Initialization Phase. The (SA) generates a master secret key kHN and stores it in HN .
Initialization Phase. Same as [7].
Initialization Phase. First, the SA picks {G1, G2, Q, e, p}, where G1 is a cyclic additive group of order p, G2 is a cyclic multiplicative group of order p, Q is a generator of G1, and e : G1 × G1 → G2 is a bilinear map. Second, the SA generates a random private key s and computes the corresponding public key Ppub = sQ. Finally, the SA publishes parameters {p, G1, G2, Q, e, Ppub, h(.), Ek, Dk} and stores s in the memory of each KDC in a secure environment, where h(.) is the hash function used by this protocol, Ek is the symmetric encryption algorithm, and Dk is the symmetric decryption algorithm.
Initialization Phase. This is identical to the Initialization Phase as presented in [21]. Specifically, the (SA) generates a master secret key kHN and stores it in HN.
Initialization Phase. This phase is unchanged from [21].
Initialization Phase. To initialize the scheme, the following steps will be completed by the server S.
Initialization Phase. Assume the group G has n real group members M1, M2,... , Mn initially. We describe how to distribute the function of the trusted authority to appropriate subgroups (trust set ) so that any k member nodes in an appropriate subgroup can offer the corresponding valid certificate. Here “valid” means the certificate has been signed with the system secret key SK. · ··· · Distributing the system secret key shares SKi. Our design uses Shamir’s (k, n)-threshold scheme [16]. First, the TA randomly selects a (k − 1)- degree polynomial f (x) = SK + a1 x + + ak−1 xk−1, such that the shared secret is f (0) = SK. Each group member obtains a secret share SSMi = (f (Mi) mod m). For any k group members {M1, M2,... , Mk}, La- where
Initialization Phase. R S S R In this phase, and agree on the exchange conditions and generate the description descx. First, parties agree on the payment price of P, sample amount s, timelock condition Tlock and objection time Tobj. Xxxxx and Tobj, as explained later, are crucial for the timeliness property of the protocol. Second, shares the encryption of goods y with . Finally, parties jointly generate the description descx using the encryption keys. | | | |
Initialization Phase. In this phase, the server S chooses (x, Tk(x)), k as its pub- lic key and secret key, and chooses a secure one-way hash function h(·); the ith user Ui chooses his/her identity IDi, password PWi and biometrics image sample Bi, respec- tively. · · Additionally, Ui and S choose a symmetric parametric function d( ) and a predetermined threshold τ for biomet- rics certification. In each feature extraction, each different azimuth or origin of force will make the new extracted bio- metrics and the stored biometrics to have different degree of difference. d( ) is used to compute deviation degree between the results of feature extraction and the stored samples. The meaning of τ is the biggest deviation degree can be accepted.
Initialization Phase. Initially, the manager of storage server should select three proper parameters, namely g , p and h(⋅) , to ensure the DLP secure enough. This could be done by executing the “dhparam” command provided by openssl. Then, a long secret key should be selected and kept secretly for the storage server. Once all the parameters are selected, they are fixed and couldn’t be changed any more. And for safety reasons, it is recommended to split the secret key to multi-parts that are kept by different individuals respectively. When all the parameters are ready, the server manager starts the storage server to provide service for the end users.
