Global ETD Search

21	Efektyvios šifravimo bei skaitmeninio parašo sistemos / Efficient encryption and digital signature schemes Valkaitis, Mindaugas 04 July 2014 (has links) Šio darbo tikslas – apžvelgti šiuo metu naudojamas klasikines viešojo rakto šifravimo ir skaitmeninio parašo sistemas bei naujos kartos Signcryption kriptosistemą ir atlikti dedikuotos pasirašymo ir šifravimo kriptosistemos efektyvumo palyginimą su pasirašymo arba šifravimo kriptosistemų kompozicija bei pasiūlyti praktinio pritaikymą naujos kartos Signcryption kriptosistemai. Darbe apžvelgtos šios kriptosistemos: 1. RSA (Rivest, Shamir, Adleman) – klasikinė viešojo rakto pasirašymo arba šifravimo kriptosistema, kurios saugumas paremtas didelių skaičių faktorizacijos uždavinio sprendimo sudėtingumu, 2. ElGamalio – klasikinė viešojo rakto pasirašymo arba šifravimo kriptosistema, kurios saugumas paremtas diskretaus logaritmo problemos sprendimo sudėtingumu, 3. Signcryption – naujos kartos viešojo rakto pasirašymo ir šifravimo kriptosistema, realizuota modifikuotos ElGamalio skaitmeninio parašo schemos pagrindu. Minėtos kriptosistemos apžvelgtos teoriškai, sukurta praktinė jų realizacija ir apžvelgti rezultatai bei palygintas jų efektyvumas, kuris apibrėžiamas dviem parametrais: 1. Pranešimo pasirašymo, šifravimo, dešifravimo ir parašo patikrinimo operacijų trukmė, 2. Perduodamos perteklinės informacijos kiekis – pranešimo ilgio padidėjimas atlikus pasirašymo ir šifravimo operacijas. Taip pat apžvelgtos kriptosistemų realizacijoje naudotos papildomos funkcijos bei algoritmai, tokie kaip AES blokiniai šifrai, SHA maišos funkcijų šeima, HMAC kontrolinis parašas bei pasiūlyti du... [toliau žr. visą tekstą] / This submission called “Efficient encryption and digital signature schemes” consists of three parts. I. In Part I theoretical analysis of popular public key cryptosystems RSA (Rivest, Shamir, Adleman) with security based on the large integer factorization problem and ElGamal with security based on the discrete logarithm problem, along with new cryptographic primitive termed as "signcryption" proposed by Y. Zheng which simultaneously fulfills both the functions of digital signature and public key encryption in a logically single step, and with a cost significantly smaller than that required by "signature followed by encryption" using popular public key cryptosystem composition is done. For the completeness of analysis description of supplemental algorithms and functions such as AES block cipher, SHA hash functions, HMAC keyed hash function is present. II. In Part II the results of the practical implementation done in Python programming language are analyzed. Effectiveness is described by two factors: 1. Total computation time of signing – encryption – decryption – verification operations; 2. Communication overhead – signed and encrypted message length increase compared to the original plaintext. III. In Part III two effective Signcryption implementation algorithms are proposed: secret sharing without threshold and (k, n) threshold schemes. Results of analysis prove Signcryption being secure and extremely effective signature and encryption cryptosystem. It has very low... [to full text] Public Key Cryptography Digital Signature RSA ElGamal Signcryption Secret Sharing (k N) Threshold Sharing
22	Elektronisk signering : En studie om införandet av elektroniskt signerade protokoll i svenska kommuners verksamhet Nyman, Maja, Selin, Sofia January 2016 (has links) Digitalization of the working flow is a developing area. Digitalization of a public authority’s working flow can lead to a more effective flow. The purpose of this study is to identify factors when implementing electronic signatures of the protocols in Swedish public authorities. In order to fulfill this purpose, a case study has been conducted at one municipality, interviews have been held with people from another municipality as well as three commercial suppliers of electronical signatures, and a literature study has also been made. A qualitative content analysis was made on the material from the case study and the interviews with a resulting list of important factors to consider when implementing electronic signatures to the protocols. The factors are: Security, laws, usability, cost, functionality in the system and long-term preservation. These factors have been examined more closely and the results from the examination show that these factors could be relevant to all public authority’s in Sweden who are about to implement electronic signatures. However, all the factors are not equally meaningful. Since the laws are essential for the