- The document discusses privacy-preserving digital infrastructures and presents several approaches to enabling anonymous key agreement between users and networks/service providers to preserve privacy in mobile communication and payments.
- It outlines protocols using public key encryption, Diffie-Hellman key exchange, and signatures to anonymously establish encryption keys while preventing malicious parties from tracing users.
- The research aims to make these systems seamless for users while achieving a balance between strong privacy and practical efficiency and usability.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document provides an overview of network security and cryptography. It discusses the history and basic concepts of networking and security. The document covers risk management, network threats like viruses and denial of service attacks. It also explains different network security methods like virtual private networks (VPNs), firewalls, and IPSec. Cryptography techniques like secret key cryptography, public key cryptography, hash functions, and authentication methods are summarized. Popular cryptographic algorithms and protocols like PGP, SHA, and AAA servers are also mentioned.
Why Should You Pay Attention To Quantum Computing?Milos Dunjic
Quantum computing, is an exciting and rather unusual field of informatics. Recently I had privilege to participate on The Quantum Panel, as part of the Payments Canada conference, where I shared some of my view with wider audience.
Is quantum computing an existential threat to blockchain technology Blockchain Council
The document discusses whether quantum computing poses an existential threat to blockchain technology. It explains that blockchain security relies on public key cryptography, which uses private/public key pairs. Quantum computing could break this security by being able to efficiently test private keys through parallel processing. However, blockchain projects are working on quantum-resistant approaches like hash-based cryptography. While quantum computers now outperform classic ones for limited problems, blockchains could upgrade through hard forks to maintain security against future quantum threats.
The Quantum Era & Quantum Key Distribution IDQuantique
This document discusses quantum computing and the need for quantum cryptography solutions like Quantum Key Distribution (QKD) for long-term secure communication and data protection. It notes that quantum computing will break current public key encryption within 5-10 years, but that QKD uses the laws of quantum mechanics to detect eavesdropping and guarantee secure key exchange into the future even with advances in code-breaking capabilities. The document provides an overview of how QKD works and its advantages over classical key distribution methods.
The document summarizes results from the Celtic MARCH project on multilink solutions in heterogeneous networks. The project aimed to lower the cost of converged broadband delivery through scalable multilink architectures. Key results included analyzing the broadband access market and economics, developing multilink network techniques and architectures, and demonstrating multilink networks through applications like robust video conferencing over multiple access networks.
This document outlines Norway's national strategy for ICT research and development. It discusses prioritizing areas where Norway has world-class research, areas important to Norwegian businesses, and areas that address societal challenges. It focuses on strengthening ties between research and sectors, establishing centers of excellence, and increasing commercialization of publicly funded research. The strategy also emphasizes increasing Norway's competency in cyber security, digitizing and innovating the public sector, and applying ICT to challenges in health and care. Overall, the document provides Norway's strategic plan to prioritize and fund impactful ICT research.
El documento repite el nombre de la Universidad Mayor de San Andrés, su Instituto de Investigación, Interacción y Postgrado de Psicología varias veces, lo que indica que trata sobre esta institución educativa y de investigación en Bolivia.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
This document provides an overview of network security and cryptography. It discusses the history and basic concepts of networking and security. The document covers risk management, network threats like viruses and denial of service attacks. It also explains different network security methods like virtual private networks (VPNs), firewalls, and IPSec. Cryptography techniques like secret key cryptography, public key cryptography, hash functions, and authentication methods are summarized. Popular cryptographic algorithms and protocols like PGP, SHA, and AAA servers are also mentioned.
Why Should You Pay Attention To Quantum Computing?Milos Dunjic
Quantum computing, is an exciting and rather unusual field of informatics. Recently I had privilege to participate on The Quantum Panel, as part of the Payments Canada conference, where I shared some of my view with wider audience.
Is quantum computing an existential threat to blockchain technology Blockchain Council
The document discusses whether quantum computing poses an existential threat to blockchain technology. It explains that blockchain security relies on public key cryptography, which uses private/public key pairs. Quantum computing could break this security by being able to efficiently test private keys through parallel processing. However, blockchain projects are working on quantum-resistant approaches like hash-based cryptography. While quantum computers now outperform classic ones for limited problems, blockchains could upgrade through hard forks to maintain security against future quantum threats.
The Quantum Era & Quantum Key Distribution IDQuantique
This document discusses quantum computing and the need for quantum cryptography solutions like Quantum Key Distribution (QKD) for long-term secure communication and data protection. It notes that quantum computing will break current public key encryption within 5-10 years, but that QKD uses the laws of quantum mechanics to detect eavesdropping and guarantee secure key exchange into the future even with advances in code-breaking capabilities. The document provides an overview of how QKD works and its advantages over classical key distribution methods.
The document summarizes results from the Celtic MARCH project on multilink solutions in heterogeneous networks. The project aimed to lower the cost of converged broadband delivery through scalable multilink architectures. Key results included analyzing the broadband access market and economics, developing multilink network techniques and architectures, and demonstrating multilink networks through applications like robust video conferencing over multiple access networks.
This document outlines Norway's national strategy for ICT research and development. It discusses prioritizing areas where Norway has world-class research, areas important to Norwegian businesses, and areas that address societal challenges. It focuses on strengthening ties between research and sectors, establishing centers of excellence, and increasing commercialization of publicly funded research. The strategy also emphasizes increasing Norway's competency in cyber security, digitizing and innovating the public sector, and applying ICT to challenges in health and care. Overall, the document provides Norway's strategic plan to prioritize and fund impactful ICT research.
El documento repite el nombre de la Universidad Mayor de San Andrés, su Instituto de Investigación, Interacción y Postgrado de Psicología varias veces, lo que indica que trata sobre esta institución educativa y de investigación en Bolivia.
