Elektronika 2009-11.pdf - Instytut SystemÃ³w Elektronicznych

More documents

Recommendations

Info

[8] Gonzalez O., Leon C., Miranda G. et al.: A Parallel Skeleton for the Strength Pareto Multiobjective Evolutionary Algorithm 2. Proceedings of 15th EUROMICRO International Conference on Parallel, Distributed and Network-Based Processing (PDP’07), pp. 434-441. IEEE Computer Society, 2007. [9] Mariano C. E., Morales E.: MOAQ anAnt-QAlgorithm for Multiple Objective Optimization Problems. Genetic and Evolutionary Computing Conference (GECCO 99), vol. 1, pp. 894-901, San Francisco, 1999. [10] Guntsch M., Middendorf M.: Solving Multi-criteria Optimization Problems with Population-Based ACO. Lecture Notes in Computer Science, vol. 2632, pp. 464-478, Springer, 2003. [11] Hansen M. P.: Use of Substitute Scalarizing Functions to Guide a Local Search Based Heuristic: The Case of moTSP. Journal of Heuristics, vol. 6, pp. 419-431, Kluwer Academic Publishers, 2000. [12] Armentano V. A., Arroyo J. E. C.: An Application of a Multi-Objective Tabu Search Algorithm to a Bicriteria Flowshop Problem. Journal of Heuristics, vol. 10, pp. 463-481, Kluwer Academic Publishers, 2004. [13] Suppapitnarm A., Seffen K. A., Parks, G. T. et al.: Simulated annealing: An alternative approach to true multiobjective optimization. Engineering Optimization, vol. 33, no 59, 2000. [14] Czyżak P., Jaszkiewicz, A.: Pareto simulated annealing - A metaheuristic technique for multiple-objective combinatorial optimization. Journal of Multicriteria Decision Analysis, vol. 7, no 34, 1998. [15] Suman, B.: Multiobjective simulated annealing - A metaheuristic technique for multiobjective optimization of a constrained problem. Foundations of Computing and Decision Sciences, vol. 27, no 171, 2002. Signed electronic document and its probative value in certificate and certificateless public key cryptosystem infrastructures (Podpisany dokument elektroniczny i jego wartość dowodowa w certyfikatowej i bezcertyfikatowej infrastrukturze kryptosystemu klucza publicznego) dr inż. JERZY PEJAŚ Zachodniopomorski Uniwersytet Technologiczny, Wydział Informatyki, Szczecin 1. Introduction The Art. 5, paragraph 1 of the Act on Electronic Signature from September 18 th , 2001 (see [1]) states that the secure electronic signature based on a qualified certificate (shortly, the qualified electronic signature) evokes legal effects defined by Act if it was created in the validity period of this certificate. This regulation doesn’t apply to the certificate after period of its validity or from the day of its revocation and in the period of its suspension unless there is possible to prove that the signature was created before end of the validity period of the certificate or its revocation or suspension (i.e. to avoid a signature to become unduly questionable or even rejected in the future, the point in time when it was issued may require to be provable). The requirement for proving a time of an electronic signature generation becomes a crucial element for signature validity and for a probative value of an electronic document related to this signature (1) . This is crucial also for the sake of decreasing evidence value of an electronic document that with the time elapsed does not have the same longevity properties as physical documents. Particularly, it results from two reasons at least: • cryptographic algorithms and keys used for an electronic signature creation can become weak and not sufficiently resistant against different attacks, • information necessary for an electronic signature verification and validation is not accessible (e.g. due to the lack of access to CA certificates, CRLs, electronic documents, etc.). After many years facts stated above could make impossible to verify formerly created electronic signatures, what could result in the lack of total probative value of an electronic document (of course, if such a value was possessed by the document at storage time). Further, we assume that the probative value of a signed electronic document consists of document content, additional security elements and a context (particularly a legal context). The probative value of an electronic document has to be preserved. It means using organizational and technical measures guaranteeing the keeping an electronic signature verifiable over long period or the retrieving a reliable information on its status, and enabling the verification of the electronic document authenticity related to this signature. The rest of the paper is organized as follow. In Section 2, we formulate the model of a certified electronic signature scheme (CESS) describing a signature creation and verification process in the traditional Public Key Cryptosystem (PKC) and in Certificateless Public Key Cryptography (CL-PKC). Section 3 shows that usage of technical measures for the keeping the probative value of an electronic document needs some extension of CESS model to the form LT-CESS as well as including a Virtual Signed Electronic Document (V-SED), providing a provable authenticity of an electronic document over long period. Then two practical examples of V-SED development based on time stamp chains and a sequence of archive time stamps are presented (see Section 4 and 5). Finally, we conclude the paper in Section 6. 2. Electronic signature schemes The first thing to notice is that any electronic signature scheme will never be able to exist without a Trusted Authority (TA). This is because the TA is required to guarantee the authenticity of users’ public keys. In the traditional Public Key Cryptosystem (PKC), a Certificate Authority (CA) issuing a digitally signed explicit certificate binding an identity and a public key of a user achieves 30 ELEKTRONIKA 11/<strong>2009</strong>
