A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is
Johann Braun, KfH-Dialyzezentrum Nü rn- deficient erythropoiesis. The decrease in hypochromic berg, Virnsbergerstr. 43, 90431 Nü rnberg, Germany. ...doi:10.1046/j.1523-1755.1999.055suppl.69057.x fatcat:yy3ucbazbvbtzdzt3am45pw2mq
Die Plattform e-manuscripta.ch ist ein Kooperationsprojekt von Institutionen aus dem schweizerischen Bibliotheks-und Archivbereich und wird finanziell von diesen getragen. Das Spektrum umfasst alle Arten von handschriftlichendoi:10.7891/e-manuscripta-42206 fatcat:k73ctyrr5nbvbbohnzewoexf5m
Die Plattform e-manuscripta.ch ist ein Kooperationsprojekt von Institutionen aus dem schweizerischen Bibliotheks-und Archivbereich und wird finanziell von diesen getragen. Das Spektrum umfasst alle Arten von handschriftlichendoi:10.7891/e-manuscripta-42208 fatcat:ularziqmwvbndaxxueq4q3l5x4
Sensitive electronic data may be required to remain confidential for long periods of time. Yet encryption under a computationally secure cryptosystem cannot provide a guarantee of long term confidentiality, due to potential advances in computing power or cryptanalysis. Long term confidentiality is ensured by information theoretically secure ciphers, but at the expense of impractical key agreement and key management. We overview known methods to alleviate these problems, whilst retaining somedoi:10.1007/s10623-012-9747-6 fatcat:uk3afgjhrfduxeytawbqkvt4fq
more »... m of information theoretic security relevant for long term confidentiality.
Die Plattform e-manuscripta.ch ist ein Kooperationsprojekt von Institutionen aus dem schweizerischen Bibliotheks-und Archivbereich und wird finanziell von diesen getragen. Das Spektrum umfasst alle Arten von handschriftlichendoi:10.7891/e-manuscripta-42207 fatcat:mnb3ucqwrzd7hphc63hh24d3nq
Lecture Notes in Computer Science
The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they actually trust, the current binary trust model implemented with the Web PKI makes each CA a single point of failure. In this paper, we present the concept of trust views to manage variable trust levels for exactly those CAs actually required by adoi:10.1007/978-3-642-53997-8_9 fatcat:4iasvofsazakvn5peh534xagoq
more »... elying entity. This reduces the set of trusted CAs and minimizes the risk to rely on malicious certificates issued due to CA failures or compromises.
. © 2015 Braun et al. ...doi:10.1007/s40993-015-0022-6 fatcat:fj3qqtaqbfd6dks53baorp5x6q
The steadily growing number of certification authorities (CAs) assigned to the Web Public Key Infrastructure (Web PKI) and trusted by current browsers imposes severe security issues. Apart from being impossible for relying entities to assess whom they actually trust, the current binary trust model implemented with the Web PKI makes each CA a single point of failure and creates an enormous attack surface. In this article, we present CA-TMS, a user-centric CA trust management system based ondoi:10.3233/jcs-140509 fatcat:yz54kjea6rasnetm4knbe5jify
more »... views. CA-TMS can be used by relying entities to individually reduce the attack surface. CA-TMS works by restricting the trust placed in CAs of the Web PKI to trusting in exactly those CAs actually required by a relying entity. This restriction is based on locally collected information and does not require the alteration of the existing Web PKI. CA-TMS is complemented by an optional reputation system that allows to utilize the knowledge of other entities while maintaining the minimal set of trusted CAs. Our evaluation of CA-TMS with real world data shows that an attack surface reduction by more than 95% is achievable.
