WorldWideScience

Sample records for secure key rate

  1. Quantum-to-the-Home: Achieving Gbits/s Secure Key Rates via Commercial Off-the-Shelf Telecommunication Equipment

    Rameez Asif

    2017-01-01

    Full Text Available There is current significant interest in Fiber-to-the-Home (FTTH networks, that is, end-to-end optical connectivity. Currently, it may be limited due to the presence of last-mile copper wire connections. However, in near future, it is envisaged that FTTH connections will exist, and a key offering would be the possibility of optical encryption that can best be implemented using Quantum Key Distribution (QKD. However, it is very important that the QKD infrastructure is compatible with the already existing networks for a smooth transition and integration with the classical data traffic. In this paper, we report the feasibility of using off-the-shelf telecommunication components to enable high performance Continuous Variable-Quantum Key Distribution (CV-QKD systems that can yield secure key rates in the range of 100 Mbits/s under practical operating conditions. Multilevel phase modulated signals (m-PSK are evaluated in terms of secure key rates and transmission distances. The traditional receiver is discussed, aided by the phase noise cancellation based digital signal processing module for detecting the complex quantum signals. Furthermore, we have discussed the compatibility of multiplexers and demultiplexers for wavelength division multiplexed Quantum-to-the-Home (QTTH network and the impact of splitting ratio is analyzed. The results are thoroughly compared with the commercially available high-cost encryption modules.

  2. Secure quantum key distribution

    Lo, Hoi-Kwong; Curty, Marcos; Tamaki, Kiyoshi

    2014-08-01

    Secure communication is crucial in the Internet Age, and quantum mechanics stands poised to revolutionize cryptography as we know it today. In this Review, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After briefly introducing recent experimental progress and challenges, we survey the latest developments in quantum hacking and countermeasures against it.

  3. Security for Key Management Interfaces

    Kremer , Steve; Steel , Graham; Warinschi , Bogdan

    2011-01-01

    International audience; We propose a much-needed formal definition of security for cryptographic key management APIs. The advantages of our definition are that it is general, intuitive, and applicable to security proofs in both symbolic and computational models of cryptography. Our definition relies on an idealized API which allows only the most essential functions for generating, exporting and importing keys, and takes into account dynamic corruption of keys. Based on this we can define the ...

  4. The Key to School Security.

    Hotle, Dan

    1993-01-01

    In addition to legislative accessibility requirements, other security issues facing school administrators who select a security system include the following: access control; user friendliness; durability or serviceability; life safety precautions; possibility of vandalism, theft, and tampering; and key control. Offers steps to take in considering…

  5. Fundamental quantitative security in quantum key generation

    Yuen, Horace P.

    2010-01-01

    We analyze the fundamental security significance of the quantitative criteria on the final generated key K in quantum key generation including the quantum criterion d, the attacker's mutual information on K, and the statistical distance between her distribution on K and the uniform distribution. For operational significance a criterion has to produce a guarantee on the attacker's probability of correctly estimating some portions of K from her measurement, in particular her maximum probability of identifying the whole K. We distinguish between the raw security of K when the attacker just gets at K before it is used in a cryptographic context and its composition security when the attacker may gain further information during its actual use to help get at K. We compare both of these securities of K to those obtainable from conventional key expansion with a symmetric key cipher. It is pointed out that a common belief in the superior security of a quantum generated K is based on an incorrect interpretation of d which cannot be true, and the security significance of d is uncertain. Generally, the quantum key distribution key K has no composition security guarantee and its raw security guarantee from concrete protocols is worse than that of conventional ciphers. Furthermore, for both raw and composition security there is an exponential catch-up problem that would make it difficult to quantitatively improve the security of K in a realistic protocol. Some possible ways to deal with the situation are suggested.

  6. Secure Hybrid Encryption from Weakened Key Encapsulation

    D. Hofheinz (Dennis); E. Kiltz (Eike); A. Menezes

    2007-01-01

    textabstractWe put forward a new paradigm for building hybrid encryption schemes from constrained chosen-ciphertext secure (CCCA) key-encapsulation mechanisms (KEMs) plus authenticated symmetric encryption. Constrained chosen-ciphertext security is a new security notion for KEMs that we propose. It

  7. 76 FR 46603 - Security Ratings

    2011-08-03

    ... settled derivative securities). See Simplification of Registration of Reporting Requirements for Foreign... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No. 33-9245; 34-64975; File No. S7-18-08] RIN 3235-AK18 Security Ratings AGENCY: Securities and Exchange...

  8. Public key infrastructure for DOE security research

    Aiken, R.; Foster, I.; Johnston, W.E. [and others

    1997-06-01

    This document summarizes the Department of Energy`s Second Joint Energy Research/Defence Programs Security Research Workshop. The workshop, built on the results of the first Joint Workshop which reviewed security requirements represented in a range of mission-critical ER and DP applications, discussed commonalties and differences in ER/DP requirements and approaches, and identified an integrated common set of security research priorities. One significant conclusion of the first workshop was that progress in a broad spectrum of DOE-relevant security problems and applications could best be addressed through public-key cryptography based systems, and therefore depended upon the existence of a robust, broadly deployed public-key infrastructure. Hence, public-key infrastructure ({open_quotes}PKI{close_quotes}) was adopted as a primary focus for the second workshop. The Second Joint Workshop covered a range of DOE security research and deployment efforts, as well as summaries of the state of the art in various areas relating to public-key technologies. Key findings were that a broad range of DOE applications can benefit from security architectures and technologies built on a robust, flexible, widely deployed public-key infrastructure; that there exists a collection of specific requirements for missing or undeveloped PKI functionality, together with a preliminary assessment of how these requirements can be met; that, while commercial developments can be expected to provide many relevant security technologies, there are important capabilities that commercial developments will not address, due to the unique scale, performance, diversity, distributed nature, and sensitivity of DOE applications; that DOE should encourage and support research activities intended to increase understanding of security technology requirements, and to develop critical components not forthcoming from other sources in a timely manner.

  9. Secure image retrieval with multiple keys

    Liang, Haihua; Zhang, Xinpeng; Wei, Qiuhan; Cheng, Hang

    2018-03-01

    This article proposes a secure image retrieval scheme under a multiuser scenario. In this scheme, the owner first encrypts and uploads images and their corresponding features to the cloud; then, the user submits the encrypted feature of the query image to the cloud; next, the cloud compares the encrypted features and returns encrypted images with similar content to the user. To find the nearest neighbor in the encrypted features, an encryption with multiple keys is proposed, in which the query feature of each user is encrypted by his/her own key. To improve the key security and space utilization, global optimization and Gaussian distribution are, respectively, employed to generate multiple keys. The experiments show that the proposed encryption can provide effective and secure image retrieval for each user and ensure confidentiality of the query feature of each user.

  10. Triple symmetric key cryptosystem for data security

    Fuzail, C. Md; Norman, Jasmine; Mangayarkarasi, R.

    2017-11-01

    As the technology is getting spreads in the macro seconds of speed and in which the trend changing era from human to robotics the security issue is also getting increased. By means of using machine attacks it is very easy to break the cryptosystems in very less amount of time. Cryptosystem is a process which provides the security in all sorts of processes, communications and transactions to be done securely with the help of electronical mechanisms. Data is one such thing with the expanded implication and possible scraps over the collection of data to secure predominance and achievement, Information Security is the process where the information is protected from invalid and unverified accessibilities and data from mishandling. So the idea of Information Security has risen. Symmetric key which is also known as private key.Whereas the private key is mostly used to attain the confidentiality of data. It is a dynamic topic which can be implemented over different applications like android, wireless censor networks, etc. In this paper, a new mathematical manipulation algorithm along with Tea cryptosystem has been implemented and it can be used for the purpose of cryptography. The algorithm which we proposed is straightforward and more powerful and it will authenticate in harder way and also it will be very difficult to break by someone without knowing in depth about its internal mechanisms.

  11. Secure quantum key distribution using squeezed states

    Gottesman, Daniel; Preskill, John

    2001-01-01

    We prove the security of a quantum key distribution scheme based on transmission of squeezed quantum states of a harmonic oscillator. Our proof employs quantum error-correcting codes that encode a finite-dimensional quantum system in the infinite-dimensional Hilbert space of an oscillator, and protect against errors that shift the canonical variables p and q. If the noise in the quantum channel is weak, squeezing signal states by 2.51 dB (a squeeze factor e r =1.34) is sufficient in principle to ensure the security of a protocol that is suitably enhanced by classical error correction and privacy amplification. Secure key distribution can be achieved over distances comparable to the attenuation length of the quantum channel

  12. Security of practical quantum key distribution systems

    Jain, Nitin

    2015-02-24

    This thesis deals with practical security aspects of quantum key distribution (QKD) systems. At the heart of the theoretical model of any QKD system lies a quantum-mechanical security proof that guarantees perfect secrecy of messages - based on certain assumptions. However, in practice, deviations between the theoretical model and the physical implementation could be exploited by an attacker to break the security of the system. These deviations may arise from technical limitations and operational imperfections in the physical implementation and/or unrealistic assumptions and insufficient constraints in the theoretical model. In this thesis, we experimentally investigate in depth several such deviations. We demonstrate the resultant vulnerabilities via proof-of-principle attacks on a commercial QKD system from ID Quantique. We also propose countermeasures against the investigated loopholes to secure both existing and future QKD implementations.

  13. Secure Key Management in the Cloud

    Damgård, Ivan Bjerre; Jakobsen, Thomas Pelle; Nielsen, Jesper Buus

    2013-01-01

    information such as cryptographic keys. Applications like this include many cases where secure multiparty computation is outsourced to the cloud, and in particular a number of online auctions and benchmark computations with confidential inputs. We consider fully autonomous servers that switch between online......We consider applications involving a number of servers in the cloud that go through a sequence of online periods where the servers communicate, separated by offline periods where the servers are idle. During the offline periods, we assume that the servers need to securely store sensitive...... and offline periods without communicating with anyone from outside the cloud, and semi-autonomous servers that need a limited kind of assistance from outside the cloud when doing the transition. We study the levels of security one can – and cannot – obtain in this model, propose light-weight protocols...

  14. Simple security proof of quantum key distribution based on complementarity

    Koashi, M

    2009-01-01

    We present an approach to the unconditional security of quantum key distribution protocols based on a complementarity argument. The approach is applicable to, but not limited to, every case that has been treated via the argument by Shor and Preskill based on entanglement distillation, with a benefit of decoupling of the error correction from the privacy amplification. It can also treat cases with uncharacterized apparatuses. We derive a secure key rate for the Bennett-Brassard-1984 protocol with an arbitrary source characterized only by a single parameter representing the basis dependence.

  15. Unconditional security of quantum key distribution and the uncertainty principle

    Koashi, Masato

    2006-01-01

    An approach to the unconditional security of quantum key distribution protocols is presented, which is based on the uncertainty principle. The approach applies to every case that has been treated via the argument by Shor and Preskill, but it is not necessary to find quantum error correcting codes. It can also treat the cases with uncharacterized apparatuses. The proof can be applied to cases where the secret key rate is larger than the distillable entanglement

  16. Securing quantum key distribution systems using fewer states

    Islam, Nurul T.; Lim, Charles Ci Wen; Cahall, Clinton; Kim, Jungsang; Gauthier, Daniel J.

    2018-04-01

    Quantum key distribution (QKD) allows two remote users to establish a secret key in the presence of an eavesdropper. The users share quantum states prepared in two mutually unbiased bases: one to generate the key while the other monitors the presence of the eavesdropper. Here, we show that a general d -dimension QKD system can be secured by transmitting only a subset of the monitoring states. In particular, we find that there is no loss in the secure key rate when dropping one of the monitoring states. Furthermore, it is possible to use only a single monitoring state if the quantum bit error rates are low enough. We apply our formalism to an experimental d =4 time-phase QKD system, where only one monitoring state is transmitted, and obtain a secret key rate of 17.4 ±2.8 Mbits/s at a 4 dB channel loss and with a quantum bit error rate of 0.045 ±0.001 and 0.037 ±0.001 in time and phase bases, respectively, which is 58.4% of the secret key rate that can be achieved with the full setup. This ratio can be increased, potentially up to 100%, if the error rates in time and phase basis are reduced. Our results demonstrate that it is possible to substantially simplify the design of high-dimensional QKD systems, including those that use the spatial or temporal degrees of freedom of the photon, and still outperform qubit-based (d =2 ) protocols.

  17. Quantum cryptography to satellites for global secure key distribution

    Rarity, John G.; Gorman, Philip M.; Knight, Paul; Wallace, Kotska; Tapster, Paul R.

    2017-11-01

    We have designed and built a free space secure key exchange system using weak laser pulses with polarisation modulation by acousto-optic switching. We have used this system to exchange keys over a 1.2km ground range with absolute security. Building from this initial result we analyse the feasibility of exchanging keys to a low earth orbit satellite.

  18. Towards Comprehensive Food Security Measures: Comparing Key ...

    Food security is a multi-dimensional issue that has been difficult to measure comprehensively, given the one-dimensional focus of existing indicators. Three indicators dominate the food security measurement debate: Household Food Insecurity Access Scale (HFIAS), Dietary Diversity Score (DDS) and Coping Strategies ...

  19. 76 FR 8946 - Security Ratings

    2011-02-16

    ... grade securities (such as foreign currency or other cash settled derivative securities). See... investment grade securities (such as foreign currency or other cash settled derivative securities). See... SECURITIES AND EXCHANGE COMMISSION 17 CFR Parts 200, 229, 230, 232, 239, 240, and 249 [Release No...

  20. Infrared: A Key Technology for Security Systems

    Corsi, Carlo

    2012-01-01

    Infrared science and technology has been, since the first applications, mainly dedicated to security and surveillance especially in military field, besides specialized techniques in thermal imaging for medical diagnostic and building structures and recently in energy savings and aerospace context. Till recently the security applications were mainly based on thermal imaging as surveillance and warning military systems. In all these applications the advent of room temperature, more reliable due...

  1. Securing information using optically generated biometric keys

    Verma, Gaurav; Sinha, Aloka

    2016-11-01

    In this paper, we present a new technique to obtain biometric keys by using the fingerprint of a person for an optical image encryption system. The key generation scheme uses the fingerprint biometric information in terms of the amplitude mask (AM) and the phase mask (PM) of the reconstructed fingerprint image that is implemented using the digital holographic technique. Statistical tests have been conducted to check the randomness of the fingerprint PM key that enables its usage as an image encryption key. To explore the utility of the generated biometric keys, an optical image encryption system has been further demonstrated based on the phase retrieval algorithm and the double random phase encoding scheme in which keys for the encryption are used as the AM and the PM key. The advantage associated with the proposed scheme is that the biometric keys’ retrieval requires the simultaneous presence of the fingerprint hologram and the correct knowledge of the reconstruction parameters at the decryption stage, which not only verifies the authenticity of the person but also protects the valuable fingerprint biometric features of the keys. Numerical results are carried out to prove the feasibility and the effectiveness of the proposed encryption system.

  2. Secure key distribution by swapping quantum entanglement

    Song, Daegene

    2004-01-01

    We report two key distribution schemes achieved by swapping quantum entanglement. Using two Bell states, two bits of secret key can be shared between two distant parties that play symmetric and equal roles. We also address eavesdropping attacks against the schemes

  3. Towards understanding the known-key security of block ciphers

    Andreeva, Elena; Bogdanov, Andrey; Mennink, Bart

    2014-01-01

    ciphers based on ideal components such as random permutations and random functions as well as propose new generic known-key attacks on generalized Feistel ciphers. We introduce the notion of known-key indifferentiability to capture the security of such block ciphers under a known key. To show its...... meaningfulness, we prove that the known-key attacks on block ciphers with ideal primitives to date violate security under known-key indifferentiability. On the other hand, to demonstrate its constructiveness, we prove the balanced Feistel cipher with random functions and the multiple Even-Mansour cipher...... with random permutations known-key indifferentiable for a sufficient number of rounds. We note that known-key indifferentiability is more quickly and tightly attained by multiple Even-Mansour which puts it forward as a construction provably secure against known-key attacks....

  4. Secret key rates in quantum key distribution using Renyi entropies

    Abruzzo, Silvestre; Kampermann, Hermann; Mertz, Markus; Bratzik, Sylvia; Bruss, Dagmar [Institut fuer Theoretische Physik III, Heinrich-Heine-Universitaet Duesseldorf (Germany)

    2010-07-01

    The secret key rate r of a quantum key distribution protocol depends on the involved number of signals and the accepted ''failure probability''. We reconsider a method to calculate r focusing on the analysis of the privacy amplification given by R. Renner and R. Koenig (2005). This approach involves an optimization problem with an objective function depending on the Renyi entropy of the density operator describing the classical outcomes and the eavesdropper system. This problem is analyzed for a generic class of QKD protocols and the current research status is presented.

  5. A secure key agreement protocol based on chaotic maps

    Wang Xing-Yuan; Luan Da-Peng

    2013-01-01

    To guarantee the security of communication in the public channel, many key agreement protocols have been proposed. Recently, Gong et al. proposed a key agreement protocol based on chaotic maps with password sharing. In this paper, Gong et al.'s protocol is analyzed, and we find that this protocol exhibits key management issues and potential security problems. Furthermore, the paper presents a new key agreement protocol based on enhanced Chebyshev polynomials to overcome these problems. Through our analysis, our key agreement protocol not only provides mutual authentication and the ability to resist a variety of common attacks, but also solve the problems of key management and security issues existing in Gong et al.'s protocol

  6. Unbelievable security : Matching AES using public key systems

    Lenstra, A.K.; Boyd, C.

    2001-01-01

    The Advanced Encryption Standard (AES) provides three levels of security: 128, 192, and 256 bits. Given a desired level of security for the AES, this paper discusses matching public key sizes for RSA and the ElGamal family of protocols. For the latter both traditional multiplicative groups of finite

  7. Key Exchange Trust Evaluation in Peer-to-Peer Sensor Networks With Unconditionally Secure Key Exchange

    Gonzalez, Elias; Kish, Laszlo B.

    2016-03-01

    As the utilization of sensor networks continue to increase, the importance of security becomes more profound. Many industries depend on sensor networks for critical tasks, and a malicious entity can potentially cause catastrophic damage. We propose a new key exchange trust evaluation for peer-to-peer sensor networks, where part of the network has unconditionally secure key exchange. For a given sensor, the higher the portion of channels with unconditionally secure key exchange the higher the trust value. We give a brief introduction to unconditionally secured key exchange concepts and mention current trust measures in sensor networks. We demonstrate the new key exchange trust measure on a hypothetical sensor network using both wired and wireless communication channels.

  8. Key Management for Secure Multicast over IPv6 Wireless Networks

    Siddiqi Mohammad Umar

    2006-01-01

    Full Text Available Multicasting is an efficient method for transmission and routing of packets to multiple destinations using fewer network resources. Along with widespread deployment of wireless networks, secure multicast over wireless networks is an important and challenging goal. In this paper, we extend the scope of a recent new key distribution scheme to a security framework that offers a novel solution for secure multicast over IPv6 wireless networks. Our key management framework includes two scenarios for securely distributing the group key and rekey messages for joining and leaving a mobile host in secure multicast group. In addition, we perform the security analysis and provide performance comparisons between our approach and two recently published scenarios. The benefits of our proposed techniques are that they minimize the number of transmissions required to rekey the multicast group and impose minimal storage requirements on the multicast group. In addition, our proposed schemes are also very desirable from the viewpoint of transmission bandwidth savings since an efficient rekeying mechanism is provided for membership changes and they significantly reduce the required bandwidth due to key updating in mobile networks. Moreover, they achieve the security and scalability requirements in wireless networks.

  9. Randomness determines practical security of BB84 quantum key distribution

    Li, Hong-Wei; Yin, Zhen-Qiang; Wang, Shuang; Qian, Yong-Jun; Chen, Wei; Guo, Guang-Can; Han, Zheng-Fu

    2015-11-01

    Unconditional security of the BB84 quantum key distribution protocol has been proved by exploiting the fundamental laws of quantum mechanics, but the practical quantum key distribution system maybe hacked by considering the imperfect state preparation and measurement respectively. Until now, different attacking schemes have been proposed by utilizing imperfect devices, but the general security analysis model against all of the practical attacking schemes has not been proposed. Here, we demonstrate that the general practical attacking schemes can be divided into the Trojan horse attack, strong randomness attack and weak randomness attack respectively. We prove security of BB84 protocol under randomness attacking models, and these results can be applied to guarantee the security of the practical quantum key distribution system.

  10. Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

    Shafie, Ahmed El

    2017-06-12

    This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

  11. Secret-Key-Aided Scheme for Securing Untrusted DF Relaying Networks

    Shafie, Ahmed El; Salem, Ahmed Sultan; Mabrouk, Asma; Tourki, Kamel; Al-Dhahir, Naofal

    2017-01-01

    This paper proposes a new scheme to secure the transmissions in an untrusted decode-and-forward (DF) relaying network. A legitimate source node, Alice, sends her data to a legitimate destination node, Bob, with the aid of an untrusted DF relay node, Charlie. To secure the transmissions from Charlie during relaying time slots, each data codeword is secured using a secret-key codeword that has been previously shared between Alice and Bob during the perfectly secured time slots (i.e., when the channel secrecy rate is positive). The secret-key bits exchanged between Alice and Bob are stored in a finite-length buffer and are used to secure data transmission whenever needed. We model the secret-key buffer as a queueing system and analyze its Markov chain. Our numerical results show the gains of our proposed scheme relative to benchmarks. Moreover, the proposed scheme achieves an upper bound on the secure throughput.

  12. High speed and adaptable error correction for megabit/s rate quantum key distribution.

    Dixon, A R; Sato, H

    2014-12-02

    Quantum Key Distribution is moving from its theoretical foundation of unconditional security to rapidly approaching real world installations. A significant part of this move is the orders of magnitude increases in the rate at which secure key bits are distributed. However, these advances have mostly been confined to the physical hardware stage of QKD, with software post-processing often being unable to support the high raw bit rates. In a complete implementation this leads to a bottleneck limiting the final secure key rate of the system unnecessarily. Here we report details of equally high rate error correction which is further adaptable to maximise the secure key rate under a range of different operating conditions. The error correction is implemented both in CPU and GPU using a bi-directional LDPC approach and can provide 90-94% of the ideal secure key rate over all fibre distances from 0-80 km.

  13. Anticollusion Attack Noninteractive Security Hierarchical Key Agreement Scheme in WHMS

    Kefei Mao

    2016-01-01

    Full Text Available Wireless Health Monitoring Systems (WHMS have potential to change the way of health care and bring numbers of benefits to patients, physicians, hospitals, and society. However, there are crucial barriers not only to transmit the biometric information but also to protect the privacy and security of the patients’ information. The key agreement between two entities is an essential cryptography operation to clear the barriers. In particular, the noninteractive hierarchical key agreement scheme becomes an attractive direction in WHMS because each sensor node or gateway has limited resources and power. Recently, a noninteractive hierarchical key agreement scheme has been proposed by Kim for WHMS. However, we show that Kim’s cryptographic scheme is vulnerable to the collusion attack if the physicians can be corrupted. Obviously, it is a more practical security condition. Therefore, we proposed an improved key agreement scheme against the attack. Security proof, security analysis, and experimental results demonstrate that our proposed scheme gains enhanced security and more efficiency than Kim’s previous scheme while inheriting its qualities of one-round communication and security properties.

  14. Unconditionally secure key distillation from multi-photons in a single-photon polarization based quantum key distribution

    Tamaki, K

    2005-01-01

    In this presentation, we show some counter-examples to a naive belief that the security of QKD is based on no-cloning theorem. One example is shown by explicitly proving that one can indeed generate an unconditionally secure key from Alice's two-photon emission part in "SARG04 protocol" proposed by V. Scarani et al, in Phys. Rev. Lett. 92, 057901 (2004). This protocol differs from BB84 only in the classical communication. It is, thus, interesting to see how only the classical communication of QKD protocol might qualitatively change its security. We also show that one can generate an unconditionally secure key from the single to the four-photon part in a generalized SARG04 that uses six states. Finally, we also compare the bit error rate threshold of these protocols with the one in BB84 and the original six-state protocol assuming a depolarizing channel.

  15. Information Security Governanceas as Key Performance Indicator for Financial Institutions

    Krjukovs, D; Strauss, R

    2009-01-01

    Due to their nature financial institutions and their performance are in constant focus of attention from different stakeholder groups. These groups according to their functions and interests are implementing different sets of key performance indicators for financial institution performance assessment. In the proposed paper authors present a hypothesis of information security governance being a financial institution key performance indicator. Authors provide high level overview of ...

  16. Distributed public key schemes secure against continual leakage

    Akavia, Adi; Goldwasser, Shafi; Hazay, Carmit

    2012-01-01

    -secure against continual memory leakage. Our DPKE scheme also implies a secure storage system on leaky devices, where a value s can be secretely stored on devices that continually leak information about their internal state to an external attacker. The devices go through a periodic refresh protocol......In this work we study distributed public key schemes secure against continual memory leakage. The secret key will be shared among two computing devices communicating over a public channel, and the decryption operation will be computed by a simple 2-party protocol between the devices. Similarly...... against continual memory leakage, under the Bilinear Decisional Diffie-Hellman and $2$-linear assumptions. Our schemes have the following properties: 1. Our DPKE and DIBE schemes tolerate leakage at all times, including during refresh. During refresh the tolerated leakage is a (1/2-o (1),1)-fraction...

  17. Security of a single-state semi-quantum key distribution protocol

    Zhang, Wei; Qiu, Daowen; Mateus, Paulo

    2018-06-01

    Semi-quantum key distribution protocols are allowed to set up a secure secret key between two users. Compared with their full quantum counterparts, one of the two users is restricted to perform some "classical" or "semi-quantum" operations, which potentially makes them easily realizable by using less quantum resource. However, the semi-quantum key distribution protocols mainly rely on a two-way quantum channel. The eavesdropper has two opportunities to intercept the quantum states transmitted in the quantum communication stage. It may allow the eavesdropper to get more information and make the security analysis more complicated. In the past ten years, many semi-quantum key distribution protocols have been proposed and proved to be robust. However, there are few works concerning their unconditional security. It is doubted that how secure the semi-quantum ones are and how much noise they can tolerate to establish a secure secret key. In this paper, we prove the unconditional security of a single-state semi-quantum key distribution protocol proposed by Zou et al. (Phys Rev A 79:052312, 2009). We present a complete proof from information theory aspect by deriving a lower bound of the protocol's key rate in the asymptotic scenario. Using this bound, we figure out an error threshold value such that for all error rates that are less than this threshold value, the secure secret key can be established between the legitimate users definitely. Otherwise, the users should abort the protocol. We make an illustration of the protocol under the circumstance that the reverse quantum channel is a depolarizing one with parameter q. Additionally, we compare the error threshold value with some full quantum protocols and several existing semi-quantum ones whose unconditional security proofs have been provided recently.

  18. Security bound of continuous-variable quantum key distribution with noisy coherent states and channel

    Shen Yong; Yang Jian; Guo Hong

    2009-01-01

    Security of a continuous-variable quantum key distribution protocol based on noisy coherent states and channel is analysed. Assuming that the noise of coherent states is induced by Fred, a neutral party relative to others, we prove that the prepare-and-measurement scheme (P and M) and entanglement-based scheme (E-B) are equivalent. Then, we show that this protocol is secure against Gaussian collective attacks even if the channel is lossy and noisy, and, further, a lower bound to the secure key rate is derived.

  19. Security bound of continuous-variable quantum key distribution with noisy coherent states and channel

    Shen Yong; Yang Jian; Guo Hong, E-mail: hongguo@pku.edu.c [CREAM Group, State Key Laboratory of Advanced Optical Communication Systems and Networks (Peking University) and Institute of Quantum Electronics, School of Electronics Engineering and Computer Science, Peking University, Beijing 100871 (China)

    2009-12-14

    Security of a continuous-variable quantum key distribution protocol based on noisy coherent states and channel is analysed. Assuming that the noise of coherent states is induced by Fred, a neutral party relative to others, we prove that the prepare-and-measurement scheme (P and M) and entanglement-based scheme (E-B) are equivalent. Then, we show that this protocol is secure against Gaussian collective attacks even if the channel is lossy and noisy, and, further, a lower bound to the secure key rate is derived.

  20. High-Rate Field Demonstration of Large-Alphabet Quantum Key Distribution

    2016-10-12

    count rate of Bob’s detectors. In this detector-limited regime , it is advantageous to increase M to encode as much information as possible in each...High- rate field demonstration of large-alphabet quantum key distribution Catherine Lee,1, 2 Darius Bunandar,1 Zheshen Zhang,1 Gregory R. Steinbrecher...October 12, 2016) 2 Quantum key distribution (QKD) enables secure symmetric key exchange for information-theoretically secure com- munication via one-time

  1. Device calibration impacts security of quantum key distribution.

    Jain, Nitin; Wittmann, Christoffer; Lydersen, Lars; Wiechers, Carlos; Elser, Dominique; Marquardt, Christoph; Makarov, Vadim; Leuchs, Gerd

    2011-09-09

    Characterizing the physical channel and calibrating the cryptosystem hardware are prerequisites for establishing a quantum channel for quantum key distribution (QKD). Moreover, an inappropriately implemented calibration routine can open a fatal security loophole. We propose and experimentally demonstrate a method to induce a large temporal detector efficiency mismatch in a commercial QKD system by deceiving a channel length calibration routine. We then devise an optimal and realistic strategy using faked states to break the security of the cryptosystem. A fix for this loophole is also suggested.

  2. The ultimate security bounds of quantum key distribution protocols

    Nikolopoulos, G.M.; Alber, G.

    2005-01-01

    Full text: Quantum key distribution (QKD) protocols exploit quantum correlations in order to establish a secure key between two legitimate users. Recent work on QKD has revealed a remarkable link between quantum and secret correlations. In this talk we report on recent results concerning the ultimate upper security bounds of various QKD schemes (i.e., the maximal disturbance up to which the two legitimate users share quantum correlations) under the assumption of general coherent attacks. In particular, we derive an analytic expression for the ultimate upper security bound of QKD schemes that use two mutually unbiased bases. As long as the two legitimate users focus on the sifted key and treat each pair of data independently during the post processing, our results are valid for arbitrary dimensions of the information carriers. The bound we have derived is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is also discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions, however, such equivalence is generally no longer valid. (author)

  3. Study on the security of discrete-variable quantum key distribution over non-Markovian channels

    Huang Peng; Zhu Jun; He Guangqiang; Zeng Guihua

    2012-01-01

    The dynamic of the secret key rate of the discrete-variable quantum key distribution (QKD) protocol over the non-Markovian quantum channel is investigated. In particular, we calculate the secret key rate for the six-state protocol over non-Markovian depolarizing channels with coloured noise and Markovian depolarizing channels with Gaussian white noise, respectively. We find that the secure secret key rate for the non-Markovian depolarizing channel will be larger than the Markovian one under the same conditions even when their upper bounds of tolerable quantum bit error rate are equal. This indicates that this coloured noise in the non-Markovian depolarizing channel can enhance the security of communication. Moreover, we show that the secret key rate fluctuates near the secure point when the coupling strength of the system with the environment is high. The results demonstrate that the non-Markovian effects of the transmission channel can have a positive impact on the security of discrete-variable QKD. (paper)

  4. Security by quantum key distribution and IPSEC (SEQKEIP): feasibility

    Sfaxi, M.A.; Ghernaouti-Helie, S.; Ribordy, G; Gay, O.

    2005-01-01

    Full text: Classical cryptography algorithms are based on mathematical functions. The robustness of a given cryptosystem is based essentially on the secrecy of its (private) key and the difficulty with which the inverse of its one-way function(s) can be calculated. Unfortunately, there is no mathematical proof that will establish whether it is not possible to find the inverse of a given one-way function. On the contrary, quantum cryptography is a method for sharing secret keys, whose security can be formally demonstrated. It is based on the laws of physics. The possible applications of quantum cryptography are mainly linked to telecommunication services that require very high level of security. Quantum cryptography could be integrated in various existing concepts and protocols. One of the possible use of quantum cryptography is within IPSEC. The aim of this paper is to analyse the feasibility of using quantum cryptography in IPSEC and to present the estimated performances of this solution. (author)

  5. Device-independent quantum key distribution secure against collective attacks

    Pironio, Stefano; Gisin, Nicolas; AcIn, Antonio; Brunner, Nicolas; Massar, Serge; Scarani, Valerio

    2009-01-01

    Device-independent quantum key distribution (DIQKD) represents a relaxation of the security assumptions made in usual quantum key distribution (QKD). As in usual QKD, the security of DIQKD follows from the laws of quantum physics, but contrary to usual QKD, it does not rely on any assumptions about the internal working of the quantum devices used in the protocol. In this paper, we present in detail the security proof for a DIQKD protocol introduced in AcIn et al (2008 Phys. Rev. Lett. 98 230501). This proof exploits the full structure of quantum theory (as opposed to other proofs that exploit only the no-signaling principle), but only holds against collective attacks, where the eavesdropper is assumed to act on the quantum systems of the honest parties independently and identically in each round of the protocol (although she can act coherently on her systems at any time). The security of any DIQKD protocol necessarily relies on the violation of a Bell inequality. We discuss the issue of loopholes in Bell experiments in this context.

  6. Efficient quantum secure communication with a publicly known key

    Li Chunyan; Li Xihan; Deng Fuguo; Zhou Hongyu

    2008-01-01

    This paper presents a simple way for an eavesdropper to eavesdrop freely the secret message in the experimental realization of quantum communication protocol proposed by Beige et al (2002 Acta Phys. Pol. A 101 357). Moreover, it introduces an efficient quantum secure communication protocol based on a publicly known key with decoy photons and two biased bases by modifying the original protocol. The total efficiency of this new protocol is double that of the original one. With a low noise quantum channel, this protocol can be used for transmitting a secret message. At present, this protocol is good for generating a private key efficiently. (general)

  7. Shared Electronic Health Record Systems: Key Legal and Security Challenges.

    Christiansen, Ellen K; Skipenes, Eva; Hausken, Marie F; Skeie, Svein; Østbye, Truls; Iversen, Marjolein M

    2017-11-01

    Use of shared electronic health records opens a whole range of new possibilities for flexible and fruitful cooperation among health personnel in different health institutions, to the benefit of the patients. There are, however, unsolved legal and security challenges. The overall aim of this article is to highlight legal and security challenges that should be considered before using shared electronic cooperation platforms and health record systems to avoid legal and security "surprises" subsequent to the implementation. Practical lessons learned from the use of a web-based ulcer record system involving patients, community nurses, GPs, and hospital nurses and doctors in specialist health care are used to illustrate challenges we faced. Discussion of possible legal and security challenges is critical for successful implementation of shared electronic collaboration systems. Key challenges include (1) allocation of responsibility, (2) documentation routines, (3) and integrated or federated access control. We discuss and suggest how challenges of legal and security aspects can be handled. This discussion may be useful for both current and future users, as well as policy makers.

  8. Security analysis of the decoy method with the Bennett–Brassard 1984 protocol for finite key lengths

    Hayashi, Masahito; Nakayama, Ryota

    2014-01-01

    This paper provides a formula for the sacrifice bit-length for privacy amplification with the Bennett–Brassard 1984 protocol for finite key lengths, when we employ the decoy method. Using the formula, we can guarantee the security parameter for a realizable quantum key distribution system. The key generation rates with finite key lengths are numerically evaluated. The proposed method improves the existing key generation rate even in the asymptotic setting. (paper)

  9. Experimental aspects of deterministic secure quantum key distribution

    Walenta, Nino; Korn, Dietmar; Puhlmann, Dirk; Felbinger, Timo; Hoffmann, Holger; Ostermeyer, Martin [Universitaet Potsdam (Germany). Institut fuer Physik; Bostroem, Kim [Universitaet Muenster (Germany)

    2008-07-01

    Most common protocols for quantum key distribution (QKD) use non-deterministic algorithms to establish a shared key. But deterministic implementations can allow for higher net key transfer rates and eavesdropping detection rates. The Ping-Pong coding scheme by Bostroem and Felbinger[1] employs deterministic information encoding in entangled states with its characteristic quantum channel from Bob to Alice and back to Bob. Based on a table-top implementation of this protocol with polarization-entangled photons fundamental advantages as well as practical issues like transmission losses, photon storage and requirements for progress towards longer transmission distances are discussed and compared to non-deterministic protocols. Modifications of common protocols towards a deterministic quantum key distribution are addressed.

  10. Key on demand (KoD) for software-defined optical networks secured by quantum key distribution (QKD).

    Cao, Yuan; Zhao, Yongli; Colman-Meixner, Carlos; Yu, Xiaosong; Zhang, Jie

    2017-10-30

    Software-defined optical networking (SDON) will become the next generation optical network architecture. However, the optical layer and control layer of SDON are vulnerable to cyberattacks. While, data encryption is an effective method to minimize the negative effects of cyberattacks, secure key interchange is its major challenge which can be addressed by the quantum key distribution (QKD) technique. Hence, in this paper we discuss the integration of QKD with WDM optical networks to secure the SDON architecture by introducing a novel key on demand (KoD) scheme which is enabled by a novel routing, wavelength and key assignment (RWKA) algorithm. The QKD over SDON with KoD model follows two steps to provide security: i) quantum key pools (QKPs) construction for securing the control channels (CChs) and data channels (DChs); ii) the KoD scheme uses RWKA algorithm to allocate and update secret keys for different security requirements. To test our model, we define a security probability index which measures the security gain in CChs and DChs. Simulation results indicate that the security performance of CChs and DChs can be enhanced by provisioning sufficient secret keys in QKPs and performing key-updating considering potential cyberattacks. Also, KoD is beneficial to achieve a positive balance between security requirements and key resource usage.

  11. Security of a practical semi-device-independent quantum key distribution protocol against collective attacks

    Wang Yang; Bao Wan-Su; Li Hong-Wei; Zhou Chun; Li Yuan

    2014-01-01

    Similar to device-independent quantum key distribution (DI-QKD), semi-device-independent quantum key distribution (SDI-QKD) provides secure key distribution without any assumptions about the internal workings of the QKD devices. The only assumption is that the dimension of the Hilbert space is bounded. But SDI-QKD can be implemented in a one-way prepare-and-measure configuration without entanglement compared with DI-QKD. We propose a practical SDI-QKD protocol with four preparation states and three measurement bases by considering the maximal violation of dimension witnesses and specific processes of a QKD protocol. Moreover, we prove the security of the SDI-QKD protocol against collective attacks based on the min-entropy and dimension witnesses. We also show a comparison of the secret key rate between the SDI-QKD protocol and the standard QKD. (general)

  12. Security proof of continuous-variable quantum key distribution using three coherent states

    Brádler, Kamil; Weedbrook, Christian

    2018-02-01

    We introduce a ternary quantum key distribution (QKD) protocol and asymptotic security proof based on three coherent states and homodyne detection. Previous work had considered the binary case of two coherent states and here we nontrivially extend this to three. Our motivation is to leverage the practical benefits of both discrete and continuous (Gaussian) encoding schemes creating a best-of-both-worlds approach; namely, the postprocessing of discrete encodings and the hardware benefits of continuous ones. We present a thorough and detailed security proof in the limit of infinite signal states which allows us to lower bound the secret key rate. We calculate this is in the context of collective eavesdropping attacks and reverse reconciliation postprocessing. Finally, we compare the ternary coherent state protocol to other well-known QKD schemes (and fundamental repeaterless limits) in terms of secret key rates and loss.

  13. Building Secure Public Key Encryption Scheme from Hidden Field Equations

    Yuan Ping

    2017-01-01

    Full Text Available Multivariate public key cryptography is a set of cryptographic schemes built from the NP-hardness of solving quadratic equations over finite fields, amongst which the hidden field equations (HFE family of schemes remain the most famous. However, the original HFE scheme was insecure, and the follow-up modifications were shown to be still vulnerable to attacks. In this paper, we propose a new variant of the HFE scheme by considering the special equation x2=x defined over the finite field F3 when x=0,1. We observe that the equation can be used to further destroy the special structure of the underlying central map of the HFE scheme. It is shown that the proposed public key encryption scheme is secure against known attacks including the MinRank attack, the algebraic attacks, and the linearization equations attacks. The proposal gains some advantages over the original HFE scheme with respect to the encryption speed and public key size.

  14. Identifying the Key Weaknesses in Network Security at Colleges.

    Olsen, Florence

    2000-01-01

    A new study identifies and ranks the 10 security gaps responsible for most outsider attacks on college computer networks. The list is intended to help campus system administrators establish priorities as they work to increase security. One network security expert urges that institutions utilize multiple security layers. (DB)

  15. A Key Generation Model for Improving the Security of Cryptographic ...

    Cryptography is a mathematical technique that plays an important role in information security techniques for addressing authentication, interactive proofs, data origination, sender/receiver identity, non-repudiation, secure computation, data integrity and confidentiality, message integrity checking and digital signatures.

  16. Comparative study of key exchange and authentication methods in application, transport and network level security mechanisms

    Fathirad, Iraj; Devlin, John; Jiang, Frank

    2012-09-01

    The key-exchange and authentication are two crucial elements of any network security mechanism. IPsec, SSL/TLS, PGP and S/MIME are well-known security approaches in providing security service to network, transport and application layers; these protocols use different methods (based on their requirements) to establish keying materials and authenticates key-negotiation and participated parties. This paper studies and compares the authenticated key negotiation methods in mentioned protocols.

  17. Reliability of Calderbank-Shor-Steane codes and security of quantum key distribution

    Hamada, Mitsuru

    2004-01-01

    After Mayers (1996 Advances in Cryptography: Proc. Crypto'96 pp 343-57; 2001 J. Assoc. Comput. Mach. 48 351-406) gave a proof of the security of the Bennett-Brassard (1984 Proc. IEEE Int. Conf. on Computers, Systems and Signal Processing (Bangalore, India) pp 175-9) (BB84) quantum key distribution protocol, Shor and Preskill (2000 Phys. Rev. Lett. 85 441-4) made a remarkable observation that a Calderbank-Shor-Steane (CSS) code had been implicitly used in the BB84 protocol, and suggested its security could be proved by bounding the fidelity, say F n , of the incorporated CSS code of length n in the form 1-F n ≤ exp[-nE + o(n)] for some positive number E. This work presents such a number E = E(R) as a function of the rate of codes R, and a threshold R 0 such that E(R) > 0 whenever R 0 , which is larger than the achievable rate based on the Gilbert-Varshamov bound that is essentially given by Shor and Preskill. The codes in the present work are robust against fluctuations of channel parameters, which fact is needed to establish the security rigorously and was not proved for rates above the Gilbert-Varshamov rate before in the literature. As a byproduct, the security of a modified BB84 protocol against any joint (coherent) attacks is proved quantitatively

  18. On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys

    Junghyun Nam

    2014-01-01

    Full Text Available Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010: (1 the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2 the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3 the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.

  19. Quantum key distribution with finite resources: Secret key rates via Renyi entropies

    Abruzzo, Silvestre; Kampermann, Hermann; Mertz, Markus; Bruss, Dagmar [Institute for Theoretical Physics III, Heinrich-Heine-universitaet Duesseldorf, D-40225 Duesseldorf (Germany)

    2011-09-15

    A realistic quantum key distribution (QKD) protocol necessarily deals with finite resources, such as the number of signals exchanged by the two parties. We derive a bound on the secret key rate which is expressed as an optimization problem over Renyi entropies. Under the assumption of collective attacks by an eavesdropper, a computable estimate of our bound for the six-state protocol is provided. This bound leads to improved key rates in comparison to previous results.

  20. Quantum key distribution with finite resources: Secret key rates via Renyi entropies

    Abruzzo, Silvestre; Kampermann, Hermann; Mertz, Markus; Bruss, Dagmar

    2011-01-01

    A realistic quantum key distribution (QKD) protocol necessarily deals with finite resources, such as the number of signals exchanged by the two parties. We derive a bound on the secret key rate which is expressed as an optimization problem over Renyi entropies. Under the assumption of collective attacks by an eavesdropper, a computable estimate of our bound for the six-state protocol is provided. This bound leads to improved key rates in comparison to previous results.

  1. Wireless Physical Layer Security: On the Performance Limit of Secret-Key Agreement

    Zorgui, Marwen

    2015-05-01

    Physical layer security (PLS) is a new paradigm aiming at securing communications between legitimate parties at the physical layer. Conventionally, achieving confidentiality in communication networks relies on cryptographic techniques such as public-key cryptography, secret-key distribution and symmetric encryption. Such techniques are deemed secure based on the assumption of limited computational abilities of a wiretapper. Given the relentless progress in computational capacities and the dynamic topology and proliferation of modern wireless networks, the relevance of the previous techniques in securing communications is more and more questionable and less and less reliable. In contrast to this paradigm, PLS does not assume a specific computational power at any eavesdropper, its premise to guarantee provable security via employing channel coding techniques at the physical layer exploiting the inherent randomness in most communication systems. In this dissertation, we investigate a particular aspect of PLS, which is secret-key agreement, also known as secret-sharing. In this setup, two legitimate parties try to distill a secret-key via the observation of correlated signals through a noisy wireless channel, in the presence of an eavesdropper who must be kept ignorant of the secret-key. Additionally, a noiseless public channel is made available to the legitimate parties to exchange public messages that are also accessible to the eavesdropper. Recall that key agreement is an important aspect toward realizing secure communications in the sense that the key can be used in a one-time pad scheme to send the confidential message. In the first part, our focus is on secret-sharing over Rayleigh fading quasi-static channels. We study the fundamental relationship relating the probability of error and a given target secret-key rate in the high power regime. This is characterized through the diversity multiplexing tradeoff (DMT) concept, that we define for our model and then

  2. Report: Improvements Needed in Key EPA Information System Security Practices

    Report #10-P-0146, June 15, 2010. Williams Adley found that EPA program offices lacked evidence that they planned and executed tests of information system security controls as required by federal requirements.

  3. Fluctuations of Internal Transmittance in Security of Measurement-Device-Independent Quantum Key Distribution with an Untrusted Source*

    Wang Yang; Bao Wan-Su; Chen Rui-Ke; Zhou Chun; Jiang Mu-Sheng; Li Hong-Wei

    2017-01-01

    Measurement-device-independent quantum key distribution (MDI-QKD) is immune to detector side channel attacks, which is a crucial security loophole problem in traditional QKD. In order to relax a key assumption that the sources are trusted in MDI-QKD, an MDI-QKD protocol with an untrusted source has been proposed. For the security of MDI-QKD with an untrusted source, imperfections in the practical experiment should also be taken into account. In this paper, we analyze the effects of fluctuations of internal transmittance on the security of a decoy-state MDI-QKD protocol with an untrusted source. Our numerical results show that both the secret key rate and the maximum secure transmission distance decrease when taken fluctuations of internal transmittance into consideration. Especially, they are more sensitive when Charlie’s mean photon number per pulse is smaller. Our results emphasize that the stability of correlative optical devices is important for practical implementations . (paper)

  4. On the security of Y-00 under fast correlation and other attacks on the key

    Yuen, Horace P.; Nair, Ranjith

    2007-04-01

    The security of the Y-00 direct encryption protocol under correlation attack is addressed. A Y-00 configuration that is more secure than AES under known-plaintext attack is presented. It is shown that under any ciphertext-only attack, full information-theoretic security on the Y-00 seed key is obtained for any encryption box ENC with proper deliberate signal randomization.

  5. On the security of Y-00 under fast correlation and other attacks on the key

    Yuen, Horace P.; Nair, Ranjith

    2007-01-01

    The security of the Y-00 direct encryption protocol under correlation attack is addressed. A Y-00 configuration that is more secure than AES under known-plaintext attack is presented. It is shown that under any ciphertext-only attack, full information-theoretic security on the Y-00 seed key is obtained for any encryption box ENC with proper deliberate signal randomization

  6. Shor-Preskill-type security proof for quantum key distribution without public announcement of bases

    Hwang, Won-Young; Wang Xiangbin; Matsumoto, Keiji; Kim, Jaewan; Lee, Hai-Woong

    2003-01-01

    We give a Shor-Preskill-type security proof to quantum key distribution without public announcement of bases [W.Y. Hwang et al., Phys. Lett. A 244, 489 (1998)]. First, we modify the Lo-Chau protocol once more so that it finally reduces to the quantum key distribution without public announcement of bases. Then we show how we can estimate the error rate in the code bits based on that in the checked bits in the proposed protocol, which is the central point of the proof. We discuss the problem of imperfect sources and that of large deviation in the error rate distributions. We discuss when the bases sequence must be discarded

  7. Security of differential-phase-shift quantum key distribution against individual attacks

    Waks, Edo; Takesue, Hiroki; Yamamoto, Yoshihisa

    2006-01-01

    We derive a proof of security for the differential-phase-shift quantum key distribution protocol under the assumption that Eve is restricted to individual attacks. The security proof is derived by bounding the average collision probability, which leads directly to a bound on Eve's mutual information on the final key. The security proof applies to realistic sources based on pulsed coherent light. We then compare individual attacks to sequential attacks and show that individual attacks are more powerful

  8. Interferometric key readable security holograms with secrete-codes

    2Department of Applied Physics, Guru Jambheshwar University of Science & Technology,. Hisar 125 001, India. *E-mail: aka1945@rediffmail.com. MS received 21 ... A new method is described to create secrete-codes in the security holograms for enhancing ... ing, or falsification of the valuable products and documents.

  9. Interferometric key readable security holograms with secrete-codes

    A new method is described to create secrete-codes in the security holograms for enhancing their anti-counterfeiting characteristics. ... Scientific Instruments Organisation, Sector 30, Chandigarh 160 030, India; Department of Applied Physics, Guru Jambheshwar University of Science & Technology, Hisar 125 001, India ...

