Security of the protocol Sample Clauses

Security of the protocol. Theorem 1. If the secretly key-updatable public key encryption scheme used in Coffee is (ϵEnc, t)-IND-CPA-secure and the used hash functions are modeled as random oracles, then Coffee is (O(ϵEnc · 2(nQ2)2), t, Q)-baCGKA-secure. In order to prove Theorem 1, we first argue that a safe group key is not leaked to the adversary via corruption. We make this formal in the following definition and Lemma 2. In fact, we define leakage of arbitrary secret information which the adversary could potentially learn through corruption. Definition 6 (Secure keys, update information, and seeds). For a seed s we say s is leaked if it is sampled by a user while this user is corrupted, or it is encrypted to the public key associated to a leaked secret key, or s was derived through s := H1(s−) and s− is leaked. ⊕ A key Knext that was derived through Knext := Kn−ext κ is leaked if it is contained in a user’s state while this user is corrupted, or Kn−ext and κ are both leaked. If Knext was derived through Knext := H1(“next”, Kn−ext) then it is leaked if it is contained in a user’s state while this user is corrupted, or Kn−ext is leaked. A group key K that was derived through K ← H1(“key”, Knext) is leaked if K is contained in a user’s state while this user is corrupted, or Knext is leaked. ∈ ⌈ ⌉ ← Let δ be secret update information that was generated by first sampling a seed s, then comput- ing s′ := Hi (s) for some i [ log(n) ]0, and then computing (∆, δ) skuPKE.Xxx(H2(s′)). The secret update information δ is leaked if δ is contained in a user’s state while this user 5Recall, in order to be able to process messages in the current epoch, a user keeps the keys of the first round of the current epoch in its state and will only release these keys once it proceeded to the next epoch. is corrupted, or s′ is leaked. ← The secret key skc of the dummy key pair (pkc, skc) is always considered leaked. For a user’s initial key pair (pk, sk), sk is leaked if sk was in the user’s state while the user was cor- rupted. Let sk′ be a secret key that was generated as sk′ skuPKE.UpdS(sk, δ). The key sk′ is leaked if sk′ is contained in a user’s state while this user is corrupted, or sk and δ are both leaked. A secret key/secret update information/seed is called secure if it is not leaked. We say that a corruption of some user id does not leak key sk, if leakage of sk is independent of that corruption of id.
Sample 1
AutoNDA by SimpleDocs
Security of the protocol. This chapter discusses about the working and the security of the protocol. A sample run of the protocol when Drone A and Drone B want to establish communication is shown in the figure 1. The drones first send a register request for which the GCS replies by assigning DID and MID. The GCS then stores the values of ID and DID corresponding to each drone in the database. The GCS then generates the keys and sends it to all the drones in the Network. When Xxxxx A wants to communicate with Drone B, Xxxxx A sends the Hash value along with the Timestamp and ID of A to B. B retrieves the DID of A from GCS using the XXx and computes the hash to check if value received is same. If equal the connection is established and the value k is used as the key for encryption, otherwise the connection is denied.
Sample 1
Security of the protocol. First of all, we notice that every expert chosen by M will receive the trapdoor encrypted, before he gives an answer. But this is not a problem, even if an expert doesn’t accept participation, since the trapdoor is encrypted under M’s identity, so nobody else, except him, is able to decrypt. So, if an expert refuses joining the team, he can keep the trapdoor encrypted, but he won’t be able to decrypt it, even if later M publishes re-encryption keys for the members of the team. Working in the identity-based setting enables decryption only for the intended recipients. As we indicated at the begining, we use an identity- based proxy re-encryption scheme from [2], section 4, where Green and Ateniese present two non-interactive identity- based proxy re-encryption schemes which are secure under the Decisional Bilinear Xxxxxx-Xxxxxxx Assumption (DBDH) in the random oracle model. The first, IBP1, is secure under chosen plaintext attack (in fact, it is IND-Pr-ID-CPA secure), while the second one, IBP2, presents stronger security under adaptive chosen ciphertext attack (IND-Pr-ID-CCA secure). Any of the two constructions presented in [2] based on biliniar pairings might be used for our protocol.
Sample 1