use of electronic signatures, they have to be seriously considered. Security is closely related with the demands of the laws. Therefore the requirements of the law can be used to fulfill the need for good security. Other factors that are important are long-term preservation, cost and functionality in the system. / Digitalisering av verksamheter är ett aktuellt område under utveckling. En digitalisering av en kommuns verksamhet kan leda till en effektivisering av kommunernas befintliga processer. Syftet med detta arbete är att identifiera vilka faktorer som påverkar införandet av elektroniska signeringar av svenska kommuners protokoll. För att uppfylla syftet har en fallstudie utförts på en kommun, intervjuer har hållits med representanter från en annan svensk kommun och tre leverantörer av elektroniska signeringar och en litteraturstudie har utförts. En kvalitativ innehållsanalys har utförts på materialet från Sundsvalls kommun och från intervjuerna och resulterade i en lista med betydelsefulla faktorer vid ett införande av elektroniskt signerade protokoll. Faktorerna blev: Säkerhet, juridik, användbarhet, funktionalitet i systemet, långsiktig bevaring och kostnad. Resultatet från detta visade även att dessa faktorers betydelsefullhet varierar. För att en elektronisk signering ska kunna införas krävs det att den uppfyller de rättsliga krav som Sveriges lagar beskriver. Säkerheten hänger ihop med den juridiska aspekten. De lagar som finns ställer krav på tekniken bakom den elektroniska signeringen och därmed dess säkerhet. Andra viktiga faktorer som behövs för att elektroniska signaturer ska kunna införas är långsiktig bevaring, kostnad, funktionalitet i systemet och användbarhet. Electronic signature digital signature electronic identification PKI. Elektronisk signering digital signering e-legitimation PKI.
23	Análise de elementos jurídico-tecnológicos que compõem a assinatura digital certificada digitalmente pela Infra-estrutura da Chaves Públicas do Brasil (ICP-Brasil). / Analysis of legal-technological elements that compose the certifyd digital signature for the infrastructure of public keys of Brazil (ICP-Brasil). Guelfi, Airton Roberto 22 March 2007 (has links) Este trabalho faz uma análise crítica dos elementos jurídicos-tecnológicos de uma assinatura digital certificada digitalmente. O primeiro aspecto a ser abordado advém da verificação da competência para o desenvolvimento da atividade de certificação, em decorrência da natureza jurídica do certificado digital. Consoante se verificou, o certificado digital é o instrumento hábil a assegurar a autenticidade dos documentos eletrônicos por meio de uma assinatura digital. Dessa forma, equipara-se ao ato de reconhecimento de firma, atividade notarial desenvolvida pelos Cartórios Notariais, de acordo com a competência fixada no artigo 236 da Constituição da República Federativa do Brasil. Todavia, segundo regra presente na Medida Provisória 2.200-2/01, desde 2001 essa atividade vem sendo desenvolvida sob a competência do Governo Federal, através do Instituto Nacional de Tecnologia da Informação - ITI (Autoridade Certificadora Raiz da Infraestrutura de Chaves Públicas do Brasil. Como decorrência tem-se que a Medida Provisória 2.200-2/01 é inconstitucional, uma vez que não respeita regra de competência material fixada pela Constituição da República Federativa do Brasil para o desenvolvimento da atividade notarial. Sob um prisma tecnológico, têm-se que a ICP-Brasil, por meio de seu Comitê Gestor, fixa expressamente qual a tecnologia que deve ser empregada para a produção das assinaturas digitais. Neste caminho, até maio de 2006, entre outros, foi indicado o algoritmo criptográfico de função hash MD5 para a geração das assinaturas digitais com autenticidade e integridade garantidas por lei. Todavia, o MD5 perdeu sua utilidade em 2004, quando foi quebrado, ocasionando a possibilidade de fraudes, inclusive a geração de documentos eletrônicos forjados. Sem dúvida, a legislação brasileira vinha assegurando validade jurídica e força probante a documentos eletrônicos assinados com algoritmo criptográfico de função hash MD5 que poderiam ter sido forjados. Para que o documento eletrônico assinado digitalmente possa ser amplamente utilizado em relações sociais é preciso que regras jurídicas e tecnológicas sejam respeitadas, sob pena de se criar uma enorme insegurança social. / This work presents a critical analysis of the technology and law aspects of certified digital signatures, and their implementation in Brazil. We discuss and verify the competency rules that apply to the certification activity according to the