  10. Managing climatic risks for enhanced food security: Key information capabilities

    Balaghi, R.; Badjeck, M.C.; Bakari, D.; Pauw, de E.D.; Wit, de A.J.W.; Defourny, P.; Donato, S.; Gommes, R.; Jlibene, M.; Ravelo, A.C.; Sivakumar, M.V.K.; Telahigue, N.; Tychon, B.

    2010-01-01

    Food security is expected to face increasing challenges from climatic risks that are more and more exacerbated by climate change, especially in the developing world. This document lists some of the main capabilities that have been recently developed, especially in the area of operational

  11. Key rate of quantum key distribution with hashed two-way classical communication

    Watanabe, Shun; Matsumoto, Ryutaroh; Uyematsu, Tomohiko; Kawano, Yasuhito

    2007-01-01

    We propose an information reconciliation protocol that uses two-way classical communication. The key rates of quantum key distribution (QKD) protocols that use our protocol are higher than those using previously known protocols for a wide range of error rates for the Bennett-Brassard 1984 and six-state protocols. We also clarify the relation between the proposed and known QKD protocols, and the relation between the proposed protocol and entanglement distillation protocols

  12. Secure multi-party communication with quantum key distribution managed by trusted authority

    Nordholt, Jane Elizabeth; Hughes, Richard John; Peterson, Charles Glen

    2013-07-09

    Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution ("QKD") are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD are extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.

  13. Secure multi-party communication with quantum key distribution managed by trusted authority

    Hughes, Richard John; Nordholt, Jane Elizabeth; Peterson, Charles Glen

    2017-06-14

    Techniques and tools for implementing protocols for secure multi-party communication after quantum key distribution ("QKD") are described herein. In example implementations, a trusted authority facilitates secure communication between multiple user devices. The trusted authority distributes different quantum keys by QKD under trust relationships with different users. The trusted authority determines combination keys using the quantum keys and makes the combination keys available for distribution (e.g., for non-secret distribution over a public channel). The combination keys facilitate secure communication between two user devices even in the absence of QKD between the two user devices. With the protocols, benefits of QKD are extended to multi-party communication scenarios. In addition, the protocols can retain benefit of QKD even when a trusted authority is offline or a large group seeks to establish secure communication within the group.

  14. Security Issues of the Digital Certificates within Public Key Infrastructures

    2009-01-01

    Full Text Available The paper presents the basic byte level interpretation of an X.509 v3 digital certificate according to ASN.1 DER/BER encoding. The reasons for byte level analysis are various and important. For instance, a research paper has mentioned how a PKI security may be violated by MD5 collision over information from the certificates. In order to develop further studies on the topic a serious knowledge about certificate structure is necessary.

  15. Why nurses can be key partners in securing philanthropic investments.

    Rivet, Nicole

    2014-01-01

    Fund-raisers can truly benefit from collaborating with nurses when they are seeking philanthropic support for their health care systems. Fund-raising is about developing new relationships with potential prospects and strengthening those with current donors. Nurses frequently have some of the best relationships with patients, and they often lead efforts to improve the quality of care in their hospitals. Their professional experience and their ability to connect with people are invaluable skills that can help secure philanthropic investments.

  16. Secure Clustering and Symmetric Key Establishment in Heterogeneous Wireless Sensor Networks

    Azarderskhsh Reza

    2011-01-01

    Full Text Available Information security in infrastructureless wireless sensor networks (WSNs is one of the most important research challenges. In these networks, sensor nodes are typically sprinkled liberally in the field in order to monitor, gather, disseminate, and provide the sensed data to the command node. Various studies have focused on key establishment schemes in homogeneous WSNs. However, recent research has shown that achieving survivability in WSNs requires a hierarchy and heterogeneous infrastructure. In this paper, to address security issues in the heterogeneous WSNs, we propose a secure clustering scheme along with a deterministic pairwise key management scheme based on public key cryptography. The proposed security mechanism guarantees that any two sensor nodes located in the same cluster and routing path can directly establish a pairwise key without disclosing any information to other nodes. Through security performance evaluation, it is shown that the proposed scheme guarantees node-to-node authentication, high resiliency against node capture, and minimum memory space requirement.

  17. Common-signal-induced synchronization in photonic integrated circuits and its application to secure key distribution.

    Sasaki, Takuma; Kakesu, Izumi; Mitsui, Yusuke; Rontani, Damien; Uchida, Atsushi; Sunada, Satoshi; Yoshimura, Kazuyuki; Inubushi, Masanobu

    2017-10-16

    We experimentally achieve common-signal-induced synchronization in two photonic integrated circuits with short external cavities driven by a constant-amplitude random-phase light. The degree of synchronization can be controlled by changing the optical feedback phase of the two photonic integrated circuits. The change in the optical feedback phase leads to a significant redistribution of the spectral energy of optical and RF spectra, which is a unique characteristic of PICs with the short external cavity. The matching of the RF and optical spectra is necessary to achieve synchronization between the two PICs, and stable synchronization can be obtained over an hour in the presence of optical feedback. We succeed in generating information-theoretic secure keys and achieving the final key generation rate of 184 kb/s using the PICs.

  18. Mobility Based Key Management Technique for Multicast Security in Mobile Ad Hoc Networks

    B. Madhusudhanan

    2015-01-01

    Full Text Available In MANET multicasting, forward and backward secrecy result in increased packet drop rate owing to mobility. Frequent rekeying causes large message overhead which increases energy consumption and end-to-end delay. Particularly, the prevailing group key management techniques cause frequent mobility and disconnections. So there is a need to design a multicast key management technique to overcome these problems. In this paper, we propose the mobility based key management technique for multicast security in MANET. Initially, the nodes are categorized according to their stability index which is estimated based on the link availability and mobility. A multicast tree is constructed such that for every weak node, there is a strong parent node. A session key-based encryption technique is utilized to transmit a multicast data. The rekeying process is performed periodically by the initiator node. The rekeying interval is fixed depending on the node category so that this technique greatly minimizes the rekeying overhead. By simulation results, we show that our proposed approach reduces the packet drop rate and improves the data confidentiality.

  19. An Encryption Key for Secure Authentication: The Dynamic Solution

    Zubayr Khalid

    2017-06-01

    Full Text Available In modern day technology, the Information Society is at risk. Passwords are a multi-user computer systems usual first line of defence against intrusion. A password may be textual with any combination of alphanumeric characters or biometric or 3-D. But no authentication protocol is fully secured against todays hackers as all of them are Static in type. Dynamic authentication protocol is still a theoretical concept. In this paper, we are focusing on a concept of authentication technique which is actually dynamic in genre, i.e. the password here will change in t time (where t is as small as possible. This technique comprises of both hardware and software part. In this paper, we have covered the idea of generating an efficient algorithm that can work as the final in the Dynamic Password Authentication system. We have used standard deviation within statistics to generalize the possible password which is further secured by Feistel Block Cipher and Advanced Encryption Standard technique (AES, leading and following the said mathematics respectively. In order to allow the system to create variable password in the least time interval possible, we must make sure our process is not much complex.

  20. Strategies for Overcoming Key Barriers to Development of a National Security Workforce

    None

    2008-06-30

    This report documents the strategies for overcoming identified key barriers to development of an adequate national security workforce as part of the National Security Preparedness Project (NSPP) being performed under a Department of Energy (DOE) National Nuclear Security Administration (NNSA) grant. Many barriers currently exist that prevent the development of an adequate number of properly trained national security personnel. The identified strategies to address the barriers will focus on both short-term and long-term efforts, as well as strategies to capture legacy knowledge of retiring national security workforce personnel.

  1. Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

    Guo, Ying; Shi, Ronghua [School of Information Science and Engineering, Central South University, Changsha 410083 (China); Zeng, Guihua [Department of Electronic Engineering, Shanghai Jiaotong University, Shanghai 200030 (China)], E-mail: sdguoying@gmail.com, E-mail: rhshi@mail.edu.com, E-mail: ghzeng@sjtu.edu.cn

    2010-04-15

    A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

  2. Secure networking quantum key distribution schemes with Greenberger-Horne-Zeilinger states

    Guo, Ying; Shi, Ronghua; Zeng, Guihua

    2010-01-01

    A novel approach to quantum cryptography to be called NQKD, networking quantum key distribution, has been developed for secure quantum communication schemes on the basis of the complementary relations of entanglement Greenberger-Horne-Zeilinger (GHZ) triplet states. One scheme distributes the private key among legal participants in a probabilistic manner, while another transmits the deterministic message with some certainty. Some decoy photons are employed for preventing a potential eavesdropper from attacking quantum channels. The present schemes are efficient as there exists an elegant method for key distributions. The security of the proposed schemes is exactly guaranteed by the entanglement of the GHZ quantum system, which is illustrated in security analysis.

  3. Improved security proofs and constructions for public-key cryptography

    Pan, Jiaxin (M. Sc.)

    2016-01-01

    Diese Arbeit verbessert die Sicherheitsanalyse und Konstruktierbarkeit von Public-Key-Kryptographie: Der erste Teil der Arbeit schlägt einen vereinfachten Sicherheitsbeweis für digitale Signaturverfahren von kanonischen Identifikationsschemata über die klassischen Fiat-Shamir-Transformation im Random Oracle Modell vor. Der zweite Teil der Arbeit schlägt eine neue Variante der Message Authentication Codes (MACs) vor, die sogenannten affinen MACs. Außerdem wird eine generische Transform...

  4. Information security system based on virtual-optics imaging methodology and public key infrastructure

    Peng, Xiang; Zhang, Peng; Cai, Lilong

    In this paper, we present a virtual-optical based information security system model with the aid of public-key-infrastructure (PKI) techniques. The proposed model employs a hybrid architecture in which our previously published encryption algorithm based on virtual-optics imaging methodology (VOIM) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). For an asymmetric system, given an encryption key, it is computationally infeasible to determine the decryption key and vice versa. The whole information security model is run under the framework of PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOIM security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network.

  5. Quantum-locked key distribution at nearly the classical capacity rate.

    Lupo, Cosmo; Lloyd, Seth

    2014-10-17

    Quantum data locking is a protocol that allows for a small secret key to (un)lock an exponentially larger amount of information, hence yielding the strongest violation of the classical one-time pad encryption in the quantum setting. This violation mirrors a large gap existing between two security criteria for quantum cryptography quantified by two entropic quantities: the Holevo information and the accessible information. We show that the latter becomes a sensible security criterion if an upper bound on the coherence time of the eavesdropper's quantum memory is known. Under this condition, we introduce a protocol for secret key generation through a memoryless qudit channel. For channels with enough symmetry, such as the d-dimensional erasure and depolarizing channels, this protocol allows secret key generation at an asymptotic rate as high as the classical capacity minus one bit.

  6. Blockchain-based Public Key Infrastructure for Inter-Domain Secure Routing

    de la Rocha Gómez-Arevalillo , Alfonso; Papadimitratos , Panos

    2017-01-01

    International audience; A gamut of secure inter-domain routing protocols has been proposed in the literature. They use traditional PGP-like and centralized Public Key Infrastructures for trust management. In this paper, we propose our alternative approach for managing security associations, Secure Blockchain Trust Management (SBTM), a trust management system that instantiates a blockchain-based PKI for the operation of securerouting protocols. A main motivation for SBTM is to facilitate gradu...

  7. Information-theoretic security proof for quantum-key-distribution protocols

    Renner, Renato; Gisin, Nicolas; Kraus, Barbara

    2005-01-01

    We present a technique for proving the security of quantum-key-distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found. Using this technique, we investigate a general class of QKD protocols with one-way classical post-processing. We show that, in order to analyze the full security of these protocols, it suffices to consider collective attacks. Indeed, we give new lower and upper bounds on the secret-key rate which only involve entropies of two-qubit density operators and which are thus easy to compute. As an illustration of our results, we analyze the Bennett-Brassard 1984, the six-state, and the Bennett 1992 protocols with one-way error correction and privacy amplification. Surprisingly, the performance of these protocols is increased if one of the parties adds noise to the measurement data before the error correction. In particular, this additional noise makes the protocols more robust against noise in the quantum channel

  8. Information-theoretic security proof for quantum-key-distribution protocols

    Renner, Renato; Gisin, Nicolas; Kraus, Barbara

    2005-07-01

    We present a technique for proving the security of quantum-key-distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found. Using this technique, we investigate a general class of QKD protocols with one-way classical post-processing. We show that, in order to analyze the full security of these protocols, it suffices to consider collective attacks. Indeed, we give new lower and upper bounds on the secret-key rate which only involve entropies of two-qubit density operators and which are thus easy to compute. As an illustration of our results, we analyze the Bennett-Brassard 1984, the six-state, and the Bennett 1992 protocols with one-way error correction and privacy amplification. Surprisingly, the performance of these protocols is increased if one of the parties adds noise to the measurement data before the error correction. In particular, this additional noise makes the protocols more robust against noise in the quantum channel.

  9. Public Key Infrastructure (PKI) Interoperability: A Security Services Approach to Support Transfer of Trust

    Hansen, Anthony

    1999-01-01

    Public key infrastructure (PKI) technology is at a primitive stage characterized by deployment of PKIs that are engineered to support the provision of security services within individual enterprises, and are not able to support...

  10. A General Construction of IND-CCA2 Secure Public Key Encryption

    Kiltz, Eike; Malone-Lee, John

    2003-01-01

    We propose a general construction for public key encryption schemes that are IND-CCA2 secure in the random oracle model. We show that the scheme proposed in [1, 2] fits our general framework and moreover that our method of analysis leads to a more efficient security reduction....

  11. A Novel Re-keying Function Protocol (NRFP For Wireless Sensor Network Security

    Naif Alsharabi

    2008-12-01

    Full Text Available This paper describes a novel re-keying function protocol (NRFP for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs, covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

  12. A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security

    Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

    2008-01-01

    This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding innetwork processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks. PMID:27873963

  13. A Novel Re-keying Function Protocol (NRFP) For Wireless Sensor Network Security.

    Abdullah, Maan Younis; Hua, Gui Wei; Alsharabi, Naif

    2008-12-04

    This paper describes a novel re-keying function protocol (NRFP) for wireless sensor network security. A re-keying process management system for sensor networks is designed to support in-network processing. The design of the protocol is motivated by decentralization key management for wireless sensor networks (WSNs), covering key deployment, key refreshment, and key establishment. NRFP supports the establishment of novel administrative functions for sensor nodes that derive/re-derive a session key for each communication session. The protocol proposes direct connection, in-direct connection and hybrid connection. NRFP also includes an efficient protocol for local broadcast authentication based on the use of one-way key chains. A salient feature of the authentication protocol is that it supports source authentication without precluding in-network processing. Security and performance analysis shows that it is very efficient in computation, communication and storage and, that NRFP is also effective in defending against many sophisticated attacks.

  14. Overcoming the rate-distance limit of quantum key distribution without quantum repeaters.

    Lucamarini, M; Yuan, Z L; Dynes, J F; Shields, A J

    2018-05-01

    Quantum key distribution (QKD) 1,2 allows two distant parties to share encryption keys with security based on physical laws. Experimentally, QKD has been implemented via optical means, achieving key rates of 1.26 megabits per second over 50 kilometres of standard optical fibre 3 and of 1.16 bits per hour over 404 kilometres of ultralow-loss fibre in a measurement-device-independent configuration 4 . Increasing the bit rate and range of QKD is a formidable, but important, challenge. A related target, which is currently considered to be unfeasible without quantum repeaters 5-7 , is overcoming the fundamental rate-distance limit of QKD 8 . This limit defines the maximum possible secret key rate that two parties can distil at a given distance using QKD and is quantified by the secret-key capacity of the quantum channel 9 that connects the parties. Here we introduce an alternative scheme for QKD whereby pairs of phase-randomized optical fields are first generated at two distant locations and then combined at a central measuring station. Fields imparted with the same random phase are 'twins' and can be used to distil a quantum key. The key rate of this twin-field QKD exhibits the same dependence on distance as does a quantum repeater, scaling with the square-root of the channel transmittance, irrespective of who (malicious or otherwise) is in control of the measuring station. However, unlike schemes that involve quantum repeaters, ours is feasible with current technology and presents manageable levels of noise even on 550 kilometres of standard optical fibre. This scheme is a promising step towards overcoming the rate-distance limit of QKD and greatly extending the range of secure quantum communications.

  15. Symmetric Link Key Management for Secure Neighbor Discovery in a Decentralized Wireless Sensor Network

    2017-09-01

    KEY MANAGEMENT FOR SECURE NEIGHBOR DISCOVERY IN A DECENTRALIZED WIRELESS SENSOR NETWORK by Kelvin T. Chew September 2017 Thesis Advisor...and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188) Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2. REPORT...DATE September 2017 3. REPORT TYPE AND DATES COVERED Master’s thesis 4. TITLE AND SUBTITLE SYMMETRIC LINK KEY MANAGEMENT FOR SECURE NEIGHBOR

  16. Experimental quantum key distribution at 1.3 gigabit-per-second secret-key rate over a 10 dB loss channel

    Zhang, Zheshen; Chen, Changchen; Zhuang, Quntao; Wong, Franco N. C.; Shapiro, Jeffrey H.

    2018-04-01

    Quantum key distribution (QKD) enables unconditionally secure communication ensured by the laws of physics, opening a promising route to security infrastructure for the coming age of quantum computers. QKD’s demonstrated secret-key rates (SKRs), however, fall far short of the gigabit-per-second rates of classical communication, hindering QKD’s widespread deployment. QKD’s low SKRs are largely due to existing single-photon-based protocols’ vulnerability to channel loss. Floodlight QKD (FL-QKD) boosts SKR by transmitting many photons per encoding, while offering security against collective attacks. Here, we report an FL-QKD experiment operating at a 1.3 Gbit s‑1 SKR over a 10 dB loss channel. To the best of our knowledge, this is the first QKD demonstration that achieves a gigabit-per-second-class SKR, representing a critical advance toward high-rate QKD at metropolitan-area distances.

  17. Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems.

    Mishra, Dheerendra

    2015-03-01

    Smart card based authentication and key agreement schemes for telecare medicine information systems (TMIS) enable doctors, nurses, patients and health visitors to use smart cards for secure login to medical information systems. In recent years, several authentication and key agreement schemes have been proposed to present secure and efficient solution for TMIS. Most of the existing authentication schemes for TMIS have either higher computation overhead or are vulnerable to attacks. To reduce the computational overhead and enhance the security, Lee recently proposed an authentication and key agreement scheme using chaotic maps for TMIS. Xu et al. also proposed a password based authentication and key agreement scheme for TMIS using elliptic curve cryptography. Both the schemes provide better efficiency from the conventional public key cryptography based schemes. These schemes are important as they present an efficient solution for TMIS. We analyze the security of both Lee's scheme and Xu et al.'s schemes. Unfortunately, we identify that both the schemes are vulnerable to denial of service attack. To understand the security failures of these cryptographic schemes which are the key of patching existing schemes and designing future schemes, we demonstrate the security loopholes of Lee's scheme and Xu et al.'s scheme in this paper.

  18. Energy-efficient key distribution using electrocardiograph biometric set for secure communications in wireless body healthcare networks.

    Shi, Jinyang; Lam, Kwok-Yan; Gu, Ming; Li, Mingze; Chung, Siu-Leung

    2011-10-01

    Wireless body sensor network (WBSN) has gained significant interests as an important infrastructure for real-time biomedical healthcare systems, while the security of the sensitive health information becomes one of the main challenges. Due to the constraints of limited power, traditional cryptographic key distribution schemes are not suitable for WBSN. This paper proposes a novel energy-efficient approach, BodyKey, which can distribute the keys using the electrocardiograph biometrics. BodyKey represents the biometric features as ordered set, and deals with the biometric variations using set reconciliation. In this way, only limited necessary information needs to be communicated for key agreement, and the total energy consumption for key distribution can thus be reduced. Experiments on the PhysioBank Database show that BodyKey can perform an energy consumption rate of 0.01 mJ/bit with an equal accuracy rate of 97.28%, allowing the system to be used as an energy-efficient key distribution scheme for secure communications in WBSN.

  19. Key-Insulated Undetachable Digital Signature Scheme and Solution for Secure Mobile Agents in Electronic Commerce

    Yang Shi

    2016-01-01

    Full Text Available Considering the security of both the customers’ hosts and the eShops’ servers, we introduce the idea of a key-insulated undetachable digital signature, enabling mobile agents to generate undetachable digital signatures on remote hosts with the key-insulated property of the original signer’s signing key. From the theoretical perspective, we provide the formal definition and security notion of a key-insulated undetachable digital signature. From the practical perspective, we propose a concrete scheme to secure mobile agents in electronic commerce. The scheme is mainly focused on protecting the signing key from leakage and preventing the misuse of the signature algorithm on malicious servers. Agents do not carry the signing key when they generate digital signatures on behalf of the original signer, so the key is protected on remote servers. Furthermore, if a hacker gains the signing key of the original signer, the hacker is still unable to forge a signature for any time period other than the key being accessed. In addition, the encrypted function is combined with the original signer’s requirement to prevent the misuse of signing algorithm. The scheme is constructed on gap Diffie–Hellman groups with provable security, and the performance testing indicates that the scheme is efficient.

  20. Continuous-variable quantum authentication of physical unclonable keys: Security against an emulation attack

    Nikolopoulos, Georgios M.

    2018-01-01

    We consider a recently proposed entity authentication protocol in which a physical unclonable key is interrogated by random coherent states of light, and the quadratures of the scattered light are analyzed by means of a coarse-grained homodyne detection. We derive a sufficient condition for the protocol to be secure against an emulation attack in which an adversary knows the challenge-response properties of the key and moreover, he can access the challenges during the verification. The security analysis relies on Holevo's bound and Fano's inequality, and suggests that the protocol is secure against the emulation attack for a broad range of physical parameters that are within reach of today's technology.

  1. Semi-device-independent security of one-way quantum key distribution

    Pawlowski, Marcin; Brunner, Nicolas

    2011-01-01

    By testing nonlocality, the security of entanglement-based quantum key distribution (QKD) can be enhanced to being 'device-independent'. Here we ask whether such a strong form of security could also be established for one-way (prepare and measure) QKD. While fully device-independent security is impossible, we show that security can be guaranteed against individual attacks in a semi-device-independent scenario. In the latter, the devices used by the trusted parties are non-characterized, but t...

  2. Security of quantum key distributions with entangled qudits

    Durt, Thomas; Kaszlikowski, Dagomir; Chen, Jing-Ling; Kwek, L. C.

    2004-03-01

    We consider a generalization of Ekert's entanglement-based quantum cryptographic protocol where qubits are replaced by N - or d -dimensional systems (qudits). In order to study its robustness against optimal incoherent attacks, we derive the information gained by a potential eavesdropper during a cloning-based individual attack. In doing so, we generalize Cerf’s formalism for cloning machines and establish the form of the most general cloning machine that respects all the symmetries of the problem. We obtain an upper bound on the error rate that guarantees the confidentiality of qudit generalizations of the Ekert’s protocol for qubits.

  3. [Principles and methodology for ecological rehabilitation and security pattern design in key project construction].

    Chen, Li-Ding; Lu, Yi-He; Tian, Hui-Ying; Shi, Qian

    2007-03-01

    Global ecological security becomes increasingly important with the intensive human activities. The function of ecological security is influenced by human activities, and in return, the efficiency of human activities will also be affected by the patterns of regional ecological security. Since the 1990s, China has initiated the construction of key projects "Yangtze Three Gorges Dam", "Qinghai-Tibet Railway", "West-to-East Gas Pipeline", "West-to-East Electricity Transmission" and "South-to-North Water Transfer" , etc. The interaction between these projects and regional ecological security has particularly attracted the attention of Chinese government. It is not only important for the regional environmental protection, but also of significance for the smoothly implementation of various projects aimed to develop an ecological rehabilitation system and to design a regional ecological security pattern. This paper made a systematic analysis on the types and characteristics of key project construction and their effects on the environment, and on the basis of this, brought forward the basic principles and methodology for ecological rehabilitation and security pattern design in this construction. It was considered that the following issues should be addressed in the implementation of a key project: 1) analysis and evaluation of current regional ecological environment, 2) evaluation of anthropogenic disturbances and their ecological risk, 3) regional ecological rehabilitation and security pattern design, 4) scenario analysis of environmental benefits of regional ecological security pattern, 5) re-optimization of regional ecological system framework, and 6) establishment of regional ecosystem management plan.

  4. Efficient KDM-CCA Secure Public-Key Encryption via Auxiliary-Input Authenticated Encryption

    Shuai Han

    2017-01-01

    Full Text Available KDM[F]-CCA security of public-key encryption (PKE ensures the privacy of key-dependent messages f(sk which are closely related to the secret key sk, where f∈F, even if the adversary is allowed to make decryption queries. In this paper, we study the design of KDM-CCA secure PKE. To this end, we develop a new primitive named Auxiliary-Input Authenticated Encryption (AIAE. For AIAE, we introduce two related-key attack (RKA security notions, including IND-RKA and weak-INT-RKA. We present a generic construction of AIAE from tag-based hash proof system (HPS and one-time secure authenticated encryption (AE and give an instantiation of AIAE under the Decisional Diffie-Hellman (DDH assumption. Using AIAE as an essential building block, we give two constructions of efficient KDM-CCA secure PKE based on the DDH and the Decisional Composite Residuosity (DCR assumptions. Specifically, (i our first PKE construction is the first one achieving KDM[Faff]-CCA security for the set of affine functions and compactness of ciphertexts simultaneously. (ii Our second PKE construction is the first one achieving KDM[Fpolyd]-CCA security for the set of polynomial functions and almost compactness of ciphertexts simultaneously. Our PKE constructions are very efficient; in particular, they are pairing-free and NIZK-free.

  5. Physical Layer Secret-Key Generation Scheme for Transportation Security Sensor Network.

    Yang, Bin; Zhang, Jianfeng

    2017-06-28

    Wireless Sensor Networks (WSNs) are widely used in different disciplines, including transportation systems, agriculture field environment monitoring, healthcare systems, and industrial monitoring. The security challenge of the wireless communication link between sensor nodes is critical in WSNs. In this paper, we propose a new physical layer secret-key generation scheme for transportation security sensor network. The scheme is based on the cooperation of all the sensor nodes, thus avoiding the key distribution process, which increases the security of the system. Different passive and active attack models are analyzed in this paper. We also prove that when the cooperative node number is large enough, even when the eavesdropper is equipped with multiple antennas, the secret-key is still secure. Numerical results are performed to show the efficiency of the proposed scheme.

  6. Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks.

    Jung, Jaewook; Moon, Jongho; Lee, Donghoon; Won, Dongho

    2017-03-21

    At present, users can utilize an authenticated key agreement protocol in a Wireless Sensor Network (WSN) to securely obtain desired information, and numerous studies have investigated authentication techniques to construct efficient, robust WSNs. Chang et al. recently presented an authenticated key agreement mechanism for WSNs and claimed that their authentication mechanism can both prevent various types of attacks, as well as preserve security properties. However, we have discovered that Chang et al's method possesses some security weaknesses. First, their mechanism cannot guarantee protection against a password guessing attack, user impersonation attack or session key compromise. Second, the mechanism results in a high load on the gateway node because the gateway node should always maintain the verifier tables. Third, there is no session key verification process in the authentication phase. To this end, we describe how the previously-stated weaknesses occur and propose a security-enhanced version for WSNs. We present a detailed analysis of the security and performance of our authenticated key agreement mechanism, which not only enhances security compared to that of related schemes, but also takes efficiency into consideration.

  7. A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity.

    Amin, Ruhul; Biswas, G P

    2015-08-01

    Telecare medical information system (TMIS) makes an efficient and convenient connection between patient(s)/user(s) and doctor(s) over the insecure internet. Therefore, data security, privacy and user authentication are enormously important for accessing important medical data over insecure communication. Recently, many user authentication protocols for TMIS have been proposed in the literature and it has been observed that most of the protocols cannot achieve complete security requirements. In this paper, we have scrutinized two (Mishra et al., Xu et al.) remote user authentication protocols using smart card and explained that both the protocols are suffering against several security weaknesses. We have then presented three-factor user authentication and key agreement protocol usable for TMIS, which fix the security pitfalls of the above mentioned schemes. The informal cryptanalysis makes certain that the proposed protocol provides well security protection on the relevant security attacks. Furthermore, the simulator AVISPA tool confirms that the protocol is secure against active and passive attacks including replay and man-in-the-middle attacks. The security functionalities and performance comparison analysis confirm that our protocol not only provide strong protection on security attacks, but it also achieves better complexities along with efficient login and password change phase as well as session key verification property.

  8. A Survey of Public Key Infrastructure-Based Security for Mobile Communication Systems

    Mohammed Ramadan

    2016-08-01

    Full Text Available Mobile communication security techniques are employed to guard the communication between the network entities. Mobile communication cellular systems have become one of the most important communication systems in recent times and are used by millions of people around the world. Since the 1990s, considerable efforts have been taken to improve both the communication and security features of the mobile communications systems. However, these improvements divide the mobile communications field into different generations according to the communication and security techniques such as A3, A5 and A8 algorithms for 2G-GSM cellular system, 3G-authentication and key agreement (AKA, evolved packet system-authentication and key agreement (EPS-AKA, and long term evolution-authentication and key agreement (LTE-AKA algorithms for 3rd generation partnership project (3GPP systems. Furthermore, these generations have many vulnerabilities, and huge security work is involved to solve such problems. Some of them are in the field of the public key cryptography (PKC which requires a high computational cost and more network flexibility to be achieved. As such, the public key infrastructure (PKI is more compatible with the modern generations due to the superior communications features. This paper surveys the latest proposed works on the security of GSM, CDMA, and LTE cellular systems using PKI. Firstly, we present the security issues for each generation of mobile communication systems, then we study and analyze the latest proposed schemes and give some comparisons. Finally, we introduce some new directions for the future scope. This paper classifies the mobile communication security schemes according to the techniques used for each cellular system and covers some of the PKI-based security techniques such as authentication, key agreement, and privacy preserving.

  9. One-time pad, complexity of verification of keys, and practical security of quantum cryptography

    Molotkov, S. N., E-mail: sergei.molotkov@gmail.com [Russian Academy of Sciences, Institute of Solid State Physics (Russian Federation)

    2016-11-15

    A direct relation between the complexity of the complete verification of keys, which is one of the main criteria of security in classical systems, and a trace distance used in quantum cryptography is demonstrated. Bounds for the minimum and maximum numbers of verification steps required to determine the actual key are obtained.

  10. One-time pad, complexity of verification of keys, and practical security of quantum cryptography

    Molotkov, S. N.

    2016-01-01

    A direct relation between the complexity of the complete verification of keys, which is one of the main criteria of security in classical systems, and a trace distance used in quantum cryptography is demonstrated. Bounds for the minimum and maximum numbers of verification steps required to determine the actual key are obtained.

  11. One-way quantum key distribution: Simple upper bound on the secret key rate

    Moroder, Tobias; Luetkenhaus, Norbert; Curty, Marcos

    2006-01-01

    We present a simple method to obtain an upper bound on the achievable secret key rate in quantum key distribution (QKD) protocols that use only unidirectional classical communication during the public-discussion phase. This method is based on a necessary precondition for one-way secret key distillation; the legitimate users need to prove that there exists no quantum state having a symmetric extension that is compatible with the available measurements results. The main advantage of the obtained upper bound is that it can be formulated as a semidefinite program, which can be efficiently solved. We illustrate our results by analyzing two well-known qubit-based QKD protocols: the four-state protocol and the six-state protocol

  12. Virtual-optical information security system based on public key infrastructure

    Peng, Xiang; Zhang, Peng; Cai, Lilong; Niu, Hanben

    2005-01-01

    A virtual-optical based encryption model with the aid of public key infrastructure (PKI) is presented in this paper. The proposed model employs a hybrid architecture in which our previously published encryption method based on virtual-optics scheme (VOS) can be used to encipher and decipher data while an asymmetric algorithm, for example RSA, is applied for enciphering and deciphering the session key(s). The whole information security model is run under the framework of international standard ITU-T X.509 PKI, which is on basis of public-key cryptography and digital signatures. This PKI-based VOS security approach has additional features like confidentiality, authentication, and integrity for the purpose of data encryption under the environment of network. Numerical experiments prove the effectiveness of the method. The security of proposed model is briefly analyzed by examining some possible attacks from the viewpoint of a cryptanalysis.

  13. Security of public key encryption technique based on multiple chaotic systems

    Wang Kai; Pei Wenjiang; Zou Liuhua; Cheung Yiuming; He Zhenya

    2006-01-01

    Recently, a new public key encryption technique based on multiple chaotic systems has been proposed [B. Ranjan, Phys. Rev. Lett. 95 (2005) 098702]. This scheme employs m-chaotic systems and a set of linear functions for key exchange over an insecure channel. Security of the proposed algorithm grows as (NP) m , where N, P are the size of the key and the computational complexity of the linear functions respectively. In this Letter, the fundamental weakness of the cryptosystem is pointed out and a successful attack is described. Given the public keys and the initial vector, one can calculate the secret key based on Parseval's theorem. Both theoretical and experimental results show that the attacker can access to the secret key without difficulty. The lack of security discourages the use of such algorithm for practical applications

  14. A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    2009-01-01

    ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4’s physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist....... In particular we show that the End-to-End Application Key Establishment Protocol is flawed and we propose a secure protocol instead. We do so by using formal verification techniques based on static program analysis and process algebras. We present a way of using formal methods in wireless network security......, and propose a secure key establishment protocol for ZigBee networks....

  15. On the security of a novel key agreement protocol based on chaotic maps

    Xiang Tao; Wong, K.-W.; Liao Xiaofeng

    2009-01-01

    Recently, Xiao et al. proposed a novel key agreement protocol based on Chebyshev chaotic map. In this paper, the security of the protocol is analyzed, and two attack methods can be found in different scenarios. The essential principle of Xiao et al.'s scheme is summarized. It is also pointed out with proof that any attempt along this line to improve the security of Chebyshev map is redundant.

  16. Semi-device-independent security of one-way quantum key distribution

    Pawlowski, Marcin; Brunner, Nicolas

    2011-01-01

    By testing nonlocality, the security of entanglement-based quantum key distribution (QKD) can be enhanced to being ''device-independent.'' Here we ask whether such a strong form of security could also be established for one-way (prepare and measure) QKD. While fully device-independent security is impossible, we show that security can be guaranteed against individual attacks in a semi-device-independent scenario. In the latter, the devices used by the trusted parties are noncharacterized, but the dimensionality of the quantum systems used in the protocol is assumed to be bounded. Our security proof relies on the analogies between one-way QKD, dimension witnesses, and random-access codes.

  17. Asynchronous Group Key Distribution on top of the CC2420 Security Mechanisms for Sensor Networks

    Hansen, Morten Tranberg

    2009-01-01

    scheme with no time synchronization requirements. The scheme decreases the number of key updates by providing them on an as needed basis according to the amount of network traffic. We evaluate the CC2420 radio security mechanism and show how to use it as a basis to implement secure group communication......A sensor network is a network consisting of small, inexpensive, low-powered sensor nodes that communicate to complete a common task. Sensor nodes are characterized by having limited communication and computation capabilities, energy, and storage. They often are deployed in hostile environments...... creating a demand for encryption and authentication of the messages sent between them. Due to severe resource constraints on the sensor nodes, efficient key distribution schemes and secure communication protocols with low overhead are desired. In this paper we present an asynchronous group key distribution...

  18. Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach.

    Sanchez-Iborra, Ramon; Sánchez-Gómez, Jesús; Pérez, Salvador; Fernández, Pedro J; Santa, José; Hernández-Ramos, José L; Skarmeta, Antonio F

    2018-06-05

    Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT) field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN) already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN), which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa) and its layer-two supporter LoRa Wide Area Network (LoRaWAN), which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie⁻Hellman Over COSE (EDHOC) is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.

  19. Enhancing LoRaWAN Security through a Lightweight and Authenticated Key Management Approach

    Ramon Sanchez-Iborra

    2018-06-01

    Full Text Available Luckily, new communication technologies and protocols are nowadays designed considering security issues. A clear example of this can be found in the Internet of Things (IoT field, a quite recent area where communication technologies such as ZigBee or IPv6 over Low power Wireless Personal Area Networks (6LoWPAN already include security features to guarantee authentication, confidentiality and integrity. More recent technologies are Low-Power Wide-Area Networks (LP-WAN, which also consider security, but present initial approaches that can be further improved. An example of this can be found in Long Range (LoRa and its layer-two supporter LoRa Wide Area Network (LoRaWAN, which include a security scheme based on pre-shared cryptographic material lacking flexibility when a key update is necessary. Because of this, in this work, we evaluate the security vulnerabilities of LoRaWAN in the area of key management and propose different alternative schemes. Concretely, the application of an approach based on the recently specified Ephemeral Diffie–Hellman Over COSE (EDHOC is found as a convenient solution, given its flexibility in the update of session keys, its low computational cost and the limited message exchanges needed. A comparative conceptual analysis considering the overhead of different security schemes for LoRaWAN is carried out in order to evaluate their benefits in the challenging area of LP-WAN.

  20. Semi-quantum communication: protocols for key agreement, controlled secure direct communication and dialogue

    Shukla, Chitra; Thapliyal, Kishore; Pathak, Anirban

    2017-12-01

    Semi-quantum protocols that allow some of the users to remain classical are proposed for a large class of problems associated with secure communication and secure multiparty computation. Specifically, first-time semi-quantum protocols are proposed for key agreement, controlled deterministic secure communication and dialogue, and it is shown that the semi-quantum protocols for controlled deterministic secure communication and dialogue can be reduced to semi-quantum protocols for e-commerce and private comparison (socialist millionaire problem), respectively. Complementing with the earlier proposed semi-quantum schemes for key distribution, secret sharing and deterministic secure communication, set of schemes proposed here and subsequent discussions have established that almost every secure communication and computation tasks that can be performed using fully quantum protocols can also be performed in semi-quantum manner. Some of the proposed schemes are completely orthogonal-state-based, and thus, fundamentally different from the existing semi-quantum schemes that are conjugate coding-based. Security, efficiency and applicability of the proposed schemes have been discussed with appropriate importance.

  1. Password-only authenticated three-party key exchange with provable security in the standard model.

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Kim, Junghwan; Kang, Hyun-Kyu; Kim, Jinsoo; Paik, Juryon; Won, Dongho

    2014-01-01

    Protocols for password-only authenticated key exchange (PAKE) in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000), which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  2. Password-Only Authenticated Three-Party Key Exchange with Provable Security in the Standard Model

    Junghyun Nam

    2014-01-01

    Full Text Available Protocols for password-only authenticated key exchange (PAKE in the three-party setting allow two clients registered with the same authentication server to derive a common secret key from their individual password shared with the server. Existing three-party PAKE protocols were proven secure under the assumption of the existence of random oracles or in a model that does not consider insider attacks. Therefore, these protocols may turn out to be insecure when the random oracle is instantiated with a particular hash function or an insider attack is mounted against the partner client. The contribution of this paper is to present the first three-party PAKE protocol whose security is proven without any idealized assumptions in a model that captures insider attacks. The proof model we use is a variant of the indistinguishability-based model of Bellare, Pointcheval, and Rogaway (2000, which is one of the most widely accepted models for security analysis of password-based key exchange protocols. We demonstrated that our protocol achieves not only the typical indistinguishability-based security of session keys but also the password security against undetectable online dictionary attacks.

  3. Information theoretically secure, enhanced Johnson noise based key distribution over the smart grid with switched filters.

    Gonzalez, Elias; Kish, Laszlo B; Balog, Robert S; Enjeti, Prasad

    2013-01-01

    We introduce a protocol with a reconfigurable filter system to create non-overlapping single loops in the smart power grid for the realization of the Kirchhoff-Law-Johnson-(like)-Noise secure key distribution system. The protocol is valid for one-dimensional radial networks (chain-like power line) which are typical of the electricity distribution network between the utility and the customer. The speed of the protocol (the number of steps needed) versus grid size is analyzed. When properly generalized, such a system has the potential to achieve unconditionally secure key distribution over the smart power grid of arbitrary geometrical dimensions.

  4. Multi-party quantum key agreement protocol secure against collusion attacks

    Wang, Ping; Sun, Zhiwei; Sun, Xiaoqiang

    2017-07-01

    The fairness of a secure multi-party quantum key agreement (MQKA) protocol requires that all involved parties are entirely peer entities and can equally influence the outcome of the protocol to establish a shared key wherein no one can decide the shared key alone. However, it is found that parts of the existing MQKA protocols are sensitive to collusion attacks, i.e., some of the dishonest participants can collaborate to predetermine the final key without being detected. In this paper, a multi-party QKA protocol resisting collusion attacks is proposed. Different from previous QKA protocol resisting N-1 coconspirators or resisting 1 coconspirators, we investigate the general circle-type MQKA protocol which can be secure against t dishonest participants' cooperation. Here, t < N. We hope the results of the presented paper will be helpful for further research on fair MQKA protocols.

  5. Symmetric Stream Cipher using Triple Transposition Key Method and Base64 Algorithm for Security Improvement

    Nurdiyanto, Heri; Rahim, Robbi; Wulan, Nur

    2017-12-01

    Symmetric type cryptography algorithm is known many weaknesses in encryption process compared with asymmetric type algorithm, symmetric stream cipher are algorithm that works on XOR process between plaintext and key, to improve the security of symmetric stream cipher algorithm done improvisation by using Triple Transposition Key which developed from Transposition Cipher and also use Base64 algorithm for encryption ending process, and from experiment the ciphertext that produced good enough and very random.

  6. An Efficient and Secure Arbitrary N-Party Quantum Key Agreement Protocol Using Bell States

    Liu, Wen-Jie; Xu, Yong; Yang, Ching-Nung; Gao, Pei-Pei; Yu, Wen-Bin

    2018-01-01

    Two quantum key agreement protocols using Bell states and Bell measurement were recently proposed by Shukla et al. (Quantum Inf. Process. 13(11), 2391-2405, 2014). However, Zhu et al. pointed out that there are some security flaws and proposed an improved version (Quantum Inf. Process. 14(11), 4245-4254, 2015). In this study, we will show Zhu et al.'s improvement still exists some security problems, and its efficiency is not high enough. For solving these problems, we utilize four Pauli operations { I, Z, X, Y} to encode two bits instead of the original two operations { I, X} to encode one bit, and then propose an efficient and secure arbitrary N-party quantum key agreement protocol. In the protocol, the channel checking with decoy single photons is introduced to avoid the eavesdropper's flip attack, and a post-measurement mechanism is used to prevent against the collusion attack. The security analysis shows the present protocol can guarantee the correctness, security, privacy and fairness of quantum key agreement.

  7. Password-only authenticated three-party key exchange proven secure against insider dictionary attacks.

    Nam, Junghyun; Choo, Kim-Kwang Raymond; Paik, Juryon; Won, Dongho

    2014-01-01

    While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.

  8. Securing Metering Infrastructure of Smart Grid: A Machine Learning and Localization Based Key Management Approach

    Imtiaz Parvez

    2016-08-01

    Full Text Available In smart cities, advanced metering infrastructure (AMI of the smart grid facilitates automated metering, control and monitoring of power distribution by employing a wireless network. Due to this wireless nature of communication, there exist potential threats to the data privacy in AMI. Decoding the energy consumption reading, injecting false data/command signals and jamming the networks are some hazardous measures against this technology. Since a smart meter possesses limited memory and computational capability, AMI demands a light, but robust security scheme. In this paper, we propose a localization-based key management system for meter data encryption. Data are encrypted by the key associated with the coordinate of the meter and a random key index. The encryption keys are managed and distributed by a trusted third party (TTP. Localization of the meter is proposed by a method based on received signal strength (RSS using the maximum likelihood estimator (MLE. The received packets are decrypted at the control center with the key mapped with the key index and the meter’s coordinates. Additionally, we propose the k-nearest neighbors (kNN algorithm for node/meter authentication, capitalizing further on data transmission security. Finally, we evaluate the security strength of a data packet numerically for our method.

  9. Effectiveness of Taxicab Security Equipment in Reducing Driver Homicide Rates

    Menéndez, Cammie K.C.; Amandus, Harlan E.; Damadi, Parisa; Wu, Nan; Konda, Srinivas; Hendricks, Scott A.

    2015-01-01

    Background Taxicab drivers historically have had one of the highest work-related homicide rates of any occupation. In 2010 the taxicab driver homicide rate was 7.4 per 100,000 drivers, compared to the overall rate of 0.37 per 100,000 workers. Purpose Evaluate the effectiveness of taxicab security cameras and partitions on citywide taxicab driver homicide rates. Methods Taxicab driver homicide rates were compared in 26 major cities in the U.S. licensing taxicabs with security cameras (n=8); bullet-resistant partitions (n=7); and cities where taxicabs were not equipped with either security cameras or partitions (n=11). News clippings of taxicab driver homicides and the number of licensed taxicabs by city were used to construct taxicab driver homicide rates spanning 15 years (1996–2010). Generalized estimating equations were constructed to model the Poisson-distributed homicide rates on city-specific safety equipment installation status, controlling for city homicide rate and the concurrent decline of homicide rates over time. Data were analyzed in 2012. Results Cities with cameras experienced a threefold reduction in taxicab driver homicides compared with control cities (RR=0.27; 95% CI=0.12, 0.61; p=0.002). There was no difference in homicide rates for cities with partitions compared with control cities (RR=1.15; 95% CI=0.80, 1.64; p=0.575). Conclusions Municipal ordinances and company policies mandating security cameras appear to be highly effective in reducing taxicab driver deaths due to workplace violence. PMID:23790983

  10. Security analysis of orthogonal-frequency-division-multiplexing-based continuous-variable quantum key distribution with imperfect modulation

    Zhang, Hang; Mao, Yu; Huang, Duan; Li, Jiawei; Zhang, Ling; Guo, Ying

    2018-05-01

    We introduce a reliable scheme for continuous-variable quantum key distribution (CV-QKD) by using orthogonal frequency division multiplexing (OFDM). As a spectrally efficient multiplexing technique, OFDM allows a large number of closely spaced orthogonal subcarrier signals used to carry data on several parallel data streams or channels. We place emphasis on modulator impairments which would inevitably arise in the OFDM system and analyze how these impairments affect the OFDM-based CV-QKD system. Moreover, we also evaluate the security in the asymptotic limit and the Pirandola-Laurenza-Ottaviani-Banchi upper bound. Results indicate that although the emergence of imperfect modulation would bring about a slight decrease in the secret key bit rate of each subcarrier, the multiplexing technique combined with CV-QKD results in a desirable improvement on the total secret key bit rate which can raise the numerical value about an order of magnitude.

  11. Quantum-Secure Symmetric-Key Cryptography Based on Hidden Shifts

    Alagic, Gorjan; Russell, Alexander

    2017-01-01

    Recent results of Kaplan et al., building on work by Kuwakado and Morii, have shown that a wide variety of classically-secure symmetric-key cryptosystems can be completely broken by quantum chosen-plaintext attacks (qCPA). In such an attack, the quantum adversary has the ability to query the cryp...

  12. Efficient secure-channel free public key encryption with keyword search for EMRs in cloud storage.

    Guo, Lifeng; Yau, Wei-Chuen

    2015-02-01

    Searchable encryption is an important cryptographic primitive that enables privacy-preserving keyword search on encrypted electronic medical records (EMRs) in cloud storage. Efficiency of such searchable encryption in a medical cloud storage system is very crucial as it involves client platforms such as smartphones or tablets that only have constrained computing power and resources. In this paper, we propose an efficient secure-channel free public key encryption with keyword search (SCF-PEKS) scheme that is proven secure in the standard model. We show that our SCF-PEKS scheme is not only secure against chosen keyword and ciphertext attacks (IND-SCF-CKCA), but also secure against keyword guessing attacks (IND-KGA). Furthermore, our proposed scheme is more efficient than other recent SCF-PEKS schemes in the literature.

  13. Secret-key rates and privacy leakage in biometric systems

    Ignatenko, T.

    2009-01-01

    In this thesis both the generation of secret keys from biometric data and the binding of secret keys to biometric data are investigated. These secret keys can be used to regulate access to sensitive data, services, and environments. In a biometric secrecy system a secret key is generated or chosen

  14. Provably-Secure Authenticated Group Diffie-Hellman KeyExchange

    Bresson, Emmanuel; Chevassut, Olivier; Pointcheval, David

    2007-01-01

    Authenticated key exchange protocols allow two participantsA and B, communicating over a public network and each holding anauthentication means, to exchange a shared secret value. Methods designedto deal with this cryptographic problem ensure A (resp. B) that no otherparticipants aside from B (resp. A) can learn any information about theagreed value, and often also ensure A and B that their respective partnerhas actually computed this value. A natural extension to thiscryptographic method is to consider a pool of participants exchanging ashared secret value and to provide a formal treatment for it. Startingfrom the famous 2-party Diffie-Hellman (DH) key exchange protocol, andfrom its authenticated variants, security experts have extended it to themulti-party setting for over a decade and completed a formal analysis inthe framework of modern cryptography in the past few years. The presentpaper synthesizes this body of work on the provably-secure authenticatedgroup DH key exchange.

  15. Secure Trust Based Key Management Routing Framework for Wireless Sensor Networks

    Jugminder Kaur

    2016-01-01

    Full Text Available Security is always a major concern in wireless sensor networks (WSNs. Several trust based routing protocols are designed that play an important role in enhancing the performance of a wireless network. However they still have some disadvantages like limited energy resources, susceptibility to physical capture, and little protection against various attacks due to insecure wireless communication channels. This paper presents a secure trust based key management (STKF routing framework that establishes a secure trustworthy route depending upon the present and past node to node interactions. This route is then updated by isolating the malicious or compromised nodes from the route, if any, and a dedicated link is created between every pair of nodes in the selected route with the help of “q” composite random key predistribution scheme (RKPS to ensure data delivery from source to destination. The performance of trust aware secure routing framework (TSRF is compared with the proposed routing scheme. The results indicate that STKF provides an effective mechanism for finding out a secure route with better trustworthiness than TSRF which avoids the data dropping, thereby increasing the data delivery ratio. Also the distance required to reach the destination in the proposed protocol is less hence effectively utilizing the resources.

