The application of hash chains and hash structures to cryptography

Page, Thomas

January 2009

In this thesis we study how hash chains and other hash structures can be used in various cryptographic applications. In particular we focus on the applications of entity authentication, signatures and key establishment. We study recursive application of hash functions to create hash chains, hash trees and other hash structures. We collate all these to form a catalogue of structures that we apply to various cryptographic applications. We study existing work on authentication and create many entity authentication schemes based on structures from our catalogue. We present a novel algorithm to find efficient signature schemes from any given hash structure. We study some suggestions for suitable hash structures and define a particular scalable hash structure complete with a simple message to signature map that is the most efficient such scheme of which we know. We explore k-time signature schemes and identify two new properties, which we call perforated and porous. We look at the application of hash structures to key establishment schemes. We compare the existing schemes and make improvements on many. We present a new key establishment scheme, and show a link between certain k-time signatures and certain key establishment schemes. We look at the other applications of hash structures, and suggest areas in which our catalogue could be used for further development.

500

建立一個以服務多代理者系統為主的公鑰匙架構 / Building a Public Key Infrastructure for Multi-Agent Systems

唐朝緯, Chao-Wei Tang

Unknown Date

代理者（Agent）是一個自主性的軟體程式，可以幫助代表人類在網際網路上從事各種的電子化服務（E-Service）。由於目前多代理者系統缺少了安全管理的機制，以致於目前為止代理者代表人類在網上從事活動的行為還不被大家接受。因此，我們提出了一套以代理者為導向的公鑰匙架構（Agent-Oriented Public Key Infrastructure, APKI），各式各樣的數位憑證被產生、儲存、註銷及驗證，以滿足不同存取控制的需求。例如，代理者的認證是以代理者身份憑證為基礎，而授權的部分則以授權憑證或屬性憑證來做驗證。透過這些數位憑證，我們可以在虛擬網路上的代理者之間建立一條信任路徑，一個安全的電子化服務的實際應用範例將會以此架構實作及呈現出來，以驗證我們所提架構的可行性。 / Agent is autonomous software that mediates e-service for human on the Internet. The acceptance of agent-mediated e-service (AMES) is very slow for the lacking of security management infrastructure for multi-agent system. Therefore we proposed an agent-oriented public key infrastructure (APKI) for multi-agent e-service. In this APKI, a taxonomy of digital certificates are generated, stored, verified, and revoked to satisfy different access and delegation control purposes. Agent identity certificate was designed for agent’s authentication whereas attributed and agent authorization certificates were proposed for agent’s authorization and delegation. Using these digital certificates, we establish agent trust relationships on the cyberspace. A trusted agent-mediated e-service scenario will be shown to demonstrate the feasibility of our APKI.

Public Key Infrastructure

Multi-Agent Systems

Security

Authentication

Authorization

A Session Initiation Protocol User Agent with Key Escrow

Hossen, MD. Sakhawat

January 2009

<p>Voice over Internet Protocol (VoIP), also called IP telephony is rapidly becoming a familiar term and as a technology it is invading the enterprise, private usage, and educational and government organizations. Exploiting advanced voice coding & compression techniques and bandwidth sharing over packet switched networks, VoIP can dramatically improve bandwidth efficiency. Moreover enhanced security features, mobility support, and cost reduction features of VoIP are making it a popular choice for personal communication. Due to its rapid growth in popularity VoIP is rapidly becoming the next generation phone system.</p><p>Lawful interception is a mean of monitoring private communication of users that are suspected of criminal activities or to be a threat to national security. However, government regulatory bodies and law enforcement agencies are becoming conscious of the difficulty of lawful interception of public communication due to the mobilitysupport and advanced security features implemented in some implementations of VoIP technology. There has been continuous pressure from the government upon the operators and vendors to find a solution that would make lawful interception feasible and successful. Key escrow was proposed as a solution by the U. S. National Security Agency. In key escrow the key(s) for a session are entrusted to a trusted third party and upon proper authorization law enforcement agencies can receive the session key(s) from this trusted third party However, key escrow adds some security vulnerabilities and potential risks as an unethical employee of the key escrow agent (or a law enforcement agency that has received the session key(s)) can misuse the key(s) to forge content of a communication session -- as he or she possesses the same key(s) as the user used for this session.</p><p>This thesis addresses the issue of forged session content, by proposing, implementing, and evaluating a cryptographic model which allows key escrow session content. The implementation utilizes an existing implementation of a Session Initiation Protocol (SIP) user agent ‘minisip’ developed at KTH. The performance evaluation results suggest that the proposed model can support key escrow while protecting the user communication from being forged with the cost of minimal computational resource and negligible overhead. <em>without</em> the possibility of undetectable fabrication of<em><strong>  </strong></em>session content. The implementation utilizes an existing implementation of a Session Initiation Protocol (SIP) user agent ‘minisip’ developed at KTH. The performance evaluation results suggest that the proposed model can support key escrow while protecting the user communication from being forged with the cost of minimal computational resource and negligible overhead.</p>

