Sachar Paulus - Profile on Academia.edu (original) (raw)
Papers by Sachar Paulus
Secure Digitization
Springer eBooks, 2024
Sichere Digitalisierung
Angewandte Wirtschaftsinformatik, 2018
Collaborative audit framework
On the Implementation of Cryptosystems Based on Real Quadratic Number Fields
Selected Areas in Cryptography, Aug 14, 2000
Cryptosystems based on the discrete logarithm problem in the infrastructure of a real quadratic n... more Cryptosystems based on the discrete logarithm problem in the infrastructure of a real quadratic number field [7],[19],[2] are very interesting from a theoretical point of view, because this problem is known to be at least as hard as, and when considering todays algorithms - as in [11] - much harder than, factoring integers. However it seems that the cryptosystems sketched in [2] have not been implemented yet and consequently it is hard to evaluate the practical relevance of these systems. Furthermore as [2] lacks any proofs regarding the involved approximation precisions, it was not clear whether the second communication round, as required in [7],[19], really could be avoided without substantial slowdown. In this work we will prove a bound for the necessary approximation precision of an exponentiation using quadratic numbers in power product representation and show that the precision given in [2] can be lowered considerably. As the highly space consuming power products can not be applied in environments with limited RAM, we will propose a simple (CRIAD1-) arithmetic which entirely avoids these power products. Beside the obvious savings in terms of space this method is also about 30% faster. Furthermore one may apply more sophisticated exponentiation techniques, which finally result in a ten-fold speedup compared to [2]. CRIAD is an abbreviation for Close Reduced Ideal and Approximated relative Distance
Design and evaluation of a business process framework to approach integrated Governance, Risk and Compliance management within federated organizational structures
Mathematics of Computation, Oct 26, 2000
This paper is concerned with algorithms for computing in the divisor class group of a nonsingular... more This paper is concerned with algorithms for computing in the divisor class group of a nonsingular plane curve of the form y n = c(x) which has only one point at infinity. Divisors are represented as ideals, and an ideal reduction algorithm based on lattice reduction is given. We obtain a unique representative for each divisor class and the algorithms for addition and reduction of divisors run in polynomial time. An algorithm is also given for solving the discrete logarithm problem when the curve is defined over a finite field.
Wie Corona die Hochschullehre verändert, 2021
Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliograf... more Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliografie; detaillierte bibliografische Daten sind im Internet über http://dnb.d-nb.de abrufbar. © Der/die Herausgeber bzw. der/die Autor(en), exklusiv lizenziert durch Springer Fachmedien Wiesbaden GmbH, ein Teil von Springer Nature 2021 Das Werk einschließlich aller seiner Teile ist urheberrechtlich geschützt. Jede Verwertung, die nicht ausdrücklich vom Urheberrechtsgesetz zugelassen ist, bedarf der vorherigen Zustimmung der Verlage. Das gilt insbesondere für Vervielfältigungen, Bearbeitungen, Übersetzungen, Mikroverfilmungen und die Einspeicherung und Verarbeitung in elektronischen Systemen. Die Wiedergabe von allgemein beschreibenden Bezeichnungen, Marken, Unternehmensnamen etc. in diesem Werk bedeutet nicht, dass diese frei durch jedermann benutzt werden dürfen. Die Berechtigung zur Benutzung unterliegt, auch ohne gesonderten Hinweis hierzu, den Regeln des Markenrechts. Die Rechte des jeweiligen Zeicheninhabers sind zu beachten. Der Verlag, die Autoren und die Herausgeber gehen davon aus, dass die Angaben und Informationen in diesem Werk zum Zeitpunkt der Veröffentlichung vollständig und korrekt sind. Weder der Verlag, noch die Autoren oder die Herausgeber übernehmen, ausdrücklich oder implizit, Gewähr für den Inhalt des Werkes, etwaige Fehler oder Äußerungen. Der Verlag bleibt im Hinblick auf geografische Zuordnungen und Gebietsbezeichnungen in veröffentlichten Karten und Institutionsadressen neutral.
