China
Africa
Explore chapters and articles related to this topic
Identity Claims in High Assurance
Published in Kevin E. Foltz, William R. Simpson, Enterprise Level Security 2, 2020
Kevin E. Foltz, William R. Simpson
OCSP itself must be provided with security guarantees. The CA designates a responder in the certificates it issues. Requesters sign OCSP requests to the responder and send requests through TLS as defined in the U.S. Air Force Consolidated Enterprise IT Baseline Technical Profile (CEITB TP) Provide Cryptographic Services with mutual authentication. Nonces are used to prevent replay attacks. CA keys are stored in hardware. OCSP requesters are configured to treat any response other than “valid” by the OCSP responder, including timeouts, as being “invalid.” In the event that OCSP responders are not available, entities may be configured to allow failover to CRLs, but the default is to require OCSP, as CRL updates can introduce additional delays in the availability of revocation status.
Security in Wireless PAN Mesh Networks
Published in Yan Zhang, Jun Zheng, Honglin Hu, Security in Wireless Mesh Networks, 2008
Stefaan Seys, Dave Singelée, Bart Preneel
ZigBee does not support group keying. The reason is that each ACL can only contain the address of one destination. Let us assume that one would use multiple ACLs, one for each destination in the group. Then the probability of reusing a nonce would become very large. As explained above, a nonce should never be reused under the same key. If one would use one ACL for the entire group, then one always has to update the address of the destination beforehand (otherwise, the device cannot find the correct ACL entry in its memory). This is not possible, because one would have to know in advance which device is going to send the next message, and normally a device does not have this knowledge. Another problem would be that each device in the group has to update the frame counter every time a message is sent to one of the group members, also when it was not intended for the device itself. So ZigBee only supports secure unicast and broadcast communication, and no secure multicast communication.
Biometrics and the e-Passport
Published in Ravindra Das, Adopting Biometric Technology, 2017
For example, if the basic access control is being used, the e-passport generates what is known as a "nonce." In the world of cryptography, a nonce is merely a random number that is assigned to the source of communication in any secure session. The nonce (or the arbitrary number that was assigned and allocated) is primarily used to help ensure that the secure line of communications that was first established between the e-passport and the e-passport reader cannot be used again in order to launch what is known as a "replay attack." However, before the biomet-ric information can be transmitted from the microchip embedded in the e-passport to the e-passport reader, the latter must first encrypt the nonce using the e-passport's public key.
Advanced multi-factor user authentication scheme for E-governance applications in smart cities
Published in International Journal of Computers and Applications, 2019
This is an essential security requirement that the information transmitted in previous sessions must not be traced using the present transmitted information. The proposed scheme ensures that an adversary cannot acquire information as it employs a random nonce in every session. The scheme provides confidentiality as the random nonce is unique every time and the random number generated in previous sessions can never be the same in present or other sessions. has no knowledge of the generated random numbers. Thus, the proposed scheme ensures forward secrecy by providing unpredictable variations in the past communication messages.
A blockchain-based evaluation approach for customer delivery satisfaction in sustainable urban logistics
Published in International Journal of Production Research, 2021
Zonggui Tian, Ray Y. Zhong, Ali Vatankhah Barenji, Y. T. Wang, Zhi Li, Yiming Rong
In a blockchain system with PoW consensus, whenever a block is mined, it is necessary to determine a random number, i.e. nonce, to make the hash value of the new block meet the requirements. Then the new block can be broadcasted and connected into the main chain. Equation 13 shows the relationship between a nonce n and the mining difficulty. If the nonce n meets the above equation, it is regarded that the encapsulation of the new block has done enough work and can be broadcasted and accessed to the main chain. To study the relationship between the difficulty of mining and the time of mining a new block, we built a test chain using the go-Ethereum client. We set one node on the chain for mining to ensure the stability of computing resources. The initialisation configuration file for the test chain is shown in Figure 12. The number of mining threads is set to 2 (instruction: miner.start(2)). We set the value of the difficulty parameter in the initialisation configuration file to 0 × 400000 (4194304), 0 × 600000 (6291456), 0 × 800000 (8388608), and 0 × 1000000 (16777216) for four different experiments. We then create the test chain and perform the mining operation. We measure the time difference by using the timestamp of blocks. Time consumption and nonce are also measured in the experiments. The relationships between the difficulty and time consumption and between the difficulty and range of n are shown in Figure 13. According to the figure, it shows that under the same computing power, the time consumption increases linearly with the increase of the difficulty parameter, while the nonce value decreases exponentially with the increase of the difficulty parameter.