  16. Meta-Key: A Secure Data-Sharing Protocol under Blockchain-Based Decentralised Storage Architecture

    Fu, Yue

    2017-01-01

    In this paper a secure data-sharing protocol under blockchain-based decentralised storage architecture is proposed, which fulfils users who need to share their encrypted data on-cloud. It implements a remote data-sharing mechanism that enables data owners to share their encrypted data to other users without revealing the original key. Nor do they have to download on-cloud data with re-encryption and re-uploading. Data security as well as efficiency are ensured by symmetric encryption, whose k...

  17. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-01

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes. PMID:29324719

  18. Simple proof of the unconditional security of the Bennett 1992 quantum key distribution protocol

    Zhang Quan; Tang Chaojing

    2002-01-01

    It is generally accepted that quantum key distribution (QKD) could supply legitimate users with unconditional security during their communication. Quite a lot of satisfactory efforts have been achieved on experimentations with quantum cryptography. However, when the eavesdropper has extra-powerful computational ability, has access to a quantum computer, for example, and can carry into execution any eavesdropping measurement that is allowed by the laws of physics, the security against such attacks has not been widely studied and rigorously proved for most QKD protocols. Quite recently, Shor and Preskill proved concisely the unconditional security of the Bennett-Brassard 1984 (BB84) protocol. Their method is highly valued for its clarity of concept and concision of form. In order to take advantage of the Shor-Preskill technique in their proof of the unconditional security of the BB84 QKD protocol, we introduced in this paper a transformation that can translate the Bennett 1992 (B92) protocol into the BB84 protocol. By proving that the transformation leaks no more information to the eavesdropper, we proved the unconditional security of the B92 protocol. We also settled the problem proposed by Lo about how to prove the unconditional security of the B92 protocol with the Shor-Preskill method

  19. An Enhanced Secure Identity-Based Certificateless Public Key Authentication Scheme for Vehicular Sensor Networks.

    Li, Congcong; Zhang, Xi; Wang, Haiping; Li, Dongfeng

    2018-01-11

    Vehicular sensor networks have been widely applied in intelligent traffic systems in recent years. Because of the specificity of vehicular sensor networks, they require an enhanced, secure and efficient authentication scheme. Existing authentication protocols are vulnerable to some problems, such as a high computational overhead with certificate distribution and revocation, strong reliance on tamper-proof devices, limited scalability when building many secure channels, and an inability to detect hardware tampering attacks. In this paper, an improved authentication scheme using certificateless public key cryptography is proposed to address these problems. A security analysis of our scheme shows that our protocol provides an enhanced secure anonymous authentication, which is resilient against major security threats. Furthermore, the proposed scheme reduces the incidence of node compromise and replication attacks. The scheme also provides a malicious-node detection and warning mechanism, which can quickly identify compromised static nodes and immediately alert the administrative department. With performance evaluations, the scheme can obtain better trade-offs between security and efficiency than the well-known available schemes.

  20. An adaptive secret key-directed cryptographic scheme for secure transmission in wireless sensor networks

    Muhammad, K.; Jan, Z.; Khan, Z

    2015-01-01

    Wireless Sensor Networks (WSNs) are memory and bandwidth limited networks whose main goals are to maximize the network lifetime and minimize the energy consumption and transmission cost. To achieve these goals, different techniques of compression and clustering have been used. However, security is an open and major issue in WSNs for which different approaches are used, both in centralized and distributed WSNs' environments. This paper presents an adaptive cryptographic scheme for secure transmission of various sensitive parameters, sensed by wireless sensors to the fusion center for further processing in WSNs such as military networks. The proposed method encrypts the sensitive captured data of sensor nodes using various encryption procedures (bitxor operation, bits shuffling, and secret key based encryption) and then sends it to the fusion center. At the fusion center, the received encrypted data is decrypted for taking further necessary actions. The experimental results with complexity analysis, validate the effectiveness and feasibility of the proposed method in terms of security in WSNs. (author)

  1. Device independent quantum key distribution secure against coherent attacks with memoryless measurement devices

    McKague, Matthew

    2009-01-01

    Device independent quantum key distribution (QKD) aims to provide a higher degree of security than traditional QKD schemes by reducing the number of assumptions that need to be made about the physical devices used. The previous proof of security by Pironio et al (2009 New J. Phys. 11 045021) applies only to collective attacks where the state is identical and independent and the measurement devices operate identically for each trial in the protocol. We extend this result to a more general class of attacks where the state is arbitrary and the measurement devices have no memory. We accomplish this by a reduction of arbitrary adversary strategies to qubit strategies and a proof of security for qubit strategies based on the previous proof by Pironio et al and techniques adapted from Renner.

  2. Security Analysis of Measurement-Device-Independent Quantum Key Distribution in Collective-Rotation Noisy Environment

    Li, Na; Zhang, Yu; Wen, Shuang; Li, Lei-lei; Li, Jian

    2018-01-01

    Noise is a problem that communication channels cannot avoid. It is, thus, beneficial to analyze the security of MDI-QKD in noisy environment. An analysis model for collective-rotation noise is introduced, and the information theory methods are used to analyze the security of the protocol. The maximum amount of information that Eve can eavesdrop is 50%, and the eavesdropping can always be detected if the noise level ɛ ≤ 0.68. Therefore, MDI-QKD protocol is secure as quantum key distribution protocol. The maximum probability that the relay outputs successful results is 16% when existing eavesdropping. Moreover, the probability that the relay outputs successful results when existing eavesdropping is higher than the situation without eavesdropping. The paper validates that MDI-QKD protocol has better robustness.

  3. Practical security analysis of continuous-variable quantum key distribution with jitter in clock synchronization

    Xie, Cailang; Guo, Ying; Liao, Qin; Zhao, Wei; Huang, Duan; Zhang, Ling; Zeng, Guihua

    2018-03-01

    How to narrow the gap of security between theory and practice has been a notoriously urgent problem in quantum cryptography. Here, we analyze and provide experimental evidence of the clock jitter effect on the practical continuous-variable quantum key distribution (CV-QKD) system. The clock jitter is a random noise which exists permanently in the clock synchronization in the practical CV-QKD system, it may compromise the system security because of its impact on data sampling and parameters estimation. In particular, the practical security of CV-QKD with different clock jitter against collective attack is analyzed theoretically based on different repetition frequencies, the numerical simulations indicate that the clock jitter has more impact on a high-speed scenario. Furthermore, a simplified experiment is designed to investigate the influence of the clock jitter.

  4. Security bound of two-basis quantum-key-distribution protocols using qudits

    Nikolopoulos, Georgios M.; Alber, Gernot

    2005-01-01

    We investigate the security bounds of quantum-cryptographic protocols using d-level systems. In particular, we focus on schemes that use two mutually unbiased bases, thus extending the Bennett-Brassard 1984 quantum-key-distribution scheme to higher dimensions. Under the assumption of general coherent attacks, we derive an analytic expression for the ultimate upper security bound of such quantum-cryptography schemes. This bound is well below the predictions of optimal cloning machines. The possibility of extraction of a secret key beyond entanglement distillation is discussed. In the case of qutrits we argue that any eavesdropping strategy is equivalent to a symmetric one. For higher dimensions such an equivalence is generally no longer valid

  5. Fast and secure key distribution using mesoscopic coherent states of light

    Barbosa, Geraldo A.

    2003-01-01

    This work shows how two parties A and B can securely share unlimited sequences of random bits at optical speeds. A and B possess true-random physical sources and exchange random bits by using a random sequence received to cipher the following one to be sent. A starting shared secret key is used and the method can be described as a one-time-pad unlimited extender. It is demonstrated that the minimum probability of error in signal determination by the eavesdropper can be set arbitrarily close to the pure guessing level. Being based on the M-ry encryption protocol this method also allows for optical amplification without security degradation, offering practical advantages over the Bennett-Brassard 1984 protocol for key distribution

  6. Identifying Regional Key Eco-Space to Maintain Ecological Security Using GIS

    Hualin Xie

    2014-02-01

    Full Text Available Ecological security and environmental sustainability are the foundations of sustainable development. With the acceleration of urbanization, increasing human activities have promoted greater impacts on the eco-spaces that maintain ecological security. Regional key eco-space has become the primary need to maintain environmental sustainability and can offer society with continued ecosystem services. In this paper, considering the security of water resources, biodiversity conservation, disaster avoidance and protection and natural recreation, an integrated index of eco-space importance was established and a method for identifying key eco-space was created using GIS, with Lanzhou City, China as a case study. The results show that the area of core eco-space in the Lanzhou City is approximately 50,908.7 hm2, accounting for 40% of the region’s total area. These areas mainly consist of geological hazard protection zones and the core zones of regional river systems, wetlands, nature reserves, forest parks and scenic spots. The results of this study provide some guidance for the management of ecological security, ecological restoration and environmental sustainability.

  7. Improving the security of a parallel keyed hash function based on chaotic maps

    Xiao Di, E-mail: xiaodi_cqu@hotmail.co [College of Computer Science and Engineering, Chongqing University, Chongqing 400044 (China); Liao Xiaofeng [College of Computer Science and Engineering, Chongqing University, Chongqing 400044 (China); Wang Yong [College of Computer Science and Engineering, Chongqing University, Chongqing 400044 (China)] [College of Economy and Management, Chongqing University of Posts and Telecommunications, Chongqing 400065 (China)

    2009-11-23

    In this Letter, we analyze the cause of vulnerability of the original parallel keyed hash function based on chaotic maps in detail, and then propose the corresponding enhancement measures. Theoretical analysis and computer simulation indicate that the modified hash function is more secure than the original one. At the same time, it can keep the parallel merit and satisfy the other performance requirements of hash function.

  8. Improving the security of a parallel keyed hash function based on chaotic maps

    Xiao Di; Liao Xiaofeng; Wang Yong

    2009-01-01

    In this Letter, we analyze the cause of vulnerability of the original parallel keyed hash function based on chaotic maps in detail, and then propose the corresponding enhancement measures. Theoretical analysis and computer simulation indicate that the modified hash function is more secure than the original one. At the same time, it can keep the parallel merit and satisfy the other performance requirements of hash function.

  9. A Dual Key-Based Activation Scheme for Secure LoRaWAN

    Jaehyu Kim

    2017-01-01

    Full Text Available With the advent of the Internet of Things (IoT era, we are experiencing rapid technological progress. Billions of devices are connected to each other, and our homes, cities, hospitals, and schools are getting smarter and smarter. However, to realize the IoT, several challenging issues such as connecting resource-constrained devices to the Internet must be resolved. Recently introduced Low Power Wide Area Network (LPWAN technologies have been devised to resolve this issue. Among many LPWAN candidates, the Long Range (LoRa is one of the most promising technologies. The Long Range Wide Area Network (LoRaWAN is a communication protocol for LoRa that provides basic security mechanisms. However, some security loopholes exist in LoRaWAN’s key update and session key generation. In this paper, we propose a dual key-based activation scheme for LoRaWAN. It resolves the problem of key updates not being fully supported. In addition, our scheme facilitates each layer in generating its own session key directly, which ensures the independence of all layers. Real-world experimental results compared with the original scheme show that the proposed scheme is totally feasible in terms of delay and battery consumption.

  10. Security of Continuous-Variable Quantum Key Distribution via a Gaussian de Finetti Reduction

    Leverrier, Anthony

    2017-05-01

    Establishing the security of continuous-variable quantum key distribution against general attacks in a realistic finite-size regime is an outstanding open problem in the field of theoretical quantum cryptography if we restrict our attention to protocols that rely on the exchange of coherent states. Indeed, techniques based on the uncertainty principle are not known to work for such protocols, and the usual tools based on de Finetti reductions only provide security for unrealistically large block lengths. We address this problem here by considering a new type of Gaussian de Finetti reduction, that exploits the invariance of some continuous-variable protocols under the action of the unitary group U (n ) (instead of the symmetric group Sn as in usual de Finetti theorems), and by introducing generalized S U (2 ,2 ) coherent states. Crucially, combined with an energy test, this allows us to truncate the Hilbert space globally instead as at the single-mode level as in previous approaches that failed to provide security in realistic conditions. Our reduction shows that it is sufficient to prove the security of these protocols against Gaussian collective attacks in order to obtain security against general attacks, thereby confirming rigorously the widely held belief that Gaussian attacks are indeed optimal against such protocols.

  11. On the Security of a Two-Factor Authentication and Key Agreement Scheme for Telecare Medicine Information Systems.

    Arshad, Hamed; Teymoori, Vahid; Nikooghadam, Morteza; Abbassi, Hassan

    2015-08-01

    Telecare medicine information systems (TMISs) aim to deliver appropriate healthcare services in an efficient and secure manner to patients. A secure mechanism for authentication and key agreement is required to provide proper security in these systems. Recently, Bin Muhaya demonstrated some security weaknesses of Zhu's authentication and key agreement scheme and proposed a security enhanced authentication and key agreement scheme for TMISs. However, we show that Bin Muhaya's scheme is vulnerable to off-line password guessing attacks and does not provide perfect forward secrecy. Furthermore, in order to overcome the mentioned weaknesses, we propose a new two-factor anonymous authentication and key agreement scheme using the elliptic curve cryptosystem. Security and performance analyses demonstrate that the proposed scheme not only overcomes the weaknesses of Bin Muhaya's scheme, but also is about 2.73 times faster than Bin Muhaya's scheme.

  12. Security enhanced anonymous multiserver authenticated key agreement scheme using smart cards and biometrics.

    Choi, Younsung; Nam, Junghyun; Lee, Donghoon; Kim, Jiye; Jung, Jaewook; Won, Dongho

    2014-01-01

    An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user's biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen's scheme.

  13. Security Enhanced Anonymous Multiserver Authenticated Key Agreement Scheme Using Smart Cards and Biometrics

    Younsung Choi

    2014-01-01

    Full Text Available An anonymous user authentication scheme allows a user, who wants to access a remote application server, to achieve mutual authentication and session key establishment with the server in an anonymous manner. To enhance the security of such authentication schemes, recent researches combined user’s biometrics with a password. However, these authentication schemes are designed for single server environment. So when a user wants to access different application servers, the user has to register many times. To solve this problem, Chuang and Chen proposed an anonymous multiserver authenticated key agreement scheme using smart cards together with passwords and biometrics. Chuang and Chen claimed that their scheme not only supports multiple servers but also achieves various security requirements. However, we show that this scheme is vulnerable to a masquerade attack, a smart card attack, a user impersonation attack, and a DoS attack and does not achieve perfect forward secrecy. We also propose a security enhanced anonymous multiserver authenticated key agreement scheme which addresses all the weaknesses identified in Chuang and Chen’s scheme.

  14. Best-Practice Criteria for Practical Security of Self-Differencing Avalanche Photodiode Detectors in Quantum Key Distribution

    Koehler-Sidki, A.; Dynes, J. F.; Lucamarini, M.; Roberts, G. L.; Sharpe, A. W.; Yuan, Z. L.; Shields, A. J.

    2018-04-01

    Fast-gated avalanche photodiodes (APDs) are the most commonly used single photon detectors for high-bit-rate quantum key distribution (QKD). Their robustness against external attacks is crucial to the overall security of a QKD system, or even an entire QKD network. We investigate the behavior of a gigahertz-gated, self-differencing (In,Ga)As APD under strong illumination, a tactic Eve often uses to bring detectors under her control. Our experiment and modeling reveal that the negative feedback by the photocurrent safeguards the detector from being blinded through reducing its avalanche probability and/or strengthening the capacitive response. Based on this finding, we propose a set of best-practice criteria for designing and operating fast-gated APD detectors to ensure their practical security in QKD.

  15. On distributed key distribution centers and unconditionally secure proactive verifiable secret sharing schemes based on general access structure

    Nikov, V.S.; Nikova, S.I.; Preneel, B.; Vandewalle, J.; Menezes, A.; Sarkar, P.

    2002-01-01

    A Key Distribution Center of a network is a server enabling private communications within groups of users. A Distributed Key Distribution Center is a set of servers that jointly realizes a Key Distribution Center. In this paper we build a robust Distributed Key Distribution Center Scheme secure

  16. An improved chaos-based secure communication technique using a novel encryption function with an embedded cipher key

    Zaher, Ashraf A. [Physics Department, Science College, Kuwait University, P.O. Box 5969, Safat 13060 (Kuwait)], E-mail: ashraf.zaher@ku.edu.kw

    2009-12-15

    In this paper, a secure communication technique, using a chaotic system with a single adjustable parameter and a single observable time series, is proposed. The chosen chaotic system, which is a variant of the famous Rikitake model, has a special structure for which the adjustable parameter appears in the dynamic equation of the observable time series. This particular structure is used to build a synchronization-based state observer that is decoupled from the adaptive parameter identifier. A local Lyapunov function is used to design the parameter identifier, with an adjustable convergence rate that guarantees the stability of the overall system. A two-channel transmission method is used to exemplify the suggested technique where the secret message is encoded using a nonlinear function of both the chaotic states and the adjustable parameter of the chaotic system that acts as a secret key. Simulations show that, at the receiver, the signal can be efficiently retrieved only if the secret key is known, even when both the receiver and the transmitter are in perfect synchronization. The proposed technique is demonstrated to have improved security and privacy against intruders, when compared to other techniques reported in the literature, while being simple to implement using both analog and digital hardware. In addition, the chosen chaotic system is shown to be flexible in accommodating the transmission of signals with variable bandwidths, which promotes the superiority and versatility of the suggested secure communication technique.

  17. An improved chaos-based secure communication technique using a novel encryption function with an embedded cipher key

    Zaher, Ashraf A.

    2009-01-01

    In this paper, a secure communication technique, using a chaotic system with a single adjustable parameter and a single observable time series, is proposed. The chosen chaotic system, which is a variant of the famous Rikitake model, has a special structure for which the adjustable parameter appears in the dynamic equation of the observable time series. This particular structure is used to build a synchronization-based state observer that is decoupled from the adaptive parameter identifier. A local Lyapunov function is used to design the parameter identifier, with an adjustable convergence rate that guarantees the stability of the overall system. A two-channel transmission method is used to exemplify the suggested technique where the secret message is encoded using a nonlinear function of both the chaotic states and the adjustable parameter of the chaotic system that acts as a secret key. Simulations show that, at the receiver, the signal can be efficiently retrieved only if the secret key is known, even when both the receiver and the transmitter are in perfect synchronization. The proposed technique is demonstrated to have improved security and privacy against intruders, when compared to other techniques reported in the literature, while being simple to implement using both analog and digital hardware. In addition, the chosen chaotic system is shown to be flexible in accommodating the transmission of signals with variable bandwidths, which promotes the superiority and versatility of the suggested secure communication technique.

  18. Practical scheme to share a secret key through a quantum channel with a 27.6% bit error rate

    Chau, H.F.

    2002-01-01

    A secret key shared through quantum key distribution between two cooperative players is secure against any eavesdropping attack allowed by the laws of physics. Yet, such a key can be established only when the quantum channel error rate due to eavesdropping or imperfect apparatus is low. Here, a practical quantum key distribution scheme by making use of an adaptive privacy amplification procedure with two-way classical communication is reported. Then, it is proven that the scheme generates a secret key whenever the bit error rate of the quantum channel is less than 0.5-0.1√(5)≅27.6%, thereby making it the most error resistant scheme known to date

  19. Detector-device-independent quantum key distribution: Security analysis and fast implementation

    Boaron, Alberto; Korzh, Boris; Boso, Gianluca; Martin, Anthony; Zbinden, Hugo; Houlmann, Raphael; Lim, Charles Ci Wen

    2016-01-01

    One of the most pressing issues in quantum key distribution (QKD) is the problem of detector side-channel attacks. To overcome this problem, researchers proposed an elegant “time-reversal” QKD protocol called measurement-device-independent QKD (MDI-QKD), which is based on time-reversed entanglement swapping. However, MDI-QKD is more challenging to implement than standard point-to-point QKD. Recently, an intermediary QKD protocol called detector-device-independent QKD (DDI-QKD) has been proposed to overcome the drawbacks of MDI-QKD, with the hope that it would eventually lead to a more efficient detector side-channel-free QKD system. Here, we analyze the security of DDI-QKD and elucidate its security assumptions. We find that DDI-QKD is not equivalent to MDI-QKD, but its security can be demonstrated with reasonable assumptions. On the more practical side, we consider the feasibility of DDI-QKD and present a fast experimental demonstration (clocked at 625 MHz), capable of secret key exchange up to more than 90 km.

  20. Security and gain improvement of a practical quantum key distribution using a gated single-photon source and probabilistic photon-number resolution

    Horikiri, Tomoyuki; Sasaki, Hideki; Wang, Haibo; Kobayashi, Takayoshi

    2005-01-01

    We propose a high security quantum key distribution (QKD) scheme utilizing one mode of spontaneous parametric downconversion gated by a photon number resolving detector. This photon number measurement is possible by using single-photon detectors operating at room temperature and optical fibers. By post selection, the multiphoton probability in this scheme can be reduced to lower than that of a scheme using an attenuated coherent light resulting in improvement of security. Furthermore, if distillation protocol (error correction and privacy amplification) is performed, the gain will be increased. Hence a QKD system with higher security and bit rate than the laser-based QKD system can be attained using present available technologies

  1. A secure smart-card based authentication and key agreement scheme for telecare medicine information systems.

    Lee, Tian-Fu; Liu, Chuan-Ming

    2013-06-01

    A smart-card based authentication scheme for telecare medicine information systems enables patients, doctors, nurses, health visitors and the medicine information systems to establish a secure communication platform through public networks. Zhu recently presented an improved authentication scheme in order to solve the weakness of the authentication scheme of Wei et al., where the off-line password guessing attacks cannot be resisted. This investigation indicates that the improved scheme of Zhu has some faults such that the authentication scheme cannot execute correctly and is vulnerable to the attack of parallel sessions. Additionally, an enhanced authentication scheme based on the scheme of Zhu is proposed. The enhanced scheme not only avoids the weakness in the original scheme, but also provides users' anonymity and authenticated key agreements for secure data communications.

  2. 76 FR 26549 - Removal of Certain References to Credit Ratings Under the Securities Exchange Act of 1934

    2011-05-06

    ... related security'' and ``small business related security,'' respectively, as the Commission considers how... terms ``mortgage related security'' and ``small business related security,'' respectively, as the...),\\9\\ which defines the term ``small business related security.'' In place of the credit rating...

  3. Optical code division multiple access secure communications systems with rapid reconfigurable polarization shift key user code

    Gao, Kaiqiang; Wu, Chongqing; Sheng, Xinzhi; Shang, Chao; Liu, Lanlan; Wang, Jian

    2015-09-01

    An optical code division multiple access (OCDMA) secure communications system scheme with rapid reconfigurable polarization shift key (Pol-SK) bipolar user code is proposed and demonstrated. Compared to fix code OCDMA, by constantly changing the user code, the performance of anti-eavesdropping is greatly improved. The Pol-SK OCDMA experiment with a 10 Gchip/s user code and a 1.25 Gb/s user data of payload has been realized, which means this scheme has better tolerance and could be easily realized.

  4. Backup key generation model for one-time password security protocol

    Jeyanthi, N.; Kundu, Sourav

    2017-11-01

    The use of one-time password (OTP) has ushered new life into the existing authentication protocols used by the software industry. It introduced a second layer of security to the traditional username-password authentication, thus coining the term, two-factor authentication. One of the drawbacks of this protocol is the unreliability of the hardware token at the time of authentication. This paper proposes a simple backup key model that can be associated with the real world applications’user database, which would allow a user to circumvent the second authentication stage, in the event of unavailability of the hardware token.

  5. Training on Transport Security of Nuclear/Radioactive Materials for Key Audiences

    Pope, Ronald; Liu, Yung; Shuler, J.M.

    2016-01-01

    development of the relevant teaching materials for the course have largely been completed, tailoring the course for targeted audiences becomes a relatively easy task, requiring less effort and providing more flexibility for both the lecturers and future participants. One-day or two-day courses with focus specifically on the U.S. transport security requirements can be delivered, at locations away from Argonne, by one or two principal lecturers to targeted audiences such as regulators, shippers, carriers, state and local law enforcement personnel, and emergency responders. This paper will highlight the lessons learned in hosting previous one-week courses and discuss the development of options for detailed and/or customized courses/workshops for targeted key audiences.

  6. Security of subcarrier wave quantum key distribution against the collective beam-splitting attack.

    Miroshnichenko, G P; Kozubov, A V; Gaidash, A A; Gleim, A V; Horoshko, D B

    2018-04-30

    We consider a subcarrier wave quantum key distribution (QKD) system, where quantum encoding is carried out at weak sidebands generated around a coherent optical beam as a result of electro-optical phase modulation. We study security of two protocols, B92 and BB84, against one of the most powerful attacks for this class of systems, the collective beam-splitting attack. Our analysis includes the case of high modulation index, where the sidebands are essentially multimode. We demonstrate numerically and experimentally that a subcarrier wave QKD system with realistic parameters is capable of distributing cryptographic keys over large distances in presence of collective attacks. We also show that BB84 protocol modification with discrimination of only one state in each basis performs not worse than the original BB84 protocol in this class of QKD systems, thus significantly simplifying the development of cryptographic networks using the considered QKD technique.

  7. Notes on recent approaches concerning the Kirchhoff-law-Johnson-noise-based secure key exchange

    Kish, Laszlo B.; Horvath, Tamas

    2009-08-01

    We critically analyze the results and claims in [P.-L. Liu, Phys. Lett. A 373 (2009) 901]. We show that the strong security leak appeared in the simulations is only an artifact and not caused by “multiple reflections”. Since no wave modes exist at cable length of 5% of the shortest wavelength of the signal, no wave is present to reflect it. In the high wave impedance limit, the conditions used in the simulations are heavily unphysical (requiring cable diameters up to 28000 times greater than the measured size of the known universe) and the results are modeling artifacts due to the unphysical values. At the low cable impedance limit, the observed artifacts are due to violating the recommended (and tested) conditions by neglecting the cable capacitance restrictions and using about 100 times longer cable than recommended without cable capacitance compensation arrangement. We implement and analyze the general circuitry of Liu's circulator [P.-L. Liu, Phys. Lett. A 373 (2009) 901] and confirm that they are conceptually secure against passive attacks. We introduce an asymmetric, more robust version without feedback loop. Then we crack all these systems by an active attack: a circulator-based man-in-the middle attack. Finally, we analyze the proposed method to increase security by dropping only high-risk bits. We point out the differences between different types of high-risk bits and show the shortage of this strategy for some simple key exchange protocols.

  8. Security analysis of an untrusted source for quantum key distribution: passive approach

    Zhao Yi; Qi Bing; Lo, H-K; Qian Li

    2010-01-01

    We present a passive approach to the security analysis of quantum key distribution (QKD) with an untrusted source. A complete proof of its unconditional security is also presented. This scheme has significant advantages in real-life implementations as it does not require fast optical switching or a quantum random number generator. The essential idea is to use a beam splitter to split each input pulse. We show that we can characterize the source using a cross-estimate technique without active routing of each pulse. We have derived analytical expressions for the passive estimation scheme. Moreover, using simulations, we have considered four real-life imperfections: additional loss introduced by the 'plug and play' structure, inefficiency of the intensity monitor noise of the intensity monitor, and statistical fluctuation introduced by finite data size. Our simulation results show that the passive estimate of an untrusted source remains useful in practice, despite these four imperfections. Also, we have performed preliminary experiments, confirming the utility of our proposal in real-life applications. Our proposal makes it possible to implement the 'plug and play' QKD with the security guaranteed, while keeping the implementation practical.

  9. Notes on recent approaches concerning the Kirchhoff-law-Johnson-noise-based secure key exchange

    Kish, Laszlo B.; Horvath, Tamas

    2009-01-01

    We critically analyze the results and claims in [P.-L. Liu, Phys. Lett. A 373 (2009) 901]. We show that the strong security leak appeared in the simulations is only an artifact and not caused by 'multiple reflections'. Since no wave modes exist at cable length of 5% of the shortest wavelength of the signal, no wave is present to reflect it. In the high wave impedance limit, the conditions used in the simulations are heavily unphysical (requiring cable diameters up to 28000 times greater than the measured size of the known universe) and the results are modeling artifacts due to the unphysical values. At the low cable impedance limit, the observed artifacts are due to violating the recommended (and tested) conditions by neglecting the cable capacitance restrictions and using about 100 times longer cable than recommended without cable capacitance compensation arrangement. We implement and analyze the general circuitry of Liu's circulator [P.-L. Liu, Phys. Lett. A 373 (2009) 901] and confirm that they are conceptually secure against passive attacks. We introduce an asymmetric, more robust version without feedback loop. Then we crack all these systems by an active attack: a circulator-based man-in-the middle attack. Finally, we analyze the proposed method to increase security by dropping only high-risk bits. We point out the differences between different types of high-risk bits and show the shortage of this strategy for some simple key exchange protocols.

  10. Notes on recent approaches concerning the Kirchhoff-law-Johnson-noise-based secure key exchange

    Kish, Laszlo B., E-mail: Laszlo.Kish@ece.tamu.ed [Department of Electrical and Computer Engineering, Texas A and M University, College Station, TX 77843-3128 (United States); Horvath, Tamas, E-mail: tamas.horvath@iais.fraunhofer.d [Department of Computer Science, University of Bonn (Germany); Fraunhofer IAIS, Schloss Birlinghoven, D-53754 Sankt Augustin (Germany)

    2009-08-03

    We critically analyze the results and claims in [P.-L. Liu, Phys. Lett. A 373 (2009) 901]. We show that the strong security leak appeared in the simulations is only an artifact and not caused by 'multiple reflections'. Since no wave modes exist at cable length of 5% of the shortest wavelength of the signal, no wave is present to reflect it. In the high wave impedance limit, the conditions used in the simulations are heavily unphysical (requiring cable diameters up to 28000 times greater than the measured size of the known universe) and the results are modeling artifacts due to the unphysical values. At the low cable impedance limit, the observed artifacts are due to violating the recommended (and tested) conditions by neglecting the cable capacitance restrictions and using about 100 times longer cable than recommended without cable capacitance compensation arrangement. We implement and analyze the general circuitry of Liu's circulator [P.-L. Liu, Phys. Lett. A 373 (2009) 901] and confirm that they are conceptually secure against passive attacks. We introduce an asymmetric, more robust version without feedback loop. Then we crack all these systems by an active attack: a circulator-based man-in-the middle attack. Finally, we analyze the proposed method to increase security by dropping only high-risk bits. We point out the differences between different types of high-risk bits and show the shortage of this strategy for some simple key exchange protocols.

  11. An Efficient Biometric-Based Algorithm Using Heart Rate Variability for Securing Body Sensor Networks.

    Pirbhulal, Sandeep; Zhang, Heye; Mukhopadhyay, Subhas Chandra; Li, Chunyue; Wang, Yumei; Li, Guanglin; Wu, Wanqing; Zhang, Yuan-Ting

    2015-06-26

    Body Sensor Network (BSN) is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG), Photoplethysmography (PPG), Electrocardiogram (ECG), etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV) for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA), Data Encryption Standard (DES) and Rivest Shamir Adleman (RSA). Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption.

  12. An Efficient Biometric-Based Algorithm Using Heart Rate Variability for Securing Body Sensor Networks

    Sandeep Pirbhulal

    2015-06-01

    Full Text Available Body Sensor Network (BSN is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG, Photoplethysmography (PPG, Electrocardiogram (ECG, etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA, Data Encryption Standard (DES and Rivest Shamir Adleman (RSA. Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption.

  13. An Efficient Biometric-Based Algorithm Using Heart Rate Variability for Securing Body Sensor Networks

    Pirbhulal, Sandeep; Zhang, Heye; Mukhopadhyay, Subhas Chandra; Li, Chunyue; Wang, Yumei; Li, Guanglin; Wu, Wanqing; Zhang, Yuan-Ting

    2015-01-01

    Body Sensor Network (BSN) is a network of several associated sensor nodes on, inside or around the human body to monitor vital signals, such as, Electroencephalogram (EEG), Photoplethysmography (PPG), Electrocardiogram (ECG), etc. Each sensor node in BSN delivers major information; therefore, it is very significant to provide data confidentiality and security. All existing approaches to secure BSN are based on complex cryptographic key generation procedures, which not only demands high resource utilization and computation time, but also consumes large amount of energy, power and memory during data transmission. However, it is indispensable to put forward energy efficient and computationally less complex authentication technique for BSN. In this paper, a novel biometric-based algorithm is proposed, which utilizes Heart Rate Variability (HRV) for simple key generation process to secure BSN. Our proposed algorithm is compared with three data authentication techniques, namely Physiological Signal based Key Agreement (PSKA), Data Encryption Standard (DES) and Rivest Shamir Adleman (RSA). Simulation is performed in Matlab and results suggest that proposed algorithm is quite efficient in terms of transmission time utilization, average remaining energy and total power consumption. PMID:26131666

  14. Security analysis on some experimental quantum key distribution systems with imperfect optical and electrical devices

    Liang, Lin-Mei; Sun, Shi-Hai; Jiang, Mu-Sheng; Li, Chun-Yan

    2014-10-01

    In general, quantum key distribution (QKD) has been proved unconditionally secure for perfect devices due to quantum uncertainty principle, quantum noncloning theorem and quantum nondividing principle which means that a quantum cannot be divided further. However, the practical optical and electrical devices used in the system are imperfect, which can be exploited by the eavesdropper to partially or totally spy the secret key between the legitimate parties. In this article, we first briefly review the recent work on quantum hacking on some experimental QKD systems with respect to imperfect devices carried out internationally, then we will present our recent hacking works in details, including passive faraday mirror attack, partially random phase attack, wavelength-selected photon-number-splitting attack, frequency shift attack, and single-photon-detector attack. Those quantum attack reminds people to improve the security existed in practical QKD systems due to imperfect devices by simply adding countermeasure or adopting a totally different protocol such as measurement-device independent protocol to avoid quantum hacking on the imperfection of measurement devices [Lo, et al., Phys. Rev. Lett., 2012, 108: 130503].

  15. Key requirements for high quality picture-rate conversion.

    Cordes, C.N.; Haan, de G.

    2009-01-01

    Past LCD-TV generations suffered from a poor motion portrayal, causing the blurring of moving objects. Hence, various techniques have been implemented to improve their motion portrayal, of which the widespread introduction of motion compensated picture-rate conversion in TV systems is an essential

  16. Securing Body Sensor Networks with Biometric Methods: A New Key Negotiation Method and a Key Sampling Method for Linear Interpolation Encryption

    Zhao, Huawei; Chen, Chi; Hu, Jiankun; Qin, Jing

    2015-01-01

    We present two approaches that exploit biometric data to address security problems in the body sensor networks: a new key negotiation scheme based on the fuzzy extractor technology and an improved linear interpolation encryption method. The first approach designs two attack games to give the formal definition of fuzzy negotiation that forms a new key negotiation scheme based on fuzzy extractor technology. According to the definition, we further define a concrete structure of fuzzy negotiation...

  17. Security of Color Image Data Designed by Public-Key Cryptosystem Associated with 2D-DWT

    Mishra, D. C.; Sharma, R. K.; Kumar, Manish; Kumar, Kuldeep

    2014-08-01

    In present times the security of image data is a major issue. So, we have proposed a novel technique for security of color image data by public-key cryptosystem or asymmetric cryptosystem. In this technique, we have developed security of color image data using RSA (Rivest-Shamir-Adleman) cryptosystem with two-dimensional discrete wavelet transform (2D-DWT). Earlier proposed schemes for security of color images designed on the basis of keys, but this approach provides security of color images with the help of keys and correct arrangement of RSA parameters. If the attacker knows about exact keys, but has no information of exact arrangement of RSA parameters, then the original information cannot be recovered from the encrypted data. Computer simulation based on standard example is critically examining the behavior of the proposed technique. Security analysis and a detailed comparison between earlier developed schemes for security of color images and proposed technique are also mentioned for the robustness of the cryptosystem.

  18. 7 CFR 771.9 - Interest rates, terms, security requirements, and repayment.

    2010-01-01

    ... 7 Agriculture 7 2010-01-01 2010-01-01 false Interest rates, terms, security requirements, and... Interest rates, terms, security requirements, and repayment. (a) Interest rate. The interest rate will be fixed for the term of the loan. The rate will be established by FSA, based upon the cost of Government...

  19. 7 CFR 773.19 - Interest rate, terms, security requirements, and repayment.

    2010-01-01

    ... 7 Agriculture 7 2010-01-01 2010-01-01 false Interest rate, terms, security requirements, and... SERVICE AGENCY, DEPARTMENT OF AGRICULTURE SPECIAL PROGRAMS SPECIAL APPLE LOAN PROGRAM § 773.19 Interest rate, terms, security requirements, and repayment. (a) Interest rate. The interest rate will be fixed...

  20. 7 CFR 774.18 - Interest rate, terms and security requirements.

    2010-01-01

    ... 7 Agriculture 7 2010-01-01 2010-01-01 false Interest rate, terms and security requirements. 774.18..., DEPARTMENT OF AGRICULTURE SPECIAL PROGRAMS EMERGENCY LOAN FOR SEED PRODUCERS PROGRAM § 774.18 Interest rate, terms and security requirements. (a) Interest rate. (1) The interest rate on the loan will be zero...

  1. Randomized dynamical decoupling strategies and improved one-way key rates for quantum cryptography

    Kern, Oliver

    2009-05-25

    noisy preprocessing) followed by the use of a structured block code, higher secure key rates may be obtained. For the BB84 protocol it is shown that iterating the combined preprocessing leads to an even higher gain. In order to speed up the numerical evaluation of the key rates, results of representation theory come into play. If a coherent version of the protocol is considered, the block code used in the preprocessing stage becomes a concatenated stabilizer code which is obtained by concatenating an outer random code with an inner deterministic one. This concatenated stabilizer code is used to compute an improved lower bound on the quantum capacity of a certain quantum channel (the so-called qubit depolarizing channel). (orig.)

  2. Randomized dynamical decoupling strategies and improved one-way key rates for quantum cryptography

    Kern, Oliver

    2009-01-01

    noisy preprocessing) followed by the use of a structured block code, higher secure key rates may be obtained. For the BB84 protocol it is shown that iterating the combined preprocessing leads to an even higher gain. In order to speed up the numerical evaluation of the key rates, results of representation theory come into play. If a coherent version of the protocol is considered, the block code used in the preprocessing stage becomes a concatenated stabilizer code which is obtained by concatenating an outer random code with an inner deterministic one. This concatenated stabilizer code is used to compute an improved lower bound on the quantum capacity of a certain quantum channel (the so-called qubit depolarizing channel). (orig.)

  3. Asset backed securities : risks, ratings and quantitative modelling

    Jönsson, B.H.B.; Schoutens, W.

    2009-01-01

    Asset backed securities (ABSs) are structured finance products backed by pools of assets and are created through a securitisation process. The risks in asset backed securities, such as, credit risk, prepayment risk, market risks, operational risk, and legal risks, are directly connected with the

  4. A secure effective dynamic group password-based authenticated key agreement scheme for the integrated EPR information system

    Vanga Odelu

    2016-01-01

    Full Text Available With the rapid growth of the Internet, a lot of electronic patient records (EPRs have been developed for e-medicine systems. The security and privacy issues of EPRs are important for the patients in order to understand how the hospitals control the use of their personal information, such as name, address, e-mail, medical records, etc. of a particular patient. Recently, Lee et al. proposed a simple group password-based authenticated key agreement protocol for the integrated EPR information system (SGPAKE. However, in this paper, we show that Lee et al.’s protocol is vulnerable to the off-line weak password guessing attack and as a result, their scheme does not provide users’ privacy. To withstand this security weakness found in Lee et al.’s scheme, we aim to propose an effective dynamic group password-based authenticated key exchange scheme for the integrated EPR information system, which retains the original merits of Lee et al.’s scheme. Through the informal and formal security analysis, we show that our scheme provides users’ privacy, perfect forward security and known-key security, and also protects online and offline password guessing attacks. Furthermore, our scheme efficiently supports the dynamic group password-based authenticated key agreement for the integrated EPR information system. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications tool and show that our scheme is secure against passive and active attacks.

  5. Business opportunities for aquaculture in Kenya; With special reference to food security : Key findings & Recommendations

    Rothuis, A.J.; Duijn, van A.P.; Rijsingen, J.C.M.; Pijl, van der W.; Rurangwa, E.

    2011-01-01

    This study aims to assess the potential role of aquaculture in improving food security in Kenya. It addresses current bottlenecks that prevent aquaculture from achieving its food security objectives and identifies possible interventions. This study furthermore explores business opportunities for

  6. Wireless Physical Layer Security: On the Performance Limit of Secret-Key Agreement

    Zorgui, Marwen

    2015-01-01

    Physical layer security (PLS) is a new paradigm aiming at securing communications between legitimate parties at the physical layer. Conventionally, achieving confidentiality in communication networks relies on cryptographic techniques such as public

  7. Common Criteria for Information Technology Security Evaluation: Department of Defense Public Key Infrastructure and Key Management Infrastructure Token Protection Profile (Medium Robustness)

    2002-03-22

    may be derived from detailed inspection of the IC itself or from illicit appropriation of design information. Counterfeit smart cards can be mass...Infrastructure (PKI) as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair...interference devices (SQDIS), electrical testing, and electron beam testing. • Other attacks, such as UV or X-rays or high temperatures, could cause erasure

  8. Computer Security: Your iPhone as a key-logger

    Computer Security Team

    2014-01-01

    In the past, we have repeatedly elaborated on the computer security risk of using smartphones. Today, something new for the paranoid: did you know your smart phone can be used to spy on your PC’s keyboard?!    In fact, the tiny accelerometer, gyroscope and orientation sensors that your smartphone uses to determine its tilt and movements can also determine the letters you type on your computer. Thus, it acts as a hardware “key-logger”! It only requires your smartphone to be put close to your computer keyboard and to run a corresponding, malicious app. The rest is done by the highly precise sensors which can record keyboard vibrations and subsequently the letters you type. In a dedicated study, students of the Georgia Tech College of Computing were able to decipher complete sentences with up to 80 percent accuracy using an iPhone*. In a nice twist, the same feature can also be used to “to infer the occurrence of tap events on the touchscreen as w...

  9. Key Based Mutual Authentication (KBMA Mechanism for Secured Access in MobiCloud Environment

    Donald A. Cecil

    2016-01-01

    Full Text Available Mobile Cloud Computing (MCC fuels innovation in Mobile Computing and opens new pathways between mobile devices and infrastructures. There are several issues in MCC environment as it integrates various technologies. Among all issues, security lies on the top where many users are not willing to adopt the cloud services. This paper focuses on the authentication. The objective of this paper is to provide a mechanism for authenticating all the entities involved in accessing the cloud services. A mechanism called Key Based Mutual Authentication (KBMA is proposed which is divided into two processes namely registration and authentication. Registration is a one-time process where the users are registered for accessing the cloud services by giving the desired unique information. Authentication process is carried out mutually to verify the identities of Device and Cloud Service Provider (CSP. Scyther tool is used for analysing the vulnerability in terms of attacks. The result claims show that the proposed mechanism is resilient against various attacks.

  10. Exploring the Key Challenges: Adaptability, Sustainability, Interoperability and Security to M-payment

    Rashmi Mantri

    2011-04-01

    Full Text Available Abstract: Any payment which uses mobile device as payment method is called M-payment whether it is proximity or remote and online or point of sale. Since it has been identified that mobile phone is everywhere and ever-present essential consumer device, and could be used for payment offline or online, Mobile payment has been hyped significantly. However early market adoption is facing some challenges and in need of the unanimous effort of all key players (manufacturers, mobile operators, merchants and customers of value chain in order to accept mobile payment method and achieve standard and sustainable business model. Achieving one business model is important for user convenience and reachability, resulting in increased market opportunities. The main focus of this research proposal is that why cohesive technologies are needed and how it could be achieved? Some M-payment ventures are successfully working in Japan, US and Asian countries such as NTTDoCoMo and PayPal M-payments. The main reason of M-payment adoption among consumers in those countries is that their security issues are dealt carefully and solved to acceptable level. This paper is presented in the form of research proposal and overview looking into various challenging issues which are preventing the higher success in UK.

  11. An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge

    Le Xuan Hung

    2008-12-01

    Full Text Available For many sensor network applications such as military or homeland security, it is essential for users (sinks to access the sensor network while they are moving. Sink mobility brings new challenges to secure routing in large-scale sensor networks. Previous studies on sink mobility have mainly focused on efficiency and effectiveness of data dissemination without security consideration. Also, studies and experiences have shown that considering security during design time is the best way to provide security for sensor network routing. This paper presents an energy-efficient secure routing and key management for mobile sinks in sensor networks, called SCODEplus. It is a significant extension of our previous study in five aspects: (1 Key management scheme and routing protocol are considered during design time to increase security and efficiency; (2 The network topology is organized in a hexagonal plane which supports more efficiency than previous square-grid topology; (3 The key management scheme can eliminate the impacts of node compromise attacks on links between non-compromised nodes; (4 Sensor node deployment is based on Gaussian distribution which is more realistic than uniform distribution; (5 No GPS or like is required to provide sensor node location information. Our security analysis demonstrates that the proposed scheme can defend against common attacks in sensor networks including node compromise attacks, replay attacks, selective forwarding attacks, sinkhole and wormhole, Sybil attacks, HELLO flood attacks. Both mathematical and simulation-based performance evaluation show that the SCODEplus significantly reduces the communication overhead, energy consumption, packet delivery latency while it always delivers more than 97 percent of packets successfully.

  12. Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks

    Gehring, Tobias; Haendchen, Vitus; Duhme, Joerg

    2015-01-01

    Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State......-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our...... with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components....

  13. A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.

    Das, Ashok Kumar; Odelu, Vanga; Goswami, Adrijit

    2015-09-01

    The telecare medicine information system (TMIS) helps the patients to gain the health monitoring facility at home and access medical services over the Internet of mobile networks. Recently, Amin and Biswas presented a smart card based user authentication and key agreement security protocol usable for TMIS system using the cryptographic one-way hash function and biohashing function, and claimed that their scheme is secure against all possible attacks. Though their scheme is efficient due to usage of one-way hash function, we show that their scheme has several security pitfalls and design flaws, such as (1) it fails to protect privileged-insider attack, (2) it fails to protect strong replay attack, (3) it fails to protect strong man-in-the-middle attack, (4) it has design flaw in user registration phase, (5) it has design flaw in login phase, (6) it has design flaw in password change phase, (7) it lacks of supporting biometric update phase, and (8) it has flaws in formal security analysis. In order to withstand these security pitfalls and design flaws, we aim to propose a secure and robust user authenticated key agreement scheme for the hierarchical multi-server environment suitable in TMIS using the cryptographic one-way hash function and fuzzy extractor. Through the rigorous security analysis including the formal security analysis using the widely-accepted Burrows-Abadi-Needham (BAN) logic, the formal security analysis under the random oracle model and the informal security analysis, we show that our scheme is secure against possible known attacks. Furthermore, we simulate our scheme using the most-widely accepted and used Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The simulation results show that our scheme is also secure. Our scheme is more efficient in computation and communication as compared to Amin-Biswas's scheme and other related schemes. In addition, our scheme supports extra functionality features as compared to

  14. Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling

    Bui, Francis Minhthang; Hatzinakos, Dimitrios

    2007-12-01

    As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN), which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1) a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2) a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG) signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.

  15. Biometric Methods for Secure Communications in Body Sensor Networks: Resource-Efficient Key Management and Signal-Level Data Scrambling

    Dimitrios Hatzinakos

    2008-03-01

    Full Text Available As electronic communications become more prevalent, mobile and universal, the threats of data compromises also accordingly loom larger. In the context of a body sensor network (BSN, which permits pervasive monitoring of potentially sensitive medical data, security and privacy concerns are particularly important. It is a challenge to implement traditional security infrastructures in these types of lightweight networks since they are by design limited in both computational and communication resources. A key enabling technology for secure communications in BSN's has emerged to be biometrics. In this work, we present two complementary approaches which exploit physiological signals to address security issues: (1 a resource-efficient key management system for generating and distributing cryptographic keys to constituent sensors in a BSN; (2 a novel data scrambling method, based on interpolation and random sampling, that is envisioned as a potential alternative to conventional symmetric encryption algorithms for certain types of data. The former targets the resource constraints in BSN's, while the latter addresses the fuzzy variability of biometric signals, which has largely precluded the direct application of conventional encryption. Using electrocardiogram (ECG signals as biometrics, the resulting computer simulations demonstrate the feasibility and efficacy of these methods for delivering secure communications in BSN's.

  16. Security analysis and improvements of two-factor mutual authentication with key agreement in wireless sensor networks.