Collaborative audit framework
Enterprise integrity simulation
Towards Trustworthiness Assurance in the Cloud
Communications in Computer and Information Science, 2013
ABSTRACT Cloud- and service-oriented computing paradigms are intrinopaque to their users, as they... more ABSTRACT Cloud- and service-oriented computing paradigms are intrinopaque to their users, as they cannot inspect providers’ implementations, and important concerns about aspects like security, compliance, dependability can arise. Therefore, users have to make trust decisions with respect to software providers, with the hope that there will not be any detrimental consequences. To contrast this situation, the paper proposes a framework to define, assess, monitor and make explicit the elements of a service that render it trustworthy. This paper relies on a number of recent scientific contributions, and aims at supporting informed decisions on obscure service implementations by machine-understandable statements about their objective (trustworthiness) characteristics. Such statements would innovate upon many aspects of service operations, from discovery to composition, deployment and monitoring. To demonstrate this, the paper presents a concept for a Trustworthy Service Marketplace.
A generalization of the Diffie-Hellman problem and related cryptosystems allowing fast decryption
International Conference on Information Security and Cryptology, Dec 1, 1998
We present a generalization of the Diffie-Hellman problem. It is based on the problem ofdetermini... more We present a generalization of the Diffie-Hellman problem. It is based on the problem ofdetermining coset representatives of group "extensions". This generic one-way function allowsthe development of ElGamal-like encryption protocols where the decryption process is muchfaster than in existing protocols, while providing the same security. As examples, we presentand analyze protocols using ZZ=nZZ, using elliptic curves and using class groups
Die Corona-Semester an der Hochschule Mannheim
Springer eBooks, 2023
Sichere Digitalisierung
Digitalisierung in Unternehmen, 2018
The need for process improvement is an important target that does affect as well the government p... more The need for process improvement is an important target that does affect as well the government processes. Specifically in the public sector there are specific challenges to face .New technology approaches within government processes such as cloud services are necessary to address these challenges. Following the current discussion of "cloudification"of business processes all processes are considered similar in regards to their usability within the cloud. The truth is, that neither all processes have the same usability for cloud services not do they have the same importance for a specific company. The most comprehensive process within a company is the corporate value chain. In this article one key proposition is to use the corporate value chain as the fundamental structuring backbone for all business process analysis and improvement activities. It is a pre-requisite to identify the core elements of the value chain that are essential for the individual company's business...
Das Corona-Semester an der Hochschule Mannheim
Sichere Software im Umfeld von Industrie 4.0
Industrie 4.0 und Digitalisierung bedeuten insbesondere, dass Maschinen, Gerate und produzierte G... more Industrie 4.0 und Digitalisierung bedeuten insbesondere, dass Maschinen, Gerate und produzierte Guter mit „Intelligenz“ versehen und miteinander vernetzt werden. Die „Intelligenz“ wird durch ein Einsatz von Software realisiert; Software ist jedoch prinzipbedingt sehr leicht angreifbar – und die Vernetzung eroffnet viele neue Angriffswege. Die IT-Branche hat den Prozess der Vernetzung vor ca. 20 Jahren begonnen – und hat es bis heute trotz viel Forschung und grosen Investitionen nicht vollstandig geschafft, sichere Software herstellen zu konnen. Sichere Software zu entwickeln scheint daher nicht so einfach zu sein. Wie konnen Maschinen-Software-Hersteller das Wissensdefizit moglichst schnell aufholen?
