FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2808441497> ?p ?o ?g. }

• W2808441497 abstract "This thesis addresses the question whatcryptography can do for one personally, i.e., it looks at security and privacy challengesof individuals in today's world.In particular, this thesis solves a number of real-world problems, including secure handling ofpasswords used for authentication and how to extend digital signature schemesto allow for additional features. The presented protocols are provably secure under realistic assumptions, whileproviding state-of-the-art security and privacy guarantees.All proposed protocols are highly efficient, useful, yet deployable on a large scale, i.e., they aretruly practical, thus bridging the gap between theory and practice.This is demonstrated by providing performance evaluations and estimates of selected protocols.In more detail, this thesis is split up into two main parts.The first part of this thesis deals with protocolswhich allow a user to authenticate securely with a, potentially low-entropy, password which must beconsidered a valuable asset not to be made public.The second part applies several of the ideas given in the first part of this thesis to digital signatures.In particular, the ideas introduced add new possibilities and privacy features to this already very versatileprimitive.The first part of this thesis on protocols is split up into three sub-parts.The first sub-part addresses single sign-on (SSO) protocols.In existing work, ticket-granting server(s) can, e.g., impersonate users towards service providers or offline attacktheir passwords. To tackle this situation, two distributed password-based single sign-on (SSO) functionalities and their realizingprotocols are presented, where the password check and token generation is distributed among multiple entities.Both functionalities are formulated in the universal-composition (UC) framework. This guaranteessecurity in arbitrary contexts, while alsoabsorbing unavoidable practical limitations such as typos, correlated password attempts by usersand the case of guessed passwords into the definition.The first protocol offers the basic functionality one expects from such a distributed password-based SSO protocol, whilethe second protocol provides even more privacy guarantees.For example, the service providers no longer learn which other access rights an entity has, how long a token is validand allows to establish different identities, i.e., pseudonyms, with each service provider.The second sub-part introduces password-authenticated signatures, realizing virtual smart-cards, as real smart-cards have a number of serious drawbacks.For example, special smart-card readers are needed for usage and are not always available,while assuming that users always carry such readers with them is unrealistic.Virtual smart-cards circumvent these limitations by letting a user enter a passwordon a personal device, such as a smart-phone, to generate signatures on arbitrary messageswith the help of an additional server.This approach prevents an adversary from using the signing key, if a user loses a device without also entering the correct password.The server only contributes to signature generation,if the password entered was correct. Neither the server nor the device alone can mountattacks on the password or on the password attempts, while the server does not learn the messages signed.As for SSO, security is defined by providing an ideal functionality in the UC-framework, implyingthe same advantages.The realizing protocol is secure against adaptive adversaries, i.e.,an adversary can adaptively corrupt any protocol participants. To account for the main use-caseof lost devices, a new corruption model is introduced. Namely, the simulator does not receive all prior input and output upon corruption,which is necessary to model the case of lost devices such that the adversary does not receivethe prior password attempts. This is accompanied by a new non-committing encryption schemefor the receiver which requires secure erasures. The implementation of the given protocolshows that it even outperforms state-of-the-art smart-cards.In the third sub-part, a fully simulatable non-committing encryption scheme is introduced.In particular, the encryption scheme introduced for the virtual smart-cardsrequires secure erasures. However, this is not always a reasonable assumption. To tackle this situation,this part presents an extended definition and protocolwhich allows simulating non-interactive ciphertexts even without secure erasures in a fully adaptive way.Hence, the simulator can give away the randomness for secret key generation and the randomnessused for ciphertext generation to an adaptive adversary simultaneously. Such a non-interactive definition is in particular useful,if ciphertexts are further processed. This is demonstrated by providing the firstdefinition of UC-secure signcryption in a setting with adaptive corruptions without secure erasures, which was not possiblebefore. However, this part also comes with an impossibility result:it is proven that neither such an encryption scheme nor signcryption can be realized in non-idealized models.The second part of this thesis deals with digital signature schemes with additional features. Here, two main contributionsare presented. The first contribution of this part is about sanitizablesignature schemes. In already existing definitions of sanitizable signature schemes,a semi-trusted third party, named the sanitizer, can altersigner-chosen blocks of signed messages, but a third party can derive which parts are actually admissible.The newly introduced notion of invisible sanitizable signature schemes improves on this situation by also hiding which partsof a given message are sanitizable, adding an additional layer of privacy.To build this new primitive, the new notion of chameleon-hashes with ephemeral trapdoors is introduced.These chameleon-hashes allow one to find arbitrary collisions of a hash, if two trapdoors at the same time are known.One trapdoor is a long-term secret, while the second one is generated at hash generation.Finally, this thesis address the case of signing-right revocation.Nowadays, a certificate needs to be checked whether it is revoked at every signature verification.As verification naturally occurs more often, this negatively impacts on practicality, as thus network connectivity at verificationis required. The protocols presented solvethis by letting the signature itself vouch for the fact that the certificate was not revokedat signature generation time. This is achieved by letting a revocation authority contributeto signature generation. To account for privacy concerns, the authority does not learn the messages signed, while an extensionalso prohibits that the authority can link a signing protocol to the final signature.Summarized, this thesis presents provably secure protocols which are geared to be highly efficient and are of direct practical relevancefor personal usage, meaning that the primitives can directly be deployed and used, even in today's infrastructure." @default.
