Alexander Wiesmaier

In-packet Bloom filters: Design and networking applications

The Bloom filter (BF) is a well-known randomized data structure that answers set membership queries with some probability of false positives. In an attempt to solve many of the limitations of current network architectures, some recent proposals rely on including small BFs in packet headers for routing, security, accountability or other purposes that move application states into the packets themselves. In this paper, we consider the design of such in-packet Bloom filters (iBF). Our main contributions are exploring the design space and the evaluation of a series of extensions (1) to increase the practicality and performance of iBFs, (2) to enable false-negative-free element deletion, and (3) to provide security enhancements. In addition to the theoretical estimates, extensive simulations of the multiple design parameters and implementation alternatives validate the usefulness of the extensions, providing for enhanced and novel iBF networking applications.

Integrity, authenticity, non-repudiation, and proof of existence for long-term archiving

The world increasingly depends on archives to store digital documents, such as land registers and medical records, for long periods of time. For stored documents to remain trustworthy, archives must provide proofs that a document existed on a certain date and has not been changed since. In addition, in many cases, the origin of the document must be verifiable and the originator must not be able to repudiate that she is the originator. In this paper, we survey the solutions that provide the above protection goals in the long term. We analyze and compare the solutions with respect to their functionalities (which protection goals do they achieve?), the trust assumptions they require, and their performance. From this analysis and comparison, we deduce deficiencies of the current solutions and important research problems that must be solved in order to come up with protection solutions that are even more satisfactory.

Long term confidentiality: a survey

Sensitive electronic data may be required to remain confidential for long periods of time. Yet encryption under a computationally secure cryptosystem cannot provide a guarantee of long term confidentiality, due to potential advances in computing power or cryptanalysis. Long term confidentiality is ensured by information theoretically secure ciphers, but at the expense of impractical key agreement and key management. We overview known methods to alleviate these problems, whilst retaining some form of information theoretic security relevant for long term confidentiality.

A Comprehensive Reference Architecture for Trustworthy Long-Term Archiving of Sensitive Data

It is well known that the suitability of many cryptographic algorithms decreases with time. Hence, it is a challenging task to maintain the integrity, authenticity, confidentiality and availability of sensitive data over very long periods of time. A scalable approach to preserve the integrity and authenticity of archived data has been standardized in [12]. The confidentiality and availability of data can be supported using secret sharing techniques according to [26]. This paper introduces a reference architecture for trustworthy long-term archiving of sensitive data based on the combination of these approaches.

Using LDAP Directories for Management of PKI Processes

We present a framework for extending the functionality of LDAP servers from their typical use as a public directory in public key infrastructures. In this framework the LDAP servers are used for administrating infrastructure processes. One application of this framework is a method for providing proof-of-possession, especially in the case of encryption keys. Another one is the secure delivery of software personal security environments.

On the Security of Encrypted Secret Sharing

Sensitive electronic data must often be kept confidential over very long periods of time. Known solutions such as conventional encryption, cascaded encryption, and information theoretic schemes suffer from several weaknesses or serious disadvantages that we shortly discuss. We present a method for combining arbitrary encryption algorithms. The scheme has the following properties: (1) It is a (k, n)-threshold scheme, i.e. only k=n of then applied algorithms are needed for decryption. (2) The schemes effective bit security is the sum of the lengths of the k shortest keys. (3) Under adaptive chosen plaintext attacks, this security level remains intact until at least k algorithms are compromised. (4) Under adaptive chosen chipertext attacks, the security level decreases with each compromised algorithm at most by the corresponding key length. (5) The scheme increases the effective key lengths of repeatedly applied encryption algorithms.

Towards secure electronic workflows

Despite the introduction of information technologies in governmental administrations, most bureaucratic processes are still paper-based. In this paper we present a framework to transfer conventional, paper-based processes to electronic workflows. Thereby, the transformation to e-Government applications has two challenges. First, to find an equivalent description for the single activities and their interaction for defining the entire process. Second, to ensure the security of the process. We identified four types of activities that can be used as basic components for the workflows considered in our work. The security aspects of the electronic representation are ensured by further framework components, for example authentication or authorization. Finally, we present how this framework can be used for other scenarios and discuss some details of our prototype implementation.

PKI in Practice

In this chapter we present applications that use public key cryptography and PKIs. In these applications both PGP- and X.509-based infrastructures can be used. While X.509 is mostly used in commercial applications, PGP is popular in the private sector.

The Purpose of PKI

Public key cryptography helps make information and communication technology (ICT) systems more secure. Public key infrastructures (PKIs) enable the use of public key cryptography in open computer networks, in particular on the Internet. In this chapter, we use characteristic examples of Internet applications to illustrate potential threats against ICT and describe important security goals that can be achieved using public key cryptography and PKI. We discuss the basics of public key cryptography and explain how this technology supports the security goals explained in this chapter. Finally, we present the challenges that lead to the need for PKI. For more details on public key cryptography see [4].

Certification Service Provider

In Chap. 3 we explain the hierarchical trust model for PKIs. In this trust model, certification authorities that issue certificates play an important role. However, issuing certificates is not sufficient. The certificates must be maintained and additional information must be provided during the entire life cycle. The entity that is responsible for certificate life cycle management is called the certification service provider (CSP). A CA is only one component of a CSP. Another component is the registration authority (RA), which registers certificate applicants and collects all information relevant for issuing certificates. Other possible components of a CSP are, for example, a directory service, which publishes information concerning certificates, and a revocation service, which issues revocation information. Sometimes, certification service providers are also called trust centers. In this chapter, we start by explaining the life cycle of a certificate. Then, we describe the CSP components. In the next chapter, we discuss certificate policies that govern the operation of CSPs in a PKI.