Elektronika 2009-11.pdf - Instytut SystemÃ³w Elektronicznych

More documents

Recommendations

Info

In the context of CL-PKC, the idea of appending validity periods (for example, year, date or time) to identifiers ID U can be used ensuring that any partial private key, and hence any private key, has a limited lifetime. Then the revocation in CL- PKC systems can be handled in the same way as in ID-PKC systems using standard certificate-based revocation techniques. For example, this can be done by deploying an analogue of an online certificate status protocol (e.g. OCSP) or variants of certificate revocation lists (CRLs). 3. Keeping the probative value of electronic documents Ensuring a long-term validity of stored electronic documents depends on both organizational and technical measures (see e.g. CWA 15579 [14]). When technical measures are used to keep the probative value of electronic documents then first of all there is necessary to apply the strong cryptographic algorithms and to provide additional and sufficient information - a certificate set (all certificates needed to generate a path that leads to a point the verifier trusts) and the relevant revocation information (2) (e.g. CRLs) related to this certificate set and to all other involved certificates. Trusted third party (TTP) providing a service of keeping the probative value of an electronic document over long period has to issue the evidence records attached to the electronic attestations (Section 5) and associated with a given document or a group of documents. All these electronic attestations and time stamp tokens cyclically created for all stored evidences are needed later for making a long-term verification, i.e. verifications when the signing certificate has expired. In this case only the verifier can independently perform the complete verification of a given document authenticity and the validity of all signatures and other evidences (e.g. time stamp tokens) related to it. The storage mechanisms used by a trusted third party (TTP) should be based on a long-term electronic signature scheme (LT-CESS) like this: The LT-CESS scheme in comparison to the CESS (see Section 2) contains two additional elements: • (IV,SV) - a pair of interactive deterministic algorithms forming the verification protocol (e.g. CWA 14171 [11]); IV - an initial (or a short term) verification algorithm performed by a verifier after an electronic signature is generated in order to consolidate the signature by capturing additional information that will support its subsequent verification; SV - a subsequent (or a long-term) verification algorithm performed by a verifier some time after the initial application of a signature, to assess a signature’s validity, based on the data collected at initial verification time; • Preserve (P): a deterministic algorithm for long-term preservation of the probative value of electronic signatures/documents; this algorithm is based on the initial or subsequent verification algorithm and makes the additional activities needed to protect electronic signatures/documents from effects of their deterioration, technology obsolescence, and fading human recall. Preserve and (IV,SV) algorithms generate the evidence records attached to the electronic attestations. These elements are subsequently linked to each preserved electronic document and jointly form Virtual Signed Electronic Document (V-SED). V-SED document should fulfil the following requirements: (4) • each electronic document D is stored where produced (local repository) or in a deposit (regional repository); • V-SED contains the references to the electronic documents, the signatures associated with this document, the time stamp tokens and other evidences references allowing the creation of a real (complete) SED on demand. Storing the references allows the values of V-SED elements to be kept elsewhere, reducing the entire size of V-SED document. A virtual document with above properties is a tuple: where: ID R - the V-SED identifier in a repository, D R - the references to the documents and their attachments, S R - the references to the electronic signatures, E R - the references to the evidences related to an electronic signature and a document (including the references to the electronic attestations and the evidence records linked to them). For V-SED the following definition can be formulated: Definition. The electronic document is a long-term provable authentic, if exist a polynomial time Verify(V) algorithm that takes as an input the certification scheme CS (i.e. PKC or CL-PKC), the services related to a electronic signature TSI (Trusted Services Infrastructure), V-SED, the verification policy VP (Verification Policy), and outputs a value of each electronic signature {valid, invalid}: where: V is one from two algorithms being a member of the pair (IV,SV), while the notation array[1…n] means the verification of each electronic signature referenced in V-SED structure. Note that CS parameter in Equation (6) includes the parameters params of an electronic signature scheme, while V- SED structure - (D, Σ, pk IDU ,cert) parameters; compare the Equation (3). 