Ein Algorithmus zur Berechnung der Klassengruppe quadratischer Ordnungen über Hauptidealringen
Available from TIB Hannover: RR 1608(1996,8) / FIZ - Fachinformationszzentrum Karlsruhe / TIB - T... more Available from TIB Hannover: RR 1608(1996,8) / FIZ - Fachinformationszzentrum Karlsruhe / TIB - Technische InformationsbibliothekSIGLEDEGerman
MAJA - Das Konzept eines Multi Application JavaCard Environment
10 Prinzipien f�r sichere Software
Datenschutz Und Datensicherheit Dud, 2006
Standards f�r Trusted Clouds
Datenschutz Und Datensicherheit Dud, 2011
Secure Digitization
Springer eBooks, 2024
Sichere Digitalisierung
Angewandte Wirtschaftsinformatik, 2018
Collaborative audit framework
On the Implementation of Cryptosystems Based on Real Quadratic Number Fields
Selected Areas in Cryptography, Aug 14, 2000
Cryptosystems based on the discrete logarithm problem in the infrastructure of a real quadratic n... more Cryptosystems based on the discrete logarithm problem in the infrastructure of a real quadratic number field [7],[19],[2] are very interesting from a theoretical point of view, because this problem is known to be at least as hard as, and when considering todays algorithms - as in [11] - much harder than, factoring integers. However it seems that the cryptosystems sketched in [2] have not been implemented yet and consequently it is hard to evaluate the practical relevance of these systems. Furthermore as [2] lacks any proofs regarding the involved approximation precisions, it was not clear whether the second communication round, as required in [7],[19], really could be avoided without substantial slowdown. In this work we will prove a bound for the necessary approximation precision of an exponentiation using quadratic numbers in power product representation and show that the precision given in [2] can be lowered considerably. As the highly space consuming power products can not be applied in environments with limited RAM, we will propose a simple (CRIAD1-) arithmetic which entirely avoids these power products. Beside the obvious savings in terms of space this method is also about 30% faster. Furthermore one may apply more sophisticated exponentiation techniques, which finally result in a ten-fold speedup compared to [2]. CRIAD is an abbreviation for Close Reduced Ideal and Approximated relative Distance
Design and evaluation of a business process framework to approach integrated Governance, Risk and Compliance management within federated organizational structures
Mathematics of Computation, Oct 26, 2000
This paper is concerned with algorithms for computing in the divisor class group of a nonsingular... more This paper is concerned with algorithms for computing in the divisor class group of a nonsingular plane curve of the form y n = c(x) which has only one point at infinity. Divisors are represented as ideals, and an ideal reduction algorithm based on lattice reduction is given. We obtain a unique representative for each divisor class and the algorithms for addition and reduction of divisors run in polynomial time. An algorithm is also given for solving the discrete logarithm problem when the curve is defined over a finite field.
Wie Corona die Hochschullehre verändert, 2021
Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliograf... more Die Deutsche Nationalbibliothek verzeichnet diese Publikation in der Deutschen Nationalbibliografie; detaillierte bibliografische Daten sind im Internet über http://dnb.d-nb.de abrufbar. © Der/die Herausgeber bzw. der/die Autor(en), exklusiv lizenziert durch Springer Fachmedien Wiesbaden GmbH, ein Teil von Springer Nature 2021 Das Werk einschließlich aller seiner Teile ist urheberrechtlich geschützt. Jede Verwertung, die nicht ausdrücklich vom Urheberrechtsgesetz zugelassen ist, bedarf der vorherigen Zustimmung der Verlage. Das gilt insbesondere für Vervielfältigungen, Bearbeitungen, Übersetzungen, Mikroverfilmungen und die Einspeicherung und Verarbeitung in elektronischen Systemen. Die Wiedergabe von allgemein beschreibenden Bezeichnungen, Marken, Unternehmensnamen etc. in diesem Werk bedeutet nicht, dass diese frei durch jedermann benutzt werden dürfen. Die Berechtigung zur Benutzung unterliegt, auch ohne gesonderten Hinweis hierzu, den Regeln des Markenrechts. Die Rechte des jeweiligen Zeicheninhabers sind zu beachten. Der Verlag, die Autoren und die Herausgeber gehen davon aus, dass die Angaben und Informationen in diesem Werk zum Zeitpunkt der Veröffentlichung vollständig und korrekt sind. Weder der Verlag, noch die Autoren oder die Herausgeber übernehmen, ausdrücklich oder implizit, Gewähr für den Inhalt des Werkes, etwaige Fehler oder Äußerungen. Der Verlag bleibt im Hinblick auf geografische Zuordnungen und Gebietsbezeichnungen in veröffentlichten Karten und Institutionsadressen neutral.