legal nature of the digital certificate. A digital certificate is the instrument that secures the authenticity of an electronic document by means of a digital signature. According to the article 236 of the Brazilian Constitution, authenticity certifications are of exclusive competence of public notaries. Nevertheless, based on an under constitutional statute, digital certification has being conducted by the Federal Government thru its National Institute of Information Technology (Instituto Nacional de Tecnologia da Informação - ITI), who is responsible for the Brazilian public key root certification authority. We found that the statute that supports those activities (Medida Provisória 2.200-2/01) is unconstitutional, and therefore invalid and unenforceable, since it does not satisfy constitutional rules of material competency. Under a technology view, we find that the Managing Committee of the Brazilian Public Key Infrastructure explicitly defines the technology to be used in digital signatures. According to that ruling, until may 2006, among others, the MD5 hashing algorithm was used to generate digital signatures with statutory presumption of authenticity and integrity. Nevertheless, MD5 lost its technical usefulness in 2004, when it was broken, and became prone to fraud such as the generation of forged electronic documents. There is no doubt that Brazilian legislation gave legal value and probatory force to electronic documents signed using the already broken MD5 hashing algorithm that could very well had been forged. Digitally signed electronic documents can only be successfully used if legal rules and the technological aspects be fully understood and respected. Otherwise, the result will be high levels of uncertainty in law relations. Assinatura digital Certificação digital Digital certification Digital signature Infra-estrutura de chaves públicas Public key infrastructure
24	Assinatura digital Rabin-Williams - sem randomização e com prova eficiente de segurança / Rabin-Williams digital signature without randomization and with tight security proof. Magri, Bernardo Caraponale 13 April 2012 (has links) Com o surgimento da criptografia de chave pública, muito esforço foi feito para a criação de protocolos de criptografia e de assinatura que fossem comprovadamente seguros contra indivíduos maliciosos. Existem várias definições de segurança, tanto para protocolos de criptografia como para protocolos de assinatura, e também existem vários modelos de adversários, que simulam um indivíduo malicioso tentando corromper o protocolo. A família de protocolos de assinatura Rabin possui os recordes de velocidade de vericação da assinatura, chegando a ser até 100 vezes mais rápida do que o RSA. Este trabalho apresenta uma redução eficiente de segurança no modelo do oráculo aleatório para uma variante do protocolo de assinatura Rabin descrito por Bernstein, onde não é necessário o uso de nenhuma função para geração de bits pseudo-aleatórios, o que torna o protocolo mais robusto. A redução apresentada é uma redução polinomial e eficiente do problema da fatoração de inteiros para o problema de quebrar o protocolo Principal Rabin-Williams B = 0. / With the development of public-key cryptography, many efforts were made to build encryption and signature protocols that were provably secure against malicious adversaries. There are many definitions of security for encryption and signature protocols, and there are many adversary models to simulate the behaviour of a malicious adversary against a given protocol. The Rabin family of signature protocols has the speed records for verification of signature, being up to 100 times faster than RSA. This work presents a tight security proof in the random oracle model for a variant of the Rabin signature protocol presented by Bernstein, that does not require the use of pseudo-random bits, making the protocol more robust. The proof presented here is a polynomially tight reduction for the problem of integer factorization to the problem of breaking the Principal Rabin-Williams B = 0 protocol. Assinatura Digital Criptografia Cryptography Digital Signature Rabin-Williams Rabin-Williams RSA RSA