Related to Security of the protocol

  • Security of Data a. Each of the parties shall: i. ensure as far as reasonably practicable, that Data is properly stored, is not accessible to unauthorised persons, is not altered, lost or destroyed and is capable of being retrieved only by properly authorised persons; ii. subject to the provisions of Sub-Clause 8.a. ensure that, in addition to any security, proprietary and other information disclosure provision contained in the Contract, Messages and Associated Data are maintained in confidence, are not disclosed or transmitted to any unauthorised person and are not used for any purpose other than that communicated by the sending party or permitted by the Contract; and iii. protect further transmission to the same degree as the originally transmitted Message and Associated Data when further transmissions of Messages and Associated Data are permitted by the Contract or expressly authorised by the sending party. b. The sending party shall ensure that Messages are marked in accordance with the requirements of the Contract. If a further transmission is made pursuant to Sub-Clause 3. a. iii. the sender shall ensure that such markings are repeated in the further transmission. c. The parties may apply special protection to Messages by encryption or by other agreed means, and may apply designations to the Messages for protective Interchange, handling and storage procedures. Unless the parties otherwise agree, the party receiving a Message so protected or designated shall use at least the same level of protection and protective procedures for any further transmission of the Message and its Associated Data for all responses to the Message and for all other communications by Interchange or otherwise to any other person relating to the Message. d. If either party becomes aware of a security breach or breach of confidence in relation to any Message or in relation to its procedures or systems (including, without limitation, unauthorised access to their systems for generation, authentication, authorisation, processing, transmission, storage, protection and file management of Messages) then it shall immediately inform the other party of such breach. On being informed or becoming aware of a breach the party concerned shall: i. immediately investigate the cause, effect and extent of such breach; ii. report the results of the investigation to the other party; and iii. use all reasonable endeavours to rectify the cause of such breach. e. Each party shall ensure that the contents of Messages that are sent or received are not inconsistent with the law, the application of which could restrict the content of a Message or limit its use, and shall take all necessary measures to inform without delay the other party if such an inconsistency arises.

  • Security of State Information The Contractor represents and warrants that it has implemented and it shall maintain during the term of this Contract the highest industry standard administrative, technical, and physical safeguards and controls consistent with NIST Special Publication 800-53 (version 3 or higher) and Federal Information Processing Standards Publication 200 and designed to (i) ensure the security and confidentiality of State Data; (ii) protect against any anticipated security threats or hazards to the security or integrity of the State Data; and (iii) protect against unauthorized access to or use of State Data. Such measures shall include at a minimum: (1) access controls on information systems, including controls to authenticate and permit access to State Data only to authorized individuals and controls to prevent the Contractor employees from providing State Data to unauthorized individuals who may seek to obtain this information (whether through fraudulent means or otherwise); (2) industry-standard firewall protection; (3) encryption of electronic State Data while in transit from the Contractor networks to external networks; (4) measures to store in a secure fashion all State Data which shall include multiple levels of authentication; (5) dual control procedures, segregation of duties, and pre-employment criminal background checks for employees with responsibilities for or access to State Data; (6) measures to ensure that the State Data shall not be altered or corrupted without the prior written consent of the State; (7) measures to protect against destruction, loss or damage of State Data due to potential environmental hazards, such as fire and water damage; (8) staff training to implement the information security measures; and (9) monitoring of the security of any portions of the Contractor systems that are used in the provision of the services against intrusion on a twenty-four (24) hour a day basis.

  • Security of Access Code You may use one (1) or more access codes with your electronic fund transfers. The access codes issued to you are for your security purposes. Any access codes issued to you are confidential and should not be disclosed to third parties or recorded on or with the card. You are responsible for safekeeping your access codes. You agree not to disclose or otherwise make your access codes available to anyone not authorized to sign on your accounts. If you authorize anyone to use your access codes, that authority shall continue until you specifically revoke such authority by notifying the Credit Union. You understand that any joint owner you authorize to use an access code may withdraw or transfer funds from any of your accounts. If you fail to maintain the security of these access codes and the Credit Union suffers a loss, we may terminate your EFT services immediately.

  • Security of processing (a) The data importer and, during transmission, also the data exporter shall implement appropriate technical and organisational measures to ensure the security of the data, including protection against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to that data (hereinafter ‘personal data breach’). In assessing the appropriate level of security, the Parties shall take due account of the state of the art, the costs of implementation, the nature, scope, context and purpose(s) of processing and the risks involved in the processing for the data subjects. The Parties shall in particular consider having recourse to encryption or pseudonymisation, including during transmission, where the purpose of processing can be fulfilled in that manner. In case of pseudonymisation, the additional information for attributing the personal data to a specific data subject shall, where possible, remain under the exclusive control of the data exporter. In complying with its obligations under this paragraph, the data importer shall at least implement the technical and organisational measures specified in Annex II. The data importer shall carry out regular checks to ensure that these measures continue to provide an appropriate level of security. (b) The data importer shall grant access to the personal data to members of its personnel only to the extent strictly necessary for the implementation, management and monitoring of the contract. It shall ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. (c) In the event of a personal data breach concerning personal data processed by the data importer under these Clauses, the data importer shall take appropriate measures to address the breach, including measures to mitigate its adverse effects. The data importer shall also notify the data exporter without undue delay after having become aware of the breach. Such notification shall contain the details of a contact point where more information can be obtained, a description of the nature of the breach (including, where possible, categories and approximate number of data subjects and personal data records concerned), its likely consequences and the measures taken or proposed to address the breach including, where appropriate, measures to mitigate its possible adverse effects. Where, and in so far as, it is not possible to provide all information at the same time, the initial notification shall contain the information then available and further information shall, as it becomes available, subsequently be provided without undue delay. (d) The data importer shall cooperate with and assist the data exporter to enable the data exporter to comply with its obligations under Regulation (EU) 2016/679, in particular to notify the competent supervisory authority and the affected data subjects, taking into account the nature of processing and the information available to the data importer.