Este documento presenta una escala de "maricometro" para medir cuán "macho" o "maricón" son los hombres según 16 características como regalos preferidos, uso de cremas, mascotas, deportes, comidas, bebidas, limpieza y más. Advierte que tener 1-2 características dudosas es preocupante, 3-4 significa estar "en vías de mariconeo" y más de 5 puntos indica ser abiertamente "fleto" o maricón. Concluye diciendo que si alguien tiene más de 8 p
El documento habla sobre el proceso de toma de decisiones en una empresa. Este proceso implica recopilar información, enumerar alternativas y evaluarlas usando la racionalidad. Las buenas decisiones requieren de cualidades personales como experiencia, buen juicio y creatividad.
Este documento trata sobre la prehistoria y contiene información sobre varios temas prehistóricos. Explica que una pintura rupestre es un dibujo o boceto prehistórico encontrado en rocas y cavernas. También describe que un yacimiento minero es el conjunto de labores necesarias para extraer minerales del subsuelo, así como las plantas para procesar los minerales extraídos. Finalmente, señala que los minerales se originan por procesos geológicos internos como el tectonismo o el vulcan
This document contains codes for different rates, with R300 and R500 listed. It also contains placeholders for banners or other images with the text "YOUR BANNER HERE" repeated twice.
DigiOnline: WebWeaver@School - Lernplattform für Schulen und SchulträgerUnivention GmbH
Kurzvorstellung der DigiOnline App WebWeaver School. Die Präsentation stellt grundlegende Aspekte von WebWeaver School für Schulträger vor. Als Schulträgerlösung eingesetzt, bildet sie eine zentrale cloudbasierte Infrastruktur für alle Schulen, die auch private und schulische Mobilgeräte einbindet. Digitale Medien, freie Lernressourcen, Verlagsinhalte sowie Stunden- und Vertretungsplansystem sind direkt integriert und ohne weiteren Login zu nutzen.
El documento discute el contexto general de las reformas educativas, señalando que los currículos definen las grandes orientaciones de un sistema educativo, mientras que los programas de estudio son más específicos. También analiza enfoques tradicionales basados en objetivos frente a enfoques más recientes centrados en competencias y situaciones de aprendizaje, concluyendo que se necesita una mejor teorización del concepto de competencia y un enfoque situado para el diseño de programas.
INHOUD:
1. Wetgeving en definities
2. Registratie alojamento local
3. Inkomstenbelasting IRS - IRC
4. IVA - BTW
5. Segurança Social
by Peter J. van Doorn, Contabilista Certificado
These independent clinical studies conducted at top research centers found that MONAT ingredient users experienced significant hair growth, decreased thinning and hair fallout, increased density and fullness, and improved hair shine and condition, with no serious adverse side effects reported. The document then provides details on individual clinical studies conducted on ingredients including Capixyl, Procataline, and Crodasorb, finding benefits such as increased hair growth rates and decreased hair loss.
Este documento trata sobre conceptos relacionados con las infecciones y la salud pública. Define salud pública, salud, enfermedad e infección. Explica los orígenes, vehículos, portadores y clasificaciones de las infecciones, así como los períodos de incubación y prodrómico.
Новый коттедж под ключ с мебелью площадью 505 кв.м. на участке 18 соток в охраняемом коттеджном поселке Горки 22 (ДПК Тайм-1) возле деревни Бузаево. Все центральные коммуникации, 2 КПП с возможностью выезда как на Рублево-Успенское шоссе (18 км до МКАД), так и на дублер Минского шоссе (22 км до МКАД).
На участке выполнены ландшафтные работы: дренаж, газон, дорожки, скамейки, взрослые лесные деревья. Очень тихое место, удаленное от магистралей.
Конструктив и материалы:
Монолитный каркас и перекрытия, кирпичные стены, ленточный фундамент, фасад оштукатурен, натуральная черепица Braas, деревянные окна, мансардные окна Velux.
Оборудование:
Котел Buderus, система приточно-вытяжной вентиляции и центрального кондиционирования Mitsubishi, теплые полы, пожарная и охранная сигнализация с управлением системой через мобильное приложение, домофон с видеонаблюдением, оптоволоконный интернет с разводкой wi-fi по дому, автоматические гаражные ворота, система водоподготовки Waterboss, спутниковое телевидение, кухонная техника Miele.
Планировка:
1 этаж: гостиная 30,2 кв.м., столовая 16,4 кв.м., кухня 23,1 кв.м., терраса 24,9 кв.м., каминный зал 24,3 кв.м., прихожая-второй свет 31,4 кв.м., гардероб 5,4 кв.м., постирочная 6,7 кв.м., гостевой санузел 2,4 кв.м., технический санузел 1,5 кв.м., тамбур 2,9 кв.м., крыльцо 10 кв.м., котельная 7,4 кв.м., гараж на 2 м/м 50,8 кв.м.
2 этаж: хозяйская спальня 25,5 кв.м, с санузлом 9,9 кв.м., гардеробной комнатой 9,2 кв.м. и балконом 7,2 кв.м., вторая спальня 21,9 кв.м. с санузлом 8,7 кв.м., гардеробом 3,5 кв.м. и балконом 7,3 кв.м., третья спальня 20,9 кв.м. с санузлом 5,4 кв.м., холл второго этажа 33,6 кв.м.
Мансарда: помещение свободного назначения 68,7 кв.м., санузел 10,5 кв.м., техническое помещение 22,9 кв.м.
Стоимость: 2 200 000 USD.
El documento habla sobre el aprendizaje autónomo, que es la capacidad de aprender por uno mismo y requiere madurez para establecer objetivos, procedimientos, recursos y momentos de evaluación. El aprendizaje autónomo se fundamenta en conocimientos previos, condiciones de aprendizaje y conocimientos significativos, y aunque un guía puede mediar el proceso de manera presencial o no presencial, el estudiante debe volverse responsable, centrado, flexible, colaborativo, creativo, automotivado y autodependiente
This Thursday, Courtney Cochran is releasing her first book "Hip Tastes: The Fresh Guide to Wine". The book provides a practical and concise tutorial for wine novices, with one-point paragraphs that overview wine. It offers solutions for common dilemmas like what to drink with bad reception wine or Mexican food. While avoiding endless lists, it includes recommendations and a pronunciation guide in the appendix for those who want extra details.
