Evaluating the Performance of Novel JWT Revocation Strategy

JSON Web Tokens (JWT) provide a scalable, distributed way of user access control for modern web-based systems. The main advantage of the scheme is that the tokens are valid by themselves – through the use of digital signing – also imply its greatest weakness. Once issued, there is no trivial way to revoke a JWT token. In our work, we present a novel approach for this revocation problem, overcoming some of the problems of currently used solutions. To compare our solution to the established solutions, we also introduce the mathematical framework of comparison, which we ultimately test using real-world measurements.

A Machine Learning-Based Method for Automated Blockchain Transaction Signing Including Personalized Anomaly Detection

The basis of blockchain-related data, stored in distributed ledgers, are digitally signed transactions. Data can be stored on the blockchain ledger only after a digital signing process is performed by a user with a blockchain-based digital identity. However, this process is time-consuming and not user-friendly, which is one of the reasons blockchain technology is not fully accepted. In this paper, we propose a machine learning-based method, which introduces automated signing of blockchain transactions, while including also a personalized identification of anomalous transactions. In order to evaluate the proposed method, an experiment and analysis were performed on data from the Ethereum public main network. The analysis shows promising results and paves the road for a possible future integration of such a method in dedicated digital signing software for blockchain transactions.

Certificateless Digital Signature Technology for e-Governance Solutions

. In spite of the fact that digital signing is an essential requirement for implementation of e-governance solutions in any organization, its use in large scale Government ICT implementation is negligible in India. In order to understand the reasons for low-level acceptance of the technology, authors performed a detailed study of a famous e-governance initiative of India. The outcome of the study revealed that the reasons are related to the challenges concerning the use of cryptographic devices carrying private key and the complicated process of generation, maintenance and disposal of Digital Signature Certificates (DSC).The solution, for the challenges understood from the case study, required implementation of a certificateless technology where private keys should be generated as and when required rather than storing them on cryptographic devices. Although many solutions which provide certificateless technology exist, to date there have been no practical implementation for using biometrics for implementing the solution. This paper presents the first realistic architecture to implement Identity Based Cryptography with biometrics using RSA algorithm. The solution presented in the paper is capable of providing a certificateless digital signature technology to the users, where public and private keys are generated on-the-fly.

Penerapan Tanda Tangan Digital pada Gambar Formulir C1.Plano-KWK di Pilkada Sulawesi Selatan

<p>Sengketa pemilihan umum presiden 2014 telah mendatangkan ribuan kotak suara ke Jakarta sebagai bukti hukum. Gambar-gambar form C1 yang merupakan salinan rekapitulasi hasil di TPS yang sudah diunggah di situs web KPU, ternyata tidak dapat dijadikan sebagai bukti hukum karena tidak bisa dibuktikan keabsahannya sebagai dokumen elektronik. Tanda tangan digital merupakan bukti otentik yang terdapat pada dokumen elektronik. Penggunaan tanda tangan digital dapat memastikan keutuhan dan keaslian suatu dokumen elektronik sehingga dapat dipertanggungjawabkan secara hukum. Hal ini menjadi salah satu alasan dilakukannya penerapan tanda tangan digital pada formulir model C1.PLANO-KWK. Formulir ini merupakan berita acara hasil pemungutan dan penghitungan suara pemilihan umum di tempat pemungutan suara. Formulir tersebut diambil gambarnya menggunakan aplikasi berbasis ponsel Android untuk kemudian ditandatangani secara digital. Hasil gambar yang telah ditandatangani selanjutnya ditampilkan pada situs web penayangan. Hal ini diterapkan pada Pemilihan Umum Daerah Sulawesi Selatan atas kerja sama antara Badan Pengkajian dan Penerapan Teknologi, Komisi Pemilihan Umum Provinsi (KPU), dan KPU Daerah Kota Makassar pada tanggal 27 Juni 2018. Makalah ini membahas mengenai teknologi yang digunakan untuk melakukan tanda tangan digital. Pada implementasinya hanya sebesar 0,32% dari seluruh TPS yang menerapkan tanda tangan digital dan sebesar 7,61% sertifikat digunakan dari total sertifikat yang telah diterbitkan.</p><p> </p><p><em><strong>Abstract</strong></em></p><p><em>The dispute over the 2014 presidential election brought thousands of ballot boxes to Jakarta as legal evidence. C1 </em><em>form image, </em><em>which is a copy of the recapitulation of results at the TPS</em><em>,</em><em> ha</em><em>ve</em><em> been uploaded on the KPU website, apparently cannot be legal evidence because it cannot be proven the validity of the electronic document of the C1 form.</em><em> </em><em>Digital signature is an authentic proof embedded in an electronic document. It shows the integrity</em><em>,</em><em> authenticity</em><em>,</em><em> and non-repudiation of a document, so it can be used as a legal evidence. This become one of the reason of the implementation of digital signature in C1.PLANO-KWK form. </em><em>C1.PLANO-KWK</em><em> form is an evidence proof of voting recapitulation process in voting place.</em><em> </em><em>Android application capture the image of this form, and digitally signed it. This image is then showed on the display website. This has been implemented in South Sulawesi Regional Election on June 27 2018 by cooperation between Agency of Assessment and Application of Technology (BPPT) and Election Commission (KPU) of South Sulawesi Province and City of Makassar. This paper only describes about the technologies which are used in digital signing process. Only 0.32% of the voting place has implementing digital signature in its C1.PLANO-KWK form, and only 7.61% of the digital certificate that has been published used to digitally signed the C1.PLANO-KWK form. </em></p><p><em><strong><br /></strong></em></p>