<?xml version="1.0" encoding="UTF-8"?><xml><records><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>27</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Velizar Shalamanov</style></author><author><style face="normal" font="default" size="100%">Ivan Blagoev</style></author><author><style face="normal" font="default" size="100%">Iliyan Iliev</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Level of maturity of the Cybersecurity of the infrastructure in the domain iict.bas.bg</style></title><secondary-title><style face="normal" font="default" size="100%">IT4Sec Reports</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">cyber security</style></keyword><keyword><style  face="normal" font="default" size="100%">E-Mail</style></keyword><keyword><style  face="normal" font="default" size="100%">firewall</style></keyword><keyword><style  face="normal" font="default" size="100%">FTP</style></keyword><keyword><style  face="normal" font="default" size="100%">security</style></keyword><keyword><style  face="normal" font="default" size="100%">Web Services</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2022</style></year></dates><number><style face="normal" font="default" size="100%">143</style></number><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">Description of the level of maturity of the IT infrastructure for the domain iict.bas.bg.</style></abstract></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Rupert A. Brandmeier</style></author><author><style face="normal" font="default" size="100%">Jörn-Alexander Heye</style></author><author><style face="normal" font="default" size="100%">Clemens Woywod</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Future Development of Quantum Computing and Its Relevance to NATO</style></title><secondary-title><style face="normal" font="default" size="100%">Connections: The Quarterly Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">complexity theory</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">NATO</style></keyword><keyword><style  face="normal" font="default" size="100%">Quantum computing</style></keyword><keyword><style  face="normal" font="default" size="100%">quantum cybersecurity</style></keyword><keyword><style  face="normal" font="default" size="100%">quantum key distribution</style></keyword><keyword><style  face="normal" font="default" size="100%">quantum resilience</style></keyword><keyword><style  face="normal" font="default" size="100%">quantum supremacy</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2021</style></year><pub-dates><date><style  face="normal" font="default" size="100%">Spring 2021</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">20</style></volume><pages><style face="normal" font="default" size="100%">89-109</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">The first quantum computers are becoming a reality, and scientists working in various areas look forward to taking advantage of their enormous computational potential. At the same time, the high performance of quantum computers imposes serious risks for cybersecurity. We can expect an arms race between rival parties: a defensive side trying to ensure the privacy and dependability of stored and transmitted information and their adversaries. With this article, the authors aim to provide an overview of the status of quantum computer development, project the next steps, and investigate the impact future quantum systems may have on cybersecurity and military operations. We first discuss the basic aspects that differentiate quantum computing from classical computing and find that analogies between both domains are quite limited. The world of quantum computers is remarkably diverse already, and we elaborate that quantum simulators and universal quantum computers have “qubits” in common but still work in fundamentally different ways. Since security experts focus on upcoming trends in quantum computing, we take a look at the latest technologies and at the race for first reaching “quantum supremacy.” Finally, we provide a detailed analysis of the specific risks future quantum computers represent for established cryptosystems and conclude that asymmetric algorithms like the RSA protocol are particularly vulnerable. The dangers of quantum computing for cryptography are obvious, as is the high relevance of the safety of stored and transmitted data to the defense sector. However, we examine the capability spectrum of quantum technologies and discover that breaking asymmetric encryption algorithms is just one facet, and other features like Grover’s quantum algorithm may revolutionize the logistics of the armed forces. Satellite Quantum Key Distribution is another promising concept that may change the communication between military units. To NATO, quantum computing is a double-edged sword: the alliance needs to use the developments to benefit from the potential and be ready to counter the cyber threats. We derive ideas of what NATO should do in order to prepare for the quantum era.</style></abstract><issue><style face="normal" font="default" size="100%">2</style></issue><section><style face="normal" font="default" size="100%">89</style></section></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Ivan Blagoev</style></author><author><style face="normal" font="default" size="100%">Todor Balabanov</style></author><author><style face="normal" font="default" size="100%">Iliyan Iliev</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">RSA Weaknesses Caused by the Specifics of Random Number Generation</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">Cybersecurity</style></keyword><keyword><style  face="normal" font="default" size="100%">random numbers gen-eration</style></keyword><keyword><style  face="normal" font="default" size="100%">RSA algorithm</style></keyword><keyword><style  face="normal" font="default" size="100%">Vulnerabilities</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2021</style></year></dates><volume><style face="normal" font="default" size="100%">50</style></volume><pages><style face="normal" font="default" size="100%">171-179 </style></pages><abstract><style face="normal" font="default" size="100%">&lt;p style=&quot;margin-left:19.85pt;&quot;&gt;The rapid entry in digital transformation and Covid-19 moved many activities to the Internet. The application of cybersecurity tools gives a sense of good security condition of the used digital services. This is often how things look on the surface, but the problems sometimes is hard to notice. The current study presents weaknesses in the still widely used cryptographic algorithm RSA, which allows RSA cryptographic keys to be compromised. It demonstrates the connection with RNG as the root of all the resulting controversies around the issues under consideration.