4. Timestamp chain and sequence The basic elements of V-SED structure, i.e. the electronic attestations and the evidence records linked to them, can be built in different ways. The most often used approach is based on the appropriate mechanisms of the time stamp chains building. These mechanisms have to ensure the requirements counted in the definition of the provable authentic document (see Section 3). The starting point for the timestamp chains creation is an archival electronic signature form CAdES-A [7], XAdES-A [8] or other equivalent form (e.g. PAdES [9]). Each of these forms should contain a time stamp of a system for preserving electronic document for long periods of time (an archive mark for shortly). This mark has the same meaning as the archive timestamp that are included into the archival signature forms CAdES-A or XAdES-A. The archive timestamp is added to the CAdES or XadES form as an unsigned attribute. The hash value related to this archive timestamp is the result of using the hash algorithm to the CAdES-X or XadES-X form. The first archive timestamp of the obtained archival form CAdES or XAdES includes all necessary information required for every signature verification and so called an initial archive timestamp. This timestamp can become invalid when a public key algorithm, or a hash function used respectively to creation of the hash value or the timestamp: (5) (6) 32 ELEKTRONIKA 11/<strong>2009</strong>
a) will be or could be broken, or b) a public key certificate of a time stamping authority will be expired soon or is revoked. Prior to such an event, the trust to existing time stamps has to be reassured by means of new time stamping of the previous archive timestamp. Two types of the time stamp renewal are used (see details in Section 5): a) time stamp renewal: the new archive timestamp is generated, which is related to the previous one; subsequent timestamps obtained in this renewal procedure form the archive timestamp chain for a data object or a group of data objects; b) hash value renewal: the new time stamp for the archival form is generated; it is related to previous timestamps and to data objects stamped with the initial archive timestamp for the archival form as well; the new set of the archive timestamp chain is created; the set of one or more archive timestamp chains forms the archive timestamp sequence. 5. Some technical examples of the timestamp and hash value renewal Two standards are presented below (ETSI TS 101 733 [7] and RFC 4998 [15]). Each of them can be used both for the timestamp and the hash value renewal. However, while the first standard is applied mainly to a single data object (an electronic document or signature), the second one can cover a group of data objects. In both cases the evidence records are generated (CAdES-A and EvidenceRecord structures, respectively) and thent available on each request of the authorized entities. 5.1 ETSI TS 101 733 (CAdES) standard To keep the probative value of an electronic document the specification of the archival form CAdES [7] is used. The archive timestamp is related to each of the SignerInfo data element that is included into the SignedData. The value of the messageImprint field of the TimeStampToken (3) structure contains the hash value returned by the hash algorithm applied to an input argument being the concatenation of the following elements: a) the encapContentInfo field of the SignedData sequence; when the field is absent, the content is stored outside of this field, but its value is protected by the signature value located in the SignedData sequence; b) the Certificates and crls fields of the SignedData sequence, if these fields are present in this sequence, c) all data elements of the SignerInfo sequence, which should be protected by the generated timestamp token, including all signed and unsigned attributes. The SignerInfo can contain more then one instance of archive-time-stamp attributes. Furthermore, each successive timestamp protects all timestamps made previously. It means that the CAdES archival form allows to renew the archive timestamp using mechanism like this presented on Fig. 1. Fig. 1. The idea of renewal of an archival timestamps form (CAdES [7]) Rys. 1. Idea odnawiania znaczników czasu archiwum (CAdES [7]) Each subsequent archive timestamp covers all existing timestamps, so the archive-time-stamp attribute can be used also to build the new hash value: it is sufficient to choose the new stronger hash function, calculate the new hash values and obtain the new archive timestamps. 5.2 RFC 4998 de facto standard The proposal published in RFC 4998 [15] contains the following structure of the evidence record syntax (ERS): EvidenceRecord ::= SEQUENCE { version INTEGER { v1(1) }, digestAlgorithms SEQUENCE OF AlgorithmIdentifier, cryptoInfos [0] CryptoInfos OPTIONAL, encryptionInfo [1] EncryptionInfo OPTIONAL, archiveTimeStampSequence ArchiveTimeStampSequence } This structure can be treated as an unsigned attribute and appears only once in each SignerInfo element of the Signed- Data structure (see the specification of archival form CAdES-A). The evidence record contains the ArchiveTimeStampSequence field, which is a sequence of archive timestamp chains: ArchiveTimeStampSequence ::= SEQUENCE OF ArchiveTimeStampChain ArchiveTimeStampChain ::= SEQUENCE OF ArchiveTimeStamp The