Ciclo Sup. Mantenimiento de Instalaciones térmicas y de fluidosTic Eraiken
Este documento presenta un programa de estudios para el título de Técnico Superior en Mantenimiento de Instalaciones Térmicas y de Fluidos. El programa consta de dos cursos con asignaturas como Equipos e Instalaciones Térmicas, Procesos de Montaje de Instalaciones, y Representación Gráfica de Instalaciones en el primer curso, y Gestión del Montaje, de la Calidad y del Mantenimiento, Mantenimiento de Instalaciones Frigoríficas y de Climatización en el segundo curso. El programa capacita a los estud
1) The document discusses network redundancy and the advantages of Netnod's model, including its Internet Exchange Points (IXPs) in Stockholm and other Swedish cities.
2) Netnod upgraded the layer 2 switches at its Stockholm IXP to new MLXe-32 machines in June to gain higher port density and prepare for future growth.
3) Netnod is inviting members to its autumn meeting in Stockholm on October 3-4th, which will feature presentations on SDN, peering data analysis, and streaming industry trends.
Public Blockchain technology like Ethereum is gaining interest and growing use case among startup and fintechs.
Apart from scalability issues which are going to be solved with new consensus and mining techniques (Ethereum Metropolis and Bitcoin SegWit2x with Lightning network), the privacy of transactions is still an issue which is not yet fully addressed. Due to the public nature of Ethereum, many businesses are reluctant to deploy Smart-contract or Dapps solutions for fear of exposing confidential or sensitive information.
The use of zk-SNARKs (zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”) essentially solves this blocker. Moreover, the next Ethereum Improvement Proposal called 'Byzantium' includes zk-SNARKS.
zk-SNARKs allows verification of the correctness of computations, without a verifier having to execute those computations or even learn what was actually executed. Using zk-SNARKs, a verifier can confirm that a computation happened correctly, with ‘zero-knowledge’ of the computation itself.
During this talk, we present a brief overview of cryptography and the theory around the zero-knowledge proof algorithm. Then we showcase the benefits of zk-SNARKS and other privacy-preserving techniques (like zcash) on the public blockchain ecosystem.
Privacy-preserving techniques using zero knowledge proof in public EthereumNagib Aouini
Public Blockchain technology like Ethereum is gaining interest and growing use case among startup and fintechs.
Apart from scalability issues which are going to be solved with new consensus and mining techniques (Ethereum Metropolis and Bitcoin SegWit2x with Lightning network),
privacy on transaction is still an issue which is not yet fully addressed yet. Because of the public nature of a Ethereum, many businesses are reluctant to deploy Smart-contract or Dapps solutions for fear of exposing confidential or sensitive information.
The use of zk SNARKs (zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”) would essentially solve this dilemma (next EIP improvement of Ethereum called 'Byzantium' include zk SNARKS).
The idea of zk-SNARKs is that they allow verification of the correctness of computations, without a verifier having to execute those computations, or even learn what was actually executed. Using zk-SNARKs, a verifier can confirm that a computation happened correctly, with ‘zero-knowledge’ of the computation.
We propose during this talk to have a brief presentation on cryptography and theory around zero-knowledge proof algorithm.
Then we will try to showcase the benefits of zk-SNARKS and other privacy-preserving techniques (like zcash) on the public blockchain ecosystem.
This document discusses a secure digital signature approach for SMS security using ECDSA algorithm. It begins with an introduction to digital signatures and their technical details. It then discusses the legal recognition of digital signatures in India according to the Information Technology Act 2000. It describes SMS architecture and vulnerabilities. The document proposes using ECDSA algorithm to add non-repudiation to SMS through digital signatures. It analyzes the security of this approach and discusses checking it for vulnerabilities before concluding and citing references.
This document proposes a differentially private and secure aggregation protocol for federated learning using the hardness of Learning with Errors (LWE).
The key ideas are to have clients mask their private inputs with LWE noise before submitting to the server, perform a secure multi-party computation to sum the low-dimensional secret values, and have the server subtract the aggregate masks to obtain the sum. The LWE noise used for masking can also satisfy differential privacy if drawn from an appropriate Gaussian distribution. Experimental results show the protocol achieves nearly optimal communication compared to the state of the art with significantly improved performance for large models.
Este documento presenta una escala de "maricometro" para medir cuán "macho" o "maricón" son los hombres según 16 características como regalos preferidos, uso de cremas, mascotas, deportes, comidas, bebidas, limpieza y más. Advierte que tener 1-2 características dudosas es preocupante, 3-4 significa estar "en vías de mariconeo" y más de 5 puntos indica ser abiertamente "fleto" o maricón. Concluye diciendo que si alguien tiene más de 8 p
El documento habla sobre el proceso de toma de decisiones en una empresa. Este proceso implica recopilar información, enumerar alternativas y evaluarlas usando la racionalidad. Las buenas decisiones requieren de cualidades personales como experiencia, buen juicio y creatividad.
Este documento trata sobre la prehistoria y contiene información sobre varios temas prehistóricos. Explica que una pintura rupestre es un dibujo o boceto prehistórico encontrado en rocas y cavernas. También describe que un yacimiento minero es el conjunto de labores necesarias para extraer minerales del subsuelo, así como las plantas para procesar los minerales extraídos. Finalmente, señala que los minerales se originan por procesos geológicos internos como el tectonismo o el vulcan
This document contains codes for different rates, with R300 and R500 listed. It also contains placeholders for banners or other images with the text "YOUR BANNER HERE" repeated twice.