&lt;/p&gt;</style></abstract><issue><style face="normal" font="default" size="100%">2</style></issue></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Ivan Blagoev</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Neglected Cybersecurity Risks in the Public Internet Hosting Service Providers</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography protocols</style></keyword><keyword><style  face="normal" font="default" size="100%">Cybersecurity</style></keyword><keyword><style  face="normal" font="default" size="100%">digitization</style></keyword><keyword><style  face="normal" font="default" size="100%">PRNG</style></keyword><keyword><style  face="normal" font="default" size="100%">RNG</style></keyword><keyword><style  face="normal" font="default" size="100%">Web Services</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2020</style></year><pub-dates><date><style  face="normal" font="default" size="100%">2020</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">47</style></volume><pages><style face="normal" font="default" size="100%">62-76</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">The provision of cybersecurity is of basic importance for every effective information system. It is possible to provide most rich information services, but only one neglected cybersecurity risk may compromise the system and all services it provides. Therefore, meeting the cybersecurity requirements is a prerequisite for the safety and security of IT infrastructures, digital resources, and the protection of private data. In that respect, the themes of cryptography and sufficiently robust random number generation are of particular interest. This article looks for the “golden ratio” between the provision of mass services and the efforts to meet cybersecurity requirements. It suggests a method and discusses the possibilities to increase the cryptographic protection in information systems.</style></abstract><issue><style face="normal" font="default" size="100%">1</style></issue><section><style face="normal" font="default" size="100%">62</style></section></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">George Sharkov</style></author><author><style face="normal" font="default" size="100%">Christina Todorova</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Capture the Flag for Cyber-Resilience Exercising through Cryptographic Puzzles and Collaborative Problem-Solving</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">capture the flag</style></keyword><keyword><style  face="normal" font="default" size="100%">collaboration</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">CTF</style></keyword><keyword><style  face="normal" font="default" size="100%">cyber resilience</style></keyword><keyword><style  face="normal" font="default" size="100%">problem-solving</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2017</style></year></dates><volume><style face="normal" font="default" size="100%">37</style></volume><pages><style face="normal" font="default" size="100%">95-102</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">The importance of cybersecurity in the digital society and our daily lives is becoming increasingly apparent. With the rise of digital reliance, securing information, whether this information is at rest, in transit, or in use, is vital to ensuring the interoperability of systems, including critical infrastructure, on which society’s physical well-being depends. Cryptography is well-known for its role in cybersecurity as a crucial tool for protecting information exchanged via digital devices. 
Cryptography is the science of concealing information so that only the intended parties can read it. As a result, we may generalise that cryptography enables people to communicate via the Internet while securely sending critical and secret information. However, cryptography is a relatively complex combination of mathematics and computer science, where typical learning methodologies may fall short when it comes to achieving hands-on expertise. This paper provides an overview of the possibilities of Capture the Flag (CTF) exercises to test cybersecurity capabilities using collaborative methodologies and cryptographic challenges.</style></abstract></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Abdullatif Shikfa</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Garbled Circuits: Optimizations and Implementations</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">Garbled Circuits</style></keyword><keyword><style  face="normal" font="default" size="100%">Implementations</style></keyword><keyword><style  face="normal" font="default" size="100%">Optimizations</style></keyword><keyword><style  face="normal" font="default" size="100%">Secure Multi-Party Computation</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2017</style></year></dates><volume><style face="normal" font="default" size="100%">37</style></volume><pages><style face="normal" font="default" size="100%">11-27</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">Garbled Circuits were first introduced by Yao in 1984 as a generic approach to perform secure two-party computation between two semi-honest participants. While the result already has a great theoretical significance, it was believed to have very limited applicability due to performance aspects. In the last ten-fifteen years, though, many researchers revived this approach by optimizing one aspect after the other, which results in total in several orders of magnitude of speed-up. In this article, we start by describing the original garbled circuits construction through a simple example. We then review the optimizations of garbled circuits, from point-and-permute to half-gates, going through garbled row reduction, oblivious transfer extensions, and free XOR. Finally, we present several projects that implemented garbled circuits with some of these optimizations, starting from fairplay to the more recent approaches of OblivC and ObliVM.