informationBlind Signatures and Their Applications
Department of Computer Science, National Chiao Tung University 1 / 15 Cryptanalysis Lab Outline 1 Digital Signature 2 Blind signature 3 Partially blind signature 2 / 15 Cryptanalysis Lab Digital Signature
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2012 Roadmap: Trusted Computing Motivation Notion of trust
More informationZero Knowledge Accumulators and Set Operations
Zero Knowledge Accumulators and Set Operations Esha Ghosh 1 Olya Ohrimenko 2 Dimitrios Papadopoulos 3 Roberto Tamassia 1 Nikos Triandopoulos 4 1 Brown University 2 Microsoft Research 3 University of Maryland
More informationNational Institute of Information and Communications Technology. Cybersecurity Laboratory Security Fundamentals Laboratory Planning Office
National Institute of Information and Communications Technology Cybersecurity Research Institute Cybersecurity Laboratory Security Fundamentals Laboratory Planning Office National Institute of Information
More informationImplementing Resettable UC-functionalities with Untrusted Tamper-proof Hardware-Tokens
Implementing Resettable UC-functionalities with Untrusted Tamper-proof Hardware-Tokens Nico Döttling, Thilo Mie, Jörn Müller-Quade, and Tobias Nilges Karlsruhe Institute of Technology, Karlsruhe, Germany
More informationPrivacy with attribute-based credentials ABC4Trust Project. Fatbardh Veseli
Privacy with attribute-based credentials ABC4Trust Project Fatbardh Veseli Deutsche Telekom Chair for Mobile Business and Multilateral Security Goethe University Frankfurt, Germany fatbardh.veseli@m-chair.de
More informationDigital Signatures. Luke Anderson. 7 th April University Of Sydney.
Digital Signatures Luke Anderson luke@lukeanderson.com.au 7 th April 2017 University Of Sydney Overview 1. Digital Signatures 1.1 Background 1.2 Basic Operation 1.3 Attack Models Replay Naïve RSA 2. PKCS#1
More informationAn Exploration of Group and Ring Signatures
An Exploration of Group and Ring Signatures Sarah Meiklejohn February 4, 2011 Abstract Group signatures are a modern cryptographic primitive that allow a member of a specific group (e.g., the White House
More informationISO/IEC INTERNATIONAL STANDARD. Information technology Trusted Platform Module Part 2: Design principles
INTERNATIONAL STANDARD ISO/IEC 11889-2 First edition 2009-05-15 Information technology Trusted Platform Module Part 2: Design principles Technologies de l'information Module de plate-forme de confiance
More informationOn Symmetric Encryption with Distinguishable Decryption Failures
On Symmetric Encryption with Distinguishable Decryption Failures Alexandra Boldyreva, Jean Paul Degabriele, Kenny Paterson, and Martijn Stam FSE - 12th Mar 2013 Outline Distinguishable Decryption Failures
More informationSolutions to exam in Cryptography December 17, 2013
CHALMERS TEKNISKA HÖGSKOLA Datavetenskap Daniel Hedin DIT250/TDA351 Solutions to exam in Cryptography December 17, 2013 Hash functions 1. A cryptographic hash function is a deterministic function that
More informationExclusion-Freeness in Multi-party Exchange Protocols
Exclusion-Freeness in Multi-party Exchange Protocols Nicolás González-Deleito and Olivier Markowitch Université Libre de Bruxelles Bd. du Triomphe CP212 1050 Bruxelles Belgium {ngonzale,omarkow}@ulb.ac.be
More informationDigital Signatures CMSC 23200/33250, Autumn 2018, Lecture 8
Digital Signatures CMSC 23200/33250, Autumn 2018, Lecture 8 David Cash University of Chicago Plan 1. Digital Signatures Recall 2. Plain RSA Signatures and their many weaknesses 3. A Strengthing: PKCS#1
More informationDirect Anonymous Attestation
Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with Ernie Brickell, Liqun Chen, Manu Drivers, Anja Lehmann. jca@zurich.ibm.com, @JanCamenisch, ibm.biz/jancamenisch
More informationKuratowski Notes , Fall 2005, Prof. Peter Shor Revised Fall 2007
Kuratowski Notes 8.30, Fall 005, Prof. Peter Shor Revised Fall 007 Unfortunately, the OCW notes on Kuratowski s theorem seem to have several things substantially wrong with the proof, and the notes from
More informationDECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES
DECENTRALIZED TRACEABLE ATTRIBUTE-BASED SIGNATURES Essam Ghadafi 1 Ali El Kaafarani 2 Dalia Khader 3 1 University of Bristol, 2 University of Bath, 3 University of Luxembourg ghadafi@cs.bris.ac.uk CT-RSA
More informationLost in translation. Leonardo de Moura Microsoft Research. how easy problems become hard due to bad encodings. Vampire Workshop 2015
Lost in translation how easy problems become hard due to bad encodings Vampire Workshop 2015 Leonardo de Moura Microsoft Research I wanted to give the following talk http://leanprover.github.io/ Automated
More informationVACMAN Controller. HSM Integration Guide - White Paper. Revision 4.0
VACMAN Controller HSM Integration Guide - White Paper Revision 4.0 Disclaimer Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without any other warranties,
More informationNational Information Assurance Partnership. Common Criteria Evaluation and Validation Scheme Validation Report
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Delta Security Technologies Sentinel Model III Computer Security System Report Number: CCEVS-VR-02-0023
More informationGraph and Timeseries Databases
Graph and Timeseries Databases Roman Kern ISDS, TU Graz 2017-10-23 Roman Kern (ISDS, TU Graz) Dbase2 2017-10-23 1 / 31 Graph Databases Graph Databases Motivation and Basics of Graph Databases? Roman Kern
More informationECRYPT II Workshop on Physical Attacks November 27 th, Graz, Austria. Stefan Mangard.
Building Secure Hardware ECRYPT II Workshop on Physical Attacks November 27 th, Graz, Austria Stefan Mangard Infineon Technologies, Munich, Germany Stefan.Mangard@infineon.com Outline Assets and Requirements
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Roadmap: TPM
More informationJavaScript Zero. Real JavaScript and Zero Side-Channel Attacks. Michael Schwarz, Moritz Lipp, Daniel Gruss
JavaScript Zero Real JavaScript and Zero Side-Channel Attacks Michael Schwarz, Moritz Lipp, Daniel Gruss 20.02.2018 www.iaik.tugraz.at 1 Michael Schwarz, Moritz Lipp, Daniel Gruss www.iaik.tugraz.at Outline
More informationA Two-Layered Anomaly Detection Technique based on Multi-modal Flow Behavior Models
A Two-Layered Anomaly Detection Technique based on Multi-modal Flow Behavior Models Marc Ph. Stoecklin Jean-Yves Le Boudec Andreas Kind
More informationPrivacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems. Anja Lehmann IBM Research Zurich
Privacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems Anja Lehmann IBM Research Zurich ROADMAP Anonymous Credentials privacy-preserving (user) authentication Pseudonym Systems privacy-preserving
More informationMaking Privacy a Fundamental Component of Web Resources
Making Privacy a Fundamental Component of Web Resources Thomas Duebendorfer (Google Switzerland GmbH), Christoph Renner (Google Switzerland GmbH/ETH Zurich), Tyrone Grandison (IBM), Michael Maximilien
More informationFoundations of AI. 9. Predicate Logic. Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution
Foundations of AI 9. Predicate Logic Syntax and Semantics, Normal Forms, Herbrand Expansion, Resolution Wolfram Burgard, Andreas Karwath, Bernhard Nebel, and Martin Riedmiller 09/1 Contents Motivation
More informationComputing least common subsumers for FLE +
Computing least common subsumers for FLE + Sebastian Brandt and Anni-Yasmin Turhan Theoretical Computer Science, TU Dresden, Germany Email: {brandt, turhan}@tcs.inf.tu-dresden.de Abstract Transitive roles
More informationRefining Computationally Sound Mech. Proofs for Kerberos
Refining Computationally Sound Mechanized Proofs for Kerberos Bruno Blanchet Aaron D. Jaggard Jesse Rao Andre Scedrov Joe-Kai Tsay 07 October 2009 Protocol exchange Meeting Partially supported by ANR,
More informationPrivacy-Preserving Smart Metering
Privacy-Preserving Smart Metering Alfredo Rial K.U.Leuven, ESAT/COSIC & IBBT Leuven, Belgium alfredo.rial@esat.kuleuven.be George Danezis Microsoft Research Cambridge, UK gdane@microsoft.com ABSTRACT Smart
More informationModule 11. Directed Graphs. Contents
Module 11 Directed Graphs Contents 11.1 Basic concepts......................... 256 Underlying graph of a digraph................ 257 Out-degrees and in-degrees.................. 258 Isomorphism..........................