    Kim, Jiye; Lee, Donghoon; Jeon, Woongryul; Lee, Youngsook; Won, Dongho

    2014-04-09

    User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks). In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker's own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

  17. Security of supply in liberated electricity markets - key issues and experiences in OECD countries (work in progress)

    Stridbaek, Ulrik

    2005-06-01

    Security of supply of electricity could in principle refer to any parts of the value chain from fuel input to delivery of electricity to the final costumer with the expected quality. Concerns about security of supply are usually focused on three aspects: Timely and adequate supply of the input fuel for electricity generation is a prerequisite - security of energy supply. There has to be timely and adequate infrastructure in place to transform the input fuel into electricity and transport it to the final costumer - adequacy of generation and transmission capacity. Finally, it is an operational challenge to make the electricity system work and deliver at the expected quality - secure operation of the electricity system. Security of supply becomes relevant in a policy context from concerns about market failures in any parts of the value chain or, indeed, from the perspective that policy will set the framework for markets to serve as an instrument to secure the supply. This paper discusses some of the experiences with security of supply concerns and market failures in these three basic segments of the value chain; fuel input, adequate generation and transmission capacity and secure operation of the system, with an emphasis on the role of the market to serve as an efficient instrument. In the aftermath of the large black outs of electricity systems in North America, Italy and Sweden/Denmark IEA initiated a project on 'Transmission Reliability and Power System Security in Competitive Electricity Markets'. The results of this work will be published towards the end of 2005. After a decade with liberalised electricity markets in some pioneer regions, IEA now also finds it timely to analyse some of the lessons in a forthcoming publication. Recent and ongoing IEA-work thereby covers all the main aspects of security of supply. This paper summarises the key findings and messages, with a focus on the work in progress on lessons from liberalisation

  18. Shor-Preskill-type security proof for concatenated Bennett-Brassard 1984 quantum-key-distribution protocol

    Hwang, Won-Young; Matsumoto, Keiji; Imai, Hiroshi; Kim, Jaewan; Lee, Hai-Woong

    2003-01-01

    We discuss a long code problem in the Bennett-Brassard 1984 (BB84) quantum-key-distribution protocol and describe how it can be overcome by concatenation of the protocol. Observing that concatenated modified Lo-Chau protocol finally reduces to the concatenated BB84 protocol, we give the unconditional security of the concatenated BB84 protocol

  19. Evaluation of 90nm 6T-SRAM as physical unclonable function for secure key generation in wireless sensor nodes

    Selimis, G.; Konijnenburg, M.; Ashouei, M.; Huisken, J.; de Groot, H.; van der Leest, V.; Schrijen, G.-J.; van Hulst, M.; Tuyls, P.

    2011-01-01

    Due to the unattended nature of WSN (Wireless Sensor Network) deployment, each sensor can be subject to physical capture, cloning and unauthorized device alteration. In this paper, we use the embedded SRAM, often available on a wireless sensor node, for secure data (cryptographic keys, IDs)

  20. Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.

    Sutrala, Anil Kumar; Das, Ashok Kumar; Odelu, Vanga; Wazid, Mohammad; Kumari, Saru

    2016-10-01

    Information and communication and technology (ICT) has changed the entire paradigm of society. ICT facilitates people to use medical services over the Internet, thereby reducing the travel cost, hospitalization cost and time to a greater extent. Recent advancements in Telecare Medicine Information System (TMIS) facilitate users/patients to access medical services over the Internet by gaining health monitoring facilities at home. Amin and Biswas recently proposed a RSA-based user authentication and session key agreement protocol usable for TMIS, which is an improvement over Giri et al.'s RSA-based user authentication scheme for TMIS. In this paper, we show that though Amin-Biswas's scheme considerably improves the security drawbacks of Giri et al.'s scheme, their scheme has security weaknesses as it suffers from attacks such as privileged insider attack, user impersonation attack, replay attack and also offline password guessing attack. A new RSA-based user authentication scheme for TMIS is proposed, which overcomes the security pitfalls of Amin-Biswas's scheme and also preserves user anonymity property. The careful formal security analysis using the two widely accepted Burrows-Abadi-Needham (BAN) logic and the random oracle models is done. Moreover, the informal security analysis of the scheme is also done. These security analyses show the robustness of our new scheme against the various known attacks as well as attacks found in Amin-Biswas's scheme. The simulation of the proposed scheme using the widely accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool is also done. We present a new user authentication and session key agreement scheme for TMIS, which fixes the mentioned security pitfalls found in Amin-Biswas's scheme, and we also show that the proposed scheme provides better security than other existing schemes through the rigorous security analysis and verification tool. Furthermore, we present the formal security

  1. Key management schemes using routing information frames in secure wireless sensor networks

    Kamaev, V. A.; Finogeev, A. G.; Finogeev, A. A.; Parygin, D. S.

    2017-01-01

    The article considers the problems and objectives of key management for data encryption in wireless sensor networks (WSN) of SCADA systems. The structure of the key information in the ZigBee network and methods of keys obtaining are discussed. The use of a hybrid key management schemes is most suitable for WSN. The session symmetric key is used to encrypt the sensor data, asymmetric keys are used to encrypt the session key transmitted from the routing information. Three algorithms of hybrid key management using routing information frames determined by routing methods and the WSN topology are presented.

  2. Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications

    Chockalingam, Sabarathinam; Hadziosmanovic, D.; Pieters, Wolter; Texeira, Andre; van Gelder, Pieter

    2016-01-01

    Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security, and these could help to address the corresponding threats by

  3. Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks.

    Gehring, Tobias; Händchen, Vitus; Duhme, Jörg; Furrer, Fabian; Franz, Torsten; Pacher, Christoph; Werner, Reinhard F; Schnabel, Roman

    2015-10-30

    Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our implementation is based on the distribution of continuous-variable Einstein-Podolsky-Rosen entangled light. It is one-sided device independent, which means the security of the generated key is independent of any memoryfree attacks on the remote detector. Since continuous-variable encoding is compatible with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components.

  4. Implementation of continuous-variable quantum key distribution with composable and one-sided-device-independent security against coherent attacks

    Gehring, Tobias; Händchen, Vitus; Duhme, Jörg; Furrer, Fabian; Franz, Torsten; Pacher, Christoph; Werner, Reinhard F.; Schnabel, Roman

    2015-10-01

    Secret communication over public channels is one of the central pillars of a modern information society. Using quantum key distribution this is achieved without relying on the hardness of mathematical problems, which might be compromised by improved algorithms or by future quantum computers. State-of-the-art quantum key distribution requires composable security against coherent attacks for a finite number of distributed quantum states as well as robustness against implementation side channels. Here we present an implementation of continuous-variable quantum key distribution satisfying these requirements. Our implementation is based on the distribution of continuous-variable Einstein-Podolsky-Rosen entangled light. It is one-sided device independent, which means the security of the generated key is independent of any memoryfree attacks on the remote detector. Since continuous-variable encoding is compatible with conventional optical communication technology, our work is a step towards practical implementations of quantum key distribution with state-of-the-art security based solely on telecom components.

  5. A Comparative Evaluation of Algorithms in the Implementation of an Ultra-Secure Router-to-Router Key Exchange System

    Nishaal J. Parmar

    2017-01-01

    Full Text Available This paper presents a comparative evaluation of possible encryption algorithms for use in a self-contained, ultra-secure router-to-router communication system, first proposed by El Rifai and Verma. The original proposal utilizes a discrete logarithm-based encryption solution, which will be compared in this paper to RSA, AES, and ECC encryption algorithms. RSA certificates are widely used within the industry but require a trusted key generation and distribution architecture. AES and ECC provide advantages in key length, processing requirements, and storage space, also maintaining an arbitrarily high level of security. This paper modifies each of the four algorithms for use within the self-contained router-to-router environment system and then compares them in terms of features offered, storage space and data transmission needed, encryption/decryption efficiency, and key generation requirements.

  6. Secured Session-key Distribution using control Vector Encryption / Decryption Process

    Ismail Jabiullah, M.; Abdullah Al-Shamim; Khaleqdad Khan, ANM; Lutfar Rahman, M.

    2006-01-01

    Frequent key changes are very much desirable for the secret communications and are thus in high demand. A session-key distribution technique has been designed and implemented using the programming language C on which the communication between the end-users is encrypted is used for the duration of a logical connection. Each session-key is obtained from the key distribution center (KDC) over the same networking facilities used for end-user communication. The control vector is cryptographically coupled with the session-key at the time of key generation in the KDC. For this, the generated hash function, master key and the session-key are used for producing the encrypted session-key, which has to be transferred. All the operations have been performed using the C programming language. This process can be widely applicable to all sorts of electronic transactions online or offline; commercially and academically.(authors)

  7. Single blastocyst transfer: The key to reduce multiple pregnancy rates without compromising the live birth rate

    Uma M Sundhararaj

    2017-01-01

    Full Text Available Background: Historically, to achieve higher pregnancy rates, multiple embryos were transferred after an in-vitro fertilisation (IVF. However, this practice is being reassessed, because it leads to multiple pregnancies that is known to cause adverse maternal and fetal outcomes. Aim: To compare the pregnancy outcomes in fresh IVF or intracytoplasmic sperm injection (ICSI cycles among women undergoing elective single blastocyst transfer (eSBT vs. those undergoing double blastocyst transfer (DBT. Settings and Design: It is a retrospective data analysis of 582 patients undergoing fresh IVF/ICSI cycles performed from January 2012 to June 2015. Materials and Methods: Patients, who underwent IVF/ICSI and developed more than one blastocyst, were included in the study. Donor cycles were excluded from the study. All the embryos were cultured to blastocyst stage in sequential media followed by transfer of two blastocysts (DBT or eSBT and cryopreservation of the remaining. Statistical Analysis: Statistical analysis was performed using chi square test. Results: Out of 582 patients, in 149 patients one blastocyst was transferred and in 433 patients two blastocysts were transferred. There was no statistical difference in the biochemical pregnancy rate, clinical pregnancy rate and live birth rate in both the groups. Statistics demonstrated a significant drop in miscarriage rate in eSBT group. There was no incidence of twins in eSBT group, whereas twin birth rate per clinical pregnancy was 29.02% in DBT group. Conclusion: Single blastocyst transfer is an effective method to reduce the risk of multiple births without compromising the pregnancy outcomes. Given the promising potential of vitrification; the remaining blastocyst can be cryopreserved.

  8. Public Key Infrastructure (PKI) Interoperability: A Security Services Approach to Support Transfer of Trust

    Hansen, Anthony

    1999-01-01

    .... This thesis defines interoperability as the capacity to support trust through retention of security services across PKI domains at a defined level of assurance and examines the elements of PKI...

  9. Security as the Key Factor in Contemporary Tourism: Specificities Identified Through the Analysis of Responders’ Attitudes

    Penić, Josipa; Kurečić, Petar

    2017-01-01

    The paper represents a product of mentor- graduate student cooperation, developed at the graduate study of Business Economics, major Tourism. Following the latest threatening events and having in mind those yet to come, we can conclude that no country can benefit from the tourism industry if at the same time does not develop its security system as an integral part of the standard tourist offer. Analyzing the trends in contemporary tourism, the safety and security issues became the decisive fa...

  10. When to Reset Your Keys: Optimal Timing of Security Updates via Learning

    Zheng, Zizhan; Shroff, Ness B.; Mohapatra, Prasant

    2016-01-01

    Cybersecurity is increasingly threatened by advanced and persistent attacks. As these attacks are often designed to disable a system (or a critical resource, e.g., a user account) repeatedly, it is crucial for the defender to keep updating its security measures to strike a balance between the risk of being compromised and the cost of security updates. Moreover, these decisions often need to be made with limited and delayed feedback due to the stealthy nature of advanced attacks. In addition t...

  11. Integrated Safety and Security Risk Assessment Methods: A Survey of Key Characteristics and Applications

    Chockalingam, Sabarathinam; Hadziosmanovic, Dina; Pieters, Wolter; Teixeira, Andre; van Gelder, Pieter

    2017-01-01

    Over the last years, we have seen several security incidents that compromised system safety, of which some caused physical harm to people. Meanwhile, various risk assessment methods have been developed that integrate safety and security, and these could help to address the corresponding threats by implementing suitable risk treatment plans. However, an overarching overview of these methods, systematizing the characteristics of such methods, is missing. In this paper, we conduct a systematic l...

  12. An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks

    Chun-Ta Li

    2013-07-01

    Full Text Available Wireless sensor networks (WSNs can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs. Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.’s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users’ attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.’s authentication scheme are left unchanged.

  13. An advanced temporal credential-based security scheme with mutual authentication and key agreement for wireless sensor networks.

    Li, Chun-Ta; Weng, Chi-Yao; Lee, Cheng-Chi

    2013-07-24

    Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.'s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users' attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.'s authentication scheme are left unchanged.

  14. Practical and Secure Recovery of Disk Encryption Key Using Smart Cards

    Omote, Kazumasa; Kato, Kazuhiko

    In key-recovery methods using smart cards, a user can recover the disk encryption key in cooperation with the system administrator, even if the user has lost the smart card including the disk encryption key. However, the disk encryption key is known to the system administrator in advance in most key-recovery methods. Hence user's disk data may be read by the system administrator. Furthermore, if the disk encryption key is not known to the system administrator in advance, it is difficult to achieve a key authentication. In this paper, we propose a scheme which enables to recover the disk encryption key when the user's smart card is lost. In our scheme, the disk encryption key is not preserved anywhere and then the system administrator cannot know the key before key-recovery phase. Only someone who has a user's smart card and knows the user's password can decrypt that user's disk data. Furthermore, we measured the processing time required for user authentication in an experimental environment using a virtual machine monitor. As a result, we found that this processing time is short enough to be practical.

  15. An adaptation method to improve secret key rates of time-frequency QKD in atmospheric turbulence channels

    Sun, Xiaole; Djordjevic, Ivan B.; Neifeld, Mark A.

    2016-03-01

    Free-space optical (FSO) channels can be characterized by random power fluctuations due to atmospheric turbulence, which is known as scintillation. Weak coherent source based FSO quantum key distribution (QKD) systems suffer from the scintillation effect because during the deep channel fading the expected detection rate drops, which then gives an eavesdropper opportunity to get additional information about protocol by performing photon number splitting (PNS) attack and blocking single-photon pulses without changing QBER. To overcome this problem, in this paper, we study a large-alphabet QKD protocol, which is achieved by using pulse-position modulation (PPM)-like approach that utilizes the time-frequency uncertainty relation of the weak coherent photon state, called here TF-PPM-QKD protocol. We first complete finite size analysis for TF-PPM-QKD protocol to give practical bounds against non-negligible statistical fluctuation due to finite resources in practical implementations. The impact of scintillation under strong atmospheric turbulence regime is studied then. To overcome the secure key rate performance degradation of TF-PPM-QKD caused by scintillation, we propose an adaptation method for compensating the scintillation impact. By changing source intensity according to the channel state information (CSI), obtained by classical channel, the adaptation method improves the performance of QKD system with respect to the secret key rate. The CSI of a time-varying channel can be predicted using stochastic models, such as autoregressive (AR) models. Based on the channel state predictions, we change the source intensity to the optimal value to achieve a higher secret key rate. We demonstrate that the improvement of the adaptation method is dependent on the prediction accuracy.

  16. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Jung, Jaewook; Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  17. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System.

    Jaewook Jung

    Full Text Available Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

  18. Design of a Secure Authentication and Key Agreement Scheme Preserving User Privacy Usable in Telecare Medicine Information Systems.

    Arshad, Hamed; Rasoolzadegan, Abbas

    2016-11-01

    Authentication and key agreement schemes play a very important role in enhancing the level of security of telecare medicine information systems (TMISs). Recently, Amin and Biswas demonstrated that the authentication scheme proposed by Giri et al. is vulnerable to off-line password guessing attacks and privileged insider attacks and also does not provide user anonymity. They also proposed an improved authentication scheme, claiming that it resists various security attacks. However, this paper demonstrates that Amin and Biswas's scheme is defenseless against off-line password guessing attacks and replay attacks and also does not provide perfect forward secrecy. This paper also shows that Giri et al.'s scheme not only suffers from the weaknesses pointed out by Amin and Biswas, but it also is vulnerable to replay attacks and does not provide perfect forward secrecy. Moreover, this paper proposes a novel authentication and key agreement scheme to overcome the mentioned weaknesses. Security and performance analyses show that the proposed scheme not only overcomes the mentioned security weaknesses, but also is more efficient than the previous schemes.

  19. An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

    Kang, Dongwoo; Lee, Donghoon; Won, Dongho

    2017-01-01

    Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency. PMID:28046075

  20. Interest Rate Risk Management and the Use of Derivative Securities

    Ioana-Diana PĂUN

    2013-12-01

    Full Text Available This study aims to demonstrate the utility of derivative financial instruments for the management of interest rate risk that is faced by banks and financial institutions, and to provide an efficient flow of monitoring and control thereof. Banking institutions can now use a combination of balance sheet and off balance sheet measures, i.e. gap method, of interest rate risk management, in order to control exposure of short-term rates and derivatives to control the residual interest rate exposures. The result of the study shows that banks can achieve better diversification and risk management using derivatives.

  1. A Secure Dynamic Identity and Chaotic Maps Based User Authentication and Key Agreement Scheme for e-Healthcare Systems.

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao; Chen, Song-Jhih

    2016-11-01

    Secure user authentication schemes in many e-Healthcare applications try to prevent unauthorized users from intruding the e-Healthcare systems and a remote user and a medical server can establish session keys for securing the subsequent communications. However, many schemes does not mask the users' identity information while constructing a login session between two or more parties, even though personal privacy of users is a significant topic for e-Healthcare systems. In order to preserve personal privacy of users, dynamic identity based authentication schemes are hiding user's real identity during the process of network communications and only the medical server knows login user's identity. In addition, most of the existing dynamic identity based authentication schemes ignore the inputs verification during login condition and this flaw may subject to inefficiency in the case of incorrect inputs in the login phase. Regarding the use of secure authentication mechanisms for e-Healthcare systems, this paper presents a new dynamic identity and chaotic maps based authentication scheme and a secure data protection approach is employed in every session to prevent illegal intrusions. The proposed scheme can not only quickly detect incorrect inputs during the phases of login and password change but also can invalidate the future use of a lost/stolen smart card. Compared the functionality and efficiency with other authentication schemes recently, the proposed scheme satisfies desirable security attributes and maintains acceptable efficiency in terms of the computational overheads for e-Healthcare systems.

  2. Preservation of a lower bound of quantum secret key rate in the presence of decoherence

    Datta, Shounak, E-mail: shounak.datta@bose.res.in; Goswami, Suchetana, E-mail: suchetana.goswami@bose.res.in; Pramanik, Tanumoy, E-mail: tanu.pram99@bose.res.in; Majumdar, A.S., E-mail: archan@bose.res.in

    2017-03-11

    It is well known that the interaction of quantum systems with the environment reduces the inherent quantum correlations. Under special circumstances the effect of decoherence can be reversed, for example, the interaction modelled by an amplitude damping channel can boost the teleportation fidelity from the classical to the quantum region for a bipartite quantum state. Here, we first show that this phenomenon fails to preserve the quantum secret key rate derived under individual attack. We further show that the technique of weak measurement can be used to slow down the process of decoherence, thereby helping to preserve the quantum secret key rate when one or both systems are interacting with the environment via an amplitude damping channel. Most interestingly, in certain cases weak measurement with post-selection where one considers both success and failure of the technique is shown to be more useful than without it when both systems interact with the environment. - Highlights: • In general, decoherence has negative effect on the steerability and quantum secret key rate of a bipartite state. • Quantum key rate can be preserved against the effect of decoherence using the technique of weak measurement. • The technique of weak measurements includes a weak measurement and its reversal. • For some strength of weak measurement and environmental interaction, the average secret key rate is improved.

  3. Preservation of a lower bound of quantum secret key rate in the presence of decoherence

    Datta, Shounak; Goswami, Suchetana; Pramanik, Tanumoy; Majumdar, A.S.

    2017-01-01

    It is well known that the interaction of quantum systems with the environment reduces the inherent quantum correlations. Under special circumstances the effect of decoherence can be reversed, for example, the interaction modelled by an amplitude damping channel can boost the teleportation fidelity from the classical to the quantum region for a bipartite quantum state. Here, we first show that this phenomenon fails to preserve the quantum secret key rate derived under individual attack. We further show that the technique of weak measurement can be used to slow down the process of decoherence, thereby helping to preserve the quantum secret key rate when one or both systems are interacting with the environment via an amplitude damping channel. Most interestingly, in certain cases weak measurement with post-selection where one considers both success and failure of the technique is shown to be more useful than without it when both systems interact with the environment. - Highlights: • In general, decoherence has negative effect on the steerability and quantum secret key rate of a bipartite state. • Quantum key rate can be preserved against the effect of decoherence using the technique of weak measurement. • The technique of weak measurements includes a weak measurement and its reversal. • For some strength of weak measurement and environmental interaction, the average secret key rate is improved.

  4. Security Standards and Best Practice Considerations for Quantum Key Distribution (QKD)

    2012-03-01

    Establishment France Direction Centrale de la Sécurité des Systèmes d’Information Germany Bundesamt für Sicherheit in der Informationstechnik Japan...Information Technology Promotion Agency Netherlands National Communications Security Agency Spain Ministerio de Administraciones Públicas and Centro

  5. Diversification of oil import sources and energy security. A key strategy or an elusive objective?

    Vivoda, Vlado

    2009-01-01

    This paper explores the relationship between the diversification of sources of imported oil and energy security of oil-importing countries. It examines the importance of diversification policy for oil importers, explains why oil importers implement oil diversification policy, and contextualizes the oil import diversification strategy in the overall energy security policy of oil importers. The paper analyzes the factors and the contexts that affect the level of importance assigned to oil import diversification policy in oil-importing countries, and the limitations that may affect the successful implication of oil import diversification policy. The examples are drawn from the world's top three oil importers, the United States, Japan, and China. The policymakers in these and other oil-importing countries place much importance on energy security. The diversification of oil import sources is used as one of the strategies to enhance energy security in oil-importing countries. This paper is important for policymakers in oil-importing countries as it provides them with a qualitative conceptual framework with which to evaluate the need to diversify their countries' sources of imported oil, and with which to identify the likely limitations to the successful implementation of oil import diversification policy. (author)

  6. A Secure Key Establishment Protocol for ZigBee Wireless Sensor Networks

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    2010-01-01

    ZigBee is a wireless sensor network standard that defines network and application layers on top of IEEE 802.15.4's physical and medium access control layers. In the latest version of ZigBee, enhancements are prescribed for the security sublayer but we show in this paper that problems persist...

  7. THE CYBERSECURITY OF AUTOMATED CONTROL SYSTEMS AS A KEY COMPONENT OF NATIONAL SECURITY

    Galin R. Ivanov

    2016-10-01

    Full Text Available This article focuses on the current problems raised by the necessity to provide and ensure national cybersecurity. Moreover, it suggests measures for adequate counteraction to present-day cyber threats to automated control systems employed in the sector of national security.

  8. An optimized encoding method for secure key distribution by swapping quantum entanglement and its extension

    Gao Gan

    2015-01-01

    Song [Song D 2004 Phys. Rev. A 69 034301] first proposed two key distribution schemes with the symmetry feature. We find that, in the schemes, the private channels which Alice and Bob publicly announce the initial Bell state or the measurement result through are not needed in discovering keys, and Song’s encoding methods do not arrive at the optimization. Here, an optimized encoding method is given so that the efficiencies of Song’s schemes are improved by 7/3 times. Interestingly, this optimized encoding method can be extended to the key distribution scheme composed of generalized Bell states. (paper)

  9. Taking aim at medical identity theft. Document security key element to comply with government regulations.

    Raymond, Colette

    2010-01-01

    Sensitive paper documents, such as patient records, customer data, and legal information, must be securely stored and destroyed when no longer needed. This is not only a good business practice that reduces costs and protects reputations, but also a legal and regulatory imperative. According to some experts, medical identity theft is the fastest-growing form of identity theft in North America. The Federal Trade Commission's Red Flags Rule, due to take effect June 1, 2010, requires banks; credit card companies; and, in some situations, retailers, hospitals, insurance companies, health clinics, and other organizations to store confidential personal information that can expose consumers to significant identity theft risks. This also includes healthcare providers and other organizations that are considered creditors according to their billing/payment procedures. This article highlights the steps healthcare providers must take to ensure data security.

  10. A generalized one-factor term structure model and pricing of interest rate derivative securities

    Jiang, George J.

    1997-01-01

    The purpose of this paper is to propose a nonparametric interest rate term structure model and investigate its implications on term structure dynamics and prices of interest rate derivative securities. The nonparametric spot interest rate process is estimated from the observed short-term interest

  11. The Key Conceptions of Social Security: the International Practice and Ukraine

    Dluhopolska Tetiana I.

    2017-02-01

    Full Text Available The world-wide globalization processes and the political-military conflicts have exacerbated the problem of social security of the people of various world countries, which is usually seen from the perspective of both the State and the individual citizen. The article is aimed at analyzing the existing conceptions of social security from different perspectives – political, economic efficiency, and narrative. An analysis of political theories of social security (majority rational voting; pressure groups has determined that they are based on the redistribution processes, and winning of the individual economic agents is achieved in the political struggle for various «social prizes». An analysis of theories of efficiency (optimal redistribution; optimal retirement insurance; prodigal father; misguided Keynesian; longevity insurance; government economizes on administration costs; return on human capital investment has determined that they rely on market «fiasco» and can help in understanding which from the social protection programs minimize market failures. An analysis of the descriptive (narrative theories (chain letters; lump of labor; monopoly capitalism; nearly rational policy has determined that they are difficult subject to the mathematical interpretation and partially repeat ideas of the previous concepts.

  12. Rising food costs & global food security: Key issues & relevance for India

    Gustafson, Daniel J.

    2013-01-01

    Rising food costs can have major impact on vulnerable households, pushing those least able to cope further into poverty and hunger. On the other hand, provided appropriate policies and infrastructure are in place, higher agricultural prices can also raise farmers’ incomes and rural wages, improve rural economies and stimulate investment for longer-term economic growth. High food prices since 2007 have had both short-term impacts and long-term consequences, both good and bad. This article reviews the evidence of how rising costs have affected global food security since the food price crisis of 2007-2008, and their impact on different categories of households and countries. In light of recent studies, we know more about how households, and countries, cope or not with food price shocks but a number of contentious issues remain. These include the adequacy of current estimates and the interpretation of national and household food and nutrition security indicators. India is a particularly important country in this regard, given the high number of food insecure, the relative weight of India in global estimates of food and nutrition insecurity, and the puzzles that remain concerning the country's reported declining per capita calorie consumption. Competing explanations for what is behind it are not in agreement, but these all point to the importance of policy and programme innovation and greater investment necessary to reach the achievable goal of food and nutrition security for all. PMID:24135190

  13. Rising food costs & global food security: Key issues & relevance for India

    Daniel J Gustafson

    2013-01-01

    Full Text Available Rising food costs can have major impact on vulnerable households, pushing those least able to cope further into poverty and hunger. On the other hand, provided appropriate policies and infrastructure are in place, higher agricultural prices can also raise farmers′ incomes and rural wages, improve rural economies and stimulate investment for longer-term economic growth. High food prices since 2007 have had both short-term impacts and long-term consequences, both good and bad. This article reviews the evidence of how rising costs have affected global food security since the food price crisis of 2007-2008, and their impact on different categories of households and countries. In light of recent studies, we know more about how households, and countries, cope or not with food price shocks but a number of contentious issues remain. These include the adequacy of current estimates and the interpretation of national and household food and nutrition security indicators. India is a particularly important country in this regard, given the high number of food insecure, the relative weight of India in global estimates of food and nutrition insecurity, and the puzzles that remain concerning the country′s reported declining per capita calorie consumption. Competing explanations for what is behind it are not in agreement, but these all point to the importance of policy and programme innovation and greater investment necessary to reach the achievable goal of food and nutrition security for all.

  14. Rising food costs & global food security: key issues & relevance for India.

    Gustafson, Daniel J

    2013-09-01

    Rising food costs can have major impact on vulnerable households, pushing those least able to cope further into poverty and hunger. On the other hand, provided appropriate policies and infrastructure are in place, higher agricultural prices can also raise farmers' incomes and rural wages, improve rural economies and stimulate investment for longer-term economic growth. High food prices since 2007 have had both short-term impacts and long-term consequences, both good and bad. This article reviews the evidence of how rising costs have affected global food security since the food price crisis of 2007-2008, and their impact on different categories of households and countries. In light of recent studies, we know more about how households, and countries, cope or not with food price shocks but a number of contentious issues remain. These include the adequacy of current estimates and the interpretation of national and household food and nutrition security indicators. India is a particularly important country in this regard, given the high number of food insecure, the relative weight of India in global estimates of food and nutrition insecurity, and the puzzles that remain concerning the country's reported declining per capita calorie consumption. Competing explanations for what is behind it are not in agreement, but these all point to the importance of policy and programme innovation and greater investment necessary to reach the achievable goal of food and nutrition security for all.

  15. Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks

    Jiye Kim

    2014-04-01

    Full Text Available User authentication and key management are two important security issues in WSNs (Wireless Sensor Networks. In WSNs, for some applications, the user needs to obtain real-time data directly from sensors and several user authentication schemes have been recently proposed for this case. We found that a two-factor mutual authentication scheme with key agreement in WSNs is vulnerable to gateway node bypassing attacks and user impersonation attacks using secret data stored in sensor nodes or an attacker’s own smart card. In this paper, we propose an improved scheme to overcome these security weaknesses by storing secret data in unique ciphertext form in each node. In addition, our proposed scheme should provide not only security, but also efficiency since sensors in a WSN operate with resource constraints such as limited power, computation, and storage space. Therefore, we also analyze the performance of the proposed scheme by comparing its computation and communication costs with those of other schemes.

  16. Device-independent secret-key-rate analysis for quantum repeaters

    Holz, Timo; Kampermann, Hermann; Bruß, Dagmar

    2018-01-01

    The device-independent approach to quantum key distribution (QKD) aims to establish a secret key between two or more parties with untrusted devices, potentially under full control of a quantum adversary. The performance of a QKD protocol can be quantified by the secret key rate, which can be lower bounded via the violation of an appropriate Bell inequality in a setup with untrusted devices. We study secret key rates in the device-independent scenario for different quantum repeater setups and compare them to their device-dependent analogon. The quantum repeater setups under consideration are the original protocol by Briegel et al. [Phys. Rev. Lett. 81, 5932 (1998), 10.1103/PhysRevLett.81.5932] and the hybrid quantum repeater protocol by van Loock et al. [Phys. Rev. Lett. 96, 240501 (2006), 10.1103/PhysRevLett.96.240501]. For a given repeater scheme and a given QKD protocol, the secret key rate depends on a variety of parameters, such as the gate quality or the detector efficiency. We systematically analyze the impact of these parameters and suggest optimized strategies.

  17. Secure and Efficient Key Coordination Algorithm for Line Topology Network Maintenance for Use in Maritime Wireless Sensor Networks

    Walid Elgenaidi

    2016-12-01

    Full Text Available There has been a significant increase in the proliferation and implementation of Wireless Sensor Networks (WSNs in different disciplines, including the monitoring of maritime environments, healthcare systems, and industrial sectors. It has now become critical to address the security issues of data communication while considering sensor node constraints. There are many proposed schemes, including the scheme being proposed in this paper, to ensure that there is a high level of security in WSNs. This paper presents a symmetric security scheme for a maritime coastal environment monitoring WSN. The scheme provides security for travelling packets via individually encrypted links between authenticated neighbors, thus avoiding a reiteration of a global rekeying process. Furthermore, this scheme proposes a dynamic update key based on a trusted node configuration, called a leader node, which works as a trusted third party. The technique has been implemented in real time on a Waspmote test bed sensor platform and the results from both field testing and indoor bench testing environments are discussed in this paper.

  18. Secure and Efficient Key Coordination Algorithm for Line Topology Network Maintenance for Use in Maritime Wireless Sensor Networks.

    Elgenaidi, Walid; Newe, Thomas; O'Connell, Eoin; Toal, Daniel; Dooly, Gerard

    2016-12-21

    There has been a significant increase in the proliferation and implementation of Wireless Sensor Networks (WSNs) in different disciplines, including the monitoring of maritime environments, healthcare systems, and industrial sectors. It has now become critical to address the security issues of data communication while considering sensor node constraints. There are many proposed schemes, including the scheme being proposed in this paper, to ensure that there is a high level of security in WSNs. This paper presents a symmetric security scheme for a maritime coastal environment monitoring WSN. The scheme provides security for travelling packets via individually encrypted links between authenticated neighbors, thus avoiding a reiteration of a global rekeying process. Furthermore, this scheme proposes a dynamic update key based on a trusted node configuration, called a leader node, which works as a trusted third party. The technique has been implemented in real time on a Waspmote test bed sensor platform and the results from both field testing and indoor bench testing environments are discussed in this paper.

  19. Security of continuous-variable quantum key distribution: towards a de Finetti theorem for rotation symmetry in phase space

    Leverrier, A; Karpov, E; Cerf, N J; Grangier, P

    2009-01-01

    Proving the unconditional security of quantum key distribution (QKD) is a highly challenging task as one needs to determine the most efficient attack compatible with experimental data. This task is even more demanding for continuous-variable QKD as the Hilbert space where the protocol is described is infinite dimensional. A possible strategy to address this problem is to make an extensive use of the symmetries of the protocol. In this paper, we investigate a rotation symmetry in phase space that is particularly relevant to continuous-variable QKD, and explore the way towards a new quantum de Finetti theorem that would exploit this symmetry and provide a powerful tool to assess the security of continuous-variable protocols. As a first step, a single-party asymptotic version of this quantum de Finetti theorem in phase space is derived.

  20. New Secure E-mail System Based on Bio-Chaos Key Generation and Modified AES Algorithm

    Hoomod, Haider K.; Radi, A. M.

    2018-05-01

    The E-mail messages exchanged between sender’s Mailbox and recipient’s Mailbox over the open systems and insecure Networks. These messages may be vulnerable to eavesdropping and itself poses a real threat to the privacy and data integrity from unauthorized persons. The E-mail Security includes the following properties (Confidentiality, Authentication, Message integrity). We need a safe encryption algorithm to encrypt Email messages such as the algorithm Advanced Encryption Standard (AES) or Data Encryption Standard DES, as well as biometric recognition and chaotic system. The proposed E-mail system security uses modified AES algorithm and uses secret key-bio-chaos that consist of biometric (Fingerprint) and chaotic system (Lu and Lorenz). This modification makes the proposed system more sensitive and random. The execution time for both encryption and decryption of the proposed system is much less from original AES, in addition to being compatible with all Mail Servers.

  1. A Family of Key Agreement Mechanisms for Mission Critical Communications for Secure Mobile Ad Hoc and Wireless Mesh Internetworking

    Tryfonas Theo

    2011-01-01

    Full Text Available Future wireless networks like mobile ad hoc networks and wireless mesh networks are expected to play important role in demanding communications such as mission critical communications. MANETs are ideal for emergency cases where the communication infrastructure has been completely destroyed and there is a need for quick set up of communications among the rescue/emergency workers. In such emergency scenarios wireless mesh networks may be employed in a later phase for providing advanced communications and services acting as a backbone network in the affected area. Internetworking of both types of future networks will provide a broad range of mission critical applications. While offering many advantages, such as flexibility, easy of deployment and low cost, MANETs and mesh networks face important security and resilience threats, especially for such demanding applications. We introduce a family of key agreement methods based on weak to strong authentication associated with several multiparty contributory key establishment methods. We examine the attributes of each key establishment method and how each method can be better applied in different scenarios. The proposed protocols support seamlessly both types of networks and consider system and application requirements such as efficient and secure internetworking, dynamicity of network topologies and support of thin clients.

  2. Temporal steering and security of quantum key distribution with mutually unbiased bases against individual attacks

    Bartkiewicz, K.; Černoch, Antonín; Lemr, K.; Miranowicz, A.; Nori, F.

    2016-01-01

    Roč. 93, č. 6 (2016), 1-7, č. článku 062345. ISSN 2469-9926 R&D Projects: GA ČR GAP205/12/0382 Institutional support: RVO:68378271 Keywords : quantum key distribution * Einstein-Podolsky-Rosen steering * temporal quantum correlations Subject RIV: BH - Optics, Masers, Lasers Impact factor: 2.925, year: 2016

  3. Peak Phosphorus: Clarifying the Key Issues of a Vigorous Debate about Long-Term Phosphorus Security

    Stuart White

    2011-10-01

    Full Text Available This paper reviews the latest information and perspectives on global phosphorus scarcity. Phosphorus is essential for food production and modern agriculture currently sources phosphorus fertilizers from finite phosphate rock. The 2008 food and phosphate fertilizer price spikes triggered increased concerns regarding the depletion timeline of phosphate rock reserves. While estimates range from 30 to 300 years and are shrouded by lack of publicly available data and substantial uncertainty, there is a general consensus that the quality and accessibility of remaining reserves are decreasing and costs will increase. This paper clarifies common sources of misunderstandings about phosphorus scarcity and identifies areas of consensus. It then asks, despite some persistent uncertainty, what would it take to achieve global phosphorus security? What would a ‘hard-landing’ response look like and how could preferred ‘soft-landing’ responses be achieved?

  4. Participation rate or informed choice? Rethinking the European key performance indicators for mammography screening.

    Strech, Daniel

    2014-03-01

    Despite the intensive controversies about the likelihood of benefits and harms of mammography screening almost all experts conclude that the choice to screen or not to screen needs to be made by the individual patient who is adequately informed. However, the "European guideline for quality assurance in breast cancer screening and diagnosis" specifies a participation rate of 70% as the key performance indicator for mammography screening. This paper argues that neither the existing evidence on benefits and harms, nor survey research with women, nor compliance rates in clinical trials, nor cost-effectiveness ratios justify participation rates as a reasonable performance indicator for preference-sensitive condition such as mammography screening. In contrast, an informed choice rate would be more reasonable. Further research needs to address the practical challenges in assessing informed choice rates. Copyright © 2013 Elsevier Ireland Ltd. All rights reserved.

  5. Rate effects on timing, key velocity, and finger kinematics in piano performance.

    Bella, Simone Dalla; Palmer, Caroline

    2011-01-01

    We examined the effect of rate on finger kinematics in goal-directed actions of pianists. In addition, we evaluated whether movement kinematics can be treated as an indicator of personal identity. Pianists' finger movements were recorded with a motion capture system while they performed melodies from memory at different rates. Pianists' peak finger heights above the keys preceding keystrokes increased as tempo increased, and were attained about one tone before keypress. These rate effects were not simply due to a strategy to increase key velocity (associated with tone intensity) of the corresponding keystroke. Greater finger heights may compensate via greater tactile feedback for a speed-accuracy tradeoff that underlies the tendency toward larger temporal variability at faster tempi. This would allow pianists to maintain high temporal accuracy when playing at fast rates. In addition, finger velocity and accelerations as pianists' fingers approached keys were sufficiently unique to allow pianists' identification with a neural-network classifier. Classification success was higher in pianists with more extensive musical training. Pianists' movement "signatures" may reflect unique goal-directed movement kinematic patterns, leading to individualistic sound.

  6. Rate effects on timing, key velocity, and finger kinematics in piano performance.

    Simone Dalla Bella

    Full Text Available We examined the effect of rate on finger kinematics in goal-directed actions of pianists. In addition, we evaluated whether movement kinematics can be treated as an indicator of personal identity. Pianists' finger movements were recorded with a motion capture system while they performed melodies from memory at different rates. Pianists' peak finger heights above the keys preceding keystrokes increased as tempo increased, and were attained about one tone before keypress. These rate effects were not simply due to a strategy to increase key velocity (associated with tone intensity of the corresponding keystroke. Greater finger heights may compensate via greater tactile feedback for a speed-accuracy tradeoff that underlies the tendency toward larger temporal variability at faster tempi. This would allow pianists to maintain high temporal accuracy when playing at fast rates. In addition, finger velocity and accelerations as pianists' fingers approached keys were sufficiently unique to allow pianists' identification with a neural-network classifier. Classification success was higher in pianists with more extensive musical training. Pianists' movement "signatures" may reflect unique goal-directed movement kinematic patterns, leading to individualistic sound.

  7. Evaluation of Key Dependent S-Box Based Data Security Algorithm using Hamming Distance and Balanced Output

    Balajee Maram K.

    2016-02-01

    Full Text Available Data security is a major issue because of rapid evolution of data communication over unsecured internetwork. Here the proposed system is concerned with the problem of randomly generated S-box. The generation of S-box depends on Pseudo-Random-Number-Generators and shared-secret-key. The process of Pseudo-Random-Number-Generator depends on large prime numbers. All Pseudo-Random-Numbers are scrambled according to shared-secret-key. After scrambling, the S-box is generated. In this research, large prime numbers are the inputs to the Pseudo-Random-Number-Generator. The proposed S-box will reduce the complexity of S-box generation. Based on S-box parameters, it experimentally investigates the quality and robustness of the proposed algorithm which was tested. It yields better results with the S-box parameters like Hamming Distance, Balanced Output and Avalanche Effect and can be embedded to popular cryptography algorithms

  8. Kochen-Specker theorem as a precondition for secure quantum key distribution

    Nagata, Koji

    2005-01-01

    We show that (1) the violation of the Ekert 1991 inequality is a sufficient condition for certification of the Kochen-Specker (KS) theorem, and (2) the violation of the Bennett-Brassard-Mermin 1992 (BBM92) inequality is, also, a sufficient condition for certification of the KS theorem. Therefore the success in each quantum key distribution protocol reveals the nonclassical feature of quantum theory, in the sense that the KS realism is violated. Further, it turned out that the Ekert inequality and the BBM inequality are depictured by distillable entanglement witness inequalities. Here, we connect the success in these two key distribution processes into the no-hidden-variables theorem and into witness on distillable entanglement. We also discuss the explicit difference between the KS realism and Bell's local realism in the Hilbert space formalism of quantum theory

  9. Desynchronization Chaos Shift Keying Method Based on the Error Second Derivative and Its Security Analysis

    Čelikovský, Sergej; Lynnyk, Volodymyr

    2012-01-01

    Roč. 22, č. 9 (2012), 1250231-1-1250231-11 ISSN 0218-1274 R&D Projects: GA ČR(CZ) GAP103/12/1794 Institutional support: RVO:67985556 Keywords : Nonlinear system * desynchronization * chaos shift keying * generalized Lorenz system Subject RIV: BC - Control Systems Theory Impact factor: 0.921, year: 2012 http://library.utia.cas.cz/separaty/2012/TR/celikovsky-0381701.pdf

  10. Exploring the Key Challenges: Adaptability, Sustainability, Interoperability and Security to M-payment

    Rashmi Mantri; Junkang Feng

    2011-01-01

    Abstract: Any payment which uses mobile device as payment method is called M-payment whether it is proximity or remote and online or point of sale. Since it has been identified that mobile phone is everywhere and ever-present essential consumer device, and could be used for payment offline or online, Mobile payment has been hyped significantly. However early market adoption is facing some challenges and in need of the unanimous effort of all key players (manufacturers, mobile operators, merch...

  11. Free-Space Quantum Key Distribution with a High Generation Rate Potassium Titanyl Phosphate Waveguide Photon-Pair Source

    Wilson, Jeffrey D.; Chaffee, Dalton W.; Wilson, Nathaniel C.; Lekki, John D.; Tokars, Roger P.; Pouch, John J.; Roberts, Tony D.; Battle, Philip; Floyd, Bertram M.; Lind, Alexander J.; hide

    2016-01-01

    A high generation rate photon-pair source using a dual element periodically-poled potassium titanyl phosphate (PP KTP) waveguide is described. The fully integrated photon-pair source consists of a 1064-nanometer pump diode laser, fiber-coupled to a dual element waveguide within which a pair of 1064-nanometer photons are up-converted to a single 532-nanometer photon in the first stage. In the second stage, the 532-nanometer photon is down-converted to an entangled photon-pair at 800 nanometer and 1600 nanometer which are fiber-coupled at the waveguide output. The photon-pair source features a high pair generation rate, a compact power-efficient package, and continuous wave (CW) or pulsed operation. This is a significant step towards the long term goal of developing sources for high-rate Quantum Key Distribution (QKD) to enable Earth-space secure communications. Characterization and test results are presented. Details and preliminary results of a laboratory free-space QKD experiment with the B92 protocol are also presented.

  12. Security and skills: the two key issues in health worker migration

    Posy Bidwell

    2014-07-01

    concerns over security, crime, and racial tensions are resolved. However, good working conditions in the private sector in South Africa provide an occupational incentive to return if security did improve. Potential migrants should be made more aware of the risks of losing skills while working abroad that might prejudice return. In addition, re-skilling initiatives should be encouraged.

  13. Security and skills: the two key issues in health worker migration.

    Bidwell, Posy; Laxmikanth, Pallavi; Blacklock, Claire; Hayward, Gail; Willcox, Merlin; Peersman, Wim; Moosa, Shabir; Mant, David

    2014-01-01

    Migration of health workers from Africa continues to undermine the universal provision of quality health care. South Africa is an epicentre for migration--it exports more health workers to high-income countries than any other African country and imports health workers from its lower-income neighbours to fill the gap. Although an inter-governmental agreement in 2003 reduced the very high numbers migrating from South Africa to the United Kingdom, migration continues to other high-income English-speaking countries and few workers seem to return although the financial incentive to work abroad has lessened. A deeper understanding of reasons for migration from South Africa and post-migration experiences is therefore needed to underpin policy which is developed in order to improve retention within source countries and encourage return. Semi-structured interviews were conducted with 16 South African doctors and nurses who had migrated to the United Kingdom. Interviews explored factors influencing the decision to migrate and post-migration experiences. Salary, career progression, and poor working conditions were not major push factors for migration. Many health workers reported that they had previously overcome these issues within the South African healthcare system by migrating to the private sector. Overwhelmingly, the major push factors were insecurity, high levels of crime, and racial tension. Although the wish to work and train in what was perceived to be a first-class care system was a pull factor to migrate to the United Kingdom, many were disappointed by the experience. Instead of obtaining new skills, many (particularly nurses) felt they had become 'de-skilled'. Many also felt that working conditions and opportunities for them in the UK National Health Service (NHS) compared unfavourably with the private sector in South Africa. Migration from South Africa seems unlikely to diminish until the major concerns over security, crime, and racial tensions are resolved

  14. Neutrino energy loss rates due to key iron isotopes for core-collapse physics

    Nabi, J.-U.

    2008-07-01

    Accurate estimates of neutrino energy loss rates are needed for the study of the late stages of the stellar evolution, in particular for the cooling of neutron stars and white dwarfs. The energy spectra of neutrinos and antineutrinos arriving at the Earth can also provide useful information on the primary neutrino fluxes as well as neutrino mixing scenario. Proton-neutron quasi-particle random phase approximation (pn-QRPA) theory has recently being used for a microscopic calculation of stellar weak interaction rates of fp-shell nuclide, particularly iron isotopes, with success. Here I present the calculation of neutrino and antineutrino energy loss rates due to key iron isotopes in stellar matter using the pn-QRPA theory. The rates are calculated on a fine grid of temperature-density scale suitable for core-collapse simulators. The calculated rates are compared against earlier calculations. The neutrino cooling rates due to even-even isotopes of iron, 54,56 Fe, are in good agreement with the rates calculated using the large-scale shell model. The pn-QRPA calculated neutrino energy loss rates due to 55 Fe are enhanced roughly around an order of magnitude compared to the large-scale shell model calculation during the oxygen and silicon shell burning stages of massive stars and favor a lower entropy for the cores of massive stars. (author)

  15. Food Supply Security and Import Substitution as the Key Strategic Objectives of the Modern Agricultural Policy

    Anatoly Ivanovich Altukhov

    2015-09-01

    Full Text Available A crucially new social- and economic situation has shaped up by now in the rural areas and agricultural sphere; in its many instances such situation does not fit in the national agricultural policy in effect called upon to be a long-term instrument for economic adjustment of the agro-food market and state support of the agricultural sphere, most significantly, its foundation — the farming sector. Ensuring of food supply security by import substitution in the age of the national farm product markets globalization is possible in the macro-economic conditions promoting the development of the agricultural sector. The main reason that retards this sector development is inequitable cross-sector exchange at sacrifice of the agricultural industry. The article sets forward and approbates the author’s method of simple assessment procedure of how the price cross-sector relations and state financial support (in the form of subsidies of the agricultural enterprises influence their profitability generation. Further to the assessment, the following conclusions have been made: — in view of the tangible contribution of the agricultural sector to the country economy, this sector is self-reliant for its own development, i.e. the state is reasonably in a position to increase expenses for eliminating negative consequences of inequitable crosssector exchange; — the amount of expenses for state financial support is supposed to enable the agricultural commodity producers to generate profitability to the level that can stimulate the farm workers’ labour efficiency and build up a system of affordable credit facilities for the objects of techno-engineering modernization necessary to produce competitive products. — the issue of improving the competitiveness of agricultural production should be addressed in the first place at the federal level. Among the essential factors to increase the competitiveness of specific types of domestic food products and

  16. Enhancing Critical Infrastructure and Key Resources (CIKR) Level-0 Physical Process Security Using Field Device Distinct Native Attribute Features

    Lopez, Juan [Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States); Liefer, Nathan C. [Wright-Patterson AFB, Dayton, OH (United States); Busho, Colin R. [Wright-Patterson AFB, Dayton, OH (United States); Temple, Michael A. [Wright-Patterson AFB, Dayton, OH (United States)

    2017-12-04

    Here, the need for improved Critical Infrastructure and Key Resource (CIKR) security is unquestioned and there has been minimal emphasis on Level-0 (PHY Process) improvements. Wired Signal Distinct Native Attribute (WS-DNA) Fingerprinting is investigated here as a non-intrusive PHY-based security augmentation to support an envisioned layered security strategy. Results are based on experimental response collections from Highway Addressable Remote Transducer (HART) Differential Pressure Transmitter (DPT) devices from three manufacturers (Yokogawa, Honeywell, Endress+Hauer) installed in an automated process control system. Device discrimination is assessed using Time Domain (TD) and Slope-Based FSK (SB-FSK) fingerprints input to Multiple Discriminant Analysis, Maximum Likelihood (MDA/ML) and Random Forest (RndF) classifiers. For 12 different classes (two devices per manufacturer at two distinct set points), both classifiers performed reliably and achieved an arbitrary performance benchmark of average cross-class percent correct of %C > 90%. The least challenging cross-manufacturer results included near-perfect %C ≈ 100%, while the more challenging like-model (serial number) discrimination results included 90%< %C < 100%, with TD Fingerprinting marginally outperforming SB-FSK Fingerprinting; SB-FSK benefits from having less stringent response alignment and registration requirements. The RndF classifier was most beneficial and enabled reliable selection of dimensionally reduced fingerprint subsets that minimize data storage and computational requirements. The RndF selected feature sets contained 15% of the full-dimensional feature sets and only suffered a worst case %CΔ = 3% to 4% performance degradation.