  • Security of Vendor Facilities All Vendor and Vendor Staff facilities in which Citizens Confidential Information is located or housed shall be maintained in a reasonably secure manner. Within such facilities, all printed materials containing Citizens Confidential Information should be kept locked in a secure office, file cabinet, or desk (except when materials are being used).

  • Security of Information Unless otherwise specifically authorized by the DOH Chief Information Security Officer, Contractor receiving confidential information under this contract assures that: • Encryption is selected and applied using industry standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program against all information stored locally and off-site. Information must be encrypted both in-transit and at rest and applied in such a way that it renders data unusable to anyone but authorized personnel, and the confidential process, encryption key or other means to decipher the information is protected from unauthorized access. • It is compliant with the applicable provisions of the Washington State Office of the Chief Information Officer (OCIO) policy 141, Securing Information Technology Assets, available at: xxxxx://xxxx.xx.xxx/policy/securing-information-technology-assets. • It will provide DOH copies of its IT security policies, practices and procedures upon the request of the DOH Chief Information Security Officer. • DOH may at any time conduct an audit of the Contractor’s security practices and/or infrastructure to assure compliance with the security requirements of this contract. • It has implemented physical, electronic and administrative safeguards that are consistent with OCIO security standard 141.10 and ISB IT guidelines to prevent unauthorized access, use, modification or disclosure of DOH Confidential Information in any form. This includes, but is not limited to, restricting access to specifically authorized individuals and services through the use of: o Documented access authorization and change control procedures; o Card key systems that restrict, monitor and log access; o Locked racks for the storage of servers that contain Confidential Information or use AES encryption (key lengths of 256 bits or greater) to protect confidential data at rest, standard algorithms validated by the National Institute of Standards and Technology (NIST) Cryptographic Algorithm Validation Program (CMVP); o Documented patch management practices that assure all network systems are running critical security updates within 6 days of release when the exploit is in the wild, and within 30 days of release for all others; o Documented anti-virus strategies that assure all systems are running the most current anti-virus signatures within 1 day of release; o Complex passwords that are systematically enforced and password expiration not to exceed 120 days, dependent user authentication types as defined in OCIO security standards; o Strong multi-factor authentication mechanisms that assure the identity of individuals who access Confidential Information; o Account lock-out after 5 failed authentication attempts for a minimum of 15 minutes, or for Confidential Information, until administrator reset; o AES encryption (using key lengths 128 bits or greater) session for all data transmissions, standard algorithms validated by NIST CMVP; o Firewall rules and network address translation that isolate database servers from web servers and public networks; o Regular review of firewall rules and configurations to assure compliance with authorization and change control procedures; o Log management and intrusion detection/prevention systems; o A documented and tested incident response plan Any breach of this clause may result in termination of the contract and the demand for return of all personal information.

  • Priority of Documents In the event of inconsistency between the terms of this Agreement and the Project Manual, the terms of this Agreement shall prevail.

  • General Authority of the Collateral Agent By acceptance of the benefits of this Agreement and any other Collateral Documents, each Secured Party (whether or not a signatory hereto) shall be deemed irrevocably (a) to consent to the appointment of the Collateral Agent as its agent hereunder and under such other Collateral Documents, (b) to confirm that the Collateral Agent shall have the authority to act as the exclusive agent of such Secured Party for the enforcement of any provisions of this Agreement and such other Collateral Documents against any Grantor, the exercise of remedies hereunder or thereunder and the giving or withholding of any consent or approval hereunder or thereunder relating to any Collateral or any Grantor’s obligations with respect thereto, (c) to agree that it shall not take any action to enforce any provisions of this Agreement or any other Collateral Document against any Grantor, to exercise any remedy hereunder or thereunder or to give any consents or approvals hereunder or thereunder except as expressly provided in this Agreement or any other Collateral Document and (d) to agree to be bound by the terms of this Agreement and any other Collateral Documents.