25	Sociedades anônimas: reuniões e assembleias gerais eletrônicas no Brasil Botteselli, Ettore Alves Rigo de Lima 29 September 2016 (has links) Submitted by Filipe dos Santos (fsantos@pucsp.br) on 2016-11-21T12:42:51Z No. of bitstreams: 1 Ettore Alves Rigo De Lima Botteselli.pdf: 888307 bytes, checksum: 411881ed8c3efe41ba3e8de0dcbb80e2 (MD5) / Made available in DSpace on 2016-11-21T12:42:51Z (GMT). No. of bitstreams: 1 Ettore Alves Rigo De Lima Botteselli.pdf: 888307 bytes, checksum: 411881ed8c3efe41ba3e8de0dcbb80e2 (MD5) Previous issue date: 2016-09-29 / The current global dynamics demands fast and precise decisions. The technological development has allowed the creation and enforcement of digital documents. The electronic documents have their validity and enforcement recognized in several countries, including Brazil. One of the elements that enforced the consolidation of the electronic document in our law was the creation of the digital signature trough the digital certificates. That has granted to the digital documents legal certainty in regard to its authorship and origin. The usage of technological methods in corporate acts ensure a higher participation of the administration boards members and shareholders, besides the highest agility in decision making. The adoption of electronic mechanisms to hold such corporate acts, probably, would overcome the issues related to the absence, however the holding of corporate acts only in electronic format may, in some cases, create some uncertainty. The Brazilian corporate law sets forth several procedures and formalities which should be observed and, consequently, may compromise the validity and enforcement of corporate acts only in electronic format, especially the shareholders meeting. Notwithstanding such procedures and formalities, there is still a structure issue in regard to the registries of commerce, which may difficult the settlement of corporate acts only in electronic format / A dinâmica global atual exige decisões rápidas e precisas. O avanço tecnológico permitiu a criação e efetiva implementação de documentos digitais. Os documentos eletrônicos possuem a sua validade e eficácia reconhecida em diversos países, incluindo o Brasil. Um dos fatores que assegurou a consolidação do documento eletrônico em nosso ordenamento foi a criação da assinatura digital, por meio de certificados digitais. Isso assegurou aos documentos digitais segurança jurídica quanto a sua autoria e origem. A utilização de meios tecnológicos em atos societários assegura maior participação dos membros da administração e acionistas, além de maior agilidade na tomada de decisões. A adoção de mecanismos eletrônicos para a realização de tais atos, provavelmente, supriria questões relativas ao absenteísmo, no entanto, a realização de atos societários, essencialmente eletrônicos, pode, em alguns casos, gerar insegurança jurídica. A legislação societária brasileira estabelece diversos ritos e formalidades que devem ser observados e, portanto, podem comprometer a validade e eficácia dos atos societários essencialmente eletrônicos, em especial da assembleia geral eletrônica. Não obstante tais ritos e formalidades, ainda existe uma questão estrutural junto aos registros de comércio, que podem dificultar a implementação dos atos societários em formato totalmente eletrônico Documentos eletrônicos Assinatura digital Sociedades anônimas Electronic documents Digital signature Corporations
26	Análise de elementos jurídico-tecnológicos que compõem a assinatura digital certificada digitalmente pela Infra-estrutura da Chaves Públicas do Brasil (ICP-Brasil). / Analysis of legal-technological elements that compose the certifyd digital signature for the infrastructure of public keys of Brazil (ICP-Brasil). Airton Roberto Guelfi 22 March 2007 (has links) Este trabalho faz uma análise crítica dos elementos jurídicos-tecnológicos de uma assinatura digital certificada digitalmente. O primeiro aspecto a ser abordado advém da verificação da competência para o desenvolvimento da atividade de certificação, em decorrência da natureza jurídica do certificado digital. Consoante se verificou, o certificado digital é o instrumento hábil a assegurar a autenticidade dos documentos eletrônicos por meio de uma assinatura digital. Dessa forma, equipara-se ao ato de reconhecimento de firma, atividade notarial desenvolvida pelos Cartórios Notariais, de acordo com a competência fixada no artigo 236 da Constituição da República Federativa do Brasil. Todavia, segundo regra presente na Medida Provisória 2.200-2/01, desde 2001 essa atividade vem sendo desenvolvida sob a competência do Governo Federal, através do Instituto Nacional de Tecnologia da Informação - ITI (Autoridade Certificadora Raiz da Infraestrutura de Chaves Públicas do Brasil. Como decorrência tem-se que a Medida Provisória 2.200-2/01 é inconstitucional, uma vez que não respeita regra de competência material fixada pela Constituição da República Federativa do Brasil para o desenvolvimento da atividade notarial. Sob um prisma tecnológico, têm-se que a ICP-Brasil, por