By Sebastian Pape
Sebastian Pape discusses assorted situations for authentication. at the one hand, clients can't belief their units and however are looking to have the capacity to do safe authentication. nevertheless, clients won't are looking to be tracked whereas their merchant doesn't wish them to proportion their credentials. Many clients is probably not capable of confirm no matter if their equipment is reliable, i.e. it can comprise malware. One answer is to exploit visible cryptography for authentication. the writer generalizes this idea to human decipherable encryption schemes and establishes a courting to CAPTCHAS. He proposes a brand new safeguard version and provides the 1st visible encryption scheme which uses noise to complicate the adversary's activity. to avoid provider services from protecting their clients less than surveillance, nameless credentials can be used. although, occasionally it truly is fascinating to avoid the clients from sharing their credentials. the writer compares latest ways in line with non-transferable nameless credentials and proposes an process which mixes biometrics and smartcards.
Read Online or Download Authentication in Insecure Environments: Using Visual Cryptography and Non-Transferable Credentials in Practise PDF
Best information theory books
This ebook constitutes the refereed lawsuits of the fifth foreign XML Database Symposium, XSym 2007, held in Vienna, Austria, in September 2007 at the side of the foreign convention on Very huge info Bases, VLDB 2007. The eight revised complete papers including 2 invited talks and the prolonged summary of one panel consultation have been rigorously reviewed and chosen from 25 submissions.
Describes the transformation/movement of chemicals in a world context and is designed for classes facing a few features of biogeochemical cycles. equipped in 3 sections, it covers earth sciences, aspect cycles and a synthesis of latest environmental matters.
- Number Theory An Introduction via the Density of Primes
- Toeplitz and Circulant Matrices. A review
- A Wavelet Tour of Signal Processing, Second Edition (Wavelet Analysis & Its Applications)
Extra resources for Authentication in Insecure Environments: Using Visual Cryptography and Non-Transferable Credentials in Practise
Sample text
One way an adversary might be able to decrypt ciphertexts is by gaining access to the victim’s equipment used for decryption, even if she is unable to extract the key, for instance, by stealing a tamper-resistant cryptographic smartcard. A special variant of this attack is known as lunchtime attack or midnight attack alluding that the adversary exploits a brief absence of her victim [BDPR98, CS98]. Here the adversary is allowed to make adaptive chosen-ciphertext queries until she receives the challenge ciphertext (CCA1) and thus improves her attack.
This can either be applied to a complete run of a cryptographic algorithm or tried on internal operation stages. The latter especially affects smartcards, since, in general, smartcards have no internal clock [RE08, p. 73f] and therefore clock ticks have to be generated externally. This heavily eases the attacker’s effort to measure the timing of certain sub-parts of the cryptographic algorithm. As an example, we regard Montgomery’s algorithm for modular multiplication [Mon85] which also efficiently performs modular exponentiation [MvOV97, p.
The concept to ensure the authenticity of Bob’s public key with electronic signatures (see Sect. 2) and one ore more trusted certification authority is referred to as key management and results in a public key infrastructure (PKI). This in general includes procedures to create, manage, store, distribute, and revoke digital certificates [MvOV97, TS08]. In practise, asymmetric encryption schemes are computationally more intensive than symmetric encryption schemes, and thus, substantially slower (typically by a factor of hundreds to thousands times).