DigiOnline: WebWeaver@School - Lernplattform für Schulen und SchulträgerUnivention GmbH
Kurzvorstellung der DigiOnline App WebWeaver School. Die Präsentation stellt grundlegende Aspekte von WebWeaver School für Schulträger vor. Als Schulträgerlösung eingesetzt, bildet sie eine zentrale cloudbasierte Infrastruktur für alle Schulen, die auch private und schulische Mobilgeräte einbindet. Digitale Medien, freie Lernressourcen, Verlagsinhalte sowie Stunden- und Vertretungsplansystem sind direkt integriert und ohne weiteren Login zu nutzen.
El documento discute el contexto general de las reformas educativas, señalando que los currículos definen las grandes orientaciones de un sistema educativo, mientras que los programas de estudio son más específicos. También analiza enfoques tradicionales basados en objetivos frente a enfoques más recientes centrados en competencias y situaciones de aprendizaje, concluyendo que se necesita una mejor teorización del concepto de competencia y un enfoque situado para el diseño de programas.
INHOUD:
1. Wetgeving en definities
2. Registratie alojamento local
3. Inkomstenbelasting IRS - IRC
4. IVA - BTW
5. Segurança Social
by Peter J. van Doorn, Contabilista Certificado
These independent clinical studies conducted at top research centers found that MONAT ingredient users experienced significant hair growth, decreased thinning and hair fallout, increased density and fullness, and improved hair shine and condition, with no serious adverse side effects reported. The document then provides details on individual clinical studies conducted on ingredients including Capixyl, Procataline, and Crodasorb, finding benefits such as increased hair growth rates and decreased hair loss.
Este documento trata sobre conceptos relacionados con las infecciones y la salud pública. Define salud pública, salud, enfermedad e infección. Explica los orígenes, vehículos, portadores y clasificaciones de las infecciones, así como los períodos de incubación y prodrómico.
Новый коттедж под ключ с мебелью площадью 505 кв.м. на участке 18 соток в охраняемом коттеджном поселке Горки 22 (ДПК Тайм-1) возле деревни Бузаево. Все центральные коммуникации, 2 КПП с возможностью выезда как на Рублево-Успенское шоссе (18 км до МКАД), так и на дублер Минского шоссе (22 км до МКАД).
На участке выполнены ландшафтные работы: дренаж, газон, дорожки, скамейки, взрослые лесные деревья. Очень тихое место, удаленное от магистралей.
Конструктив и материалы:
Монолитный каркас и перекрытия, кирпичные стены, ленточный фундамент, фасад оштукатурен, натуральная черепица Braas, деревянные окна, мансардные окна Velux.
Оборудование:
Котел Buderus, система приточно-вытяжной вентиляции и центрального кондиционирования Mitsubishi, теплые полы, пожарная и охранная сигнализация с управлением системой через мобильное приложение, домофон с видеонаблюдением, оптоволоконный интернет с разводкой wi-fi по дому, автоматические гаражные ворота, система водоподготовки Waterboss, спутниковое телевидение, кухонная техника Miele.
Планировка:
1 этаж: гостиная 30,2 кв.м., столовая 16,4 кв.м., кухня 23,1 кв.м., терраса 24,9 кв.м., каминный зал 24,3 кв.м., прихожая-второй свет 31,4 кв.м., гардероб 5,4 кв.м., постирочная 6,7 кв.м., гостевой санузел 2,4 кв.м., технический санузел 1,5 кв.м., тамбур 2,9 кв.м., крыльцо 10 кв.м., котельная 7,4 кв.м., гараж на 2 м/м 50,8 кв.м.
2 этаж: хозяйская спальня 25,5 кв.м, с санузлом 9,9 кв.м., гардеробной комнатой 9,2 кв.м. и балконом 7,2 кв.м., вторая спальня 21,9 кв.м. с санузлом 8,7 кв.м., гардеробом 3,5 кв.м. и балконом 7,3 кв.м., третья спальня 20,9 кв.м. с санузлом 5,4 кв.м., холл второго этажа 33,6 кв.м.
Мансарда: помещение свободного назначения 68,7 кв.м., санузел 10,5 кв.м., техническое помещение 22,9 кв.м.
Стоимость: 2 200 000 USD.
El documento habla sobre el aprendizaje autónomo, que es la capacidad de aprender por uno mismo y requiere madurez para establecer objetivos, procedimientos, recursos y momentos de evaluación. El aprendizaje autónomo se fundamenta en conocimientos previos, condiciones de aprendizaje y conocimientos significativos, y aunque un guía puede mediar el proceso de manera presencial o no presencial, el estudiante debe volverse responsable, centrado, flexible, colaborativo, creativo, automotivado y autodependiente
This Thursday, Courtney Cochran is releasing her first book "Hip Tastes: The Fresh Guide to Wine". The book provides a practical and concise tutorial for wine novices, with one-point paragraphs that overview wine. It offers solutions for common dilemmas like what to drink with bad reception wine or Mexican food. While avoiding endless lists, it includes recommendations and a pronunciation guide in the appendix for those who want extra details.
Ciclo Sup. Mantenimiento de Instalaciones térmicas y de fluidosTic Eraiken
Este documento presenta un programa de estudios para el título de Técnico Superior en Mantenimiento de Instalaciones Térmicas y de Fluidos. El programa consta de dos cursos con asignaturas como Equipos e Instalaciones Térmicas, Procesos de Montaje de Instalaciones, y Representación Gráfica de Instalaciones en el primer curso, y Gestión del Montaje, de la Calidad y del Mantenimiento, Mantenimiento de Instalaciones Frigoríficas y de Climatización en el segundo curso. El programa capacita a los estud
1) The document discusses network redundancy and the advantages of Netnod's model, including its Internet Exchange Points (IXPs) in Stockholm and other Swedish cities.
2) Netnod upgraded the layer 2 switches at its Stockholm IXP to new MLXe-32 machines in June to gain higher port density and prepare for future growth.
