The feasibility of using the world wide web to authenticate higher education qualifications issues by universities and technikons

Taylor, Susanne

14 August 2012

M.Tech. / There is evidence of a growing concern regarding the authenticity of qualifications presented at interviews. Today's computer software makes it simple to edit documents, thereby allowing falsification of information by the unscrupulous. The use of sophisticated document scanners, printers and copiers further complicates the issue. The research revolved around an investigation of the need for authentication of education qualifications and the establishment of the feasibility of doing this by using information technology and the World Wide Web to allow for efficient and effective verification that an education qualification was attained at the named higher education institution and that the results were accurately reflected. The research method included the use of questionnaires to gather data. Questionnaires were sent to the registrars of universities and technikons and Human Resources directors of Gauteng-based employer companies. Responses to the questionnaires and information gleaned from the literature review were used in the models designed and offered as solutions to the problem of qualification fraud. The main conclusions drawn from the research were: Confirmation of the growing incidence of and concern regarding qualification fraud. Establishment of the need for a solution to allow authentication of qualifications by Human Resource practitioners as part of the recruitment process. The feasibility for this solution to be an information technology solution using World Wide Web. The VeriQual model was designed to meet all the research objectives. This innovative model is deemed to offer an efficient, effective and feasible technology solution to the problem of qualification fraud in South Africa.

Digital signature

Authenticity of qualifications

The Choice of the Parameters of Digital Signature and It's Applications

Zhang, Zhi-Kai

08 August 2004

Digital signature is widely used to implement many secure protocols. A digital signature has three parameters. They are the message, the key pair, and the signature. In general, the message is given. The key pair is chosen randomly by the signer. The signature is computed from the message and the key pair. But in some cases, we can choose the value of one of the parameters, this may make it possible to other applications such as blind signatures or subliminal channels. There are some researches to discuss the relations between the parameters and the applications of the digital signatures. In this research, we will propose three new schemes as examples of this technique. The first one is a fair blind signature scheme. The other two are subliminal channel schemes. These three new schemes have some important properties. The concept of this research may help the future researches to find new applications of the digital signature. Meanwhile, these new schemes can show that how the concept can help us to develop or improve applications.

Fair Blind Signature

Subliminal Channel

Digital Signature

Securing the digital signing process

Van den Berg, James Richard

25 March 2010

M.Comm. / Worldwide an increasing amount of legal credibility is being assigned to digital signatures and it is therefore of utmost importance to research and develop additional measures to secure the technology. The main goal of this dissertation is to research and identify areas in which the user’s private key, used for the digital signing of messages, is exposed to the risk of being compromised and then develop a prototype system (SecureSign) to overcome the identified vulnerabilities and secure the digital signing process. In order to achieve the above stated, use will be made of a cryptographic token, which will provide secure storage and a secure operational environment to the user’s private key. The cryptographic token is at the heart of SecureSign and it is where the user’s private key will be created, stored and used. All operations requiring the user’s private key will be performed on the token, which is equipped with its own processor for this purpose.

Digital signature

Computer security

Public key cryptography

E. parašo taikymas autentifikavimui ir šifravimui video paskaitų sistemoje / Authentication and encryption using digital signature in video lecture system

Lenza, Mantas

25 August 2010

Šiuolaikinės informacijos perdavimo technologijos leidžia organizuoti video paskaitas ir tam yra kuriamos video paskaitų sistemos. Išanalizavus egzistuojančias video paskaitų sistemas buvo iškeltos kelios problemos: • nepakankamas pateikiamos informacijos saugumo lygis; • nesuteikiama galimybė dėstytojams realiu laiku modifikuoti mokomosios medžiagos turinį. Pateiktų problemų sprendimui pasiūlytas sistemos modelis, kuriame akcentuojamas vartotoju autentifikavimas e. parašu ir pateikiamos informacijos šifravimas. Šias problemas pavyko sėkmingai išspręsti panaudojant populiarius ir kriptografiškai saugius algoritmus. Suprojektuota sistema sėkmingai išbandyta, o atlikus eksperimentini tyrimą nustatyta, jog sistemos funkcionalumas niekuo nenusileidžia standartinėms paskaitoms. / Modern communication technology allows you to organize video lectures and that’s why the systems of video lectures are created. . After the analysis of existing video lectures systems, several issues have been raised: • low security level of the proposed information; • not given access to the teachers to modify the content of teaching materials in real time. For the solution of the problems the model of the system is suggested which focuses on the authentication of the user by the e. signature and the encryption of the given information. These problems have been successfully solved by using popular and secure cryptographic algorithms. Designed system is successfully tested, and, after a pilot study was found that the functionality of the system is as good as the standard lectures.