meio de seu Comitê Gestor, fixa expressamente qual a tecnologia que deve ser empregada para a produção das assinaturas digitais. Neste caminho, até maio de 2006, entre outros, foi indicado o algoritmo criptográfico de função hash MD5 para a geração das assinaturas digitais com autenticidade e integridade garantidas por lei. Todavia, o MD5 perdeu sua utilidade em 2004, quando foi quebrado, ocasionando a possibilidade de fraudes, inclusive a geração de documentos eletrônicos forjados. Sem dúvida, a legislação brasileira vinha assegurando validade jurídica e força probante a documentos eletrônicos assinados com algoritmo criptográfico de função hash MD5 que poderiam ter sido forjados. Para que o documento eletrônico assinado digitalmente possa ser amplamente utilizado em relações sociais é preciso que regras jurídicas e tecnológicas sejam respeitadas, sob pena de se criar uma enorme insegurança social. / This work presents a critical analysis of the technology and law aspects of certified digital signatures, and their implementation in Brazil. We discuss and verify the competency rules that apply to the certification activity according to the legal nature of the digital certificate. A digital certificate is the instrument that secures the authenticity of an electronic document by means of a digital signature. According to the article 236 of the Brazilian Constitution, authenticity certifications are of exclusive competence of public notaries. Nevertheless, based on an under constitutional statute, digital certification has being conducted by the Federal Government thru its National Institute of Information Technology (Instituto Nacional de Tecnologia da Informação - ITI), who is responsible for the Brazilian public key root certification authority. We found that the statute that supports those activities (Medida Provisória 2.200-2/01) is unconstitutional, and therefore invalid and unenforceable, since it does not satisfy constitutional rules of material competency. Under a technology view, we find that the Managing Committee of the Brazilian Public Key Infrastructure explicitly defines the technology to be used in digital signatures. According to that ruling, until may 2006, among others, the MD5 hashing algorithm was used to generate digital signatures with statutory presumption of authenticity and integrity. Nevertheless, MD5 lost its technical usefulness in 2004, when it was broken, and became prone to fraud such as the generation of forged electronic documents. There is no doubt that Brazilian legislation gave legal value and probatory force to electronic documents signed using the already broken MD5 hashing algorithm that could very well had been forged. Digitally signed electronic documents can only be successfully used if legal rules and the technological aspects be fully understood and respected. Otherwise, the result will be high levels of uncertainty in law relations. Assinatura digital Certificação digital Infra-estrutura de chaves públicas Digital certification Digital signature Public key infrastructure
27	Digital Signature Scheme Variations Dunbar, Fiona January 2002 (has links) A digital signature scheme is the process of signing an electronic message that can be transmitted over a computer network. Digital signatures provide message authentication that can be proved to a third party. With the rise of electronic communications over the Internet, digital signatures are becoming increasingly important, especially for the exchange of messages of legal significance. In 1988, Goldwasser, Micali and Rivest (GMR) [31] defined a signature scheme as a collection of algorithms: key generation, signature generation and signature verification. They defined a signature scheme as secure if it was existentially unforgeable against a chosen-message attack. These general definitions suited most signatures at the time, however, over the last decade digital signatures have emerged for which the GMR definitions are unsuitable. These signature schemes, together with their applications and security and efficiency considerations, will be explored in this thesis. These signature scheme variations have been classified by the additional services they provide to ordinary signature schemes, namely increased efficiency, increased security, anonymity, and enhanced signing and verifying capabilities. Mathematics digital signature scheme additional functionality applications authenticity efficiency security anonymity