  17. Security of quantum key distribution with a laser reference coherent state, resistant to loss in the communication channel

    Molotkov, S N; Potapova, T A

    2015-01-01

    The problem of quantum key distribution security in channels with large losses is still open. Quasi-single-photon sources of quantum states with losses in the quantum communication channel open up the possibility of attacking with unambiguous state discrimination (USD) measurements, resulting in a loss of privacy. In this letter, the problem is solved by counting the classic reference pulses. Conservation of the number of counts of intense coherent pulses makes it impossible to conduct USD measurements. Moreover, the losses in the communication channel are considered to be unknown in advance and are subject to change throughout the series parcels. Unlike other protocols, differential phase shift (Inoue et al 2002 Phys. Rev. Lett. 89 037902, Inoue et al 2003 Phys. Rev. A 68 022317, Takesue et al 2007 Nat. Photon. 1 343, Wen et al 2009 Phys. Rev. Lett. 103 170503) and coherent one way (Stucki et al 2005 Appl. Phys. Lett. 87 194108, Branciard et al 2005 Appl. Phys. Lett. 87 194108, Branciard et al 2008 New J. Phys. 10 013031, Stucki et al 2008 Opt. Express 17 13326), the simplicity of the protocol makes it possible to carry out a complete analysis of its security. (letter)

  18. 7 CFR 4290.845 - Maximum rate of amortization on Loans and Debt Securities.

    2010-01-01

    ...) RURAL BUSINESS-COOPERATIVE SERVICE AND RURAL UTILITIES SERVICE, DEPARTMENT OF AGRICULTURE RURAL BUSINESS INVESTMENT COMPANY (âRBICâ) PROGRAM Financing of Enterprises by RBICs Structuring Rbic Financing of Eligible Enterprises-Types of Financings § 4290.845 Maximum rate of amortization on Loans and Debt Securities. The...

  19. Looking beyond credit ratings : Factors investors consider In pricing European asset-backed securities

    Fabozzi, F.; Vink, D.

    2012-01-01

    In this paper, we empirically investigate what credit factors investors rely upon when pricing the spread at issue for European asset-backed securities. More specifically, we investigate how credit factors affect new issuance spreads after taking into account credit rating. We do so by investigating

  20. Deprivation index and dependency ratio are key determinants of emergency medical admission rates.

    Conway, Richard; Byrne, Declan; O'Riordan, Deirdre; Cournane, Seán; Coveney, Seamus; Silke, Bernard

    2015-11-01

    Patients from deprived backgrounds have a higher in-patient mortality following an emergency medical admission; there has been debate as to the extent to which deprivation and population structure influences hospital admission rate. All emergency medical admissions to an Irish hospital over a 12-year period (2002-2013) categorized by quintile of Deprivation Index and Dependency Ratio (proportion of population Dependency Ratio was an independent predictor of the admission rate with adjusted predicted rates of Q1 20.8 (95%CI 20.5 to 21.1), Q2 19.2 (95%CI 19.0 to 19.4), Q3 27.6 (95%CI 27.3 to 27.9), Q4 43.9 (95%CI 43.5 to 44.4) and Q5 34.4 (95%CI 34.1 to 34.7). A high concurrent Deprivation Index and Dependency Ratio were associated with very high admission rates. Deprivation Index and population Dependency Ratio are key determinants of the rate of emergency medical admissions. Copyright © 2015 European Federation of Internal Medicine. Published by Elsevier B.V. All rights reserved.

  1. On the problem of non-zero word error rates for fixed-rate error correction codes in continuous variable quantum key distribution

    Johnson, Sarah J; Ong, Lawrence; Shirvanimoghaddam, Mahyar; Lance, Andrew M; Symul, Thomas; Ralph, T C

    2017-01-01

    The maximum operational range of continuous variable quantum key distribution protocols has shown to be improved by employing high-efficiency forward error correction codes. Typically, the secret key rate model for such protocols is modified to account for the non-zero word error rate of such codes. In this paper, we demonstrate that this model is incorrect: firstly, we show by example that fixed-rate error correction codes, as currently defined, can exhibit efficiencies greater than unity. Secondly, we show that using this secret key model combined with greater than unity efficiency codes, implies that it is possible to achieve a positive secret key over an entanglement breaking channel—an impossible scenario. We then consider the secret key model from a post-selection perspective, and examine the implications for key rate if we constrain the forward error correction codes to operate at low word error rates. (paper)

  2. Key factors influencing rates of heterotrophic sulfate reduction in active seafloor hydrothermal massive sulfide deposits

    Kiana Laieikawai Frank

    2015-12-01

    Full Text Available Hydrothermal vents are thermally and geochemically dynamic habitats, and the organisms therein are subject to steep gradients in temperature and chemistry. To date, the influence of these environmental dynamics on microbial sulfate reduction has not been well constrained. Here, via multivariate experiments, we evaluate the effects of key environmental variables (temperature, pH, H2S, SO42-, DOC on sulfate reduction rates and metabolic energy yields in material recovered from a hydrothermal flange from the Grotto edifice in the Main Endeavor Field, Juan de Fuca Ridge. Sulfate reduction was measured in batch reactions across a range of physico-chemical conditions. Temperature and pH were the strongest stimuli, and maximum sulfate reduction rates were observed at 50 °C and pH 6, suggesting that the in situ community of sulfate-reducing organisms in Grotto flanges may be most active in a slightly acidic and moderate thermal/chemical regime. At pH 4, sulfate reduction rates increased with sulfide concentrations most likely due to the mitigation of metal toxicity. While substrate concentrations also influenced sulfate reduction rates, energy-rich conditions muted the effect of metabolic energetics on sulfate reduction rates. We posit that variability in sulfate reduction rates reflect the response of the active microbial consortia to environmental constraints on in situ microbial physiology, toxicity, and the type and extent of energy limitation. These experiments help to constrain models of the spatial contribution of heterotrophic sulfate reduction within the complex gradients inherent to seafloor hydrothermal deposits.

  3. Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System

    Ghanti, Shaila

    2016-01-01

    Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack. PMID:28116350

  4. Efficient Data Transfer Rate and Speed of Secured Ethernet Interface System.

    Ghanti, Shaila; Naik, G M

    2016-01-01

    Embedded systems are extensively used in home automation systems, small office systems, vehicle communication systems, and health service systems. The services provided by these systems are available on the Internet and these services need to be protected. Security features like IP filtering, UDP protection, or TCP protection need to be implemented depending on the specific application used by the device. Every device on the Internet must have network interface. This paper proposes the design of the embedded Secured Ethernet Interface System to protect the service available on the Internet against the SYN flood attack. In this experimental study, Secured Ethernet Interface System is customized to protect the web service against the SYN flood attack. Secured Ethernet Interface System is implemented on ALTERA Stratix IV FPGA as a system on chip and uses the modified SYN flood attack protection method. The experimental results using Secured Ethernet Interface System indicate increase in number of genuine clients getting service from the server, considerable improvement in the data transfer rate, and better response time during the SYN flood attack.

  5. 60-GHz integrated-circuit high data rate quadriphase shift keying exciter and modulator

    Grote, A.; Chang, K.

    1984-01-01

    An integrated-circuit quadriphase shift keying (QPSK) exciter and modulator have demonstrated excellent performance directly modulating a carrier frequency of 60 GHz with an output phase error of less than 3 degrees and maximum amplitude error of 0.5 dB. The circuit consists of a 60-GHz Gunn VCO phase-locked to a low-frequency reference source, a 4th subharmonic mixer, and a QPSK modlator packaged into a small volume of 1.8 x 2.5 x 0.35 in. The use of microstrip has the advantages of small size, light-weight, and low-cost fabrication. The unit has the potential for multigigabit data rate applications.

  6. Qualified nurses' rate new nursing graduates as lacking skills in key clinical areas.

    Missen, Karen; McKenna, Lisa; Beauchamp, Alison; Larkins, Jo-Ann

    2016-08-01

    The aim of this study was to explore perceptions of qualified nurses on the abilities of newly registered nursing graduates to perform a variety of clinical skills. Evidence from the literature suggests that undergraduate nursing programmes do not adequately prepare nursing students to be practice-ready on completion of their nursing courses. A descriptive quantitative design was used. Participants were recruited through the Australian Nursing and Midwifery Federation, Victorian branch. A brief explanation of the study and a link to the survey were promoted in their monthly e-newsletter. A total of 245 qualified nurses in the state of Victoria, Australia participated in this study. A survey tool of 51 clinical skills and open-ended questions was used, whereby participants were asked to rate new nursing graduates' abilities using a 5-point Likert scale. Overall participants rated new nursing graduates' abilities for undertaking clinical skills as good or very good in 35·3% of skills, 33·3% were rated as adequate and 31·4% rated as being performed poorly or very poorly. Of concern, essential clinical skills, such as critical thinking and problem solving, working independently and assessment procedures, were found to be poorly executed and affecting new registered nurses graduates' competence. The findings from this study can further serve as a reference for nursing education providers to enhance nursing curricula and work collaboratively with healthcare settings in preparing nurses to be competent, safe practitioners on completion of their studies. Identifying key areas in which new nursing graduates are not yet competent means that educational providers and educators from healthcare settings can focus on these skills in better preparing our nurses to be work ready. © 2016 John Wiley & Sons Ltd.

  7. Nonlinear detection for a high rate extended binary phase shift keying system.

    Chen, Xian-Qing; Wu, Le-Nan

    2013-03-28

    The algorithm and the results of a nonlinear detector using a machine learning technique called support vector machine (SVM) on an efficient modulation system with high data rate and low energy consumption is presented in this paper. Simulation results showed that the performance achieved by the SVM detector is comparable to that of a conventional threshold decision (TD) detector. The two detectors detect the received signals together with the special impacting filter (SIF) that can improve the energy utilization efficiency. However, unlike the TD detector, the SVM detector concentrates not only on reducing the BER of the detector, but also on providing accurate posterior probability estimates (PPEs), which can be used as soft-inputs of the LDPC decoder. The complexity of this detector is considered in this paper by using four features and simplifying the decision function. In addition, a bandwidth efficient transmission is analyzed with both SVM and TD detector. The SVM detector is more robust to sampling rate than TD detector. We find that the SVM is suitable for extended binary phase shift keying (EBPSK) signal detection and can provide accurate posterior probability for LDPC decoding.

  8. Nonlinear Detection for a High Rate Extended Binary Phase Shift Keying System

    Le-Nan Wu

    2013-03-01

    Full Text Available The algorithm and the results of a nonlinear detector using a machine learning technique called support vector machine (SVM on an efficient modulation system with high data rate and low energy consumption is presented in this paper. Simulation results showed that the performance achieved by the SVM detector is comparable to that of a conventional threshold decision (TD detector. The two detectors detect the received signals together with the special impacting filter (SIF that can improve the energy utilization efficiency. However, unlike the TD detector, the SVM detector concentrates not only on reducing the BER of the detector, but also on providing accurate posterior probability estimates (PPEs, which can be used as soft-inputs of the LDPC decoder. The complexity of this detector is considered in this paper by using four features and simplifying the decision function. In addition, a bandwidth efficient transmission is analyzed with both SVM and TD detector. The SVM detector is more robust to sampling rate than TD detector. We find that the SVM is suitable for extended binary phase shift keying (EBPSK signal detection and can provide accurate posterior probability for LDPC decoding.

  9. Double random phase spread spectrum spread space technique for secure parallel optical multiplexing with individual encryption key

    Hennelly, B. M.; Javidi, B.; Sheridan, J. T.

    2005-09-01

    A number of methods have been recently proposed in the literature for the encryption of 2-D information using linear optical systems. In particular the double random phase encoding system has received widespread attention. This system uses two Random Phase Keys (RPK) positioned in the input spatial domain and the spatial frequency domain and if these random phases are described by statistically independent white noises then the encrypted image can be shown to be a white noise. Decryption only requires knowledge of the RPK in the frequency domain. The RPK may be implemented using a Spatial Light Modulators (SLM). In this paper we propose and investigate the use of SLMs for secure optical multiplexing. We show that in this case it is possible to encrypt multiple images in parallel and multiplex them for transmission or storage. The signal energy is effectively spread in the spatial frequency domain. As expected the number of images that can be multiplexed together and recovered without loss is proportional to the ratio of the input image and the SLM resolution. Many more images may be multiplexed with some loss in recovery. Furthermore each individual encryption is more robust than traditional double random phase encoding since decryption requires knowledge of both RPK and a lowpass filter in order to despread the spectrum and decrypt the image. Numerical simulations are presented and discussed.

  10. An Expressive, Lightweight and Secure Construction of Key Policy Attribute-Based Cloud Data Sharing Access Control

    Lin, Guofen; Hong, Hanshu; Xia, Yunhao; Sun, Zhixin

    2017-10-01

    Attribute-based encryption (ABE) is an interesting cryptographic technique for flexible cloud data sharing access control. However, some open challenges hinder its practical application. In previous schemes, all attributes are considered as in the same status while they are not in most of practical scenarios. Meanwhile, the size of access policy increases dramatically with the raise of its expressiveness complexity. In addition, current research hardly notices that mobile front-end devices, such as smartphones, are poor in computational performance while too much bilinear pairing computation is needed for ABE. In this paper, we propose a key-policy weighted attribute-based encryption without bilinear pairing computation (KP-WABE-WB) for secure cloud data sharing access control. A simple weighted mechanism is presented to describe different importance of each attribute. We introduce a novel construction of ABE without executing any bilinear pairing computation. Compared to previous schemes, our scheme has a better performance in expressiveness of access policy and computational efficiency.

  11. A Move in the Security Measurement Stalemate: Elo-Style Ratings to Quantify Vulnerability

    Pieters, Wolter; van der Ven, Sanne H.G.; Probst, Christian W.

    2012-01-01

    One of the big problems of risk assessment in information security is the quantification of risk-related properties, such as vulnerability. Vulnerability expresses the likelihood that a threat agent acting against an asset will cause impact, for example, the likelihood that an attacker will be ab...... to its application to children solving math problems. It provides an innovative and sound way to quantify vulnerability in models of (information) security.......One of the big problems of risk assessment in information security is the quantification of risk-related properties, such as vulnerability. Vulnerability expresses the likelihood that a threat agent acting against an asset will cause impact, for example, the likelihood that an attacker will be able......-interprets security from the field of Item Response Theory. By observing the success of threat agents against assets, one can rate the strength of threats and controls, and predict the vulnerability of systems to particular threats. The application of Item Response Theory to the field of risk is new, but analogous...

  12. Midterm prospective evaluation of TVT-Secur reveals high failure rate.

    Cornu, Jean-Nicolas; Sèbe, Philippe; Peyrat, Laurence; Ciofu, Calin; Cussenot, Olivier; Haab, Francois

    2010-07-01

    TVT-Secur has been described as a new minimally invasive sling for women's stress urinary incontinence (SUI) management, showing promising results in short-term studies. Our goal was to evaluate the outcome of this procedure after a midterm follow-up. A prospective evaluation involved 45 consecutive patients presenting SUI associated with urethral hypermobility. Fourteen patients preoperatively reported overactive bladder (OAB) symptoms, but none had objective detrusor overactivity. Eight patients had low maximal urethral closure pressure (MUCP). Four patients had pelvic organ prolapse (POP). Patients with POP were treated under general anesthesia by Prolift and TVT-Secur procedure. The 41 other patients received TVT-Secur under local anesthesia on an outpatient basis. All interventions were made by the same surgeon. Postoperative assessment included pad count, bladder diary, clinical examination with stress test, evaluation of satisfaction with the Patient Global Impression of Improvement (PGI-I) scale, and evaluation of side effects. Patients were classified as cured if they used no pads, had no leakage, and had a PGI-I score 50% and PGI-I score TVT or transobturator tape during follow-up. Age, MUCP, or OAB were not associated with failure. Side effects were limited to five cases of de novo OAB and three cases of urinary tract infection. This work is limited by the absence of a comparison group. Our experience shows that despite its good short-term efficacy, TVT-Secur is associated with a high recurrence rate of SUI. Therefore, TVT-Secur does not seem appropriate for SUI first-line management in women. Copyright 2010 European Association of Urology. Published by Elsevier B.V. All rights reserved.

  13. Stellar neutron capture rateskey data for the s process

    Käppeler F.

    2013-12-01

    Full Text Available Neutron reactions are responsible for the formation of the elements heavier than iron. The corresponding scenarios relate to the He- and C- burning phases of stellar evolution (s process and to supernova explosions (r and p processes. The s process, which is characterized by low neutron densities, operates in or near the valley of β stability and has produced about half of the elemental abundances between Fe and Bi in the solar system and in the Universe. Because the s abundances are essentially determined by the (n, γ cross sections along the reaction path, accurate neutron data constitute the key input for s process studies. Important constraints for the physical conditions at the stellar sites can be inferred by comparison of the abundance patterns from current s-process models with solar system material or presolar grains. The experimental methods for the determination of stellar (n, γ rates are outlined at the example of recent cross section measurements and remaining quests will be discussed with respect to existing laboratory neutron sources and new developments.

  14. Hospital employee assault rates before and after enactment of the california hospital safety and security act.

    Casteel, Carri; Peek-Asa, Corinne; Nocera, Maryalice; Smith, Jamie B; Blando, James; Goldmacher, Suzi; O'Hagan, Emily; Valiante, David; Harrison, Robert

    2009-02-01

    This study examines changes in violent event rates to hospital employees before and after enactment of the California Hospital Safety and Security Act in 1995. We compared pre- and post-initiative employee assault rates in California (n = 116) emergency departments and psychiatric units with those in New Jersey (n = 50), where statewide workplace violence initiatives do not exist. Poisson regression with generalized estimating equations was used to compare assault rates between a 3-year pre-enactment period (1993-1995) and a 6-year post-enactment period (1996-2001) using New Jersey hospitals as a temporal control. Assault rates among emergency department employees decreased 48% in California post-enactment, compared with emergency department employee assault rates in New Jersey (rate ratio [RR] = 0.52, 95% confidence interval [CI]: 0.31, 0.90). Emergency department employee assault rates decreased in smaller facilities (RR = 0.46, 95% CI: 0.21, 0.96) and for-profit-controlled hospitals (RR = 0.39, 95% CI: 0.19, 0.79) post-enactment. Among psychiatric units, for-profit-controlled hospitals (RR = 0.41, 95% CI: 0.19, 0.85) and hospitals located in smaller communities (RR = 0.44, 95% CI: 0.21, 0.92) experienced decreased assault rates post-enactment. Policy may be an effective method to increase safety to health care workers.

  15. A no-key-exchange secure image sharing scheme based on Shamir's three-pass cryptography protocol and the multiple-parameter fractional Fourier transform.

    Lang, Jun

    2012-01-30

    In this paper, we propose a novel secure image sharing scheme based on Shamir's three-pass protocol and the multiple-parameter fractional Fourier transform (MPFRFT), which can safely exchange information with no advance distribution of either secret keys or public keys between users. The image is encrypted directly by the MPFRFT spectrum without the use of phase keys, and information can be shared by transmitting the encrypted image (or message) three times between users. Numerical simulation results are given to verify the performance of the proposed algorithm.

  16. Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

    Laszlo B Kish

    Full Text Available Recently, Bennett and Riedel (BR (http://arxiv.org/abs/1303.7435v1 argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional security of the KLJN method has not been successfully challenged.

  17. Critical analysis of the Bennett-Riedel attack on secure cryptographic key distributions via the Kirchhoff-Law-Johnson-noise scheme.

    Kish, Laszlo B; Abbott, Derek; Granqvist, Claes G

    2013-01-01

    Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.

  18. Correct mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme on ping-pong protocol

    Zhang, Zhanjun

    2004-01-01

    Comment: The wrong mutual information, quantum bit error rate and secure transmission efficiency in Wojcik's eavesdropping scheme [PRL90(03)157901]on ping-pong protocol have been pointed out and corrected

  19. An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system.

    Das, Ashok Kumar; Bruhadeshwar, Bezawada

    2013-10-01

    Recently Lee and Liu proposed an efficient password based authentication and key agreement scheme using smart card for the telecare medicine information system [J. Med. Syst. (2013) 37:9933]. In this paper, we show that though their scheme is efficient, their scheme still has two security weaknesses such as (1) it has design flaws in authentication phase and (2) it has design flaws in password change phase. In order to withstand these flaws found in Lee-Liu's scheme, we propose an improvement of their scheme. Our improved scheme keeps also the original merits of Lee-Liu's scheme. We show that our scheme is efficient as compared to Lee-Liu's scheme. Further, through the security analysis, we show that our scheme is secure against possible known attacks. In addition, we simulate our scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against passive and active attacks.

  20. Analysis of the differential-phase-shift-keying protocol in the quantum-key-distribution system

    Rong-Zhen, Jiao; Chen-Xu, Feng; Hai-Qiang, Ma

    2009-01-01

    The analysis is based on the error rate and the secure communication rate as functions of distance for three quantum-key-distribution (QKD) protocols: the Bennett–Brassard 1984, the Bennett–Brassard–Mermin 1992, and the coherent differential-phase-shift keying (DPSK) protocols. We consider the secure communication rate of the DPSK protocol against an arbitrary individual attack, including the most commonly considered intercept-resend and photon-number splitting attacks, and concluded that the simple and efficient differential-phase-shift-keying protocol allows for more than 200 km of secure communication distance with high communication rates. (general)

  1. National Computer Security Conference (13th) Held in Washington, DC on 1-4 October, 1990. Procedings. Volume 1: Information Systems Security: Standards - The Key to the Future

    1990-10-04

    Parker II, The MITRE Corporation 307 Trusted MINIX : A Worked Example Albert Donaldson, ESCOM Corporation John Taylor Jr., General Electric M&DSO...Corporation 306 Trusted MINIX : A Worked Example Albert L. Donaldson John W. Taylor, Jr. David M. Chizmadia ESCOM Corporation General Electric M&DSO...G. Meade, MD 20755 ABSTRACT The Trusted MINIX system is being developed to provide a worked example of C2 security mechanisms and assurances based

  2. What are key determinants of hospital admissions, readmission rate and day case rate within the South African medical schemes population?

    Nondumiso Gugu Khumalo

    2012-06-01

    Full Text Available  BACKGROUND: In South Africa, private hospitals absorb a high proportion of the total health expenditure on private health care. Between 2008-2010 private hospital expenditure which includes ward fees, theatre fees, consumables, medicines and per diem arrangements consumed between 40.5% and 40.9% of the total benefits paid by medical schemes from the risk pool, whilst in-hospital managed care fees ranged between 1.8% and 2.8% for the equivalent years.OBJECTIVE: The aim of this paper is to highlight key factors contributing to utilisation of hospital services within the medical schemes population and to recommend “appropriate” and cost effective strategies on hospital utilisation management.METHODS: A cross sectional survey informed by retrospective analysis of quantitative data was used. Researchers also triangulated quantitative data with systematic review of literature.RESULTS: The results show that demographic indicators such as age profile, dependency ratio, pensioner ratio and prevalence of chronic conditions are not the only key factors influencing hospital admissions, but rather the effectiveness of each medical scheme in containing hospital admissions is also influenced by available technical capacity on utilisation review and audit as well as the managed care methodology including the philosophy underpinning benefit option design.CONCLUSION: This study highlights the importance of “value based” managed care programs linked to benefit option design in health care utilisation management. The choice of one managed care program over the other often leads to tradeoffs whereby unintended consequences emanate. Medical schemes are therefore encouraged to continuously review their managed care programs to ensure value for money as well as better access and health outcomes.http://dx.doi.org/10.7175/fe.v13i2.207

  3. A Security Solution for IEEE 802.11's Ad-hoc Mode:Password-Authentication and Group Diffie-Hellman Key Exchange

    Emmanuel, Bresson; Olivier, Chevassut; David, Pointcheval

    2005-10-01

    The IEEE 802 standards ease the deployment of networkinginfrastructures and enable employers to accesscorporate networks whiletraveling. These standards provide two modes of communication calledinfrastructure and ad-hoc modes. A security solution for the IEEE802.11's infrastructure mode took several years to reach maturity andfirmware are still been upgraded, yet a solution for the ad-hoc modeneeds to be specified. The present paper is a first attempt in thisdirection. It leverages the latest developments in the area ofpassword-based authentication and (group) Diffie-Hellman key exchange todevelop a provably-secure key-exchange protocol for IEEE 802.11's ad-hocmode. The protocol allows users to securely join and leave the wirelessgroup at time, accommodates either a single-shared password orpairwise-shared passwords among the group members, or at least with acentral server; achieves security against dictionary attacks in theideal-hash model (i.e. random-oracles). This is, to the best of ourknowledge, the first such protocol to appear in the cryptographicliterature.

  4. Presentation of various types of electronic business available on the Internet, Advantages, Disadvantages, Key Requirements and Security, Implementation Model of an Electronic Business

    Andreea A.S. Ionescu; Raul Serban

    2012-01-01

    This paper speaks about the advantages, disadvantages, key requirements necessary of an electronic business, the infrastructure of the Internet, the existing main networks on the Internet, standards used to develop electronic business and the security of an e-business environment. As we know in an organization the information is an asset that has value and should be protected and diversified. We also propose an implementation model of an electronic business that interconnects two concepts: ER...

  5. Response to Scheuer-Yariv: 'A classical key-distribution system based on Johnson (like) noise-how secure?'

    Kish, L.B.

    2006-01-01

    We point out that the claims in the comment-paper of Scheuer and Yariv are either irrelevant or incorrect. The idealized Kirchoff-loop-Johnson-like-noise (KLJN) scheme is totally secure therefore it is more secure than idealized quantum communication schemes which can never be totally secure because of the inherent noise processes in those communication schemes and the statistical nature of eavesdropper detection based on error statistics. On the other hand, with sufficient resources, a practical/non-ideal realization of the KLJN cipher can arbitrarily approach the idealized limit and outperform even the idealized quantum communicator schemes because the non-ideality-effects are determined and controlled by the design. The cable resistance issue analyzed by Scheuer and Yariv is a good example for that because the eavesdropper has insufficient time window to build a sufficient statistics and the actual information leak can be designed. We show that Scheuer's and Yariv's numerical result of 1% voltage drop supports higher security than that of quantum communicators. Moreover, choosing thicker or shorter wires can arbitrarily reduce this voltage drop further; the same conclusion holds even according to the equations of Scheuer and Yariv

  6. Security of quantum cryptography with realistic sources

    Lutkenhaus, N.

    1999-01-01

    The interest in practical implementations of quantum key distribution is steadily growing. However, there is still a need to give a precise security statement which adapts to realistic implementation. In this paper I give the effective key rate we can obtain in a practical setting within scenario of security against individual attacks by an eavesdropper. It illustrates previous results that high losses together with detector dark counts can make secure quantum key distribution impossible. (Author)

  7. Security of quantum cryptography with realistic sources

    Lutkenhaus, N [Helsinki Institute of Physics, P.O. Box 9, 00014 Helsingin yliopisto (Finland)

    1999-08-01

    The interest in practical implementations of quantum key distribution is steadily growing. However, there is still a need to give a precise security statement which adapts to realistic implementation. In this paper I give the effective key rate we can obtain in a practical setting within scenario of security against individual attacks by an eavesdropper. It illustrates previous results that high losses together with detector dark counts can make secure quantum key distribution impossible. (Author)

  8. A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems.

    Li, Chun-Ta; Lee, Cheng-Chi; Weng, Chi-Yao

    2014-09-01

    Telecare medicine information system (TMIS) is widely used for providing a convenient and efficient communicating platform between patients at home and physicians at medical centers or home health care (HHC) organizations. To ensure patient privacy, in 2013, Hao et al. proposed a chaotic map based authentication scheme with user anonymity for TMIS. Later, Lee showed that Hao et al.'s scheme is in no provision for providing fairness in session key establishment and gave an efficient user authentication and key agreement scheme using smart cards, in which only few hashing and Chebyshev chaotic map operations are required. In addition, Jiang et al. discussed that Hao et al.'s scheme can not resist stolen smart card attack and they further presented an improved scheme which attempts to repair the security pitfalls found in Hao et al.'s scheme. In this paper, we found that both Lee's and Jiang et al.'s authentication schemes have a serious security problem in that a registered user's secret parameters may be intentionally exposed to many non-registered users and this problem causing the service misuse attack. Therefore, we propose a slight modification on Lee's scheme to prevent the shortcomings. Compared with previous schemes, our improved scheme not only inherits the advantages of Lee's and Jiang et al.'s authentication schemes for TMIS but also remedies the serious security weakness of not being able to withstand service misuse attack.

  9. Eloquence is The Key – the Impact of Monetary Policy Speeches on Exchange Rate Volatility

    Adrian Cantemir Călin

    2015-06-01

    Full Text Available During the last years the monetary policy initiatives of the main central banks have been profoundly influenced by quantitative easing (QE. Blessing, curse, effective instruments or a simple fad, these unconventional measures have occupied the center stage of academic and public attention. In this context, this paper focuses on a wide set of public speeches delivered by officials belonging to the most relevant central banks. These statements cover a large pallet of topics including areas such as QE, tapering, financial stability, unemployment or interest rates. The aim of this study is to investigate the impact that these speeches have on the volatility of exchange rates. For this purpose, the methodology relies on an econometric event study that incorporates three volatility models and intraday five-minute frequencies. The results indicate the fact that public statements have a clear, evident, significant and robust impact on the observed assets.

  10. Participation Rate as A Basis for Measuring Food Security Status of Meat

    Tjeppy D Soedjana

    2013-12-01

    Full Text Available Food security has been developed as way for decision makers to pay more attention to this sector. It is believed that foods which are efficiently produced in one area or country may be accessed by other areas or countries. However, this concept is difficult to be implemented since almost none of countries in the world have all resources to produce what is needed by its people. Food consumption, including beef, would be better measured using participation rate which indicates a cluster of its consumer instead of using all population as a denominator for calculating per capita consumption, except for commodities whose consumer member of its cluster close to 100% of the population. For commodities whose consumers less than 50% of its cluster it is more effective to use the size of the cluster as the denominator. Diversified food consumption of animal origin in Indonesia has been indicated by the fact that it has been naturally established. Animal meat consumption diversification for many reasons is influenced by cultural, preferences or other economic status of the households. This phenomena is also indicated by the magnitude of positive cross price elasticity between beef and mutton, beef and poultry meat, and between poultry meat and fish. Therefore, every effort to push higher consumption of one meat type, will reduce the participation rate of others. Susenas data indicated participation rates for beef and buffalo meat were 26.15% (2002, 21.93% (2005, 16.18% (2008 and 16.16% (2011, while poultry meat had higher participation rate as 65.46% (2002, 63.48% (2005, 57.67% (2008 and 56.98% (2011. Application of participation rate approach on the production of beef and buffalo meat resulted in the annual percapita consumption of 6.71 kg (2002, 10.47 kg (2005, 10.82 kg (2008 and 13.11 kg (2011. It concludes that balanced participation rates of meat components (beef and poultry meat, need to be maintained as the existed diversified meat consumption

  11. Analysis of an Attenuator Artifact in an Experimental Attack by Gunn-Allison-Abbott Against the Kirchhoff-Law-Johnson-Noise (KLJN) Secure Key Exchange System

    Kish, Laszlo B.; Gingl, Zoltan; Mingesz, Robert; Vadai, Gergely; Smulko, Janusz; Granqvist, Claes-Göran

    2015-12-01

    A recent paper by Gunn-Allison-Abbott (GAA) [L. J. Gunn et al., Scientific Reports 4 (2014) 6461] argued that the Kirchhoff-law-Johnson-noise (KLJN) secure key exchange system could experience a severe information leak. Here we refute their results and demonstrate that GAA's arguments ensue from a serious design flaw in their system. Specifically, an attenuator broke the single Kirchhoff-loop into two coupled loops, which is an incorrect operation since the single loop is essential for the security in the KLJN system, and hence GAA's asserted information leak is trivial. Another consequence is that a fully defended KLJN system would not be able to function due to its built-in current-comparison defense against active (invasive) attacks. In this paper we crack GAA's scheme via an elementary current-comparison attack which yields negligible error probability for Eve even without averaging over the correlation time of the noise.

  12. Analysis of landslide overgrowing rates at Vaskiny Dachi key site, Central Yamal, Russia

    Khomutov, A.

    2009-04-01

    An estimation of overgrowing of landslide-affected slopes by vegetation at three main landslide elements: shear surface, landslide body and "frontal zone" at Vaskiny Dachi key site is presented. Vaskiny Dachi key site is located in the watershed of Se-Yakha and Mordy-Yakha rivers on Central Yamal, Russia. The area is represented by highly-dissected alluvial-lacustrine-marine plains and terraces. The closest to Vaskiny Dachi climate station is Marresale, about 90 km southwest of Vaskiny Dachi, at the Kara sea coast. The weather here is probably somewhat cooler than at Vaskiny Dachi. The average annual (summer) air temperature at Marresale is -8.3° C (4.3° C) ("Russia's Weather" Server). To estimate vegetation cover dynamics on cryogenic landslides at "Vaskiny Dachi", data published by O.Rebristaya and others (1995) were used. Their observations were done in 1991-1993, and were supplemented by further field observations (Leibman et al., 2000, Khomutov & Leibman 2007) and by field and remote sensing observations in 2008. An estimation of vegetation cover dynamics on cryogenic landslides at "Vaskiny Dachi" leads to the following results. Immediately after landsliding in 1989, landslide shear surface was bare without any vegetation, landslide body had initial vegetation, and "frontal zone" was under liquefied sediment masses. "Frontal zone" formed in front of a landslide body, appears as a result of damming of drainage routes by a landslide body with flooding of the shear surface "upstream" of the landslide body, formation of a sedge-cottongrass meadow there, and swamping downstream (Khomutov & Leibman 2007). By 1993, landslide shear surface got overgrown by species subordinate in surrounding initial landscapes (Alopecurus alpinus, Festuca ovina, Calamagrostis neglecta, Poa alpigena ssp. Alpigena, etc.). Landslide body was covered by initial communities which got depressed: vitality of Salix polaris, Vaccinium vitis-idaea was reduced, dead off moss cover and overgrown

  13. Free-Space Quantum Key Distribution with a High Generation Rate KTP Waveguide Photon-Pair Source

    Wilson, J.; Chaffee, D.; Wilson, N.; Lekki, J.; Tokars, R.; Pouch, J.; Lind, A.; Cavin, J.; Helmick, S.; Roberts, T.; hide

    2016-01-01

    NASA awarded Small Business Innovative Research (SBIR) contracts to AdvR, Inc to develop a high generation rate source of entangled photons that could be used to explore quantum key distribution (QKD) protocols. The final product, a photon pair source using a dual-element periodically- poled potassium titanyl phosphate (KTP) waveguide, was delivered to NASA Glenn Research Center in June of 2015. This paper describes the source, its characterization, and its performance in a B92 (Bennett, 1992) protocol QKD experiment.

  14. Key factors contributing to accident severity rate in construction industry in Iran: a regression modelling approach.

    Soltanzadeh, Ahmad; Mohammadfam, Iraj; Moghimbeigi, Abbas; Ghiasvand, Reza

    2016-03-01

    Construction industry involves the highest risk of occupational accidents and bodily injuries, which range from mild to very severe. The aim of this cross-sectional study was to identify the factors associated with accident severity rate (ASR) in the largest Iranian construction companies based on data about 500 occupational accidents recorded from 2009 to 2013. We also gathered data on safety and health risk management and training systems. Data were analysed using Pearson's chi-squared coefficient and multiple regression analysis. Median ASR (and the interquartile range) was 107.50 (57.24- 381.25). Fourteen of the 24 studied factors stood out as most affecting construction accident severity (p<0.05). These findings can be applied in the design and implementation of a comprehensive safety and health risk management system to reduce ASR.

  15. What causes EBRI retirement readiness ratings to vary: results from the 2014 Retirement Security Projection Model.

    VanDerhei, Jack

    2014-02-01

    RETIREMENT INCOME ADEQUACY IMPROVED SLIGHTLY IN 2013: Due to the increase in financial market and housing values during 2013, the probability that Baby Boomers and Generation Xers would NOT run short of money in retirement increases between 0.5 and 1.6 percentage points, based on the Employee Benefit Research Institute (EBRI) Retirement Readiness Ratings (RRRs). ELIGIBILITY FOR PARTICIPATION IN AN EMPLOYER-SPONSORED DEFINED CONTRIBUTION PLAN REMAINS ONE OF THE MOST IMPORTANT FACTORS FOR RETIREMENT INCOME ADEQUACY: RRR values double for Gen Xers in the lowest-income quartile when comparing those with 20 or more years of future eligibility with those with no years of future eligibility, while those in the middle income quartiles experience increases in RRR values by 27.1-30.3 percentage points. FUTURE SOCIAL SECURITY BENEFITS MAKE A HUGE DIFFERENCE FOR THE RETIREMENT INCOME ADEQUACY OF SOME HOUSEHOLDS, ESPECIALLY GEN XERS IN THE LOWEST-INCOME QUARTILE: If Social Security benefits are subject to proportionate decreases beginning in 2033 (according to the values in Figure 8), the RRR values for those households will drop by more than 50 percent: from 20.9 percent to 10.3 percent. LONGEVITY RISK AND STOCHASTIC HEALTH CARE RISK ARE ASSOCIATED WITH HUGE VARIATIONS IN RETIREMENT INCOME ADEQUACY: For both of these factors, a comparison between the most "risky" quartile with the least risky quartile shows a spread of approximately 30 percentage points for the lowest income range, approximately 25 to 40 percentage points for the highest income range, and even larger spreads for those in the middle income ranges. A GREAT DEAL OF THE VARIABILITY IN RETIREMENT INCOME ADEQUACY COULD BE MITIGATED BY APPROPRIATE RISK-MANAGEMENT TECHNIQUES AT OR NEAR RETIREMENT AGE: For example, the annuitization of a portion of the defined contribution and IRA balances may substantially increase the probability of not running short of money in retirement. Moreover, a well-functioning market in long

  16. High-Speed Large-Alphabet Quantum Key Distribution Using Photonic Integrated Circuits

    2014-01-28

    polarizing beam splitter, TDC: time-to-digital converter. Extra&loss& photon/bin frame size QSER secure bpp ECC secure&key&rate& none& 0.0031 64 14...to-digital converter. photon/frame frame size QSER secure bpp ECC secure&key& rate& 1.3 16 9.5 % 2.9 layered LDPC 7.3&Mbps& Figure 24: Operating

  17. 76 FR 59592 - Government Securities Act Regulations; Replacement of References to Credit Ratings and Technical...

    2011-09-27

    ... creditworthiness of a security or money market instrument; and (2) any references to or requirements in such... or gross short position in money market instruments qualifying as Treasury market risk instruments...), that mature in 45 days or more, settled on a cash or delivery basis. Money market instruments...

  18. The At Issue Maturity of Corporate Bonds: The Influence of Credit Rating, Security Level, Duration and Macreoconomic Conditions

    Geetajali Bali; Frank Skinner

    2003-01-01

    We examine the determinants of the at issue time to maturity of corporate bonds. We find evidence that corporations partly determine the at issue maturity of bonds by responding to economic conditions. They also appear to immunize by matching the maturity of assets with the at issue maturity of bonds regardless of credit quality. Finally, we find evidence that the security level (our proxy for the recovery rate) is inversely related to the at issue time to maturity. This suggests that lenders...

  19. Secure PVM

    Dunigan, T.H.; Venugopal, N.

    1996-09-01

    This research investigates techniques for providing privacy, authentication, and data integrity to PVM (Parallel Virtual Machine). PVM is extended to provide secure message passing with no changes to the user`s PVM application, or, optionally, security can be provided on a message-by message basis. Diffe-Hellman is used for key distribution of a single session key for n-party communication. Keyed MD5 is used for message authentication, and the user may select from various secret-key encryption algorithms for message privacy. The modifications to PVM are described, and the performance of secure PVM is evaluated.

  20. A fast and versatile quantum key distribution system with hardware key distillation and wavelength multiplexing

    Walenta, N; Gisin, N; Guinnard, O; Houlmann, R; Korzh, B; Lim, C W; Lunghi, T; Portmann, C; Thew, R T; Burg, A; Constantin, J; Caselunghe, D; Kulesza, N; Legré, M; Monat, L; Soucarros, M; Trinkler, P; Junod, P; Trolliet, G; Vannel, F

    2014-01-01

    We present a compactly integrated, 625 MHz clocked coherent one-way quantum key distribution system which continuously distributes secret keys over an optical fibre link. To support high secret key rates, we implemented a fast hardware key distillation engine which allows for key distillation rates up to 4 Mbps in real time. The system employs wavelength multiplexing in order to run over only a single optical fibre. Using fast gated InGaAs single photon detectors, we reliably distribute secret keys with a rate above 21 kbps over 25 km of optical fibre. We optimized the system considering a security analysis that respects finite-key-size effects, authentication costs and system errors for a security parameter of ε QKD  = 4 × 10 −9 . (paper)

  1. Verbal abuse and physical assault in the emergency department: Rates of violence, perceptions of safety, and attitudes towards security.

    Partridge, Bradley; Affleck, Julia

    2017-08-01

    Emergency Department (ED) workers are prone to occupational violence, however the extent and impact of this may not be evenly felt across all roles in the ED. Explore: 1) the rate of verbal abuse and physical assaults experienced by ED staff, 2) perceptions of safety, 3) attitudes towards security officers, and 4) formal reporting of incidents. 330 ED workers were surveyed at four public hospitals in one metropolitan health service district in Queensland, Australia, including 179 nurses, 83 medical staff, 44 administration staff, 14 allied health, and 9 operational. Nurses were more likely to have been physically assaulted in the last six months and were less likely to feel safe. Most ED staff across all roles experienced verbal abuse. Nurses were better than medical staff at reporting instances of occupational violence although overall reporting across all roles was low. Staff who thought that security officers respond to incidents quickly and are a visible presence in the ED were more likely to feel safe in the ED. Workers in the ED, particularly nurses, experience high rates of verbal abuse and physical aggression and there may be a case for having designated security guards in the ED. Copyright © 2017 College of Emergency Nursing Australasia. Published by Elsevier Ltd. All rights reserved.

  2. Secure key storage with PUFs

    Tuyls, P.T.; Schrijen, G.J.; Willems, F.M.J.; Ignatenko, T.; Skoric, B.; Tuyls, P.T.; Skoric, B.; Kevenaar, T.A.M.

    2007-01-01

    Nowadays, people carry around devices (cell phones, PDAs, bank passes, etc.) that have a high value. That value is often contained in the data stored in it or lies in the services the device can grant access to (by using secret identification information stored in it). These devices often operate in

  3. Secure Key Storage with PUFs

    Skoric, Boris; Schrijen, Geert-Jan; Tuyls, Pim; Ignatenko, Tanya; Willems, Frans

    Nowadays, people carry around devices (cell phones, PDAs, bank passes, etc.) that have a high value. That value is often contained in the data stored in it or lies in the services the device can grant access to (by using secret identification information stored in it). These devices often operate in hostile environments and their protection level is not adequate to deal with that situation. Bank passes and credit cards contain a magnetic stripe where identification information is stored. In the case of bank passes, a PIN is additionally required to withdraw money from an ATM (Automated Teller Machine). At various occasions, it has been shown that by placing a small coil in the reader, the magnetic information stored in the stripe can easily be copied and used to produce a cloned card. Together with eavesdropping the PIN (by listening to the keypad or recording it with a camera), an attacker can easily impersonate the legitimate owner of the bank pass by using the cloned card in combination with the eavesdropped PIN.

  4. Biometry, the safe key

    María Fraile-Hurtado

    2010-12-01

    Full Text Available Biometry is the next step in authentication, why do not we take this stepforward in our communication security systems? Keys are the main disadvantage in the cryptography, what if we were our own key?

  5. Key Management Laboratory

    Federal Laboratory Consortium — FUNCTION: Provides a secure environment to research and develop advanced electronic key management and networked key distribution technologies for the Navy and DoD....

  6. The logic of comparative life history studies for estimating key parameters, with a focus on natural mortality rate

    Hoenig, John M; Then, Amy Y.-H.; Babcock, Elizabeth A.; Hall, Norman G.; Hewitt, David A.; Hesp, Sybrand A.

    2016-01-01

    There are a number of key parameters in population dynamics that are difficult to estimate, such as natural mortality rate, intrinsic rate of population growth, and stock-recruitment relationships. Often, these parameters of a stock are, or can be, estimated indirectly on the basis of comparative life history studies. That is, the relationship between a difficult to estimate parameter and life history correlates is examined over a wide variety of species in order to develop predictive equations. The form of these equations may be derived from life history theory or simply be suggested by exploratory data analysis. Similarly, population characteristics such as potential yield can be estimated by making use of a relationship between the population parameter and bio-chemico–physical characteristics of the ecosystem. Surprisingly, little work has been done to evaluate how well these indirect estimators work and, in fact, there is little guidance on how to conduct comparative life history studies and how to evaluate them. We consider five issues arising in such studies: (i) the parameters of interest may be ill-defined idealizations of the real world, (ii) true values of the parameters are not known for any species, (iii) selecting data based on the quality of the estimates can introduce a host of problems, (iv) the estimates that are available for comparison constitute a non-random sample of species from an ill-defined population of species of interest, and (v) the hierarchical nature of the data (e.g. stocks within species within genera within families, etc., with multiple observations at each level) warrants consideration. We discuss how these issues can be handled and how they shape the kinds of questions that can be asked of a database of life history studies.

  7. Securing a robust electrical discharge drilling process by means of flow rate control

    Risto, Matthias; Munz, Markus; Haas, Ruediger; Abdolahi, Ali

    2017-10-01

    This paper deals with the increase of the process robustness while drilling cemented carbide using electrical discharge machining (EDM). A demand for high efficiency in the resulting diameter is equivalent with a high robustness of the EDM drilling process. Analysis were done to investigate the process robustness (standard deviation of the borehole diameter) when drilling cemented carbide. The investigation has shown that the dielectric flow rate changes over the drilling process. In this case the flow rate decreased with a shorter tool electrode due to an uneven wear of the tool electrode's cross section. Using a controlled flow rate during the drilling process has led to a reduced standard deviation of the borehole diameter, thus to a higher process robustness when drilling cemented carbide.

  8. 13 CFR 107.845 - Maximum rate of amortization on Loans and Debt Securities.

    2010-01-01

    ... ADMINISTRATION SMALL BUSINESS INVESTMENT COMPANIES Financing of Small Businesses by Licensees Structuring Licensee's Financing of An Eligible Small Business: Terms and Conditions of Financing § 107.845 Maximum... 13 Business Credit and Assistance 1 2010-01-01 2010-01-01 false Maximum rate of amortization on...

  9. Achievable Rates of Secure Transmission in Gaussian MISO Channel with Imperfect Main Channel Estimation

    Zhou, Xinyu

    2016-03-15

    A Gaussian multiple-input single-output (MISO) fading channel is considered. We assume that the transmitter, in addition to the statistics of all channel gains, is aware instantaneously of a noisy version of the channel to the legitimate receiver. On the other hand, the legitimate receiver is aware instantaneously of its channel to the transmitter, whereas the eavesdropper instantaneously knows all channel gains. We evaluate an achievable rate using a Gaussian input without indexing an auxiliary random variable. A sufficient condition for beamforming to be optimal is provided. When the number of transmit antennas is large, beamforming also turns out to be optimal. In this case, the maximum achievable rate can be expressed in a simple closed form and scales with the logarithm of the number of transmit antennas. Furthermore, in the case when a noisy estimate of the eavesdropper’s channel is also available at the transmitter, we introduce the SNR difference and the SNR ratio criterions and derive the related optimal transmission strategies and the corresponding achievable rates.

  10. Achievable Rates of Secure Transmission in Gaussian MISO Channel with Imperfect Main Channel Estimation

    Zhou, Xinyu; Rezki, Zouheir; Alomair, Basel; Alouini, Mohamed-Slim

    2016-01-01

    A Gaussian multiple-input single-output (MISO) fading channel is considered. We assume that the transmitter, in addition to the statistics of all channel gains, is aware instantaneously of a noisy version of the channel to the legitimate receiver. On the other hand, the legitimate receiver is aware instantaneously of its channel to the transmitter, whereas the eavesdropper instantaneously knows all channel gains. We evaluate an achievable rate using a Gaussian input without indexing an auxiliary random variable. A sufficient condition for beamforming to be optimal is provided. When the number of transmit antennas is large, beamforming also turns out to be optimal. In this case, the maximum achievable rate can be expressed in a simple closed form and scales with the logarithm of the number of transmit antennas. Furthermore, in the case when a noisy estimate of the eavesdropper’s channel is also available at the transmitter, we introduce the SNR difference and the SNR ratio criterions and derive the related optimal transmission strategies and the corresponding achievable rates.

