Cifrassinatura sem certificados em curvas supersingulares sobre corpos binarios / Certificateless signcryption on supersingular elliptic curves over bilinear fields

Morais, Eduardo Moraes de, 1983-

14 August 2018

Orientador: Ricardo Dahab / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-14T04:06:33Z (GMT). No. of bitstreams: 1 Morais_EduardoMoraesde_M.pdf: 1060073 bytes, checksum: 349e64f9f2a5456f3af935607dfa5e3d (MD5) Previous issue date: 2009 / Resumo: A criptografia baseada em identidades representa uma alternativa ao modelo de certificação digital, exigindo menor esforço para solucionar o problema de autenticidade da chave pública, mas perdendo a custódia da chave privada, que será gerada por uma autoridade de confiança. O modelo de criptografia sem certificados soluciona o problema da custódia da chave privada sem a utilização de certificados digitais. Neste modelo, o usuário tem a posse de uma parte da chave privada e com isso a chave pública passa a ser constituída de uma parte gerada pela autoridade de confiança e uma parte gerada pelo usuário. A cifrassinatura é uma primitiva criptográfica que reúne as vantagens do ciframento e da assinatura em uma única operação, permitindo maior eficiência e segurança. A literatura possui diversas propostas de ciframento sem certificados e assinatura sem certificados, mas não tem uma proposta genérica de cifrassinatura sem certificados. Este trabalho propõe um protocolo de cifrassinatura sem certificados eficiente, que pode ser implementado usando dois emparelhamentos bilineares. Considerando a importância de emparelhamentos bilineares para a construção do protocolo proposto, este trabalho apresenta os conceitos matemáticos necessários para a obtenção de emparelhamentos bilineares eficientes e resistentes a ataques ao problema do logaritmo discreto sobre a curva elíptica e sobre o corpo de extensão resultante do cálculo do emparelhamento bilinear. São apresentados também algoritmos eficientes para aritmética de precisão arbitrária, aritmética de curvas elípticas e cálculo de emparelhamentos. Além disso, são discutidos modelos formais de segurança, como por exemplo o modelo do oráculo aleatório. Finalmente, o modelo de criptografia baseada em identidades e o modelo de criptografia sem certificados são discutidos e com isso é possível apresentar a proposta de cifrassinatura sem certificados e argumentar que esta proposta _e segura e eficiente / Abstract: Identity based cryptography is an alternative to digital certification, which requires less computational effort to solve the problem of public key authenticity. On the other hand, identity based cryptography has the problem of key escrow, because the private key is generated by a trust authority. The certificateless cryptography model solves the key escrow problem without digital certificates. In this model, the user computes a parcial private key that is used to compose the entire private key. In the same way, the public key has two parts: one generated by the user and the other generated by the trust authority. Signcryption is a cryptographic primitive that has the advantages of encryption and signature together in a single operation, allowing the construction of secure and efficient protocols. The literature has many certificateless encryption and certificateless signature protocols, but there is no generic and efficient certificateless signcryption scheme. This work proposes an efficient certificateless signcryption protocol, that can be implemented with just two bilinear pairings. Considering the importance of bilinear pairings for the construction of the proposed protocol, this work presents the mathematical concepts for efficient bilinear pairings, that can resist against discrete logarithm atacks on the elliptic curve and on the extension field. This works also presents efficient algorithms for big number arithmetic, elliptic curve arithmetic and the Miller algorithm for pairings. It also presents formal security models, such as the random oracle model. Finally, identity based cryptography and certificateless cryptography models are defined and the proposed certificateless signcryption scheme is presented and we argue that it is secure and eficient, although no formal proof is given / Mestrado / Criptografia / Mestre em Ciência da Computação

Curvas elípticas

Cifrassinatura

Criptografia - Certificados e licenças

Formas bilineares

Elliptic curves

Signcryption

Cryptography - Certificate and license

Bilinear forms

Mortalidade por doença de chagas no estado de Goiás, Brasil, no período de 2006 a 2011 / Mortality for chagas disease in the state of Goiás, Brazil, in the period from 2006 to 2011