ArchiveTimeStampChain structure contains the archive timestamps generated as the result of the timestamp renewal, while the ArchiveTimeStampSequence structure- as the result of the hash value renewal. The archive timestamp ArchiveTimestamp includes the timestamp and a set of lists of hash values and its verification must give a point of time when a given data object or a group of data objects has existed. The evidence record EvidenceRecord allows the implementation of timestamp and hash renewal procedures. The Fig. 2 is some example of the timestamp renewal used to the electronic documents divided into groups. Various methods can be applied to aggregate the group of documents (data objects). The most effective are this based on an authenticated dictionary [18], i.e. on data structures viewed simultaneously as the structured aggregate of all protected information and the proof of the authenticity and validity of these information. The initial archive timestamp generated for such aggregated groups of data is related to lists of hash values, which allow the verification of the existence of a data object or a group of data objects at a certain time. The lists of hash values are generated usually by reduction of an ordered Merkle hash tree (RFC 4998 [15], M. T. Goodrich, et al. [18]). 7. Conclusions In order to model a long-term electronic signature scheme LT- CESS (as defined by Section 3) there is necessary to create so-called Virtual Signed Electronic Document (V-SED) and introduce an electronic signature verification algorithm as given in Equation (6). If there can be found an effective signature verification algorithm of the form (6), then for a given point in time it is always possible to assert the authenticity of an electronic document related to this V-SED and its existence before a certain moment in the past (in Section 3 a document ELEKTRONIKA 11/<strong>2009</strong> 33
Page 5 and 6: konstrukcje technologie zastosowani
Page 7 and 8: Streszczenia artykułów • Summar
Page 13 and 14: Medical pattern intelligent recogni
Page 15 and 16: Fig. 2. Start graph Z and the set o
Page 17 and 18: Both models are created of the basi
Page 19 and 20: • in some cases in the methods of
Page 21 and 22: 4. Random operators: three types of
Page 23 and 24: useful. In work [1] is stressed, th
Page 25 and 26: Tabl. 1. Fuzzy sets of the objects,
Page 27 and 28: In addition, one has to remember th
Page 29 and 30: The correction of digital images ob
Page 31 and 32: Tabl. 4. MD error before and after
Page 33 and 34: tionship then determines which indi
Page 35: this goal. A user’s public key au
Page 39 and 40: Ontology-based approach to scada sy
Page 41 and 42: erarchy of vulnerability classes wi
Page 43 and 44: and the set of tasks is divided int
Page 45 and 46: tasks: T 0 , T 4 , T 5 , T 6 and T
Page 47 and 48: According to presented function CSF
Page 49 and 50: The efficient data authentication i
Page 51 and 52: Fig. 3. Example run of three rounds
Page 53 and 54: Fig. 2. Possible scenarios of data
Page 55 and 56: e necessary, in worst case - also s
Page 57 and 58: dicates the number of tasks at the
Page 59 and 60: • information on their state come
Page 61 and 62: • data regarding their identity (
Page 63 and 64: k = 1, 2, ..., m and m is the numbe
Page 65 and 66: more powerful statistical (algorith
Page 67 and 68: Signal to Noise Ratio (PSNR). We pr
Page 69 and 70: [23] W3C - Web Services Glossary -
Page 71 and 72: Associated with every N-point M-dim
Page 73 and 74: The SMS-B system architecture (Sour
Page 75 and 76: Technika próżni i technologie pr
Page 77 and 78: wniosku i w konsekwencji za rok 200
Page 79 and 80: Poniżej przedstawiono krótki kome
Page 81 and 82: Wspomnienie Edward Leja (1937-2009)
Page 83 and 84: Zastosowanie technik immunoenzymaty
Page 85 and 86: z pasty węglowej, zaś odniesienia
Page 87 and 88:
[33] Biani A., Centi S. Tombrlli S.
Page 89 and 90:
Problemem bowiem w pracach instytut
Page 91 and 92:
1985 - Zdzisław Dorywalski 1986 -
Page 93 and 94:
Rys. 4. Uroczyste wręczanie świad
Page 95 and 96:
Imię i Nazwisko Patenty Wzory uży
Page 97 and 98:
zadań określonych przez użytkown
Page 99 and 100:
Ocena sugerowanych w ankiecie metod
Page 101:
Zaprenumeruj wiedzę fachową 2010
Page 104 and 105:
Radary pasywne - nowa technika radi
Page 106 and 107:
c) stopniowo przesuwać jeden przeb
Page 108 and 109:
W przypadku wykorzystania nadajnika
Page 110 and 111:
kreślić to, że owale Cassiniego
Page 112 and 113:
Dla każdego kierunku odbieranej fa
Page 114 and 115:
chomych, które w ogólnym przypadk
Page 116 and 117:
Rys. 19. Fragment zobrazowania SS3
Page 118 and 119:
Zbigniew Czekała jest projektantem
Page 120 and 121:
• wytypowaniu statków zobowiąza
Page 122 and 123:
• używanie właściwego osprzęt
Page 124 and 125:
W jednomodowym szklanym włóknie t
Page 126 and 127:
Światłowody scyntylacyjne W środ
Page 128 and 129:
Parametry materiałowe szklanego w
Page 130 and 131:
126 ELEKTRONIKA 11/2009
Page 132 and 133:
Literatura [1] Yamane M., Asahara Y
Page 134 and 135:
Rys.1. Przebiegi testowe na wyprowa
Page 136 and 137:
nież pasmo emisji od około 500 MH
show all

Elektronika 2009-11.pdf - Instytut SystemÃ³w Elektronicznych

Create successful ePaper yourself

Delete template?

Save as template?