  11. Securing Hadoop

    Narayanan, Sudheesh

    2013-01-01

    This book is a step-by-step tutorial filled with practical examples which will focus mainly on the key security tools and implementation techniques of Hadoop security.This book is great for Hadoop practitioners (solution architects, Hadoop administrators, developers, and Hadoop project managers) who are looking to get a good grounding in what Kerberos is all about and who wish to learn how to implement end-to-end Hadoop security within an enterprise setup. It's assumed that you will have some basic understanding of Hadoop as well as be familiar with some basic security concepts.

  12. Efficient Hybrid Watermarking Scheme for Security and Transmission Bit Rate Enhancement of 3D Color-Plus-Depth Video Communication

    El-Shafai, W.; El-Rabaie, S.; El-Halawany, M.; Abd El-Samie, F. E.

    2018-03-01

    Three-Dimensional Video-plus-Depth (3DV + D) comprises diverse video streams captured by different cameras around an object. Therefore, there is a great need to fulfill efficient compression to transmit and store the 3DV + D content in compressed form to attain future resource bounds whilst preserving a decisive reception quality. Also, the security of the transmitted 3DV + D is a critical issue for protecting its copyright content. This paper proposes an efficient hybrid watermarking scheme for securing the 3DV + D transmission, which is the homomorphic transform based Singular Value Decomposition (SVD) in Discrete Wavelet Transform (DWT) domain. The objective of the proposed watermarking scheme is to increase the immunity of the watermarked 3DV + D to attacks and achieve adequate perceptual quality. Moreover, the proposed watermarking scheme reduces the transmission-bandwidth requirements for transmitting the color-plus-depth 3DV over limited-bandwidth wireless networks through embedding the depth frames into the color frames of the transmitted 3DV + D. Thus, it saves the transmission bit rate and subsequently it enhances the channel bandwidth-efficiency. The performance of the proposed watermarking scheme is compared with those of the state-of-the-art hybrid watermarking schemes. The comparisons depend on both the subjective visual results and the objective results; the Peak Signal-to-Noise Ratio (PSNR) of the watermarked frames and the Normalized Correlation (NC) of the extracted watermark frames. Extensive simulation results on standard 3DV + D sequences have been conducted in the presence of attacks. The obtained results confirm that the proposed hybrid watermarking scheme is robust in the presence of attacks. It achieves not only very good perceptual quality with appreciated PSNR values and saving in the transmission bit rate, but also high correlation coefficient values in the presence of attacks compared to the existing hybrid watermarking schemes.

  13. Information security foundations, technologies and applications

    Awad, Ali Ismail; Fairhurst, Michael

    2018-01-01

    This book outlines key emerging trends in information security from the foundations and technologies in biometrics, cybersecurity, and big data security to applications in hardware and embedded systems security, computer forensics, the Internet of Things security, and network security.

  14. Finite key analysis in quantum cryptography

    Meyer, T.

    2007-01-01

    In view of experimental realization of quantum key distribution schemes, the study of their efficiency becomes as important as the proof of their security. The latter is the subject of most of the theoretical work about quantum key distribution, and many important results such as the proof of unconditional security have been obtained. The efficiency and also the robustness of quantum key distribution protocols against noise can be measured by figures of merit such as the secret key rate (the fraction of input signals that make it into the key) and the threshold quantum bit error rate (the maximal error rate such that one can still create a secret key). It is important to determine these quantities because they tell us whether a certain quantum key distribution scheme can be used at all in a given situation and if so, how many secret key bits it can generate in a given time. However, these figures of merit are usually derived under the ''infinite key limit'' assumption, that is, one assumes that an infinite number of quantum states are send and that all sub-protocols of the scheme (in particular privacy amplification) are carried out on these infinitely large blocks. Such an assumption usually eases the analysis, but also leads to (potentially) too optimistic values for the quantities in question. In this thesis, we are explicitly avoiding the infinite key limit for the analysis of the privacy amplification step, which plays the most important role in a quantum key distribution scheme. We still assume that an optimal error correction code is applied and we do not take into account any statistical errors that might occur in the parameter estimation step. Renner and coworkers derived an explicit formula for the obtainable key rate in terms of Renyi entropies of the quantum states describing Alice's, Bob's, and Eve's systems. This results serves as a starting point for our analysis, and we derive an algorithm that efficiently computes the obtainable key rate for any

  15. Strengthening Local Safety Nets as a Key to Enhancing the Food Security of Pastoralists in East Africa: A Case Study of the Rendille of Northern Kenya

    SUN, Xiaogang

    2017-01-01

    The increase in climate-change-related natural disasters presents a major threat to the food security of pastoralists in East Africa. This paper explores ways of reducing the dependence on food aid and enhancing the food security of pastoralists through a case study of the Rendille in Northern Kenya. Current Rendille food systems have resulted from adapted livestock herding strategies and loss of nomadic lifestyles, as well as dependence on food aid. Although food aid is included in the livel...

  16. Security infrastructures: towards the INDECT system security

    Stoianov, Nikolai; Urueña, Manuel; Niemiec, Marcin; Machník, Petr; Maestro, Gema

    2012-01-01

    This paper provides an overview of the security infrastructures being deployed inside the INDECT project. These security infrastructures can be organized in five main areas: Public Key Infrastructure, Communication security, Cryptography security, Application security and Access control, based on certificates and smartcards. This paper presents the new ideas and deployed testbeds for these five areas. In particular, it explains the hierarchical architecture of the INDECT PKI...

  17. Quantum key management

    Hughes, Richard John; Thrasher, James Thomas; Nordholt, Jane Elizabeth

    2016-11-29

    Innovations for quantum key management harness quantum communications to form a cryptography system within a public key infrastructure framework. In example implementations, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a Merkle signature scheme (using Winternitz one-time digital signatures or other one-time digital signatures, and Merkle hash trees) to constitute a cryptography system. More generally, the quantum key management innovations combine quantum key distribution and a quantum identification protocol with a hash-based signature scheme. This provides a secure way to identify, authenticate, verify, and exchange secret cryptographic keys. Features of the quantum key management innovations further include secure enrollment of users with a registration authority, as well as credential checking and revocation with a certificate authority, where the registration authority and/or certificate authority can be part of the same system as a trusted authority for quantum key distribution.

  18. Decoy State Quantum Key Distribution

    Lo, Hoi-Kwong

    2005-10-01

    Quantum key distribution (QKD) allows two parties to communicate in absolute security based on the fundamental laws of physics. Up till now, it is widely believed that unconditionally secure QKD based on standard Bennett-Brassard (BB84) protocol is limited in both key generation rate and distance because of imperfect devices. Here, we solve these two problems directly by presenting new protocols that are feasible with only current technology. Surprisingly, our new protocols can make fiber-based QKD unconditionally secure at distances over 100km (for some experiments, such as GYS) and increase the key generation rate from O(η2) in prior art to O(η) where η is the overall transmittance. Our method is to develop the decoy state idea (first proposed by W.-Y. Hwang in "Quantum Key Distribution with High Loss: Toward Global Secure Communication", Phys. Rev. Lett. 91, 057901 (2003)) and consider simple extensions of the BB84 protocol. This part of work is published in "Decoy State Quantum Key Distribution", . We present a general theory of the decoy state protocol and propose a decoy method based on only one signal state and two decoy states. We perform optimization on the choice of intensities of the signal state and the two decoy states. Our result shows that a decoy state protocol with only two types of decoy states--a vacuum and a weak decoy state--asymptotically approaches the theoretical limit of the most general type of decoy state protocols (with an infinite number of decoy states). We also present a one-decoy-state protocol as a special case of Vacuum+Weak decoy method. Moreover, we provide estimations on the effects of statistical fluctuations and suggest that, even for long distance (larger than 100km) QKD, our two-decoy-state protocol can be implemented with only a few hours of experimental data. In conclusion, decoy state quantum key distribution is highly practical. This part of work is published in "Practical Decoy State for Quantum Key Distribution

  19. INFORMATION SYSTEM SECURITY (CYBER SECURITY

    Muhammad Siddique Ansari

    2016-03-01

    Full Text Available Abstract - Business Organizations and Government unequivocally relies on upon data to deal with their business operations. The most unfavorable impact on association is disappointment of friendship, goodness, trustworthiness, legitimacy and probability of data and administrations. There is an approach to ensure data and to deal with the IT framework's Security inside association. Each time the new innovation is made, it presents some new difficulties for the insurance of information and data. To secure the information and data in association is imperative on the grounds that association nowadays inside and remotely joined with systems of IT frameworks. IT structures are inclined to dissatisfaction and security infringement because of slips and vulnerabilities. These slips and vulnerabilities can be brought on by different variables, for example, quickly creating headway, human slip, poor key particulars, poor movement schedules or censuring the threat. Likewise, framework changes, new deserts and new strikes are a huge piece of the time displayed, which helpers augmented vulnerabilities, disappointments and security infringement all through the IT structure life cycle. The business went to the confirmation that it is essentially difficult to ensure a slip free, risk free and secure IT structure in perspective of the disfigurement of the disavowing security parts, human pass or oversight, and part or supplies frustration. Totally secure IT frameworks don't exist; just those in which the holders may have changing degrees of certainty that security needs of a framework are fulfilled do. The key viewpoints identified with security of data outlining are examined in this paper. From the start, the paper recommends pertinent legitimate structure and their duties including open association obligation, and afterward it returns to present and future time, system limits, structure security in business division. At long last, two key inadequacy markers

  20. Security management

    Adams, H.W.

    1990-01-01

    Technical progress is moving more and more quickly and the systems thus produced are so complex and have become so unclear to the individual that he can no longer estimate the consequences: Faith in progress has given way to deep mistrust. Companies have adjusted to this change in consciousness. An interesting tendency can be identified: technical security is already available - now the organization of security has become an important objective for companies. The key message of the book is: If outworn technical systems are no longer adequate, the organization must be thoroughly overhauled. Five chapters deal with the following themes: organization as an aspect of society; risk control; aspects of security; is there security in ADP; the broader concept of security. (orig./HP) [de

  1. Improved two-way six-state protocol for quantum key distribution

    Shaari, J.S., E-mail: jesni_shamsul@yahoo.com [Faculty of Science, International Islamic University Malaysia (IIUM), Jalan Sultan Ahmad Shah, Bandar Indera Mahkota, 25200 Kuantan, Pahang (Malaysia); Bahari, Asma' Ahmad [Faculty of Science, International Islamic University Malaysia (IIUM), Jalan Sultan Ahmad Shah, Bandar Indera Mahkota, 25200 Kuantan, Pahang (Malaysia)

    2012-10-01

    A generalized version for a qubit based two-way quantum key distribution scheme was first proposed in the paper [Phys. Lett. A 358 (2006) 85] capitalizing on the six quantum states derived from three mutually unbiased bases. While boasting of a higher level of security, the protocol was not designed for ease of practical implementation. In this work, we propose modifications to the protocol, resulting not only in improved security but also in a more efficient and practical setup. We provide comparisons for calculated secure key rates for the protocols in noisy and lossy channels. -- Highlights: ► Modification for efficient generalized two-way QKD is proposed. ► Calculations include secure key rates in noisy and lossy channels for selected attack scenario. ► Resulting proposal provides for higher secure key rate in selected attack scheme.

  2. Improved two-way six-state protocol for quantum key distribution

    Shaari, J.S.; Bahari, Asma' Ahmad

    2012-01-01

    A generalized version for a qubit based two-way quantum key distribution scheme was first proposed in the paper [Phys. Lett. A 358 (2006) 85] capitalizing on the six quantum states derived from three mutually unbiased bases. While boasting of a higher level of security, the protocol was not designed for ease of practical implementation. In this work, we propose modifications to the protocol, resulting not only in improved security but also in a more efficient and practical setup. We provide comparisons for calculated secure key rates for the protocols in noisy and lossy channels. -- Highlights: ► Modification for efficient generalized two-way QKD is proposed. ► Calculations include secure key rates in noisy and lossy channels for selected attack scenario. ► Resulting proposal provides for higher secure key rate in selected attack scheme.

  3. Key Considerations in Providing a Free Appropriate Public Education for Youth with Disabilities in Juvenile Justice Secure Care Facilities. Issue Brief

    Gagnon, Joseph C.; Read, Nicholas W.; Gonsoulin, Simon

    2015-01-01

    Access to high-quality education for youth is critical to their long-term success as adults. Youth in juvenile justice secure care facilities, however, too often do not have access to the high-quality education and related supports and services that they need, particularly youth with disabilities residing in such facilities. This brief discusses…

  4. 33 CFR 165.761 - Security Zones; Port of Palm Beach, Port Everglades, Port of Miami, and Port of Key West, Florida.

    2010-07-01

    ... of the law enforcement boats and cruise ship tenders which will mark a transit lane in channel. (ii... east of the law enforcement vessels and cruise ship tenders, which will mark a transit lane in the..., tug boats and contracted security vessels may assist the Coast Guard Captain of the Port under the...

  5. Cooking temperature is a key determinant of in vitro meat protein digestion rate: investigation of underlying mechanisms.

    Bax, Marie-Laure; Aubry, Laurent; Ferreira, Claude; Daudin, Jean-Dominique; Gatellier, Philippe; Rémond, Didier; Santé-Lhoutellier, Véronique

    2012-03-14

    The present study aimed to evaluate the digestion rate and nutritional quality of pig muscle proteins in relation to different meat processes (aging, mincing, and cooking). Under our experimental conditions, aging and mincing had little impact on protein digestion. Heat treatments had different temperature-dependent effects on the meat protein digestion rate and degradation potential. At 70 °C, the proteins underwent denaturation that enhanced the speed of pepsin digestion by increasing enzyme accessibility to protein cleavage sites. Above 100 °C, oxidation-related protein aggregation slowed pepsin digestion but improved meat protein overall digestibility. The digestion parameters defined here open new insights on the dynamics governing the in vitro digestion of meat protein. However, the effect of cooking temperature on protein digestion observed in vitro needs to be confirmed in vivo.

  6. Group key management

    Dunigan, T.; Cao, C.

    1997-08-01

    This report describes an architecture and implementation for doing group key management over a data communications network. The architecture describes a protocol for establishing a shared encryption key among an authenticated and authorized collection of network entities. Group access requires one or more authorization certificates. The implementation includes a simple public key and certificate infrastructure. Multicast is used for some of the key management messages. An application programming interface multiplexes key management and user application messages. An implementation using the new IP security protocols is postulated. The architecture is compared with other group key management proposals, and the performance and the limitations of the implementation are described.

  7. Phase-encoded measurement device independent quantum key distribution without a shared reference frame

    Zhuo-Dan, Zhu; Shang-Hong, Zhao; Chen, Dong; Ying, Sun

    2018-07-01

    In this paper, a phase-encoded measurement device independent quantum key distribution (MDI-QKD) protocol without a shared reference frame is presented, which can generate secure keys between two parties while the quantum channel or interferometer introduces an unknown and slowly time-varying phase. The corresponding secret key rate and single photons bit error rate is analysed, respectively, with single photons source (SPS) and weak coherent source (WCS), taking finite-key analysis into account. The numerical simulations show that the modified phase-encoded MDI-QKD protocol has apparent superiority both in maximal secure transmission distance and key generation rate while possessing the improved robustness and practical security in the high-speed case. Moreover, the rejection of the frame-calibrating part will intrinsically reduce the consumption of resources as well as the potential security flaws of practical MDI-QKD systems.

  8. Experimental demonstration of subcarrier multiplexed quantum key distribution system.

    Mora, José; Ruiz-Alba, Antonio; Amaya, Waldimar; Martínez, Alfonso; García-Muñoz, Víctor; Calvo, David; Capmany, José

    2012-06-01

    We provide, to our knowledge, the first experimental demonstration of the feasibility of sending several parallel keys by exploiting the technique of subcarrier multiplexing (SCM) widely employed in microwave photonics. This approach brings several advantages such as high spectral efficiency compatible with the actual secure key rates, the sharing of the optical fainted pulse by all the quantum multiplexed channels reducing the system complexity, and the possibility of upgrading with wavelength division multiplexing in a two-tier scheme, to increase the number of parallel keys. Two independent quantum SCM channels featuring a sifted key rate of 10 Kb/s/channel over a link with quantum bit error rate <2% is reported.

  9. Individual and Population Level Impact of Key HIV Risk Factors on HIV Incidence Rates in Durban, South Africa.

    Gita Ramjee

    Full Text Available We aimed to estimate the individual and joint impact of age, marital status and diagnosis with sexually transmitted infections (STIs on HIV acquisition among young women at a population level in Durban, KwaZulu-Natal, South Africa. A total of 3,978 HIV seronegative women were recruited for four biomedical intervention trials from 2002-2009. Point and interval estimates of partial population attributable risk (PAR were used to quantify the proportion of HIV seroconversions which can be prevented if a combination of risk factors is eliminated from a target population. More than 70% of the observed HIV acquisitions were collectively attributed to the three risk factors: younger age (<25 years old, unmarried and not cohabiting with a stable/regular partner and diagnosis with STIs. Addressing these risks requires targeted structural, behavioural, biomedical and cultural interventions in order to impact on unacceptably high HIV incidence rates among young women and the population as a whole.

  10. TT Mutant Homozygote of Kruppel-like Factor 5 Is a Key Factor for Increasing Basal Metabolic Rate and Resting Metabolic Rate in Korean Elementary School Children.

    Choi, Jung Ran; Kwon, In-Su; Kwon, Dae Young; Kim, Myung-Sunny; Lee, Myoungsook

    2013-12-01

    We investigated the contribution of genetic variations of KLF5 to basal metabolic rate (BMR) and resting metabolic rate (RMR) and the inhibition of obesity in Korean children. A variation of KLF5 (rs3782933) was genotyped in 62 Korean children. Using multiple linear regression analysis, we developed a model to predict BMR in children. We divided them into several groups; normal versus overweight by body mass index (BMI) and low BMR versus high BMR by BMR. There were no differences in the distributions of alleles and genotypes between each group. The genetic variation of KLF5 gene showed a significant correlation with several clinical factors, such as BMR, muscle, low-density lipoprotein cholesterol, and insulin. Children with the TT had significantly higher BMR than those with CC (p = 0.030). The highest muscle was observed in the children with TT compared with CC (p = 0.032). The insulin and C-peptide values were higher in children with TT than those with CC (p= 0.029 vs. p = 0.004, respectively). In linear regression analysis, BMI and muscle mass were correlated with BMR, whereas insulin and C-peptide were not associated with BMR. In the high-BMR group, we observed that higher muscle, fat mass, and C-peptide affect the increase of BMR in children with TT (p BMR (adjust r(2) = 1.000, p BMR in Korean children. We could make better use of the variation within KLF5 in a future clinical intervention study of obesity.

  11. TT Mutant Homozygote of Is a Key Factor for Increasing Basal Metabolic Rate and Resting Metabolic Rate in Korean Elementary School Children

    Jung Ran Choi

    2013-12-01

    Full Text Available We investigated the contribution of genetic variations of KLF5 to basal metabolic rate (BMR and resting metabolic rate (RMR and the inhibition of obesity in Korean children. A variation of KLF5 (rs3782933 was genotyped in 62 Korean children. Using multiple linear regression analysis, we developed a model to predict BMR in children. We divided them into several groups; normal versus overweight by body mass index (BMI and low BMR versus high BMR by BMR. There were no differences in the distributions of alleles and genotypes between each group. The genetic variation of KLF5 gene showed a significant correlation with several clinical factors, such as BMR, muscle, low-density lipoprotein cholesterol, and insulin. Children with the TT had significantly higher BMR than those with CC (p = 0.030. The highest muscle was observed in the children with TT compared with CC (p = 0.032. The insulin and C-peptide values were higher in children with TT than those with CC (p= 0.029 vs. p = 0.004, respectively. In linear regression analysis, BMI and muscle mass were correlated with BMR, whereas insulin and C-peptide were not associated with BMR. In the high-BMR group, we observed that higher muscle, fat mass, and C-peptide affect the increase of BMR in children with TT (p < 0.001, p < 0.001, and p = 0.018, respectively, while Rohrer's index could explain the usual decrease in BMR (adjust r2 = 1.000, p < 0.001, respectively. We identified a novel association between TT of KLF5 rs3782933 and BMR in Korean children. We could make better use of the variation within KLF5 in a future clinical intervention study of obesity.

  12. Zaštićena komunikacija putem infrastrukture sa javnim ključevima / Secure communication via public key infrastructure

    Đuro Alfirević

    2007-01-01

    Full Text Available Jedan tok informacija u okviru računarskih sistema ostvaruje se slanjem elektronske pošte. Međutim, da bi se ispunili zahtevi za kvalitativnost informacije koju ta pošta prenosi, neophodno je da računarska mreža ispunjava osnovna četiri bezbednosna servisa: zaštitu tajnosti, integritet podataka autentikaciju i neporecivost. Ovaj rad predstavlja jedno od mogućih rešenja zaštićene komunikacije, primenom zaštićenog e-mail klijenta, sa prednostima koje donosi PKCS standard. / One of the information flows in a computer communication domain is accomplished by sending an e-mail, but in order to accomplish demands for information qualitativity that the e-mail contains, it's necessary for a computer network to provide the major four security services confidentiality, data integrity, authentication and non-repudiation. This work represents one of the possible solutions of secured communication applying a secured e-mail client with advantages that PKCS standard brings.

  13. Digital security technology simplified.

    Scaglione, Bernard J

    2007-01-01

    Digital security technology is making great strides in replacing analog and other traditional security systems including CCTV card access, personal identification and alarm monitoring applications. Like any new technology, the author says, it is important to understand its benefits and limitations before purchasing and installing, to ensure its proper operation and effectiveness. This article is a primer for security directors on how digital technology works. It provides an understanding of the key components which make up the foundation for digital security systems, focusing on three key aspects of the digital security world: the security network, IP cameras and IP recorders.

  14. New directions for African security

    Haastrup, Toni; Dijkstra, Hylke

    2017-01-01

    African security, particularly conflict-related political violence, is a key concern in international relations. This forum seeks to advance existing research agendas by addressing four key themes: domestic politics and peacekeeping; security sector reform programs; peace enforcement; and the

  15. Center for computer security: Computer Security Group conference. Summary

    None

    1982-06-01

    Topics covered include: computer security management; detection and prevention of computer misuse; certification and accreditation; protection of computer security, perspective from a program office; risk analysis; secure accreditation systems; data base security; implementing R and D; key notarization system; DOD computer security center; the Sandia experience; inspector general's report; and backup and contingency planning. (GHT)

  16. Newborn Survival Case Study in Rwanda - Bottleneck Analysis and Projections in Key Maternal and Child Mortality Rates Using Lives Saved Tool (LiST).

    Khurmi, Manpreet Singh; Sayinzoga, Felix; Berhe, Atakilt; Bucyana, Tatien; Mwali, Assumpta Kayinamura; Manzi, Emmanuel; Muthu, Maharajan

    2017-01-01

    The Newborn Survival Case study in Rwanda provides an analysis of the newborn health and survival situation in the country. It reviews evidence-based interventions and coverage levels already implemented in the country; identifies key issues and bottlenecks in service delivery and uptake of services by community/beneficiaries, and provides key recommendations aimed at faster reduction in newborn mortality rate. This study utilized mixed method research including qualitative and quantitative analyses of various maternal and newborn health programs implemented in the country. This included interviewing key stakeholders at each level, field visits and also interviewing beneficiaries for assessment of uptake of services. Monitoring systems such as Health Management Information Systems (HMIS), maternal and newborn death audits were reviewed and data analyzed to aid these analyses. Policies, protocols, various guidelines and tools for monitoring are already in place however, implementation of these remains a challenge e.g. infection control practices to reduce deaths due to sepsis. Although existing staff are quite knowledgeable and are highly motivated, however, shortage of health personnel especially doctors in an issue. New facilities are being operationalized e.g. at Gisenyi, however, the existing facilities needs expansion. It is essential to implement high impact evidence based interventions but coverage levels need to be significantly high in order to achieve higher reduction in newborn mortality rate. Equity approach should be considered in planning so that the services are better implemented and the poor and needy can get the benefits of public health programs.

  17. Quantum dense key distribution

    Degiovanni, I.P.; Ruo Berchera, I.; Castelletto, S.; Rastello, M.L.; Bovino, F.A.; Colla, A.M.; Castagnoli, G.

    2004-01-01

    This paper proposes a protocol for quantum dense key distribution. This protocol embeds the benefits of a quantum dense coding and a quantum key distribution and is able to generate shared secret keys four times more efficiently than the Bennet-Brassard 1984 protocol. We hereinafter prove the security of this scheme against individual eavesdropping attacks, and we present preliminary experimental results, showing its feasibility

  18. One Step Quantum Key Distribution Based on EPR Entanglement.

    Li, Jian; Li, Na; Li, Lei-Lei; Wang, Tao

    2016-06-30

    A novel quantum key distribution protocol is presented, based on entanglement and dense coding and allowing asymptotically secure key distribution. Considering the storage time limit of quantum bits, a grouping quantum key distribution protocol is proposed, which overcomes the vulnerability of first protocol and improves the maneuverability. Moreover, a security analysis is given and a simple type of eavesdropper's attack would introduce at least an error rate of 46.875%. Compared with the "Ping-pong" protocol involving two steps, the proposed protocol does not need to store the qubit and only involves one step.

  19. Nonparametric modeling of US interest rate term structure dynamics and implications on the prices of derivative securities

    Jiang, GJ

    1998-01-01

    This paper develops a nonparametric model of interest rate term structure dynamics based an a spot rate process that permits only positive interest rates and a market price of interest rate risk that precludes arbitrage opportunities. Both the spot rate process and the market price of interest rate

  20. Calcification rates of the massive coral Siderastrea siderea and crustose coralline algae along the Florida Keys (USA) outer-reef tract

    Kuffner, I.B.; Hickey, T.D.; Morrison, J.M.

    2013-01-01

    Coral reefs are degrading on a global scale, and rates of reef-organism calcification are predicted to decline due to ocean warming and acidification. Systematic measurements of calcification over space and time are necessary to detect change resulting from environmental stressors. We established a network of calcification monitoring stations at four managed reefs along the outer Florida Keys Reef Tract (FKRT) from Miami to the Dry Tortugas. Eighty colonies (in two sequential sets of 40) of the reef-building coral, Siderastrea siderea, were transplanted to fixed apparatus that allowed repetitive detachment for buoyant weighing every 6 months. Algal-recruitment tiles were also deployed during each weighing interval to measure net calcification of the crustose coralline algal (CCA) community. Coral-calcification rates were an order of magnitude greater than those of CCA. Rates of coral calcification were seasonal (summer calcification was 53% greater than winter), and corals in the Dry Tortugas calcified 48% faster than those at the other three sites. Linear extension rates were also highest in the Dry Tortugas, whereas percent area of the coral skeletons excavated by bioeroding fauna was lowest. The spatial patterns in net coral calcification revealed here correlate well with Holocene reef thickness along the FKRT and, in part, support the “inimical waters hypothesis” proposed by Ginsburg, Hudson, and Shinn almost 50 yrs ago to explain reef development in this region. Due to the homogeneity in coral-calcification rates among the three main Keys sites, we recommend refinement of this hypothesis and suggest that water-quality variables (e.g., carbonate mineral saturation state, dissolved and particulate organic matter, light attenuation) be monitored alongside calcification in future studies. Our results demonstrate that our calcification monitoring network presents a feasible and worthwhile approach to quantifying potential impacts of ocean acidification

  1. Calcification rates of the massive coral Siderastrea siderea and crustose coralline algae along the Florida Keys (USA) outer-reef tract

    Kuffner, I. B.; Hickey, T. D.; Morrison, J. M.

    2013-12-01

    Coral reefs are degrading on a global scale, and rates of reef-organism calcification are predicted to decline due to ocean warming and acidification. Systematic measurements of calcification over space and time are necessary to detect change resulting from environmental stressors. We established a network of calcification monitoring stations at four managed reefs along the outer Florida Keys Reef Tract (FKRT) from Miami to the Dry Tortugas. Eighty colonies (in two sequential sets of 40) of the reef-building coral, Siderastrea siderea, were transplanted to fixed apparatus that allowed repetitive detachment for buoyant weighing every 6 months. Algal-recruitment tiles were also deployed during each weighing interval to measure net calcification of the crustose coralline algal (CCA) community. Coral-calcification rates were an order of magnitude greater than those of CCA. Rates of coral calcification were seasonal (summer calcification was 53 % greater than winter), and corals in the Dry Tortugas calcified 48 % faster than those at the other three sites. Linear extension rates were also highest in the Dry Tortugas, whereas percent area of the coral skeletons excavated by bioeroding fauna was lowest. The spatial patterns in net coral calcification revealed here correlate well with Holocene reef thickness along the FKRT and, in part, support the "inimical waters hypothesis" proposed by Ginsburg, Hudson, and Shinn almost 50 yrs ago to explain reef development in this region. Due to the homogeneity in coral-calcification rates among the three main Keys sites, we recommend refinement of this hypothesis and suggest that water-quality variables (e.g., carbonate mineral saturation state, dissolved and particulate organic matter, light attenuation) be monitored alongside calcification in future studies. Our results demonstrate that our calcification monitoring network presents a feasible and worthwhile approach to quantifying potential impacts of ocean acidification, warming

  2. Entangled quantum key distribution with a biased basis choice

    Erven, Chris; Ma Xiongfeng; Laflamme, Raymond; Weihs, Gregor

    2009-01-01

    We investigate a quantum key distribution (QKD) scheme that utilizes a biased basis choice in order to increase the efficiency of the scheme. The optimal bias between the two measurement bases, a more refined error analysis and finite key size effects are all studied in order to assure the security of the final key generated with the system. We then implement the scheme in a local entangled QKD system that uses polarization entangled photon pairs to securely distribute the key. A 50/50 non-polarizing beamsplitter (BS) with different optical attenuators is used to simulate a variable BS in order to allow us to study the operation of the system for different biases. Over 6 h of continuous operation with a total bias of 0.9837/0.0163 (Z/X), we were able to generate 0.4567 secure key bits per raw key bit as compared to 0.2550 secure key bits per raw key bit for the unbiased case. This represents an increase in the efficiency of the key generation rate by 79%.

  3. Practical quantum key distribution with polarization-entangled photons

    Poppe, A.; Fedrizzi, A.; Boehm, H.; Ursin, R.; Loruenser, T.; Peev, M.; Maurhardt, O.; Suda, M.; Kurtsiefer, C.; Weinfurter, H.; Jennewein, T.; Zeilinger, A.

    2005-01-01

    Full text: We present an entangled-state quantum cryptography system that operated for the first time in a real-world application scenario. The full key generation protocol was performed in real-time between two distributed embedded hardware devices, which were connected by 1.45 km of optical fiber, installed for this experiment in the Vienna sewage system. A source for polarization-entangled photons delivered about 8200 entangled photon pairs per second. After transmission to the distant receivers, a mean value of 468 pairs per second remained for the generation of a raw key, which showed an average qubit error rate of 6.4 %. The raw key was sifted and subsequently processed by a classical protocol which included error correction and privacy amplification. The final secure key bit rate was about 76 bits per second. The generated quantum key was then handed over and used by a secure communication application. (author)

  4. Quantum key distribution with finite resources: Smooth Min entropy vs. Smooth Renyi entropy

    Mertz, Markus; Abruzzo, Silvestre; Bratzik, Sylvia; Kampermann, Hermann; Bruss, Dagmar [Institut fuer Theoretische Physik III, Duesseldorf (Germany)

    2010-07-01

    We consider different entropy measures that play an important role in the analysis of the security of QKD with finite resources. The smooth min entropy leads to an optimal bound for the length of a secure key. Another bound on the secure key length was derived by using Renyi entropies. Unfortunately, it is very hard or even impossible to calculate these entropies for realistic QKD scenarios. To estimate the security rate it becomes important to find computable bounds on these entropies. Here, we compare a lower bound for the smooth min entropy with a bound using Renyi entropies. We compare these entropies for the six-state protocol with symmetric attacks.

  5. Security Concepts for Satellite Links

    Tobehn, C.; Penné, B.; Rathje, R.; Weigl, A.; Gorecki, Ch.; Michalik, H.

    2008-08-01

    The high costs to develop, launch and maintain a satellite network makes protecting the assets imperative. Attacks may be passive such as eavesdropping on the payload data. More serious threat are active attacks that try to gain control of the satellite, which may lead to the total lost of the satellite asset. To counter these threats, new satellite and ground systems are using cryptographic technologies to provide a range of services: confidentiality, entity & message authentication, and data integrity. Additionally, key management cryptographic services are required to support these services. This paper describes the key points of current satellite control and operations, that are authentication of the access to the satellite TMTC link and encryption of security relevant TM/TC data. For payload data management the key points are multi-user ground station access and high data rates both requiring frequent updates and uploads of keys with the corresponding key management methods. For secure satellite management authentication & key negotiation algorithms as HMAC-RIPEMD160, EC- DSA and EC-DH are used. Encryption of data uses algorithms as IDEA, AES, Triple-DES, or other. A channel coding and encryption unit for payload data provides download data rates up to Nx250 Mbps. The presented concepts are based on our experience and heritage of the security systems for all German MOD satellite projects (SATCOMBw2, SAR-Lupe multi- satellite system and German-French SAR-Lupe-Helios- II systems inter-operability) as well as for further international (KOMPSAT-II Payload data link system) and ESA activities (TMTC security and GMES).

  6. Nuclear security

    1991-12-01

    This paper reports that despite their crucial importance to national security, safeguards at the Department of Energy's (DOE) weapons facilities may be falling short. DOE security inspections have identified many weaknesses, including poor performance by members of DOE's security force, poor accountability for quantities of nuclear materials, and the inability of personnel to locate documents containing classified information. About 13 percent of the 2,100 identified weakness resulted in DOE inspectors giving out unsatisfactory security ratings; another 38 percent led to marginal ratings. In addition, DOE's centralized safeguards and security information tracking system lacks current data on whether DOE field offices have corrected the identified weaknesses. Without reliable information, DOE has no way of knowing whether timely action was taken to correct problems, nor can it determine whether weaknesses are systematic. DOE has tried to minimize the impact of these security weaknesses at its facilities by establishing multiple layers of protection measures and instituting interim and compensatory measures for identified weaknesses. DOE is planning enhancements to the centralized tracking system that should improve its reliability and increase its effectiveness

  7. Finite-key-size effect in a commercial plug-and-play QKD system

    Chaiwongkhot, Poompong; Sajeed, Shihan; Lydersen, Lars; Makarov, Vadim

    2017-12-01

    A security evaluation against the finite-key-size effect was performed for a commercial plug-and-play quantum key distribution (QKD) system. We demonstrate the ability of an eavesdropper to force the system to distill key from a smaller length of sifted-key. We also derive a key-rate equation that is specific for this system. This equation provides bounds above the upper bound of secure key under finite-key-size analysis. From this equation and our experimental data, we show that the keys that have been distilled from the smaller sifted-key size fall above our bound. Thus, their security is not covered by finite-key-size analysis. Experimentally, we could consistently force the system to generate the key outside of the bound. We also test manufacturer’s software update. Although all the keys after the patch fall under our bound, their security cannot be guaranteed under this analysis. Our methodology can be used for security certification and standardization of QKD systems.

  8. Exploring patient satisfaction levels, self-rated oral health status and associated variables among citizens covered for dental insurance through a National Social Security Scheme in India.

    Singh, Abhinav; Purohit, Bharathi M

    2017-06-01

    To assess patient satisfaction, self-rated oral health and associated factors, including periodontal status and dental caries, among patients covered for dental insurance through a National Social Security Scheme in New Delhi, India. A total of 1,498 patients participated in the study. Satisfaction levels and self-rated oral-health scores were measured using a questionnaire comprising 12 closed-ended questions. Clinical data were collected using the Community Periodontal Index (CPI) and the decayed, missing and filled teeth (DMFT) index. Regression analysis was conducted to evaluate factors associated with dental caries, periodontal status and self-rated oral health. Areas of concern included poor cleanliness within the hospital, extensive delays for appointments, waiting time in hospital and inadequate interpersonal and communication skills among health-care professionals. Approximately 51% of the respondents rated their oral health as fair to poor. Younger age, no tobacco usage, good periodontal status and absence of dental caries were significantly associated with higher oral health satisfaction, with odds ratios of 3.94, 2.38, 2.58 and 2.09, respectively (P ≤ 0.001). The study indicates poor satisfaction levels with the current dental care system and a poor self-rated oral health status among the study population. Some specific areas of concern have been identified. These findings may facilitate restructuring of the existing dental services under the National Social Security Scheme towards creating a better patient care system. © 2017 FDI World Dental Federation.

  9. Iran's Security Policy in the Post-Revolutionary Era

    Byman, Daniel

    2001-01-01

    This report assesses Iran's security policy. It examines broad drivers of Iran's security policy, describes important security institutions, explores decisionmaking, and reviews Iran's relations with key countries...

  10. Security for multihop wireless networks

    Khan, Shafiullah

    2014-01-01

    Security for Multihop Wireless Networks provides broad coverage of the security issues facing multihop wireless networks. Presenting the work of a different group of expert contributors in each chapter, it explores security in mobile ad hoc networks, wireless sensor networks, wireless mesh networks, and personal area networks.Detailing technologies and processes that can help you secure your wireless networks, the book covers cryptographic coprocessors, encryption, authentication, key management, attacks and countermeasures, secure routing, secure medium access control, intrusion detection, ep

  11. Key distillation in quantum cryptography

    Slutsky, Boris Aron

    1998-11-01

    Quantum cryptography is a technique which permits two parties to communicate over an open channel and establish a shared sequence of bits known only to themselves. This task, provably impossible in classical cryptography, is accomplished by encoding the data on quantum particles and harnessing their unique properties. It is believed that no eavesdropping attack consistent with the laws of quantum theory can compromise the secret data unknowingly to the legitimate users of the channel. Any attempt by a hostile actor to monitor the data carrying particles while in transit reveals itself through transmission errors it must inevitably introduce. Unfortunately, in practice a communication is not free of errors even when no eavesdropping is present. Key distillation is a technique that permits the parties to overcome this difficulty and establish a secret key despite channel defects, under the assumption that every particle is handled independently from other particles by the enemy. In the present work, key distillation is described and its various aspects are studied. A relationship is derived between the average error rate resulting from an eavesdropping attack and the amount of information obtained by the attacker. Formal definition is developed of the security of the final key. The net throughput of secret bits in a quantum cryptosystem employing key distillation is assessed. An overview of quantum cryptographic protocols and related information theoretical results is also given.

  12. Managing Cisco network security

    Knipp, Eric

    2002-01-01

    An in-depth knowledge of how to configure Cisco IP network security is a MUST for anyone working in today''s internetworked world"There''s no question that attacks on enterprise networks are increasing in frequency and sophistication..."-Mike Fuhrman, Cisco Systems Manager, Security ConsultingManaging Cisco Network Security, Second Edition offers updated and revised information covering many of Cisco''s security products that provide protection from threats, detection of network security incidents, measurement of vulnerability and policy compliance and management of security policy across an extended organization. These are the tools that network administrators have to mount defenses against threats. Chapters also cover the improved functionality and ease of the Cisco Secure Policy Manger software used by thousands of small-to-midsized businesses and a special section on the Cisco Aironet Wireless Security Solutions.Security from a real-world perspectiveKey coverage of the new technologies offered by the Cisc...

  13. Finite-key analysis for quantum key distribution with weak coherent pulses based on Bernoulli sampling

    Kawakami, Shun; Sasaki, Toshihiko; Koashi, Masato

    2017-07-01

    An essential step in quantum key distribution is the estimation of parameters related to the leaked amount of information, which is usually done by sampling of the communication data. When the data size is finite, the final key rate depends on how the estimation process handles statistical fluctuations. Many of the present security analyses are based on the method with simple random sampling, where hypergeometric distribution or its known bounds are used for the estimation. Here we propose a concise method based on Bernoulli sampling, which is related to binomial distribution. Our method is suitable for the Bennett-Brassard 1984 (BB84) protocol with weak coherent pulses [C. H. Bennett and G. Brassard, Proceedings of the IEEE Conference on Computers, Systems and Signal Processing (IEEE, New York, 1984), Vol. 175], reducing the number of estimated parameters to achieve a higher key generation rate compared to the method with simple random sampling. We also apply the method to prove the security of the differential-quadrature-phase-shift (DQPS) protocol in the finite-key regime. The result indicates that the advantage of the DQPS protocol over the phase-encoding BB84 protocol in terms of the key rate, which was previously confirmed in the asymptotic regime, persists in the finite-key regime.

  14. Optimizing Key Updates in Sensor Networks

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    2011-01-01

    Sensor networks offer the advantages of simple and low–resource communication. Nevertheless, security is of particular importance in many cases such as when sensitive data is communicated or tamper-resistance is required. Updating the security keys is one of the key points in security, which...

  15. Fully Device-Independent Quantum Key Distribution

    Vazirani, Umesh; Vidick, Thomas

    2014-10-01

    Quantum cryptography promises levels of security that are impossible to replicate in a classical world. Can this security be guaranteed even when the quantum devices on which the protocol relies are untrusted? This central question dates back to the early 1990s when the challenge of achieving device-independent quantum key distribution was first formulated. We answer this challenge by rigorously proving the device-independent security of a slight variant of Ekert's original entanglement-based protocol against the most general (coherent) attacks. The resulting protocol is robust: While assuming only that the devices can be modeled by the laws of quantum mechanics and are spatially isolated from each other and from any adversary's laboratory, it achieves a linear key rate and tolerates a constant noise rate in the devices. In particular, the devices may have quantum memory and share arbitrary quantum correlations with the eavesdropper. The proof of security is based on a new quantitative understanding of the monogamous nature of quantum correlations in the context of a multiparty protocol.

  16. International key comparison of measurements of neutron source emission rate (1999-2005): CCRI(III)-K9.AmBe

    Roberts, N.J.; Jones, L.N. [National Physical Laboratory (NPL), Teddington, (United Kingdom); Wang, Z.; Liu, Y.; Wang, Q.; Chen, X.; Luo, H.; Rong, C. [China Institute of Atomic Energy (CIAE), Beijing (China); Kralik, M. [Czech Metrology Institute (CMI), Praha, (Czech Republic); Park, H.; Choi, K.O. [Korea Research Institute of Standards and Science (KRISS), Daejeon, (Korea, Republic of); Pereira, W.W.; Da Fonseca, E.S. [National Laboratory of Metrology of Ionizing Radiation (LNMRI), Rio de Janeiro, (Brazil); Cassette, P. [Laboratoire National Henri Becquerel (LNE-LNHB), Paris, (France); Dewey, M.S. [National Institute of Standards and Technology (NIST), Gaithersburg, MD, (United States); Moiseev, N.N.; Kharitonov, I.A. [D I Mendeleyev Institute for Metrology (VNIIM), St Petersburg, (Russian Federation)

    2011-07-01

    Section III (neutron measurements) of the Comite Consultatif des Rayonnements Ionisants, CCRI, conducted a key comparison of primary measurements of the neutron emission rate of an {sup 241}Am-Be({alpha},n) radionuclide source. A single {sup 241}Am-Be({alpha},n) source was circulated to all the participants between 1999 and 2005. Eight laboratories participated - the CIAE (China), CMI (Czech Republic), KRISS (Republic of Korea), LNMRI (Brazil), LNE-LNHB (France), NIST (USA), NPL (UK) and the VNIIM (Russian Federation) - with the NPL making their measurements at the start and repeating them near the end of the exercise to verify the stability of the source. Each laboratory reported the emission rate into 4{pi} sr together with a detailed uncertainty budget. All participants used the manganese bath technique, with the VNIIM also making measurements using an associated particle technique. The CMI, KRISS, VNIIM, and later the NPL, also measured the anisotropy of the source although this was not a formal part of the comparison. The first draft report was released in May 2006 and having been discussed and modified by the participants and subsequently reviewed by the CCRI(III), the present paper is now the final report of the comparison. (authors)

  17. Fully device-independent conference key agreement

    Ribeiro, Jérémy; Murta, Gláucia; Wehner, Stephanie

    2018-02-01

    We present a security analysis of conference key agreement (CKA) in the most adversarial model of device independence (DI). Our protocol can be implemented by any experimental setup that is capable of performing Bell tests [specifically, the Mermin-Ardehali-Belinskii-Klyshko (MABK) inequality], and security can in principle be obtained for any violation of the MABK inequality that detects genuine multipartite entanglement among the N parties involved in the protocol. As our main tool, we derive a direct physical connection between the N -partite MABK inequality and the Clauser-Horne-Shimony-Holt (CHSH) inequality, showing that certain violations of the MABK inequality correspond to a violation of the CHSH inequality between one of the parties and the other N -1 . We compare the asymptotic key rate for device-independent conference key agreement (DICKA) to the case where the parties use N -1 device-independent quantum key distribution protocols in order to generate a common key. We show that for some regime of noise the DICKA protocol leads to better rates.

  18. Finite key analysis in quantum cryptography

    Meyer, T.

    2007-10-31

    In view of experimental realization of quantum key distribution schemes, the study of their efficiency becomes as important as the proof of their security. The latter is the subject of most of the theoretical work about quantum key distribution, and many important results such as the proof of unconditional security have been obtained. The efficiency and also the robustness of quantum key distribution protocols against noise can be measured by figures of merit such as the secret key rate (the fraction of input signals that make it into the key) and the threshold quantum bit error rate (the maximal error rate such that one can still create a secret key). It is important to determine these quantities because they tell us whether a certain quantum key distribution scheme can be used at all in a given situation and if so, how many secret key bits it can generate in a given time. However, these figures of merit are usually derived under the ''infinite key limit'' assumption, that is, one assumes that an infinite number of quantum states are send and that all sub-protocols of the scheme (in particular privacy amplification) are carried out on these infinitely large blocks. Such an assumption usually eases the analysis, but also leads to (potentially) too optimistic values for the quantities in question. In this thesis, we are explicitly avoiding the infinite key limit for the analysis of the privacy amplification step, which plays the most important role in a quantum key distribution scheme. We still assume that an optimal error correction code is applied and we do not take into account any statistical errors that might occur in the parameter estimation step. Renner and coworkers derived an explicit formula for the obtainable key rate in terms of Renyi entropies of the quantum states describing Alice's, Bob's, and Eve's systems. This results serves as a starting point for our analysis, and we derive an algorithm that efficiently computes

  19. 78 FR 64183 - Change to Existing Regulation Concerning the Interest Rate Paid on Cash Deposited To Secure...

    2013-10-28

    ... Account. These funds are held ``in trust'' for the obligor and currently earn simple interest at the rate..., the Government has paid simple interest at the rate of 3 percent per year on cash deposited by bond... #0;notices is to give interested persons an opportunity to participate in #0;the rule making prior to...

  20. Metropolitan Quantum Key Distribution with Silicon Photonics

    Darius Bunandar

    2018-04-01

    Full Text Available Photonic integrated circuits provide a compact and stable platform for quantum photonics. Here we demonstrate a silicon photonics quantum key distribution (QKD encoder in the first high-speed polarization-based QKD field tests. The systems reach composable secret key rates of 1.039 Mbps in a local test (on a 103.6-m fiber with a total emulated loss of 9.2 dB and 157 kbps in an intercity metropolitan test (on a 43-km fiber with 16.4 dB loss. Our results represent the highest secret key generation rate for polarization-based QKD experiments at a standard telecom wavelength and demonstrate photonic integrated circuits as a promising, scalable resource for future formation of metropolitan quantum-secure communications networks.

  1. Metropolitan Quantum Key Distribution with Silicon Photonics

    Bunandar, Darius; Lentine, Anthony; Lee, Catherine; Cai, Hong; Long, Christopher M.; Boynton, Nicholas; Martinez, Nicholas; DeRose, Christopher; Chen, Changchen; Grein, Matthew; Trotter, Douglas; Starbuck, Andrew; Pomerene, Andrew; Hamilton, Scott; Wong, Franco N. C.; Camacho, Ryan; Davids, Paul; Urayama, Junji; Englund, Dirk

    2018-04-01

    Photonic integrated circuits provide a compact and stable platform for quantum photonics. Here we demonstrate a silicon photonics quantum key distribution (QKD) encoder in the first high-speed polarization-based QKD field tests. The systems reach composable secret key rates of 1.039 Mbps in a local test (on a 103.6-m fiber with a total emulated loss of 9.2 dB) and 157 kbps in an intercity metropolitan test (on a 43-km fiber with 16.4 dB loss). Our results represent the highest secret key generation rate for polarization-based QKD experiments at a standard telecom wavelength and demonstrate photonic integrated circuits as a promising, scalable resource for future formation of metropolitan quantum-secure communications networks.

  2. Network Paradigm of Information Security

    Alexandr Diomidovich Afanasyev

    2016-03-01

    Full Text Available An issue of topological analysis has been claimed as a key one while creating robust and secure network systems. Some examples of complex network applications in information security domain have been cited.

  3. Quantum key distribution for 10 Gb/s dense wavelength division multiplexing networks

    Patel, K. A.; Dynes, J. F.; Lucamarini, M.; Choi, I.; Sharpe, A. W.; Yuan, Z. L.; Shields, A. J.; Penty, R. V.

    2014-01-01

    We demonstrate quantum key distribution (QKD) with bidirectional 10 Gb/s classical data channels in a single fiber using dense wavelength division multiplexing. Record secure key rates of 2.38 Mbps and fiber distances up to 70 km are achieved. Data channels are simultaneously monitored for error-free operation. The robustness of QKD is further demonstrated with a secure key rate of 445 kbps over 25 km, obtained in the presence of data lasers launching conventional 0 dBm power. We discuss the fundamental limit for the QKD performance in the multiplexing environment

  4. Pro Spring security

    Scarioni, Carlo

    2013-01-01

    Security is a key element in the development of any non-trivial application. The Spring Security Framework provides a comprehensive set of functionalities to implement industry-standard authentication and authorization mechanisms for Java applications. Pro Spring Security will be a reference and advanced tutorial that will do the following: Guides you through the implementation of the security features for a Java web application by presenting consistent examples built from the ground-up. Demonstrates the different authentication and authorization methods to secure enterprise-level applications

  5. Observer success rates for identification of 3D surface reconstructed facial images and implications for patient privacy and security

    Chen, Joseph J.; Siddiqui, Khan M.; Fort, Leslie; Moffitt, Ryan; Juluru, Krishna; Kim, Woojin; Safdar, Nabile; Siegel, Eliot L.