3) Netnod is inviting members to its autumn meeting in Stockholm on October 3-4th, which will feature presentations on SDN, peering data analysis, and streaming industry trends.
Public Blockchain technology like Ethereum is gaining interest and growing use case among startup and fintechs.
Apart from scalability issues which are going to be solved with new consensus and mining techniques (Ethereum Metropolis and Bitcoin SegWit2x with Lightning network), the privacy of transactions is still an issue which is not yet fully addressed. Due to the public nature of Ethereum, many businesses are reluctant to deploy Smart-contract or Dapps solutions for fear of exposing confidential or sensitive information.
The use of zk-SNARKs (zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”) essentially solves this blocker. Moreover, the next Ethereum Improvement Proposal called 'Byzantium' includes zk-SNARKS.
zk-SNARKs allows verification of the correctness of computations, without a verifier having to execute those computations or even learn what was actually executed. Using zk-SNARKs, a verifier can confirm that a computation happened correctly, with ‘zero-knowledge’ of the computation itself.
During this talk, we present a brief overview of cryptography and the theory around the zero-knowledge proof algorithm. Then we showcase the benefits of zk-SNARKS and other privacy-preserving techniques (like zcash) on the public blockchain ecosystem.
Privacy-preserving techniques using zero knowledge proof in public EthereumNagib Aouini
Public Blockchain technology like Ethereum is gaining interest and growing use case among startup and fintechs.
Apart from scalability issues which are going to be solved with new consensus and mining techniques (Ethereum Metropolis and Bitcoin SegWit2x with Lightning network),
privacy on transaction is still an issue which is not yet fully addressed yet. Because of the public nature of a Ethereum, many businesses are reluctant to deploy Smart-contract or Dapps solutions for fear of exposing confidential or sensitive information.
The use of zk SNARKs (zk-SNARK stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”) would essentially solve this dilemma (next EIP improvement of Ethereum called 'Byzantium' include zk SNARKS).
The idea of zk-SNARKs is that they allow verification of the correctness of computations, without a verifier having to execute those computations, or even learn what was actually executed. Using zk-SNARKs, a verifier can confirm that a computation happened correctly, with ‘zero-knowledge’ of the computation.
We propose during this talk to have a brief presentation on cryptography and theory around zero-knowledge proof algorithm.
Then we will try to showcase the benefits of zk-SNARKS and other privacy-preserving techniques (like zcash) on the public blockchain ecosystem.
This document discusses a secure digital signature approach for SMS security using ECDSA algorithm. It begins with an introduction to digital signatures and their technical details. It then discusses the legal recognition of digital signatures in India according to the Information Technology Act 2000. It describes SMS architecture and vulnerabilities. The document proposes using ECDSA algorithm to add non-repudiation to SMS through digital signatures. It analyzes the security of this approach and discusses checking it for vulnerabilities before concluding and citing references.
This document proposes a differentially private and secure aggregation protocol for federated learning using the hardness of Learning with Errors (LWE).
The key ideas are to have clients mask their private inputs with LWE noise before submitting to the server, perform a secure multi-party computation to sum the low-dimensional secret values, and have the server subtract the aggregate masks to obtain the sum. The LWE noise used for masking can also satisfy differential privacy if drawn from an appropriate Gaussian distribution. Experimental results show the protocol achieves nearly optimal communication compared to the state of the art with significantly improved performance for large models.
A Novel Key Distribution Scheme f or a Visual Crypto SystemIRJET Journal
This document proposes a novel key distribution scheme for visual cryptography. It begins with an introduction to cryptography and visual cryptography. It then describes the existing Diffie-Hellman key exchange algorithm. The proposed method generates a shared secret key through a multi-step process using asymmetric key cryptography and modulus operation on private keys and a public image. Both parties are able to derive the same symmetric key for encrypting future communications without directly transmitting their private keys. The methodology and implementation details are provided, along with experimental results demonstrating the generation of matching keys within 0.11 seconds on average.
Cryptography is where security engineering meets mathematics.The field of studyrelated to encoded
information comes from Greek word for ”secret writing” is cryptography.The art and science of hiding information
by embedding it in some otherdata is Steganography. The secret communication is carried through many
sourceslike image, audio and video files. This technique mainly proposes data hiding by embeddingthe message of
interest using geometric style of cryptographic algorithm,thus providing high security. Wavelet transform
algorithms are used to perform preprocessing of images.
Keywords —Cryptography, Steganography, Geometrical way of embedding, Wavelet transforms,DCT
The US government has announced plans to end its oversight role of the IANA functions and transfer stewardship to the global multistakeholder community. This represents a significant milestone, though the US has maintained a hands-off approach and others have assumed responsibilities for Internet operations. While some see this as ceding US control, it is actually a vote of confidence in inclusive decision making models. Netnod supports the multistakeholder approach and this transition affirms long-standing desires for private sector leadership in DNS management.
This document provides an overview of digital fingerprinting technology. It explains that digital fingerprinting can automatically identify phrases from confidential documents that appear in analyzed texts. The technology works by analyzing media like songs or videos to identify unique portions that can be matched to a database. Major companies like YouTube and Audible Magic use digital fingerprinting to identify copyrighted content and prevent unauthorized sharing. The document also discusses watermarking and how fingerprinting offers a more effective way to restrict copyrighted material than visible watermarks.
Total privacy of transactions, Mimblewimble and GrinEugene Pavlenko
Mimblewimble protocol, initially proposed in 2016 as a privacy and scaling solution for Bitcoin, is the essence of the latest cryptography and blockchain inventions of top scientists and core bitcoin developers.
Grin, is the famous implementation of this protocol, eagerly expected by industry. It was launched this year on the 15th of January as a separate blockchain and a completely private payment system with its own coin.