More informationResearch Report. (Im)Possibilities of Predicate Detection in Crash-Affected Systems. RZ 3361 (# 93407) 20/08/2001 Computer Science 27 pages
RZ 3361 (# 93407) 20/08/2001 Computer Science 27 pages Research Report (Im)Possibilities of Predicate Detection in Crash-Affected Systems Felix C. Gärtner and Stefan Pleisch Department of Computer Science
More informationarxiv: v1 [cs.cv] 11 Aug 2017
Augmentor: An Image Augmentation Library for Machine Learning arxiv:1708.04680v1 [cs.cv] 11 Aug 2017 Marcus D. Bloice Christof Stocker marcus.bloice@medunigraz.at stocker.christof@gmail.com Andreas Holzinger
More informationTowards Coq Formalisation of {log} Set Constraints Resolution
Towards Coq Formalisation of {log} Set Constraints Resolution Catherine Dubois 1, Sulyvan Weppe 2, 1. ENSIIE, lab. Samovar, CNRS, Évry, France 2. ENSIIE, Évry, France Abstract. The language {log} is a
More informationTOWER CRANE EMPLOYER DECLARATION OF WORK EXPERIENCE
To qualify to challenge certification in this trade, you must: Have experience performing all of the tasks listed in Section D and Have worked a minimum of 1,024 documented hours of which 500 hours are
More informationLecture Notes 14 : Public-Key Infrastructure
6.857 Computer and Network Security October 24, 2002 Lecture Notes 14 : Public-Key Infrastructure Lecturer: Ron Rivest Scribe: Armour/Johann-Berkel/Owsley/Quealy [These notes come from Fall 2001. These
More informationShannon capacity and related problems in Information Theory and Ramsey Theory
Shannon capacity and related problems in Information Theory and Ramsey Theory Eyal Lubetzky Based on Joint work with Noga Alon and Uri Stav May 2007 1 Outline of talk Shannon Capacity of of a graph: graph:
More informationCRYPTOGRAPHY AGAINST CONTINUOUS MEMORY ATTACKS
CRYPTOGRAPHY AGAINST CONTINUOUS MEMORY ATTACKS Yevgeniy Dodis, Kristiyan Haralambiev, Adriana Lopez-Alt and Daniel Wichs NYU NY Area Crypto Reading Group Continuous Leakage Resilience (CLR): A Brief History
More informationAn Efficient PGP Keyserver without Prior Context
An Efficient PGP server without Prior Context Alexander Rucker acrucker@stanford.edu December 13, 2017 Abstract This paper describes the implementation of a synchronizing PGP key server based on a simple
More informationAnonymous Credentials: How to show credentials without compromising privacy. Melissa Chase Microsoft Research
Anonymous Credentials: How to show credentials without compromising privacy Melissa Chase Microsoft Research Credentials: Motivation ID cards Sometimes used for other uses E.g. prove you re over 21, or
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2017/18 Roadmap: TPM
More informationIMFOA Certification Application Process FAQ s
IMFOA Certification Application Process FAQ s 1. What is required to become certified? a. Must determine if you qualify as a Benefitted member, Active member, or Associated member b. Must be currently
More informationAPNIC Trial of Certification of IP Addresses and ASes
APNIC Trial of Certification of IP Addresses and ASes ARIN XVII Open Policy Meeting George Michaelson Geoff Huston Motivation: Address and Routing Security What we have today is a relatively insecure system
More informationSecurity Vulnerability Notice
Security Vulnerability Notice SE-2012-01-IBM-2 [Security vulnerabilities in Java SE, Issues 62-68] DISCLAIMER INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS
More informationNIST Post- Quantum Cryptography Standardiza9on
NIST Post- Quantum Cryptography Standardiza9on Lily Chen Cryptographic Technology Group Computer Security Division, Informa9on Technology Lab Na9onal Ins9tute of Standards and Technology (NIST) NIST Crypto
More information