Sensitive electronic data must often be kept confidential over very long periods of time. Known solutions such as conventional encryption, cascaded encryption, and information theoretic schemes suffer from several weaknesses or serious disadvantages that we shortly discuss. We present a method for combining arbitrary encryption algorithms. The scheme has the following properties: (1) It is a (k, n)-threshold scheme, i.e. only k ≤ n of the n applied algorithms are needed for decryption. (2) Thedoi:10.1109/hicss.2013.426 dblp:conf/hicss/0001WB13 fatcat:daqngz2p25cb3ptzraillzmica
more »... cheme's effective bit security is the sum of the lengths of the k shortest keys. (3) Under adaptive chosen plaintext attacks, this security level remains intact until at least k algorithms are compromised. (4) Under adaptive chosen chipertext attacks, the security level decreases with each compromised algorithm at most by the corresponding key length. (5) The scheme increases the effective key lengths of repeatedly applied encryption algorithms.
It is practically impossible for users to memorize a large portfolio of strong and individual passwords for their online accounts. A solution is to generate passwords randomly and store them. Yet, storing passwords instead of memorizing them bears the risk of loss, e.g., in situations where the device on which the passwords are stored is damaged, lost, or stolen. This makes the creation of backups of the passwords indispensable. However, placing such backups at secure locations to protect themarXiv:1704.02883v2 fatcat:hdc2llf655frnd4ysb67pam4km
more »... s well from loss and unauthorized access and keeping them up-to-date at the same time is an unsolved problem in practice. We present PASCO, a backup solution for passwords that solves this challenge. PASCO backups need not to be updated, even when the user's password portfolio is changed. PASCO backups can be revoked without having physical access to them. This prevents password leakage, even when a user loses control over a backup. Additionally, we show how to extend PASCO to enable a fully controllable emergency access. It allows a user to give someone else access to his passwords in urgent situations. We also present a security evaluation and an implementation of PASCO.
Lecture Notes in Computer Science
Recent attacks and publications have shown the vulnerability of hierarchical Public Key Infrastructures (PKIs) and the fatal impact of revoked Certification Authority (CA) certificates in the PKIX validity model. Alternative validity models, such as the extended shell and the chain model, improve the situation but rely on independent proofs of existence, which are usually provided using time-stamps. As time-stamps are validated using certificates, they suffer from the same problems as the PKIdoi:10.1007/978-3-642-40012-4_4 fatcat:epkthjlcnrhyvmvks75lapnsa4
more »... ey are supposed to protect. Our solution to this problem is abandoning time-stamps and providing proof of existence using Forward Secure Signatures (FSS). In particular, we present different possibilities to use the chain model together with FSS, resulting in schemes that include the necessary proofs of existence into the certificates themselves.
The amount of digital data that requires long-term protection of integrity, authenticity, and confidentiality grows rapidly. Examples include electronic health records, genome data, and tax data. In this paper we present the secure storage system LINCOS, which provides protection of integrity, authenticity, and confidentiality in the long-term, i.e., for an indefinite time period. It is the first such system. It uses the long-term integrity scheme COPRIS, which is also presented here and is thedoi:10.1145/3052973.3053043 dblp:conf/ccs/0001BDGFMSW17 fatcat:izfk5xbsmjavpcwstz75fthawa
more »... first such scheme that does not leak any information about the protected data. COPRIS uses informationtheoretic hiding commitments for confidentiality-preserving integrity and authenticity protection. LINCOS uses proactive secret sharing for confidential storage of secret data. We also present implementations of COPRIS and LINCOS. A special feature of our LINCOS implementation is the use of quantum key distribution and one-time pad encryption for information-theoretic private channels within the proactive secret sharing protocol. The technological platform for this is the Tokyo QKD Network, which is one of worlds most advanced networks of its kind. Our experimental evaluation establishes the feasibility of LINCOS and shows that in view of the expected progress in quantum communication technology, LINCOS is a promising solution for protecting very sensitive data in the cloud.
We provide an X.509-standard-compliant Java implementation of hybrid certificates, which enable the parallel usage of two independent cryptographic schemes within public key infrastructures and related applications. This enables a stepwise transition to post-quantum secure and hybrid algorithms without the risk of incompatibility problems.doi:10.21105/joss.01606 fatcat:zbxrm345szfzrggdwj5gckk7ge
« Previous Showing results 1 — 15 out of 19,723 results