This document proposes enhancing an existing "Odd-Even Transposition Technique" for encrypting plaintext. The enhancement applies the "Rail-Fence Technique" to the cipher text for added complexity. The procedure involves numbering words in the plaintext as odd or even, arranging characters in a table based on their number, then reversing columns and words to generate the cipher text. Applying Rail-Fence Technique to the resulting cipher text further scrambles the text. The example provided encrypts the plaintext "change never informs its arrival" using this two-step process.
Quantum encryption technology is becoming more advanced and user-friendly. Several companies have introduced second-generation quantum encryption systems that are easier for network administrators to use. Additionally, recent developments have expanded the potential applications of this technology, such as protecting longer distance and wireless communications. While quantum cryptography has been studied for decades, it is now emerging from research labs as a viable security solution for organizations dealing with sensitive data.
IRJET- Formulation of a Secure Communication Protocol and its ImplementationIRJET Journal
1) The document proposes a secure communication protocol using symmetric cryptography techniques like the Hill cipher and RSA algorithm.
2) The protocol uses the Goldbach conjecture and Chen's theorem to generate prime numbers from large even integers exchanged over a secure channel. These primes are then used to generate keys.
3) Plaintext is encrypted using matrix multiplication with keys generated from an irrational number's decimal expansion. Integrity is ensured by encrypting a message digest comprising words from the plaintext. Recipients can decrypt and verify integrity using the same techniques.
Across the UK we are seeing more and more examples of smart city transformation. Key 'smart' sectors utilised by such Cities include transport, energy, health care, water and waste. Against the current background of economic, social, security and technological changes caused by the globalization and the integration process, cities in the UK face the challenge of combining competitiveness and sustainable urban development simultaneously.
A smart city is a place where the traditional networks and services are made more efficient with the use of digital and telecommunication technologies, for the benefit of its inhabitants and businesses. With this vision in mind, the European Union is investing in ICT research and innovation and developing policies to improve the quality of life of citizens and make cities more sustainable in view of Europe's 20-20-20 targets.
The smart city concept goes beyond the use of ICT for better resource use and less emissions. It means smarter urban transport networks, upgraded water supply and waste disposal facilities, and more efficient ways to light and heat buildings.
And it also encompasses a more interactive and responsive city administration, safer and secure public spaces.
Smart Cities UK 2017 Conference, Expo and Awards lead the way on addressing the best practice examples on smart transformation from across Cities within the United Kingdom whilst disseminating guidance and information transformation within waste, energy, transport, security and other key smart sectors.
The document discusses encryption technology and its importance for securing electronic data. It describes how encryption works using encryption keys to scramble plaintext into ciphertext. Symmetric key algorithms like DES and asymmetric key algorithms like RSA are explained. The document also covers digital signatures, latest encryption methods like virtual matrix encryption, and quantum cryptography. It concludes that encryption technology is an emerging field with better, more secure algorithms being developed to transfer information securely over networks.
This document discusses the implementation of a new steganography technique called BPCS-Steganography. Steganography hides secret data within other carrier data without leaving any visible evidence of alteration. Traditional techniques have limited capacity of less than 10% of the carrier size. The new technique embeds secrets in the bit-planes of an image carrier. It takes advantage of human inability to perceive shapes in complex binary patterns to replace "noise-like" bit-plane regions with secret data without affecting image quality. This allows hiding secret data up to 50% of the original image size. The document also discusses technologies, security considerations using RSA encryption, and a system study of the proposed technique versus existing work.
For a college course -- CNIT 140: "Cryptography for Computer Networks" at City College San Francisco
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_F17.shtml
Based on "Understanding Cryptography: A Textbook for Students and Practitioners" by Christof Paar, Jan Pelzl, and Bart Preneel, ISBN: 3642041000
The document discusses the history and techniques of steganography. It describes how steganography dates back to ancient Greece and was used to hide messages on objects like wax tablets and invisible inks. Modern steganography techniques hide information in digital files like images, audio and video by modifying features that are imperceptible to humans. Common techniques discussed are least significant bit insertion and discrete cosine transformation. The document also covers uses of steganography, its relationship with cryptography, limitations, detection methods, and future research directions like combining it with encryption and developing applications for media like video.
Similar to Privacy-preserving seamless digital infrastructures - why, what, how and when, Kristian Gjøsteen, NTNU (20)
The document discusses a project to analyze anonymized patient data and medical publications. Specifically:
1) The project aims to digitally analyze anonymized patient data and medical publications.
2) The challenge is to identify correlations in text information that can be used for further research and diagnosis.
3) Clinical expertise, big data analysis skills, and experience from related international projects are competencies needed for the project partners.
This document discusses enabling precision medicine in cancer through an open community-driven knowledge management system. It notes that each tumor has a unique set of somatic DNA alterations that affect drug response and resistance. The challenges are interpreting and prioritizing clinically actionable variants from ongoing clinical trials, electronic health records, biomedical literature, genomic databases, and other resources. The proposed solution is an integrated cancer knowledge base that combines these data sources using semantic web technologies and ontologies for clinical decision support. Community curation of evidence for actionable genomic events would specify levels, types, and directions of actionability.
This document discusses creating a digital and trustworthy evidence ecosystem to increase value and reduce waste in healthcare. It proposes integrating evidence-based medicine into electronic medical records through a multilayered guideline authoring and publication platform. This platform would provide structured, tagged content from individual studies, evidence profiles, and recommendations to guide clinicians and aid shared decision making with patients. New evidence would dynamically update guidelines to ensure best practices. The goal is to make knowledge translation more efficient and effective.
The document discusses a digital commons and open platform for interaction between data called "any14.com". It describes portable authorization where patient data can follow patients and external actors need access to sensitive data. Portable access tokens are proposed to allow approved operations on data through signed requests and tokens even when the third party is unknown. Partners are sought to contribute portable security technologies and analysis to a larger project group.