</style></abstract></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Ajay Sharma</style></author><author><style face="normal" font="default" size="100%">Deo Brat Ojha</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Biometric Template Security Using Code Base Cryptosystem</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">algorithmic noise</style></keyword><keyword><style  face="normal" font="default" size="100%">biometric system</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">enrolment phase</style></keyword><keyword><style  face="normal" font="default" size="100%">fuzzy commitment scheme</style></keyword><keyword><style  face="normal" font="default" size="100%">template</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2013</style></year><pub-dates><date><style  face="normal" font="default" size="100%">2013</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">26</style></volume><pages><style face="normal" font="default" size="100%">47-57</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">This paper presents an enhancement of the accuracy and security of biometric templates based on a code-based cryptosystem—McEliece cryptosystem—which in addition to randomness is also probabilistic, which provides higher susceptibility of templates towards brute force attacks. It is possible to generate many different secure biometric templates for the same system and also unique biometric templates for multiple systems from the same biometric trait; it is just a matter of using a different error vector. It is also easy to cancel a secure template by simply deleting the compromised template and generating a new one by using different error vector.</style></abstract><issue><style face="normal" font="default" size="100%">2</style></issue><section><style face="normal" font="default" size="100%">47</style></section></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Ajay Goel</style></author><author><style face="normal" font="default" size="100%">O.P.Sahu</style></author><author><style face="normal" font="default" size="100%">Aman Soni</style></author><author><style face="normal" font="default" size="100%">Punit Soni</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">A Copy Attack on Robust Digital Watermarking in Multi Domain for the Stego Images</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">Copy attack</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">Visibility function</style></keyword><keyword><style  face="normal" font="default" size="100%">Watermarking</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2011</style></year><pub-dates><date><style  face="normal" font="default" size="100%">2011</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">26</style></volume><pages><style face="normal" font="default" size="100%">27-33</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">&lt;p&gt;Watermarking is a potential method for protection of ownership rights on digital audio, image and video data. In watermarking terminology, an attack is any processing that may impair detection of the watermark or communication of the information conveyed by the watermark. The processed, watermarked data is then called attacked data. An attack succeeds in defeating a watermarking scheme if it impairs the watermark beyond acceptable limits while maintaining the perceptual quality of the attacked data. In this paper we present a number of attacks that enable the information hidden by them to be removed or otherwise rendered unusable. The latest attacks do not destroy an embedded watermark, but copies it from one image to a different image. Finally, we summarise the current work of the attacks in watermarking and focus on the copy attack on robust digital watermarking schemes.&lt;/p&gt;</style></abstract><issue><style face="normal" font="default" size="100%">1</style></issue><section><style face="normal" font="default" size="100%">27</style></section></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Ting-Yi Chang</style></author><author><style face="normal" font="default" size="100%">Min-Shiang Hwang</style></author><author><style face="normal" font="default" size="100%">Wei-Pang Yang</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Cryptanalysis of the Tseng-Jan Anonymous Conference Key Distribution System Without Using A One-Way Hash Function</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">Conference Key Distribution System</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">Discrete Logarithm.</style></keyword><keyword><style  face="normal" font="default" size="100%">One-Way Hash Function</style></keyword><keyword><style  face="normal" font="default" size="100%">User Anonymity</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2004</style></year><pub-dates><date><style  face="normal" font="default" size="100%">2004</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">15</style></volume><pages><style face="normal" font="default" size="100%">110-114</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">This article mounts a conspiracy attack on the anonymous conference key distribution system without using a one-way hash function proposed by Tseng and Jan. The attack described in the article can reveal the participants’ common key shared with the chairperson.