this goal. A user’s public key authenticity should be certified because his or her public key is generated from some random information that is unrelated to his or her identity. However, the need for Public Key Infrastructure (PKI) supporting certificates is considered the main difficulty on the deployment and management of a traditional PKC. Theoretically, the identity (ID) based public key cryptography (ID-PKC) introduced by Shamir [4] should solve the problem stated above. In that approach instead of using a random integer as the user’s public key as in the traditional public-key systems, the user’s real identity (e.g. the user’s name or email address) becomes the user’s public key, while a trusted third party called the Private Key Generator (PKG) manages the generation and distribution of all system’s parameters including the user’s private key. Although the complexity caused by certificates is gone (there is no need to generate the certificate), all ID-PKCs have the inherent key escrow problem, that is private key generator (PKG) knows the private key of each user. To solve the key escrow problem of the ID-PKC and to preserve the benefits of the ID-PKC, Certificateless Public Key Cryptography (CL-PKC) was introduced (S. Al-Riyami, K. Paterson [5]). Certificateless Public Key Cryptography (CL-PKC) is an intermediate between ID-PKC and PKC. In CL-PKC, Key Generation Center (KGC) is involved in issuing user partial private key computed from the master secret. The user also independently generates an additional user’s secret value and finally calculates the private key, and the corresponding public key. Therefore, even if KGC knows the user partial private key, impersonation is not possible. In CL-PKC the user’s public key can be made available to other users by transmitting it along with the messages or by placing it in a public directory. There is no explicit authentication required for the public keys and, in particular, there is no explicit certificate for each public key. However, the system is no longer identity-based, because the public key cannot be computed from the user’s identity alone (L. Harn et al. [6], S. Al- Riyami, K. Paterson [5]). Therefore such public key requires the use of an implicit certificate that allows avoiding the explicit verification of the bindings between public keys and identities. Note that an implicit certificate is valid to the end of validity period of the user’s identifier or until the revocation of this identifier. Let us assume that there is the Trusted Authority (TA) related with PKC or CL-PKC systems and a set of users. Each user has a unique identity ID ∈ {0,1} * that may contain auxiliary information like the validity period of the identity (the implicit certificate) or of the explicit certificate. This is the case when an effective usage of any electronic signature scheme needs at least the following components of PKC or CL-PKC infrastructure to be present (A. Boldyreva, et al. [3]): • Trusted Authority (TA). Each i-th TA i holds a public key pk TA (i) and a corresponding secret key sk TA (i). We assume that the public key is authenticated and known to all parties, i.e. once it is published the adversary cannot change it. This is usually accomplished by a hierarchical arrangement of TAs, each intermediate TA certifying the validity of the public key of its successor. Only the key of the root TA has to be authenticated by other means, • keys’ registration. Each user can register keys with the CA by running the registration protocol. The required validation of the user’s identity ID is usually done before by socalled registration authority (RA). Checking the identity of the user wishing to register its public key is typically performed by RA by of means personal identification and physical validation (e.g., with help of a passport or a driver license). After registration the user obtains a certificate cert that, classically, is an explicit certificate of X.509 type, including the CA’s signature or an implicit certificate cert which should be rather thought of as an arbitrary, possibly empty string. We assume, however, that each pair (ID, pk), where a public key pk is registered, is unique. Based on mentioned above PKC or CL-PKC infrastructure we can define a certified electronic signature scheme (CESS). Certified electronic signature scheme is a tuple CESS = (Setup, K, (C,U), Σ, V), where the constituent algorithms run in polynomial time and are defined as follows (see A. Boldyreva, et al. [3]): • Setup: a randomized parameter-generation algorithm that takes as an input 1 k , where k is the security parameter, and outputs some global scheme parameters params, available to all parties; the parameters params define also a finite message space, M and a finite signing space, S; • Key-Generation (K): a randomized key-generation algorithm that takes as an input params, and