• W2808441497 created "2018-06-21" @default.
• W2808441497 creator A5005941408 @default.
• W2808441497 date "2018-01-01" @default.
• W2808441497 modified "2023-09-27" @default.
• W2808441497 title "Personal and Password-Based Cryptography" @default.
• W2808441497 hasPublicationYear "2018" @default.
• W2808441497 type Work @default.
• W2808441497 sameAs 2808441497 @default.
• W2808441497 citedByCount "0" @default.
• W2808441497 crossrefType "dissertation" @default.
• W2808441497 hasAuthorship W2808441497A5005941408 @default.
• W2808441497 hasConcept C109297577 @default.
• W2808441497 hasConcept C148417208 @default.
• W2808441497 hasConcept C174348530 @default.
• W2808441497 hasConcept C178489894 @default.
• W2808441497 hasConcept C2776362682 @default.
• W2808441497 hasConcept C38652104 @default.
• W2808441497 hasConcept C41008148 @default.
• W2808441497 hasConcept C89479133 @default.
• W2808441497 hasConcept C98705547 @default.
• W2808441497 hasConceptScore W2808441497C109297577 @default.
• W2808441497 hasConceptScore W2808441497C148417208 @default.
• W2808441497 hasConceptScore W2808441497C174348530 @default.
• W2808441497 hasConceptScore W2808441497C178489894 @default.
• W2808441497 hasConceptScore W2808441497C2776362682 @default.
• W2808441497 hasConceptScore W2808441497C38652104 @default.
• W2808441497 hasConceptScore W2808441497C41008148 @default.
• W2808441497 hasConceptScore W2808441497C89479133 @default.
• W2808441497 hasConceptScore W2808441497C98705547 @default.
• W2808441497 hasLocation W28084414971 @default.
• W2808441497 hasOpenAccess W2808441497 @default.
• W2808441497 hasPrimaryLocation W28084414971 @default.
• W2808441497 hasRelatedWork W1606647425 @default.
• W2808441497 hasRelatedWork W1719934069 @default.
• W2808441497 hasRelatedWork W1911825786 @default.
• W2808441497 hasRelatedWork W2065410314 @default.
• W2808441497 hasRelatedWork W2122637856 @default.
• W2808441497 hasRelatedWork W2140745722 @default.
• W2808441497 hasRelatedWork W2522793879 @default.
• W2808441497 hasRelatedWork W2669910391 @default.
• W2808441497 hasRelatedWork W2792499809 @default.
• W2808441497 hasRelatedWork W3011056175 @default.
• W2808441497 hasRelatedWork W3029128598 @default.
• W2808441497 hasRelatedWork W3093653934 @default.
• W2808441497 hasRelatedWork W3113474594 @default.
• W2808441497 hasRelatedWork W33948074 @default.
• W2808441497 hasRelatedWork W2187065807 @default.
• W2808441497 hasRelatedWork W2299560321 @default.
• W2808441497 hasRelatedWork W2316918370 @default.
• W2808441497 hasRelatedWork W2560611853 @default.
• W2808441497 hasRelatedWork W2794938419 @default.
• W2808441497 hasRelatedWork W2986744978 @default.
• W2808441497 isParatext "false" @default.
• W2808441497 isRetracted "false" @default.
• W2808441497 magId "2808441497" @default.
• W2808441497 workType "dissertation" @default.