The document proposes an ICT-based personal healthcare system called Stress Management System (SMS) to help manage stress. It notes that stress can lead to heart disease and other health problems. The system would use wireless body sensors, mobile apps, and networks to accurately analyze stress levels, efficiently communicate stress measurements, and provide real-time responses to help manage stress. It is a collaborative project between several research institutions that aims to help address the growing problem of heart disease and mortality related to stress.
This talk will cover ScyllaDB Architecture from the cluster-level view and zoom in on data distribution and internal node architecture. In the process, we will learn the secret sauce used to get ScyllaDB's high availability and superior performance. We will also touch on the upcoming changes to ScyllaDB architecture, moving to strongly consistent metadata and tablets.
inQuba Webinar Mastering Customer Journey Management with Dr Graham HillLizaNolte
HERE IS YOUR WEBINAR CONTENT! 'Mastering Customer Journey Management with Dr. Graham Hill'. We hope you find the webinar recording both insightful and enjoyable.
In this webinar, we explored essential aspects of Customer Journey Management and personalization. Here’s a summary of the key insights and topics discussed:
Key Takeaways:
Understanding the Customer Journey: Dr. Hill emphasized the importance of mapping and understanding the complete customer journey to identify touchpoints and opportunities for improvement.
Personalization Strategies: We discussed how to leverage data and insights to create personalized experiences that resonate with customers.
Technology Integration: Insights were shared on how inQuba’s advanced technology can streamline customer interactions and drive operational efficiency.
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
"$10 thousand per minute of downtime: architecture, queues, streaming and fin...Fwdays
Direct losses from downtime in 1 minute = $5-$10 thousand dollars. Reputation is priceless.
As part of the talk, we will consider the architectural strategies necessary for the development of highly loaded fintech solutions. We will focus on using queues and streaming to efficiently work and manage large amounts of data in real-time and to minimize latency.
We will focus special attention on the architectural patterns used in the design of the fintech system, microservices and event-driven architecture, which ensure scalability, fault tolerance, and consistency of the entire system.
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...Alex Pruden
Folding is a recent technique for building efficient recursive SNARKs. Several elegant folding protocols have been proposed, such as Nova, Supernova, Hypernova, Protostar, and others. However, all of them rely on an additively homomorphic commitment scheme based on discrete log, and are therefore not post-quantum secure. In this work we present LatticeFold, the first lattice-based folding protocol based on the Module SIS problem. This folding protocol naturally leads to an efficient recursive lattice-based SNARK and an efficient PCD scheme. LatticeFold supports folding low-degree relations, such as R1CS, as well as high-degree relations, such as CCS. The key challenge is to construct a secure folding protocol that works with the Ajtai commitment scheme. The difficulty, is ensuring that extracted witnesses are low norm through many rounds of folding. We present a novel technique using the sumcheck protocol to ensure that extracted witnesses are always low norm no matter how many rounds of folding are used. Our evaluation of the final proof system suggests that it is as performant as Hypernova, while providing post-quantum security.
Paper Link: https://eprint.iacr.org/2024/257
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...DanBrown980551
This LF Energy webinar took place June 20, 2024. It featured:
-Alex Thornton, LF Energy
-Hallie Cramer, Google
-Daniel Roesler, UtilityAPI
-Henry Richardson, WattTime
In response to the urgency and scale required to effectively address climate change, open source solutions offer significant potential for driving innovation and progress. Currently, there is a growing demand for standardization and interoperability in energy data and modeling. Open source standards and specifications within the energy sector can also alleviate challenges associated with data fragmentation, transparency, and accessibility. At the same time, it is crucial to consider privacy and security concerns throughout the development of open source platforms.
This webinar will delve into the motivations behind establishing LF Energy’s Carbon Data Specification Consortium. It will provide an overview of the draft specifications and the ongoing progress made by the respective working groups.
Three primary specifications will be discussed:
-Discovery and client registration, emphasizing transparent processes and secure and private access
-Customer data, centering around customer tariffs, bills, energy usage, and full consumption disclosure
-Power systems data, focusing on grid data, inclusive of transmission and distribution networks, generation, intergrid power flows, and market settlement data
LF Energy Webinar: Carbon Data Specifications: Mechanisms to Improve Data Acc...
Privacy-preserving seamless digital infrastructures - why, what, how and when, Kristian Gjøsteen, NTNU
1. Privacy-preserving seamless digital
infrastructures
– why, what, how and when
Kristian Gjøsteen
Department of Mathematical Sciences
VERDIKT conference, April 26, 2012
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
2. 2
Contents
Why?
What?
How?
When?
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
3. 3
Privacy-Preserving Seamless Digital
Infrastructures
Funded by VERDIKT from 2008 to 2011.
One PhD student and one post.doc.
Department of Mathematical Sciences and Department of
Telematics at NTNU.
The cryptography group at Aarhus University, Denmark.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
4. 4
Recent Privacy Compromises
— One specific person’s tax return was shown to many.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
5. 4
Recent Privacy Compromises
— One specific person’s tax return was shown to many.
— Tracking users of a GSM network.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
6. 4
Recent Privacy Compromises
— One specific person’s tax return was shown to many.
— Tracking users of a GSM network.
— Eavesdropping on a GSM network.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
7. 4
Recent Privacy Compromises
— One specific person’s tax return was shown to many.
— Tracking users of a GSM network.
— Eavesdropping on a GSM network.
— HP stole the phone records of HP board members and
journalists.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
8. 4
Recent Privacy Compromises
— One specific person’s tax return was shown to many.
— Tracking users of a GSM network.
— Eavesdropping on a GSM network.
— HP stole the phone records of HP board members and
journalists.
— Bank employees used celebrity bank account transcripts as
entertainment.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
9. 4
Recent Privacy Compromises
— One specific person’s tax return was shown to many.
— Tracking users of a GSM network.
— Eavesdropping on a GSM network.
— HP stole the phone records of HP board members and
journalists.
— Bank employees used celebrity bank account transcripts as
entertainment.