Moraes, Cicílio Alves de

18 May 2017

Submitted by Cássia Santos (cassia.bcufg@gmail.com) on 2017-06-08T11:47:14Z No. of bitstreams: 2 Dissertação - Cicílio Alves de Moraes - 2017.pdf: 3252335 bytes, checksum: 69a83abad10d04a303f987804754f84e (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) / Approved for entry into archive by Luciana Ferreira (lucgeral@gmail.com) on 2017-06-08T12:50:43Z (GMT) No. of bitstreams: 2 Dissertação - Cicílio Alves de Moraes - 2017.pdf: 3252335 bytes, checksum: 69a83abad10d04a303f987804754f84e (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) / Made available in DSpace on 2017-06-08T12:50:43Z (GMT). No. of bitstreams: 2 Dissertação - Cicílio Alves de Moraes - 2017.pdf: 3252335 bytes, checksum: 69a83abad10d04a303f987804754f84e (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) Previous issue date: 2017-05-18 / Mortality due to Chagas Disease in the State of Goiás was searched from the records of the National System of Information on Mortality, among 2006 and 2011. In this period, the Mortality in all the country registered as by Chagas disease was of 29,041 cases, of whom 4,293 (14.8%) were in Goiás State. The proportion of deaths for Chagas Disease was 0.44 for Brazil and 2.35% for Goiás State (P<0,01). Mortality occurred in individuals with low schooling (84% of individuals with schooling less than 4 years), and 72% of deaths occurred over 60 years of age. Heart disease was the main cause of death (80.3%) in the chronic phase of the disease. Chagas Disease is a significant cause of mortality and it is 5.3 times higher in Goiás State than in all the Country, with low rate of associated diseases. / A mortalidade por Doença de Chagas no Estado de Goiás foi pesquisada nos registros do Sistema Nacional de Informações sobre Mortalidade, entre 2006 e 2011. Nesse período, a mortalidade em todo o país registrada pela doença de Chagas foi de 29.041 casos, dos quais 4.293 (14,8%) ocorreram no Estado de Goiás. A proporção de óbitos por Doença de Chagas foi de 0,44 para o Brasil e de 2,35% para o estado de Goiás (P<0,01). A mortalidade ocorreu em indivíduos com baixa escolaridade (84% dos indivíduos com grau de escolaridade inferior a 4 anos) sendo que 72% dos óbitos ocorreram em idade superior a 60 anos. A cardiopatia foi a principal causa do óbito (80,3%) na fase crônica da doença. A mortalidade por Doença de Chagas é 5,3 vezes maior no Estado de Goiás, comparada ao resto do país, e apresenta baixa taxa de doenças associadas.

Doença de Chagas

Mortalidade

Atestado de óbito

Chagas disease

Mortality

Death certificate

CIENCIAS DA SAUDE::MEDICINA

Aplicabilidade da CID-10, CID-OE e CIF na análise dos afastamentos do trabalho por motivo odontológico em um serviço público federal / Applicability of ICD-10, ICD-DA and ICF in the analysis of absenteeism from work due to dental reasons in a federal public service

