# Sirene Online Abstracts 1992

(Sorted by authors.)

Most of the following papers are available online in gnuzipped Postscript, some also in PDF. There is also a complete list of all our publications sorted by language and subject.

Don't forget: some proceedings are published in a later year than the conference is held.

David Chaum, Eugène van Heijst, Birgit Pfitzmann: Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer (Extended abstract); Crypto '91, LNCS 576, Springer Verlag, Berlin 1992, 470-484.

Abstract: We present the first undeniable signature schemes where signers are unconditionally secure. In the efficient variants, the security for the recipients relies on a discrete logarithm assumption or on factoring; and in a theoretical version, on claw-free permutation pairs.
Besides, on the one hand, the efficient variants are the first practical cryptographically strong undeniable signature schemes at all. On the other hand, in many cases they are more efficient than previous signature schemes unconditionally secure for the signer.
Interesting new subprotocols are efficient collision-free hash functions based on a discrete logarithm assumption, efficient perfectly hiding commitments for elements Z_p (p prime), and fairly practical perfect zero-knowledge proofs for arithmetic formulas Z_p or Z_{2^\alpha}.

Michael Gehrke, Andreas Pfitzmann, Kai Rannenberg: Information Technology Security Evaluation Criteria (ITSEC) - a Contribution to Vulnerability?; Education and Society, R. Aiken (ed.), Proc. 12th IFIP World Computer Congress 1992, Information Processing 92, Vol. II, Elsevier Science Publishers B.V. (North-Holland), 1992, 579-587.

Abstract: On initiative of the Commission of the European Communities, the Information Technology Security Evaluation Criteria (ITSEC) are designed to provide a yardstick for the evaluation and certification of the security of IT systems. To improve the usefulness of resulting evaluations and certificates for procurers, users, and manufacturers the ITSEC are intended to undergo further extensive review. We discuss weaknesses, remaining questions, and possible improvements concerning the current version 1.2 of ITSEC. Our criticism focusses on the intended scope, the functionality aspects, the assessment of effectiveness and correctness, and problems arising after the evaluation of IT systems. Additionally, the ITSEC development and the accompanying discussion are criticized and improvements are proposed.

Andreas Ort, Ralf Aßmann, Gerrit Bleumer, Manfred Böttger, Dirk Fox, Andreas Pfitzmann, Birgit Pfitzmann, Michael Waidner: Schutz in verteilten Systemen durch Kryptologie - Ein Praktikum im Informatik-Hauptstudium; Datenschutz und Datensicherung DuD 16/11 (1992) 571-579.

Abstract: Trotz des zunehmenden Einsatzes von Informations- und Kommunikationstechnik sind Sicherheitsprobleme und Schutzmöglichkeiten immer noch nur wenigen bewußt. Das vorliegende, für die universitäre Lehre konzipierte Praktikum möchte mithelfen, dies zumindest bezüglich der Informatik Studierenden zu ändern. Hierzu behandelt es kritisch die in den immer mehr an Bedeutung gewinnenden verteilten Systemen wichtigen Eigenschaften "Vertraulichkeit, Authentizität und Anonymität", Verfahren zur Herstellung der gewünschten teilnehmerüberprüfbaren Sicherheit und ihren Einsatz. Das didaktische Konzept des Praktikums und der Einzelversuche wird näher erläutert, um Anregungen für ähnliche Projekte zu geben oder zu solchen zu ermutigen. Eine größere Zielgruppe wäre die Folge und somit ein verbreitertes Bewußtsein für Probleme und Lösungen.

Andreas Pfitzmann, Birgit Pfitzmann: Technical Aspects of Data Protection in Health Care Informatics; Advances in Medical Informatics, J. Noothoven van Goor and J. P. Christensen (Eds.), IOS Press, Amsterdam 1992, 368-386.