outputs a pair (pk TA (i), sk TA (i)) consisting of a verification key (a public key) and a signing key (a private key), i.e. • (C,U) - a pair of interactive randomized algorithms forming the (two-party) public-key registration protocol; C - an algorithm that takes as an input a private key pk TA (i); V - an algorithm takes as an input an identity ID U of a user and the public key pk TA (i) corresponding to sk TA (i); the result of this interaction can be formally written as follows: where: pk IDU is a public key of a user ID U , sk IDU - a corresponding private key and cert is an issued (explicit or implicit) certificate. • Sign (Σ): a (possibly) randomized signing algorithm that takes input scheme parameters params, an identity ID U , a secret key sk IDU , a certificate cert and an electronic document D ∈ {0,1} * ∈ M, and outputs an electronic signature Σ ∈ S in one of the well formed format. • Verify (V): a deterministic verification algorithm that takes input scheme parameters params, an identity ID U , a public key pk IDU , a certificate cert, a public key pk TA (i) and an electronic document D ∈ {0,1} * ∈ M, and outputs valid or invalid information about a signature Σ ∈ S: The electronic signatures should be created on the base of well-defined formats, e.g. CAdES [7], XAdES [8] or PAdES [9]. Their verification requires the checking of a certificate validity (the case of traditional PKC) or a validity of a signer’s identity (the case of CL-PKC). First type of the verification requires checking a signing certificate authenticity and its presence on the certificate revocation list. In the case of the second type of verification any verifier should check whether the identifier, a component of the identifier (such as an address attribute), or the public key of a particular entity has not been revoked and then additionally verify the authenticity of the public key taken from the repository of the TA(i). (1) (2) (3) ELEKTRONIKA 11/<strong>2009</strong> 31
Page 5 and 6: konstrukcje technologie zastosowani
Page 7 and 8: Streszczenia artykułów • Summar
Page 13 and 14: Medical pattern intelligent recogni
Page 15 and 16: Fig. 2. Start graph Z and the set o
Page 17 and 18: Both models are created of the basi
Page 19 and 20: • in some cases in the methods of
Page 21 and 22: 4. Random operators: three types of
Page 23 and 24: useful. In work [1] is stressed, th
Page 25 and 26: Tabl. 1. Fuzzy sets of the objects,
Page 27 and 28: In addition, one has to remember th
Page 29 and 30: The correction of digital images ob
Page 31 and 32: Tabl. 4. MD error before and after
Page 33: tionship then determines which indi
Page 37 and 38: a) will be or could be broken, or b
Page 39 and 40: Ontology-based approach to scada sy
Page 41 and 42: erarchy of vulnerability classes wi
Page 43 and 44: and the set of tasks is divided int
Page 45 and 46: tasks: T 0 , T 4 , T 5 , T 6 and T
Page 47 and 48: According to presented function CSF
Page 49 and 50: The efficient data authentication i
Page 51 and 52: Fig. 3. Example run of three rounds
Page 53 and 54: Fig. 2. Possible scenarios of data
Page 55 and 56: e necessary, in worst case - also s
Page 57 and 58: dicates the number of tasks at the
Page 59 and 60: • information on their state come
Page 61 and 62: • data regarding their identity (
Page 63 and 64: k = 1, 2, ..., m and m is the numbe
Page 65 and 66: more powerful statistical (algorith
Page 67 and 68: Signal to Noise Ratio (PSNR). We pr
Page 69 and 70: [23] W3C - Web Services Glossary -
Page 71 and 72: Associated with every N-point M-dim
Page 73 and 74: The SMS-B system architecture (Sour
Page 75 and 76: Technika próżni i technologie pr
Page 77 and 78: wniosku i w konsekwencji za rok 200
Page 79 and 80: Poniżej przedstawiono krótki kome
Page 81 and 82: Wspomnienie Edward Leja (1937-2009)
Page 83 and 84: Zastosowanie technik immunoenzymaty
Page 85 and 86:
z pasty węglowej, zaś odniesienia
Page 87 and 88:
[33] Biani A., Centi S. Tombrlli S.
Page 89 and 90:
Problemem bowiem w pracach instytut
Page 91 and 92:
1985 - Zdzisław Dorywalski 1986 -
Page 93 and 94:
Rys. 4. Uroczyste wręczanie świad
Page 95 and 96:
Imię i Nazwisko Patenty Wzory uży
Page 97 and 98:
zadań określonych przez użytkown
Page 99 and 100:
Ocena sugerowanych w ankiecie metod
Page 101:
Zaprenumeruj wiedzę fachową 2010
Page 104 and 105:
Radary pasywne - nowa technika radi
Page 106 and 107:
c) stopniowo przesuwać jeden przeb
Page 108 and 109:
W przypadku wykorzystania nadajnika
Page 110 and 111:
kreślić to, że owale Cassiniego
Page 112 and 113:
Dla każdego kierunku odbieranej fa
Page 114 and 115:
chomych, które w ogólnym przypadk
Page 116 and 117:
Rys. 19. Fragment zobrazowania SS3
Page 118 and 119:
Zbigniew Czekała jest projektantem
Page 120 and 121:
• wytypowaniu statków zobowiąza
Page 122 and 123:
• używanie właściwego osprzęt
Page 124 and 125:
W jednomodowym szklanym włóknie t
Page 126 and 127:
Światłowody scyntylacyjne W środ
Page 128 and 129:
Parametry materiałowe szklanego w
Page 130 and 131:
126 ELEKTRONIKA 11/2009
Page 132 and 133:
Literatura [1] Yamane M., Asahara Y
Page 134 and 135:
Rys.1. Przebiegi testowe na wyprowa
Page 136 and 137:
nież pasmo emisji od około 500 MH
show all

Elektronika 2009-11.pdf - Instytut SystemÃ³w Elektronicznych

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?