    2007-03-01

    3D and multi-planar reconstruction of CT images have become indispensable in the routine practice of diagnostic imaging. These tools cannot only enhance our ability to diagnose diseases, but can also assist in therapeutic planning as well. The technology utilized to create these can also render surface reconstructions, which may have the undesired potential of providing sufficient detail to allow recognition of facial features and consequently patient identity, leading to violation of patient privacy rights as described in the HIPAA (Health Insurance Portability and Accountability Act) legislation. The purpose of this study is to evaluate whether 3D reconstructed images of a patient's facial features can indeed be used to reliably or confidently identify that specific patient. Surface reconstructed images of the study participants were created used as candidates for matching with digital photographs of participants. Data analysis was performed to determine the ability of observers to successfully match 3D surface reconstructed images of the face with facial photographs. The amount of time required to perform the match was recorded as well. We also plan to investigate the ability of digital masks or physical drapes to conceal patient identity. The recently expressed concerns over the inability to truly "anonymize" CT (and MRI) studies of the head/face/brain are yet to be tested in a prospective study. We believe that it is important to establish whether these reconstructed images are a "threat" to patient privacy/security and if so, whether minimal interventions from a clinical perspective can substantially reduce this possibility.

  6. Alternative security

    Weston, B.H.

    1990-01-01

    This book contains the following chapters: The Military and Alternative Security: New Missions for Stable Conventional Security; Technology and Alternative Security: A Cherished Myth Expires; Law and Alternative Security: Toward a Just World Peace; Politics and Alternative Security: Toward a More Democratic, Therefore More Peaceful, World; Economics and Alternative Security: Toward a Peacekeeping International Economy; Psychology and Alternative Security: Needs, Perceptions, and Misperceptions; Religion and Alternative Security: A Prophetic Vision; and Toward Post-Nuclear Global Security: An Overview

  7. Homeland Security

    Provides an overview of EPA's homeland security roles and responsibilities, and links to specific homeland security issues: water security, research, emergency response, recovery, and waste management.

  8. Ethical Responsibility Key to Computer Security.

    Lynn, M. Stuart

    1989-01-01

    The pervasiveness of powerful computers and computer networks has raised the specter of new forms of abuse and of concomitant ethical issues. Blurred boundaries, hackers, the Computer Worm, ethical issues, and implications for academic institutions are discussed. (MLW)

  9. The potential for reusing grey water and its generation rates for sustainable potable water security in Kuwait

    RAWA AL-JARALLAH

    2013-06-01

    Full Text Available This study was conducted to achieve the following objectives: (1 to investigate the water consumption patterns of Kuwaiti households, (2 to determine the per use water consumption rate for plumbing fixtures and their frequency of daily use and (3 to estimate the amount of grey water generated per person per day to explore the potential for reusing grey water in Kuwait. To achieve these objectives, a preliminary study was conducted to determine the per use water consumption rate for each plumbing fixture. An intensive study was then conducted using data from 53 households in different districts in Kuwait. The average daily freshwater consumption rate per person was found to be 283 L, half of which was converted to grey water. Reuse of grey water could reduce the freshwater consumption and hence wastewater treatment by 72.73 million imperial gallons per day (MIGD, which could lead to a savings of KD 87.6 (US $318.55 million from the annual freshwater production budget and between KD 15.93 (US $57.92 and KD 27.08 (US $98.46 million from the annual wastewater treatment budget.

  10. Credentialed Secure Communication "Switchboards"

    Freudenthal, Eric; Port, Lawrence; Keenan, Edward; Pesin, Tracy; Karamcheti, Vijay

    2001-01-01

    ... with connection monitoring facilities. Switchboard extends the secure authenticated communication channel abstraction provided by standard interfaces such as SSL/TLS with mechanisms to support trust management, key sharing, service...

  11. Security Dilemma

    Wivel, Anders

    2011-01-01

    What is a security dilemma? What are the consequences of security dilemmas in international politics?......What is a security dilemma? What are the consequences of security dilemmas in international politics?...

  12. Database and applications security integrating information security and data management

    Thuraisingham, Bhavani

    2005-01-01

    This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging

  13. Economic Analysis of Cyber Security

    Gallaher, Michael P; Rowe, Brent R; Rogozhin, Alex V; Link, Albert N

    2006-01-01

    .... However, few organizations attempt such analysis for their cyber security mechanisms. Key performance and evaluation metrics are not available, so organizations rely on qualitative assessments...

  14. Securing collaborative environments

    Agarwal, Deborah [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Jackson, Keith [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States); Thompson, Mary [Lawrence Berkeley National Lab. (LBNL), Berkeley, CA (United States)

    2002-05-16

    The diverse set of organizations and software components involved in a typical collaboratory make providing a seamless security solution difficult. In addition, the users need support for a broad range of frequency and locations for access to the collaboratory. A collaboratory security solution needs to be robust enough to ensure that valid participants are not denied access because of its failure. There are many tools that can be applied to the task of securing collaborative environments and these include public key infrastructure, secure sockets layer, Kerberos, virtual and real private networks, grid security infrastructure, and username/password. A combination of these mechanisms can provide effective secure collaboration capabilities. In this paper, we discuss the requirements of typical collaboratories and some proposals for applying various security mechanisms to collaborative environments.

  15. Introduction to Hardware Security

    Yier Jin

    2015-10-01

    Full Text Available Hardware security has become a hot topic recently with more and more researchers from related research domains joining this area. However, the understanding of hardware security is often mixed with cybersecurity and cryptography, especially cryptographic hardware. For the same reason, the research scope of hardware security has never been clearly defined. To help researchers who have recently joined in this area better understand the challenges and tasks within the hardware security domain and to help both academia and industry investigate countermeasures and solutions to solve hardware security problems, we will introduce the key concepts of hardware security as well as its relations to related research topics in this survey paper. Emerging hardware security topics will also be clearly depicted through which the future trend will be elaborated, making this survey paper a good reference for the continuing research efforts in this area.

  16. Enhancing implementation security of QKD

    Tamaki, Kiyoshi

    2017-10-01

    Quantum key distribution (QKD) can achieve information-theoretic security, which is a provable security against any eavesdropping, given that all the devices the sender and the receiver employ operate exactly as the theory of security requires. Unfortunately, however, it is difficult for practical devices to meet all such requirements, and therefore more works have to be done toward guaranteeing information-theoretic security in practice, i.e., implementation security. In this paper, we review our recent efforts to enhance implementation security. We also have a brief look at a flaw in security proofs and present how to fix it.

  17. Intercept-resend attacks in the Bennett-Brassard 1984 quantum-key-distribution protocol with weak coherent pulses

    Curty, Marcos; Luetkenhaus, Norbert

    2005-01-01

    Unconditional security proofs of the Bennett-Brassard 1984 protocol of quantum key distribution have been obtained recently. These proofs cover also practical implementations that utilize weak coherent pulses in the four signal polarizations. Proven secure rates leave open the possibility that new proofs or new public discussion protocols will obtain larger rates over increased distance. In this paper we investigate limits to the error rate and signal losses that can be tolerated by future protocols and proofs

  18. A pilot study using scripted ventilation conditions to identify key factors affecting indoor pollutant concentration and air exchange rate in a residence.

    Johnson, Ted; Myers, Jeffrey; Kelly, Thomas; Wisbith, Anthony; Ollison, Will

    2004-01-01

    A pilot study was conducted using an occupied, single-family test house in Columbus, OH, to determine whether a script-based protocol could be used to obtain data useful in identifying the key factors affecting air-exchange rate (AER) and the relationship between indoor and outdoor concentrations of selected traffic-related air pollutants. The test script called for hourly changes to elements of the test house considered likely to influence air flow and AER, including the position (open or closed) of each window and door and the operation (on/off) of the furnace, air conditioner, and ceiling fans. The script was implemented over a 3-day period (January 30-February 1, 2002) during which technicians collected hourly-average data for AER, indoor, and outdoor air concentrations for six pollutants (benzene, formaldehyde (HCHO), polycyclic aromatic hydrocarbons (PAH), carbon monoxide (CO), nitric oxide (NO), and nitrogen oxides (NO(x))), and selected meteorological variables. Consistent with expectations, AER tended to increase with the number of open exterior windows and doors. The 39 AER values measured during the study when all exterior doors and windows were closed varied from 0.36 to 2.29 h(-1) with a geometric mean (GM) of 0.77 h(-1) and a geometric standard deviation (GSD) of 1.435. The 27 AER values measured when at least one exterior door or window was opened varied from 0.50 to 15.8 h(-1) with a GM of 1.98 h(-1) and a GSD of 1.902. AER was also affected by temperature and wind speed, most noticeably when exterior windows and doors were closed. Results of a series of stepwise linear regression analyses suggest that (1) outdoor pollutant concentration and (2) indoor pollutant concentration during the preceding hour were the "variables of choice" for predicting indoor pollutant concentration in the test house under the conditions of this study. Depending on the pollutant and ventilation conditions, one or more of the following variables produced a small, but

  19. Cryptographic Key Management System

    No, author

    2014-02-21

    This report summarizes the outcome of U.S. Department of Energy (DOE) contract DE-OE0000543, requesting the design of a Cryptographic Key Management System (CKMS) for the secure management of cryptographic keys for the energy sector infrastructure. Prime contractor Sypris Electronics, in collaboration with Oak Ridge National Laboratories (ORNL), Electric Power Research Institute (EPRI), Valicore Technologies, and Purdue University's Center for Education and Research in Information Assurance and Security (CERIAS) and Smart Meter Integration Laboratory (SMIL), has designed, developed and evaluated the CKMS solution. We provide an overview of the project in Section 3, review the core contributions of all contractors in Section 4, and discuss bene ts to the DOE in Section 5. In Section 6 we describe the technical construction of the CKMS solution, and review its key contributions in Section 6.9. Section 7 describes the evaluation and demonstration of the CKMS solution in different environments. We summarize the key project objectives in Section 8, list publications resulting from the project in Section 9, and conclude with a discussion on commercialization in Section 10 and future work in Section 11.

  20. Security Evolution.

    De Patta, Joe

    2003-01-01

    Examines how to evaluate school security, begin making schools safe, secure schools without turning them into fortresses, and secure schools easily and affordably; the evolution of security systems into information technology systems; using schools' high-speed network lines; how one specific security system was developed; pros and cons of the…

  1. Cyber security awareness toolkit for national security: an approach to South Africa's cyber security policy implementation

    Phahlamohlaka, LJ

    2011-05-01

    Full Text Available The aim of this paper is to propose an approach that South Africa could follow in implementing its proposed cyber security policy. The paper proposes a Cyber Security Awareness Toolkit that is underpinned by key National Security imperatives...

  2. SecurID

    Now called RSA SecurID, SecurID is a mechanism developed by Security Dynamics that allows two-factor authentication for a user on a network resource. It works on the principle of the unique password mode, based on a shared secret. Every sixty seconds, the component generates a new six-digit token on the screen. The latter comes from the current time (internal clock) and the seed (SecurID private key that is available on the component, and is also from the SecurID server). During an authentication request, the SecurID server will check the entered token by performing exactly the same calculation as that performed by your component. The server knows the two information required for this calculation: the current time and the seed of your component. Access is allowed if the token calculated by the server matches the token you specified.

  3. Surviving security how to integrate people, process, and technology

    Andress, Amanda

    2003-01-01

    WHY DO I NEED SECURITY? Introduction The Importance of an Effective Security Infrastructure People, Process, and Technology What Are You Protecting Against? Types of Attacks Types of Attackers Security as a Competitive Advantage Choosing a Solution Finding Security Employees The Layered Approach UNDERSTANDING REQUIREMENTS AND RISK What Is Risk? Embracing Risk Information Security Risk Assessment Assessing Risk Insurance SECURITY POLICIES AND PROCEDURES Internal Focus Is Key Security Awareness and Education Policy Life Cycle Developing Policies Components of a Security Policy Sample Security Po

  4. Quantum key distribution with an unknown and untrusted source

    Zhao, Yi; Qi, Bing; Lo, Hoi-Kwong

    2009-03-01

    The security of a standard bi-directional ``plug & play'' quantum key distribution (QKD) system has been an open question for a long time. This is mainly because its source is equivalently controlled by an eavesdropper, which means the source is unknown and untrusted. Qualitative discussion on this subject has been made previously. In this paper, we present the first quantitative security analysis on a general class of QKD protocols whose sources are unknown and untrusted. The securities of standard BB84 protocol, weak+vacuum decoy state protocol, and one-decoy decoy state protocol, with unknown and untrusted sources are rigorously proved. We derive rigorous lower bounds to the secure key generation rates of the above three protocols. Our numerical simulation results show that QKD with an untrusted source gives a key generation rate that is close to that with a trusted source. Our work is published in [1]. [4pt] [1] Y. Zhao, B. Qi, and H.-K. Lo, Phys. Rev. A, 77:052327 (2008).

  5. Are you in Control? : That was the key question discussed at the second Dutch Second Dutch Process Control Security Event at the Technical University of Delft, December 4, 2008

    Luiijf, H.A.M.

    2009-01-01

    The second Dutch Process Control Security Event attracted many process control people. The event was organised by the National Infrastructure against Cybercrime (NICC). Over hundred people responsible for the security of process control systems (PCS) and related networks in many of the Dutch

  6. Three state quantum key distribution for small keys

    Batuwantudawe, J.; Boileau, J.-C.

    2005-01-01

    Full text: Quantum key distribution (QKD) protocols allow two parties, Alice and Bob, to establish secure keys. The most well-known protocol is BB84, using four distinct states. Recently, Phoenix et al. proposed a three state protocol. We explain the protocol and discuss its security proof. The three state protocol also has an interesting structure that allows for errors estimation from the inconclusive results (i.e.. where Alice and Bob choose different bases). This eliminates the need for sampling, potentially useful when qubits are limited. We discuss the effectiveness of this approach compared to BB84 for the case where a good error estimate is required. (author)

  7. Long-distance measurement-device-independent quantum key distribution with coherent-state superpositions.

    Yin, H-L; Cao, W-F; Fu, Y; Tang, Y-L; Liu, Y; Chen, T-Y; Chen, Z-B

    2014-09-15

    Measurement-device-independent quantum key distribution (MDI-QKD) with decoy-state method is believed to be securely applied to defeat various hacking attacks in practical quantum key distribution systems. Recently, the coherent-state superpositions (CSS) have emerged as an alternative to single-photon qubits for quantum information processing and metrology. Here, in this Letter, CSS are exploited as the source in MDI-QKD. We present an analytical method that gives two tight formulas to estimate the lower bound of yield and the upper bound of bit error rate. We exploit the standard statistical analysis and Chernoff bound to perform the parameter estimation. Chernoff bound can provide good bounds in the long-distance MDI-QKD. Our results show that with CSS, both the security transmission distance and secure key rate are significantly improved compared with those of the weak coherent states in the finite-data case.

  8. Secret-key expansion from covert communication

    Arrazola, Juan Miguel; Amiri, Ryan

    2018-02-01

    Covert communication allows the transmission of messages in such a way that it is not possible for adversaries to detect that the communication is occurring. This provides protection in situations where knowledge that two parties are talking to each other may be incriminating to them. In this work, we study how covert communication can be used for a different purpose: secret key expansion. First, we show that any message transmitted in a secure covert protocol is also secret and therefore unknown to an adversary. We then propose a covert communication protocol where the amount of key consumed in the protocol is smaller than the transmitted key, thus leading to secure secret key expansion. We derive precise conditions for secret key expansion to occur, showing that it is possible when there are sufficiently low levels of noise for a given security level. We conclude by examining how secret key expansion from covert communication can be performed in a computational security model.

  9. Quantum key distribution network for multiple applications

    Tajima, A.; Kondoh, T.; Ochi, T.; Fujiwara, M.; Yoshino, K.; Iizuka, H.; Sakamoto, T.; Tomita, A.; Shimamura, E.; Asami, S.; Sasaki, M.

    2017-09-01

    The fundamental architecture and functions of secure key management in a quantum key distribution (QKD) network with enhanced universal interfaces for smooth key sharing between arbitrary two nodes and enabling multiple secure communication applications are proposed. The proposed architecture consists of three layers: a quantum layer, key management layer and key supply layer. We explain the functions of each layer, the key formats in each layer and the key lifecycle for enabling a practical QKD network. A quantum key distribution-advanced encryption standard (QKD-AES) hybrid system and an encrypted smartphone system were developed as secure communication applications on our QKD network. The validity and usefulness of these systems were demonstrated on the Tokyo QKD Network testbed.

  10. Experimental quantum key distribution with simulated ground-to-satellite photon losses and processing limitations

    Bourgoin, Jean-Philippe; Gigov, Nikolay; Higgins, Brendon L.; Yan, Zhizhong; Meyer-Scott, Evan; Khandani, Amir K.; Lütkenhaus, Norbert; Jennewein, Thomas

    2015-11-01

    Quantum key distribution (QKD) has the potential to improve communications security by offering cryptographic keys whose security relies on the fundamental properties of quantum physics. The use of a trusted quantum receiver on an orbiting satellite is the most practical near-term solution to the challenge of achieving long-distance (global-scale) QKD, currently limited to a few hundred kilometers on the ground. This scenario presents unique challenges, such as high photon losses and restricted classical data transmission and processing power due to the limitations of a typical satellite platform. Here we demonstrate the feasibility of such a system by implementing a QKD protocol, with optical transmission and full post-processing, in the high-loss regime using minimized computing hardware at the receiver. Employing weak coherent pulses with decoy states, we demonstrate the production of secure key bits at up to 56.5 dB of photon loss. We further illustrate the feasibility of a satellite uplink by generating a secure key while experimentally emulating the varying losses predicted for realistic low-Earth-orbit satellite passes at 600 km altitude. With a 76 MHz source and including finite-size analysis, we extract 3374 bits of a secure key from the best pass. We also illustrate the potential benefit of combining multiple passes together: while one suboptimal "upper-quartile" pass produces no finite-sized key with our source, the combination of three such passes allows us to extract 165 bits of a secure key. Alternatively, we find that by increasing the signal rate to 300 MHz it would be possible to extract 21 570 bits of a secure finite-sized key in just a single upper-quartile pass.

  11. Quantum cryptography for secure free-space communications

    Hughes, R.J.; Buttler, W.T.; Kwiat, P.G.; Lamoreaux, S.K.; Luther, G.G.; Morgan, G.L.; Nordholt, J.E.; Peterson, C.G.

    1999-01-01

    The secure distribution of the secret random bit sequences known as key material, is an essential precursor to their use for the encryption and decryption of confidential communications. Quantum cryptography is a new technique for secure key distribution with single-photon transmissions: Heisenberg's uncertainty principle ensures that an adversary can neither successfully tap the key transmissions, nor evade detection (eavesdropping raises the key error rate above a threshold value). The authors have developed experimental quantum cryptography systems based on the transmission of non-orthogonal photon polarization states to generate shared key material over line-of-sight optical links. Key material is built up using the transmission of a single-photon per bit of an initial secret random sequence. A quantum-mechanically random subset of this sequence is identified, becoming the key material after a data reconciliation stage with the sender. The authors have developed and tested a free-space quantum key distribution (QKD) system over an outdoor optical path of ∼1 km at Los Alamos National Laboratory under nighttime conditions. Results show that free-space QKD can provide secure real-time key distribution between parties who have a need to communicate secretly. Finally, they examine the feasibility of surface to satellite QKD

  12. Effect of imperfect Faraday mirrors on the security of a Faraday–Michelson quantum cryptography system

    Wang, Wei-Long; Gao, Ming; Ma, Zhi

    2013-01-01

    The one-way Faraday–Michelson system is a very useful practical quantum cryptography system where Faraday mirrors (FMs) play an important role. In this paper we analyze the security of this system against imperfect FMs. We consider the security loophole caused by imperfect FMs in Alice’s and Bob’s security zones. Then we implement a passive FM attack in this system. By changing the values of the imperfection parameters of Alice’s FMs, we calculate the quantum bit error rate between Alice and Bob induced by Eve and the probability that Eve obtains outcomes successfully. It is shown that the imperfection of one of Alice’s two FMs makes the system sensitive to an attack. Finally we give a modified key rate as a function of the FM imperfections. The security analysis indicates that both Alice’s and Bob’s imperfect FMs can compromise the secure key. (paper)

  13. Quantum Secure Group Communication.

    Li, Zheng-Hong; Zubairy, M Suhail; Al-Amri, M

    2018-03-01

    We propose a quantum secure group communication protocol for the purpose of sharing the same message among multiple authorized users. Our protocol can remove the need for key management that is needed for the quantum network built on quantum key distribution. Comparing with the secure quantum network based on BB84, we show our protocol is more efficient and securer. Particularly, in the security analysis, we introduce a new way of attack, i.e., the counterfactual quantum attack, which can steal information by "invisible" photons. This invisible photon can reveal a single-photon detector in the photon path without triggering the detector. Moreover, the photon can identify phase operations applied to itself, thereby stealing information. To defeat this counterfactual quantum attack, we propose a quantum multi-user authorization system. It allows us to precisely control the communication time so that the attack can not be completed in time.

  14. Financial security

    de Goede, M.; Burgess, J.P.

    2010-01-01

    1. Introduction J. Peter Burgess Part 1: New Security Concepts 2. Civilizational Security Brett Bowden 3. Risk Oliver Kessler 4. Small Arms Keith Krause 5. Critical Human Security Taylor Owen 6. Critical Geopolitics Simon Dalby Part 2: New Security Subjects 7. Biopolitics Michael Dillon 8. Gendered

  15. Cyber security

    Voeller, John G

    2014-01-01

    Cyber Security features articles from the Wiley Handbook of Science and Technology for Homeland Security covering topics related to cyber security metrics and measure  and related technologies that meet security needs. Specific applications to web services, the banking and the finance sector, and industrial process control systems are discussed.

  16. Privacy amplification for quantum key distribution

    Watanabe, Yodai

    2007-01-01

    This paper examines classical privacy amplification using a universal family of hash functions. In quantum key distribution, the adversary's measurement can wait until the choice of hash functions is announced, and so the adversary's information may depend on the choice. Therefore the existing result on classical privacy amplification, which assumes the independence of the choice from the other random variables, is not applicable to this case. This paper provides a security proof of privacy amplification which is valid even when the adversary's information may depend on the choice of hash functions. The compression rate of the proposed privacy amplification can be taken to be the same as that of the existing one with an exponentially small loss in secrecy of a final key. (fast track communication)

  17. Mitigating Docker Security Issues

    Yasrab, Robail

    2018-01-01

    It is very easy to run applications in Docker. Docker offers an ecosystem that offers a platform for application packaging, distributing and managing within containers. However, Docker platform is yet not matured. Presently, Docker is less secured as compare to virtual machines (VM) and most of the other cloud technologies. The key of reason of Docker inadequate security protocols is containers sharing of Linux kernel, which can lead to risk of privileged escalations. This research is going t...

  18. Security negotiation

    Mitrović, Miroslav M.; Ivaniš, Željko

    2013-01-01

    Contemporary security challenges, risks and threats represent a resultant of the achieved level of interaction between various entities within the paradigm of global security relations. Asymmetry and nonlinearity are main features of contemporary challenges in the field of global security. Negotiation in the area of security, namely the security negotiation, thus goes beyond just the domain of negotiation in conflicts and takes into consideration particularly asymmetric forms of possible sour...

  19. Algorithms for Lightweight Key Exchange.

    Alvarez, Rafael; Caballero-Gil, Cándido; Santonja, Juan; Zamora, Antonio

    2017-06-27

    Public-key cryptography is too slow for general purpose encryption, with most applications limiting its use as much as possible. Some secure protocols, especially those that enable forward secrecy, make a much heavier use of public-key cryptography, increasing the demand for lightweight cryptosystems that can be implemented in low powered or mobile devices. This performance requirements are even more significant in critical infrastructure and emergency scenarios where peer-to-peer networks are deployed for increased availability and resiliency. We benchmark several public-key key-exchange algorithms, determining those that are better for the requirements of critical infrastructure and emergency applications and propose a security framework based on these algorithms and study its application to decentralized node or sensor networks.

  20. Indirection and computer security.

    Berg, Michael J.

    2011-09-01

    The discipline of computer science is built on indirection. David Wheeler famously said, 'All problems in computer science can be solved by another layer of indirection. But that usually will create another problem'. We propose that every computer security vulnerability is yet another problem created by the indirections in system designs and that focusing on the indirections involved is a better way to design, evaluate, and compare security solutions. We are not proposing that indirection be avoided when solving problems, but that understanding the relationships between indirections and vulnerabilities is key to securing computer systems. Using this perspective, we analyze common vulnerabilities that plague our computer systems, consider the effectiveness of currently available security solutions, and propose several new security solutions.

  1. Quantum photonic network and physical layer security.

    Sasaki, Masahide; Endo, Hiroyuki; Fujiwara, Mikio; Kitamura, Mitsuo; Ito, Toshiyuki; Shimizu, Ryosuke; Toyoshima, Morio

    2017-08-06

    Quantum communication and quantum cryptography are expected to enhance the transmission rate and the security (confidentiality of data transmission), respectively. We study a new scheme which can potentially bridge an intermediate region covered by these two schemes, which is referred to as quantum photonic network. The basic framework is information theoretically secure communications in a free space optical (FSO) wiretap channel, in which an eavesdropper has physically limited access to the main channel between the legitimate sender and receiver. We first review a theoretical framework to quantify the optimal balance of the transmission efficiency and the security level under power constraint and at finite code length. We then present experimental results on channel characterization based on 10 MHz on-off keying transmission in a 7.8 km terrestrial FSO wiretap channel.This article is part of the themed issue 'Quantum technology for the 21st century'. © 2017 The Author(s).

  2. Secure Multiparty AES

    Damgård, Ivan; Keller, Marcel

    We propose several variants of a secure multiparty computation protocol for AES encryption. The best variant requires 2200 + {{400}over{255}} expected elementary operations in expected 70 + {{20}over{255}} rounds to encrypt one 128-bit block with a 128-bit key. We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). Tests with three players (passive security against at most one corrupted player) in a local network showed that one block can be encrypted in 2 seconds. We also argue that this result could be improved by an optimized implementation.

  3. Measurement of key resonances for the 24Al(p ,γ )25Si reaction rate using in-beam γ -ray spectroscopy

    Longfellow, B.; Gade, A.; Brown, B. A.; Richter, W. A.; Bazin, D.; Bender, P. C.; Bowry, M.; Elman, B.; Lunderberg, E.; Weisshaar, D.; Williams, S. J.

    2018-05-01

    Energy levels and branching ratios for the rp-process nucleus 25Si were determined from the reactions 9Be(26Si,25Si)X and 9Be(25Al,25Si)X using in-beam γ -ray spectroscopy with both high-efficiency and high-resolution detector arrays. Proton-unbound states at 3695(14) and 3802(11) keV were identified and assigned tentative spins and parities based on comparison to theory and the mirror nucleus. The 24Al(p ,γ )25Si reaction rate was calculated using the experimental states and states from charge-dependent USDA and USDB shell-model calculations with downward shifts of the 1 s1 /2 proton orbital to account for the observed Thomas-Ehrman shift, leading to a factor of 10-100 increase in rate for the temperature region of 0.22 GK as compared to a previous calculation. These shifts may be applicable to neighboring nuclei, impacting the proton capture rates in this region of the chart.

  4. Dynamic secrets in communication security

    Xiao, Sheng; Towsley, Donald

    2013-01-01

    Dynamic secrets are constantly generated and updated from messages exchanged between two communication users. When dynamic secrets are used as a complement to existing secure communication systems, a stolen key or password can be quickly and automatically reverted to its secret status without disrupting communication. 'Dynamic Secrets in Communication Security' presents unique security properties and application studies for this technology. Password theft and key theft no longer pose serious security threats when parties frequently use dynamic secrets. This book also illustrates that a dynamic

  5. Multiparty quantum key agreement with single particles

    Liu, Bin; Gao, Fei; Huang, Wei; Wen, Qiao-yan

    2013-04-01

    Two conditions must be satisfied in a secure quantum key agreement (QKA) protocol: (1) outside eavesdroppers cannot gain the generated key without introducing any error; (2) the generated key cannot be determined by any non-trivial subset of the participants. That is, a secure QKA protocol can not only prevent the outside attackers from stealing the key, but also resist the attack from inside participants, i.e. some dishonest participants determine the key alone by illegal means. How to resist participant attack is an aporia in the design of QKA protocols, especially the multi-party ones. In this paper we present the first secure multiparty QKA protocol against both outside and participant attacks. Further more, we have proved its security in detail.

  6. Migratory timing, rate, routes and wintering areas of White-crested Elaenia (Elaenia albiceps chilensis, a key seed disperser for Patagonian forest regeneration.

    Susana Patricia Bravo

    Full Text Available Migratory animals often play key ecological roles within the communities they visit throughout their annual journeys. As a consequence of the links between biomes mediated by migrants, changes in one biome could affect remote areas in unpredictable ways. Migratory routes and timing of most Neotropical austral migrants, which breed at south temperate latitudes of South America and overwinter closer to or within tropical latitudes of South America, have yet to be described in detail. As a result, our understanding about how these birds provide links between South American biomes is almost non-existent. White-crested Elaenia (Elaenia albiceps chilensis is a long-distance austral migrant that breeds in the Patagonian Forest biome and overwinters in tropical South America. Because this small flycatcher plays a key role in the regeneration of this ecosystem, our objective was to describe the annual cycle of White-crested elaenias to evaluate the degree of migratory connectivity between breeding and wintering areas and therefore to determine if there are specific biomes of northern South America linked by elaenias to Patagonian forests. Fifteen individuals were successfully tracked throughout a complete migration cycle using miniature light-level geolocators. All individuals resided and moved through the same general regions. During fall (March-April-May, elaenias were located in the Caatinga and the Atlantic Forest biomes, from Rio de Janeiro to the region near Salvador da Bahia, Brazil. During winter (June-July-Aug., birds were located further inland, within the Cerrado biome. Birds used three different routes during fall migration. Our results indicate that some individuals use a direct route, flying between 500-600 km/day, crossing desert and grasslands, while others took a detour, flying 100-200 km/day through forested areas with refueling opportunities. All birds used the Yunga forest during spring migration, with ten out of 15 individuals

  7. Security Expertise

    systematic study of security expertise and opens up a productive dialogue between science and technology studies and security studies to investigate the character and consequences of this expertise. In security theory, the study of expertise is crucial to understanding whose knowledge informs security making......This volume brings together scholars from different fields to explore the power, consequences and everyday practices of security expertise. Expertise mediates between different forms of knowledge: scientific and technological, legal, economic and political knowledge. This book offers the first...... and to reflect on the impact and responsibility of security analysis. In science and technology studies, the study of security politics adds a challenging new case to the agenda of research on expertise and policy. The contributors investigate cases such as academic security studies, security think tanks...

  8. Quantum key distribution with hacking countermeasures and long term field trial.

    Dixon, A R; Dynes, J F; Lucamarini, M; Fröhlich, B; Sharpe, A W; Plews, A; Tam, W; Yuan, Z L; Tanizawa, Y; Sato, H; Kawamura, S; Fujiwara, M; Sasaki, M; Shields, A J

    2017-05-16

    Quantum key distribution's (QKD's) central and unique claim is information theoretic security. However there is an increasing understanding that the security of a QKD system relies not only on theoretical security proofs, but also on how closely the physical system matches the theoretical models and prevents attacks due to discrepancies. These side channel or hacking attacks exploit physical devices which do not necessarily behave precisely as the theory expects. As such there is a need for QKD systems to be demonstrated to provide security both in the theoretical and physical implementation. We report here a QKD system designed with this goal in mind, providing a more resilient target against possible hacking attacks including Trojan horse, detector blinding, phase randomisation and photon number splitting attacks. The QKD system was installed into a 45 km link of a metropolitan telecom network for a 2.5 month period, during which time the system operated continuously and distributed 1.33 Tbits of secure key data with a stable secure key rate over 200 kbit/s. In addition security is demonstrated against coherent attacks that are more general than the collective class of attacks usually considered.

  9. Establishment of the National Nuclear Regulatory Portal (NNRP) as the key element of the Global Nuclear Safety and Security Network and Regulatory Network (GNSSN/RegNet) for sharing of nuclear safety information and knowledge among the Global Expert Community

    Kuvshinnikov, A.V.

    2011-01-01

    The Global Nuclear Safety and Security Network (GNSSN) implements the concept of the Global Nuclear Safety and Security Framework (GNSSF) as outlined in INSAG 21. This is the framework of instruments and resources for achieving and maintaining worldwide a high level of safety and security at nuclear facilities and activities as stated in SF-1 and supporting safety standards or recommendations such as INSAG-12. National efforts are and should be augmented by the activities of a variety of international enterprises that facilitate safety and security. The IAEA standard GS-R-3 requires that information and knowledge is managed as a resource. Further strengthening of GNSSN in particular regulatory networking as intended by GNSSN/RegNet has to be based on current national priorities, on existing regional and thematic networks and on the established mechanisms of international co-operation as presented for example on the websites of the IAEA or the OECD-NEA. Current design and operation of RegNet are flexible enough to accommodate differences in national and international approaches and practices and to facilitate exchange and cooperation on regulatory matters. The main role of GNSSN/RegNet is sharing knowledge and bringing people together to enhance and promote nuclear safety and security. The objectives of GNSSN/RegNet: enhancing safety and security by international cooperation, sharing information and best practices, enabling adequate access to relevant safety and security information and promoting the dissemination of this information, implementing active collaboration in the relevant areas related to safety and security, such as joint projects, peer reviews, enabling synergies among existing networks and initiatives, informing the public on the relevant safety and security areas and the related international collaboration. In the RegNet part of the GNSSN exist the National Nuclear Regulatory Portal (NNRP) which is on one hand a part of the global RegNet and on the

  10. Spherical reconciliation for a continuous-variable quantum key distribution

    Lu Zhao; Shi Jian-Hong; Li Feng-Guang

    2017-01-01

    Information reconciliation is a significant step for a continuous-variable quantum key distribution (CV-QKD) system. We propose a reconciliation method that allows two authorized parties to extract a consistent and secure binary key in a CV-QKD protocol, which is based on Gaussian-modulated coherent states and homodyne detection. This method named spherical reconciliation is based on spherical quantization and non-binary low-density parity-check (LDPC) codes. With the suitable signal-to-noise ratio (SNR) and code rate of non-binary LDPC codes, spherical reconciliation algorithm has a high efficiency and can extend the transmission distance of CV-QKD. (paper)

  11. Detector dead-time effects and paralyzability in high-speed quantum key distribution

    Rogers, Daniel J; Bienfang, Joshua C; Nakassis, Anastase; Xu Hai; Clark, Charles W

    2007-01-01

    Recent advances in quantum key distribution (QKD) have given rise to systems that operate at transmission periods significantly shorter than the dead times of their component single-photon detectors. As systems continue to increase in transmission rate, security concerns associated with detector dead times can limit the production rate of sifted bits. We present a model of high-speed QKD in this limit that identifies an optimum transmission rate for a system with given link loss and detector response characteristics

  12. Multi-party Measurement-Device-Independent Quantum Key Distribution Based on Cluster States

    Liu, Chuanqi; Zhu, Changhua; Ma, Shuquan; Pei, Changxing

    2018-03-01

    We propose a novel multi-party measurement-device-independent quantum key distribution (MDI-QKD) protocol based on cluster states. A four-photon analyzer which can distinguish all the 16 cluster states serves as the measurement device for four-party MDI-QKD. Any two out of four participants can build secure keys after the analyzers obtains successful outputs and the two participants perform post-processing. We derive a security analysis for the protocol, and analyze the key rates under different values of polarization misalignment. The results show that four-party MDI-QKD is feasible over 280 km in the optical fiber channel when the key rate is about 10- 6 with the polarization misalignment parameter 0.015. Moreover, our work takes an important step toward a quantum communication network.

  13. Time–energy high-dimensional one-side device-independent quantum key distribution

    Bao Hai-Ze; Bao Wan-Su; Wang Yang; Chen Rui-Ke; Ma Hong-Xin; Zhou Chun; Li Hong-Wei

    2017-01-01

    Compared with full device-independent quantum key distribution (DI-QKD), one-side device-independent QKD (1sDI-QKD) needs fewer requirements, which is much easier to meet. In this paper, by applying recently developed novel time–energy entropic uncertainty relations, we present a time–energy high-dimensional one-side device-independent quantum key distribution (HD-QKD) and provide the security proof against coherent attacks. Besides, we connect the security with the quantum steering. By numerical simulation, we obtain the secret key rate for Alice’s different detection efficiencies. The results show that our protocol can performance much better than the original 1sDI-QKD. Furthermore, we clarify the relation among the secret key rate, Alice’s detection efficiency, and the dispersion coefficient. Finally, we simply analyze its performance in the optical fiber channel. (paper)

  14. Breaking chaotic shift key communication via adaptive key identification

    Ren Haipeng; Han Chongzhao; Liu Ding

    2008-01-01

    This paper proposes an adaptive parameter identification method for breaking chaotic shift key communication from the transmitted signal in public channel. The sensitive dependence property of chaos on parameter mismatch is used for chaos adaptive synchronization and parameter identification. An index function about the synchronization error is defined and conjugate gradient method is used to minimize the index function and to search the transmitter's parameter (key). By using proposed method, secure key is recovered from transmitted signal generated by low dimensional chaos and hyper chaos switching communication. Multi-parameters can also be identified from the transmitted signal with noise

  15. Optimal attacks on qubit-based Quantum Key Recycling

    Leermakers, Daan; Škorić, Boris

    2018-03-01

    Quantum Key Recycling (QKR) is a quantum cryptographic primitive that allows one to reuse keys in an unconditionally secure way. By removing the need to repeatedly generate new keys, it improves communication efficiency. Škorić and de Vries recently proposed a QKR scheme based on 8-state encoding (four bases). It does not require quantum computers for encryption/decryption but only single-qubit operations. We provide a missing ingredient in the security analysis of this scheme in the case of noisy channels: accurate upper bounds on the required amount of privacy amplification. We determine optimal attacks against the message and against the key, for 8-state encoding as well as 4-state and 6-state conjugate coding. We provide results in terms of min-entropy loss as well as accessible (Shannon) information. We show that the Shannon entropy analysis for 8-state encoding reduces to the analysis of quantum key distribution, whereas 4-state and 6-state suffer from additional leaks that make them less effective. From the optimal attacks we compute the required amount of privacy amplification and hence the achievable communication rate (useful information per qubit) of qubit-based QKR. Overall, 8-state encoding yields the highest communication rates.

  16. Information security architecture an integrated approach to security in the organization

    Killmeyer, Jan

    2000-01-01

    An information security architecture is made up of several components. Each component in the architecture focuses on establishing acceptable levels of control. These controls are then applied to the operating environment of an organization. Functionally, information security architecture combines technical, practical, and cost-effective solutions to provide an adequate and appropriate level of security.Information Security Architecture: An Integrated Approach to Security in the Organization details the five key components of an information security architecture. It provides C-level executives

  17. Key issues

    Cook, N.G.W.

    1980-01-01

    Successful modeling of the thermo-mechanical and hydrochemical behavior of radioactive waste repositories in hard rock is possible in principle. Because such predictions lie outside the realm of experience, their adequacy depends entirely upon a thorough understanding of three fundamental questions: an understanding of the chemical and physical processess that determine the behavior of rock and all its complexities; accurate and realistic numerical models of the geologic media within which a repository may be built; and sufficient in-situ data covering the entire geologic region affected by, or effecting the behavior of a repository. At present sufficient is known to be able to identify most of those areas which require further attention. These areas extend all the way from a complete understanding of the chemical and physical processes determining the behavior of rock through to the exploration mapping and testing that must be done during the development of any potential repository. Many of the techniques, laboratory equipment, field instrumentation, and numerical methods needed to accomplish this do not exist at present. Therefore it is necessary to accept that a major investment in scientific research is required to generate this information over the next few years. The spectrum of scientific and engineering activities is wide extending from laboratory measurements through the development of numerical models to the measurement of data in-situ, but there is every prospect that sufficient can be done to resolve these key issues. However, to do so requires overt recognition of the many gaps which exist in our knowledge and abilities today, and of the need to bridge these gaps and of the significant costs involved in doing so

  18. Watermarking security

    Bas, Patrick; Cayre, François; Doërr, Gwenaël; Mathon, Benjamin

    2016-01-01

    This book explains how to measure the security of a watermarking scheme, how to design secure schemes but also how to attack popular watermarking schemes. This book gathers the most recent achievements in the field of watermarking security by considering both parts of this cat and mouse game. This book is useful to industrial practitioners who would like to increase the security of their watermarking applications and for academics to quickly master this fascinating domain.

  19. High performance reconciliation for continuous-variable quantum key distribution with LDPC code

    Lin, Dakai; Huang, Duan; Huang, Peng; Peng, Jinye; Zeng, Guihua

    2015-03-01

    Reconciliation is a significant procedure in a continuous-variable quantum key distribution (CV-QKD) system. It is employed to extract secure secret key from the resulted string through quantum channel between two users. However, the efficiency and the speed of previous reconciliation algorithms are low. These problems limit the secure communication distance and the secure key rate of CV-QKD systems. In this paper, we proposed a high-speed reconciliation algorithm through employing a well-structured decoding scheme based on low density parity-check (LDPC) code. The complexity of the proposed algorithm is reduced obviously. By using a graphics processing unit (GPU) device, our method may reach a reconciliation speed of 25 Mb/s for a CV-QKD system, which is currently the highest level and paves the way to high-speed CV-QKD.

  20. Quantum-key-distribution protocol with pseudorandom bases

    Trushechkin, A. S.; Tregubov, P. A.; Kiktenko, E. O.; Kurochkin, Y. V.; Fedorov, A. K.

    2018-01-01

    Quantum key distribution (QKD) offers a way for establishing information-theoretical secure communications. An important part of QKD technology is a high-quality random number generator for the quantum-state preparation and for post-processing procedures. In this work, we consider a class of prepare-and-measure QKD protocols, utilizing additional pseudorandomness in the preparation of quantum states. We study one of such protocols and analyze its security against the intercept-resend attack. We demonstrate that, for single-photon sources, the considered protocol gives better secret key rates than the BB84 and the asymmetric BB84 protocols. However, the protocol strongly requires single-photon sources.

  1. Security Locks

    Hart, Kevin

    2010-01-01

    According to a 2008 "Year in Review" report by Educational Security Incidents, an online repository that collects data on higher education security issues, the total number of security incidents reported at universities and colleges worldwide rose to 173 in 2008, a 24.5 percent increase over 2007. The number of institutions…

  2. Parallel Device-Independent Quantum Key Distribution

    Jain, Rahul; Miller, Carl A.; Shi, Yaoyun

    2017-01-01

    A prominent application of quantum cryptography is the distribution of cryptographic keys with unconditional security. Recently, such security was extended by Vazirani and Vidick (Physical Review Letters, 113, 140501, 2014) to the device-independent (DI) scenario, where the users do not need to trust the integrity of the underlying quantum devices. The protocols analyzed by them and by subsequent authors all require a sequential execution of N multiplayer games, where N is the security parame...

  3. Tomographic Approach in Three-Orthogonal-Basis Quantum Key Distribution

    Liang Wen-Ye; Yin Zhen-Qiang; Chen Hua; Li Hong-Wei; Chen Wei; Han Zheng-Fu; Wen Hao

    2015-01-01

    At present, there is an increasing awareness of some three-orthogonal-basis quantum key distribution protocols, such as, the reference-frame-independent (RFI) protocol and the six-state protocol. For secure key rate estimations of these protocols, there are two methods: one is the conventional approach, and another is the tomographic approach. However, a comparison between these two methods has not been given yet. In this work, with the general model of rotation channel, we estimate the key rate using conventional and tomographic methods respectively. Results show that conventional estimation approach in RFI protocol is equivalent to tomographic approach only in the case of that one of three orthogonal bases is always aligned. In other cases, tomographic approach performs much better than the respective conventional approaches of the RFI protocol and the six-state protocol. Furthermore, based on the experimental data, we illustrate the deep connections between tomography and conventional RFI approach representations. (paper)

  4. Long-distance quantum key distribution with imperfect devices

    Lo Piparo, Nicoló; Razavi, Mohsen

    2014-01-01

    Quantum key distribution over probabilistic quantum repeaters is addressed. We compare, under practical assumptions, two such schemes in terms of their secure key generation rate per memory, R QKD . The two schemes under investigation are the one proposed by Duan et al. in [Nat. 414, 413 (2001)] and that of Sangouard et al. proposed in [Phys. Rev. A 76, 050301 (2007)]. We consider various sources of imperfections in the latter protocol, such as a nonzero double-photon probability for the source, dark count per pulse, channel loss and inefficiencies in photodetectors and memories, to find the rate for different nesting levels. We determine the maximum value of the double-photon probability beyond which it is not possible to share a secret key anymore. We find the crossover distance for up to three nesting levels. We finally compare the two protocols

  5. Phase-remapping attack in practical quantum-key-distribution systems

    Fung, Chi-Hang Fred; Qi, Bing; Lo, Hoi-Kwong; Tamaki, Kiyoshi

    2007-01-01

    Quantum key distribution (QKD) can be used to generate secret keys between two distant parties. Even though QKD has been proven unconditionally secure against eavesdroppers with unlimited computation power, practical implementations of QKD may contain loopholes that may lead to the generated secret keys being compromised. In this paper, we propose a phase-remapping attack targeting two practical bidirectional QKD systems (the 'plug-and-play' system and the Sagnac system). We showed that if the users of the systems are unaware of our attack, the final key shared between them can be compromised in some situations. Specifically, we showed that, in the case of the Bennett-Brassard 1984 (BB84) protocol with ideal single-photon sources, when the quantum bit error rate (QBER) is between 14.6% and 20%, our attack renders the final key insecure, whereas the same range of QBER values has been proved secure if the two users are unaware of our attack; also, we demonstrated three situations with realistic devices where positive key rates are obtained without the consideration of Trojan horse attacks but in fact no key can be distilled. We remark that our attack is feasible with only current technology. Therefore, it is very important to be aware of our attack in order to ensure absolute security. In finding our attack, we minimize the QBER over individual measurements described by a general POVM, which has some similarity with the standard quantum state discrimination problem

  6. China demonstrates intercontinental quantum key distribution

    Johnston, Hamish

    2017-11-01

    A quantum cryptography key has been shared between Beijing and Vienna using a satellite - allowing the presidents of the Chinese Academy of Sciences and Austrian Academy of Sciences to communicate via a secure video link.

  7. Quantum Security of Cryptographic Primitives

    Gagliardoni, Tommaso

    2017-01-01

    We call quantum security the area of IT security dealing with scenarios where one or more parties have access to quantum hardware. This encompasses both the fields of post-quantum cryptography (that is, traditional cryptography engineered to be resistant against quantum adversaries), and quantum cryptography (that is, security protocols designed to be natively run on a quantum infrastructure, such as quantum key distribution). Moreover, there exist also hybrid models, where traditional crypto...

  8. Adaptive spatial filtering for daytime satellite quantum key distribution

    Gruneisen, Mark T.; Sickmiller, Brett A.; Flanagan, Michael B.; Black, James P.; Stoltenberg, Kurt E.; Duchane, Alexander W.

    2014-11-01

    The rate of secure key generation (SKG) in quantum key distribution (QKD) is adversely affected by optical noise and loss in the quantum channel. In a free-space atmospheric channel, the scattering of sunlight into the channel can lead to quantum bit error ratios (QBERs) sufficiently large to preclude SKG. Furthermore, atmospheric turbulence limits the degree to which spatial filtering can reduce sky noise without introducing signal losses. A system simulation quantifies the potential benefit of tracking and higher-order adaptive optics (AO) technologies to SKG rates in a daytime satellite engagement scenario. The simulations are performed assuming propagation from a low-Earth orbit (LEO) satellite to a terrestrial receiver that includes an AO system comprised of a Shack-Hartmann wave-front sensor (SHWFS) and a continuous-face-sheet deformable mirror (DM). The effects of atmospheric turbulence, tracking, and higher-order AO on the photon capture efficiency are simulated using statistical representations of turbulence and a time-domain waveoptics hardware emulator. Secure key generation rates are then calculated for the decoy state QKD protocol as a function of the receiver field of view (FOV) for various pointing angles. The results show that at FOVs smaller than previously considered, AO technologies can enhance SKG rates in daylight and even enable SKG where it would otherwise be prohibited as a consequence of either background optical noise or signal loss due to turbulence effects.

  9. Factors affecting initial disability allowance rates for the Disability Insurance and Supplemental Security Income programs: the role of the demographic and diagnostic composition of applicants and local labor market conditions.

    Rupp, Kalman

    2012-01-01

    Various factors outside the control of decision makers may affect the rate at which disability applications are allowed or denied during the initial step of eligibility determination in the Social Security Disability Insurance (DI) and Supplemental Security Income (SSI) programs. In this article, using individual-level data on applications, I estimate the role of three important factors--the demographic characteristics of applicants, the diagnostic mix of applicants, and the local unemployment rate--in affecting the probability of an initial allowance and state allowance rates. I use a random sample of initial determinations from 1993 through 2008 and a fixed-effects multiple regression framework. The empirical results show that the demographic and diagnostic characteristics of applicants and the local unemployment rate substantially affect the initial allowance rate. An increase in the local unemployment rate tends to be associated with a decrease in the initial allowance rate. This negative relationship holds for adult DI and SSI applicants and for SSI childhood applicants.