Lawful Interception

Key escrow

SRTP

MIKEY

PKI

Digital Signature

Accountability of Social Economy Organizations: Challenges and Conflicts

2014 June 1900

The provision of public services has changed significantly over the years. One of the more recent changes has involved the increased delivery of public services by non-governmental organizations, whether these organizations be private in nature or belong to the so-called third sector. The third sector is known by a number of different terms, including the non-profit sector, the voluntary sector, civil society, and the social economy. Of particular interest in this study are those social economy organizations (SEOs) that receive the whole or a part of their revenue from the government. These organizations must be accountable to the government for the funds that government provides to them. The purpose of this accountability is to ensure SEOs undertake their obligations to use public resources effectively and to deliver quality public services. One potential accountability challenge involves the limitations associated with the performance evaluation of SEOs, since performance is often not easily observable. Performance is comprised of two parts: the work done by the organization (output) and the impact of this work (outcome). The difficulty in the observation of both outputs and outcomes may result in a conflict for the SEOs between focusing on observable parts of their work that can be more readily measured and reported to meet accountability requirements versus work with less tangible outputs and outcomes. In a funding agreement between an SEO and government, the SEO might have to agree with government requirements, for instance, to follow standardized procedures so that the government can monitor the observable aspects of its work. This requirement may conflict with the SEO’s desire to focus on things that are not observable, and consequently not funded by the government, but are important to the SEO’s mission and social goals. The goal of this research study is to examine the challenges that arise in the operation of SEOs, given that they need to be responsive to government’s expectations and at the same time follow their mission requirements. In-depth interviews were used to examine the extent to which outputs and outcomes are unobservable in SEOs as well as the possible conflicts that might arise between competing objectives within SEOs. Interview participants are three SEO executive directors and one manager, each of whom is responsible for the work carried out by his or her respective SEO. A government employee involved in providing funding to one of the SEOs was also interviewed. The results of this study suggest that the SEOs that were examined have varying degrees of unobservable outputs and outcomes. This study also found that organizations with a greater percentage of unobservable outputs and outcomes experienced a greater degree of conflict in their relationships with government. One of the reasons for the conflict is that the SEO personnel felt that the government focused its attention too much on the observable outputs/outcomes and not enough on outputs and outcomes that, although unobservable, were nevertheless important to clients and the public. Moreover, the SEOs examined in this study that serve specific groups of clients, such as seniors or immigrants, experienced less conflict than those whose services (e.g., increasing environmental sustainability) target the general public. The results of this research have implications for the way in which government structures its activities. Over the last 25-30 years, governments have, through New Public Management (NPM), privatized the provision of public services and encouraged greater competition in the delivery of public services. The results of the analysis carried out in this thesis suggest that this restructuring may not be as effective in situations where the services are directed toward the general public and/or where the services provided involve unobservable outputs and outcomes. The added conflict that appears to accompany these situations suggests that there may be goals and objectives that are important to society but are not being met through the contractual relationship established between the government and the SEO. Since NPM is expected to remain in place, government may wish to find ways of better addressing important unobservable outputs and outcomes. One suggestion, drawn from the interviews with SEOs, is that the government officials who are assigned to work with SEOs should have a good knowledge of the SEOs and be familiar with their missions and functions. This knowledge and familiarity might enable the government officials to evaluate the degree to which non-observable outputs and outcomes are being provided, which in turn might reduce conflict and ensure a better provision of services to clients and the public.

Anonymity and time in public-key encryption

Quaglia, Elizabeth

January 2012

In a world that is increasingly relying on digital technologies, the ability to securely communicate and distribute information is of crucial importance. Cryptography plays a key role in this context and the research presented in this thesis focuses on developing cryptographic primitives whose properties address more closely the needs of users. We start by considering the notion of robustness in public-key encryption, a property which models the idea that a ciphertext should not decrypt to a valid mes- sage under two different keys. In contexts where anonymity is relevant, robustness is likely to be needed as well, since a user cannot tell from the ciphertext if it is intended for him or not. We develop and study new notions of robustness, relating them to one another and showing how to achieve them. We then consider the important issue of protecting users' privacy in broadcast encryption. Broadcast encryption (BE) is a cryptographic primitive designed to efficiently broadcast an encrypted message to a target set of users that can decrypt it. Its extensive real-life application to radio, television and web-casting renders BE an extremely interesting area. However, all the work so far has striven for efficiency, focusing in particular on solutions which achieve short ciphertexts, while very little attention has been given to anonymity. To address this issue, we formally define anonymous broadcast encryption, which guarantees recipient-anonymity, and we provide generic constructions to achieve it from public-key, identity-based and attribute-based encryption. Furthermore, we present techniques to improve the efficiency of our constructions. Finally, we develop a new primitive, called time-specific encryption (TSE), which allows us to include the important element of time in the encryption and decryption processes. In TSE, the sender is able to specify during what time interval a ciphertext can be decrypted by a receiver. This is a relevant property since information may become useless after a certain point, sensitive data may not be released before a particular time, or we may wish to enable access to information for only a limited period. We define security models for various flavours of TSE and provide efficient instantiations for all of them. These results represent our efforts in developing public-key encryption schemes with enhanced properties, whilst maintaining the delicate balance between security and efficiency.