— For years, bank employees sold celebrity account transcripts
to the Norwegian gossip magazine Se og Hør.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
10. 4
Recent Privacy Compromises
— One specific person’s tax return was shown to many.
— Tracking users of a GSM network.
— Eavesdropping on a GSM network.
— HP stole the phone records of HP board members and
journalists.
— Bank employees used celebrity bank account transcripts as
entertainment.
— For years, bank employees sold celebrity account transcripts
to the Norwegian gossip magazine Se og Hør.
— Deutsche Telecom used their mobile phone network to track
journalists’ movements.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
11. 5
A Solution?
Often, the problem is insecurely stored data. The obvious solution
is to stop storing the data.
Unfortunately, the EU data retention directive says that if the data is
generated, it must be stored. Storing data securely is expensive.
It would anyway not prevent Deutsche Telecom from attacking their
users.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
12. 6
Seamless
People want privacy.
People are not prepared to pay for privacy.
— How much privacy is achievable without increasing user-visible
complexity?
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
13. 7
Preserving Privacy
Privacy for mobile communication is:
— Nobody knows what I am saying.
— Nobody knows who I am talking to.
— Nobody knows where I am.
Today’s systems efficiently provide little or no privacy.
There are cryptographic schemes that provide almost perfect
privacy, but they are expensive and complicated.
— We need a trade-off.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
14. 8
Fundamental Idea
A fundamental idea in cryptographic research is to distribute
computation and knowledge among several parties.
Done correctly we can tolerate if some – but not all – parties are
malicious.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
15. 9
Anonymous Key Agreement
Anonymous key agreement may be a solution.
We have: One or more networks of radio towers, willing to talk to
phones near them.
Idea: Every time a user moves, he anonymously agrees on a key
with a new radio tower. Once the key is established, it can be used
for secure communication.
Note: If the user is communicating while moving, traffic analysis
alone will usually allow an attacker to trace the user.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
16. 10
Anonymous Key Agreement I
Signatures, group signatures and Diffie-Hellman.
User Network
gx
g y , sign(. . . )
groupsign(. . . )
But: § Group signatures are expensive. § Anyone with a radio can
force the network to do a lot of work. § Where do we send the bill
for data usage?
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
17. 11
Today’s Mobile Communications
We have three separate mobile networks in Norway.
We have ∞ virtual operators and resellers.
We can reuse the business model! The GSM networks no longer
sell network access directly. Instead, they sell capacity to virtual
operators (service providers in our terminology).
— The network provides connectivity.
— The service provider sends the bill.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
18. 12
Anonymous Key Agreement II
Public key encryption.
User Network S. Prov.
S, c = {U, n1 }ekS c
c k , c = {N, n1 , n2 , k }kUS
{k , n2 , . . . }k n2
ok
But: § A malicious service provider can do anything at the time of
key agreement. § Anyone with a radio can force a service provider
to do a lot of work.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
19. 13
Anonymous Key Agreement III
Public key encryption and Diffie-Hellman.
User Network S. Prov.
S, g x , c = {U, n1 }ekS c
c , gy k , c = {N, n1 , n2 , k }kUS
{n2 , . . . }k n2
ok
But: § A malicious service provider can do anything at the time of
key agreement. § Anyone with a radio can force a service provider
to do a lot of work.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
20. 14
Anonymous Key Agreement IV
Public key encryption, Diffie-Hellman and a signature.
User Network S. Prov.
S, g x , c = {U, n1 }ekS c
c , gy k , c = {N, n1 , n2 , k }kUS
{n2 , . . . }k n2
{. . . }skN ok
But: § Anyone with a radio can force a service provider to do a lot
of work.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
21. 15
Anonymous Key Agreement V
Identity tokens, Diffie-Hellman and a signature.
User Network S. Prov.
S, T = {U}kS , g x T , n1
c c = {T , N, n1 , n2 }kUS
n1
g y , {. . . }skN
{n2 , . . . }g xy n2
ok
But: § Identity tokens allow a tracing DoS-attack.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
22. 16
Anonymous Key Agreement VI
Identity tokens.
User Network S. Prov.
S, T = {U}kS T , n1
c k, c = {T , N, n1 , n2 , k}kUS
{k , n1 , n2 }k n2
ok
But: § A malicious service provider can do anything at the time of
key agreement. § Identity tokens allow a tracing DoS-attack.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
23. 17
Anonymous So What?
Different key agreement protocols have different security
properties. What happens when you build upon this base?
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
24. 18
Tomorrow’s NFC Payment Systems
Privacy for electronic payment is:
— Nobody knows where I am spending my money.
Today, electronic payment methods let the bank know where I
spend my money. Merchants can often tell when I make repeat
purchases.
New mobile phones can use near field communication to talk to a
merchants’ point-of-sale systems.
— NFC payment systems could be made privacy-preserving,
especially if we have a privacy-preserving mobile network.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
25. 19
Anonymous Payment
Blind signatures, privacy-preserving communication and NFC.
Bank User Merchant
pay
request(ch, . . . ) ch
issue signature
ch, signature
The merchant doesn’t know who you are, the bank doesn’t know
where you shop.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
26. 20
Cryptographic Security Proofs
Theoretical work:
— We needed an improved model for cryptographic security
proofs.
— We have studied one approach to machine-verifiable proofs.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
27. 21
E-valg 2011
We have contributed to the design and analysis of the
cryptosystem underlying the 2011 trial of internet voting in Norway.
— This is a seamless digital infrastructure just like the previous
examples. It was deployed and worked very well.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures
28. 22
When?
— Not gonna happen.
Our work will not change mobile phone networks or payment
infrastructures. But thanks to our work and E-valg 2011, we know
that it is possible to do better.
There’s no excuse not to do better for new infrastructures.
www.ntnu.no Kristian Gjøsteen, Privacy-preserving seamless digital infrastructures