Abstract: Data protection comprises availability and data integrity as well as data confidentiality and privacy. We first consider security problems and their causes, and then measures against them. Finally, we recommend actions which should be taken independently of the construction of specific systems.
Our main subject is distributed systems and medical networks: At present, most applications of informatics (computer science) in health care are stand-alone ones, such as databases or 3-D imaging systems. In the future, however, there will be more and more distributed systems. For example, for administrative purposes, lots of PCs in a hospital could be interconnected by a local area network, or PCs at private doctors could communicate with computers at insurances via a public network. For direct medical purposes, there are proposals to use video conferences to consult external experts during operations, or to monitor patients in their homes. The use of chipcards as carriers of emergency data is a distributed system, too.
For security, distributed systems bring about new dangers, but also new possibilities for security measures. Dangers mainly result from the fact that the new systems are more complex, there are more interdependences, and more people have access to at least some part of the system than before. Possibilities are offered, e.g., because more complicated security measures can be performed by computers, and data can be put out of reach of someone or some fault by suitable physical distribution.

Birgit Pfitzmann, Michael Waidner: Unconditional Byzantine Agreement for any Number of Faulty Processors (Extended Abstract); STACS '92, LNCS 577, Springer-Verlag, Berlin 1992, 339-350.

Abstract: On Crypto '88, an untraceable payment system with provable security against abuse by individuals was presented by Damgård. We show how to break the untraceability of that system completely.
Next, an improved version of the system is presented. We also augment the system by security for the individuals against loss of money, and we introduce the possibility of receipts for payments. Finally, whereas all this concerned an on-line system, we present a similar construction for untraceable electronic cash.

Birgit Pfitzmann, Michael Waidner: Unconditionally Untraceable and Fault-tolerant Broadcast and Secret Ballot Election; Hildesheimer Informatik-Berichte (Mai 1992), Institut für Informatik, Universität Hildesheim.

Abstract: One of the main goals of cryptographic protocols is to combine fault tolerance and privacy, under as few assumptions about possible opponents as possible. Recently, there have been many interesting results about multi-party computation protocols achieving these goals for general problem classes. However, in this generality, one must necessarily make assumptions about the number of attacking participants, and sometimes, there are computational assumptions, such as "one-way functions exist", too.
It is therefore useful to consider what interesting special cases can be realized under weaker assumptions. Two such cases, which both have been considered before, are untraceable broadcast and secret ballot election. Privacy, in these cases, means that it remains secret who sends which message, or who casts which vote; fault tolerance means that honest participants have a chance to send messages, and that honest voters' votes are counted and nobody has more than one vote.
For both problems, we present the first protocols which tolerate any number of attacking participants and are secure in an information-theoretic sense, i.dfo1()e, they do not rely on a computational assumption.

Birgit Pfitzmann, Michael Waidner: Unconditional Byzantine Agreement for any Number of Faulty Processors (Extended Abstract); STACS '92, LNCS 577, Springer-Verlag, Berlin 1992, 339-350.

Abstract: We present the first Byzantine agreement protocol which tolerates any number of maliciously faulty processors without relying on computational assumptions (such as the unforgeability of digital signatures).
Our protocol needs reliable broadcast and secret channels in a precomputation phase. For a security parameter [[sigma]], it achieves Byzantine agreement with an error probability of at most 2-[[sigma]], whereas all computations are polynomial in [[sigma]] and the number of processors.
The protocol is based on an unconditionally secure authentication mechanism, called pseudosignatures. Pseudosignatures are a generalization of a mechanism by CHAUM and ROIJAKKERS and might be useful in other protocols, too.

Birgit Pfitzmann, Michael Waidner: How to Break and Repair a "Provably Secure" Untraceable Payment System; Crypto '91, LNCS 576, Springer Verlag, Berlin 1992, 338-350.

Abstract: On Crypto '88, an untraceable payment system with provable security against abuse by individuals was presented by Damgård. We show how to break the untraceability of that system completely.
Next, an improved version of the system is presented. We also augment the system by security for the individuals against loss of money, and we introduce the possibility of receipts for payments. Finally, whereas all this concerned an on-line system, we present a similar construction for untraceable electronic cash.

Back to SIRENE's Home or Pointers to the Outside World.

Birgit Pfitzmann, pfitzmann@cs.uni-sb.de
Last modified: $Date: 2000/02/28 16:01:38$