Informatics

E. parašas

Autentifikavimas e. parašu

Video paskaitų sistemos

Digital signature

Authentication using digital signature

Video lecture system

Efektivní schémata digitálních podpisů / Efficient Digital Signature Schemes

Varga, Ondrej

January 2011

Digital signatures, which take the properties of classical signatures, are used to secure the actual content of documents, which can be modified during transmission over an insecure channel. The problems of security and protection of communicating participants are solved by cryptographic techniques. Identity verification, message integrity, credibility, the ownership of documents, and the secure transmission of information over an unsecured channel, are all dealt with in secure communications - Public Key Infrastructure, which uses digital signatures. Nowadays digital signatures are often used to secure data in communication over an unsecured channel. The aim of the following master’s thesis is to familiarize readers with the necessary technological aspects of digital signatures, as well as their advantages and disadvantages. By the time digital signatures are being used they will have to be improved and modified to be secure against more sophisticated attacks. In this paper, proposals of new efficient digital signature schemes and their comparison with current ones are described. Also are examined their implications for computationally weak devices, or deployment in low speed channel transmission systems. After an explanation of cryptography and a description of its basic subjects, digital signatures are introduced. The first chapter describes the possible formatting and architecture of the digital signature. The second part of this master’s thesis is about current digital signature schemes and their properties. Chapter 3 describes some proposals of new efficient digital signature schemes and their comparison to those currently in use. In the practical part, the implementations (in the environment .NET in C#) of two effective digital signature schemes as part of a client-server application are presented and described (Chapter 4). In the last chapter the comparison and analysis of the implemented signature schemes are provided.

Elektroninio parašo panaudojimo verslo įmonėse modelio sukūrimas / The model of using digital signature in business

Daugėlienė, Giedrė

03 July 2012

Magistro baigiamajame darbe „Elektroninio parašo panaudojimo verslo įmonėse modelio sukūrimas“ išanalizuota el. parašo naudojimo problematika, el. parašo bei el. dokumentų klasifikacinės sistemos bei parengtas el. parašo taikymo versle modelis, kuris patikrintas empiriniu tyrimu. Pirmoje darbo dalyje išanalizuota el. dokumentų raida ir jų klasifikacinės sistemos. Antrajame skyriuje atlikta el. parašo taikymo verslo įmonėse sisteminė analizė: apibrėžiama el. parašo sąvoka, rūšys, el. parašo pritaikymo versle, remiantis komunikacinėmis pusėmis. Trečiojoje darbo dalyje atliktas el. parašo taikymo versle empirinis tyrimas, kuriame ištyrus el. dokumentų specialistų ekspertinę nuomonę, nustatomos el. parašo taikymo problemos, jų sprendimo būdai. Paskutiniame skyriuje – sukurtas el. parašo taikymo versle modelis bei atliktas modelio ekspertinis vertinimas. / In Master thesis ‘The model of Using Digital Signature in Business’ the topic of digital signature, the classification systems of digital signature and digital records was analyzed as well as a model of digital signature usage in business was prepared which was examined by empirical research. In the first part of thesis the development of digital records and their classification systems was analyzed. The second part consists of the systemic analysis of digital signature usage in business: defined the concept of digital signature, it kinds (kinds of digital signature), usage in business based on communicational sides. The third part contains the empirical research of digital signature usage in business which was made by the examination of the digital records professionals’ opinions, the problems of digital signature usage and the ways of their solutions were defined. In the last part – a model of digital signature usage in business was created and the evaluation of it was made.

Marketing and Administration

Elektroninis parašas

Elektroninis dokumentas

Elektroninio parašo rūšys

Digital signature

Digital record

The kinds of digital signature

Investigation of cryptographic algorithms for the transfer of financial information

Martynenko, Mykola

January 2010

The purpose of the investigation is to determine the most effective solution, which allows safe storing and transmitting of financial information in terms of execution speed, resistance to hacking and ease of implementation. Research object is subject area related to the transfer of encrypted financial information like: encryption algorithms, algorithm of hashing functions, algorithm of electronic digital signature. The result of research is the software implementation of the server and client for sending encrypted information. Also client could only encrypt/decrypt information. The main part of research is to find the most suitable algorithm for transfer of encrypted banking information. The solution has been implemented on the Java programming language in programming environment IntelliJ IDEA 8, using Java Cryptography Extension (JCE) for digital signature.