  10. Quantum key distribution with several intercept-resend attacks via a depolarizing channel

    Dehmani, Mustapha; Errahmani, Mohamed; Ez-Zahraouy, Hamid; Benyoussef, Abdelilah

    2012-01-01

    The disturbance effect of a depolarizing channel on the security of the quantum key distribution of the four-state BB84 protocol, with multiple sequential intercept-resend attacks of many eavesdroppers, has been studied. The quantum bit error rate and the mutual information are computed for an arbitrary number N of eavesdroppers. It is found that the quantum error rate decreases with increasing the depolarizing parameter p characterizing the noise of the channel. For p tr of p below which the information is secure and otherwise the information is not secure. The value of p tr decreases with increasing the number of attacks. In contrast, for p ⩾ 0.165, the information is not secure independently of the number of eavesdroppers. Phase diagrams corresponding to the secure—unsecure information are also established. (paper)

  11. Design-Efficiency in Security

    Yuksel, Ender; Nielson, Hanne Riis; Nielson, Flemming

    In this document, we present our applied results on balancing security and performance using a running example, which is based on sensor networks. These results are forming a basis for a new approach to balance security and performance, and therefore provide design-­efficiency of key updates. We...

  12. Social Security, Intergenerational Transfers, and Endogenous Growth

    Junsen Zhang; Junxi Zhang

    1998-01-01

    In this paper, the effects of social security in a simple model of endogenous growth with alternative motives of having children are analyzed. It shows how the effects of social security depend on the size of the social security tax, the motive to have children, and the pattern of intergenerational transfers. The pattern of intergenerational transfers itself, however, is shown to change with the social security tax rate. When the social security tax is not too high, social security increases ...

  13. Mali and Nigeria Should be Established as Key Regional Partners of the United States to Further Mutual Interests for Ensuring Long-Term Security and Stability in the Sahel Region

    2016-06-10

    natural resources and markets through the IMF and World Bank’s Structural Adjustment Programs ( SAPs ) during the 1980s. As a result, the security...development- indicators&Type=TABLE&preview=on#. On the macroeconomics spectrum, an economic dependency, poor human resources , and lack of... resources became involved in the region but now find it necessary to protect their interests and homelands from a variety of hybrid threats

  14. Securing Cloud - The Quantum Way

    Pandya, Marmik

    2015-01-01

    Confidentiality, Integrity, and Availability are basic goals of security architecture. To ensure CIA, many authentication scheme has been introduced in several years. Currently deployment of Public Key Infrastructure (PKI) is a most significant solution. PKI involving exchange key using certificates via a public channel to a authenticate users in the cloud infrastructure. It is exposed to widespread security threats such as eavesdropping, the man in the middle attack, masquerade et al. Quantu...

  15. Secure Wireless Sensor Networks: Problems and Solutions

    Fei Hu

    2003-08-01

    Full Text Available As sensor networks edge closer towards wide-spread deployment, security issues become a central concern. So far, the main research focus has been on making sensor networks feasible and useful, and less emphasis was placed on security. This paper analyzes security challenges in wireless sensor networks and summarizes key issues that should be solved for achieving the ad hoc security. It gives an overview of the current state of solutions on such key issues as secure routing, prevention of denial-of-service and key management service. We also present some secure methods to achieve security in wireless sensor networks. Finally we present our integrated approach to securing sensor networks.

  16. Social security for seafarers globally

    Jensen, Olaf; Canals, Luisa; Haarløv, Erik

    2013-01-01

    Social security for seafarers globally Background: Social security protection is one of the essential elements of decent work. The issue is complex and no previous epidemiological studies of the coverage among seafarers have yet been performed. Objectives: The aim was to overcome the gap...... of knowledge to promote the discussion and planning of the implementation of social security for all seafarers. Methods: The seafarers completed a short questionnaire concerning their knowledge about their social security status. Results: Significant disparities of coverage of social security were pointed out...... comes from poorer countries without substantial social security systems. The solutions suggested are to implement the minimum requirements as recommended by the ILO 2006 Convention, to survey the implementation and in the long term to struggle for global social equality. Key words: Social security...

  17. Robust Public Key Cryptography — A New Cryptosystem Surviving Private Key Compromise

    Shaik, Cheman

    A weakness of the present-day public key cryptosystems is that these cryptosystems do not survive private-key compromise attacks resulting from an internal breach of trust. In a competitive business environment, private key compromise is a common incident that voids the strength of public key cryptosystems such as RSA and ECC. Bribing corporate employees to disclose their secret keys and inadvertently disclosing secret information are among a plethora of practical attacks that occur at the implementation level. Once a breach of trust takes place and subsequently the private key is revealed, any public key cryptosystem fails to secure electronic data in Internet communications. The revealed key may be used by an attacker to decipher the intercepted data at an intermediary router. This weakness of public key cryptography calls for an additional security measure that enables encryptions to survive private key compromise attacks.

  18. Practical performance of real-time shot-noise measurement in continuous-variable quantum key distribution

    Wang, Tao; Huang, Peng; Zhou, Yingming; Liu, Weiqi; Zeng, Guihua

    2018-01-01

    In a practical continuous-variable quantum key distribution (CVQKD) system, real-time shot-noise measurement (RTSNM) is an essential procedure for preventing the eavesdropper exploiting the practical security loopholes. However, the performance of this procedure itself is not analyzed under the real-world condition. Therefore, we indicate the RTSNM practical performance and investigate its effects on the CVQKD system. In particular, due to the finite-size effect, the shot-noise measurement at the receiver's side may decrease the precision of parameter estimation and consequently result in a tight security bound. To mitigate that, we optimize the block size for RTSNM under the ensemble size limitation to maximize the secure key rate. Moreover, the effect of finite dynamics of amplitude modulator in this scheme is studied and its mitigation method is also proposed. Our work indicates the practical performance of RTSNM and provides the real secret key rate under it.

  19. The summarize of the technique about proactive network security protection

    Liu Baoxu; Li Xueying; Cao Aijuan; Yu Chuansong; Xu Rongsheng

    2003-01-01

    The proactive protection measures and the traditional passive security protection tools are complementarities each other. It also can supply the conventional network security protection system and enhance its capability of the security protection. Based upon sorts of existing network security technologies, this article analyses and summarizes the technologies, functions and the development directions of some key proactive network security protection tools. (authors)

  20. Smart grid security

    Cuellar, Jorge (ed.) [Siemens AG, Muenchen (Germany). Corporate Technology

    2013-11-01

    The engineering, deployment and security of the future smart grid will be an enormous project requiring the consensus of many stakeholders with different views on the security and privacy requirements, not to mention methods and solutions. The fragmentation of research agendas and proposed approaches or solutions for securing the future smart grid becomes apparent observing the results from different projects, standards, committees, etc, in different countries. The different approaches and views of the papers in this collection also witness this fragmentation. This book contains the following papers: 1. IT Security Architecture Approaches for Smart Metering and Smart Grid. 2. Smart Grid Information Exchange - Securing the Smart Grid from the Ground. 3. A Tool Set for the Evaluation of Security and Reliability in Smart Grids. 4. A Holistic View of Security and Privacy Issues in Smart Grids. 5. Hardware Security for Device Authentication in the Smart Grid. 6. Maintaining Privacy in Data Rich Demand Response Applications. 7. Data Protection in a Cloud-Enabled Smart Grid. 8. Formal Analysis of a Privacy-Preserving Billing Protocol. 9. Privacy in Smart Metering Ecosystems. 10. Energy rate at home Leveraging ZigBee to Enable Smart Grid in Residential Environment.

  1. Calculation of key reduction for B92 QKD protocol

    Mehic, Miralem; Partila, Pavol; Tovarek, Jaromir; Voznak, Miroslav

    2015-05-01

    It is well known that Quantum Key Distribution (QKD) can be used with the highest level of security for distribution of the secret key, which is further used for symmetrical encryption. B92 is one of the oldest QKD protocols. It uses only two non-orthogonal states, each one coding for one bit-value. It is much faster and simpler when compared to its predecessors, but with the idealized maximum efficiencies of 25% over the quantum channel. B92 consists of several phases in which initial key is significantly reduced: secret key exchange, extraction of the raw key (sifting), error rate estimation, key reconciliation and privacy amplification. QKD communication is performed over two channels: the quantum channel and the classical public channel. In order to prevent a man-in-the-middle attack and modification of messages on the public channel, authentication of exchanged values must be performed. We used Wegman-Carter authentication because it describes an upper bound for needed symmetric authentication key. We explained the reduction of the initial key in each of QKD phases.

  2. Grid Security

    CERN. Geneva

    2004-01-01

    The aim of Grid computing is to enable the easy and open sharing of resources between large and highly distributed communities of scientists and institutes across many independent administrative domains. Convincing site security officers and computer centre managers to allow this to happen in view of today's ever-increasing Internet security problems is a major challenge. Convincing users and application developers to take security seriously is equally difficult. This paper will describe the main Grid security issues, both in terms of technology and policy, that have been tackled over recent years in LCG and related Grid projects. Achievements to date will be described and opportunities for future improvements will be addressed.

  3. A practical two-way system of quantum key distribution with untrusted source

    Chen Ming-Juan; Liu Xiang

    2011-01-01

    The most severe problem of a two-way 'plug-and-play' (p and p) quantum key distribution system is that the source can be controlled by the eavesdropper. This kind of source is defined as an “untrusted source . This paper discusses the effects of the fluctuation of internal transmittance on the final key generation rate and the transmission distance. The security of the standard BB84 protocol, one-decoy state protocol, and weak+vacuum decoy state protocol, with untrusted sources and the fluctuation of internal transmittance are studied. It is shown that the one-decoy state is sensitive to the statistical fluctuation but weak+vacuum decoy state is only slightly affected by the fluctuation. It is also shown that both the maximum secure transmission distance and final key generation rate are reduced when Alice's laboratory transmittance fluctuation is considered. (general)

  4. Implementation of continuous-variable quantum key distribution with discrete modulation

    Hirano, Takuya; Ichikawa, Tsubasa; Matsubara, Takuto; Ono, Motoharu; Oguri, Yusuke; Namiki, Ryo; Kasai, Kenta; Matsumoto, Ryutaroh; Tsurumaru, Toyohiro

    2017-06-01

    We have developed a continuous-variable quantum key distribution (CV-QKD) system that employs discrete quadrature-amplitude modulation and homodyne detection of coherent states of light. We experimentally demonstrated automated secure key generation with a rate of 50 kbps when a quantum channel is a 10 km optical fibre. The CV-QKD system utilises a four-state and post-selection protocol and generates a secure key against the entangling cloner attack. We used a pulsed light source of 1550 nm wavelength with a repetition rate of 10 MHz. A commercially available balanced receiver is used to realise shot-noise-limited pulsed homodyne detection. We used a non-binary LDPC code for error correction (reverse reconciliation) and the Toeplitz matrix multiplication for privacy amplification. A graphical processing unit card is used to accelerate the software-based post-processing.

  5. Secure cloud computing

    Jajodia, Sushil; Samarati, Pierangela; Singhal, Anoop; Swarup, Vipin; Wang, Cliff

    2014-01-01

    This book presents a range of cloud computing security challenges and promising solution paths. The first two chapters focus on practical considerations of cloud computing. In Chapter 1, Chandramouli, Iorga, and Chokani describe the evolution of cloud computing and the current state of practice, followed by the challenges of cryptographic key management in the cloud. In Chapter 2, Chen and Sion present a dollar cost model of cloud computing and explore the economic viability of cloud computing with and without security mechanisms involving cryptographic mechanisms. The next two chapters addres

  6. High-capacity quantum key distribution via hyperentangled degrees of freedom

    Simon, David S; Sergienko, Alexander V

    2014-01-01

    Quantum key distribution (QKD) has long been a promising area for the application of quantum effects in solving real-world problems. However, two major obstacles have stood in the way of its widespread application: low secure key generation rates and short achievable operating distances. In this paper, a new physical mechanism for dealing with the first of these problems is proposed: the interplay between different degrees of freedom in a hyperentangled system (parametric down-conversion) is used to increase the Hilbert space dimension available for key generation while maintaining security. Polarization-based Bell tests provide security checking, while orbital angular momentum (OAM) and total angular momentum (TAM) provide a higher key generation rate. Whether to measure TAM or OAM is decided randomly in each trial. The concurrent noncommutativity of TAM with OAM and polarization provides the physical basis for quantum security. TAM measurements link polarization to OAM, so that if the legitimate participants measure OAM while the eavesdropper measures TAM (or vice-versa), then polarization entanglement is lost, revealing the eavesdropper. In contrast to other OAM-based QKD methods, complex active switching between OAM bases is not required; instead, passive switching by beam splitters combined with much simpler active switching between polarization bases makes implementation at high OAM more practical. (paper)

  7. Analysis of a security protocol in ?CRL

    J. Pang

    2002-01-01

    textabstractNeedham-Schroeder public-key protocol; With the growth and commercialization of the Internet, the security of communication between computers becomes a crucial point. A variety of security protocols based on cryptographic primitives are used to establish secure communication over

  8. Internet security information system implement method

    Liu Baoxu; Mei Jie; Xu Rongsheng; An Dehai; Yu Mingjian; Chen Xiangyang; Zheng Peng

    1999-01-01

    On the basis of analysis of the key elements that will affect the Internet Security Information System, the author takes UNIX Operating System as an example, and provides the important stages that must be considered when implementing the Internet Security Information System. An implemental model of the Internet Security Information System is given

  9. Social Security.

    Social and Labour Bulletin, 1983

    1983-01-01

    This group of articles discusses a variety of studies related to social security and retirement benefits. These studies are related to both developing and developed nations and are also concerned with studying work conditions and government role in administering a democratic social security system. (SSH)

  10. Redefining security.

    Mathews, J T

    1989-01-01

    The concept of US national security was redefined in the 1970s to include international economics, and lately environmental degradation has also become a factor, as pollution transcends boundaries. By 2100 another 5-6 billion people may be added to the world's population requiring dramatic production and technology transformation with the resultant expanded energy use, emissions, and waste impacting the ecosystem. Climate change through global warming is in the offing. The exponential growth of the population in the developing world poses a crucial challenge for food production, housing, and employment. At a 1% growth rate population doubles in 72 years, while at 3% it doubles in 24 years. Africa's growth rate is almost 3%, it is close to 2% in Latin America, and it is somewhat less in Asia. Renewable resources such as overfished fishing grounds can become nonrenewable, and vanished species can never be resurrected. Deforestation leads to soil erosion, damage to water resources through floods and silting of irrigation networks, and accelerated loss of species. 20% of species could disappear by 2000 thereby losing genetic resources for chemicals, drugs, and food sources. Overcultivation has caused major erosion and decline of agricultural productivity in Haiti, Guatemala, Turkey, and India. Lopsided land ownership in Latin America requires land reform for sustainable agricultural production in the face of the majority of people cultivating plots for bare subsistence. Human practices that have caused environmental damage include concessions granted to logging companies in the Philippines, mismanagement of natural resources in sub-Saharan Africa, the ozone hole, and the greenhouse effect with potential climate changes. Solutions include family planning, efficient energy use, sustainable agroforestry techniques, and environmental accounting of goods and services.

  11. Detector decoy quantum key distribution

    Moroder, Tobias; Luetkenhaus, Norbert; Curty, Marcos

    2009-01-01

    Photon number resolving detectors can enhance the performance of many practical quantum cryptographic setups. In this paper, we employ a simple method to estimate the statistics provided by such a photon number resolving detector using only a threshold detector together with a variable attenuator. This idea is similar in spirit to that of the decoy state technique, and is especially suited to those scenarios where only a few parameters of the photon number statistics of the incoming signals have to be estimated. As an illustration of the potential applicability of the method in quantum communication protocols, we use it to prove security of an entanglement-based quantum key distribution scheme with an untrusted source without the need for a squash model and by solely using this extra idea. In this sense, this detector decoy method can be seen as a different conceptual approach to adapt a single-photon security proof to its physical, full optical implementation. We show that in this scenario, the legitimate users can now even discard the double click events from the raw key data without compromising the security of the scheme, and we present simulations on the performance of the BB84 and the 6-state quantum key distribution protocols.

  12. Commercial Security on the Internet.

    Liddy, Carrie

    1996-01-01

    Discusses commercial security on the Internet and explains public key technology as successfully melding the conflicting requirements of openness for practical business applications and isolation and confidentiality for protection of data. Examples of public key value-added products are described, including encryption, digital signature and…

  13. Lemnos Interoperable Security Program

    Stewart, John [Tennessee Valley Authority, Knoxville, TN (United States); Halbgewachs, Ron [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Chavez, Adrian [Sandia National Lab. (SNL-NM), Albuquerque, NM (United States); Smith, Rhett [Schweitzer Engineering Laboratories, Chattanooga, TN (United States); Teumim, David [Teumim Technical, Allentown, PA (United States)

    2012-01-31

    The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security. The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or tunnels , to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single vendor solutions may inadvertently lock

  14. Computer Security at Nuclear Facilities

    Cavina, A.

    2013-01-01

    This series of slides presents the IAEA policy concerning the development of recommendations and guidelines for computer security at nuclear facilities. A document of the Nuclear Security Series dedicated to this issue is on the final stage prior to publication. This document is the the first existing IAEA document specifically addressing computer security. This document was necessary for 3 mains reasons: first not all national infrastructures have recognized and standardized computer security, secondly existing international guidance is not industry specific and fails to capture some of the key issues, and thirdly the presence of more or less connected digital systems is increasing in the design of nuclear power plants. The security of computer system must be based on a graded approach: the assignment of computer system to different levels and zones should be based on their relevance to safety and security and the risk assessment process should be allowed to feed back into and influence the graded approach

  15. Information security management handbook

    Tipton, Harold F

    2006-01-01

    Access Control Systems and Methodology. Telecommunications and Network Security. Security Management Practices. Application Program Security. Cryptography. Computer, System, and Security Architecture. Operations Security. Business Continuity Planning and Disaster Recovery Planning. Law, Investigation and Ethics. Physical Security.

  16. Design and realization of a network security model

    WANG, Jiahai; HAN, Fangxi; Tang, Zheng; TAMURA, Hiroki; Ishii, Masahiro

    2002-01-01

    The security of information is a key problem in the development of network technology. The basic requirements of security of information clearly include confidentiality, integrity, authentication and non-repudiation. This paper proposes a network security model that is composed of security system, security connection and communication, and key management. The model carries out encrypting, decrypting, signature and ensures confidentiality, integrity, authentication and non-repudiation. Finally...

  17. Personality traits as predictors of inpatient aggression in a high-security forensic psychiatric setting: prospective evaluation of the PCL-R and IPDE dimension ratings.

    Langton, Calvin M; Hogue, Todd E; Daffern, Michael; Mannion, Aisling; Howells, Kevin

    2011-05-01

    The Dangerous and Severe Personality Disorder (DSPD) initiative in England and Wales provides specialized care to high-risk offenders with mental disorders. This study investigated the predictive utility of personality traits, assessed using the Psychopathy Checklist-Revised (PCL-R) and the International Personality Disorder Examination, with 44 consecutive admissions to the DSPD unit at a high-security forensic psychiatric hospital. Incidents of interpersonal physical aggression (IPA) were observed for 39% of the sample over an average 1.5-year period following admission. Histrionic personality disorder (PD) predicted IPA, and Histrionic, Borderline, and Antisocial PDs all predicted repetitive (2+ incidents of) IPA. PCL-R Factor 1 and Facets 1 and 2 were also significant predictors of IPA. PCL-R Factor 1 and Histrionic PD scores were significantly associated with imminence of IPA. Results were discussed in terms of the utility of personality traits in risk assessment and treatment of specially selected high-risk forensic psychiatric patients in secure settings.

  18. Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network.

    Sumithra Alagarsamy

    Full Text Available Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff Equation using an Integration Factor (DiffEIF, minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network.

  19. Complex Conjugated certificateless-based signcryption with differential integrated factor for secured message communication in mobile network.

    Alagarsamy, Sumithra; Rajagopalan, S P

    2017-01-01

    Certificateless-based signcryption overcomes inherent shortcomings in traditional Public Key Infrastructure (PKI) and Key Escrow problem. It imparts efficient methods to design PKIs with public verifiability and cipher text authenticity with minimum dependency. As a classic primitive in public key cryptography, signcryption performs validity of cipher text without decryption by combining authentication, confidentiality, public verifiability and cipher text authenticity much more efficiently than the traditional approach. In this paper, we first define a security model for certificateless-based signcryption called, Complex Conjugate Differential Integrated Factor (CC-DIF) scheme by introducing complex conjugates through introduction of the security parameter and improving secured message distribution rate. However, both partial private key and secret value changes with respect to time. To overcome this weakness, a new certificateless-based signcryption scheme is proposed by setting the private key through Differential (Diff) Equation using an Integration Factor (DiffEIF), minimizing computational cost and communication overhead. The scheme is therefore said to be proven secure (i.e. improving the secured message distributing rate) against certificateless access control and signcryption-based scheme. In addition, compared with the three other existing schemes, the CC-DIF scheme has the least computational cost and communication overhead for secured message communication in mobile network.

  20. Strategic information security

    Wylder, John

    2003-01-01

    Introduction to Strategic Information SecurityWhat Does It Mean to Be Strategic? Information Security Defined The Security Professional's View of Information Security The Business View of Information SecurityChanges Affecting Business and Risk Management Strategic Security Strategic Security or Security Strategy?Monitoring and MeasurementMoving Forward ORGANIZATIONAL ISSUESThe Life Cycles of Security ManagersIntroductionThe Information Security Manager's Responsibilities The Evolution of Data Security to Information SecurityThe Repository Concept Changing Job Requirements Business Life Cycles

  1. RISK MANAGEMENT FROM THE INFORMATION SECURITY PERSPECTIVE

    Riza Ionuț

    2017-11-01

    Full Text Available Risk management has emerged ever since the appearance of human communities and it has developed at a slow rate. Over time, a significant improvement was made, from accepting hazards to the identification, evaluation and control of unwanted events, threat prevention and exploitation of opportunities through scientific risk management actions. The fundamental role of research in cyber security is to concentrate the efforts on those contexts and conditions which determine the way in which key players reach a common understanding of the way to conceive and eventually answer to certain challenges in cyber security. In order to build a clear perception of these effects, this work presents the main elements which define cyber space, to come to the aid of turning the management process into an efficient one, especially when talking about cyber space as a space for conflicts, both economic and political.

  2. Security Bingo

    Computer Security Team

    2011-01-01

    Want to check your security awareness and win one of three marvellous books on computer security? Just print out this page, mark which of the 25 good practices below you already follow, and send the sheet back to us by 31 October 2011 at either Computer.Security@cern.ch or P.O. Box G19710.   Winners[1] must show that they fulfil at least five good practices in a continuous vertical, horizontal or diagonal row. For details on CERN Computer Security, please consult http://cern.ch/security. I personally…   …am concerned about computer security. …run my computer with an anti-virus software and up-to-date signature files. …lock my computer screen whenever I leave my office. …have chosen a reasonably complex password. …have restricted access to all my files and data. …am aware of the security risks and threats to CERN’s computing facilities. &hell...

  3. On the security of SSL/TLS-enabled applications

    Das, Manik Lal; Samdaria, Navkar

    2014-01-01

    SSL/TLS (Secure Socket Layer/Transport Layer Security)-enabled web applications aim to provide public key certificate based authentication, secure session key establishment, and symmetric key based traffic confidentiality. A large number of electronic commerce applications, such as stock trading, banking, shopping, and gaming rely on the security strength of the SSL/TLS protocol. In recent times, a potential threat, known as main-in-the-middle (MITM) attack, has been exploited by attackers of...

  4. User-Centric Key Entropy: Study of Biometric Key Derivation Subject to Spoofing Attacks

    Lavinia Mihaela Dinca

    2017-02-01

    Full Text Available Biometric data can be used as input for PKI key pair generation. The concept of not saving the private key is very appealing, but the implementation of such a system shouldn’t be rushed because it might prove less secure then current PKI infrastructure. One biometric characteristic can be easily spoofed, so it was believed that multi-modal biometrics would offer more security, because spoofing two or more biometrics would be very hard. This notion, of increased security of multi-modal biometric systems, was disproved for authentication and matching, studies showing that not only multi-modal biometric systems are not more secure, but they introduce additional vulnerabilities. This paper is a study on the implications of spoofing biometric data for retrieving the derived key. We demonstrate that spoofed biometrics can yield the same key, which in turn will lead an attacker to obtain the private key. A practical implementation is proposed using fingerprint and iris as biometrics and the fuzzy extractor for biometric key extraction. Our experiments show what happens when the biometric data is spoofed for both uni-modal systems and multi-modal. In case of multi-modal system tests were performed when spoofing one biometric or both. We provide detailed analysis of every scenario in regard to successful tests and overall key entropy. Our paper defines a biometric PKI scenario and an in depth security analysis for it. The analysis can be viewed as a blueprint for implementations of future similar systems, because it highlights the main security vulnerabilities for bioPKI. The analysis is not constrained to the biometric part of the system, but covers CA security, sensor security, communication interception, RSA encryption vulnerabilities regarding key entropy, and much more.

  5. Computer security

    Gollmann, Dieter

    2011-01-01

    A completely up-to-date resource on computer security Assuming no previous experience in the field of computer security, this must-have book walks you through the many essential aspects of this vast topic, from the newest advances in software and technology to the most recent information on Web applications security. This new edition includes sections on Windows NT, CORBA, and Java and discusses cross-site scripting and JavaScript hacking as well as SQL injection. Serving as a helpful introduction, this self-study guide is a wonderful starting point for examining the variety of competing sec

  6. Junos Security

    Cameron, Rob; Giecco, Patricio; Eberhard, Timothy; Quinn, James

    2010-01-01

    Junos® Security is the complete and authorized introduction to the new Juniper Networks SRX hardware series. This book not only provides a practical, hands-on field guide to deploying, configuring, and operating SRX, it also serves as a reference to help you prepare for any of the Junos Security Certification examinations offered by Juniper Networks. Network administrators and security professionals will learn how to use SRX Junos services gateways to address an array of enterprise data network requirements -- including IP routing, intrusion detection, attack mitigation, unified threat manag

  7. Stable operation of a Secure QKD system in the real-world setting

    Tomita, Akihisa

    2007-06-01

    Quantum Key Distribution (QKD) now steps forward from the proof of principle to the validation of the practical feasibility. Nevertheless, the QKD technology should respond to the challenges from the real-world such as stable operation against the fluctuating environment, and security proof under the practical setting. We report our recent progress on stable operation of a QKD system, and key generation with security assurance. A QKD system should robust to temperature fluctuation in a common office environment. We developed a loop-mirror, a substitution of a Faraday mirror, to allow easy compensation for the temperature dependence of the device. Phase locking technique was also employed to synchronize the system clock to the quantum signals. This technique is indispensable for the transmission system based on the installed fiber cables, which stretch and shrink due to the temperature change. The security proof of QKD, however, has assumed the ideal conditions, such as the use of a genuine single photon source and/or unlimited computational resources. It has been highly desirable to give an assurance of security for practical systems, where the ideal conditions are no longer satisfied. We have constructed a theory to estimate the leakage information on the transmitted key under the practically attainable conditions, and have developed a QKD system equipped with software for secure key distillation. The QKD system generates the final key at the rate of 2000 bps after 20 km fiber transmission. Eavesdropper's information on the final key is guaranteed to be less than 2-7 per bit. This is the first successful generation of the secure key with quantitative assurance of the upper bound of the leakage information. It will put forth the realization of highly secure metropolitan optical communication network against any types of eavesdropping.

  8. BYOD Security: A New Business Challenge

    Downer, K.; Bhattacharya, Maumita

    2016-01-01

    Bring Your Own Device (BYOD) is a rapidly growing trend in businesses concerned with information technology. BYOD presents a unique list of security concerns for businesses implementing BYOD policies. Recent publications indicate a definite awareness of risks involved in incorporating BYOD into business, however it is still an underrated issue compared to other IT security concerns. This paper focuses on two key BYOD security issues: security challenges and available frameworks. A taxonomy sp...

  9. Project Management with IT Security Focus

    Felician Alecu; Paul Pocatilu; Sergiu Capisizu

    2011-01-01

    The paper focus on the main key points related to the IT security project management. The most important lifecycle stages are identified: IT security project proposal definition, project organization, project planning, quality planning, project team organization, IT security project activities management and project closing. The most important success factors for IT security projects are the support of top-management, customer satisfaction, prevention over remediation and continuous progress....

  10. Secure authentication system that generates seed from biometric information.

    Kim, Yeojin; Ahn, Jung-Ho; Byun, Hyeran

    2005-02-10

    As biometric recognition techniques are gradually improved, the stability of biometric authentication systems are enhanced. Although bioinformation has properties that make it resistant to fraud, biometric authentication systems are not immune to hacking. We show a secure biometric authentication system (1) to guarantee the integrity of biometric information by mixing data by use of a biometric key and (2) to raise recognition rates by use of bimodal biometrics.

  11. Collective Security

    Galster, Kjeld

    in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed disinclination to accept that the collective security concept and international treaties and accords signed by Denmark should necessitate credible...... and other international treaties provided arguments for adjusting the foreign and security policy ambitions, and since the general flux in worldwide market conditions left perceptible ripples in Danish economy, budget discussions grew in importance over this period. The pacifist stance entailed......Collective Security: National Egotism (Abstract) In Danish pre-World War I defence debate the notion of collective security is missing. During the early years of the 19th century, the political work is influenced by a pervasive feeling of rising tension and danger on the continent of Europe...

  12. Security Transformation

    Metz, Steven

    2003-01-01

    ... adjustment. With American military forces engaged around the world in both combat and stabilization operations, the need for rigorous and critical analysis of security transformation has never been greater...

  13. Secure Embedded Systems

    2016-02-26

    enables each subsystem with a key management (KM) function and an Advanced Encryption Standard ( AES ) encryption and decryption function. Subsystem A...off, flies to its destination, and then collects video data. Video data containing target information are encrypted and broadcast to authorized ground...select these devices on the basis of their ability to encrypt and authenticate configuration bitstreams, incorporate security monitors to detect attacks

  14. European Security

    Møller, Bjørn

    Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"......Theoretical chapters on "Security", "Organisations" and "Regions," Historical Chapters on "Europe and Its Distinguishing Features" and on "The United Nations," "NATO," "The CSCE/OSCE and the Council of Europe" and "The European Union"...

  15. Data Security

    Lopez, Diego

    2013-01-01

    Training specialists in the field of data security and security administrators for the information systems represents a significant priority demanded by both governmental environments and the central and local administrations, as well as by the private sector - companies, banks. They are responsible for implementing information services and systems, but they are also their beneficiaries, with applicability in fields such as: e government, e-administration, e-banking, e-commerce, e-payment, wh...

  16. FOOD SECURITY

    Dorina Ardelean

    2013-12-01

    Full Text Available The assurance of food security at the individual level doesn’t implicitly provide for the one at family level as the concepts of hunger, malnutrition and food insecurity are the steps of the same process of access restricted to a sufficient supply of food. In order to achieve food security at the individual level the following is necessary: ensuring food availability (production, reserve stocks; redistribution of food availability within the country or out through international exchanges; effective access of the population to purchase food consumer goods, by ensuring its effective demand as required. Food security of families (FFS is required for assuring individual food security (IFS, but it is not sufficient because the food available may be unevenly distributed between family members. National food security (NFS corresponds to the possibilities that different countries have to ensure both FFS and IFS without sacrificing other important objectives. Under the name of GAS is defined the global food security which represents permanent access for the entire population of the globe to the necessary food for a healthy and active life.

  17. Key Distribution and Changing Key Cryptosystem Based on Phase Retrieval Algorithm and RSA Public-Key Algorithm

    Tieyu Zhao

    2015-01-01

    Full Text Available The optical image encryption has attracted more and more researchers’ attention, and the various encryption schemes have been proposed. In existing optical cryptosystem, the phase functions or images are usually used as the encryption keys, and it is difficult that the traditional public-key algorithm (such as RSA, ECC, etc. is used to complete large numerical key transfer. In this paper, we propose a key distribution scheme based on the phase retrieval algorithm and the RSA public-key algorithm, which solves the problem for the key distribution in optical image encryption system. Furthermore, we also propose a novel image encryption system based on the key distribution principle. In the system, the different keys can be used in every encryption process, which greatly improves the security of the system.

  18. Security an introduction

    Purpura, Philip P

    2011-01-01

    Section I The History and Profession of SecurityDefinition, Role, and History of Security Security Defined The Contexts of Security The Roles of Security The History of Security Security in an Environment of Threats, Terrorism, and All-Hazards Threats and Hazards Terrorism National Strategies The Profession and Business of Security The Business of Security Professionalism and Security Associations Ethics Regulation of the Security Industry Security Training Higher Education Careers Section II Protecting People and AssetsSecurity Methodology Methodology Defined Security Business Proposals Secur

  19. Global water risks and national security: Building resilience (Invited)

    Pulwarty, R. S.

    2013-12-01

    The UN defines water security as the capacity of a population to safeguard sustainable access to adequate quantities of acceptable quality water for sustaining livelihoods, human well-being, and socio-economic development, for ensuring protection against water-borne pollution and water-related disasters, and for preserving ecosystems in a climate of peace and political stability. This definition highlights complex and interconnected challenges and underscores the centrality of water for environmental services and human aactivities. Global risks are expressed at the national level. The 2010 Quadrennial Defense Review and the 2010 National Security Strategy identify climate change as likely to trigger outcomes that will threaten U.S. security including how freshwater resources can become a security issue. Impacts will be felt on the National Security interest through water, food and energy security, and critical infrastructure. This recognition focuses the need to consider the rates of change in climate extremes, in the context of more traditional political, economic, and social indicators that inform security analyses. There is a long-standing academic debate over the extent to which resource constraints and environmental challenges lead to inter-state conflict. It is generally recognized that water resources as a security issue to date exists mainly at the substate level and has not led to physical conflict between nation states. In conflict and disaster zones, threats to water security increase through inequitable and difficult access to water supply and related services, which may aggravate existing social fragility, tensions, violence, and conflict. This paper will (1) Outline the dimensions of water security and its links to national security (2) Analyze water footprints and management risks for key basins in the US and around the world, (3) map the link between global water security and national concerns, drawing lessons from the drought of 2012 and elsewhere

  20. Passive measurement-device-independent quantum key distribution with orbital angular momentum and pulse position modulation

    Wang, Lian; Zhou, Yuan-yuan; Zhou, Xue-jun; Chen, Xiao

    2018-03-01

    Based on the orbital angular momentum and pulse position modulation, we present a novel passive measurement-device-independent quantum key distribution (MDI-QKD) scheme with the two-mode source. Combining with the tight bounds of the yield and error rate of single-photon pairs given in our paper, we conduct performance analysis on the scheme with heralded single-photon source. The numerical simulations show that the performance of our scheme is significantly superior to the traditional MDI-QKD in the error rate, key generation rate and secure transmission distance, since the application of orbital angular momentum and pulse position modulation can exclude the basis-dependent flaw and increase the information content for each single photon. Moreover, the performance is improved with the rise of the frame length. Therefore, our scheme, without intensity modulation, avoids the source side channels and enhances the key generation rate. It has greatly utility value in the MDI-QKD setups.

  1. Security Analysis of Yeh-Tsai Security Mechanism

    Yum, Dae Hyun; Shin, Jong Hoon; Lee, Pil Joong

    Yeh and Tsai recently proposed an enhanced mobile commerce security mechanism. They modified the lightweight security mechanism due to Lam, Chung, Gu, and Sun to relieve the burden of mobile clients. However, this article shows that a malicious WAP gateway can successfully obtain the mobile client's PIN by sending a fake public key of a mobile commerce server and exploiting information leakage caused by addition operation. We also present a countermeasure against the proposed attack.

  2. Key handling in wireless sensor networks

    Li, Y; Newe, T

    2007-01-01

    With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided

  3. Key handling in wireless sensor networks

    Li, Y; Newe, T [Optical Fibre Sensors Research Centre, Department of Electronic and Computer Engineering, University of Limerick, Limerick (Ireland)

    2007-07-15

    With the rapid growth of Wireless Sensor Networks (WSNs), many advanced application areas have received significant attention. However, security will be an important factor for their full adoption. Wireless sensor nodes pose unique challenges and as such traditional security protocols, used in traditional networks cannot be applied directly. Some new protocols have been published recently with the goal of providing both privacy of data and authentication of sensor nodes for WSNs. Such protocols can employ private-key and/or public key cryptographic algorithms. Public key algorithms hold the promise of simplifying the network infrastructure required to provide security services such as: privacy, authentication and non-repudiation, while symmetric algorithms require less processing power on the lower power wireless node. In this paper a selection of key establishment/agreement protocols are reviewed and they are broadly divided into two categories: group key agreement protocols and pair-wise key establishment protocols. A summary of the capabilities and security related services provided by each protocol is provided.

  4. Field test of a continuous-variable quantum key distribution prototype

    Fossier, S; Debuisschert, T; Diamanti, E; Villing, A; Tualle-Brouri, R; Grangier, P

    2009-01-01

    We have designed and realized a prototype that implements a continuous-variable quantum key distribution (QKD) protocol based on coherent states and reverse reconciliation. The system uses time and polarization multiplexing for optimal transmission and detection of the signal and phase reference, and employs sophisticated error-correction codes for reconciliation. The security of the system is guaranteed against general coherent eavesdropping attacks. The performance of the prototype was tested over preinstalled optical fibres as part of a quantum cryptography network combining different QKD technologies. The stable and automatic operation of the prototype over 57 h yielded an average secret key distribution rate of 8 kbit s -1 over a 3 dB loss optical fibre, including the key extraction process and all quantum and classical communication. This system is therefore ideal for securing communications in metropolitan size networks with high-speed requirements.

  5. Cryptographic robustness of practical quantum cryptography: BB84 key distribution protocol

    Molotkov, S. N.

    2008-01-01

    In real fiber-optic quantum cryptography systems, the avalanche photodiodes are not perfect, the source of quantum states is not a single-photon one, and the communication channel is lossy. For these reasons, key distribution is impossible under certain conditions for the system parameters. A simple analysis is performed to find relations between the parameters of real cryptography systems and the length of the quantum channel that guarantee secure quantum key distribution when the eavesdropper's capabilities are limited only by fundamental laws of quantum mechanics while the devices employed by the legitimate users are based on current technologies. Critical values are determined for the rate of secure real-time key generation that can be reached under the current technology level. Calculations show that the upper bound on channel length can be as high as 300 km for imperfect photodetectors (avalanche photodiodes) with present-day quantum efficiency (η ∼ 20%) and dark count probability (p dark ∼ 10 -7 )

  6. Quantum key distribution with entangled photon sources

    Ma Xiongfeng; Fung, Chi-Hang Fred; Lo, H.-K.

    2007-01-01

    A parametric down-conversion (PDC) source can be used as either a triggered single-photon source or an entangled-photon source in quantum key distribution (QKD). The triggering PDC QKD has already been studied in the literature. On the other hand, a model and a post-processing protocol for the entanglement PDC QKD are still missing. We fill in this important gap by proposing such a model and a post-processing protocol for the entanglement PDC QKD. Although the PDC model is proposed to study the entanglement-based QKD, we emphasize that our generic model may also be useful for other non-QKD experiments involving a PDC source. Since an entangled PDC source is a basis-independent source, we apply Koashi and Preskill's security analysis to the entanglement PDC QKD. We also investigate the entanglement PDC QKD with two-way classical communications. We find that the recurrence scheme increases the key rate and the Gottesman-Lo protocol helps tolerate higher channel losses. By simulating a recent 144-km open-air PDC experiment, we compare three implementations: entanglement PDC QKD, triggering PDC QKD, and coherent-state QKD. The simulation result suggests that the entanglement PDC QKD can tolerate higher channel losses than the coherent-state QKD. The coherent-state QKD with decoy states is able to achieve highest key rate in the low- and medium-loss regions. By applying the Gottesman-Lo two-way post-processing protocol, the entanglement PDC QKD can tolerate up to 70 dB combined channel losses (35 dB for each channel) provided that the PDC source is placed in between Alice and Bob. After considering statistical fluctuations, the PDC setup can tolerate up to 53 dB channel losses

  7. Self-rated Health Status and Related Factors of Workers in Key Sectors of Railway System%铁路重点部门职工自测健康状况及影响因素分析

    崔金玲; 王亚斌; 牟宇; 秦磊; 霍伟; 何朝霞; 胡英琴; 薛淑娟; 吕珊

    2011-01-01

    total score of self-rated health scales and the scores of sub-scales were lowest in attendants of electric locomotive carriage. Attendants, male, age, marital status, irregular working times,long time operation, unfamiliar with new technology and equipment, working at night infrequently were inversely proportional to the score of self-rated health in multiple linear regression analysis. But education was proportional to the score of self-rated health.[ Conclusion ] The level of physical heath of railway workers in key sectors was low. The self-rated health situation related to job title, age, gender, education, martial status, irregular working time, long time operation, unfamiliar with new technology and equipment, working at night infrequently.

  8. DIRAC Security

    Casajús Ramo, A

    2006-01-01

    DIRAC is the LHCb Workload and Data Management System. Based on a service-oriented architecture, it enables generic distributed computing with lightweight Agents and Clients for job execution and data transfers. DIRAC implements a client-server architecture exposing server methods through XML Remote Procedure Call (XML-RPC) protocol. DIRAC is mostly coded in python. DIRAC security infrastructure has been designed to be a completely generic XML-RPC transport over a SSL tunnel. This new security layer is able to handle standard X509 certificates as well as grid-proxies to authenticate both sides of the connection. Serve and client authentication relies over OpenSSL and py-Open SSL, but to be able to handle grid proxies some modifications have been added to those libraries. DIRAC security infrastructure handles authorization and authorization as well as provides extended capabilities like secure connection tunneling and file transfer. Using this new security infrastructure all LHCb users can safely make use o...

  9. Security and policy driven computing

    Liu, Lei

    2010-01-01

    Security and Policy Driven Computing covers recent advances in security, storage, parallelization, and computing as well as applications. The author incorporates a wealth of analysis, including studies on intrusion detection and key management, computer storage policy, and transactional management.The book first describes multiple variables and index structure derivation for high dimensional data distribution and applies numeric methods to proposed search methods. It also focuses on discovering relations, logic, and knowledge for policy management. To manage performance, the text discusses con

  10. Social security systems in Tanzania: Phase I Overview of social ...

    The paper starts by examining the concept of social security in Tanzania, showing that there are three key issues in social security which have not been adequately addressed by existing social security schemes and need immediate attention. The paper then examines the nature and forms of social security in Tanzania in a ...

  11. A novel security algorithm for gsm mobile

    Minhas, A.A.; Mehmood, W.; Ijaz, A.

    2010-01-01

    Security is a crucial factor in the provision of secure mobile services. The rapid growth of harmful attacks has increased the need for higher security level, especially in the case of wireless networks. GSM security is proposed by A5/1 synchronous symmetric-key stream cipher. It has been revealed in (1), (2), and (3) that biased birthday attack, random subgraph attack and correlation attack, breach the security at the air interface. In this paper, we have proposed a high level security solution that incorporates a new Key setup routine and new feedback taps positions. We have shown that the proposed solution is more secure and efficient by simulating and application of different Statistical Tests for standard A5/1 and proposed A5/1 in MATLAB and comparing results. (author)

  12. Iris Cryptography for Security Purpose

    Ajith, Srighakollapu; Balaji Ganesh Kumar, M.; Latha, S.; Samiappan, Dhanalakshmi; Muthu, P.

    2018-04-01

    In today's world, the security became the major issue to every human being. A major issue is hacking as hackers are everywhere, as the technology was developed still there are many issues where the technology fails to meet the security. Engineers, scientists were discovering the new products for security purpose as biometrics sensors like face recognition, pattern recognition, gesture recognition, voice authentication etcetera. But these devices fail to reach the expected results. In this work, we are going to present an approach to generate a unique secure key using the iris template. Here the iris templates are processed using the well-defined processing techniques. Using the encryption and decryption process they are stored, traversed and utilized. As of the work, we can conclude that the iris cryptography gives us the expected results for securing the data from eavesdroppers.

  13. Setting best practice criteria for self-differencing avalanche photodiodes in quantum key distribution

    Koehler-Sidki, Alexander; Dynes, James F.; Lucamarini, Marco; Roberts, George L.; Sharpe, Andrew W.; Savory, Seb J.; Yuan, Zhiliang; Shields, Andrew J.

    2017-10-01

    In recent years, the security of avalanche photodiodes as single photon detectors for quantum key distribution has been subjected to much scrutiny. The most prominent example of this surrounds the vulnerability of such devices to blinding under strong illumination. We focus on self-differencing avalanche photodiodes, single photon detectors that have demonstrated count rates exceeding 1 GCounts/s resulting in secure key rates over 1 MBit/s. These detectors use a passive electronic circuit to cancel any periodic signals thereby enhancing detection sensitivity. However this intrinsic feature can be exploited by adversaries to gain control of the devices using illumination of a moderate intensity. Through careful experimental examinations, we define here a set of criteria for these detectors to avoid such attacks.

  14. Social security and firm performance

    Lee, Sangheon; Torm, Nina

    2017-01-01

    This article investigates how social security provision - a key determinant of formality - impacts on small and medium-sized firm performance in Viet Nam. Based on enterprise census data covering all registered firms from 2006 to 2011, the authors find that firms which increase their social...... security coverage by 10 per cent experience a revenue gain of 1.4-2.0 per cent per worker and a profit gain of up to 1.8 per cent, depending on the survival time of the firm. However, given the time lag between 'investment' (in social security contributions) and returns (enhanced firm performance...

  15. Privatising Security

    Irina Mindova-Docheva

    2016-06-01

    Full Text Available The article proposes an analysis of the different approaches towards employing the international legal framework in the regulation and oversight of private military and security companies’ operation in armed conflicts and in peace time security systems. It proposes a partnership-based approach for public and private actors aiming at creating and sharing common values under the principles of solidarity, protection of human rights and rule of law. A focus of further research should be the process of shaping those common values.

  16. 15 CFR 700.11 - Priority ratings.

    2010-01-01

    ... OF INDUSTRY AND SECURITY, DEPARTMENT OF COMMERCE NATIONAL SECURITY INDUSTRIAL BASE REGULATIONS DEFENSE PRIORITIES AND ALLOCATIONS SYSTEM Industrial Priorities § 700.11 Priority ratings. (a) Levels of...

  17. Optimization of airport security process

    Wei, Jianan

    2017-05-01

    In order to facilitate passenger travel, on the basis of ensuring public safety, the airport security process and scheduling to optimize. The stochastic Petri net is used to simulate the single channel security process, draw the reachable graph, construct the homogeneous Markov chain to realize the performance analysis of the security process network, and find the bottleneck to limit the passenger throughput. Curve changes in the flow of passengers to open a security channel for the initial state. When the passenger arrives at a rate that exceeds the processing capacity of the security channel, it is queued. The passenger reaches the acceptable threshold of the queuing time as the time to open or close the next channel, simulate the number of dynamic security channel scheduling to reduce the passenger queuing time.

  18. A Review of RSA and Public-Key Cryptosystems | Rabah | Botswana ...

    ... study and analyze the RSA cryptosystems – a public-key cryptographic algorithm - a system that uses two sets of keys; one for encryption and the other for decryption. Key Words: Public-key cryptography, DH, RSA, Internet Security and attacks, Digital Signature, Message digest, Authentication, Secure Socket Layer (SSL)

  19. Reconfigurable Secure Video Codec Based on DWT and AES Processor

    Rached Tourki

    2010-01-01

    Full Text Available In this paper, we proposed a secure video codec based on the discrete wavelet transformation (DWT and the Advanced Encryption Standard (AES processor. Either, use of video coding with DWT or encryption using AES is well known. However, linking these two designs to achieve secure video coding is leading. The contributions of our work are as follows. First, a new method for image and video compression is proposed. This codec is a synthesis of JPEG and JPEG2000,which is implemented using Huffman coding to the JPEG and DWT to the JPEG2000. Furthermore, an improved motion estimation algorithm is proposed. Second, the encryptiondecryption effects are achieved by the AES processor. AES is aim to encrypt group of LL bands. The prominent feature of this method is an encryption of LL bands by AES-128 (128-bit keys, or AES-192 (192-bit keys, or AES-256 (256-bit keys.Third, we focus on a method that implements partial encryption of LL bands. Our approach provides considerable levels of security (key size, partial encryption, mode encryption, and has very limited adverse impact on the compression efficiency. The proposed codec can provide up to 9 cipher schemes within a reasonable software cost. Latency, correlation, PSNR and compression rate results are analyzed and shown.

  20. Understanding and applying cryptography and data security

    Elbirt, Adam J

    2009-01-01

    Introduction A Brief History of Cryptography and Data Security Cryptography and Data Security in the Modern World Existing Texts Book Organization Symmetric-Key Cryptography Cryptosystem Overview The Modulo Operator Greatest Common Divisor The Ring ZmHomework ProblemsSymmetric-Key Cryptography: Substitution Ciphers Basic Cryptanalysis Shift Ciphers Affine Ciphers Homework ProblemsSymmetric-Key Cryptography: Stream Ciphers Random Numbers The One-Time Pad Key Stream GeneratorsReal-World ApplicationsHomework ProblemsSymmetric-Key Cryptography: Block Ciphers The Data Encryption StandardThe Advance