652.8

Positive beginnings? : the role of the Key Person in Early Years adult-child relationships

Lemos, Marcos Theodore

January 2012

This research project aims to explore the role of the Key Person in Early Years preschool and nursery settings. The Key Person role is specified in the Early Years Foundation Stage (EYFS) guidance, and aims to provide an adult figure with which the children can form a positive and productive learning relationship. The present study originated from previous research conducted in the same authority which looked at the experiences of children in day care settings (Day, 2010). Day (2010) identified children’s attachment needs in day care settings as being an avenue for further research, and it was from this that the present study developed. The current study seeks to understand the role of the Key Person in terms of how relationships are formed with children in Early Years settings, and what those relationships look like on a daily basis. This is an important line of enquiry, as an understanding of Early Years, adult-child relationships can help inform effective future practice for Early Years staff, as well as enable outside professionals (such as Educational Psychologists) to design more effective means of early intervention for the children who may need additional support. The theoretical foundations for this research lie in attachment theory (Bowlby, 1969), following the language used by the Government Guidance on the role of the Key Person. Attachment theory is used here as a basis for understanding early adult-child relationships, and the review of the literature looks at research that has explored the impact of children’s attendance in day care settings. The project is divided into two linked research papers. In the first paper, the role of the Key Person is explored through surveying and interviewing a sample of Early Years staff. In doing this, the following research objectives were addressed: • To examine the approaches that Key Persons use to form relationships with the children in their care. • To explore Key Persons’ perceptions of their role within the setting and the challenges they face. • To examine the awareness and impact of the current government guidance on Key Person practice. • To examine how settings organise and evaluate the Key Person role. In the second paper, the relationships between the Key Persons and the children they care for are explored through a series of case studies. This was in order to address the following research objectives: • To explore the relationships between particular children with adults in Early Years settings through intensive case studies. • To examine the Key Person-child relationship by comparing Key Person-child interactions with interactions with other adults in the setting. • To compare cases of Key Person-child relationships between children who have identified social or emotional needs and those who do not. The findings from paper one indicated that Key Persons do not generally seem to use the Government Guidance as a primary influence on the way they build positive relationships with their Key Children. Key Persons seemed to base their practice on experiential knowledge. Furthermore, the organisation of the role in most settings seemed to indicate a more administrative focus than a focus on building specific relationships. Paper two showed that Key Persons generally had more interactions with their Key Children than other adults had with the same children. Differences were found in the types of interactions children experienced with different adults. Relationships were reported to be close with both groups of children, with Key Persons reporting more conflict with the children identified with social or emotional needs. It is hoped that the findings of the two linked papers will inform EP practice in relation to Early Years settings, particularly in terms of developing early intervention. From professional experience, there seems to be a large amount of diversity in the way EP services work with preschool-aged children and the professionals who support them. Perhaps further uses for the findings in this research could be to inform future collaborative working, as well as areas to which EPs can contribute their body of research knowledge. The following document presents each study separately as individual papers, each with appendices which contain additional information on methods and data analysis. The papers are followed by the literature review, university Ethics form and the bibliography for the entire study.

372.11

An investigation into children's understanding of the order of operations

Headlam, Caroline

January 2013

This thesis reports on the findings of an international study into the way in which children approach calculations which involve the order of operations. The study involved 203 pupils aged between 12 to 14 years from four different countries: England, The USA (New York State), Japan and The Netherlands. Many pupils in England are taught to use mnemonics such as BODMAS or BIDMAS to remember the correct order of operations, and in the USA pupils are often taught to use PEMDAS. However in Japan and The Netherlands these methods are not used, and the approach to teaching mathematics differs considerably across the countries. In this study pupils from classes in these four countries have been given calculations to perform and their work has been analysed for misconceptions. The analysis of their work has involved use of the Key Recorder software as a data collection tool, in which the pupils’ calculator keystrokes have been recorded and played back to give a unique insight into their thinking. Analysis of the children’s work has resulted in the categorisation of the misconceptions that were observed, and suggests that the nature of the mathematics curriculum and the teaching methods employed may have a significant effect on the way in which children approach calculations of this sort.