Gisele dos Reis Della Togna

17 June 2010

A utilização adequada de um sistema de códigos é fundamental para a qualidade das informações de saúde registradas com o propósito de subsidiar o planejamento, a programação e a avaliação das ações de saúde. O objetivo do trabalho foi descrever o padrão de uso da Classificação Estatística Internacional de Doenças e Problemas Relacionados à Saúde (CID) em atestados odontológicos apresentados em um serviço público federal com a finalidade de concessão de licença para tratamento de saúde. Analisou-se a concordância entre a codificação apresentada nos atestados e a codificação atribuída por cirurgiões-dentistas peritos oficiais; o grau de especificidade das codificações e a perspectiva de uso da Classificação Internacional de Funcionalidade, Incapacidade e Saúde (CIF). Este estudo concluiu que é necessário um aperfeiçoamento na utilização da Classificação Estatística Internacional de Doenças e Problemas Relacionados à Saúde Décima Revisão (CID-10) e que o uso complementar da Classificação Internacional de Doenças em Odontologia e Estomatologia (CID-OE) e da Classificação Internacional de Funcionalidade, Incapacidade e Saúde (CIF) pode favorecer o processo de tomada de decisão quanto à necessidade de afastamento do trabalho, fornecendo dados relevantes para o monitoramento do absenteísmo por motivo odontológico. / Appropriate use of a code system is fundamental to the quality of registered health information in order to support the planning, programming and assessment of health measures. The objective of this study was to describe the pattern of use of the International Statistical Classification of Diseases and Related Health Problems (ICD) in dental certificates presented in a federal public service for the purpose of granting permission for medical treatment. The degree of agreement between the coding presented in health certificates and the coding given by official dental experts was assessed, as the degree of specificity of coding and the prospect of using the International Classification of Functioning, Disability and Health (ICF).This study concluded that an improvement is needed in the use of the International Statistical Classification of Diseases and Related Health Problems - Tenth Revision (ICD-10) and that complementary use of the International Classification of Diseases in Dentistry and Stomatology (ICD-DA) and International Classification of Functioning, Disability and Health (ICF) can aid the decision-making process regarding the need to take time off work, providing relevant data for monitoring absenteeism for dental reasons.

Absenteísmo

Atestado de Saúde

Odontologia do Trabalho

Absenteeism

Health Certificate

International Classification of Diseases

Occupational Dentistry

How Certificate Transparency Impact the Performance

Sjöström, Linus, Nykvist, Carl

January 2017

Security on the Internet is essential to ensure the privacy of an individual. Today, Trans- port Layer Security (TLS) and certificates are used to ensure this. But certificates are not enough in order to maintain confidentiality and therefore a new concept, Certificate Trans- parency (CT), has been introduced. CT improves security by allowing the analysis of sus- picious certificates. Validation by CT uses public logs that can return Signed Certificate Timestamp (SCT), which is a promise returned by the log indicating that the certificate will be added to the log. A server may then deliver the SCT to a client in three different ways: X.509v3 extension, Online Certificate Status Protocol (OSCP) stapling and TLS extension. For further analysis, we have created a tool to collect data during TLS handshakes and data transfer, including byte information, the certificates themselves, SCT delivery method and especially timing information. From our dataset we see that most websites do not use CT and the ones that use CT almost only use X.509 extension to send their SCTs.

SCT

Certificate Transparency

CT

Network Performance

TLS

OCSP

X.509

Computer and Information Sciences

Data- och informationsvetenskap

Säkerhetsutvärdering certifikatserver i stället för aktiva kort / Security evaluation certificate server instead of smartcard

Jensen, Jonas

January 2005

Business and organizations use computer network in a greater extension than ever before, especially for business-critical use. That increase the demand of security for all systems, both against internal and external threats. The demand on the authentication method used today increases. Today they normally uses password or some kind of smart card. I will performa literature study that will investigate the possibility to increase the security in authentication of users without the use of extra hardware. The method uses a server that stores all cryptographic keys for the user centrally to achieve stronger security. This report is based on a previous report which tested to implement this solution, in this report I will question the security of this system. I will then give an architecture proposal where this method is used to authenticate and allow cryptographic recourses for the user. The conclusions you can get from this report is that the possibilities with comparable ease increase the security without investing in new hardware. But the solution will not be comparable by a ``smart card solution''in security levels. That means that the method described in this thesis is suitable for organizations that either do not need that strong security as smart card give or want a good solution without being forced to use some external hardware.