  • Preservation, Maintenance, and Protection of the Property Inspections. Borrower will not destroy, damage, or impair the Property, allow the Property to deteriorate, or commit waste on the Property. Whether or not Borrower is residing in the Property, Borrower must maintain the Property in order to prevent the Property from deteriorating or decreasing in value due to its condition. Unless Lender determines pursuant to Section 5 that repair or restoration is not economically feasible, Borrower will promptly repair the Property if damaged to avoid further deterioration or damage. If insurance or condemnation proceeds are paid to Lender in connection with damage to, or the taking of, the Property, Borrower will be responsible for repairing or restoring the Property only if Xxxxxx has released proceeds for such purposes. Lender may disburse proceeds for the repairs and restoration in a single payment or in a series of progress payments as the work is completed, depending on the size of the repair or restoration, the terms of the repair agreement, and whether Borrower is in Default on the Loan. Lender may make such disbursements directly to Borrower, to the person repairing or restoring the Property, or payable jointly to both. If the insurance or condemnation proceeds are not sufficient to repair or restore the Property, Borrower remains obligated to complete such repair or restoration. Lender may make reasonable entries upon and inspections of the Property. If Lender has reasonable cause, Xxxxxx may inspect the interior of the improvements on the Property. Lender will give Borrower notice at the time of or prior to such an interior inspection specifying such reasonable cause.

  • Procurement of the Site (i) The Authority Representative, the Contractor and Authority’s Engineer shall, within 10 (ten) days of the date of this Agreement, inspect the Site and prepare a detailed memorandum containing an inventory of the Site including the vacant and unencumbered land, buildings, structures, road works, trees and any other immovable property on or attached to the Site (hereinafter referred to as the “Handover Memorandum”). Subject to the provisions of Clause 8.2 (iii), the Handover Memorandum shall have appended thereto an appendix (the “Appendix”) specifying in reasonable detail those parts of the Site to which vacant access and Right of Way has not been given to the Contractor along with details of hindrances in the Construction Zone. For sake of clarity the Handover Memorandum shall clearly specify the parts of Site where work can be executed. Signing of the Handover Memorandum, in three counterparts (each of which shall constitute an original), by the authorized representatives of the Authority, Contractor and Authority’s Engineer shall be deemed to constitute a valid evidence of giving the Right of Way to the Contractor for discharging its obligations under and in accordance with the provisions of this Agreement and for no other purpose whatsoever. (ii) Whenever the Authority is ready to hand over any part or parts of the Site included in the Appendix, it shall inform the Contractor, by notice, of the proposed date and time such of hand over. The Authority Representative and the Contractor shall, on the date so notified, inspect the specified parts of the Site, and prepare a memorandum containing an inventory of the vacant and unencumbered land, buildings, structures, road works, trees and any other immovable property on or attached to the Site so handed over. The signing of the memorandum, in three (3) counterparts (each of which shall constitute an original), by the authorised representatives of the Parties shall be deemed to constitute a valid evidence of giving the relevant Right of Way to the Contractor. If the contractor fails to join for site inspection or disputes the parts of the site available for work, the Authority’s Engineer shall decide the parts of the site where work can be executed and notify to both the parties within 3 days of the proposed date of inspection. The parties agree that such notification of the Authority’s Engineer as mentioned hereinabove shall be final and binding on the parties. (iii) The Authority shall provide the Right of Way to the Contractor in respect of all land included in the Appendix by the date specified in Schedule-A for those parts of the Site referred to therein, and in the event of delay for any reason other than Force Majeure or breach of this Agreement by the Contractor, it shall pay to the Contractor, Damages in a sum calculated in accordance with Clause 8.3. The Contractor agrees that it shall not be entitled to claim any other damages on account of any such delay by the Authority. (iv) Notwithstanding anything to the contrary contained in this Clause 8.2, the Authority shall specify the parts of the Site, if any, for which Right of Way shall be provided to the Contractor on the dates specified in Schedule-A. Such parts shall also be included in the Appendix prepared in pursuance of Clause 8.2 (i). (v) The Authority further acknowledges and agrees that prior to the Appointed Date, it shall have procured issuance of the statutory notification under Applicable Laws for vesting of all the land comprising the Project in the Authority and has taken possession of area for Construction Zone for at least 90% (ninety per cent) of the total length of the Project Highway. The Parties also acknowledge and agree that the conditions specified in this Clause 8.2 (iii) shall not be modified or waived by either Party. (vi) For the avoidance of doubt, the Parties expressly agree that the Appendix shall in no event contain sections of the Project Highway the cumulative length of which exceeds 10% (ten percent) of the total length of the Project Highway. (vii) Pursuant to signing of Handover Memorandum under clause 8.2 (i), Contractor shall submit to the Authority’s Engineer, a monthly land possession report till expiry of 180 (one hundred and eighty) days from Appointed Date, in respect of those parts of the site to which vacant access and right of way was not given to the contractor and included in Appendix to the memorandum signed under clause 8.2 (i), duly specifying the part of the site, if any, for which the right of way is yet to be handed over.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!