510

Rigor and Transparency i.e., How to prevent the zombie paper Apocalypse

Bandrowski, Anita

27 October 2016

Presentation given on October 27, 2016 at Data Reproducibility: Integrity and Transparency program as part of Open Access Week 2016. / The NIH is now requiring the authentication of Key Biological Resources to be specified in a scored portion of most grant applications, but what does it mean to authenticate? We will discuss what Key Biological Resources are, the ongoing efforts to understand how to authenticate them and of course the resources available, including examples. The journal response to authentication will also be pointed to and practical steps that every researcher can take today to improve reporting of research in scientific publication.

National Institute of Health

Authentication

key biological resources

data reproducibility

Secret Key Rates and Optimization of BB84 and Decoy State Protocols Over Time-Varying Free-Space Optical Channels

Sun, Xiaole, Djordjevic, Ivan B., Neifeld, Mark A.

06 1900

We optimize secret key rates (SKRs) of weak coherent pulse (WCP)-based quantum key distribution (QKD) over time-varying free-space optical channels affected by atmospheric turbulence. The random irradiance fluctuation due to scintillation degrades the SKR performance of WCP-based QKD, and to improve the SKR performance, we propose an adaptive scheme in which transmit power is changed in accordance with the channel state information. We first optimize BB84 and decoy state-based QKD protocols for different channel transmittances. We then present our adaptation method, to overcome scintillation effects, of changing the source intensity based on channel state predictions from a linear autoregressive model while ensuring the security against the eavesdropper. By simulation, we demonstrate that by making the source adaptive to the time-varying channel conditions, SKRs of WCP-based QKD can be improved up to over 20%.

Quantum key distribution

free-space optical communication

source adaptation

User-centred video abstraction

Darabi, Kaveh

January 2015

The rapid growth of digital video content in recent years has imposed the need for the development of technologies with the capability to produce condensed but semantically rich versions of the input video stream in an effective manner. Consequently, the topic of Video Summarisation is becoming increasingly popular in multimedia community and numerous video abstraction approaches have been proposed accordingly. These recommended techniques can be divided into two major categories of automatic and semi-automatic in accordance with the required level of human intervention in summarisation process. The fully-automated methods mainly adopt the low-level visual, aural and textual features alongside the mathematical and statistical algorithms in furtherance to extract the most significant segments of original video. However, the effectiveness of this type of techniques is restricted by a number of factors such as domain-dependency, computational expenses and the inability to understand the semantics of videos from low-level features. The second category of techniques however, attempts to alleviate the quality of summaries by involving humans in the abstraction process to bridge the semantic gap. Nonetheless, a single user’s subjectivity and other external contributing factors such as distraction will potentially deteriorate the performance of this group of approaches. Accordingly, in this thesis we have focused on the development of three user-centred effective video summarisation techniques that could be applied to different video categories and generate satisfactory results. According to our first proposed approach, a novel mechanism for a user-centred video summarisation has been presented for the scenarios in which multiple actors are employed in the video summarisation process in order to minimise the negative effects of sole user adoption. Based on our recommended algorithm, the video frames were initially scored by a group of video annotators ‘on the fly’. This was followed by averaging these assigned scores in order to generate a singular saliency score for each video frame and, finally, the highest scored video frames alongside the corresponding audio and textual contents were extracted to be included into the final summary. The effectiveness of our approach has been assessed by comparing the video summaries generated based on our approach against the results obtained from three existing automatic summarisation tools that adopt different modalities for abstraction purposes. The experimental results indicated that our proposed method is capable of delivering remarkable outcomes in terms of Overall Satisfaction and Precision with an acceptable Recall rate, indicating the usefulness of involving user input in the video summarisation process. In an attempt to provide a better user experience, we have proposed our personalised video summarisation method with an ability to customise the generated summaries in accordance with the viewers’ preferences. Accordingly, the end-user’s priority levels towards different video scenes were captured and utilised for updating the average scores previously assigned by the video annotators. Finally, our earlier proposed summarisation method was adopted to extract the most significant audio-visual content of the video. Experimental results indicated the capability of this approach to deliver superior outcomes compared with our previously proposed method and the three other automatic summarisation tools. Finally, we have attempted to reduce the required level of audience involvement for personalisation purposes by proposing a new method for producing personalised video summaries. Accordingly, SIFT visual features were adopted to identify the video scenes’ semantic categories. Fusing this retrieved data with pre-built users’ profiles, personalised video abstracts can be created. Experimental results showed the effectiveness of this method in delivering superior outcomes comparing to our previously recommended algorithm and the three other automatic summarisation techniques.

006.6