Global ETD Search

31	Visually sealed and digitally signed electronic documents: Building on Asian tradition. Liu, Yin - Miao January 2004 (has links) E-commerce has developed through the use of digital signatures, employing various forms of Public Key Infrastructure (PKI) to ensure the secure usage of digital signatures. Digital signatures are designed to facilitate the functions of traditional seals and handwritten signatures for the purposes of authentication, data integrity, and non-repudiation within the e-commerce environment. Historically, the authenticity of documentation has always been verified by the application of a recognisable visual stimulus to the document; however, the current digital signature regime overlooks the importance of this analogous sense of visualisation. One of the primary problems with existing digital signatures is that a digital signature does not "feel" like, or resemble, a traditional seal to the human observer, as it does not have a personal, recognisable, or aesthetic sense of visualisation. Currently, digital signatures, such as the OpenPGP (Pretty Good Privacy) digital signature, are attached to the end of an electronic document as a stream of printable ASCII characters. (RFC2440) This appears to the average user as a long, incomprehensible string of random characters offering no sense of identity or ownership by simple visual inspection. Additionally, digital signatures change each time they are applied, in contrast to traditional seals that remain consistent personal identifiers associated with individual signatories. The goal of this research is to promote enhancements to existing digital signature schemes in order to bridge the cultural gap between traditional seals and digital signatures. Culturally friendly features integrated into the digital signature have the potential to increase user acceptability of global e-commerce. This research investigates traditional seal cultures within the context of modern digital signatures, identifying the need to develop a new, culturally friendly, visualised digital signature scheme. The principles behind digital signatures are reviewed and the essential roles and responsibilities of a PKI are addressed. A practical analysis of PKI implementation is also essential. Taiwan is selected as the focus of this research since its heritage is deeply rooted in, and strongly adheres to the Chinese seal culture. The Taiwanese government is in the process of adapting the traditional seal certificate system to the electronic digital signature system. Therefore it is pertinent to review the PKI implementation and digital signatures applications in Taiwan in this study. The purpose of this research is to make the intangible digital signature virtually tangible; i.e., to incorporate visualisation into the current digital signature practice. This research defines new private extensions to the X.509 v3 certificate, recommending that conforming visualised digital signature applications should then be developed to generate and/or recognise visual digital certificates in support of the proposed visualised digital signature scheme. The processes of visualised digital signature creation and of verification through the application of the visualised digital certificate are then explained. This is accompanied by a model of system analysis for developers of conforming implementations of this specification. This allows developers the freedom to select appropriate developing tools. An analysis of this research evaluates the quality of integrity, security, interoperability, performance, and flexibility offered by this proposal.Future directions for furthering research development conclude this dissertation. seals signatures signets biblical seals Western seals Chinese seals Japanese seals Digital signatures visualised signing and verification visualised digital signatures visualised digital certificates PKI
32	SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions Kovan, Gerry January 2005 (has links) Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol. This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security. This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented. Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services. Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures
33	Cryptography in the presence of key-dependent messages Unknown Date (has links) The aim of this work is to investigate a security model in which we allow an adversary to have access to functions of the secret key. In recent years, significant progress has been made in understanding the security of encryption schemes in the presence of key-dependent plaintexts or messages (known as KDM). Here, we motivate and explore the security of a setting, where an adversary against a message authentication code (MAC) or signature scheme can access signatures on key-dependent messages. We propose a way to formalize the security of message authentication schemes in the presence of key-dependent MACs (KD-EUF) and of signature schemes in the presence of key-dependent signatures (KDS). An attack on a message recognition protocol involving a MAC is presented. It turns out that the situation is quite different from key-dependent encryption: To achieve KD-EUF-security or KDS-security under non-adaptive chosen message attacks, the use of a stateful signing algorithm is inevitable even in the random oracle model. After discussing the connection between key-dependent signing and forward security, we describe a compiler which lifts any EUF-CMA secure one-time signature scheme to a forward secure signature scheme offering KDS-CMA security. Then, we discuss how aggregate signatures can be used to combine the signatures in the certificate chain used in the compiler. A natural question arises about how to combine the security definitions of KDM and KDS to come up with a signcryption scheme that is secure. We also offer a connection with Leakage-Resilient Signatures, which take into account side-channel attacks. Lastly, we present some open problems for future research. / by Madeline Gonzalez. / Thesis (Ph.D.)--Florida Atlantic University, 2009. / Includes bibliography. / Electronic reproduction. Boca Raton, Fla., 2009. Mode of access: World Wide Web. Cryptography--Data processing Digital signatures Computer security Data encryption (Computer science) Software protection