</style></abstract><issue><style face="normal" font="default" size="100%">1</style></issue></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Kridanto Surendro</style></author><author><style face="normal" font="default" size="100%">Setiyo Cahyono</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Secure e-Mail Application Software for Government in Indonesia</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">e-Government.</style></keyword><keyword><style  face="normal" font="default" size="100%">Risk Analysis</style></keyword><keyword><style  face="normal" font="default" size="100%">Secure E-Mail</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2004</style></year><pub-dates><date><style  face="normal" font="default" size="100%">2004</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">15</style></volume><pages><style face="normal" font="default" size="100%">135-150</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">Exchanging information using e-mail brings a good deal of vulnerability that can be exploited by an unauthorized third party for individual or organizational purposes. This is quite probable since e-mail systems are designed to provide a straightforward and fast way of information delivery without considering the security of information. Prior to applying any specific security solution, an organization has to consider system characteristics and the existing problems through evaluation of security needs and faced risks. An approach that can be used to determine the security needs of an organization is risk management. Risk analysis can aid the organization in identifying the risks, why there can be a risk, to determine priorities and create prevention strategy to reduce the risks. In this article, the authors discuss the development of secure e-mail software. E-mail protection is accomplished using Secure Socket Layer (SSL) to protect the communication between the web server and the local computer, encrypting e-mail messages with combination of public and symmetric key encryption, dynamic encryption key and adding a digital signature. The experimental results show that the software can be used to protect information exchange and can reduce such security threats as eavesdropping, identity theft, false message, message modification and repudiation. Using encryption expands the size of the e-mail message to 161.96% from the actual size and the time required for encryption process is increased with 3.68%.</style></abstract><issue><style face="normal" font="default" size="100%">2</style></issue></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Veselin Tselkov</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Cryptographic Software Solution for Information Protection in a Corporate Intranet</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">cryptographic software</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">Information Security</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2000</style></year><pub-dates><date><style  face="normal" font="default" size="100%">2000</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">4</style></volume><pages><style face="normal" font="default" size="100%">97-104</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">This paper presents an original approach to the implementation of cryptographic software in a system for information protection in a corporate Intranet. It describes the architecture, the functional features, and the components of the system. The specific software solution was designed during a projects performed by the Institute for Advanced Defense Research at the &quot;G.S. Rakovski&quot; Defense Academy in Sofia, Bulgaria. The system is based on DBMS ORACLE. DELPHI was used in its design.</style></abstract></record><record><source-app name="Biblio" version="7.x">Drupal-Biblio</source-app><ref-type>17</ref-type><contributors><authors><author><style face="normal" font="default" size="100%">Veselin Tselkov</style></author><author><style face="normal" font="default" size="100%">Dragomir Pargov</style></author></authors></contributors><titles><title><style face="normal" font="default" size="100%">Information Assurance in C4I Systems</style></title><secondary-title><style face="normal" font="default" size="100%">Information &amp; Security: An International Journal</style></secondary-title></titles><keywords><keyword><style  face="normal" font="default" size="100%">C4I systems</style></keyword><keyword><style  face="normal" font="default" size="100%">common criteria.</style></keyword><keyword><style  face="normal" font="default" size="100%">cryptography</style></keyword><keyword><style  face="normal" font="default" size="100%">evaluation criteria</style></keyword><keyword><style  face="normal" font="default" size="100%">information assurance</style></keyword><keyword><style  face="normal" font="default" size="100%">security</style></keyword><keyword><style  face="normal" font="default" size="100%">security policy</style></keyword></keywords><dates><year><style  face="normal" font="default" size="100%">2000</style></year><pub-dates><date><style  face="normal" font="default" size="100%">2000</style></date></pub-dates></dates><volume><style face="normal" font="default" size="100%">4</style></volume><pages><style face="normal" font="default" size="100%">43-59</style></pages><language><style face="normal" font="default" size="100%">eng</style></language><abstract><style face="normal" font="default" size="100%">This article presents a broader definition of security and examines the components of information assurance, as well as the main features of the information security policy, a set of requirements, and a system for information security. It reflects the authors' experience in development and implementation of information security systems in the Automated Information System of the Bulgarian armed forces, as well as their participation in the creation of the Strategy for Development of Information Society in Bulgaria. Some conclusions and recommendations from the 1999 U.S.-Bulgarian study of the C4 systems in the Bulgarian armed forces were also taken into account</style></abstract></record></records></xml>