Informationsteknik

Authentication

securityserver

certificate server

reverse turing test

cryptographic

smartcard

Informationsteknik

Computer and Information Sciences

Data- och informationsvetenskap

Annulering av ogiltiga certifikat i Public-Key Infrastructures / Revocation of invalid certificates in Public-Key Infrastructures

Nilsson, Christoffer

January 2005

According to numerous sources, computer security can be explained as; how to address the three major aspects, namely Confidentiality, Integrity and Availability. Public-key infrastructure is a certificate based technology used to accomplish these aspects over a network. One major concern involving PKIs is the way they handle revocation of invalid certificates. The proposed solution will make revocation more secure; validation will be handled completely by the certificate authority, and revokes will be instant, without use of certificate revocation lists. / I enlighet med flertalet källor, kan datorsäkerhet beskrivas som; hur man adresserar de tre mest betydelsefulla aspekterna, nämligen Confidentiality (Tillit), Integrity (Integritet) och Availability (tillgänglighet). PKI är en certifikat baserad teknologi som används för att uppfylla dessa aspekter över ett nätverk. Ett huvudsakligt orosmoment rörande PKI är hur man skall hantera annullering av ogiltiga certifikat. Den föreslagna lösningen kommer att hantera annullering på ett mer säkert sätt; validering av certifikat hanteras uteslutandes av ”certifikat instansen” (the certificate authority), och annulleringar sker omedelbart, utan användning av ”annullerings listor” (certificate revocation lists).

public-key

private-key

certificate

revocation

network-security

Computer Sciences

Datavetenskap (datalogi)

Software Engineering

Programvaruteknik

Podíl ve společnosti s ručením omezeným jako předmět právních vztahů, kmenový list / Share in a limited liability company as a subject of legal relations; equity certificate

Joklíková, Kateřina

January 2016

Share in a limited liability company as a subject of legal relations; equity certificate The master thesis analyses the issue of the transfer of a share in a limited liability company including the possibility to incorporate a share into an equity certificate. The main purpose of this study is to introduce in detail the different phases of the tranfer of a share, an equity certificate and draw attention to several interpretative problems related to the new law of business corporations. Besides the applicable law, which is purposefully subjected to the comparison with legal regulation before the recodification of private law, the work examines the legal literature, including periodicals, and still aplicable case law of the Czech courts. The thesis is divided into five chapters. The first chapter looks briefly at a share in a limited liability company and its definition as a subject of legal relations. The second chapter deals with the modes of the transfer of a share and the preconditions of its realization in the form of obtaining the relevant permissions. This section also outlines possible consequences of not giving the necessary consents with the transfer. The core of the third chapter represents the share transfer agreement, its formal and subject matter requirements. There are also mentioned...

Dodatková ochranná osvědčení pro léčiva / Suplementary protection certificates for Medicinal Products

Eignerová, Barbara

January 2016

Resume - Supplementary Protection Certificates for Medicinal Products Nowadays, the pharmaceutical industry plays an important role in the world's economy and the pharmaceutical research has a decisive impact on the continuing improvement in public health. The system of patent law is of cardinal significance to the industry because it confers monopolies, for a limited period of time, on using innovations and provides a crucial incentive for basic research activities. Innovative companies require the guaranteed period of market exclusivity afforded by patents in order to sustain drug prices, recoup research and development expenditures and finance the development of new products. Although the availability of a patent protection for chemical and pharmaceutical products has, from a historical perspective, only been reaffirmed in the near past, it has been widely accepted as a global standard mainly through the provisions of the WTO's TRIPS agreement. On the other hand, despite the existence of various international treaties harmonising patent laws, patents have to date in their effects remained strictly limited to individual jurisdictions. Closely bound to the patent system itself are the means of the so-called off-patent protection - supplementary protection certificates and the others, for example market...