encryption

cryptography

hashing

client

server

compressing

digital signature

Study on Telemetry Data Authentication Protocol in Arms Control Verification

Qiang, Huang, Fan, Yang

10 1900

International Telemetering Conference Proceedings / October 25-28, 1999 / Riviera Hotel and Convention Center, Las Vegas, Nevada / The arms control verification activity is executed between countries, so various telemetry data will be remote-transmitted in the public signal channel and can be easily tampered. In order to secure this data’s authenticity and integrality, the paper has established a Multi-layer Data Authentication Protocol (MDAP) in which the key cryptographic technologies are digital signature and authentication. Meanwhile, overall evaluations of MDAP have been presented. We proved the MDAP is secure.

Telemetry Data

Data Authentication Protocol

Arms Control Verification

Digital Signature

A Session Initiation Protocol User Agent with Key Escrow

Hossen, MD. Sakhawat

January 2009

<p>Voice over Internet Protocol (VoIP), also called IP telephony is rapidly becoming a familiar term and as a technology it is invading the enterprise, private usage, and educational and government organizations. Exploiting advanced voice coding & compression techniques and bandwidth sharing over packet switched networks, VoIP can dramatically improve bandwidth efficiency. Moreover enhanced security features, mobility support, and cost reduction features of VoIP are making it a popular choice for personal communication. Due to its rapid growth in popularity VoIP is rapidly becoming the next generation phone system.</p><p>Lawful interception is a mean of monitoring private communication of users that are suspected of criminal activities or to be a threat to national security. However, government regulatory bodies and law enforcement agencies are becoming conscious of the difficulty of lawful interception of public communication due to the mobilitysupport and advanced security features implemented in some implementations of VoIP technology. There has been continuous pressure from the government upon the operators and vendors to find a solution that would make lawful interception feasible and successful. Key escrow was proposed as a solution by the U. S. National Security Agency. In key escrow the key(s) for a session are entrusted to a trusted third party and upon proper authorization law enforcement agencies can receive the session key(s) from this trusted third party However, key escrow adds some security vulnerabilities and potential risks as an unethical employee of the key escrow agent (or a law enforcement agency that has received the session key(s)) can misuse the key(s) to forge content of a communication session -- as he or she possesses the same key(s) as the user used for this session.</p><p>This thesis addresses the issue of forged session content, by proposing, implementing, and evaluating a cryptographic model which allows key escrow session content. The implementation utilizes an existing implementation of a Session Initiation Protocol (SIP) user agent ‘minisip’ developed at KTH. The performance evaluation results suggest that the proposed model can support key escrow while protecting the user communication from being forged with the cost of minimal computational resource and negligible overhead. <em>without</em> the possibility of undetectable fabrication of<em><strong>  </strong></em>session content. The implementation utilizes an existing implementation of a Session Initiation Protocol (SIP) user agent ‘minisip’ developed at KTH. The performance evaluation results suggest that the proposed model can support key escrow while protecting the user communication from being forged with the cost of minimal computational resource and negligible overhead.</p>

Lawful Interception

Key escrow

SRTP

MIKEY

PKI

Digital Signature

Lattice-based digital signature and discrete gaussian sampling

Ricosset, Thomas

12 November 2018

Lattice-based cryptography has generated considerable interest in the last two decades due toattractive features, including conjectured security against quantum attacks, strong securityguarantees from worst-case hardness assumptions and constructions of fully homomorphicencryption schemes. On the other hand, even though it is a crucial part of many lattice-basedschemes, Gaussian sampling is still lagging and continues to limit the effectiveness of this newcryptography. The first goal of this thesis is to improve the efficiency of Gaussian sampling forlattice-based hash-and-sign signature schemes. We propose a non-centered algorithm, with aflexible time-memory tradeoff, as fast as its centered variant for practicable size of precomputedtables. We also use the Rényi divergence to bound the precision requirement to the standarddouble precision. Our second objective is to construct Falcon, a new hash-and-sign signaturescheme, based on the theoretical framework of Gentry, Peikert and Vaikuntanathan for latticebasedsignatures. We instantiate that framework over NTRU lattices with a new trapdoor sampler.

Cryptography

Lattices

Gaussian sampling

Digital signature

Fully homomorphic encryption