Collaborative audit framework
Enterprise integrity simulation
Towards Trustworthiness Assurance in the Cloud
Communications in Computer and Information Science, 2013
ABSTRACT Cloud- and service-oriented computing paradigms are intrinopaque to their users, as they... more ABSTRACT Cloud- and service-oriented computing paradigms are intrinopaque to their users, as they cannot inspect providers’ implementations, and important concerns about aspects like security, compliance, dependability can arise. Therefore, users have to make trust decisions with respect to software providers, with the hope that there will not be any detrimental consequences. To contrast this situation, the paper proposes a framework to define, assess, monitor and make explicit the elements of a service that render it trustworthy. This paper relies on a number of recent scientific contributions, and aims at supporting informed decisions on obscure service implementations by machine-understandable statements about their objective (trustworthiness) characteristics. Such statements would innovate upon many aspects of service operations, from discovery to composition, deployment and monitoring. To demonstrate this, the paper presents a concept for a Trustworthy Service Marketplace.
A generalization of the Diffie-Hellman problem and related cryptosystems allowing fast decryption
International Conference on Information Security and Cryptology, Dec 1, 1998
We present a generalization of the Diffie-Hellman problem. It is based on the problem ofdetermini... more We present a generalization of the Diffie-Hellman problem. It is based on the problem ofdetermining coset representatives of group "extensions". This generic one-way function allowsthe development of ElGamal-like encryption protocols where the decryption process is muchfaster than in existing protocols, while providing the same security. As examples, we presentand analyze protocols using ZZ=nZZ, using elliptic curves and using class groups
Die Corona-Semester an der Hochschule Mannheim
Springer eBooks, 2023
Sichere Digitalisierung
Digitalisierung in Unternehmen, 2018
The need for process improvement is an important target that does affect as well the government p... more The need for process improvement is an important target that does affect as well the government processes. Specifically in the public sector there are specific challenges to face .New technology approaches within government processes such as cloud services are necessary to address these challenges. Following the current discussion of "cloudification"of business processes all processes are considered similar in regards to their usability within the cloud. The truth is, that neither all processes have the same usability for cloud services not do they have the same importance for a specific company. The most comprehensive process within a company is the corporate value chain. In this article one key proposition is to use the corporate value chain as the fundamental structuring backbone for all business process analysis and improvement activities. It is a pre-requisite to identify the core elements of the value chain that are essential for the individual company's business...
Das Corona-Semester an der Hochschule Mannheim
Sichere Software im Umfeld von Industrie 4.0
Industrie 4.0 und Digitalisierung bedeuten insbesondere, dass Maschinen, Gerate und produzierte G... more Industrie 4.0 und Digitalisierung bedeuten insbesondere, dass Maschinen, Gerate und produzierte Guter mit „Intelligenz“ versehen und miteinander vernetzt werden. Die „Intelligenz“ wird durch ein Einsatz von Software realisiert; Software ist jedoch prinzipbedingt sehr leicht angreifbar – und die Vernetzung eroffnet viele neue Angriffswege. Die IT-Branche hat den Prozess der Vernetzung vor ca. 20 Jahren begonnen – und hat es bis heute trotz viel Forschung und grosen Investitionen nicht vollstandig geschafft, sichere Software herstellen zu konnen. Sichere Software zu entwickeln scheint daher nicht so einfach zu sein. Wie konnen Maschinen-Software-Hersteller das Wissensdefizit moglichst schnell aufholen?
Ein Algorithmus zur Berechnung der Klassengruppe quadratischer Ordnungen über Hauptidealringen
Available from TIB Hannover: RR 1608(1996,8) / FIZ - Fachinformationszzentrum Karlsruhe / TIB - T... more Available from TIB Hannover: RR 1608(1996,8) / FIZ - Fachinformationszzentrum Karlsruhe / TIB - Technische InformationsbibliothekSIGLEDEGerman
MAJA - Das Konzept eines Multi Application JavaCard Environment
10 Prinzipien f�r sichere Software
Datenschutz Und Datensicherheit Dud, 2006
Standards f�r Trusted Clouds
Datenschutz Und Datensicherheit Dud, 2011