Essays on how health and education affect the labor market outcomes of workers

Namingit, Sheryll

January 1900

Doctor of Philosophy / Department of Economics / William F. Blankenau / This dissertation consists of three essays on how health and education affect the labor market outcomes of workers. Health and education issues have been key determinants of labor demand and supply. In light of increasing incidence of health problems and the rapid growth of post-baccalaureate certificates in the US, this dissertation seeks to answer questions about labor market outcomes of workers with poor health history and with post-baccalaureate certificates. The first essay which I co-authored with Dr. William Blankenau and Dr. Benjamin Schwab uses a résumé-based correspondence test to compare the employment consequences of an illness-related employment gap to those of an unexplained employment gap. The results of the experiment show that while the callback rate of applicants with an illness-related employment gap is lower than that of the newly unemployed, applicants with illness-related employment gaps are 2.3 percentage points more likely to receive a callback than identical applicants who provide no explanation for the gap. Our research provides evidence that employers use information on employment gaps as additional signals about workers' unobserved productivity. Co-authored with Dr. Amanda Gaulke and Dr. Hugh Cassidy, the second essay tests how employers perceive the value of post-baccalaureate certificates using the same methodology in the first essay. We randomly assign a post-baccalaureate certificate credential to fictitious résumés and apply to real vacancy postings for managerial, administrative and accounting assistant positions on a large online job board. We find that post-baccalaureate certificates are 2.4 percentage points less likely to receive a callback than those without this credential. However, this result is driven by San Francisco, and there is no effect in Los Angeles or New York. By occupation, we also find that there is only significant negative effect in administrative assistant jobs, and there is none in managerial or accounting assistant jobs. A typographical error made in the résumés of certificate holders regarding the expected year of completion of the certificate may also contribute to negative effects of a certificate. Using NLSY79 data, the third essay tests whether the source of health insurance creates incentives for newly-diagnosed workers to remain sufficiently employed to maintain access to health insurance coverage. I compare labor supply responses to new diagnoses of workers dependent on their own employment for health insurance with the responses of workers who are dependent on their spouse's employer for health insurance coverage. I find that workers who depend on their own job for health insurance are 1.5-5.5 percentage points more likely to remain employed and for those employed, are 1.3-5.4 percentage points less likely to reduce their labor hours and are 2.1-6.1 percentage points more likely to remain full-time workers.

Correspondence study

Employer-sponsored health insurance

Labor supply

Labor demand

Post-baccalaureate certificate

The use of social media as a means of improving the quantity and quality of the pass rate in computer programming at FET colleges in the

Dzvapatsva, Godwin Pedzisai

January 2013

Magister Commercii (Infomation Management) / The aim of this research was to investigate the use of social media (SM) in improving the quantity and quality of passes in computer programming in South Africa’s Further Education and Training (FET) colleges. The study addresses the high learner failure rates in computer programming at National Certificate (Vocational) (NCV) level 3. A preliminary investigation identified that increased lecturer contact time with the students could positively affect the quantity and quality of passes in computer programming. The social medium of Facebook (FB) was studied to assess whether it could enhance contact time with students. In investigating factors affecting computer programming passes at the College of Cape Town, the study identified how SM technologies can assist in increasing contact time for students outside normal college time. Four groups on FB were created to allow learners to ask questions, interact with the lecturer and peers on the subject. A mixed approach was employed using qualitative and quantitative data. Test scores for previous years (2011) were compared to current (2012) test scores for the NCV 3 learners. Statistical functions calculated the average passes and total number of passes. Furthermore, a total of thirty questionnaires were used to check the learners’ perceptions toward the use of SM outside the class to enhance performance.. More lecturer contact time on FB for one student group scored better in terms of the quantity and quality of passes. The groups using FB (with more practice time or more technical contact time) produced results which were far better than in previous years (2010 and 2011). The fourth group using FB for more peer interaction also did fairly well with an increase at the end of the year (2012) of 35% pass in programming at level 3 - up from 30% in 2011. It is the researcher’s view that, once internet access is evenly spread, it has the potential to increase performance in subjects like computer programming. A further look at the certification of level 4 learners for programming subjects indicated an improvement could be possible by the introduction of SM at level 3 - where much of the bottleneck lies. As this research was limited to a single FET college it cannot be generalised. Further research spread across various FET colleges countrywide will serve to confirm these findings and determine new insights into the whole process of using SM to improve passes in computer programming at NCV level 3.. The practical recommendation is that FB should be used for this stated purpose. In respect of academic recommendations, the researcher intends to implement the same study with learners at level two and level four.

Further Education and Training (FET)

National Certificate Vocational (NCV)

Quality

Quantity

Contact time

Performance

Test scores