34	SPP Secure Payment Protocol: Protocol Analysis, Implementation and Extensions Kovan, Gerry January 2005 (has links) Internet commerce continues to grow rapidly. Over 60% of US households use the internet to shop online. A secure payment protocol is required to support this rapid growth. A new payment protocol was recently invented at IBM. We refer to the protocol as SPP or Secure Payment Protocol. This thesis presents a protocol analysis of SPP. It is essential that a thorough security analysis be done on any new payment protocol so that we can better understand its security properties. We first develop a method for analyzing payment protocols. This method includes a list of desirable security features and a list of proofs that should be satisfied. We then present the results of the analysis. These results validate that the protocol does contain many security features and properties. They also help understand the security properties and identify areas where the protocol can be further secured. This led us to extend the design of the protocol to enhance its security. This thesis also presents a prototype implementation of SPP. Three software components were implemented. They are the Electronic Wallet component, the merchant software component and the Trusted Third Party component. The architecture and technologies that are required for implementation are discussed. The prototype is then used in performance measurement experiments. Results on system performance as a function of key size are presented. Finally, this thesis presents an extension of SPP to support a two buyer scenario. In this scenario one buyer makes an order while another buyer makes the payment. This scenario enables additional commerce services. Computer Science Secure Payment Protocol Internet Commerce Public Key Cryptography SSL Digital Signatures
35	Study of Provable Secure Cryptosystems and Signature Schemes Rao, Fang-Yu 06 September 2005 (has links) Providing a security proof is always an important issue in the process of designing a cryptographic scheme or protocol. We often show the security of a cryptosystem via ¡§problem reduction.¡¨ In this thesis, lots of emphasis was put on the review of techniques for proving the security of cryptosystems. These techniques consist of Random Oracle Model and Forking Lemma. We also introduced some well-known cryptographic schemes which can be proved secure using these techniques. Then we offered a security proof of a blind signature scheme based on the one proposed by Fan. In the end, we made a comparison between our proof and the proof of another blind signature scheme provided by David Pointcheval and Jacques Stern. Some arguments and discussions about using the Random Oracle Model to prove the security of a cryptosystem were also included. Digital signatures Cryptography Blind signatures Provable security Random oracle model Forking lemma
36	How Far Web Services Tools Support OASIS Message Security Standards? Sistla Shambhu, Maharaj Sastry January 2005 (has links) <p>There is a great deal of interest burgeoning in the intellectual community regarding Web Services and their usage. Many writers have tried to bring awareness about some unconceived threats lurking behind the enticing Web Services. Threats due to Web Services are on an all time high giving an alarming knock to the Web Services security community. This led to the, Organization for the Advancement of Structured Information Standards (OASIS) made some constraints mandatory in order to standardize message security and these constraints and specifications are presented through a document called WS Security -2004. This work is an attempt to check the support offered by various Web Services Tools available currently. It introduces the reader to Web Services and presents an overview of how far some of the tools have reached in order to make the Web Services environment safe, secure and robust to meet the current day’s requirements. A quantitative approach was taken to investigate the support offered by servers like BEA, Apache Axis etc. The conclusions drawn show that most of the tools meet the imposed standards but a lot more is expected from the web community and these tools; if at all the visions about safe and secure Web Services are to be realized.</p> WSS-2004 Web Services Digital Signatures Encryption Security Standards Computer science Datavetenskap
37	L'écrit confronté aux nouvelles technologies / Joly-Passant, Elisabeth. January 2006 (has links) (PDF) Zugl.: Diss.
38	Efficient authentication schemes for routing in mobile ad hoc networks Xu, Shidi. January 2006 (has links) Thesis (M.Comp.Sc.)--University of Wollongong, 2006. / Typescript. Includes bibliographical references: leaf 93-102.
39	Source authentication in group communication Al-Ibrahim, Mohamed Hussain. January 2005 (has links) Thesis (PhD)--Macquarie University, Division of Information and Communication Sciences, Dept. of Computing, 2004. / Title from screen page; viewed 10 Oct 2005. Bibliography: leaves 163-175. Also available in a print form.
40	Legally resilient signatures a middle-age approach to a digital age problem / Rice, Matthew E. Burmester, Mike. January 2005 (has links) Thesis (M.S.)--Florida State University, 2005. / Advisor: Dr. Mike Burmester, Florida State University, College of Arts and Sciences, Dept. of Computer Science. Title and description from dissertation home page (viewed June 13, 2005). Document formatted into pages; contains viii, 35 pages. Includes bibliographical references.

Search results