28	Digital Signature Scheme Variations Dunbar, Fiona January 2002 (has links) A digital signature scheme is the process of signing an electronic message that can be transmitted over a computer network. Digital signatures provide message authentication that can be proved to a third party. With the rise of electronic communications over the Internet, digital signatures are becoming increasingly important, especially for the exchange of messages of legal significance. In 1988, Goldwasser, Micali and Rivest (GMR) [31] defined a signature scheme as a collection of algorithms: key generation, signature generation and signature verification. They defined a signature scheme as secure if it was existentially unforgeable against a chosen-message attack. These general definitions suited most signatures at the time, however, over the last decade digital signatures have emerged for which the GMR definitions are unsuitable. These signature schemes, together with their applications and security and efficiency considerations, will be explored in this thesis. These signature scheme variations have been classified by the additional services they provide to ordinary signature schemes, namely increased efficiency, increased security, anonymity, and enhanced signing and verifying capabilities. Mathematics digital signature scheme additional functionality applications authenticity efficiency security anonymity
29	Multi-Agent Designated Proxy Re-Signature Scheme Lin, I-Shu 28 August 2012 (has links) With the convenience and development of digital signature and network technologies, several companies are beginning to transmit documents and messages over networks.This is expected to reduce costs and improve the efficiency of the working process. Based on the typical digital signature technique over public key infrastructure, each company can apply for its own certificate from the certificate authority to enable people to verify whether a message is signed by the company through the public key within the certificate. Generally, a general manager is responsible for signing a message to be published. However, the general manager is not always available; hence, the proxy signature scheme can be an efficient solution to this problem. In the typical proxy signature scheme, the delegator will delegate a proxy agent with the power of signing. The proxy agent can sign and produce the signature of the company on behalf of the general manager. A malicious proxy agent involved in the signing process may cause substantial damage to the company because of misbehaviors, such as signature forgery. Therefore, we propose a provably secure multi-agent designated proxy re-signature scheme. In the proposed scheme, the general manager designates several agents as delegatees. Each delegatee signs the message and send her/his signature to the proxy. The proxy can re-sign the message to form the signature of the company only when the proxy has obtained signatures from all delegatees. In addition, security definitions and formal proofs are provided in our scheme. Digital Signature Proxy Re-Signature Multi-Agent Authorization Designated proxy re-signature
30	Protection and Authentication of Digital Image Lin, Chih-Hung 09 November 2006 (has links) In this dissertation, the methods of protection and authentication for digital images are presented. In the study of fragile image authentication, the method that can thwart the counterfeit attack is proposed in Chapter 2, and we analyze this method in order to prove the effect. In the study of semi-fragile image authentication, two image authentication methods with digital signature-based and digital watermark-based are presented in Chapter 3 and Chapter 4 respectively. These two methods can improve the disadvantages of related works, and the main contributions are: (1) can adjust the fragile degree by assigning the least authenticable bound of image and (2) the related theorems about the proposed methods are analyzed completely. Finally, a new issue and solution about semi-fragile image authentication are presented in Chapter 5. The main contributions of this method are: (1) only the spatial domain is adopted during feature generation and verification, making domain transformation process is unnecessary, (2) more reasonable non-malicious manipulated images (JPEG, JPEG2000 compressed and scaled images) than related studies can be authenticated, achieving a good trade-off of image authentication between fragile and robust under practical image processing, and (3) non-malicious manipulation is clearly defined to meet closely the requirements of sending them over the Internet or storing images. digital watermark semi-fragile image authentication fragile image authentication JPEG compression digital signature

Search results